urlscan.io logo urlscan.io
SecurityTrails logo

www.paradisepost.com Open in urlscan Pro
192.0.66.2  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://paradisepost.com/
Effective URL: https://www.paradisepost.com/
Submission: On April 26 via api from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 84 IPs in 10 countries across 84 domains to perform 300 HTTP transactions. The main IP is 192.0.66.2, located in United States and belongs to AUTOMATTIC, US. The main domain is www.paradisepost.com.
TLS certificate: Issued by R3 on April 19th 2021. Valid for: 3 months.
This is the only time www.paradisepost.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 23 192.0.66.2 2635 (AUTOMATTIC)
11 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2600:9000:20c... 16509 (AMAZON-02)
1 13.82.152.48 8075 (MICROSOFT...)
1 9 184.30.20.241 16625 (AKAMAI-AS)
1 2a00:1450:400... 15169 (GOOGLE)
14 2606:2800:233... 15133 (EDGECAST)
1 2a04:4e42:200... 54113 (FASTLY)
1 184.30.21.59 16625 (AKAMAI-AS)
3 2600:9000:215... 16509 (AMAZON-02)
2 192.0.76.3 2635 (AUTOMATTIC)
3 13.224.105.229 16509 (AMAZON-02)
3 2a00:1450:400... 15169 (GOOGLE)
14 142.250.186.66 15169 (GOOGLE)
1 13.224.118.93 16509 (AMAZON-02)
6 2a00:1450:400... 15169 (GOOGLE)
2 4 2620:116:800d... 16509 (AMAZON-02)
1 2a03:2880:f01... 32934 (FACEBOOK)
2 2600:9000:21f... 16509 (AMAZON-02)
1 2 13.224.111.48 16509 (AMAZON-02)
1 13.57.61.22 16509 (AMAZON-02)
1 13.224.112.38 16509 (AMAZON-02)
1 2600:9000:20c... 16509 (AMAZON-02)
1 2a02:2638::3 44788 (ASN-CRITE...)
1 34.120.133.55 15169 (GOOGLE)
2 5 52.210.202.173 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
2 13.224.193.104 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 184.25.115.31 16625 (AKAMAI-AS)
1 185.64.189.112 62713 (AS-PUBMATIC)
1 18.194.69.169 16509 (AMAZON-02)
6 213.19.162.21 26667 (RUBICONPR...)
4 3.120.57.190 16509 (AMAZON-02)
2 178.250.2.131 44788 (ASN-CRITE...)
1 143.204.101.90 16509 (AMAZON-02)
6 13.85.16.224 8075 (MICROSOFT...)
1 52.216.16.248 16509 (AMAZON-02)
1 12 52.95.118.60 16509 (AMAZON-02)
1 34.194.161.83 14618 (AMAZON-AES)
4 34.192.127.138 14618 (AMAZON-AES)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
18 54.77.19.59 16509 (AMAZON-02)
5 184.30.20.198 16625 (AKAMAI-AS)
1 2600:9000:21f... 16509 (AMAZON-02)
3 3 18.156.0.31 16509 (AMAZON-02)
2 6 34.98.64.218 15169 (GOOGLE)
1 1 185.86.138.132 201081 (SMARTADSE...)
2 2a02:fa8:8806... 41041 (VCLK-EU-SE)
3 3 37.252.172.45 29990 (ASN-APPNEX)
1 2 216.52.2.30 29791 (VOXEL-DOT...)
1 1 52.57.162.23 16509 (AMAZON-02)
3 3 37.157.2.237 198622 (ADFORM)
9 11 216.58.212.162 15169 (GOOGLE)
1 72.21.206.140 16509 (AMAZON-02)
3 3 185.29.135.233 30419 (MEDIAMATH...)
1 1 2a02:fa8:8806... 41041 (VCLK-EU-SE)
2 2 2001:678:cb4:... 56396 (TURN)
2 169.197.150.7 398989 (DEEPINTENT)
1 185.64.189.115 62713 (AS-PUBMATIC)
1 1 37.252.173.62 29990 (ASN-APPNEX)
7 7 3.126.158.103 16509 (AMAZON-02)
1 1 47.252.78.131 45102 (CNNIC-ALI...)
1 1 64.202.112.95 23352 (SERVERCEN...)
2 2 54.226.160.243 14618 (AMAZON-AES)
1 2 2a00:1288:110... 34010 (YAHOO-IRD)
1 1 52.0.80.108 14618 (AMAZON-AES)
1 150.136.25.38 31898 (ORACLE-BM...)
1 1 64.202.112.31 23352 (SERVERCEN...)
2 2 3.124.27.129 16509 (AMAZON-02)
2 2 213.19.147.45 3356 (LEVEL3)
2 3 54.228.162.19 16509 (AMAZON-02)
1 1 213.19.147.44 3356 (LEVEL3)
2 2 198.148.27.139 19189 (PULSEPOINT)
3 4 151.101.114.49 54113 (FASTLY)
1 18.195.155.181 16509 (AMAZON-02)
1 1 202.241.208.57 4694 (IDCF IDC ...)
2 2 193.0.160.128 54312 (ROCKETFUEL)
2 2 185.184.8.30 204995 (RTB-HOUSE...)
4 4 66.155.71.150 13768 (COGECO-PEER1)
1 1 54.78.254.47 16509 (AMAZON-02)
2 2 35.227.248.159 15169 (GOOGLE)
2 6 72.251.249.14 29791 (VOXEL-DOT...)
8 8 52.48.151.83 16509 (AMAZON-02)
1 1 52.21.173.249 14618 (AMAZON-AES)
1 178.250.0.163 44788 (ASN-CRITE...)
2 2 213.155.156.183 1299 (TELIANET ...)
6 185.64.189.110 62713 (AS-PUBMATIC)
1 1 85.114.159.93 24961 (MYLOC-AS ...)
7 185.64.190.80 62713 (AS-PUBMATIC)
1 1 185.86.139.114 201081 (SMARTADSE...)
1 72.251.241.204 29791 (VOXEL-DOT...)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2 77.243.60.138 42697 (NETIC-AS)
2 2 35.201.96.126 15169 (GOOGLE)
1 185.64.190.106 62713 (AS-PUBMATIC)
1 185.64.190.81 62713 (AS-PUBMATIC)
1 1 159.65.197.210 14061 (DIGITALOC...)
1 169.50.137.190 36351 (SOFTLAYER)
1 104.26.5.15 13335 (CLOUDFLAR...)
33 2.17.190.151 16625 (AKAMAI-AS)
7 2a00:1450:400... 15169 (GOOGLE)
9 2a00:1450:400... 15169 (GOOGLE)
4 2606:4700::68... 13335 (CLOUDFLAR...)
10 2a00:1450:400... 15169 (GOOGLE)
5 3.218.108.153 14618 (AMAZON-AES)
5 2a00:1450:400... 15169 (GOOGLE)
1 2 13.224.111.21 16509 (AMAZON-02)
1 2a02:2638::1c 44788 (ASN-CRITE...)
2 13.69.65.23 8075 (MICROSOFT...)
300 84
23    192.0.66.2 (United States)

ASN2635 (AUTOMATTIC, US)
paradisepost.com
www.paradisepost.com
11    2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2a00:1450:4001:811::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
1    2600:9000:20c8:4c00:3:b7e:8940:93a1 (United States)

ASN16509 (AMAZON-02, US)
cmp.osano.com
1    13.82.152.48 (Washington, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
prodmg2.blob.core.windows.net
9    184.30.20.241 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-20-241.deploy.static.akamaitechnologies.com
js-sec.indexww.com
as-sec.casalemedia.com
ssum-sec.casalemedia.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
1    2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
14    2606:2800:233:1cb7:261b:1f9c:2074:3c (United States)

ASN15133 (EDGECAST, US)
az416426.vo.msecnd.net
loader-cdn.azureedge.net
fp-cdn.azureedge.net
g2insights-cdn.azureedge.net
cdn.ayc0zsm69431gfebd.xyz
1    2a04:4e42:200::621 (United States)

ASN54113 (FASTLY, US)
polyfill.io
1    184.30.21.59 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-21-59.deploy.static.akamaitechnologies.com
s.ntv.io
3    2600:9000:2156:ba00:c:2267:880:93a1 (United States)

ASN16509 (AMAZON-02, US)
c.go-fet.ch
2    192.0.76.3 (United States)

ASN2635 (AUTOMATTIC, US)
stats.wp.com
pixel.wp.com
3    13.224.105.229 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-105-229.mad50.r.cloudfront.net
c.amazon-adsystem.com
3    2a00:1450:4001:813::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
14    142.250.186.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net
securepubads.g.doubleclick.net
1    13.224.118.93 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-118-93.mad50.r.cloudfront.net
d1z2jf7jlzjs58.cloudfront.net
6    2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
4    2620:116:800d:21:5a23:9c4e:e774:96c1 (United States)

ASN16509 (AMAZON-02, US)
secure.quantserve.com
pixel.quantserve.com
1    2a03:2880:f01c:8012:face:b00c:0:3 (United States)

ASN32934 (FACEBOOK, US)
connect.facebook.net
2    2600:9000:21f3:4800:10:ce97:9fc0:93a1 (United States)

ASN16509 (AMAZON-02, US)
tag.durationmedia.net
2    13.224.111.48 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-111-48.mad50.r.cloudfront.net
sb.scorecardresearch.com
1    13.57.61.22 (San Jose, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-57-61-22.us-west-1.compute.amazonaws.com
jadserve.postrelease.com
1    13.224.112.38 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-112-38.mad50.r.cloudfront.net
cdn.parsely.com
1    2600:9000:20c8:dc00:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
rules.quantcount.com
1    2a02:2638::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
1    34.120.133.55 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 55.133.120.34.bc.googleusercontent.com
api.rlcdn.com
5    52.210.202.173 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-210-202-173.eu-west-1.compute.amazonaws.com
match.adsrvr.org
1    2a00:1450:400c:c0c::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
2    13.224.193.104 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-193-104.fra2.r.cloudfront.net
8idf2m851i.execute-api.us-east-1.amazonaws.com
2    2a00:1450:4001:80f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
1    184.25.115.31 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-25-115-31.deploy.static.akamaitechnologies.com
htlb.casalemedia.com
1    185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
1    18.194.69.169 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-194-69-169.eu-central-1.compute.amazonaws.com
hb.emxdgt.com
6    213.19.162.21 (United Kingdom)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
4    3.120.57.190 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-120-57-190.eu-central-1.compute.amazonaws.com
tlx.3lift.com
2    178.250.2.131 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: bidder.am5.vip.prod.criteo.com
bidder.criteo.com
1    143.204.101.90 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-101-90.fra50.r.cloudfront.net
d1wa9546y9kg0n.cloudfront.net
6    13.85.16.224 (San Antonio, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
prod-dfm-proxy-connext.azurewebsites.net
1    52.216.16.248 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
paywall-ad-bucket.s3.amazonaws.com
12    52.95.118.60 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
1    34.194.161.83 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-194-161-83.compute-1.amazonaws.com
p1.parsely.com
4    34.192.127.138 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-192-127-138.compute-1.amazonaws.com
be.durationmedia.net
1    2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
1    2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
2    2a00:1450:4001:82f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
1b0804fc21f67a6688ab78dc3831390d.safeframe.googlesyndication.com
1    2a00:1450:4001:829::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
18    54.77.19.59 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-77-19-59.eu-west-1.compute.amazonaws.com
rtb.gumgum.com
5    184.30.20.198 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-20-198.deploy.static.akamaitechnologies.com
ads.pubmatic.com
1    2600:9000:21f3:fa00:0:70b1:7080:93a1 (United States)

ASN16509 (AMAZON-02, US)
sync-amz.ads.yieldmo.com
3    18.156.0.31 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-0-31.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
6    34.98.64.218 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com
u.openx.net
us-u.openx.net
eu-u.openx.net
1    185.86.138.132 (France)

ASN201081 (SMARTADSERVER, FR)
ssbsync.smartadserver.com
2    2a02:fa8:8806:13::1400 (United States)

ASN41041 (VCLK-EU-SE, US)
amazon-tam-match.dotomi.com
pubmatic-match.dotomi.com
3    37.252.172.45 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
ib.adnxs.com
2    216.52.2.30 (United States)

ASN29791 (VOXEL-DOT-NET, US)
ap.lijit.com
1    52.57.162.23 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
eb2.3lift.com
3    37.157.2.237 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
11    216.58.212.162 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: ams15s22-in-f162.1e100.net
cm.g.doubleclick.net
1    72.21.206.140 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: 206-140.amazon.com
s.amazon-adsystem.com
3    185.29.135.233 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
1    2a02:fa8:8806:16::1400 (United States)

ASN41041 (VCLK-EU-SE, US)
casale-match.dotomi.com
2    2001:678:cb4:bbbb::11 (United Kingdom)

ASN56396 (TURN, GB)
ad.turn.com
2    169.197.150.7 (United States)

ASN398989 (DEEPINTENT, US)
PTR: g.deepintent.com
match.deepintent.com
1    185.64.189.115 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
1    37.252.173.62 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 535.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
secure.adnxs.com
7    3.126.158.103 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-158-103.eu-central-1.compute.amazonaws.com
x.bidswitch.net
1    47.252.78.131 (United States)

ASN45102 (CNNIC-ALIBABA-US-NET-AP Alibaba (US) Technology Co., Ltd., CN)
event.clientgear.com
1    64.202.112.95 (United States)

ASN23352 (SERVERCENTRAL, US)
PTR: ny.outbrain.com
sync.outbrain.com
2    54.226.160.243 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
sync.srv.stackadapt.com
2    2a00:1288:110:c305::8000 (United Kingdom)

ASN34010 (YAHOO-IRD, GB)
pr-bh.ybp.yahoo.com
1    52.0.80.108 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
sync.ipredictive.com
1    150.136.25.38 (Ashburn, United States)

ASN31898 (ORACLE-BMC-31898, US)
sync.technoratimedia.com
1    64.202.112.31 (United States)

ASN23352 (SERVERCENTRAL, US)
PTR: ny.outbrain.com
b1sync.zemanta.com
2    3.124.27.129 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
ad.360yield.com
2    213.19.147.45 (United Kingdom)

ASN3356 (LEVEL3, US)
sync.1rx.io
3    54.228.162.19 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-228-162-19.eu-west-1.compute.amazonaws.com
match.adsrvr.org
data.adsrvr.org
1    213.19.147.44 (United Kingdom)

ASN3356 (LEVEL3, US)
sync.targeting.unrulymedia.com
2    198.148.27.139 (New York, United States)

ASN19189 (PULSEPOINT, US)
bh.contextweb.com
4    151.101.114.49 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
1    18.195.155.181 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-155-181.eu-central-1.compute.amazonaws.com
cs.emxdgt.com
1    202.241.208.57 (Japan)

ASN4694 (IDCF IDC Frontier Inc., JP)
tg.socdm.com
2    193.0.160.128 (United States)

ASN54312 (ROCKETFUEL, US)
p.rfihub.com
2    185.184.8.30 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
creativecdn.com
4    66.155.71.150 (Portsmouth, United Kingdom)

ASN13768 (COGECO-PEER1, CA)
pixel-sync.sitescout.com
1    54.78.254.47 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-78-254-47.eu-west-1.compute.amazonaws.com
loadm.exelator.com
2    35.227.248.159 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 159.248.227.35.bc.googleusercontent.com
pixel.tapad.com
6    72.251.249.14 (Amsterdam, Netherlands)

ASN29791 (VOXEL-DOT-NET, US)
ce.lijit.com
8    52.48.151.83 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
match.prod.bidr.io
1    52.21.173.249 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
aorta.clickagy.com
1    178.250.0.163 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.criteo.com
2    213.155.156.183 (Sweden)

ASN1299 (TELIANET Telia Carrier, SE)
d5p.de17a.com
6    185.64.189.110 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
1    85.114.159.93 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
dsp.adfarm1.adition.com
7    185.64.190.80 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
simage2.pubmatic.com
1    185.86.139.114 (France)

ASN201081 (SMARTADSERVER, FR)
rtb-csync.smartadserver.com
1    72.251.241.204 (Amsterdam, Netherlands)

ASN29791 (VOXEL-DOT-NET, US)
cm.adgrx.com
1    2606:4700:10::6816:1857 (United States)

ASN13335 (CLOUDFLARENET, US)
mwzeom.zeotap.com
2    77.243.60.138 (Aalborg, Denmark)

ASN42697 (NETIC-AS, DK)
uipglob.semasio.net
2    35.201.96.126 (Kansas City, United States)

ASN15169 (GOOGLE, US)
visitor.fiftyt.com
1    185.64.190.106 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
aud.pubmatic.com
1    185.64.190.81 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image4.pubmatic.com
1    159.65.197.210 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)
match.adsby.bidtheatre.com
1    169.50.137.190 (United States)

ASN36351 (SOFTLAYER, US)
PTR: be.89.32a9.ip4.static.sl-reverse.com
um.simpli.fi
1    104.26.5.15 (United States)

ASN13335 (CLOUDFLARENET, US)
api-mg2.db-ip.com
33    2.17.190.151 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
publish.responsiveads.com
7    2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
9    2a00:1450:4001:803::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
4    2606:4700::6810:135e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
10    2a00:1450:4001:808::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
5    3.218.108.153 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
analytics.responsiveads.com
5    2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
2    13.224.111.21 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-111-21.mad50.r.cloudfront.net
sb.scorecardresearch.com
1    2a02:2638::1c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
2    13.69.65.23 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
dc.services.visualstudio.com
Apex Domain
Subdomains		 Transfer
38 responsiveads.com
publish.responsiveads.com
analytics.responsiveads.com
1 MB
26 doubleclick.net
securepubads.g.doubleclick.net
stats.g.doubleclick.net
cm.g.doubleclick.net
130 KB
23 paradisepost.com
paradisepost.com
www.paradisepost.com
580 KB
22 pubmatic.com
hbopenbid.pubmatic.com
ads.pubmatic.com
image6.pubmatic.com
image2.pubmatic.com
simage2.pubmatic.com
aud.pubmatic.com
image4.pubmatic.com
58 KB
18 gumgum.com
rtb.gumgum.com
5 KB
17 googlesyndication.com
1b0804fc21f67a6688ab78dc3831390d.safeframe.googlesyndication.com
tpc.googlesyndication.com
pagead2.googlesyndication.com
107 KB
16 amazon-adsystem.com
c.amazon-adsystem.com
aax-eu.amazon-adsystem.com
s.amazon-adsystem.com
41 KB
12 googleapis.com
fonts.googleapis.com
ajax.googleapis.com
35 KB
10 gstatic.com
fonts.gstatic.com
217 KB
10 ayc0zsm69431gfebd.xyz
cdn.ayc0zsm69431gfebd.xyz
205 KB
9 casalemedia.com
htlb.casalemedia.com
as-sec.casalemedia.com
ssum-sec.casalemedia.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
9 KB
8 bidr.io
match.prod.bidr.io
4 KB
8 lijit.com
ap.lijit.com
ce.lijit.com
5 KB
8 adsrvr.org
match.adsrvr.org
data.adsrvr.org
3 KB
8 googletagservices.com
www.googletagservices.com
260 KB
7 bidswitch.net
x.bidswitch.net
3 KB
6 openx.net
u.openx.net
us-u.openx.net
eu-u.openx.net
2 KB
6 azurewebsites.net
prod-dfm-proxy-connext.azurewebsites.net
72 KB
6 rubiconproject.com
fastlane.rubiconproject.com
8 KB
6 durationmedia.net
tag.durationmedia.net
be.durationmedia.net
35 KB
6 google-analytics.com
www.google-analytics.com
20 KB
5 yahoo.com
ups.analytics.yahoo.com
pr-bh.ybp.yahoo.com
3 KB
5 3lift.com
tlx.3lift.com
eb2.3lift.com
2 KB
4 cloudflare.com
cdnjs.cloudflare.com
20 KB
4 sitescout.com
pixel-sync.sitescout.com
2 KB
4 everesttech.net
sync-tm.everesttech.net
1 KB
4 adnxs.com
ib.adnxs.com
secure.adnxs.com
4 KB
4 criteo.com
bidder.criteo.com
dis.criteo.com
gum.criteo.com
754 B
4 scorecardresearch.com
sb.scorecardresearch.com
1 KB
4 quantserve.com
secure.quantserve.com
pixel.quantserve.com
10 KB
3 mathtag.com
sync.mathtag.com
2 KB
3 adform.net
c1.adform.net
1 KB
3 dotomi.com
amazon-tam-match.dotomi.com
casale-match.dotomi.com
pubmatic-match.dotomi.com
284 B
3 google.com
www.google.com
adservice.google.com
284 B
3 amazonaws.com
8idf2m851i.execute-api.us-east-1.amazonaws.com
paywall-ad-bucket.s3.amazonaws.com
2 KB
3 azureedge.net
loader-cdn.azureedge.net
fp-cdn.azureedge.net
g2insights-cdn.azureedge.net
238 KB
3 googletagmanager.com
www.googletagmanager.com
159 KB
3 go-fet.ch
c.go-fet.ch
44 KB
2 visualstudio.com
dc.services.visualstudio.com
854 B
2 fiftyt.com
visitor.fiftyt.com
991 B
2 semasio.net
uipglob.semasio.net
1 KB
2 de17a.com
d5p.de17a.com
637 B
2 tapad.com
pixel.tapad.com
982 B
2 creativecdn.com
creativecdn.com
695 B
2 rfihub.com
p.rfihub.com
1 KB
2 contextweb.com
bh.contextweb.com
1 KB
2 1rx.io
sync.1rx.io
1 KB
2 360yield.com
ad.360yield.com
616 B
2 stackadapt.com
sync.srv.stackadapt.com
1 KB
2 deepintent.com
match.deepintent.com
60 B
2 turn.com
ad.turn.com
943 B
2 smartadserver.com
ssbsync.smartadserver.com
rtb-csync.smartadserver.com
1 KB
2 emxdgt.com
hb.emxdgt.com
cs.emxdgt.com
162 B
2 google.de
www.google.de
adservice.google.de
272 B
2 parsely.com
cdn.parsely.com
p1.parsely.com
19 KB
2 cloudfront.net
d1z2jf7jlzjs58.cloudfront.net
d1wa9546y9kg0n.cloudfront.net
8 KB
2 wp.com
stats.wp.com
pixel.wp.com
3 KB
1 db-ip.com
api-mg2.db-ip.com
953 B
1 simpli.fi
um.simpli.fi
609 B
1 bidtheatre.com
match.adsby.bidtheatre.com
550 B
1 zeotap.com
mwzeom.zeotap.com
387 B
1 adgrx.com
cm.adgrx.com
408 B
1 adition.com
dsp.adfarm1.adition.com
501 B
1 clickagy.com
aorta.clickagy.com
664 B
1 exelator.com
loadm.exelator.com
616 B
1 socdm.com
tg.socdm.com
832 B
1 unrulymedia.com
sync.targeting.unrulymedia.com
469 B
1 zemanta.com
b1sync.zemanta.com
281 B
1 technoratimedia.com
sync.technoratimedia.com
294 B
1 ipredictive.com
sync.ipredictive.com
428 B
1 outbrain.com
sync.outbrain.com
627 B
1 clientgear.com
event.clientgear.com
260 B
1 yieldmo.com
sync-amz.ads.yieldmo.com
481 B
1 rlcdn.com
api.rlcdn.com
224 B
1 criteo.net
static.criteo.net
37 KB
1 quantcount.com
rules.quantcount.com
438 B
1 postrelease.com
jadserve.postrelease.com
636 B
1 facebook.net
connect.facebook.net
24 KB
1 ntv.io
s.ntv.io
103 KB
1 polyfill.io
polyfill.io
554 B
1 msecnd.net
az416426.vo.msecnd.net
22 KB
1 indexww.com
js-sec.indexww.com
40 KB
1 windows.net
prodmg2.blob.core.windows.net
111 KB
1 osano.com
cmp.osano.com
97 KB
300 84
Domain Requested by
33 publish.responsiveads.com www.paradisepost.com
publish.responsiveads.com
1b0804fc21f67a6688ab78dc3831390d.safeframe.googlesyndication.com
21 www.paradisepost.com www.paradisepost.com
18 rtb.gumgum.com aax-eu.amazon-adsystem.com
rtb.gumgum.com
14 securepubads.g.doubleclick.net www.googletagservices.com
az416426.vo.msecnd.net
www.paradisepost.com
1b0804fc21f67a6688ab78dc3831390d.safeframe.googlesyndication.com
12 aax-eu.amazon-adsystem.com 1 redirects c.amazon-adsystem.com
aax-eu.amazon-adsystem.com
u.openx.net
ssum-sec.casalemedia.com
rtb.gumgum.com
ap.lijit.com
ads.pubmatic.com
11 cm.g.doubleclick.net 9 redirects u.openx.net
rtb.gumgum.com
11 fonts.googleapis.com www.paradisepost.com
cdnjs.cloudflare.com
10 fonts.gstatic.com fonts.googleapis.com
10 tpc.googlesyndication.com securepubads.g.doubleclick.net
1b0804fc21f67a6688ab78dc3831390d.safeframe.googlesyndication.com
tpc.googlesyndication.com
10 cdn.ayc0zsm69431gfebd.xyz ajax.googleapis.com
cdn.ayc0zsm69431gfebd.xyz
8 match.prod.bidr.io 8 redirects
8 www.googletagservices.com www.paradisepost.com
securepubads.g.doubleclick.net
1b0804fc21f67a6688ab78dc3831390d.safeframe.googlesyndication.com
7 simage2.pubmatic.com ads.pubmatic.com
7 x.bidswitch.net 7 redirects
7 match.adsrvr.org 4 redirects js-sec.indexww.com
u.openx.net
ssum-sec.casalemedia.com
6 image2.pubmatic.com ads.pubmatic.com
6 ce.lijit.com 2 redirects ap.lijit.com
6 prod-dfm-proxy-connext.azurewebsites.net cdn.ayc0zsm69431gfebd.xyz
6 fastlane.rubiconproject.com js-sec.indexww.com
6 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
www.paradisepost.com
5 pagead2.googlesyndication.com www.googletagservices.com
az416426.vo.msecnd.net
tpc.googlesyndication.com
5 analytics.responsiveads.com www.paradisepost.com
5 ads.pubmatic.com aax-eu.amazon-adsystem.com
ads.pubmatic.com
rtb.gumgum.com
4 cdnjs.cloudflare.com publish.responsiveads.com
4 pixel-sync.sitescout.com 4 redirects
4 sync-tm.everesttech.net 3 redirects ads.pubmatic.com
4 dsum-sec.casalemedia.com 1 redirects ssum-sec.casalemedia.com
4 be.durationmedia.net tag.durationmedia.net
4 tlx.3lift.com js-sec.indexww.com
4 sb.scorecardresearch.com 2 redirects www.paradisepost.com
3 sync.mathtag.com 3 redirects
3 c1.adform.net 3 redirects
3 us-u.openx.net 1 redirects u.openx.net
3 ib.adnxs.com 3 redirects
3 ups.analytics.yahoo.com 3 redirects
3 pixel.quantserve.com 2 redirects www.paradisepost.com
3 www.googletagmanager.com www.paradisepost.com
g2insights-cdn.azureedge.net
3 c.amazon-adsystem.com www.paradisepost.com
c.amazon-adsystem.com
3 c.go-fet.ch www.paradisepost.com
c.go-fet.ch
2 dc.services.visualstudio.com az416426.vo.msecnd.net
2 visitor.fiftyt.com 2 redirects
2 uipglob.semasio.net 1 redirects ads.pubmatic.com
2 d5p.de17a.com 2 redirects
2 pixel.tapad.com 2 redirects
2 creativecdn.com 2 redirects
2 p.rfihub.com 2 redirects
2 bh.contextweb.com 2 redirects
2 sync.1rx.io 2 redirects
2 ad.360yield.com 2 redirects
2 pr-bh.ybp.yahoo.com 1 redirects ads.pubmatic.com
2 sync.srv.stackadapt.com 2 redirects
2 match.deepintent.com ssum-sec.casalemedia.com
rtb.gumgum.com
2 ad.turn.com 2 redirects
2 ap.lijit.com 1 redirects aax-eu.amazon-adsystem.com
2 u.openx.net 1 redirects aax-eu.amazon-adsystem.com
2 ssum-sec.casalemedia.com aax-eu.amazon-adsystem.com
ssum-sec.casalemedia.com
2 1b0804fc21f67a6688ab78dc3831390d.safeframe.googlesyndication.com securepubads.g.doubleclick.net
2 bidder.criteo.com static.criteo.net
2 www.google.com www.paradisepost.com
securepubads.g.doubleclick.net
2 8idf2m851i.execute-api.us-east-1.amazonaws.com c.go-fet.ch
2 tag.durationmedia.net www.googletagmanager.com
tag.durationmedia.net
2 paradisepost.com 2 redirects
1 gum.criteo.com static.criteo.net
1 api-mg2.db-ip.com cdn.ayc0zsm69431gfebd.xyz
1 um.simpli.fi ads.pubmatic.com
1 pubmatic-match.dotomi.com ads.pubmatic.com
1 match.adsby.bidtheatre.com 1 redirects
1 image4.pubmatic.com ads.pubmatic.com
1 aud.pubmatic.com ads.pubmatic.com
1 mwzeom.zeotap.com ads.pubmatic.com
1 cm.adgrx.com ads.pubmatic.com
1 rtb-csync.smartadserver.com 1 redirects
1 dsp.adfarm1.adition.com 1 redirects
1 dis.criteo.com ads.pubmatic.com
1 aorta.clickagy.com 1 redirects
1 data.adsrvr.org ap.lijit.com
1 loadm.exelator.com 1 redirects
1 tg.socdm.com 1 redirects
1 cs.emxdgt.com rtb.gumgum.com
1 sync.targeting.unrulymedia.com 1 redirects
1 b1sync.zemanta.com 1 redirects
1 sync.technoratimedia.com rtb.gumgum.com
1 sync.ipredictive.com 1 redirects
1 sync.outbrain.com 1 redirects
1 event.clientgear.com 1 redirects
1 secure.adnxs.com 1 redirects
1 image6.pubmatic.com ads.pubmatic.com
1 dsum.casalemedia.com ssum-sec.casalemedia.com
1 casale-match.dotomi.com 1 redirects
1 s.amazon-adsystem.com ssum-sec.casalemedia.com
1 eu-u.openx.net u.openx.net
1 eb2.3lift.com 1 redirects
1 amazon-tam-match.dotomi.com aax-eu.amazon-adsystem.com
1 ssbsync.smartadserver.com 1 redirects
1 sync-amz.ads.yieldmo.com aax-eu.amazon-adsystem.com
1 as-sec.casalemedia.com az416426.vo.msecnd.net
1 adservice.google.com securepubads.g.doubleclick.net
1 adservice.google.de securepubads.g.doubleclick.net
1 p1.parsely.com www.paradisepost.com
1 paywall-ad-bucket.s3.amazonaws.com www.paradisepost.com
1 d1wa9546y9kg0n.cloudfront.net cdn.ayc0zsm69431gfebd.xyz
1 hb.emxdgt.com js-sec.indexww.com
1 hbopenbid.pubmatic.com js-sec.indexww.com
1 htlb.casalemedia.com js-sec.indexww.com
1 www.google.de www.paradisepost.com
1 stats.g.doubleclick.net www.google-analytics.com
1 g2insights-cdn.azureedge.net ajax.googleapis.com
1 fp-cdn.azureedge.net ajax.googleapis.com
1 api.rlcdn.com js-sec.indexww.com
1 static.criteo.net js-sec.indexww.com
1 rules.quantcount.com secure.quantserve.com
1 cdn.parsely.com d1z2jf7jlzjs58.cloudfront.net
1 jadserve.postrelease.com s.ntv.io
1 pixel.wp.com www.paradisepost.com
1 connect.facebook.net www.paradisepost.com
1 secure.quantserve.com www.googletagmanager.com
1 d1z2jf7jlzjs58.cloudfront.net www.paradisepost.com
1 loader-cdn.azureedge.net ajax.googleapis.com
1 stats.wp.com www.paradisepost.com
1 s.ntv.io www.paradisepost.com
1 polyfill.io ajax.googleapis.com
1 az416426.vo.msecnd.net www.paradisepost.com
1 js-sec.indexww.com www.paradisepost.com
1 prodmg2.blob.core.windows.net www.paradisepost.com
1 cmp.osano.com www.paradisepost.com
1 ajax.googleapis.com www.paradisepost.com
300 126
Subject Issuer Validity Valid
paradisepost.com
R3		 2021-04-19 -
2021-07-18		 3 months crt.sh
upload.video.google.com
GTS CA 1O1		 2021-03-23 -
2021-06-15		 3 months crt.sh
cmp.osano.com
Amazon		 2020-08-26 -
2021-09-25		 a year crt.sh
*.blob.core.windows.net
Microsoft RSA TLS CA 01		 2021-02-16 -
2022-02-16		 a year crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018		 2021-02-05 -
2022-02-09		 a year crt.sh
*.g.doubleclick.net
GTS CA 1O1		 2021-03-23 -
2021-06-15		 3 months crt.sh
sni1e6ffgl.wpc.edgecastcdn.net
DigiCert SHA2 Secure Server CA		 2020-04-16 -
2022-04-21		 2 years crt.sh
f3.shared.global.fastly.net
GlobalSign CloudSSL CA - SHA256 - G3		 2021-04-13 -
2022-03-26		 a year crt.sh
*.ntv.io
DigiCert SHA2 Secure Server CA		 2021-01-25 -
2022-02-01		 a year crt.sh
*.go-fet.ch
Amazon		 2020-12-08 -
2022-01-06		 a year crt.sh
*.wp.com
Sectigo RSA Domain Validation Secure Server CA		 2020-04-02 -
2022-07-05		 2 years crt.sh
c.amazon-adsystem.com
Amazon		 2020-08-04 -
2021-08-02		 a year crt.sh
*.google-analytics.com
GTS CA 1O1		 2021-03-23 -
2021-06-15		 3 months crt.sh
sni22a5dgl.wpc.edgecastcdn.net
DigiCert TLS RSA SHA256 2020 CA1		 2020-11-03 -
2021-11-07		 a year crt.sh
*.cloudfront.net
DigiCert Global CA G2		 2021-02-22 -
2022-02-21		 a year crt.sh
*.quantserve.com
DigiCert SHA2 High Assurance Server CA		 2020-10-02 -
2021-10-07		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2021-04-06 -
2021-07-03		 3 months crt.sh
*.durationmedia.net
Amazon		 2020-09-07 -
2021-10-07		 a year crt.sh
*.scorecardresearch.com
Amazon		 2021-02-28 -
2022-03-29		 a year crt.sh
*.postrelease.com
Amazon		 2021-01-28 -
2022-02-26		 a year crt.sh
*.parsely.com
Amazon		 2020-08-02 -
2021-09-02		 a year crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-04-14 -
2021-07-12		 3 months crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2021-02-25 -
2022-03-28		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2021-03-18 -
2022-04-19		 a year crt.sh
sni1ad09gl.wpc.edgecastcdn.net
DigiCert SHA2 Secure Server CA		 2019-11-22 -
2021-12-01		 2 years crt.sh
sni1ad03gl.wpc.edgecastcdn.net
DigiCert SHA2 Secure Server CA		 2019-11-22 -
2021-12-01		 2 years crt.sh
sni9642gl.wpc.edgecastcdn.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-02-20 -
2022-03-22		 a year crt.sh
*.execute-api.us-east-1.amazonaws.com
Amazon		 2020-09-24 -
2021-10-26		 a year crt.sh
www.google.com
GTS CA 1C3		 2021-03-23 -
2021-06-15		 3 months crt.sh
www.google.de
GTS CA 1O1		 2021-03-23 -
2021-06-15		 3 months crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2020-12-07 -
2021-12-14		 a year crt.sh
*.emxdgt.com
Amazon		 2020-07-31 -
2021-08-30		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2020-12-18 -
2022-01-18		 a year crt.sh
*.3lift.com
Amazon		 2020-07-04 -
2021-08-05		 a year crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-04-14 -
2021-07-12		 3 months crt.sh
*.azurewebsites.net
Microsoft RSA TLS CA 01		 2020-09-28 -
2021-09-28		 a year crt.sh
*.s3.amazonaws.com
DigiCert Baltimore CA-2 G2		 2021-01-11 -
2022-02-11		 a year crt.sh
aax-eu.amazon-adsystem.com
Amazon		 2021-04-09 -
2022-03-20		 a year crt.sh
*.google.de
GTS CA 1O1		 2021-03-23 -
2021-06-15		 3 months crt.sh
*.google.com
GTS CA 1O1		 2021-03-23 -
2021-06-15		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1O1		 2021-03-23 -
2021-06-15		 3 months crt.sh
*.gumgum.com
Amazon		 2020-07-03 -
2021-08-03		 a year crt.sh
*.ads.yieldmo.com
Amazon		 2021-01-18 -
2022-02-15		 a year crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2020-06-18 -
2021-08-17		 a year crt.sh
*.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2019-06-19 -
2021-08-31		 2 years crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2021-03-11 -
2022-04-12		 a year crt.sh
s.amazon-adsystem.com
Amazon		 2020-08-28 -
2021-08-20		 a year crt.sh
*.deepintent.com
Go Daddy Secure Certificate Authority - G2		 2020-04-09 -
2022-06-08		 2 years crt.sh
*.technoratimedia.com
DigiCert SHA2 High Assurance Server CA		 2020-07-28 -
2021-10-01		 a year crt.sh
public1.adgear.com
Sectigo RSA Domain Validation Secure Server CA		 2021-02-24 -
2022-03-26		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2020-08-05 -
2021-08-05		 a year crt.sh
*.semasio.net
GlobalSign GCC R3 DV TLS CA 2020		 2021-03-09 -
2022-04-10		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2020-10-30 -
2021-04-27		 6 months crt.sh
*.everesttech.net
GlobalSign Atlas R3 DV TLS CA 2020		 2021-03-22 -
2022-04-23		 a year crt.sh
*.simpli.fi
DigiCert SHA2 Secure Server CA		 2019-09-18 -
2021-12-12		 2 years crt.sh
*.responsiveads.com
DigiCert SHA2 Secure Server CA		 2020-04-02 -
2021-07-02		 a year crt.sh
*.gstatic.com
GTS CA 1O1		 2021-03-23 -
2021-06-15		 3 months crt.sh
in.applicationinsights.azure.com
Microsoft RSA TLS CA 02		 2021-04-21 -
2022-04-21		 a year crt.sh

This page contains 39 frames:

Primary Page: https://www.paradisepost.com/
Frame ID: CAFBD454177BC13FDA41AE1C16761AFF
Requests: 119 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-index_pm-db5_ym_n-vmg_ox-db5_smrt_cnv_an-db5_sovrn_3lift&dcc=t
Frame ID: 2CEACBB14C76CD8AEFC2E6086BFF45F9
Requests: 1 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=gg_n-index_pm-db5_ym_n-vmg_ox-db5_smrt_cnv_an-db5_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1
Frame ID: 45788D473E1B751DA27978003278B925
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Frame ID: 33DBF228B6406719149C05725A72CF3C
Requests: 15 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Frame ID: 60F3E034B4E870A613C9E78D187A3599
Requests: 10 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156657&predirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID
Frame ID: 860A836940B4842593CE00E1EA7640C2
Requests: 1 HTTP requests in this frame

Frame: https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dym.com%26id%3D%24UID
Frame ID: B063570B89C2BE7DF2DC2E1104972873
Requests: 1 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/ecm3?ex=vmg.com&id=y-oPAolm51l2OW82cY2DzmtwzR8RlHhfs-&
Frame ID: 9083FE1BA0BF69D095121367FEC8CE6C
Requests: 1 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Frame ID: FF8A1FE46C700A5AD2624387249A2EB9
Requests: 7 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/ecm3?ex=smart.com&id=8749103022150578688
Frame ID: 460E583C392D9BA7410F87F1EF508687
Requests: 1 HTTP requests in this frame

Frame: https://amazon-tam-match.dotomi.com/match/bounce/current?networkId=31082&version=1&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcnv.com%26id%3D
Frame ID: 89A9386B30901AFBA0B1355CCB0E9030
Requests: 1 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/ecm3?id=991921832087954775&ex=appnexus.com
Frame ID: AC9C39DF2EB5294AC6AFEB27B3575555
Requests: 1 HTTP requests in this frame

Frame: https://ap.lijit.com/beacon/amazon?url=https://aax-eu.amazon-adsystem.com%2Fs/ecm3?id=$UID&ex=sovrn.com&dnr=1
Frame ID: C23265E2AB3505B1AB69761577137B3A
Requests: 7 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/ecm3?ex=3lift.com&id=17892687483202660486
Frame ID: DF8F862E10E9AD699FC1AFFFE92648DF
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 56A08A0C2AA8230EC16C2B5260AC33CB
Requests: 21 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=mmh&i=b1db6086-c9cc-4000-a0f0-a81cd37e74b4&gdpr=&gdpr_consent=
Frame ID: 1701261FD086C46063E857D855A87AA0
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=atm&i=YIbJzAAAetTSNwA4&gdpr=&gdpr_consent=&_test=YIbJzAAAetTSNwA4
Frame ID: D700C872E6C342D9B421E03E149B8EDE
Requests: 1 HTTP requests in this frame

Frame: https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV82ZmIzYTFiNS01ZDY4LTRkYzEtODMyOS0zMmNjYjRiODg1OTI=&gdpr=&gdpr_consent=
Frame ID: 70B27ABFCF19AD8FCF3663D3B8A915BF
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Frame ID: 9DAAD1DF67E4717927DB79EFD44104CB
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=ttd&i=22e8710e-efc3-413a-8807-132412f14609&t=1622038219
Frame ID: 9A1DC9C61371778BA430474D2B70B46E
Requests: 1 HTTP requests in this frame

Frame: https://cs.emxdgt.com/um?redirect=http%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID
Frame ID: B23015C2629121E2477CF7790E9A2B25
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=sus&i=YIbJ08Co5soAAFWMmtUAAAAA
Frame ID: A9AC1DB65E9837AA1EB11829640CB6B5
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=zet&i=2159827870359069856
Frame ID: A5159AD5B72784D174BA0ADD95B1E715
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=rth&i=eMa2ZsPTQ4xF0w1li8HG&pi=gumgum&tc=1
Frame ID: 1FFDB7AF7480259BC3C3CE2B7DC184EA
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 0DFEC959FB9D74535E83BA211B82CC4F
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: A4F76962532736A9C43193F7F7A9A670
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=2841471244553776416
Frame ID: 8B8FA6C6CDF48887836D1CFE6EB465B3
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6955468561135171725
Frame ID: 31E302B6C34AD3E778877E83F52897C0
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AACmq07BDZQAAClHFfwJxQ
Frame ID: 2363B58E775728FC95743E86D49C5FF3
Requests: 1 HTTP requests in this frame

Frame: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Frame ID: E7AE4DEC9C9F8CEC4764A91D9F48B240
Requests: 1 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/ecm3?id=17C97ED6-CF43-4A5E-82A9-974E7830EDF8&ex=pubmatic.com
Frame ID: 023D615F2AFC8A46CF941363C9BD6867
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsupRqJsHwMHbX3uz-ubd76FPYKX9J9tTZhU0kZ3upb8wabg8pHJpuzKEag-a_M0EFmmPiOv-FE4xBoo7UuB_e4l-3SdgJhZDD_igQxSvufdI3TnZYXsPyH9b18g1Zgf3FktvPU55hwP0oipy8-8Y4mQ0-Z4eWOZe0yE-yd8Ew6_nVpP6K3HhSzV-z97yk8vqKycjYZOFV4nWuTZaMRJoW9X9ks9wvgqrQJ1LAvD231tCaU36Sy18gaGhgVBAiIiECIEl8WfiKVP69zNVlTMaLc3wkoeOs8_hce-XCj7e97uA4srZCfXIFAJI4H4H2c&sai=AMfl-YScJH8it1c8BkkVwvM86Ma0sjzA87GTfhu6MaqEi1juOjWc7a2t4qX9kcgy3gJ7vQ-tXDNYuRbUCtSiDJDY7Pnq7Ej0IZu8LWUAipE6yaxooqnXGuH1i1MEKO-RLpdT&sig=Cg0ArKJSzALY7aGtNa28EAE&urlfix=1&adurl=
Frame ID: 5529A696C670E165BFE98383936AF712
Requests: 19 HTTP requests in this frame

Frame: https://1b0804fc21f67a6688ab78dc3831390d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: C2BBD7DF8360CBA974651F33F0794FB7
Requests: 21 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuxIWY72TUZqDCUH2R8OPXyany-mWze72nXkq8jvCermTPcUbEeq284KtkaUdAmdc_Clxehwm5YtqhwZafY0COwcTv0JBatABYCbzuvIMBRZZn0acwn5ebVD8C19TX-tuzlmKjagP9j5aITi7JUsxJkzFD5sTraNkSigpuD0bJfEMmMGjSqrHzxjrOWJoh8z3hrNlcDS0X14HbzGAhmhLQdb5wg1Voq2Z21wARvruKkZbIfTRYgCWlMpRM84syZaQuyPED3OBYQChGl7imqI_tlihj5bhLiD5rYzOxgi4b2h-721bCp3jXL7pvTxTf3&sai=AMfl-YQA2r7YjbkxQ46P4aEKFlhKKLkz4VON_2NJTI3PK7wyozgkK5-h4mGa1CQ5n60eqojgKM6L-_q_mt5HxPEPLfsXaHVfCOL--WpIuE2A0jbdT0pJG3-Iyzz4_fWSg6yH&sig=Cg0ArKJSzBD_oAnz7J49EAE&adurl=
Frame ID: 4D51C8373F8A922692A995891CDE4B71
Requests: 7 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstjtoflptXmDTAD5otMPVhHz7qFjqx7Eh-uymZvQjG-OAGBv4A4nhZoNU8lpi8rkuKmOuJ3JDfLyZf_IhboXZ9uHHBRimCJMaO_5Zg3xizi-hHlDefs09EL1uoBOZHvy1VGShdnJnXzN9wzbhjIQopgBBdb5_Gx5uZZ9_7i6tqqhr7peS2qaYwsW-a3OhzppKMx0qAWbxXWMnxqLjPKHrIHmmb82m5QxJ21fnzrzq-0CId8I2f_O3_J7Fm8kDYed-vrRspUWOKSKH2sbYx_iFw5qYkeczbRjUWlVWJEjXTca6c-C47CsS_XB8fWI2Kx&sai=AMfl-YSs_Ltma7SjrA2ffHhQDfH_L8xRmO8GG3y78G1eKrcdYfkV-qUg8LcAeyY7Z0fHt-WDgjShmJ3WEeQqmqLM8x3GwtwYAcHsQY5bfeE4KBY56_-jHA6dOIYZNE827CFJ&sig=Cg0ArKJSzOf4vY3yn1F0EAE&adurl=
Frame ID: 8CF193E27A224C355EB8DE20B5A88417
Requests: 8 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuabB2UQ0lUQHE99U1RwWZ59AjNEuwtR8-DhwyNvpyUHaWudcMXaXSf-EMauizshDKdY87aRibxklEZIUEfiygOX0lg4hGo2CieT0Jm8vleO8GXw931YVL4gPRvJm-YiGOsQTyO9tsCWmjTpWksoLjZx7nj6zxPUJcmTDHhLGDj8H5ZfNYMAlk9JeSQ1XMxf75q3vetkCrEZ_yC5Wq6GPsx8QiawjD58uZcNt4vJFIo5phMLg450jLuruolxOguAxmieLRdMM13NPVj7m0S1ADvkiiSRzAvqZTEMVfs3SSBt0ky9aCjliJgj5jVPSU&sai=AMfl-YQSKyTLSBIjUYctEjlCwwERHS7KphK1GhsMA5njTIFCM48iw6yIivcvJgcsLUA8ymQtjltAEoahkKt9fbSAU9GMm-lzA9B397Posp5aKsjEXdm9_vChN_CvQ81DagdI&sig=Cg0ArKJSzKsSbCjCuewFEAE&urlfix=1&adurl=
Frame ID: 6DEA5D62F265B9BF0FF49BF275B1ECBA
Requests: 23 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssBhDxPLq9GLZ6S_D9wL8C2hab4nbW_3JDquBCywwyWGdWS__2y2lpUw3OFOl-UDamxZNE_7vy9hv4xyGIj1fEK1JnOT2zK1PaobJpvMsihYKT3_KrSR-YJDSWYTPr2mgQmRH1fH60ZWxpdranvY89Uki8TBAeYSVq2a8I_Ya8k7jv39pNkFt8-_hPSprGLNYXPll79IZa5OvabHBETZr012SkTNwWT-RE3pLH2Kx5cG5RjOS9YFFnV8pkcuWR5iaNl1dKBECm1xUtvCPWu8aX1hAzivJNYBJIC8r8oUpjVjkeiMuGqMPBJU4CEU4Y&sai=AMfl-YTatI7BkgB58UUvwb5okT1QpRI-Ifj_oNqoWhyQz0WO9_VRHxz55SDS4E8Wzs3qKfvxq1OQiGfpZruOZVYRJF4U8lxF0kSCKwlGlYyfPkFLK2qp60l4WE34Uf7qlTq2&sig=Cg0ArKJSzC-VDtgdSm_XEAE&urlfix=1&adurl=
Frame ID: A5DCE7DA8C8AD2F7A781FAF29D8827B0
Requests: 17 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?topUrl=www.paradisepost.com
Frame ID: 77119FCE9B2814EBCC0DC1C76D455FD8
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Frame ID: 5DD77C9D1C4E5E7FAE5322B5392A2A97
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://paradisepost.com/ HTTP 301
    https://paradisepost.com/ HTTP 301
    https://www.paradisepost.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers link /rel="https:\/\/api\.w\.org\/"/i
Overall confidence: 100%
Detected patterns
  • headers link /rel="https:\/\/api\.w\.org\/"/i
Overall confidence: 100%
Detected patterns
  • headers link /rel="https:\/\/api\.w\.org\/"/i
Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
Overall confidence: 100%
Detected patterns
  • script /\.quantserve\.com\/quant\.js/i

Page Statistics

300
Requests

100 %
HTTPS

29 %
IPv6

84
Domains

126
Subdomains

84
IPs

10
Countries

4110 kB
Transfer

11273 kB
Size

6
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://paradisepost.com/ HTTP 301
    https://paradisepost.com/ HTTP 301
    https://www.paradisepost.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 40
  • https://sb.scorecardresearch.com/b?c1=2&c2=6035443&ns__t=1619446218124&ns_c=UTF-8&c8=Paradisepost.com%20covers%20local%20news%20in%20Paradise%2C%20California.%20Keep%20up%20with%20all%20business%2C%20wildfire%20recovery%2C%20local%20sports%2C%20outdoors%2C%20local%20columnists%20and%20more.&c7=https%3A%2F%2Fwww.paradisepost.com%2F&c9= HTTP 302
  • https://sb.scorecardresearch.com/b2?c1=2&c2=6035443&ns__t=1619446218124&ns_c=UTF-8&c8=Paradisepost.com%20covers%20local%20news%20in%20Paradise%2C%20California.%20Keep%20up%20with%20all%20business%2C%20wildfire%20recovery%2C%20local%20sports%2C%20outdoors%2C%20local%20columnists%20and%20more.&c7=https%3A%2F%2Fwww.paradisepost.com%2F&c9=
Request Chain 88
  • https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-index_pm-db5_ym_n-vmg_ox-db5_smrt_cnv_an-db5_sovrn_3lift HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-index_pm-db5_ym_n-vmg_ox-db5_smrt_cnv_an-db5_sovrn_3lift&dcc=t
Request Chain 105
  • https://ups.analytics.yahoo.com/ups/58252/sync?redir=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/58252/sync?redir=true&verify=true HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=vmg.com&id=y-oPAolm51l2OW82cY2DzmtwzR8RlHhfs-&
Request Chain 106
  • https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D HTTP 302
  • https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Request Chain 107
  • https://ssbsync.smartadserver.com/api/sync?callerId=2 HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=smart.com&id=8749103022150578688
Request Chain 109
  • https://ib.adnxs.com/getuid?https://aax-eu.amazon-adsystem.com/s/ecm3?id=$UID&ex=appnexus.com HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fid%3D%24UID%26ex%3Dappnexus.com HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/ecm3?id=991921832087954775&ex=appnexus.com
Request Chain 110
  • https://ap.lijit.com/beacon/amazon?url=https://aax-eu.amazon-adsystem.com%2Fs/ecm3?id=$UID&ex=sovrn.com HTTP 302
  • https://ap.lijit.com/beacon/amazon?url=https://aax-eu.amazon-adsystem.com%2Fs/ecm3?id=$UID&ex=sovrn.com&dnr=1
Request Chain 111
  • https://eb2.3lift.com/getuid?redir=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=3lift.com&id=17892687483202660486
Request Chain 113
  • https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=UkaFKgdP3n1JT4spVEeQf1VEjSRJFd9-ARAN-TgS
Request Chain 114
  • https://c1.adform.net/serving/cookie/match?party=22 HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=22 HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=6937288142388169623
Request Chain 116
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NTJhMzU0ZmMtM2U5Yi02NzM4LTc0NTEtMTg1MWQwMjc1ZjA3 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NTJhMzU0ZmMtM2U5Yi02NzM4LTc0NTEtMTg1MWQwMjc1ZjA3&google_tc=
Request Chain 117
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm=&google_sc=&google_tc= HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEIdAKw2YUMvvCWjDZ8JjLJo&google_cver=1
Request Chain 120
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YIbJysqbwmrjF3T9PgDtEgAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESELGDcqzzO_PiFgptkb0yc4Q&google_cver=1
Request Chain 122
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YIbJysqbwmrjF3T9PgDtEgAABIwAAAIB HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm=&google_hm=YIbJysqbwmrjF3T9PgDtEgAABIwAAAIB&google_tc= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&google_gid=CAESENUeTWg9tpp_jMF1-bqcCM8&google_cver=1
Request Chain 123
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=9ae26086-c9cc-4800-a295-033ec29e3c98
Request Chain 124
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1 HTTP 302
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1619532619
Request Chain 125
  • https://ad.turn.com/r/cs?pid=21 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=2855734592565697297
Request Chain 129
  • https://secure.adnxs.com/getuid?https://rtb.gumgum.com/usersync?b=apn&i=$UID HTTP 302
  • https://rtb.gumgum.com/usersync?b=apn&i=991921832087954775
Request Chain 130
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_6fb3a1b5-5d68-4dc1-8329-32ccb4b88592&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=gumgum2&user_id=e_6fb3a1b5-5d68-4dc1-8329-32ccb4b88592&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://event.clientgear.com/cookie/bidswitch?partner=bidswitch&bidswitch_ssp_id=gumgum2&bsw_custom_parameter=9c1aa671-38a0-47f1-b8e9-f8a94f594c84 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=257&user_id=mkaf165eb9-4fef-4451-a60e-01e7a9037d0b&expires=7&user_group=5&ssp=gumgum2&bsw_param=9c1aa671-38a0-47f1-b8e9-f8a94f594c84 HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?dsp_id=257&user_id=mkaf165eb9-4fef-4451-a60e-01e7a9037d0b&expires=7&user_group=5&ssp=gumgum2&bsw_param=9c1aa671-38a0-47f1-b8e9-f8a94f594c84 HTTP 302
  • https://rtb.gumgum.com/usersync?b=bsw&i=816aea1c-182d-4b7a-8be6-e487a7044e3b
Request Chain 131
  • https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=&gdprConsent=&platformRdUrl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRdUrl%7D HTTP 302
  • https://rtb.gumgum.com/usersync?b=obn&i=ENC%281EHV8wj6nQfcbtkjOBDfYBtKuhPnd02gS87-Y5DfMSXBpE2cWlQbLRG0cBhUbrtt%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%26platformUid%3D%7Bplatform_uid%7D%26obuid%3DENC%281EHV8wj6nQfcbtkjOBDfYBtKuhPnd02gS87-Y5DfMSXBpE2cWlQbLRG0cBhUbrtt%29
Request Chain 132
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D HTTP 302
  • https://rtb.gumgum.com/usersync?b=opx&i=89f12346-dff9-01ca-06ca-5205d2959021
Request Chain 133
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=&gdpr_consent= HTTP 302
  • https://rtb.gumgum.com/usersync?b=sta&i=0-9f1d94c6-64a6-4190-75cd-9f02ffe78bd8$ip$185.156.175.107
Request Chain 134
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=&gdpr_consent= HTTP 302
  • https://rtb.gumgum.com/usersync?b=oth&i=y-LiKJPNhE2pfzPSp_29PtJchwR7I9tXLClQp5~A
Request Chain 135
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dvnt%26i%3D HTTP 302
  • https://rtb.gumgum.com/usersync?b=vnt&i=228042a0-a699-11eb-9266-912ecc5baaf2
Request Chain 138
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=e_6fb3a1b5-5d68-4dc1-8329-32ccb4b88592&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://rtb.gumgum.com/usersync?b=zem&i=
Request Chain 139
  • https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D HTTP 302
  • https://ad.360yield.com/ul_cb/server_match?partner_id=N&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D HTTP 302
  • https://rtb.gumgum.com/usersync?b=idi&i=421e9c10-cd29-4032-be98-e4366635d38f
Request Chain 140
  • https://sync.1rx.io/usersync2/floor6&gdpr=&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=2939259829 HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=2939259829 HTTP 302
  • https://sync.1rx.io/usersync/tradedesk/67cc95ac-f4b2-4fa9-96dd-13e9a26d254e HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-0ff05c88-7ec1-44d2-81d9-20ea79705b10-003?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3DRX-0ff05c88-7ec1-44d2-81d9-20ea79705b10-003 HTTP 302
  • https://rtb.gumgum.com/usersync?b=rhy&i=RX-0ff05c88-7ec1-44d2-81d9-20ea79705b10-003
Request Chain 141
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25 HTTP 302
  • https://rtb.gumgum.com/usersync?b=pln&i=c9O0yCfZZqru&ev=1&pid=558355
Request Chain 143
  • https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=&gdpr_consent=&redir=https%3a%2f%2frtb.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d HTTP 302
  • https://rtb.gumgum.com/usersync?b=mmh&i=b1db6086-c9cc-4000-a0f0-a81cd37e74b4&gdpr=&gdpr_consent=
Request Chain 144
  • https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=&gdpr_consent= HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=&gdpr_consent=&_test=YIbJzAAAetTSNwA4 HTTP 302
  • https://rtb.gumgum.com/usersync?b=atm&i=YIbJzAAAetTSNwA4&gdpr=&gdpr_consent=&_test=YIbJzAAAetTSNwA4
Request Chain 147
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=&gdpr_consent= HTTP 302
  • https://rtb.gumgum.com/usersync?b=ttd&i=22e8710e-efc3-413a-8807-132412f14609&t=1622038219
Request Chain 149
  • https://tg.socdm.com/aux/idsync?proto=gumgum HTTP 302
  • https://rtb.gumgum.com/usersync?b=sus&i=YIbJ08Co5soAAFWMmtUAAAAA
Request Chain 150
  • https://p.rfihub.com/cm?pub=42796&in=1 HTTP 302
  • https://rtb.gumgum.com/usersync?b=zet&i=2159827870359069856
Request Chain 151
  • https://creativecdn.com/cm-notify?pi=gumgum HTTP 302
  • https://creativecdn.com/cm-notify?pi=gumgum&tc=1 HTTP 302
  • https://rtb.gumgum.com/usersync?b=rth&i=eMa2ZsPTQ4xF0w1li8HG&pi=gumgum&tc=1
Request Chain 153
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=23&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=23&gdpr=0&gdpr_consent= HTTP 302
  • https://loadm.exelator.com/load/?p=204&g=700&j=r&buid=6f65fdf1-a4f8-42a2-81b5-e0ef4f88da37-6086c9cc-4348&ru=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%26partner_device_id%3D6f65fdf1-a4f8-42a2-81b5-e0ef4f88da37-6086c9cc-4348%26partner_url%3Dhttps%253A%252F%252Fce.lijit.com%252Fmerge%253Fpid%253D16%25263pid%253D6f65fdf1-a4f8-42a2-81b5-e0ef4f88da37-6086c9cc-4348%2526gdpr%253D0%2526gdpr_consent%253D HTTP 302
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=6f65fdf1-a4f8-42a2-81b5-e0ef4f88da37-6086c9cc-4348&partner_url=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D16%263pid%3D6f65fdf1-a4f8-42a2-81b5-e0ef4f88da37-6086c9cc-4348%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://pixel.tapad.com/idsync/ex/push/check?partner_id=2499&partner_device_id=6f65fdf1-a4f8-42a2-81b5-e0ef4f88da37-6086c9cc-4348&partner_url=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D16%263pid%3D6f65fdf1-a4f8-42a2-81b5-e0ef4f88da37-6086c9cc-4348%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://ce.lijit.com/merge?pid=16&3pid=6f65fdf1-a4f8-42a2-81b5-e0ef4f88da37-6086c9cc-4348&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=16&3pid=6f65fdf1-a4f8-42a2-81b5-e0ef4f88da37-6086c9cc-4348&gdpr=0&gdpr_consent=&dnr=1
Request Chain 154
  • https://p.rfihub.com/cm?in=1&pub=1827&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=10&3pid=1871597494574732225
Request Chain 155
  • https://match.prod.bidr.io/cookie-sync/svr?gdpr=0&gdpr_consent= HTTP 303
  • https://match.prod.bidr.io/cookie-sync/svr?gdpr=0&gdpr_consent=&_bee_ppp=1 HTTP 303
  • https://ce.lijit.com/merge?pid=85&3pid=AAB_OU7BDZQAAClXIymwfA&gdpr=0
Request Chain 157
  • https://aorta.clickagy.com/pixel.gif?ch=185&cm=ee7142df8572b096e9192f1b&redir=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D84%263pid%3D%7Bvisitor_id%7D&gdpr=0&gdpr_consent= HTTP 302
  • https://ce.lijit.com/merge?pid=84&3pid=c:d5ac9bc0c9bcc03f34ac847e4ba7f3ed HTTP 302
  • https://ce.lijit.com/merge?pid=84&3pid=c%3Ad5ac9bc0c9bcc03f34ac847e4ba7f3ed&dnr=1
Request Chain 160
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=2841471244553776416
Request Chain 161
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6955468561135171725
Request Chain 162
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent= HTTP 303
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=?_bee_ppp=1 HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFFMTEwN0JEWlFBQUNtdFdSUFZwQQ&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 303
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAB_OU7BDZQAAClXIymwfA&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpp%252Cpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2%26userid%3DSMART_USER_ID HTTP 302
  • https://match.prod.bidr.io/cookie-sync?bee_sync_partners=pp%2Cpm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=2&userid=441748330147803784 HTTP 303
  • https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AAB_OU7BDZQAAClXIymwfA&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fuserid%3D441748330147803784%26bee_sync_partners%3Dpm%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?userid=441748330147803784&bee_sync_partners=pm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=3&ev=AAB_OU7BDZQAAClXIymwfA&pid=558502&do=add HTTP 303
  • https://match.prod.bidr.io/cookie-sync?userid=441748330147803784&bee_sync_partners=pm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=3&ev=AAB_OU7BDZQAAClXIymwfA&pid=558502&do=add&_bee_ppp=1 HTTP 303
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AACmq07BDZQAAClHFfwJxQ
Request Chain 165
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=F8l-1s9DSl6CqZdOeDDt-A%3D%3D HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Request Chain 167
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=17C97ED6-CF43-4A5E-82A9-974E7830EDF8&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=17C97ED6-CF43-4A5E-82A9-974E7830EDF8&sInitiator=external&gdpr=0&gdpr_consent=
Request Chain 168
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=17C97ED6-CF43-4A5E-82A9-974E7830EDF8&gdpr= HTTP 302
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=17C97ED6-CF43-4A5E-82A9-974E7830EDF8&gdpr=&fbounce=1 HTTP 302
  • https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=17C97ED6-CF43-4A5E-82A9-974E7830EDF8&addseg=31
Request Chain 169
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:9ae26086-c9cc-4800-a295-033ec29e3c98&gdpr=0&gdpr_consent=
Request Chain 170
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=6937288142388169623
Request Chain 171
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEHCbxuhMzJGu8BU51c8qego&google_cver=1
Request Chain 172
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=22e8710e-efc3-413a-8807-132412f14609
Request Chain 173
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=991921832087954775&gdpr=0&gdpr_consent=
Request Chain 175
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=17C97ED6-CF43-4A5E-82A9-974E7830EDF8&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-2saE6UhE2uU8sySvdS1LpVWjiOenvGI-~A&gdpr=0&gdpr_consent=
Request Chain 176
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.srv.stackadapt.com/sync?nid=50&gdpr=0&gdpr_consent=&gdpr_pd=&ssp=pubmatic HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=188&user_id=sZUjfAaKQsp-6-lA_607Tbmcr2s&user_group=1&ssp=pubmatic&gdpr=0 HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?dsp_id=188&user_id=sZUjfAaKQsp-6-lA_607Tbmcr2s&user_group=1&ssp=pubmatic&gdpr=0 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=ed047fc7-8116-4fd2-83bd-7e8ac31bf307&gdpr=0&gdpr_consent=&gdpr_pd=
Request Chain 177
  • https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=dGIZaSFrQj5vaxdqcmMMPHNgEWdvMUM9JzSuTXrI
Request Chain 178
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2855734592565697297&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 179
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D&_test=YIbJzAAAd6pFQgAC
Request Chain 180
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:af50982c-3d74-459d-8f9b-eb4ca9e9fd0e&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Request Chain 181
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=3&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=6f65fdf1-a4f8-42a2-81b5-e0ef4f88da37-6086c9cc-4348&gdpr=0&gdpr_consent=
Request Chain 298
  • https://sb.scorecardresearch.com/c2/6035443/cs.js HTTP 302
  • https://sb.scorecardresearch.com/internal-c2/default/cs.js

300 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.paradisepost.com/
Redirect Chain
  • http://paradisepost.com/
  • https://paradisepost.com/
  • https://www.paradisepost.com/
221 KB
43 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.paradisepost.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.2 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx / WordPress VIP <https://wpvip.com>
Resource Hash
cf31830057da0b3efe36ef3ac5b39701403ae14fb45b1abc4c6b863b8feaec8a
Security Headers
Name Value
Content-Security-Policy default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: data: blob:; media-src blob: data: https:; object-src https:; child-src https: data: blob:; upgrade-insecure-requests; block-all-mixed-content;
Strict-Transport-Security max-age=31536000;includeSubdomains

Request headers

:method
GET
:authority
www.paradisepost.com
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

server
nginx
date
Mon, 26 Apr 2021 14:10:17 GMT
content-type
text/html; charset=UTF-8
content-length
43982
content-security-policy
default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: data: blob:; media-src blob: data: https:; object-src https:; child-src https: data: blob:; upgrade-insecure-requests; block-all-mixed-content;
x-hacker
If you're reading this, you should visit wpvip.com/careers and apply to join the fun, mention this header.
x-powered-by
WordPress VIP <https://wpvip.com>
host-header
a9130478a60e5f9135f765b23f26593b
link
<https://www.paradisepost.com/wp-json/>; rel="https://api.w.org/" <https://wp.me/9XEuD>; rel=shortlink
content-encoding
gzip
x-rq
hhn1 112 118 3086
cache-control
max-age=300, must-revalidate
age
1629
x-cache
hit
vary
Accept-Encoding
accept-ranges
bytes
strict-transport-security
max-age=31536000;includeSubdomains

Redirect headers

server
nginx
date
Mon, 26 Apr 2021 14:10:16 GMT
content-type
text/html; charset=UTF-8
content-length
0
content-security-policy
default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: data: blob:; media-src blob: data: https:; object-src https:; child-src https: data: blob:; upgrade-insecure-requests; block-all-mixed-content;
x-hacker
If you're reading this, you should visit wpvip.com/careers and apply to join the fun, mention this header.
x-powered-by
WordPress VIP <https://wpvip.com>
host-header
a9130478a60e5f9135f765b23f26593b
x-redirect-by
WordPress
location
https://www.paradisepost.com/
x-rq
hhn1 116 213 3191
cache-control
max-age=300, must-revalidate
age
0
x-cache
miss
strict-transport-security
max-age=31536000;includeSubdomains
/
www.paradisepost.com/_static/ 		59 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.paradisepost.com/_static/??-eJxljtEOwjAIRX/IDmfi4osxfkpHiRJpuxQWs7+XuAedPsHlcjnAcwpYi1ExmGS+cVFQNgpbEVtMrDRVNVCLxgiobmIjKl3m0rncgR/jgjIn0rfvGYNRKj6C8NhiWzy9CG0Sv3gfOU9Jlq/2bxuFvYQ8fz5tCNekEFXJVn6uIwuFmO6kXEtY4e5c8rkf+tNxf+j74QWEQ2Dy
Requested by
Host: www.paradisepost.com
URL: https://www.paradisepost.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.2 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
029aa2098a58aa0ff6a1a2e8111c724cee41e8304b11d3148a602347556b7620
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;includeSubdomains

Request headers

:path
/_static/??-eJxljtEOwjAIRX/IDmfi4osxfkpHiRJpuxQWs7+XuAedPsHlcjnAcwpYi1ExmGS+cVFQNgpbEVtMrDRVNVCLxgiobmIjKl3m0rncgR/jgjIn0rfvGYNRKj6C8NhiWzy9CG0Sv3gfOU9Jlq/2bxuFvYQ8fz5tCNekEFXJVn6uIwuFmO6kXEtY4e5c8rkf+tNxf+j74QWEQ2Dy
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
www.paradisepost.com
referer
https://www.paradisepost.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.paradisepost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Apr 2021 14:10:17 GMT
content-encoding
gzip
x-rq
hhn1 112 118 3086
last-modified
Thu, 15 Apr 2021 15:55:16 GMT
server
nginx
age
310887
vary
Accept-Encoding
x-cache
hit
content-type
text/css;charset=utf-8
cache-control
max-age=31536000
strict-transport-security
max-age=31536000;includeSubdomains
accept-ranges
bytes
content-length
9462
css
fonts.googleapis.com/ 		2 KB
535 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Droid+Sans%3A400%2C700%7CDroid+Serif%3A400%2C400i%2C700%2C700i&ver=5.7.1
Requested by
Host: www.paradisepost.com
URL: https://www.paradisepost.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
21ce91794ae3eb67c07244a144b7f75e2e9454148e7dc0ffe6bd0f521a41b893
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Origin
https://www.paradisepost.com
Referer
https://www.paradisepost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 26 Apr 2021 13:56:19 GMT
server
ESF
date
Mon, 26 Apr 2021 14:10:17 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 26 Apr 2021 14:10:17 GMT
/
www.paradisepost.com/_static/ 		77 KB
14 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.paradisepost.com/_static/??-eJyFjEsKgDAMBS9kjEVodSGeRWqQaj+BpIi3Vxeu3b2BmYcngy9ZKSumChzrFrLgTsqLP2BsLaay1kiCZ1g3UkEtDFzkWaJXpNaLNPh/82gfv8mcJmONM72zQ3cDHngv3Q==
Requested by
Host: www.paradisepost.com
URL: https://www.paradisepost.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.2 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
010cec8aaebdb8d5d22d730acad82d4d249089bfc24f34c76a0c45778875cc85
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;includeSubdomains

Request headers

:path
/_static/??-eJyFjEsKgDAMBS9kjEVodSGeRWqQaj+BpIi3Vxeu3b2BmYcngy9ZKSumChzrFrLgTsqLP2BsLaay1kiCZ1g3UkEtDFzkWaJXpNaLNPh/82gfv8mcJmONM72zQ3cDHngv3Q==
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
www.paradisepost.com
referer
https://www.paradisepost.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.paradisepost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Apr 2021 14:10:17 GMT
content-encoding
gzip
x-rq
hhn1 116 213 3191
last-modified
Tue, 30 Mar 2021 20:54:47 GMT
server
nginx
age
139000
vary
Accept-Encoding
x-cache
hit
content-type
text/css;charset=utf-8
cache-control
max-age=31536000
strict-transport-security
max-age=31536000;includeSubdomains
accept-ranges
bytes
content-length
14296
sso-tools.min.js
www.paradisepost.com/wp-content/client-mu-plugins/src/SSO/assets/js/ 		4 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paradisepost.com/wp-content/client-mu-plugins/src/SSO/assets/js/sso-tools.min.js?m=1615228944g
Requested by
Host: www.paradisepost.com
URL: https://www.paradisepost.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.2 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
0a6f418772b2d45638bebd596b47e399eb71474e6a28f1f51f96e3d08a36a793
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;includeSubdomains

Request headers

:path
/wp-content/client-mu-plugins/src/SSO/assets/js/sso-tools.min.js?m=1615228944g
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.paradisepost.com
referer
https://www.paradisepost.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.paradisepost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Apr 2021 14:10:17 GMT
content-encoding
gzip
x-rq
hhn1 112 118 3223
last-modified
Mon, 08 Mar 2021 18:42:24 GMT
server
nginx
age
4209768
etag
W/"60467010-fd3"
vary
Accept-Encoding
x-cache
hit
content-type
application/x-javascript
cache-control
max-age=31536000
strict-transport-security
max-age=31536000;includeSubdomains
accept-ranges
bytes
content-length
978
expires
Tue, 26 Apr 2022 14:10:17 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.5.1/ 		87 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js?ver=3.5.1
Requested by
Host: www.paradisepost.com
URL: https://www.paradisepost.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.paradisepost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Apr 2021 06:40:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
26999
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31021
x-xss-protection
0
last-modified
Fri, 08 May 2020 07:05:03 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 26 Apr 2022 06:40:18 GMT
loader.min.js
www.paradisepost.com/wp-content/plugins/loader-wp/static/ 		16 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paradisepost.com/wp-content/plugins/loader-wp/static/loader.min.js?ver=1.0.6.3
Requested by
Host: www.paradisepost.com
URL: https://www.paradisepost.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.2 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
80fcbd06bbf276b74b41aa77405ffd52243587afb254d1efa88027c33fbba932
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;includeSubdomains

Request headers

:path
/wp-content/plugins/loader-wp/static/loader.min.js?ver=1.0.6.3
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.paradisepost.com
referer
https://www.paradisepost.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.paradisepost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Apr 2021 14:10:17 GMT
content-encoding
gzip
x-rq
hhn1 116 213 3143
last-modified
Tue, 16 Feb 2021 09:01:50 GMT
server
nginx
age
5208444
etag
W/"602b89fe-3e4a"
vary
Accept-Encoding
x-cache
hit
content-type
application/x-javascript
cache-control
max-age=31536000
strict-transport-security
max-age=31536000;includeSubdomains
accept-ranges
bytes
content-length
5483
expires
Tue, 26 Apr 2022 14:10:17 GMT
/
www.paradisepost.com/_static/ 		8 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paradisepost.com/_static/??-eJzTLy/QTc7PK0nNK9EvyClNz8wr1k9M0c1JrEwtKtbPQuLopqQV6GUV6+gTrQOo2j7X1tDM0NjEzMzI0DwLAKwCJrw=
Requested by
Host: www.paradisepost.com
URL: https://www.paradisepost.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.2 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
486e7061a989cf1c6834390c0fdc9a8d181f9179efe68fe8c35c254ff2d49de6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;includeSubdomains

Request headers

:path
/_static/??-eJzTLy/QTc7PK0nNK9EvyClNz8wr1k9M0c1JrEwtKtbPQuLopqQV6GUV6+gTrQOo2j7X1tDM0NjEzMzI0DwLAKwCJrw=
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.paradisepost.com
referer
https://www.paradisepost.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.paradisepost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Apr 2021 14:10:17 GMT
content-encoding
gzip
x-rq
hhn1 116 213 3191
last-modified
Tue, 16 Feb 2021 09:01:50 GMT
server
nginx
age
310887
vary
Accept-Encoding
x-cache
hit
content-type
application/javascript
cache-control
max-age=31536000
strict-transport-security
max-age=31536000;includeSubdomains
accept-ranges
bytes
content-length
2421
osano.js
cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/ 		392 KB
97 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js
Requested by
Host: www.paradisepost.com
URL: https://www.paradisepost.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20c8:4c00:3:b7e:8940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
b4b17f5413b0e3f27cd18f38bc9b6958edc70736c8f67bc27a93059b970a9740
Security Headers
Name Value
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection mode=block

Request headers

Referer
https://www.paradisepost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Apr 2021 00:25:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
CloudFront
age
49513
x-frame-options
SAMEORIGIN
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
via
1.1 89229acad212ad74c20ccd0ac96a8cbe.cloudfront.net (CloudFront)
cache-control
public, max-age=86400, s-maxage=86400, must-revalidate, proxy-revalidate, no-transform
x-amz-cf-pop
MAD50-C1
strict-transport-security
max-age=2592000
content-length
99243
x-xss-protection
mode=block
x-amz-cf-id
NLwNtUDyPRP-p7RKD-PoZCDs115AyK8rTDGOsudpZCtmSvyJ-JnPXg==
MG2Widget-newsletterwidget-nojquery.min.js
prodmg2.blob.core.windows.net/newsletterwidget/mng/dfm/ 		110 KB
111 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://prodmg2.blob.core.windows.net/newsletterwidget/mng/dfm/MG2Widget-newsletterwidget-nojquery.min.js
Requested by
Host: www.paradisepost.com
URL: https://www.paradisepost.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.82.152.48 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
2ecf69d9fb8539e9f6d4e044f126b8fd00e83ff6c8444bc8fda1e11403e50ba7

Request headers

Referer
https://www.paradisepost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Mon, 26 Apr 2021 14:10:16 GMT
Last-Modified
Thu, 12 Apr 2018 08:56:48 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
B+XdhqRpOdmGctTBzubJpg==
ETag
0x8D5A053538677F7
Content-Type
application/javascript
Access-Control-Allow-Origin
*
x-ms-request-id
d33e1275-401e-0007-3da5-3ad0fa000000
Access-Control-Expose-Headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version
2009-09-19
Content-Length
112680
measuredvibrant.css
www.paradisepost.com/wp-content/themes/assets/static/css/ 		376 KB
57 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.paradisepost.com/wp-content/themes/assets/static/css/measuredvibrant.css
Requested by
Host: www.paradisepost.com
URL: https://www.paradisepost.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.2 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
c10c054c23045b355c4bd2ab6093da6436a4b32f3ec4a9221ec4e53241e1563e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;includeSubdomains

Request headers

:path
/wp-content/themes/assets/static/css/measuredvibrant.css
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
www.paradisepost.com
referer
https://www.paradisepost.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.paradisepost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Apr 2021 14:10:17 GMT
content-encoding
gzip
x-rq
hhn1 116 213 3167
last-modified
Wed, 14 Apr 2021 18:17:21 GMT
server
nginx
age
1019416
etag
W/"607731b1-5deee"
vary
Accept-Encoding
x-cache
hit
content-type
text/css
cache-control
max-age=31536000
strict-transport-security
max-age=31536000;includeSubdomains
accept-ranges
bytes
content-length
58604
expires
Tue, 26 Apr 2022 14:10:17 GMT
wp-emoji-release.min.js
www.paradisepost.com/wp-includes/js/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paradisepost.com/wp-includes/js/wp-emoji-release.min.js?ver=5.7.1
Requested by
Host: www.paradisepost.com
URL: https://www.paradisepost.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.2 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
0c5f584d1ea2c3313dc8c55824c2a572d3cf2eae87c5ca62a58e598aec9ddb5c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;includeSubdomains

Request headers

:path
/wp-includes/js/wp-emoji-release.min.js?ver=5.7.1
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.paradisepost.com
referer
https://www.paradisepost.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.paradisepost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Apr 2021 14:10:17 GMT
content-encoding
gzip
x-rq
hhn1 116 213 3191
last-modified
Thu, 15 Apr 2021 15:55:26 GMT
server
nginx
age
317383
etag
W/"607861ee-3795"
vary
Accept-Encoding
x-cache
hit
content-type
application/javascript
cache-control
max-age=31536000
strict-transport-security
max-age=31536000;includeSubdomains
accept-ranges
bytes
content-length
4712
expires
Tue, 26 Apr 2022 14:10:17 GMT
185707-192819229389900.js
js-sec.indexww.com/ht/p/ 		144 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/ht/p/185707-192819229389900.js
Requested by
Host: www.paradisepost.com
URL: https://www.paradisepost.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.20.241 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-20-241.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
faab9d4ff1966bc569deffa5a21463f6dbebd9c7d0da9db341f986e06e67cb86

Request headers

Referer
https://www.paradisepost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 26 Apr 2021 14:10:18 GMT
Content-Encoding
gzip
Last-Modified
Mon, 26 Apr 2021 14:06:50 GMT
Server
Apache
ETag
"da4c4e-2414c-5c0e0a8325672"
Vary
Accept-Encoding
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=3600
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
text/javascript
Content-Length
40448
Expires
Mon, 26 Apr 2021 15:10:18 GMT
gpt.js
www.googletagservices.com/tag/js/ 		62 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: www.paradisepost.com
URL: https://www.paradisepost.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2bd87606287ca15f713a40bebb5853a144dae7ddbc579705ed200485fccfa028
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.paradisepost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Apr 2021 14:10:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"853 / 769 of 1000 / last-modified: 1619435394"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21096
x-xss-protection
0
expires
Mon, 26 Apr 2021 14:10:17 GMT
par_main.svg
www.paradisepost.com/wp-content/uploads/2018/05/ 		7 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.paradisepost.com/wp-content/uploads/2018/05/par_main.svg
Requested by
Host: www.paradisepost.com
URL: https://www.paradisepost.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.2 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
31dd1a76f5ec8720d05064e40c40498a3b72c9973c476702b74fe2acf6840ce6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;includeSubdomains

Request headers

:path
/wp-content/uploads/2018/05/par_main.svg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.paradisepost.com
referer
https://www.paradisepost.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.paradisepost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Apr 2021 14:10:17 GMT
content-encoding
gzip
x-rq
hhn1 109 88 443
last-modified
Thu, 24 May 2018 19:13:37 GMT
server
nginx
etag
W/"bce5e4308d4febd2"
vary
Accept-Encoding
x-cache
HIT
content-type
image/svg+xml
cache-control
max-age=2592000
strict-transport-security
max-age=31536000;includeSubdomains
expires
Thu, 09 Dec 2021 09:40:07 GMT
paradise-site-icon-1.png
www.paradisepost.com/wp-content/uploads/2018/05/ 		259 KB
260 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.paradisepost.com/wp-content/uploads/2018/05/paradise-site-icon-1.png
Requested by
Host: www.paradisepost.com
URL: https://www.paradisepost.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.2 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
38037d8118d3c1c0064223db4065030d7eb1de0492a3b247a6c2025d2bf88579
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;includeSubdomains

Request headers

:path
/wp-content/uploads/2018/05/paradise-site-icon-1.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.paradisepost.com
referer
https://www.paradisepost.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.paradisepost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Apr 2021 14:10:17 GMT
x-rq
hhn1 109 83 443
last-modified
Thu, 31 May 2018 17:49:41 GMT
server
nginx
etag
"074e3949b8261379"
strict-transport-security
max-age=31536000;includeSubdomains
x-cache
HIT
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
content-length
265586
expires
Thu, 09 Dec 2021 12:06:37 GMT
ai.0.js
az416426.vo.msecnd.net/scripts/a/ 		94 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Requested by
Host: www.paradisepost.com
URL: https://www.paradisepost.com/wp-content/plugins/loader-wp/static/loader.min.js?ver=1.0.6.3
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/8FA5) /
Resource Hash
5201c813c37a4168cc5c20c701d4391fd0a55625f97eb9f263a74fb52b52fd0e

Request headers

Referer
https://www.paradisepost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 26 Apr 2021 14:10:17 GMT
content-encoding
gzip
x-ms-meta-lastmodified
2020-10-01 19:31:04
content-md5
HdY95yzx9wIyQkVEGES+Ew==
age
148
x-cache
HIT
content-length
22495
x-ms-lease-status
unlocked
last-modified
Thu, 11 Mar 2021 07:46:59 GMT
server
ECAcc (frc/8FA5)
etag
0x8D8E461DA1A5889
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
7be4715c-c01e-004a-59a5-3a4bfa000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=1800
x-ms-version
2009-09-19
expires
Mon, 26 Apr 2021 14:40:17 GMT
polyfill.min.js
polyfill.io/v3/ 		72 B
554 B 		Script
General
Check archive.org
Download Go to
Full URL
https://polyfill.io/v3/polyfill.min.js?flags=gated&features=es5%2CCustomEvent%2CArray.from%2CArray.isArray%2CArray.prototype.filter%2CArray.prototype.find%2CArray.prototype.findIndex%2CArray.prototype.forEach%2CArray.prototype.indexOf%2CArray.prototype.keys%2CArray.prototype.lastIndexOf%2CArray.prototype.map%2CArray.prototype.reduce%2CDate.prototype.toISOString%2CDocumentFragment%2CDocumentFragment.prototype.append%2CDocumentFragment.prototype.prepend%2CElement%2CElement.prototype.after%2CElement.prototype.append%2CElement.prototype.before%2CElement.prototype.classList%2CElement.prototype.cloneNode%2CElement.prototype.closest%2CElement.prototype.dataset%2CElement.prototype.matches%2CElement.prototype.placeholder%2CElement.prototype.prepend%2CElement.prototype.remove%2CElement.prototype.replaceWith%2CElement.prototype.toggleAttribute%2CEvent%2CJSON%2CMap%2CNumber.parseInt%2CNumber.parseFloat%2CObject.assign%2CObject.create%2CObject.defineProperties%2CObject.defineProperty%2CObject.entries%2CObject.getOwnPropertyDescriptor%2CObject.getOwnPropertyNames%2CObject.is%2CObject.keys%2CObject.values%2CPromise%2CPromise.prototype.finally%2CSet%2CString.prototype.trim%2CXMLHttpRequest%2Cdocument.getElementsByClassName%2Cdocument.currentScript%2Cdocument.querySelector%2Cfetch%2CgetComputedStyle%2ClocalStorage%2CArray.prototype.some%2CDate.now%2CEvent.focusin%2CEventSource%2CFunction.prototype.bind%2CFunction.prototype.name%2CHTMLDocument%2CNodeList.prototype.forEach%2CNodeList.prototype.%40%40iterator%2CNode.prototype.contains%2CObject.getPrototypeOf%2CObject.setPrototypeOf%2CRegExp.prototype.flags%2CString.prototype.%40%40iterator%2CString.prototype.startsWith%2Cconsole%2Cconsole.debug%2Cconsole.error%2Cconsole.info%2Cconsole.log%2Cdocument%2Cdocument.head%2Cdocument.visibilityState%2Clocation.origin%2CrequestIdleCallback%2Cscreen.orientation%2CmatchMedia%2CURL
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js?ver=3.5.1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:200::621 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
aaecd144d2b8763b2fa5c91f09778294363cef363c10504205f4203922644d11
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.paradisepost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubdomains; preload
content-encoding
br
x-content-type-options
nosniff
content-type
text/javascript; charset=utf-8
age
4785068
detected-user-agent
Chrome/89.0.4389
server-timing
HIT, fastly;desc="Edge time";dur=0, HIT, fastly;desc="Edge time";dur=1
content-length
74
referrer-policy
origin-when-cross-origin
last-modified
Mon, 01 Mar 2021 19:22:10 GMT
date
Mon, 26 Apr 2021 14:10:17 GMT
vary
User-Agent, Accept-Encoding
access-control-allow-methods
GET,HEAD,OPTIONS
normalized-user-agent
chrome/89.0.0
access-control-allow-origin
*
cache-control
public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800
accept-ranges
bytes
timing-allow-origin
*
/
www.paradisepost.com/_static/ 		18 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paradisepost.com/_static/??-eJyNy1sKgCAQAMALlYsV0k90ljCrlXUVH0WePoIO0O/AwBVa7TkbzhCo7MgJwuGz5w2J4DS8+ggBdS7RvCQcsrCpgV+RlnonrCZ9bXaTVLIflOrkaB/pDi6j
Requested by
Host: www.paradisepost.com
URL: https://www.paradisepost.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.2 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
4d5f2c09a690b52d4d5aacf685ce7e137ef476f335b705223373f6a986bcb287
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;includeSubdomains

Request headers

:path
/_static/??-eJyNy1sKgCAQAMALlYsV0k90ljCrlXUVH0WePoIO0O/AwBVa7TkbzhCo7MgJwuGz5w2J4DS8+ggBdS7RvCQcsrCpgV+RlnonrCZ9bXaTVLIflOrkaB/pDi6j
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.paradisepost.com
referer
https://www.paradisepost.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.paradisepost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Apr 2021 14:10:17 GMT
content-encoding
gzip
x-rq
hhn1 112 118 3086
last-modified
Tue, 16 Feb 2021 09:03:38 GMT
server
nginx
age
310887
vary
Accept-Encoding
x-cache
hit
content-type
application/javascript
cache-control
max-age=31536000
strict-transport-security
max-age=31536000;includeSubdomains
accept-ranges
bytes
content-length
7899
ads.js
www.paradisepost.com/wp-content/themes/wp-mason/static/js/ 		87 B
187 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paradisepost.com/wp-content/themes/wp-mason/static/js/ads.js?ver=1.0
Requested by
Host: www.paradisepost.com
URL: https://www.paradisepost.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.2 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
b36d838681171ab6906d3206d2fd6cc17a7a7a5867213c7595fe0865aeb9e969
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;includeSubdomains

Request headers

:path
/wp-content/themes/wp-mason/static/js/ads.js?ver=1.0
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.paradisepost.com
referer
https://www.paradisepost.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.paradisepost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Apr 2021 14:10:17 GMT
x-rq
hhn1 114 53 3157
last-modified
Fri, 18 Sep 2020 18:17:53 GMT
server
nginx
age
14848558
etag
"5f64f9d1-57"
strict-transport-security
max-age=31536000;includeSubdomains
x-cache
hit
content-type
application/x-javascript
cache-control
max-age=31536000
accept-ranges
bytes
content-length
87
expires
Tue, 26 Apr 2022 14:10:17 GMT
/
www.paradisepost.com/_static/ 		98 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paradisepost.com/_static/??-eJyVy0sOgkAMANAL6TQQ/GyMZyljkRn7IbRovL0uWLgyun3Jg8e0zaZBGhAjCTmgO4WDB0bJUB2yiZimPC56S1I0Vd/AD28yfg6F2f9JQujLTJd76WfU+FLfIuimH/nK1iOv5yynZt8cu7Zrd4f6AmkgVno=
Requested by
Host: www.paradisepost.com
URL: https://www.paradisepost.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.2 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
b66576908c480f132e7a86373b7b188d62d4d59381463ed2e879284b08f25099
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;includeSubdomains

Request headers

:path
/_static/??-eJyVy0sOgkAMANAL6TQQ/GyMZyljkRn7IbRovL0uWLgyun3Jg8e0zaZBGhAjCTmgO4WDB0bJUB2yiZimPC56S1I0Vd/AD28yfg6F2f9JQujLTJd76WfU+FLfIuimH/nK1iOv5yynZt8cu7Zrd4f6AmkgVno=
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.paradisepost.com
referer
https://www.paradisepost.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.paradisepost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Apr 2021 14:10:17 GMT
content-encoding
gzip
x-rq
hhn1 116 213 3191
last-modified
Wed, 14 Apr 2021 18:17:21 GMT
server
nginx
age
310887
vary
Accept-Encoding
x-cache
hit
content-type
application/javascript
cache-control
max-age=31536000
strict-transport-security
max-age=31536000;includeSubdomains
accept-ranges
bytes
content-length
28634
load.js
s.ntv.io/serve/ 		353 KB
103 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.ntv.io/serve/load.js
Requested by
Host: www.paradisepost.com
URL: https://www.paradisepost.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.21.59 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-21-59.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
1550346cc4acb90924ac38fd0a7157a20e8750c2df0fa0cfab411980c9bc1cfe

Request headers

Referer
https://www.paradisepost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 26 Apr 2021 14:10:17 GMT
Content-Encoding
gzip
x-amz-request-id
5BE94SRWFAVGV6KN
x-amz-server-side-encryption
AES256
Transfer-Encoding
chunked
Connection
keep-alive, Transfer-Encoding
x-amz-id-2
UHZ1M7Ew2kMfC0OOdUcDgpivU6fMYEDCTASgK41blK6kjlk4fUQ8DjDXNIAFTEux8/fej9hjTrc=
Last-Modified
Tue, 13 Apr 2021 17:19:57 GMT
Server
AmazonS3
ETag
"4330b9a8c8acd8b7385eb09575a0f098"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=3600
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
embed.js
c.go-fet.ch/a/ 		174 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.go-fet.ch/a/embed.js?ver=1.0.0
Requested by
Host: www.paradisepost.com
URL: https://www.paradisepost.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:ba00:c:2267:880:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1253a35ae227bc3a277ee86c6fc21068468e8eab706ac80e7ca915f0cde67e05

Request headers

Referer
https://www.paradisepost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Apr 2021 14:10:09 GMT
content-encoding
gzip
last-modified
Tue, 30 Mar 2021 15:54:56 GMT
server
AmazonS3
age
9
etag
W/"17b5e0ed97f322ab9a184c219fe06d55"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 bab8148a65b29113f79cf2725076287d.cloudfront.net (CloudFront)
cache-control
public,max-age=900
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
4hyngzbEKf8H9c0kkAYwIzbm_VeSiZD1C9T_uAncSmu2A_z6lCB1SA==
wp-embed.min.js
www.paradisepost.com/wp-includes/js/ 		1 KB
855 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paradisepost.com/wp-includes/js/wp-embed.min.js?m=1618502119g
Requested by
Host: www.paradisepost.com
URL: https://www.paradisepost.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.2 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;includeSubdomains

Request headers

:path
/wp-includes/js/wp-embed.min.js?m=1618502119g
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.paradisepost.com
referer
https://www.paradisepost.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.paradisepost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Apr 2021 14:10:17 GMT
content-encoding
gzip
x-rq
hhn1 116 213 3191
last-modified
Thu, 15 Apr 2021 15:55:26 GMT
server
nginx
age
310393
etag
W/"607861ee-592"
vary
Accept-Encoding
x-cache
hit
content-type
application/javascript
cache-control
max-age=31536000
strict-transport-security
max-age=31536000;includeSubdomains
accept-ranges
bytes
content-length
765
expires
Tue, 26 Apr 2022 14:10:17 GMT
e-202117.js
stats.wp.com/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stats.wp.com/e-202117.js
Requested by
Host: www.paradisepost.com
URL: https://www.paradisepost.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.76.3 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
0ebbc7fba9a50d36ef5422345f624431710db4528f25749d1d438c2c10bb69f2

Request headers

Referer
https://www.paradisepost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc
HIT hhn
date
Mon, 26 Apr 2021 14:10:17 GMT
content-encoding
gzip
server
nginx
etag
W/"5c6340e3-350a"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
expires
Sun, 17 Apr 2022 18:54:34 GMT
apstag.js
c.amazon-adsystem.com/aax2/ 		119 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: www.paradisepost.com
URL: https://www.paradisepost.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.105.229 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-105-229.mad50.r.cloudfront.net
Software
Server /
Resource Hash
9e5a3984c873d9f7009795b85f0d9bfa38e8f9dddc2309d83556aea4d7ee41a0

Request headers

Referer
https://www.paradisepost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
FUA623DCjlDRvcvJxerHmi4TRUp1BV44
content-encoding
gzip
server
Server
age
212
etag
433bd8b9aebf928ab8f51e43abc531d2
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 adaa7e69b304066aa4eaf0d2190ecfd7.cloudfront.net (CloudFront)
cache-control
public, max-age=900
date
Mon, 26 Apr 2021 14:06:44 GMT
x-amz-cf-pop
MAD50-C1
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
TaMPmUJ3hCWokPwInPrPN4LGz5P0TRndpjb10hNVKAFHXSJ9Ix9zyw==
gtm.js
www.googletagmanager.com/ 		403 KB
75 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-TLFP4R
Requested by
Host: www.paradisepost.com
URL: https://www.paradisepost.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
6967192a69d417179111951f090ee56a970267ee45495965d9e9822e9922e352
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.paradisepost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Apr 2021 14:10:17 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
76644
x-xss-protection
0
last-modified
Mon, 26 Apr 2021 12:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 26 Apr 2021 14:10:17 GMT
truncated
/ 		9 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
182abb62bdb40059dbda691bf6631cf6b471499a85971a5fd04832453d7b4141

Request headers

Origin
https://www.paradisepost.com
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
font/truetype
pubads_impl_2021042001.js
securepubads.g.doubleclick.net/gpt/ 		301 KB
106 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042001.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
sffe /
Resource Hash
a2aca9aa200ad3e4dd9afcd27fd2bd5b272a5d297e9f85d708394857ca6a1ffe
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.paradisepost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Apr 2021 14:10:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 20 Apr 2021 08:40:14 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
107961
x-xss-protection
0
expires
Mon, 26 Apr 2021 14:10:17 GMT
loader-config.json
loader-cdn.azureedge.net/prod/dfm/ 		1011 B
842 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://loader-cdn.azureedge.net/prod/dfm/loader-config.json?_=1619446217146
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js?ver=3.5.1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/8F1B) /
Resource Hash
96b34914f736b96f184920bea4cf3b30a7b76583c51bf1e9caf2add39705bffd

Request headers

Accept
*/*
Referer
https://www.paradisepost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 26 Apr 2021 14:10:18 GMT
content-encoding
gzip
content-md5
i1fC4Ue5p2n4u48t1IbEIQ==
age
14139
x-cache
HIT
content-length
465
x-ms-lease-status
unlocked
last-modified
Thu, 22 Apr 2021 10:13:01 GMT
server
ECAcc (frc/8F1B)
etag
0x8D905773626BB80
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
4d19c72a-f01e-00d9-6684-3a8053000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control
max-age=43200
x-ms-version
2009-09-19
p.js
d1z2jf7jlzjs58.cloudfront.net/ 		930 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d1z2jf7jlzjs58.cloudfront.net/p.js
Requested by
Host: www.paradisepost.com
URL: https://www.paradisepost.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.224.118.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-118-93.mad50.r.cloudfront.net
Software
nginx /
Resource Hash
62f586be8571b23584eb4a60a45a3157ff7c8388b1b1e3b4e8890e243b3e47de

Request headers

Referer
https://www.paradisepost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
public
Date
Sun, 25 Apr 2021 18:20:09 GMT
Via
1.1 5aa1be24b1cf8e3c10252fabac41cc27.cloudfront.net (CloudFront)
Connection
keep-alive
Last-Modified
Wed, 06 May 2020 20:19:48 GMT
Server
nginx
Age
71409
ETag
"5eb31be4-3a2"
X-Cache
Hit from cloudfront
Content-Type
application/x-javascript
Cache-Control
max-age=86400, public
X-Amz-Cf-Pop
MAD50-C1
Content-Length
930
X-Amz-Cf-Id
Y68fZRTQQ3OTMwuEL4m3WhNoL4TRajTeF8qwJo-nRhCOLZw2qMlK7g==
Expires
Mon, 26 Apr 2021 18:20:09 GMT
common.chunk.min.js
www.paradisepost.com/wp-content/themes/assets/static/js/ 		42 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paradisepost.com/wp-content/themes/assets/static/js/common.chunk.min.js
Requested by
Host: www.paradisepost.com
URL: https://www.paradisepost.com/_static/??-eJyVy0sOgkAMANAL6TQQ/GyMZyljkRn7IbRovL0uWLgyun3Jg8e0zaZBGhAjCTmgO4WDB0bJUB2yiZimPC56S1I0Vd/AD28yfg6F2f9JQujLTJd76WfU+FLfIuimH/nK1iOv5yynZt8cu7Zrd4f6AmkgVno=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.2 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
dbae94cba2ba3d07d6ae6e79a7c60c4efc36deb442e193ab18e0fd0cd4d97eef
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;includeSubdomains

Request headers

:path
/wp-content/themes/assets/static/js/common.chunk.min.js
pragma
no-cache
cookie
ai_user=JAQql|2021-04-26T14:10:18.012Z
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.paradisepost.com
referer
https://www.paradisepost.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.paradisepost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Apr 2021 14:10:18 GMT
content-encoding
gzip
x-rq
hhn1 112 118 3263
last-modified
Wed, 14 Apr 2021 18:17:37 GMT
server
nginx
age
1019414
etag
W/"607731c1-a62f"
vary
Accept-Encoding
x-cache
hit
content-type
application/javascript
cache-control
max-age=31536000
strict-transport-security
max-age=31536000;includeSubdomains
accept-ranges
bytes
content-length
10587
expires
Tue, 26 Apr 2022 14:10:18 GMT
common-async.chunk.min.js
www.paradisepost.com/wp-content/themes/assets/static/js/ 		56 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paradisepost.com/wp-content/themes/assets/static/js/common-async.chunk.min.js
Requested by
Host: www.paradisepost.com
URL: https://www.paradisepost.com/_static/??-eJyVy0sOgkAMANAL6TQQ/GyMZyljkRn7IbRovL0uWLgyun3Jg8e0zaZBGhAjCTmgO4WDB0bJUB2yiZimPC56S1I0Vd/AD28yfg6F2f9JQujLTJd76WfU+FLfIuimH/nK1iOv5yynZt8cu7Zrd4f6AmkgVno=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.2 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1ea03e7bb14df931f8a649756cffe9465c815aa0efc23acce14b50e21c3d20ad
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;includeSubdomains

Request headers

:path
/wp-content/themes/assets/static/js/common-async.chunk.min.js
pragma
no-cache
cookie
ai_user=JAQql|2021-04-26T14:10:18.012Z
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.paradisepost.com
referer
https://www.paradisepost.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.paradisepost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Apr 2021 14:10:18 GMT
content-encoding
gzip
x-rq
hhn1 116 213 3167
last-modified
Wed, 14 Apr 2021 18:17:21 GMT
server
nginx
age
1019414
etag
W/"607731b1-e145"
vary
Accept-Encoding
x-cache
hit
content-type
application/javascript
cache-control
max-age=31536000
strict-transport-security
max-age=31536000;includeSubdomains
accept-ranges
bytes
content-length
8564
expires
Tue, 26 Apr 2022 14:10:18 GMT
measuredvibrant-async.chunk.min.js
www.paradisepost.com/wp-content/themes/assets/static/js/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.paradisepost.com/wp-content/themes/assets/static/js/measuredvibrant-async.chunk.min.js
Requested by
Host: www.paradisepost.com
URL: https://www.paradisepost.com/_static/??-eJyVy0sOgkAMANAL6TQQ/GyMZyljkRn7IbRovL0uWLgyun3Jg8e0zaZBGhAjCTmgO4WDB0bJUB2yiZimPC56S1I0Vd/AD28yfg6F2f9JQujLTJd76WfU+FLfIuimH/nK1iOv5yynZt8cu7Zrd4f6AmkgVno=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.2 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
d97acd5a71c23ea92d5a2f220e770b523e5ad7bc119f95f581126f9d43be747c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;includeSubdomains

Request headers

:path
/wp-content/themes/assets/static/js/measuredvibrant-async.chunk.min.js
pragma
no-cache
cookie
ai_user=JAQql|2021-04-26T14:10:18.012Z
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.paradisepost.com
referer
https://www.paradisepost.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.paradisepost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Apr 2021 14:10:18 GMT
content-encoding
gzip
x-rq
hhn1 116 213 3167
last-modified
Wed, 14 Apr 2021 18:17:21 GMT
server
nginx
age
1019414
etag
W/"607731b1-ac2"
vary
Accept-Encoding
x-cache
hit
content-type
application/javascript
cache-control
max-age=31536000
strict-transport-security
max-age=31536000;includeSubdomains
accept-ranges
bytes
content-length
1219
expires
Tue, 26 Apr 2022 14:10:18 GMT
analytics.js
www.google-analytics.com/ 		48 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TLFP4R
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.paradisepost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 09 Apr 2021 23:59:54 GMT
server
Golfe2
age
1785
date
Mon, 26 Apr 2021 13:40:33 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19569
expires
Mon, 26 Apr 2021 15:40:33 GMT
quant.js
secure.quantserve.com/ 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TLFP4R
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:5a23:9c4e:e774:96c1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
8000d797097e74bfff377d2f3fca7e046ee4490ea4edb70c2c0b189575847629

Request headers

Referer
https://www.paradisepost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Apr 2021 14:10:18 GMT
content-encoding
gzip
etag
"9iaPKZLFg6XYoMRMhilE8g=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
expires
Mon, 03 May 2021 14:10:18 GMT
fbevents.js
connect.facebook.net/en_US/ 		92 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.paradisepost.com
URL: https://www.paradisepost.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
0ae5ed57dc48abbee125d5f915e37110c9f2bb6a95d1aa5ccf3c141f8fe10db3
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.paradisepost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
23961
x-fb-rlafr
0
pragma
public
x-fb-debug
zcl3TeOFJHVm01Yj4qta3MJVKPa33rCYWsa5M8/f4wPGpKSKWfe6R0Jr3kU4XGzhAa4lLgUVRKO22dYdCsx0uw==
x-fb-trip-id
2052514463
x-frame-options
DENY
date
Mon, 26 Apr 2021 14:10:18 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
dm.js
tag.durationmedia.net/pubs/1000032/ 		24 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tag.durationmedia.net/pubs/1000032/dm.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TLFP4R
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:4800:10:ce97:9fc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
fdf2977c4059ef04b96a95516683080b5638115ff47f5c850babff2c3d8719ee

Request headers

Referer
https://www.paradisepost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
OGx9Ks9Yo4GlDO7KK.DejbMd.iVCvVNb
content-encoding
gzip
last-modified
Tue, 09 Mar 2021 17:45:24 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C2
etag
"c051080b81c02655d16d2ded325fab9c"
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 c7015d60d4f8f2170aaaa75e69e40618.cloudfront.net (CloudFront)
cache-control
public,max-age=900
date
Mon, 26 Apr 2021 14:10:18 GMT
accept-ranges
bytes
content-length
7815
x-amz-cf-id
M0ILGgwOwiqXd5QGcqFTraebc-Gcf7mDpTHousVO_WWvriMNqP7S3Q==
gtm.js
www.googletagmanager.com/ 		104 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-KM8CCP2
Requested by
Host: www.paradisepost.com
URL: https://www.paradisepost.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
89a26a60c0fe43b553479ea36bc41866e2b75cc5f2a1d2d18a985f61ce163277
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.paradisepost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Apr 2021 14:10:18 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35246
x-xss-protection
0
last-modified
Mon, 26 Apr 2021 12:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 26 Apr 2021 14:10:18 GMT
paradisepost.com.json
c.go-fet.ch/hosts/ 		2 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c.go-fet.ch/hosts/paradisepost.com.json
Requested by
Host: c.go-fet.ch
URL: https://c.go-fet.ch/a/embed.js?ver=1.0.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:ba00:c:2267:880:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e01acf3607440e825503bef9c16ac5ffa41fe711378fcf80ea78acec22560f95

Request headers

Referer
https://www.paradisepost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Apr 2021 14:10:19 GMT
content-encoding
gzip
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-pop
FRA50-C1
x-cache
RefreshHit from cloudfront
content-length
701
access-control-allow-origin
*
last-modified
Wed, 27 Jan 2021 04:06:48 GMT
server
AmazonS3
etag
"438fbbbd34d0ba7bb9ded707ada5cb3e"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/json; charset=utf-8
via
1.1 f6c241b75ae7d21ac836339454ab90b8.cloudfront.net (CloudFront)
cache-control
public, max-age=300
x-amz-cf-id
Lfd8s2xiIo5o0pQuMBNt_dsaxMduN5uCtyCsPYKAb4ASyHVZNpzeQg==
36451134aae62f94c914fc6f9363406d.json
c.go-fet.ch/j/ 		24 KB
5 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c.go-fet.ch/j/36451134aae62f94c914fc6f9363406d.json
Requested by
Host: c.go-fet.ch
URL: https://c.go-fet.ch/a/embed.js?ver=1.0.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:ba00:c:2267:880:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a0d34e030e53272f6e5c18a509df3f0700f47a4c4b6f111c8fea8c870f11f481

Request headers

Referer
https://www.paradisepost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Apr 2021 14:10:19 GMT
content-encoding
gzip
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-pop
FRA50-C1
x-cache
RefreshHit from cloudfront
content-length
4571
access-control-allow-origin
*
last-modified
Sat, 24 Apr 2021 01:08:21 GMT
server
AmazonS3
etag
"cae7711791f38b8cc29466f357588139"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/json; charset=utf-8
via
1.1 f6c241b75ae7d21ac836339454ab90b8.cloudfront.net (CloudFront)
cache-control
public, max-age=300
x-amz-cf-id
AX-tGgz-vrO3wGyV3Tz61ME_6hV-qfxrbZ4IKkGjhLGBpzCUyBR5ug==
b2
sb.scorecardresearch.com/
Redirect Chain
  • https://sb.scorecardresearch.com/b?c1=2&c2=6035443&ns__t=1619446218124&ns_c=UTF-8&c8=Paradisepost.com%20covers%20local%20news%20in%20Paradise%2C%20California.%20Keep%20up%20with%20all%20business%2C...
  • https://sb.scorecardresearch.com/b2?c1=2&c2=6035443&ns__t=1619446218124&ns_c=UTF-8&c8=Paradisepost.com%20covers%20local%20news%20in%20Paradise%2C%20California.%20Keep%20up%20with%20all%20business%2...
64 B
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b2?c1=2&c2=6035443&ns__t=1619446218124&ns_c=UTF-8&c8=Paradisepost.com%20covers%20local%20news%20in%20Paradise%2C%20California.%20Keep%20up%20with%20all%20business%2C%20wildfire%20recovery%2C%20local%20sports%2C%20outdoors%2C%20local%20columnists%20and%20more.&c7=https%3A%2F%2Fwww.paradisepost.com%2F&c9=
Requested by
Host: www.paradisepost.com
URL: https://www.paradisepost.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.111.48 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-111-48.mad50.r.cloudfront.net
Software
/
Resource Hash
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd

Request headers

Referer
https://www.paradisepost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Apr 2021 14:10:18 GMT
via
1.1 4debdaa39c21a3212350a638102f8b06.cloudfront.net (CloudFront)
x-amz-cf-pop
MAD50-C1
etag
W/"40-jHLN3x5dWpBzaQm4lkBmDWvrjrg"
x-cache
Miss from cloudfront
content-type
image/gif; charset=utf-8
content-length
64
x-amz-cf-id
o_VUW2pmCgTjjaSSxwNlUwgZK7lzlQeEnCxLHa1O0bZRajjeLsET0g==

Redirect headers

date
Mon, 26 Apr 2021 14:10:18 GMT
via
1.1 4debdaa39c21a3212350a638102f8b06.cloudfront.net (CloudFront)
x-amz-cf-pop
MAD50-C1
vary
Accept
x-cache
Miss from cloudfront
content-type
text/plain; charset=utf-8
location
https://sb.scorecardresearch.com/b2?c1=2&c2=6035443&ns__t=1619446218124&ns_c=UTF-8&c8=Paradisepost.com%20covers%20local%20news%20in%20Paradise%2C%20California.%20Keep%20up%20with%20all%20business%2C%20wildfire%20recovery%2C%20local%20sports%2C%20outdoors%2C%20local%20columnists%20and%20more.&c7=https%3A%2F%2Fwww.paradisepost.com%2F&c9=
content-length
359
x-amz-cf-id
BbvaRgpOw6AaD60J-_ZOJeXrpvFAm289WxgQaRFcnL5hyrxJYATurw==
g.gif
pixel.wp.com/ 		50 B
115 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.wp.com/g.gif?v=ext&j=1%3A9.6.1&blog=147204035&post=0&tz=-7&srv=www.paradisepost.com&host=www.paradisepost.com&ref=&fcp=1215&rand=0.5351072522180027
Requested by
Host: www.paradisepost.com
URL: https://www.paradisepost.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.76.3 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

Referer
https://www.paradisepost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Apr 2021 14:10:18 GMT
cache-control
no-cache
server
nginx
content-length
50
content-type
image/gif
bid
c.amazon-adsystem.com/e/dtb/ 		163 B
535 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=3391&u=https%3A%2F%2Fwww.paradisepost.com%2F&pid=ErPRKe60kY0at&cb=0&ws=1600x1200&v=7.61.00&t=2000&slots=%5B%7B%22sd%22%3A%22div-gpt-ad-SBB%22%2C%22s%22%3A%5B%22970x30%22%2C%22970x250%22%5D%7D%2C%7B%22sd%22%3A%22div-gpt-ad-interstitial%22%2C%22s%22%3A%5B%221x1%22%5D%7D%2C%7B%22sd%22%3A%22div-gpt-ad-top_leaderboard%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x90%22%2C%22970x250%22%2C%22970x30%22%2C%22300x50%22%2C%22320x50%22%2C%22320x100%22%5D%7D%2C%7B%22sd%22%3A%22div-gpt-ad-Cube1_RRail_ATF%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%2C%22300x1050%22%2C%22160x600%22%5D%7D%2C%7B%22sd%22%3A%22div-gpt-ad-Cube2_RRail_mid%22%2C%22s%22%3A%5B%22300x250%22%5D%7D%2C%7B%22sd%22%3A%22div-gpt-ad-Cube3_RRail_lower%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%5D%7D%2C%7B%22sd%22%3A%22div-gpt-ad-Cube3b_Flex%22%2C%22s%22%3A%5B%22300x250%22%5D%7D%2C%7B%22sd%22%3A%22div-gpt-ad-Cube4_BottomLine%22%2C%22s%22%3A%5B%22300x250%22%5D%7D%2C%7B%22sd%22%3A%22div-gpt-ad-Cube_Article%22%2C%22s%22%3A%5B%22300x250%22%5D%7D%2C%7B%22sd%22%3A%22div-gpt-ad-bottom_leaderboard%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x90%22%2C%22970x250%22%2C%22320x50%22%2C%22320x100%22%5D%7D%2C%7B%22sd%22%3A%22div-gpt-ad-Sponsorship_1%22%2C%22s%22%3A%5B%22300x50%22%5D%7D%2C%7B%22sd%22%3A%22div-gpt-ad-Sponsorship_2%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x90%22%2C%22970x250%22%2C%22300x50%22%2C%22320x50%22%2C%22320x100%22%5D%7D%2C%7B%22sd%22%3A%22div-gpt-ad-Sponsorship_3%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x90%22%2C%22970x250%22%2C%22300x50%22%2C%22320x50%22%2C%22320x100%22%5D%7D%2C%7B%22sd%22%3A%22div-gpt-ad-Sponsorship_4%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x90%22%2C%22970x250%22%2C%22300x50%22%2C%22320x50%22%2C%22320x100%22%5D%7D%2C%7B%22sd%22%3A%22div-gpt-ad-mobile_adhesion%22%2C%22s%22%3A%5B%22300x50%22%2C%22320x50%22%2C%22728x90%22%5D%7D%5D&cfgv=0&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.105.229 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-105-229.mad50.r.cloudfront.net
Software
Server /
Resource Hash
100569fe3497039fb8d8301073f143d31de2dd8db6987c2b337a659a7f2221f5

Request headers

Referer
https://www.paradisepost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Apr 2021 14:10:18 GMT
content-encoding
gzip
server
Server
x-amz-cf-pop
MAD50-C1
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.paradisepost.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
155
via
1.1 adaa7e69b304066aa4eaf0d2190ecfd7.cloudfront.net (CloudFront)
x-amz-cf-id
0b3Xuhd6dx-AYKuFqwUVmcv8jmPwQ7GzJ1bVrrKvK7QLqCi36y7lVQ==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.105.229 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-105-229.mad50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Referer
https://www.paradisepost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Apr 2021 00:49:29 GMT
content-encoding
gzip
vary
Accept-Encoding,Origin
age
48050
x-cache
Hit from cloudfront
access-control-allow-origin
*
last-modified
Wed, 07 Apr 2021 05:49:36 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
x-amz-version-id
eEYYOb32LZFr6yGAi8hXG4401uAIPew2
via
1.1 58b3f95ba15f0e866891905b1de9d2c7.cloudfront.net (CloudFront)
cache-control
public, max-age=86400
x-amz-cf-pop
MAD50-C1
content-type
application/javascript
x-amz-cf-id
VSWJp_9eBM8K9sXhnh_qima1n82C3AU5RXtWziFCBqLB1Q3N0jWuCA==
t
jadserve.postrelease.com/ 		97 B
636 B 		Script
General
Check archive.org
Download Go to
Full URL
https://jadserve.postrelease.com/t?ntv_url=https%3A%2F%2Fwww.paradisepost.com%2F&ntv_mvi
Requested by
Host: s.ntv.io
URL: https://s.ntv.io/serve/load.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.57.61.22 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-57-61-22.us-west-1.compute.amazonaws.com
Software
nginx/1.12.1 /
Resource Hash
5de79bd33c164a62fe3389aeef0af2f54b82e7f8ba5fd7d0721f8080823babcb

Request headers

Referer
https://www.paradisepost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 26 Apr 2021 14:10:18 GMT
content-encoding
gzip
server
nginx/1.12.1
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
text/javascript;charset=UTF-8
content-length
108
expires
Mon, 1 Jan 1990 12:00:00 GMT
PARADE1-01-1.jpg
www.paradisepost.com/wp-content/uploads/2021/04/ 		74 KB
74 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.paradisepost.com/wp-content/uploads/2021/04/PARADE1-01-1.jpg?w=525
Requested by
Host: www.paradisepost.com
URL: https://www.paradisepost.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.2 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
7249a52eec7a50f4601741f063ae94f1bac54517b4eac07a6638d9b7b057ba5e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;includeSubdomains

Request headers

:path
/wp-content/uploads/2021/04/PARADE1-01-1.jpg?w=525
pragma
no-cache
cookie
ai_user=JAQql|2021-04-26T14:10:18.012Z; ntvSession={}
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.paradisepost.com
referer
https://www.paradisepost.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.paradisepost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Apr 2021 14:10:18 GMT
x-rq
hhn1 109 140 443
last-modified
Mon, 26 Apr 2021 10:27:22 GMT
server
nginx
etag
"f11b1f2b0648a610"
vary
Accept
x-cache
HIT
content-type
image/webp
cache-control
max-age=2592000
strict-transport-security
max-age=31536000;includeSubdomains
accept-ranges
bytes
content-length
75770
expires
Tue, 26 Apr 2022 10:27:22 GMT
CAPSULE-02.jpg
www.paradisepost.com/wp-content/uploads/2021/04/ 		31 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.paradisepost.com/wp-content/uploads/2021/04/CAPSULE-02.jpg?w=287
Requested by
Host: www.paradisepost.com
URL: https://www.paradisepost.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.2 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
b90bba0eebc4a9f2c58d1ac4b6d262ee4025542361263fe4d4f8cb3c168e6291
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;includeSubdomains

Request headers

:path
/wp-content/uploads/2021/04/CAPSULE-02.jpg?w=287
pragma
no-cache
cookie
ai_user=JAQql|2021-04-26T14:10:18.012Z; ntvSession={}
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.paradisepost.com
referer
https://www.paradisepost.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.paradisepost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Apr 2021 14:10:18 GMT
x-rq
hhn1 109 88 443
last-modified
Mon, 26 Apr 2021 12:14:11 GMT
server
nginx
etag
"9c2fcfdf870c7189"
vary
Accept
x-cache
HIT
content-type
image/webp
cache-control
max-age=2592000
strict-transport-security
max-age=31536000;includeSubdomains
accept-ranges
bytes
content-length
31970
expires
Tue, 26 Apr 2022 12:14:11 GMT
GROCERY-01.jpg
www.paradisepost.com/wp-content/uploads/2021/04/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.paradisepost.com/wp-content/uploads/2021/04/GROCERY-01.jpg?w=199
Requested by
Host: www.paradisepost.com
URL: https://www.paradisepost.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.2 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ae6f867129da1933a4a784eb6b333bbd963b3765f777580a6426037501300d37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;includeSubdomains

Request headers

:path
/wp-content/uploads/2021/04/GROCERY-01.jpg?w=199
pragma
no-cache
cookie
ai_user=JAQql|2021-04-26T14:10:18.012Z; ntvSession={}
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.paradisepost.com
referer
https://www.paradisepost.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.paradisepost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Apr 2021 14:10:18 GMT
x-rq
hhn1 109 142 443
last-modified
Mon, 26 Apr 2021 12:14:11 GMT
server
nginx
etag
"35e7999b14a56500"
vary
Accept
x-cache
HIT
content-type
image/webp
cache-control
max-age=2592000
strict-transport-security
max-age=31536000;includeSubdomains
accept-ranges
bytes
content-length
15190
expires
Tue, 26 Apr 2022 12:14:11 GMT
p.js
cdn.parsely.com/keys/paradisepost.com/ 		50 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.parsely.com/keys/paradisepost.com/p.js
Requested by
Host: d1z2jf7jlzjs58.cloudfront.net
URL: https://d1z2jf7jlzjs58.cloudfront.net/p.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.112.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-112-38.mad50.r.cloudfront.net
Software
nginx /
Resource Hash
0a881b8b814334490d0becf963a30456256fb315b555e11b37119722f0f98576

Request headers

Referer
https://www.paradisepost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
public
date
Mon, 26 Apr 2021 14:10:18 GMT
content-encoding
gzip
last-modified
Tue, 16 Feb 2021 16:32:33 GMT
server
nginx
x-amz-cf-pop
MAD50-C1
etag
W/"602bf3a1-c8ba"
x-cache
Miss from cloudfront
content-type
application/x-javascript
via
1.1 5aa1be24b1cf8e3c10252fabac41cc27.cloudfront.net (CloudFront)
cache-control
max-age=86400, public
x-amz-cf-id
07TxV7GLuI96el8sNn8eC15LS0J0_EF1ktI-G4_h1Vo5HbIXcxuFkQ==
expires
Tue, 27 Apr 2021 14:10:18 GMT
rules-p-4ctCQwtnNBNs2.js
rules.quantcount.com/ 		3 B
438 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-4ctCQwtnNBNs2.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20c8:dc00:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

Referer
https://www.paradisepost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Apr 2021 09:09:41 GMT
via
1.1 9bac09758c086d613f2c0a80dd66c7a6.cloudfront.net (CloudFront)
age
18038
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
3
last-modified
Sat, 04 Mar 2017 19:57:14 GMT
server
AmazonS3
etag
"8a80554c91d9fca8acb82f023de02f11"
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=86400
x-amz-cf-pop
MAD50-C1
accept-ranges
bytes
x-amz-cf-id
ZkU0skNDpYIyCRcqFQ0easAryZt-Px6sliGIqC-8EV0AlxpDHeYcyQ==
linkid.js
www.google-analytics.com/plugins/ua/ 		2 KB
883 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/plugins/ua/linkid.js
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.paradisepost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Apr 2021 13:37:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
age
1943
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
859
x-xss-protection
0
expires
Mon, 26 Apr 2021 14:37:55 GMT
publishertag.js
static.criteo.net/js/ld/ 		114 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.js
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/185707-192819229389900.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
59883dc82297de1d8ff485a115678ff6e56102eb1fc170c9808737535f6f8070

Request headers

Referer
https://www.paradisepost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Apr 2021 14:10:18 GMT
content-encoding
gzip
last-modified
Thu, 18 Mar 2021 09:52:29 GMT
server
nginx
etag
W/"605322dd-1c9d1"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
timing-allow-origin
*
expires
Tue, 27 Apr 2021 14:10:18 GMT
identity
api.rlcdn.com/api/ 		0
224 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.rlcdn.com/api/identity?pid=2&rt=envelope
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/185707-192819229389900.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.133.55 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
55.133.120.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.paradisepost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Mon, 26 Apr 2021 14:10:18 GMT
via
1.1 google
alt-svc
clear
access-control-allow-methods
GET, OPTIONS
access-control-allow-origin
https://www.paradisepost.com
access-control-allow-credentials
true
access-control-allow-headers
Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With
content-length
0
rid
match.adsrvr.org/track/ 		109 B
545 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=casale&fmt=json&p=185707
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/185707-192819229389900.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.210.202.173 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-202-173.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6ac6511d2decc1b1308c6aafc1bf148049ddd462cb6bed43154237fe49c1f6f6

Request headers

Referer
https://www.paradisepost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Mon, 26 Apr 2021 14:10:18 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.paradisepost.com
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
109
expires
Wed, 26 May 2021 14:10:18 GMT
fp.min.js
fp-cdn.azureedge.net/prod/dfm/ 		59 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fp-cdn.azureedge.net/prod/dfm/fp.min.js?
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js?ver=3.5.1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/8F4C) /
Resource Hash
9d7ae5b7196c72a8c09f3a766e06e61b2ef1d6192076016838b479136435b678

Request headers

Referer
https://www.paradisepost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 26 Apr 2021 14:10:18 GMT
content-encoding
gzip
content-md5
I+TRQO5bVyRNfhz04pv14Q==
age
17727
x-cache
HIT
content-length
19745
x-ms-lease-status
unlocked
last-modified
Thu, 24 Dec 2020 08:54:59 GMT
server
ECAcc (frc/8F4C)
etag
0x8D8A7E997F32F60
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
27d5765b-d01e-00c5-557c-3a5844000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control
max-age=43200
x-ms-version
2009-09-19
g2i.min.js
g2insights-cdn.azureedge.net/prod/dfm/ 		1 MB
217 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://g2insights-cdn.azureedge.net/prod/dfm/g2i.min.js?
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js?ver=3.5.1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/8F49) /
Resource Hash
a7193b4a580e14658a91dd634cc0ef32ebccae115e311886a993b5e07ca5102d

Request headers

Referer
https://www.paradisepost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 26 Apr 2021 14:10:18 GMT
content-encoding
gzip
content-md5
MEV0XK+iSrlNTVyliS0EpQ==
age
3017
x-cache
HIT
content-length
221901
x-ms-lease-status
unlocked
last-modified
Tue, 29 Dec 2020 13:55:30 GMT
server
ECAcc (frc/8F49)
etag
0x8D8AC0167971F78
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
c0dec0ba-a01e-0024-349e-3abf31000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control
max-age=43200
x-ms-version
2009-09-19
t8y9347t.min.js
cdn.ayc0zsm69431gfebd.xyz/prod/dfm/ 		559 KB
118 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ayc0zsm69431gfebd.xyz/prod/dfm/t8y9347t.min.js?
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js?ver=3.5.1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/8FC9) /
Resource Hash
e4cb92545debc096ddbad5c1b5aabc2d81619b50a13ae3e4553c7856bf48533b

Request headers

Referer
https://www.paradisepost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 26 Apr 2021 14:10:18 GMT
content-encoding
gzip
content-md5
YCP0LFp1TeQG+VR1A6wQBQ==
age
38027
x-cache
HIT
content-length
119954
x-ms-lease-status
unlocked
last-modified
Thu, 22 Apr 2021 09:08:48 GMT
server
ECAcc (frc/8FC9)
etag
0x8D9056E3D3EEAAD
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
4734a8b2-701e-0129-434d-3a1668000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control
max-age=43200
x-ms-version
2009-09-19
collect
www.google-analytics.com/j/ 		2 B
30 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j90&a=902071955&t=pageview&_s=1&dl=https%3A%2F%2Fwww.paradisepost.com%2F&dr=&dp=%2F&ul=en-us&de=UTF-8&dt=Paradisepost.com%20covers%20local%20news%20in%20Paradise%2C%20California.%20Keep%20up%20with%20all%20business%2C%20wildfire%20recovery%2C%20local%20sports%2C%20outdoors%2C%20local%20columnists%20and%20more.&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGBAAEAjAAAAAC~&jid=1713706294&gjid=860714330&cid=1956689672.1619446218&tid=UA-61435456-17&_gid=147070304.1619446218&_r=1&gtm=2wg4e1TLFP4R&cd2=paradisepost.com&cd3=paradisepost.com&cd9=no&cd10=home&cd11=5.7.1&cd12=&cd13=WP&cd14=Home&cd15=&cd16=&cd17=&cd18=&cd19=&cd21=https%3A%2F%2Fwww.paradisepost.com%2F&cd24=home&cd25=NORCAL&cd27=Home&cd28=https%3A%2F%2Fwww.paradisepost.com%2F&cd29=Home&cd30=&cd32=p-4ctCQwtnNBNs2&cd33=NorthernCalifornia&cd34=true&cd35=Paradise%20Post%2C%20Paradise%20News%2C%20Paradise%20Sports%2C%20Camp%20Fire%20Recovery&cd50=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F89.0.4389.72%20Safari%2F537.36&cd51=&cd53=1956689672.1619446218&z=1536465392
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.paradisepost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 26 Apr 2021 14:10:18 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.paradisepost.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		1 B
29 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j90&a=902071955&t=pageview&_s=1&dl=https%3A%2F%2Fwww.paradisepost.com%2F&ul=en-us&de=UTF-8&dt=Paradisepost.com%20covers%20local%20news%20in%20Paradise%2C%20California.%20Keep%20up%20with%20all%20business%2C%20wildfire%20recovery%2C%20local%20sports%2C%20outdoors%2C%20local%20columnists%20and%20more.&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDACEAjBAAAAC~&jid=50146472&gjid=1638669948&cid=1956689672.1619446218&tid=UA-111452396-3&_gid=147070304.1619446218&_r=1&gtm=2wg4e1KM8CCP2&z=1444085775
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.paradisepost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 26 Apr 2021 14:10:18 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.paradisepost.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		1 B
29 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j90&a=902071955&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.paradisepost.com%2F&ul=en-us&de=UTF-8&dt=Paradisepost.com%20covers%20local%20news%20in%20Paradise%2C%20California.%20Keep%20up%20with%20all%20business%2C%20wildfire%20recovery%2C%20local%20sports%2C%20outdoors%2C%20local%20columnists%20and%20more.&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=DML&ea=Version&el=20210329-pathed-headers-1-g79d2644_prod_master&_u=aGDACEAjBAAAAC~&jid=465476382&gjid=1674284271&cid=1956689672.1619446218&tid=UA-111452396-5&_gid=147070304.1619446218&_r=1&gtm=2wg4e1KM8CCP2&z=413499074
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.paradisepost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 26 Apr 2021 14:10:18 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.paradisepost.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
dm.js
tag.durationmedia.net/sites/10529/ 		87 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tag.durationmedia.net/sites/10529/dm.js
Requested by
Host: tag.durationmedia.net
URL: https://tag.durationmedia.net/pubs/1000032/dm.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:4800:10:ce97:9fc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5cd0adb8711d3fef54741106b94d1803915aad414f554f5606d8c63b5d50edbb

Request headers

Referer
https://www.paradisepost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
MNRsZHtUxpuuDGyAzmdBxOz53o1OkrLz
content-encoding
gzip
last-modified
Mon, 22 Mar 2021 15:15:19 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C2
etag
"16485d3077a6946876effcbf18fe1849"
x-cache
RefreshHit from cloudfront
content-type
application/javascript
via
1.1 c7015d60d4f8f2170aaaa75e69e40618.cloudfront.net (CloudFront)
cache-control
public,max-age=900
date
Mon, 26 Apr 2021 14:10:19 GMT
accept-ranges
bytes
content-length
24395
x-amz-cf-id
1Q7fIvAvWxjAhSywoBDCiQiFLUDz74OYn9LWyYEur5GSzidWOxzAzQ==
collect
stats.g.doubleclick.net/j/ 		4 B
91 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j90&tid=UA-61435456-17&cid=1956689672.1619446218&jid=1713706294&gjid=860714330&_gid=147070304.1619446218&_u=aGBAAEAiAAAAAC~&z=197699261
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0c::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.paradisepost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Mon, 26 Apr 2021 14:10:18 GMT
content-type
text/plain
access-control-allow-origin
https://www.paradisepost.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel;r=77053007;labels=NorthernCalifornia;source=gtm;rf=0;a=p-4ctCQwtnNBNs2;url=https%3A%2F%2Fwww.paradisepost.com%2F;uh=65ce955d6ae6;uht=2;fpan=1;fpa=P0-1333079753-1619446218604;pbcn=u;pbc=;ns=0;...
pixel.quantserve.com/ 		35 B
371 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel;r=77053007;labels=NorthernCalifornia;source=gtm;rf=0;a=p-4ctCQwtnNBNs2;url=https%3A%2F%2Fwww.paradisepost.com%2F;uh=65ce955d6ae6;uht=2;fpan=1;fpa=P0-1333079753-1619446218604;pbcn=u;pbc=;ns=0;ce=1;qjs=1;qv=1558287b-20210421211215;cm=;gdpr=0;ref=;d=paradisepost.com;je=0;sr=1600x1200x24;dst=1;et=1619446218603;tzo=-120;ogl=type.website%2Ctitle.Paradise%20Post%2Cdescription.Paradise%20Post%3A%20Breaking%20News%252C%20Sports%252C%20Business%252C%20Entertainment%20and%20Paradise%20News%2Curl.https%3A%2F%2Fwww%252Eparadisepost%252Ecom%2F2021%2F04%2F26%2Fraiders-draft-top-5-bottom-5-draft-picks%2Csite_name.Paradise%20Post%2Cimage.https%3A%2F%2Fwww%252Eparadisepost%252Ecom%2Fwp-content%2Fuploads%2F2018%2F05%2Fparadise-site-icon-1%252Epng%2Cimage%3Awidth.512%2Cimage%3Aheight.512%2Clocale.en_US
Requested by
Host: www.paradisepost.com
URL: https://www.paradisepost.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:5a23:9c4e:e774:96c1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Referer
https://www.paradisepost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 26 Apr 2021 14:10:18 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
v2
8idf2m851i.execute-api.us-east-1.amazonaws.com/prod/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://8idf2m851i.execute-api.us-east-1.amazonaws.com/prod/v2
Protocol
H2
Server
13.224.193.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-193-104.fra2.r.cloudfront.net
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
PUT
Access-Control-Request-Headers
content-type
Origin
https://www.paradisepost.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

content-type
application/json
content-length
0
date
Mon, 26 Apr 2021 14:10:18 GMT
x-amzn-requestid
876c38a2-0ae4-4e8c-a6ad-d7fbd070d9ca
access-control-allow-origin
*
access-control-allow-headers
Authorization,Content-Type,X-Amz-Date,X-Amz-Security-Token,X-Api-Key
x-amz-apigw-id
eZR3sGwGIAMFRMw=
access-control-allow-methods
OPTIONS,PUT
x-cache
Miss from cloudfront
via
1.1 adb1b226e6965f6206603ba087bd4a0a.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C1
x-amz-cf-id
HPpiq2b7OSiH9dHjkp3_Vu0N5WCMtxu53-CMHc0zKjCcbCqix5Y2pQ==
v2
8idf2m851i.execute-api.us-east-1.amazonaws.com/prod/ 		257 B
623 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://8idf2m851i.execute-api.us-east-1.amazonaws.com/prod/v2
Requested by
Host: c.go-fet.ch
URL: https://c.go-fet.ch/a/embed.js?ver=1.0.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.193.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-193-104.fra2.r.cloudfront.net
Software
/
Resource Hash
a5b62c48b6fffd6c248a7c7b739c591139b62689d98df1dedec151338aa64b72

Request headers

Referer
https://www.paradisepost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 26 Apr 2021 14:10:19 GMT
via
1.1 adb1b226e6965f6206603ba087bd4a0a.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C1
x-amzn-requestid
747af2bb-f3ba-4e06-9b4e-368e085f7c8f
x-cache
Miss from cloudfront
content-type
application/json
access-control-allow-origin
*
x-amzn-trace-id
Root=1-6086c9ca-04deede47ef6cddf34a1140f;Sampled=0
x-amz-apigw-id
eZR3uHIhIAMFxlQ=
content-length
257
x-amz-cf-id
lmTvjr3bMFtuYgHmcQTP1f9dr8to2PNEJ_s6ZCQrmuNFZtDn0srLeA==
truncated
/ 		76 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1ad85dbee2475b4132a556bdbc445a036c823b935f20e42d64b24f72a9c9061f

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
collect
www.google-analytics.com/ 		35 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j90&a=902071955&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.paradisepost.com%2F&ul=en-us&de=UTF-8&dt=Paradisepost.com%20covers%20local%20news%20in%20Paradise%2C%20California.%20Keep%20up%20with%20all%20business%2C%20wildfire%20recovery%2C%20local%20sports%2C%20outdoors%2C%20local%20columnists%20and%20more.&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=PageStack&ea=Loaded&el=36451134aae62f94c914fc6f9363406d&_u=aGDACEAjBAAAAC~&jid=&gjid=&cid=1956689672.1619446218&tid=UA-111452396-3&_gid=147070304.1619446218&gtm=2wg4e1KM8CCP2&z=1693718916
Requested by
Host: www.paradisepost.com
URL: https://www.paradisepost.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.paradisepost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 26 Apr 2021 04:31:22 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
34736
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
119 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-61435456-17&cid=1956689672.1619446218&jid=1713706294&_u=aGBAAEAiAAAAAC~&z=1561268426
Requested by
Host: www.paradisepost.com
URL: https://www.paradisepost.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.paradisepost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 26 Apr 2021 14:10:18 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-61435456-17&cid=1956689672.1619446218&jid=1713706294&_u=aGBAAEAiAAAAAC~&z=1561268426
Requested by
Host: www.paradisepost.com
URL: https://www.paradisepost.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.paradisepost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 26 Apr 2021 14:10:18 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
t8y9347t.min.css
cdn.ayc0zsm69431gfebd.xyz/prod/dfm/ 		295 KB
28 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.ayc0zsm69431gfebd.xyz/prod/dfm/t8y9347t.min.css?
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js?ver=3.5.1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/8F69) /
Resource Hash
70c4634f438568a86bb98789e25bd251a5b979f0e1f68c57956f5c038f53a914

Request headers

Referer
https://www.paradisepost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 26 Apr 2021 14:10:18 GMT
content-encoding
gzip
content-md5
qePO0yKWifmYWvQdlK/DtQ==
age
38022
x-cache
HIT
content-length
28321
x-ms-lease-status
unlocked
last-modified
Thu, 22 Apr 2021 09:08:48 GMT
server
ECAcc (frc/8F69)
etag
0x8D9056E3D33EB71
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
x-ms-request-id
77b2c3b2-901e-00af-514d-3a04ef000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control
max-age=43200
x-ms-version
2009-09-19
cygnus
htlb.casalemedia.com/ 		66 B
730 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?v=7.2&s=212590&fn=headertag.IndexExchangeHtb.adResponseCallback&r=%7B%22id%22%3A75736942%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.paradisepost.com%2F%22%7D%2C%22imp%22%3A%5B%7B%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22sid%22%3A%2212%22%2C%22siteID%22%3A%22312957%22%7D%2C%22id%22%3A%221%22%7D%2C%7B%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22sid%22%3A%2213%22%2C%22siteID%22%3A%22312958%22%7D%2C%22id%22%3A%222%22%7D%2C%7B%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22sid%22%3A%2214%22%2C%22siteID%22%3A%22312959%22%7D%2C%22id%22%3A%223%22%7D%2C%7B%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22sid%22%3A%2225%22%2C%22siteID%22%3A%22312968%22%7D%2C%22id%22%3A%224%22%7D%2C%7B%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22sid%22%3A%2220%22%2C%22siteID%22%3A%22312966%22%7D%2C%22id%22%3A%225%22%7D%2C%7B%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22sid%22%3A%2215%22%2C%22siteID%22%3A%22312960%22%7D%2C%22id%22%3A%226%22%7D%2C%7B%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22sid%22%3A%226%22%2C%22siteID%22%3A%22312952%22%7D%2C%22id%22%3A%227%22%7D%2C%7B%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22sid%22%3A%223%22%2C%22siteID%22%3A%22312948%22%7D%2C%22id%22%3A%228%22%7D%2C%7B%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22sid%22%3A%224%22%2C%22siteID%22%3A%22312946%22%7D%2C%22id%22%3A%229%22%7D%2C%7B%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22sid%22%3A%225%22%2C%22siteID%22%3A%22312955%22%7D%2C%22id%22%3A%2210%22%7D%5D%2C%22ext%22%3A%7B%22source%22%3A%22ixwrapper%22%7D%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22adserver.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%2222e8710e-efc3-413a-8807-132412f14609%22%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22TDID%22%7D%7D%2C%7B%22id%22%3A%22FALSE%22%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22TDID_LOOKUP%22%7D%7D%2C%7B%22id%22%3A%222021-04-26T14%3A10%3A18%22%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22TDID_CREATED_AT%22%7D%7D%5D%7D%5D%7D%7D
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/185707-192819229389900.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.25.115.31 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-25-115-31.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
4829ce2a70747b09e2e47c17829e2eb30d33cfe497b60cef7a63841d8a13f8aa

Request headers

Referer
https://www.paradisepost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

pragma
no-cache
date
Mon, 26 Apr 2021 14:10:19 GMT
content-encoding
gzip
x-ak-initial-geo
CC:[CH], RC:[ZH], CN:[EU], CIP:[185.156.175.107], XFF:[]
server
Apache
vary
Is-Traffic-Invalid,Accept-Encoding
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
access-control-allow-origin
https://www.paradisepost.com
x-cs-client-geo
12
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-type
text/javascript
content-length
86
x-ak-client-geo
12
expires
Mon, 26 Apr 2021 14:10:19 GMT
translator
hbopenbid.pubmatic.com/ 		0
119 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=index-client
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/185707-192819229389900.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.paradisepost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.paradisepost.com
date
Mon, 26 Apr 2021 14:10:19 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
/
hb.emxdgt.com/ 		0
162 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.emxdgt.com/?t=1000&ts=1619446218890
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/185707-192819229389900.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.194.69.169 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-194-69-169.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.paradisepost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.paradisepost.com
date
Mon, 26 Apr 2021 14:10:18 GMT
cache-control
no-cache
access-control-allow-credentials
true
access-control-allow-headers
security, Content-Type
fastlane.json
fastlane.rubiconproject.com/a/api/ 		306 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=15594&size_id=2&rp_floor=0.01&rf=https%3A%2F%2Fwww.paradisepost.com%2F&p_screen_res=1600x1200&site_id=295202&zone_id=1488000&kw=rp.fastlane&tk_flint=index&rand=0.3374289696767381&alt_size_ids=57%2C55
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/185707-192819229389900.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
213.19.162.21 , United Kingdom, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
f3386882d46c2675b43bf521d081af97330d31ac35ecc5c8482d92ddb16e467e

Request headers

Referer
https://www.paradisepost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

Pragma
no-cache
Date
Mon, 26 Apr 2021 14:10:19 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.paradisepost.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Keep-Alive
timeout=5
Content-Length
306
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		283 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=15594&size_id=2&rp_floor=0.01&rf=https%3A%2F%2Fwww.paradisepost.com%2F&p_screen_res=1600x1200&site_id=295202&zone_id=1487852&kw=rp.fastlane&tk_flint=index&rand=0.031280460809243626
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/185707-192819229389900.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
213.19.162.21 , United Kingdom, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
c7119aedb14f1b026e4494afaab75853681099892d173c20338d54b940e67ca3

Request headers

Referer
https://www.paradisepost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

Pragma
no-cache
Date
Mon, 26 Apr 2021 14:10:19 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.paradisepost.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Keep-Alive
timeout=5
Content-Length
283
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		284 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=15594&size_id=15&rp_floor=0.01&rf=https%3A%2F%2Fwww.paradisepost.com%2F&p_screen_res=1600x1200&site_id=295202&zone_id=1487842&kw=rp.fastlane&tk_flint=index&rand=0.3379850719715527
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/185707-192819229389900.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
213.19.162.21 , United Kingdom, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
7f859957dbf1bb79caf09a3921834a29fafdb3a5f1924ae260ce4405bf1b735a

Request headers

Referer
https://www.paradisepost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

Pragma
no-cache
Date
Mon, 26 Apr 2021 14:10:19 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.paradisepost.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Keep-Alive
timeout=5
Content-Length
284
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		284 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=15594&size_id=15&rp_floor=0.01&rf=https%3A%2F%2Fwww.paradisepost.com%2F&p_screen_res=1600x1200&site_id=295202&zone_id=1488002&kw=rp.fastlane&tk_flint=index&rand=0.6420105768180993
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/185707-192819229389900.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
213.19.162.21 , United Kingdom, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
491862dbaffef0edb19176d5d9ff6f463f6b050ef94eba39c172ead124d7fd54

Request headers

Referer
https://www.paradisepost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

Pragma
no-cache
Date
Mon, 26 Apr 2021 14:10:19 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.paradisepost.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Keep-Alive
timeout=5
Content-Length
284
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		284 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=15594&size_id=15&rp_floor=0.01&rf=https%3A%2F%2Fwww.paradisepost.com%2F&p_screen_res=1600x1200&site_id=295202&zone_id=1487994&kw=rp.fastlane&tk_flint=index&rand=0.20266048040830853
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/185707-192819229389900.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
213.19.162.21 , United Kingdom, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
71b1f50e16713946214ff7be7e5bebbe47a7566efc5324caa81703115d8beaea

Request headers

Referer
https://www.paradisepost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

Pragma
no-cache
Date
Mon, 26 Apr 2021 14:10:19 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.paradisepost.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Keep-Alive
timeout=5
Content-Length
284
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		306 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=15594&size_id=2&rp_floor=0.01&rf=https%3A%2F%2Fwww.paradisepost.com%2F&p_screen_res=1600x1200&site_id=295202&zone_id=1487992&kw=rp.fastlane&tk_flint=index&rand=0.31434585197225084&alt_size_ids=57%2C55
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/185707-192819229389900.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
213.19.162.21 , United Kingdom, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
99f3c29fa33b7fa8ec84b85dd5d1274a7ee457ff32d16d781a924b973df362fd

Request headers

Referer
https://www.paradisepost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

Pragma
no-cache
Date
Mon, 26 Apr 2021 14:10:19 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.paradisepost.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Keep-Alive
timeout=5
Content-Length
306
Expires
Wed, 17 Sep 1975 21:32:10 GMT
auction
tlx.3lift.com/header/ 		19 B
479 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?inv_code=MediaNewsGroup_MW_DT_Leaderboard&lib=ix&size=728x90%2C970x250%2C970x90&referrer=https%3A%2F%2Fwww.paradisepost.com%2F&v=2.1.2&tmax=1000
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/185707-192819229389900.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.120.57.190 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-120-57-190.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.paradisepost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

pragma
no-cache
date
Mon, 26 Apr 2021 14:10:19 GMT
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
access-control-allow-origin
https://www.paradisepost.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-type
application/json; charset=utf-8
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
auction
tlx.3lift.com/header/ 		19 B
480 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?inv_code=MediaNewsGroup_Bottom_Leaderboard_HDX&lib=ix&size=728x90&referrer=https%3A%2F%2Fwww.paradisepost.com%2F&v=2.1.2&tmax=1000
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/185707-192819229389900.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.120.57.190 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-120-57-190.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.paradisepost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

pragma
no-cache
date
Mon, 26 Apr 2021 14:10:19 GMT
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
access-control-allow-origin
https://www.paradisepost.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-type
application/json; charset=utf-8
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
auction
tlx.3lift.com/header/ 		19 B
480 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?inv_code=medianewsgroup_desktop_mw_rr_atf&lib=ix&size=300x250&referrer=https%3A%2F%2Fwww.paradisepost.com%2F&v=2.1.2&tmax=1000
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/185707-192819229389900.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.120.57.190 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-120-57-190.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.paradisepost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

pragma
no-cache
date
Mon, 26 Apr 2021 14:10:19 GMT
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
access-control-allow-origin
https://www.paradisepost.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-type
application/json; charset=utf-8
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
auction
tlx.3lift.com/header/ 		19 B
480 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?inv_code=MediaNewsGroup_MW_DT_Leaderboard&lib=ix&size=728x90%2C970x250%2C970x90&referrer=https%3A%2F%2Fwww.paradisepost.com%2F&v=2.1.2&tmax=1000
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/185707-192819229389900.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.120.57.190 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-120-57-190.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.paradisepost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

pragma
no-cache
date
Mon, 26 Apr 2021 14:10:18 GMT
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
access-control-allow-origin
https://www.paradisepost.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-type
application/json; charset=utf-8
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
cdb
bidder.criteo.com/ 		0
150 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?ptv=106&profileId=154&cb=68019104765
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.paradisepost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://www.paradisepost.com
date
Mon, 26 Apr 2021 14:10:18 GMT
access-control-allow-credentials
true
server
Finatra
timing-allow-origin
*
vary
Origin
gtm.js
www.googletagmanager.com/ 		170 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-NFD2QGD&l=MG2DL
Requested by
Host: g2insights-cdn.azureedge.net
URL: https://g2insights-cdn.azureedge.net/prod/dfm/g2i.min.js?
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
51c61dd81616dc947955fc3f59d2e0116540fae383bed015ebddbf9ff4956a57
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.paradisepost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Apr 2021 14:10:18 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
50778
x-xss-protection
0
last-modified
Mon, 26 Apr 2021 12:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 26 Apr 2021 14:10:18 GMT
index.js
d1wa9546y9kg0n.cloudfront.net/ 		6 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d1wa9546y9kg0n.cloudfront.net/index.js
Requested by
Host: cdn.ayc0zsm69431gfebd.xyz
URL: https://cdn.ayc0zsm69431gfebd.xyz/prod/dfm/t8y9347t.min.js?
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
143.204.101.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-101-90.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8431f4973d02bcceeadba217953b9a058dad0b1d958f9ba25f9fccfe95d7ae42

Request headers

Referer
https://www.paradisepost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 25 Apr 2021 19:04:49 GMT
Via
1.1 a148356b14492df0e216c234ac2c2308.cloudfront.net (CloudFront)
Last-Modified
Tue, 23 Feb 2016 09:35:10 GMT
Server
AmazonS3
Age
68734
ETag
"cf67eb51479caf3b57c3577a08b6a038"
X-Cache
Hit from cloudfront
Content-Type
application/x-javascript
Connection
keep-alive
X-Amz-Cf-Pop
FRA50-C1
Accept-Ranges
bytes
Content-Length
6494
X-Amz-Cf-Id
fXWREDCzTg78EyyPOSyECsg_3CtU4BuSAOOAKtFbxP3N4UZuAbWVvA==
NORCALNVPRODWP
prod-dfm-proxy-connext.azurewebsites.net/api/configuration/mapped/siteCode/DFM/configCode/ 		280 KB
69 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prod-dfm-proxy-connext.azurewebsites.net/api/configuration/mapped/siteCode/DFM/configCode/NORCALNVPRODWP
Requested by
Host: cdn.ayc0zsm69431gfebd.xyz
URL: https://cdn.ayc0zsm69431gfebd.xyz/prod/dfm/t8y9347t.min.js?
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.85.16.224 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET, ASP.NET
Resource Hash
7b206b22c0059a3ec620e244f00671cd63ee338391e69ba9649c4ecc16bce5d2

Request headers

authorization
Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1bmlxdWVfbmFtZSI6IkNvbm5lWHQiLCJleHAiOjE2MTk0NjA2MTl9.V2U-oRgzyTKh8CxU5lt8U46_ch49wW_jxRC0MXBH6Yo
source-system
Plugin
site-code
DFM
autoqa
false
access-control-allow-origin
*
settingskey
NORCAL,PP
ssid
2a5b2a105422aebc5c9e9ceb8e017334
environment
prod
attr
PP
config-code
NORCALNVPRODWP
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
application/json
location
undefined
accept
application/json
Referer
https://www.paradisepost.com/
version
Version: 2.5.4.3_swg

Response headers

Pragma
no-cache
Date
Mon, 26 Apr 2021 14:10:19 GMT
Content-Encoding
gzip
Expires
-1
Server
Microsoft-IIS/10.0
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET, ASP.NET
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
X-Server-Time,Request-Context
Cache-Control
no-cache
Content-Length
69524
X-Server-Time
4/26/2021 2:10:19 PM
Request-Context
appId=cid-v1:b3b1c194-8bfe-45e5-8168-866947d4f019
ad_300_250.jpg
paywall-ad-bucket.s3.amazonaws.com/ 		631 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://paywall-ad-bucket.s3.amazonaws.com/ad_300_250.jpg
Requested by
Host: www.paradisepost.com
URL: https://www.paradisepost.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.216.16.248 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0859f5f9bf49348ef81d01f953d520c10a2a857961ef1bfad4a7903609889de5

Request headers

Referer
https://www.paradisepost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 26 Apr 2021 14:10:20 GMT
Last-Modified
Tue, 15 Oct 2019 13:44:16 GMT
Server
AmazonS3
x-amz-request-id
SDSQG8X9Y3C8AWGD
ETag
"ef2cc7f55b7ab677b023e36033e26471"
Content-Type
image/jpeg
Accept-Ranges
bytes
Content-Length
631
x-amz-id-2
1KjvKOT9kaBVqiHj1dsCJ/SkcjpUf2lOXJUbUU/KvzETqauwiNck1O/yrxyJPU0YEBhvdlmp258=
x-amz-meta-s3b-last-modified
20191015T134358Z
Cookie set iu3
aax-eu.amazon-adsystem.com/s/ Frame 2CEA
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-index_pm-db5_ym_n-vmg_ox-db5_smrt_cnv_an-db5_sovrn_3lift
  • https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-index_pm-db5_ym_n-vmg_ox-db5_smrt_cnv_an-db5_sovrn_3lift&dcc=t
285 B
959 B 		Document
General
Check archive.org
Download Go to
Full URL
https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-index_pm-db5_ym_n-vmg_ox-db5_smrt_cnv_an-db5_sovrn_3lift&dcc=t
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.118.60 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
26ec8303cfff0fd4364cdeaa161854510fe4f00e56ea2e7f9ccbee5f6263aeb3

Request headers

Host
aax-eu.amazon-adsystem.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.paradisepost.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
ad-id=A-hLL7xvJUlDqUgHBuhpUV0|t
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.paradisepost.com/

Response headers

Server
Server
Date
Mon, 26 Apr 2021 14:10:19 GMT
Content-Type
text/html;charset=ISO-8859-1
Content-Length
222
Connection
keep-alive
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma
no-cache
Expires
Thu, 01 Jan 1970 00:00:00 GMT
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Set-Cookie
ad-id=A-hLL7xvJUlDqUgHBuhpUV0; Domain=.amazon-adsystem.com; Expires=Sat, 01-Jan-2022 14:10:19 GMT; Path=/; Secure; HttpOnly; SameSite=None ad-privacy=0; Domain=.amazon-adsystem.com; Expires=Wed, 01-Jul-2026 14:10:19 GMT; Path=/; Secure; HttpOnly; SameSite=None
Vary
Accept-Encoding,User-Agent
Content-Encoding
gzip

Redirect headers

Server
Server
Date
Mon, 26 Apr 2021 14:10:19 GMT
Content-Length
0
Connection
keep-alive
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma
no-cache
Expires
Thu, 01 Jan 1970 00:00:00 GMT
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-index_pm-db5_ym_n-vmg_ox-db5_smrt_cnv_an-db5_sovrn_3lift&dcc=t
Set-Cookie
ad-id=A-hLL7xvJUlDqUgHBuhpUV0|t; Domain=.amazon-adsystem.com; Expires=Sat, 01-Jan-2022 14:10:19 GMT; Path=/; Secure; HttpOnly; SameSite=None
Vary
User-Agent
/
p1.parsely.com/plogger/ 		43 B
257 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p1.parsely.com/plogger/?rand=1619446219228&plid=6765349&idsite=paradisepost.com&url=https%3A%2F%2Fwww.paradisepost.com%2F&urlref=&screen=1600x1200%7C1600x1200%7C24&data=%7B%7D&sid=1&surl=https%3A%2F%2Fwww.paradisepost.com%2F&sref=&sts=1619446219223&slts=0&title=Paradisepost.com+covers+local+news+in+Paradise%2C+California.+Keep+up+with+all+business%2C+wildfire+recovery%2C+local+sports%2C+outdoors%2C+local+columnists+and+more.&date=Mon+Apr+26+2021+16%3A10%3A19+GMT%2B0200+(Central+European+Summer+Time)&action=pageview&pvid=34075961&u=pid%3D78396c8e022d966043de34662429b833
Requested by
Host: www.paradisepost.com
URL: https://www.paradisepost.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.194.161.83 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-194-161-83.compute-1.amazonaws.com
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://www.paradisepost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 26 Apr 2021 14:10:19 GMT
Cache-Control
no-cache
Last-Modified
Monday, 26-Apr-2021 14:10:19 GMT
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
scriptloaded
be.durationmedia.net/ 		0
578 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://be.durationmedia.net/scriptloaded?siteId=10529
Requested by
Host: tag.durationmedia.net
URL: https://tag.durationmedia.net/sites/10529/dm.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.192.127.138 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-192-127-138.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.paradisepost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 26 Apr 2021 14:10:19 GMT
X-Content-Type-Options
nosniff
X-Frame-Options
DENY
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Connection
keep-alive
Access-Control-Allow-Origin
https://www.paradisepost.com
Access-Control-Expose-Headers
Authorization
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Strict-Transport-Security
max-age=31536000 ; includeSubDomains
Content-Length
0
X-XSS-Protection
1; mode=block
Expires
0
NORCALNVPRODWP
prod-dfm-proxy-connext.azurewebsites.net/api/configuration/mapped/siteCode/DFM/configCode/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://prod-dfm-proxy-connext.azurewebsites.net/api/configuration/mapped/siteCode/DFM/configCode/NORCALNVPRODWP
Protocol
HTTP/1.1
Server
13.85.16.224 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
access-control-allow-origin,attr,authorization,autoqa,config-code,content-type,environment,location,settingskey,site-code,source-system,ssid,version
Origin
https://www.paradisepost.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Access-Control-Allow-Origin
*
Access-Control-Allow-Headers
access-control-allow-origin,attr,authorization,autoqa,config-code,content-type,environment,location,settingskey,site-code,source-system,ssid,version
X-Powered-By
ASP.NET
Date
Mon, 26 Apr 2021 14:10:19 GMT
Content-Length
0
events
bidder.criteo.com/csm/ 		0
150 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/csm/events
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.paradisepost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://www.paradisepost.com
date
Mon, 26 Apr 2021 14:10:18 GMT
access-control-allow-credentials
true
server
Finatra
timing-allow-origin
*
vary
Origin
integrator.js
adservice.google.de/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.paradisepost.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.paradisepost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 26 Apr 2021 14:10:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.paradisepost.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.paradisepost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 26 Apr 2021 14:10:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
close_54x54.png
www.paradisepost.com/wp-content/client-mu-plugins/src/Ads/assets/img/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.paradisepost.com/wp-content/client-mu-plugins/src/Ads/assets/img/close_54x54.png
Requested by
Host: www.paradisepost.com
URL: https://www.paradisepost.com/_static/??-eJxljtEOwjAIRX/IDmfi4osxfkpHiRJpuxQWs7+XuAedPsHlcjnAcwpYi1ExmGS+cVFQNgpbEVtMrDRVNVCLxgiobmIjKl3m0rncgR/jgjIn0rfvGYNRKj6C8NhiWzy9CG0Sv3gfOU9Jlq/2bxuFvYQ8fz5tCNekEFXJVn6uIwuFmO6kXEtY4e5c8rkf+tNxf+j74QWEQ2Dy
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.2 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
76db8eaafd56a116fa9f722f596da45b0ef936a6975861fe6b481fe3bccd2398
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;includeSubdomains

Request headers

:path
/wp-content/client-mu-plugins/src/Ads/assets/img/close_54x54.png
pragma
no-cache
cookie
ai_user=JAQql|2021-04-26T14:10:18.012Z; ntvSession={}; _ga=GA1.2.1956689672.1619446218; _gid=GA1.2.147070304.1619446218; _gat_UA-61435456-17=1; _gat_UA-111452396-3=1; _gat_UA-111452396-5=1; __qca=P0-1333079753-1619446218604; _parsely_session={%22sid%22:1%2C%22surl%22:%22https://www.paradisepost.com/%22%2C%22sref%22:%22%22%2C%22sts%22:1619446219223%2C%22slts%22:0}; _parsely_visitor={%22id%22:%22pid=78396c8e022d966043de34662429b833%22%2C%22session_count%22:1%2C%22last_session_ts%22:1619446219223}
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.paradisepost.com
referer
https://www.paradisepost.com/_static/??-eJxljtEOwjAIRX/IDmfi4osxfkpHiRJpuxQWs7+XuAedPsHlcjnAcwpYi1ExmGS+cVFQNgpbEVtMrDRVNVCLxgiobmIjKl3m0rncgR/jgjIn0rfvGYNRKj6C8NhiWzy9CG0Sv3gfOU9Jlq/2bxuFvYQ8fz5tCNekEFXJVn6uIwuFmO6kXEtY4e5c8rkf+tNxf+j74QWEQ2Dy
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.paradisepost.com/_static/??-eJxljtEOwjAIRX/IDmfi4osxfkpHiRJpuxQWs7+XuAedPsHlcjnAcwpYi1ExmGS+cVFQNgpbEVtMrDRVNVCLxgiobmIjKl3m0rncgR/jgjIn0rfvGYNRKj6C8NhiWzy9CG0Sv3gfOU9Jlq/2bxuFvYQ8fz5tCNekEFXJVn6uIwuFmO6kXEtY4e5c8rkf+tNxf+j74QWEQ2Dy
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Apr 2021 14:10:19 GMT
x-rq
hhn1 119 73 3097
last-modified
Fri, 18 Sep 2020 18:16:24 GMT
server
nginx
age
14824634
etag
"5f64f978-547"
strict-transport-security
max-age=31536000;includeSubdomains
x-cache
hit
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
content-length
1351
expires
Tue, 26 Apr 2022 14:10:19 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		107 KB
22 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2072232144047115&correlator=1139252708100753&output=ldjh&impl=fifs&eid=31060736&vrg=2021042001&ptt=17&sc=1&sfv=1-0-38&ecs=20210426&iu_parts=8013%2Cparadisepost.com%2Chome&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2&prev_iu_szs=1x1%2C728x90%7C970x90%7C970x250%7C970x30%2C300x250%7C300x600%7C300x1050%2C300x250%2C300x250%2C728x90%7C970x90%2C300x70%2C300x70%2C1280x250%7C970x250%7C970x90%7C728x90%2C789x90&prev_scp=POS%3Dinterstitial%26kv%3Dhome%26RPN%3D14%26rurl%3D%26amznbid%3D2%26amznp%3D2%7CPOS%3Dtop_leaderboard%26kv%3Dhome%26RPN%3D14%26rurl%3D%26amznbid%3D2%26amznp%3D2%7CPOS%3DCube1_RRail_ATF%26kv%3Dhome%26RPN%3D14%26rurl%3D%26amznbid%3D2%26amznp%3D2%7CPOS%3DCube2_RRail_mid%26kv%3Dhome%26RPN%3D14%26rurl%3D%26amznbid%3D2%26amznp%3D2%7CPOS%3DCube3_RRail_lower%26kv%3Dhome%26RPN%3D14%26rurl%3D%26amznbid%3D2%26amznp%3D2%7CPOS%3Dbottom_leaderboard%26kv%3Dhome%26RPN%3D14%26rurl%3D%26amznbid%3D2%26amznp%3D2%7CPOS%3DSponsorship_1%26kv%3Dhome%26RPN%3D14%26rurl%3D%26amznbid%3D2%26amznp%3D2%7CPOS%3DSponsorship_1_mobile%26kv%3Dhome%26RPN%3D14%26rurl%3D%7CPOS%3DSponsorship_2%26kv%3Dhome%26RPN%3D14%26rurl%3D%26amznbid%3D2%26amznp%3D2%7CPOS%3Dmobile_adhesion%26kv%3Dhome%26RPN%3D14%26rurl%3D%26amznbid%3D2%26amznp%3D2&eri=1&cookie_enabled=1&bc=31&abxe=1&lmt=1619446219&dt=1619446219606&dlt=1619446217038&idt=1341&frm=20&biw=1600&bih=1200&oid=3&adxs=160%2C436%2C1138%2C1135%2C1135%2C160%2C1140%2C-9%2C-10%2C-12245933&adys=177%2C183%2C306%2C1853%2C2904%2C4283%2C17%2C-9%2C1274%2C-12245933&adks=640484692%2C3231401727%2C301434903%2C1469593279%2C2403591129%2C1980971098%2C1777005721%2C580641259%2C3503441901%2C2663280849&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7%7C8%7C9%7Ca&ifi=1&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.paradisepost.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1280x97%7C1280x97%7C304x935%7C304x315%7C304x672%7C1280x4066%7C1300x50%7C0x-1%7C1280x4066%7C789x90&msz=1280x1%7C1600x96%7C300x250%7C304x250%7C304x250%7C1280x90%7C300x70%7C0x-1%7C1610x250%7C0x0&ga_vid=1956689672.1619446218&ga_sid=1619446220&ga_hid=902071955&ga_fc=false&fws=4%2C4%2C4%2C4%2C4%2C4%2C4%2C2%2C4%2C132&ohw=1280%2C1600%2C300%2C304%2C304%2C1280%2C300%2C0%2C1610%2C0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
2eaea49b9dc69e55921aa5b07325c53a34885ae439d55098ae661786bd39f124
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.paradisepost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Apr 2021 14:10:20 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2,-2,-2,-2,-2,-2,-2,-2,-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
22543
x-xss-protection
0
google-lineitem-id
-2,5672744082,5672744082,5672721483,5673652477,5674281527,-2,-2,5672744082,-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2,138340565573,138340629666,138267130024,138239123542,138340552907,-2,-2,138340629621,-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.paradisepost.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
1b0804fc21f67a6688ab78dc3831390d.safeframe.googlesyndication.com/safeframe/1-0-38/html/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://1b0804fc21f67a6688ab78dc3831390d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.paradisepost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
container.html
tpc.googlesyndication.com/safeframe/1-0-38/html/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.paradisepost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
headerstats
as-sec.casalemedia.com/ 		0
318 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://as-sec.casalemedia.com/headerstats?s=212590&u=https%3A%2F%2Fwww.paradisepost.com%2F&v=3
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.20.241 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-20-241.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.paradisepost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

Pragma
no-cache
Date
Mon, 26 Apr 2021 14:10:19 GMT
Server
Apache
Access-Control-Allow-Origin
https://www.paradisepost.com
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
Expires
Mon, 26 Apr 2021 14:10:19 GMT
pr
aax-eu.amazon-adsystem.com/s/v3/ Frame 4578 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=gg_n-index_pm-db5_ym_n-vmg_ox-db5_smrt_cnv_an-db5_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-index_pm-db5_ym_n-vmg_ox-db5_smrt_cnv_an-db5_sovrn_3lift&dcc=t
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.118.60 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
cad86a22f8cd3faa305e03f1d375b68e4f53efb366a3c1b0ba6c49678e076ebd

Request headers

Host
aax-eu.amazon-adsystem.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
same-origin
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-index_pm-db5_ym_n-vmg_ox-db5_smrt_cnv_an-db5_sovrn_3lift&dcc=t
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
ad-id=A-hLL7xvJUlDqUgHBuhpUV0; ad-privacy=0
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=gg_n-index_pm-db5_ym_n-vmg_ox-db5_smrt_cnv_an-db5_sovrn_3lift&dcc=t

Response headers

Server
Server
Date
Mon, 26 Apr 2021 14:10:19 GMT
Content-Type
text/html;charset=ISO-8859-1
Content-Length
716
Connection
keep-alive
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma
no-cache
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Vary
Accept-Encoding,User-Agent
Content-Encoding
gzip
amzns2s
rtb.gumgum.com/usync/ Frame 33DB 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=gg_n-index_pm-db5_ym_n-vmg_ox-db5_smrt_cnv_an-db5_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.77.19.59 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-77-19-59.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6de150ac6fcf1f516da0817d0fa3ec048dc49ef18889576c5eb488ff954a065e

Request headers

:method
GET
:authority
rtb.gumgum.com
:scheme
https
:path
/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Apr 2021 14:10:19 GMT
content-type
text/html;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
set-cookie
vst=e_6fb3a1b5-5d68-4dc1-8329-32ccb4b88592; Domain=.gumgum.com; Expires=Tue, 26-Apr-2022 14:10:19 GMT; Path=/; Secure; SameSite=None
etag
W/"0c425e6fce2c47d2163252bb13659baa3"
timing-allow-origin
*
content-encoding
gzip
Cookie set usermatch
ssum-sec.casalemedia.com/ Frame 60F3 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=gg_n-index_pm-db5_ym_n-vmg_ox-db5_smrt_cnv_an-db5_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.20.241 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-20-241.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
997b11eee18ed7271476bda93dda727db75eda3e9ed0a16668bd576f24a0fecd

Request headers

Host
ssum-sec.casalemedia.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
CMID=YIbJysqbwmrjF3T9PgDtEgAA; CMST=YIbJymCGycoB; CMDD=AAM+bgE*
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
39|45|241|230|3|65|4|176
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Content-Length
1679
Expires
Mon, 26 Apr 2021 14:10:19 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Mon, 26 Apr 2021 14:10:19 GMT
Connection
keep-alive
Set-Cookie
CMID=YIbJysqbwmrjF3T9PgDtEgAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Tue, 26 Apr 2022 14:10:19 GMT CMPS=3202;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sun, 25 Jul 2021 14:10:19 GMT CMPRO=1164;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sun, 25 Jul 2021 14:10:19 GMT CMDD=AAM+bgE*;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Tue, 27 Apr 2021 14:10:19 GMT CMST=YIbJymCGycsB;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Tue, 27 Apr 2021 14:10:19 GMT CMRUM3=2d6086c9cb05a0&046086c9cb05a0&036086c9cb05a0&276086c9cb0b40&416086c9cb05a0&b06086c9cb05a00&e66086c9cb27600&f16086c9cb05a0;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Tue, 26 Apr 2022 14:10:19 GMT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 860A 		8 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156657&predirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=gg_n-index_pm-db5_ym_n-vmg_ox-db5_smrt_cnv_an-db5_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.20.198 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-20-198.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
23371b5319a53a0a2d3c59d738d679c384822c244ea4e791ef87a4110b8a291e

Request headers

Host
ads.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Last-Modified
Wed, 21 Oct 2020 18:57:29 GMT
ETag
"1300708-1f78-5b232eb4914bb"
Server
Apache/2.2.15 (CentOS)
Accept-Ranges
bytes
Content-Encoding
gzip
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length
2654
Content-Type
text/html; charset=UTF-8
Cache-Control
max-age=126018
Expires
Wed, 28 Apr 2021 01:10:37 GMT
Date
Mon, 26 Apr 2021 14:10:19 GMT
Connection
keep-alive
Vary
Accept-Encoding
tamptsync
sync-amz.ads.yieldmo.com/ Frame B063 		243 B
481 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync-amz.ads.yieldmo.com/tamptsync?callback=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dym.com%26id%3D%24UID
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=gg_n-index_pm-db5_ym_n-vmg_ox-db5_smrt_cnv_an-db5_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:fa00:0:70b1:7080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6f954747894a16b51f50b3c67f65308a4ae93221eecab415febb1cb471d9c613

Request headers

:method
GET
:authority
sync-amz.ads.yieldmo.com
:scheme
https
:path
/tamptsync?callback=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dym.com%26id%3D%24UID
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
application/xml
date
Mon, 26 Apr 2021 14:10:19 GMT
server
AmazonS3
x-cache
Hit from cloudfront
via
1.1 d6b9c7bad28b271f1e800a50d49ab8a4.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
xkjFdz-NZbPKFruxFwAgphVUXBugKpq71vk7mkMTuNS5h95sRTCSuA==
ecm3
aax-eu.amazon-adsystem.com/s/ Frame 9083
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58252/sync?redir=true
  • https://ups.analytics.yahoo.com/ups/58252/sync?redir=true&verify=true
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=vmg.com&id=y-oPAolm51l2OW82cY2DzmtwzR8RlHhfs-&
43 B
344 B 		Document
General
Check archive.org
Download Go to
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=vmg.com&id=y-oPAolm51l2OW82cY2DzmtwzR8RlHhfs-&
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=gg_n-index_pm-db5_ym_n-vmg_ox-db5_smrt_cnv_an-db5_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.118.60 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Host
aax-eu.amazon-adsystem.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
ad-id=A-hLL7xvJUlDqUgHBuhpUV0; ad-privacy=0
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Server
Server
Date
Mon, 26 Apr 2021 14:10:20 GMT
Content-Type
image/gif
Content-Length
43
Connection
keep-alive
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma
no-cache
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Vary
User-Agent

Redirect headers

Date
Mon, 26 Apr 2021 14:10:19 GMT
Content-Length
0
Strict-Transport-Security
max-age=31536000
Set-Cookie
IDSYNC=18y4~1xse;Version=1;Domain=.analytics.yahoo.com;Path=/;Max-Age=31622400;Expires=Wed, 27-Apr-2022 14:10:19 GMT;Secure;SameSite=None A3=d=AQABBMvJhmACEIaTCaA_1AZclfkcVwvKTPkFEgEBAQEbiGCQYAAAAAAA_eMAAA&S=AQAAAmjPVv-plhRR7IBH6FId1tg; Expires=Tue, 26 Apr 2022 20:10:19 GMT; Max-Age=31557600; Domain=.yahoo.com; Path=/; SameSite=None; Secure; HttpOnly B=fij6a1dg8dieb&b=3&s=fp; Expires=Tue, 26 Apr 2022 20:10:19 GMT; Max-Age=31557600; Domain=.yahoo.com; Path=/
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=vmg.com&id=y-oPAolm51l2OW82cY2DzmtwzR8RlHhfs-&
Age
0
Connection
keep-alive
Server
ATS/7.1.2.128
cm
u.openx.net/w/1.0/ Frame FF8A
Redirect Chain
  • https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BO...
  • https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dopenx.com%26id%3...
628 B
724 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=gg_n-index_pm-db5_ym_n-vmg_ox-db5_smrt_cnv_an-db5_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.205.4 /
Resource Hash
d33f5864fd42e9592bcf1af4b473e9b185ef50223c9edc7ce3aff6137be85a02

Request headers

:method
GET
:authority
u.openx.net
:scheme
https
:path
/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
i=ad60b86f-5e6b-066b-3b67-8a007ee2a29a|1619446219
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

vary
Accept, Accept-Encoding
set-cookie
i=ad60b86f-5e6b-066b-3b67-8a007ee2a29a|1619446219; Version=1; Expires=Tue, 26-Apr-2022 14:10:19 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None pd=v2|1619446219|gen0vNiygu; Version=1; Expires=Tue, 11-May-2021 14:10:19 GMT; Max-Age=1296000; Secure; Domain=.openx.net; Path=/; SameSite=None
server
OXGW/16.205.4
p3p
CP="CUR ADM OUR NOR STA NID"
date
Mon, 26 Apr 2021 14:10:19 GMT
content-type
text/html
content-length
392
content-encoding
gzip
via
1.1 google
alt-svc
clear

Redirect headers

set-cookie
i=ad60b86f-5e6b-066b-3b67-8a007ee2a29a|1619446219; Version=1; Expires=Tue, 26-Apr-2022 14:10:19 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None
server
OXGW/16.205.4
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
date
Mon, 26 Apr 2021 14:10:19 GMT
content-length
0
via
1.1 google
alt-svc
clear
ecm3
aax-eu.amazon-adsystem.com/s/ Frame 460E
Redirect Chain
  • https://ssbsync.smartadserver.com/api/sync?callerId=2
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=smart.com&id=8749103022150578688
43 B
344 B 		Document
General
Check archive.org
Download Go to
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=smart.com&id=8749103022150578688
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=gg_n-index_pm-db5_ym_n-vmg_ox-db5_smrt_cnv_an-db5_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.118.60 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Host
aax-eu.amazon-adsystem.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
ad-id=A-hLL7xvJUlDqUgHBuhpUV0; ad-privacy=0
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Server
Server
Date
Mon, 26 Apr 2021 14:10:20 GMT
Content-Type
image/gif
Content-Length
43
Connection
keep-alive
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma
no-cache
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Vary
User-Agent

Redirect headers

date
Mon, 26 Apr 2021 14:10:19 GMT
content-length
0
location
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=smart.com&id=8749103022150578688
set-cookie
pid=8749103022150578688; expires=Fri, 27 May 2022 14:09:19 GMT; domain=smartadserver.com; path=/; samesite=None; secure; samesite=none
current
amazon-tam-match.dotomi.com/match/bounce/ Frame 89A9 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://amazon-tam-match.dotomi.com/match/bounce/current?networkId=31082&version=1&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcnv.com%26id%3D
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=gg_n-index_pm-db5_ym_n-vmg_ox-db5_smrt_cnv_an-db5_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:13::1400 , United States, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

:method
GET
:authority
amazon-tam-match.dotomi.com
:scheme
https
:path
/match/bounce/current?networkId=31082&version=1&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcnv.com%26id%3D
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

server
nginx
date
Mon, 26 Apr 2021 14:10:19 GMT
cache-control
no-cache, private, max-age=0, no-store
expires
0
pragma
no-cache
ecm3
aax-eu.amazon-adsystem.com/s/ Frame AC9C
Redirect Chain
  • https://ib.adnxs.com/getuid?https://aax-eu.amazon-adsystem.com/s/ecm3?id=$UID&ex=appnexus.com
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fid%3D%24UID%26ex%3Dappnexus.com
  • https://aax-eu.amazon-adsystem.com/s/ecm3?id=991921832087954775&ex=appnexus.com
43 B
344 B 		Document
General
Check archive.org
Download Go to
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?id=991921832087954775&ex=appnexus.com
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=gg_n-index_pm-db5_ym_n-vmg_ox-db5_smrt_cnv_an-db5_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.118.60 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Host
aax-eu.amazon-adsystem.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
ad-id=A-hLL7xvJUlDqUgHBuhpUV0; ad-privacy=0
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Server
Server
Date
Mon, 26 Apr 2021 14:10:20 GMT
Content-Type
image/gif
Content-Length
43
Connection
keep-alive
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma
no-cache
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Vary
User-Agent

Redirect headers

Server
nginx/1.17.9
Date
Mon, 26 Apr 2021 14:10:19 GMT
Content-Type
text/html; charset=utf-8
Content-Length
0
Connection
keep-alive
Cache-Control
no-store, no-cache, private
Pragma
no-cache
Expires
Sat, 15 Nov 2008 16:00:00 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection
0
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Location
https://aax-eu.amazon-adsystem.com/s/ecm3?id=991921832087954775&ex=appnexus.com
AN-X-Request-Uuid
ac14dcc6-dcef-4dd8-a0c1-65d3e7601bf5
Set-Cookie
uuid2=991921832087954775; SameSite=None; Path=/; Max-Age=7776000; Expires=Sun, 25-Jul-2021 14:10:19 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin
185.156.175.107; 185.156.175.107; 693.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.173.12:80
Cookie set amazon
ap.lijit.com/beacon/ Frame C232
Redirect Chain
  • https://ap.lijit.com/beacon/amazon?url=https://aax-eu.amazon-adsystem.com%2Fs/ecm3?id=$UID&ex=sovrn.com
  • https://ap.lijit.com/beacon/amazon?url=https://aax-eu.amazon-adsystem.com%2Fs/ecm3?id=$UID&ex=sovrn.com&dnr=1
1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/beacon/amazon?url=https://aax-eu.amazon-adsystem.com%2Fs/ecm3?id=$UID&ex=sovrn.com&dnr=1
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=gg_n-index_pm-db5_ym_n-vmg_ox-db5_smrt_cnv_an-db5_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.30 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
cbd1c4697689f92387c03993235572abeb602e18146fd0ba2ed979d3b6f9ca81

Request headers

Host
ap.lijit.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
ljt_reader=ee7142df8572b096e9192f1b
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Server
nginx
Date
Mon, 26 Apr 2021 14:10:19 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Vary
Accept-Encoding
Expires
Fri, 20 Mar 2009 00:00:00 GMT
Set-Cookie
ljtrtbexp=eJyrVjI0U7IyNDMyMDM1tTC01FGyMEHjm6LyDQ1Q%2BUbmEL6BqaGBoWUtAJr%2BEE4%3D;Path=/;Domain=.lijit.com;Expires=Tue, 26-Apr-2022 14:10:19 GMT;Max-Age=31536000;Secure;SameSite=None ljt_reader=ee7142df8572b096e9192f1b;Path=/;Domain=.lijit.com;Max-Age=31536000;Secure;SameSite=None
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Pragma
no-cache
P3P
CP="CUR ADM OUR NOR STA NID"
X-Powered-By
raptor
Content-Encoding
gzip
X-Sovrn-Pod
ad_ap6ams1

Redirect headers

Server
nginx
Date
Mon, 26 Apr 2021 14:10:19 GMT
Content-Length
0
Set-Cookie
ljt_reader=ee7142df8572b096e9192f1b;Path=/;Domain=.lijit.com;Max-Age=31536000;Secure;SameSite=None
Expires
Fri, 20 Mar 2009 00:00:00 GMT
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Pragma
no-cache
P3P
CP="CUR ADM OUR NOR STA NID"
Location
https://ap.lijit.com/beacon/amazon?url=https://aax-eu.amazon-adsystem.com%2Fs/ecm3?id=$UID&ex=sovrn.com&dnr=1
X-Powered-By
raptor
X-Sovrn-Pod
ad_ap6ams1
ecm3
aax-eu.amazon-adsystem.com/s/ Frame DF8F
Redirect Chain
  • https://eb2.3lift.com/getuid?redir=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=3lift.com&id=17892687483202660486
43 B
344 B 		Document
General
Check archive.org
Download Go to
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=3lift.com&id=17892687483202660486
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=gg_n-index_pm-db5_ym_n-vmg_ox-db5_smrt_cnv_an-db5_sovrn_3lift&fv=1.0&a=cm&cm3ppd=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.118.60 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Host
aax-eu.amazon-adsystem.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
ad-id=A-hLL7xvJUlDqUgHBuhpUV0; ad-privacy=0
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Server
Server
Date
Mon, 26 Apr 2021 14:10:19 GMT
Content-Type
image/gif
Content-Length
43
Connection
keep-alive
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma
no-cache
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Vary
User-Agent

Redirect headers

date
Mon, 26 Apr 2021 14:10:19 GMT
content-length
0
location
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=3lift.com&id=17892687483202660486
set-cookie
tluid=17892687483202660486; Max-Age=7776000; Expires=Sun, 25 Jul 2021 14:10:19 GMT; Path=/; Domain=.3lift.com; SameSite=None; Secure
cache-control
no-cache, no-store, must-revalidate
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
ecm3
aax-eu.amazon-adsystem.com/s/ Frame FF8A 		43 B
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=openx.com&id=261afb4b-eb46-8266-a1bf-c07f72f65a87
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.118.60 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 26 Apr 2021 14:10:19 GMT
Server
Server
Vary
User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame FF8A
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=UkaFKgdP3n1JT4spVEeQf1VEjSRJFd9-ARAN-TgS
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=UkaFKgdP3n1JT4spVEeQf1VEjSRJFd9-ARAN-TgS
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.205.4 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 26 Apr 2021 14:10:19 GMT
via
1.1 google
server
OXGW/16.205.4
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 26 Apr 2021 14:10:19 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=UkaFKgdP3n1JT4spVEeQf1VEjSRJFd9-ARAN-TgS
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
sd
eu-u.openx.net/w/1.0/ Frame FF8A
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=22
  • https://c1.adform.net/serving/cookie/match?CC=1&party=22
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=6937288142388169623
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=6937288142388169623
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.205.4 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 26 Apr 2021 14:10:20 GMT
via
1.1 google
server
OXGW/16.205.4
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 26 Apr 2021 14:10:20 GMT
server
nginx
location
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=6937288142388169623
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
openx
match.adsrvr.org/track/cmf/ Frame FF8A 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/openx?oxid=7ecc8736-f7ec-399c-61b1-42e81ac59167&gdpr=0
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.210.202.173 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-202-173.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 26 Apr 2021 14:10:19 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame FF8A
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NTJhMzU0ZmMtM2U5Yi02NzM4LTc0NTEtMTg1MWQwMjc1ZjA3
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NTJhMzU0ZmMtM2U5Yi02NzM4LTc0NTEtMTg1MWQwMjc1ZjA3&google_tc=
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NTJhMzU0ZmMtM2U5Yi02NzM4LTc0NTEtMTg1MWQwMjc1ZjA3&google_tc=
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f162.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 26 Apr 2021 14:10:19 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 26 Apr 2021 14:10:19 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NTJhMzU0ZmMtM2U5Yi02NzM4LTc0NTEtMTg1MWQwMjc1ZjA3&google_tc=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame FF8A
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm=&google_sc=&google_tc=
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEIdAKw2YUMvvCWjDZ8JjLJo&google_cver=1
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEIdAKw2YUMvvCWjDZ8JjLJo&google_cver=1
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.205.4 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 26 Apr 2021 14:10:20 GMT
via
1.1 google
server
OXGW/16.205.4
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 26 Apr 2021 14:10:19 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEIdAKw2YUMvvCWjDZ8JjLJo&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
showad.js
ads.pubmatic.com/AdServer/js/ Frame 56A0 		38 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156657&predirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.20.198 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-20-198.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
82f1fbe95dbd4e1128a973db542bf50ab7ac8fbf35bfefca2e782b0a0572e564

Request headers

Host
ads.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
same-origin
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156657&predirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156657&predirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID

Response headers

Last-Modified
Wed, 14 Apr 2021 09:18:30 GMT
ETag
"13006b6-98c2-5bfeb3aef82b4"
Server
Apache/2.2.15 (CentOS)
Accept-Ranges
bytes
Content-Encoding
gzip
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length
14060
Content-Type
text/html; charset=UTF-8
Cache-Control
public, max-age=51457
Expires
Tue, 27 Apr 2021 04:27:56 GMT
Date
Mon, 26 Apr 2021 14:10:19 GMT
Connection
keep-alive
Vary
Accept-Encoding
casale
match.adsrvr.org/track/cmf/ Frame 60F3 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale?cm_callback_url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum&cm_dsp_id=39&cm_user_id=YIbJysqbwmrjF3T9PgDtEgAA
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.210.202.173 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-202-173.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 26 Apr 2021 14:10:19 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
crum
dsum-sec.casalemedia.com/ Frame 60F3
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YIbJysqbwmrjF3T9PgDtEgAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESELGDcqzzO_PiFgptkb0yc4Q&google_cver=1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESELGDcqzzO_PiFgptkb0yc4Q&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.20.241 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-20-241.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 26 Apr 2021 14:10:20 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 26 Apr 2021 14:10:20 GMT

Redirect headers

pragma
no-cache
date
Mon, 26 Apr 2021 14:10:20 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESELGDcqzzO_PiFgptkb0yc4Q&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame 60F3 		43 B
720 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YIbJysqbwmrjF3T9PgDtEgAABIwAAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
72.21.206.140 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
206-140.amazon.com
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 26 Apr 2021 14:10:20 GMT
Server
Server
Vary
User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
usermatchredir
ssum-sec.casalemedia.com/ Frame 60F3
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YIbJysqbwmrjF3T9PgDtEgAABIwAAAIB
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm=&google_hm=YIbJysqbwmrjF3T9PgDtEgAABIwAAAIB&google_tc=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&google_gid=CAESENUeTWg9tpp_jMF1-bqcCM8&google_cver=1
43 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&google_gid=CAESENUeTWg9tpp_jMF1-bqcCM8&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.20.241 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-20-241.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 26 Apr 2021 14:10:20 GMT
Server
Apache
Vary
Is-Traffic-Usersync
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Mon, 26 Apr 2021 14:10:20 GMT

Redirect headers

pragma
no-cache
date
Mon, 26 Apr 2021 14:10:19 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&google_gid=CAESENUeTWg9tpp_jMF1-bqcCM8&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 60F3
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=9ae26086-c9cc-4800-a295-033ec29e3c98
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=9ae26086-c9cc-4800-a295-033ec29e3c98
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.20.241 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-20-241.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 26 Apr 2021 14:10:21 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 26 Apr 2021 14:10:21 GMT

Redirect headers

Date
Mon, 26 Apr 2021 14:11:55 GMT
Server
MT3 3660 495c301 master cdg-pixel-x28
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=9ae26086-c9cc-4800-a295-033ec29e3c98
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Mon, 26 Apr 2021 14:11:54 GMT
rum
dsum.casalemedia.com/ Frame 60F3
Redirect Chain
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1619532619
43 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1619532619
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.20.241 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-20-241.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 26 Apr 2021 14:10:22 GMT
Server
Apache
Vary
Is-Traffic-Usersync
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Mon, 26 Apr 2021 14:10:22 GMT

Redirect headers

location
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1619532619
pragma
no-cache
date
Mon, 26 Apr 2021 14:10:19 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
content-length
0
expires
0
rum
dsum-sec.casalemedia.com/ Frame 60F3
Redirect Chain
  • https://ad.turn.com/r/cs?pid=21
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=2855734592565697297
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=2855734592565697297
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.20.241 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-20-241.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 26 Apr 2021 14:10:20 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 26 Apr 2021 14:10:20 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=2855734592565697297
pragma
no-cache
date
Mon, 26 Apr 2021 14:10:19 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
113
match.deepintent.com/usersync/ Frame 60F3 		0
16 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.deepintent.com/usersync/113
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
169.197.150.7 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
g.deepintent.com
Software
b /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Apr 2021 14:10:19 GMT
content-length
0
server
b
ecm3
aax-eu.amazon-adsystem.com/s/ Frame 60F3 		43 B
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=index.com&id=YIbJysqbwmrjF3T9PgDtEgAABIwAAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.118.60 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 26 Apr 2021 14:10:20 GMT
Server
Server
Vary
User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame 56A0 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=55518001&p=156657&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1&async=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.115 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
09a93c6dadc9f8ae0e39dd1d80348d200f04f55a4e0834b4473286795b8ef4c7

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 26 Apr 2021 14:10:19 GMT
P3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
usersync
rtb.gumgum.com/ Frame 33DB
Redirect Chain
  • https://secure.adnxs.com/getuid?https://rtb.gumgum.com/usersync?b=apn&i=$UID
  • https://rtb.gumgum.com/usersync?b=apn&i=991921832087954775
35 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=apn&i=991921832087954775
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.77.19.59 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-77-19-59.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 26 Apr 2021 14:10:20 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

Pragma
no-cache
Date
Mon, 26 Apr 2021 14:10:20 GMT
X-Proxy-Origin
185.156.175.107; 185.156.175.107; 535.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.173.152:80
AN-X-Request-Uuid
939d2fd9-2277-4e16-b415-133fb0aee2bc
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://rtb.gumgum.com/usersync?b=apn&i=991921832087954775
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
usersync
rtb.gumgum.com/ Frame 33DB
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_6fb3a1b5-5d68-4dc1-8329-32ccb4b88592&gdpr=&gdpr_consent=&us_privacy=
  • https://x.bidswitch.net/ul_cb/sync?ssp=gumgum2&user_id=e_6fb3a1b5-5d68-4dc1-8329-32ccb4b88592&gdpr=&gdpr_consent=&us_privacy=
  • https://event.clientgear.com/cookie/bidswitch?partner=bidswitch&bidswitch_ssp_id=gumgum2&bsw_custom_parameter=9c1aa671-38a0-47f1-b8e9-f8a94f594c84
  • https://x.bidswitch.net/sync?dsp_id=257&user_id=mkaf165eb9-4fef-4451-a60e-01e7a9037d0b&expires=7&user_group=5&ssp=gumgum2&bsw_param=9c1aa671-38a0-47f1-b8e9-f8a94f594c84
  • https://x.bidswitch.net/ul_cb/sync?dsp_id=257&user_id=mkaf165eb9-4fef-4451-a60e-01e7a9037d0b&expires=7&user_group=5&ssp=gumgum2&bsw_param=9c1aa671-38a0-47f1-b8e9-f8a94f594c84
  • https://rtb.gumgum.com/usersync?b=bsw&i=816aea1c-182d-4b7a-8be6-e487a7044e3b
35 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=bsw&i=816aea1c-182d-4b7a-8be6-e487a7044e3b
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.77.19.59 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-77-19-59.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 26 Apr 2021 14:10:22 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

location
//rtb.gumgum.com/usersync?b=bsw&i=816aea1c-182d-4b7a-8be6-e487a7044e3b
date
Mon, 26 Apr 2021 14:10:22 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
usersync
rtb.gumgum.com/ Frame 33DB
Redirect Chain
  • https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=&gdprConsent=&platformRdUrl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRdUrl%7D
  • https://rtb.gumgum.com/usersync?b=obn&i=ENC%281EHV8wj6nQfcbtkjOBDfYBtKuhPnd02gS87-Y5DfMSXBpE2cWlQbLRG0cBhUbrtt%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%26pla...
35 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=obn&i=ENC%281EHV8wj6nQfcbtkjOBDfYBtKuhPnd02gS87-Y5DfMSXBpE2cWlQbLRG0cBhUbrtt%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%26platformUid%3D%7Bplatform_uid%7D%26obuid%3DENC%281EHV8wj6nQfcbtkjOBDfYBtKuhPnd02gS87-Y5DfMSXBpE2cWlQbLRG0cBhUbrtt%29
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.77.19.59 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-77-19-59.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 26 Apr 2021 14:10:27 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

location
https://rtb.gumgum.com/usersync?b=obn&i=ENC%281EHV8wj6nQfcbtkjOBDfYBtKuhPnd02gS87-Y5DfMSXBpE2cWlQbLRG0cBhUbrtt%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%26platformUid%3D%7Bplatform_uid%7D%26obuid%3DENC%281EHV8wj6nQfcbtkjOBDfYBtKuhPnd02gS87-Y5DfMSXBpE2cWlQbLRG0cBhUbrtt%29
Date
Mon, 26 Apr 2021 14:10:27 GMT
Connection
close
X-TraceId
59c60190d71e70023f762202a4cf8cf6
Content-Length
0
usersync
rtb.gumgum.com/ Frame 33DB
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
  • https://rtb.gumgum.com/usersync?b=opx&i=89f12346-dff9-01ca-06ca-5205d2959021
35 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=opx&i=89f12346-dff9-01ca-06ca-5205d2959021
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.77.19.59 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-77-19-59.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 26 Apr 2021 14:10:20 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

date
Mon, 26 Apr 2021 14:10:19 GMT
content-encoding
gzip
server
OXGW/16.205.4
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://rtb.gumgum.com/usersync?b=opx&i=89f12346-dff9-01ca-06ca-5205d2959021
content-type
image/gif
alt-svc
clear
content-length
0
via
1.1 google
usersync
rtb.gumgum.com/ Frame 33DB
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=&gdpr_consent=
  • https://rtb.gumgum.com/usersync?b=sta&i=0-9f1d94c6-64a6-4190-75cd-9f02ffe78bd8$ip$185.156.175.107
35 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=sta&i=0-9f1d94c6-64a6-4190-75cd-9f02ffe78bd8$ip$185.156.175.107
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.77.19.59 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-77-19-59.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 26 Apr 2021 14:10:27 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

Location
https://rtb.gumgum.com/usersync?b=sta&i=0-9f1d94c6-64a6-4190-75cd-9f02ffe78bd8$ip$185.156.175.107
Date
Mon, 26 Apr 2021 14:10:27 GMT
Connection
keep-alive
Content-Length
124
Content-Type
text/html; charset=utf-8
usersync
rtb.gumgum.com/ Frame 33DB
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=&gdpr_consent=
  • https://rtb.gumgum.com/usersync?b=oth&i=y-LiKJPNhE2pfzPSp_29PtJchwR7I9tXLClQp5~A
35 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=oth&i=y-LiKJPNhE2pfzPSp_29PtJchwR7I9tXLClQp5~A
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.77.19.59 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-77-19-59.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 26 Apr 2021 14:10:20 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

date
Mon, 26 Apr 2021 14:10:20 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://rtb.gumgum.com/usersync?b=oth&i=y-LiKJPNhE2pfzPSp_29PtJchwR7I9tXLClQp5~A
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
usersync
rtb.gumgum.com/ Frame 33DB
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3...
  • https://rtb.gumgum.com/usersync?b=vnt&i=228042a0-a699-11eb-9266-912ecc5baaf2
35 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=vnt&i=228042a0-a699-11eb-9266-912ecc5baaf2
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.77.19.59 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-77-19-59.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 26 Apr 2021 14:10:20 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

Location
https://rtb.gumgum.com/usersync?b=vnt&i=228042a0-a699-11eb-9266-912ecc5baaf2
Date
Mon, 26 Apr 2021 14:10:19 GMT
Server
Apache-Coyote/1.1
Connection
keep-alive
Content-Length
0
X-CI-RTID
228042a1-a699-11eb-9266-912ecc5baaf2
services
sync.technoratimedia.com/ Frame 33DB 		0
294 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.technoratimedia.com/services?srv=cs&pid=65&us_privacy=&cb=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dsnc%26i%3D%5BUSER_ID%5D
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
150.136.25.38 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Apr 2021 14:10:23 GMT
via
1.1 varnish
server
nginx
age
0
access-control-allow-methods
POST,GET,HEAD,OPTIONS
x-varnish
597539512
access-control-allow-origin
https://rtb.gumgum.com/
access-control-allow-credentials
true
142
match.deepintent.com/usersync/ Frame 33DB 		0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.deepintent.com/usersync/142?redir=http%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Ddit%26i%3D%24%7BDI_USER_ID%7D
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
169.197.150.7 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
g.deepintent.com
Software
b /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Apr 2021 14:10:19 GMT
content-length
0
server
b
usersync
rtb.gumgum.com/ Frame 33DB
Redirect Chain
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=e_6fb3a1b5-5d68-4dc1-8329-32ccb4b88592&gdpr=&gdpr_consent=&us_privacy=
  • https://rtb.gumgum.com/usersync?b=zem&i=
35 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=zem&i=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.77.19.59 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-77-19-59.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 26 Apr 2021 14:10:27 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

Location
https://rtb.gumgum.com/usersync?b=zem&i=
Pragma
no-cache
Date
Mon, 26 Apr 2021 14:10:27 GMT
Cache-Control
no-cache, no-store, must-revalidate
Expires
Thu, 01 Dec 1994 16:00:00 GMT
Content-Length
67
Content-Type
text/html; charset=utf-8
usersync
rtb.gumgum.com/ Frame 33DB
Redirect Chain
  • https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
  • https://ad.360yield.com/ul_cb/server_match?partner_id=N&r=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
  • https://rtb.gumgum.com/usersync?b=idi&i=421e9c10-cd29-4032-be98-e4366635d38f
35 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=idi&i=421e9c10-cd29-4032-be98-e4366635d38f
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.77.19.59 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-77-19-59.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 26 Apr 2021 14:10:21 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

location
https://rtb.gumgum.com/usersync?b=idi&i=421e9c10-cd29-4032-be98-e4366635d38f
date
Mon, 26 Apr 2021 14:10:21 GMT
access-control-allow-origin
*
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
usersync
rtb.gumgum.com/ Frame 33DB
Redirect Chain
  • https://sync.1rx.io/usersync2/floor6&gdpr=&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=2939259829
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=2939259829
  • https://sync.1rx.io/usersync/tradedesk/67cc95ac-f4b2-4fa9-96dd-13e9a26d254e
  • https://sync.targeting.unrulymedia.com/csync/RX-0ff05c88-7ec1-44d2-81d9-20ea79705b10-003?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3DRX-0ff05c88-7ec1-44d2-81d9-20ea79705b10-003
  • https://rtb.gumgum.com/usersync?b=rhy&i=RX-0ff05c88-7ec1-44d2-81d9-20ea79705b10-003
35 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=rhy&i=RX-0ff05c88-7ec1-44d2-81d9-20ea79705b10-003
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.77.19.59 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-77-19-59.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 26 Apr 2021 14:10:25 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

location
https://rtb.gumgum.com/usersync?b=rhy&i=RX-0ff05c88-7ec1-44d2-81d9-20ea79705b10-003
date
Mon, 26 Apr 2021 14:10:25 GMT
server
Tengine
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RX0ff05c887ec144d281d920ea79705b10003
content-type
text/html
usersync
rtb.gumgum.com/ Frame 33DB
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25
  • https://rtb.gumgum.com/usersync?b=pln&i=c9O0yCfZZqru&ev=1&pid=558355
35 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=pln&i=c9O0yCfZZqru&ev=1&pid=558355
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.77.19.59 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-77-19-59.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 26 Apr 2021 14:10:23 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

strict-transport-security
max-age=15768000
server
Jetty(9.4.14.v20181114)
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
content-language
en-US
location
https://rtb.gumgum.com/usersync?b=pln&i=c9O0yCfZZqru&ev=1&pid=558355
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-7c488d4f5b-nsp9m
expires
-1
ecm3
aax-eu.amazon-adsystem.com/s/ Frame 33DB 		43 B
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=gg.com&id=e_6fb3a1b5-5d68-4dc1-8329-32ccb4b88592
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.118.60 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 26 Apr 2021 14:10:20 GMT
Server
Server
Vary
User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
usersync
rtb.gumgum.com/ Frame 1701
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=&gdpr_consent=&redir=https%3a%2f%2frtb.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d
  • https://rtb.gumgum.com/usersync?b=mmh&i=b1db6086-c9cc-4000-a0f0-a81cd37e74b4&gdpr=&gdpr_consent=
35 B
237 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usersync?b=mmh&i=b1db6086-c9cc-4000-a0f0-a81cd37e74b4&gdpr=&gdpr_consent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.77.19.59 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-77-19-59.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

:method
GET
:authority
rtb.gumgum.com
:scheme
https
:path
/usersync?b=mmh&i=b1db6086-c9cc-4000-a0f0-a81cd37e74b4&gdpr=&gdpr_consent=
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://rtb.gumgum.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
vst=e_6fb3a1b5-5d68-4dc1-8329-32ccb4b88592
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://rtb.gumgum.com/

Response headers

date
Mon, 26 Apr 2021 14:10:20 GMT
content-type
image/gif;charset=UTF-8
content-length
35
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
expires
0
pragma
no-cache
timing-allow-origin
*

Redirect headers

Date
Mon, 26 Apr 2021 14:11:55 GMT
Content-Type
image/gif
Content-Length
0
Connection
keep-alive
Keep-Alive
timeout=360
Server
MT3 3660 495c301 master cdg-pixel-x31
Cache-Control
no-cache
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
set-cookie
uuid=b1db6086-c9cc-4000-a0f0-a81cd37e74b4; domain=.mathtag.com; path=/; expires=Tue, 24-May-2022 14:10:20 GMT; SameSite=None; Secure
location
https://rtb.gumgum.com/usersync?b=mmh&i=b1db6086-c9cc-4000-a0f0-a81cd37e74b4&gdpr=&gdpr_consent=
Expires
Mon, 26 Apr 2021 14:11:54 GMT
usersync
rtb.gumgum.com/ Frame D700
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=&gdpr_consent=
  • https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=&gdpr_consent=&_test=YIbJzAAAetTSNwA4
  • https://rtb.gumgum.com/usersync?b=atm&i=YIbJzAAAetTSNwA4&gdpr=&gdpr_consent=&_test=YIbJzAAAetTSNwA4
35 B
237 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usersync?b=atm&i=YIbJzAAAetTSNwA4&gdpr=&gdpr_consent=&_test=YIbJzAAAetTSNwA4
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.77.19.59 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-77-19-59.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

:method
GET
:authority
rtb.gumgum.com
:scheme
https
:path
/usersync?b=atm&i=YIbJzAAAetTSNwA4&gdpr=&gdpr_consent=&_test=YIbJzAAAetTSNwA4
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://rtb.gumgum.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
vst=e_6fb3a1b5-5d68-4dc1-8329-32ccb4b88592
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://rtb.gumgum.com/

Response headers

date
Mon, 26 Apr 2021 14:10:20 GMT
content-type
image/gif;charset=UTF-8
content-length
35
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
expires
0
pragma
no-cache
timing-allow-origin
*

Redirect headers

server
Varnish
retry-after
0
location
https://rtb.gumgum.com/usersync?b=atm&i=YIbJzAAAetTSNwA4&gdpr=&gdpr_consent=&_test=YIbJzAAAetTSNwA4
accept-ranges
bytes
date
Mon, 26 Apr 2021 14:10:20 GMT
via
1.1 varnish
x-served-by
cache-hhn4043-HHN
x-cache
HIT
x-cache-hits
0
x-timer
S1619446220.273250,VS0,VE0
cache-control
no-cache
pragma
no-cache
content-length
0
pixel
cm.g.doubleclick.net/ Frame 70B2 		170 B
188 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV82ZmIzYTFiNS01ZDY4LTRkYzEtODMyOS0zMmNjYjRiODg1OTI=&gdpr=&gdpr_consent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f162.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

:method
GET
:authority
cm.g.doubleclick.net
:scheme
https
:path
/pixel?google_nid=gumgum_dbm&google_hm=ZV82ZmIzYTFiNS01ZDY4LTRkYzEtODMyOS0zMmNjYjRiODg1OTI=&gdpr=&gdpr_consent=
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://rtb.gumgum.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUl6-OwfgHtzVyP1x_xjTp1F-DhHh2praIqn2WVcOwNpETNen6rWPTkl7ypYUaE
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://rtb.gumgum.com/

Response headers

content-type
image/png
date
Mon, 26 Apr 2021 14:10:19 GMT
pragma
no-cache
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
server
HTTP server (unknown)
content-length
170
x-xss-protection
0
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 9DAA 		8 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.20.198 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-20-198.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
23371b5319a53a0a2d3c59d738d679c384822c244ea4e791ef87a4110b8a291e

Request headers

Host
ads.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://rtb.gumgum.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
KCCH=YES
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://rtb.gumgum.com/

Response headers

Last-Modified
Wed, 21 Oct 2020 18:57:29 GMT
ETag
"1300708-1f78-5b232eb4914bb"
Server
Apache/2.2.15 (CentOS)
Accept-Ranges
bytes
Content-Encoding
gzip
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length
2654
Content-Type
text/html; charset=UTF-8
Cache-Control
max-age=126017
Expires
Wed, 28 Apr 2021 01:10:37 GMT
Date
Mon, 26 Apr 2021 14:10:20 GMT
Connection
keep-alive
Vary
Accept-Encoding
usersync
rtb.gumgum.com/ Frame 9A1D
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=&gdpr_consent=
  • https://rtb.gumgum.com/usersync?b=ttd&i=22e8710e-efc3-413a-8807-132412f14609&t=1622038219
35 B
237 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usersync?b=ttd&i=22e8710e-efc3-413a-8807-132412f14609&t=1622038219
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.77.19.59 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-77-19-59.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

:method
GET
:authority
rtb.gumgum.com
:scheme
https
:path
/usersync?b=ttd&i=22e8710e-efc3-413a-8807-132412f14609&t=1622038219
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://rtb.gumgum.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
vst=e_6fb3a1b5-5d68-4dc1-8329-32ccb4b88592
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://rtb.gumgum.com/

Response headers

date
Mon, 26 Apr 2021 14:10:20 GMT
content-type
image/gif;charset=UTF-8
content-length
35
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
expires
0
pragma
no-cache
timing-allow-origin
*

Redirect headers

date
Mon, 26 Apr 2021 14:10:20 GMT
content-type
text/html
content-length
209
location
https://rtb.gumgum.com/usersync?b=ttd&i=22e8710e-efc3-413a-8807-132412f14609&t=1622038219
cache-control
private,no-cache, must-revalidate
pragma
no-cache
x-aspnet-version
4.0.30319
set-cookie
TDID=22e8710e-efc3-413a-8807-132412f14609; domain=.adsrvr.org; expires=Tue, 26-Apr-2022 14:10:19 GMT; path=/; secure; SameSite=None TDCPM=CAEYASABKAIyCwj095SZ-LHEORAFOAFaBmd1bWd1bWAC; domain=.adsrvr.org; expires=Tue, 26-Apr-2022 14:10:19 GMT; path=/; secure; SameSite=None
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
um
cs.emxdgt.com/ Frame B230 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://cs.emxdgt.com/um?redirect=http%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.195.155.181 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-155-181.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

:method
GET
:authority
cs.emxdgt.com
:scheme
https
:path
/um?redirect=http%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://rtb.gumgum.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://rtb.gumgum.com/

Response headers

content-type
text/html
date
Mon, 26 Apr 2021 14:10:26 GMT
content-length
0
usersync
rtb.gumgum.com/ Frame A9AC
Redirect Chain
  • https://tg.socdm.com/aux/idsync?proto=gumgum
  • https://rtb.gumgum.com/usersync?b=sus&i=YIbJ08Co5soAAFWMmtUAAAAA
35 B
237 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usersync?b=sus&i=YIbJ08Co5soAAFWMmtUAAAAA
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.77.19.59 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-77-19-59.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

:method
GET
:authority
rtb.gumgum.com
:scheme
https
:path
/usersync?b=sus&i=YIbJ08Co5soAAFWMmtUAAAAA
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://rtb.gumgum.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://rtb.gumgum.com/

Response headers

date
Mon, 26 Apr 2021 14:10:27 GMT
content-type
image/gif;charset=UTF-8
content-length
35
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
expires
0
pragma
no-cache
timing-allow-origin
*

Redirect headers

Server
nginx
Date
Mon, 26 Apr 2021 14:10:27 GMT
Content-Length
0
Connection
keep-alive
Cache-Control
private
Location
https://rtb.gumgum.com/usersync?b=sus&i=YIbJ08Co5soAAFWMmtUAAAAA
P3P
CP="See also http://www.scaleout.jp/privacy/"
Set-Cookie
SOC=YIbJ08Co5soAAFWMmtUAAAAA; path=/; expires=Wed, 26-Apr-23 14:10:27 GMT; domain=socdm.com; secure; SameSite=None
X-SO-Ads-Time
6
X-SO-HostName
m-ad162.dc4p.scaleout.jp
X-SO-LB-Hostname
a-tgng40006.dc2p.scaleout.jp
X-SO-LB-Data
{"ban":false,"clean_query":"\/aux\/idsync?proto=gumgum","cluster_id":34,"gdpr":false,"ipv4":"185.156.175.107","key":"YIbJ08Co5soAAFWMmtUAAAAA","privacy_sensitive":false,"uid":"","upstream_id":"m-ad162"}
X-SO-Key
YIbJ08Co5soAAFWMmtUAAAAA
X-SO-IP
185.156.175.107
X-SO-Cluster-ID
34
X-SO-Upstream-ID
m-ad162
usersync
rtb.gumgum.com/ Frame A515
Redirect Chain
  • https://p.rfihub.com/cm?pub=42796&in=1
  • https://rtb.gumgum.com/usersync?b=zet&i=2159827870359069856
35 B
237 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usersync?b=zet&i=2159827870359069856
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.77.19.59 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-77-19-59.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

:method
GET
:authority
rtb.gumgum.com
:scheme
https
:path
/usersync?b=zet&i=2159827870359069856
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://rtb.gumgum.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://rtb.gumgum.com/

Response headers

date
Mon, 26 Apr 2021 14:10:23 GMT
content-type
image/gif;charset=UTF-8
content-length
35
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
expires
0
pragma
no-cache
timing-allow-origin
*

Redirect headers

Date
Mon, 26 Apr 2021 14:10:23 GMT
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Set-Cookie
eud=H4sIAAAAAAAAAFslxmtoZmhpYmJmZGRsaGIMAA6dJjYQAAAA; Path=/; Domain=.rfihub.com; Expires=Sat, 21 May 2022 14:10:23 GMT; Secure; SameSite=None rud=H4sIAAAAAAAAAOMSNjI0tbQwMrcwNzA2tTQws7QwNRPiM9R1Lwtwc_R0D0qPKAmR4jU0M7Q0MTEzMjI2NDECAM6JFak0AAAA; Path=/; Domain=.rfihub.com; Expires=Sat, 21 May 2022 14:10:23 GMT; Secure; SameSite=None ruds=H4sIAAAAAAAAAOMSNjI0tbQwMrcwNzA2tTQws7QwNRPiM9R1Lwtwc_R0D0qPKAkBAAjgY28lAAAA; Path=/; Domain=.rfihub.com; Secure; SameSite=None
Location
https://rtb.gumgum.com/usersync?b=zet&i=2159827870359069856
Content-Length
0
Server
Jetty(9.3.29.v20201019)
usersync
rtb.gumgum.com/ Frame 1FFD
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=gumgum
  • https://creativecdn.com/cm-notify?pi=gumgum&tc=1
  • https://rtb.gumgum.com/usersync?b=rth&i=eMa2ZsPTQ4xF0w1li8HG&pi=gumgum&tc=1
35 B
238 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usersync?b=rth&i=eMa2ZsPTQ4xF0w1li8HG&pi=gumgum&tc=1
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/amzns2s?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dgg.com%26id%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.77.19.59 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-77-19-59.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

:method
GET
:authority
rtb.gumgum.com
:scheme
https
:path
/usersync?b=rth&i=eMa2ZsPTQ4xF0w1li8HG&pi=gumgum&tc=1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://rtb.gumgum.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://rtb.gumgum.com/

Response headers

date
Mon, 26 Apr 2021 14:10:21 GMT
content-type
image/gif;charset=UTF-8
content-length
35
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
expires
0
pragma
no-cache
timing-allow-origin
*

Redirect headers

date
Mon, 26 Apr 2021 14:10:21 GMT Mon, 26 Apr 2021 14:10:21 GMT
location
https://rtb.gumgum.com/usersync?b=rth&i=eMa2ZsPTQ4xF0w1li8HG&pi=gumgum&tc=1
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
pragma
no-cache
expires
Thu, 01 Jan 1970 00:00:00 GMT
content-length
0
ecm3
aax-eu.amazon-adsystem.com/s/ Frame C232 		43 B
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?id=ee7142df8572b096e9192f1b&ex=sovrn.com&gdpr=0&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon/amazon?url=https://aax-eu.amazon-adsystem.com%2Fs/ecm3?id=$UID&ex=sovrn.com&dnr=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.118.60 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 26 Apr 2021 14:10:20 GMT
Server
Server
Vary
User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
merge
ce.lijit.com/ Frame C232
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=23&gdpr=0&gdpr_consent=
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=23&gdpr=0&gdpr_consent=
  • https://loadm.exelator.com/load/?p=204&g=700&j=r&buid=6f65fdf1-a4f8-42a2-81b5-e0ef4f88da37-6086c9cc-4348&ru=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%26partner_device_i...
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=6f65fdf1-a4f8-42a2-81b5-e0ef4f88da37-6086c9cc-4348&partner_url=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D16%263pid%3D6f65fd...
  • https://pixel.tapad.com/idsync/ex/push/check?partner_id=2499&partner_device_id=6f65fdf1-a4f8-42a2-81b5-e0ef4f88da37-6086c9cc-4348&partner_url=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D16%263pid%3D...
  • https://ce.lijit.com/merge?pid=16&3pid=6f65fdf1-a4f8-42a2-81b5-e0ef4f88da37-6086c9cc-4348&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=16&3pid=6f65fdf1-a4f8-42a2-81b5-e0ef4f88da37-6086c9cc-4348&gdpr=0&gdpr_consent=&dnr=1
0
433 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=16&3pid=6f65fdf1-a4f8-42a2-81b5-e0ef4f88da37-6086c9cc-4348&gdpr=0&gdpr_consent=&dnr=1
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon/amazon?url=https://aax-eu.amazon-adsystem.com%2Fs/ecm3?id=$UID&ex=sovrn.com&dnr=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.14 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 26 Apr 2021 14:10:23 GMT
Server
nginx
X-Powered-By
raptor
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap1ams1
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 26 Apr 2021 14:10:23 GMT
Server
nginx
X-Powered-By
raptor
P3P
CP="CUR ADM OUR NOR STA NID"
Location
https://ce.lijit.com/merge?pid=16&3pid=6f65fdf1-a4f8-42a2-81b5-e0ef4f88da37-6086c9cc-4348&gdpr=0&gdpr_consent=&dnr=1
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap1ams1
Content-Length
0
Expires
Fri, 20 Mar 2009 00:00:00 GMT
merge
ce.lijit.com/ Frame C232
Redirect Chain
  • https://p.rfihub.com/cm?in=1&pub=1827&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=10&3pid=1871597494574732225
43 B
658 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=10&3pid=1871597494574732225
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon/amazon?url=https://aax-eu.amazon-adsystem.com%2Fs/ecm3?id=$UID&ex=sovrn.com&dnr=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.14 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 26 Apr 2021 14:10:23 GMT
Server
nginx
X-Powered-By
raptor
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap1ams1
Content-Type
image/gif
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Location
https://ce.lijit.com/merge?pid=10&3pid=1871597494574732225
Date
Mon, 26 Apr 2021 14:10:23 GMT
Server
Jetty(9.3.29.v20201019)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
merge
ce.lijit.com/ Frame C232
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/svr?gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/svr?gdpr=0&gdpr_consent=&_bee_ppp=1
  • https://ce.lijit.com/merge?pid=85&3pid=AAB_OU7BDZQAAClXIymwfA&gdpr=0
43 B
944 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=85&3pid=AAB_OU7BDZQAAClXIymwfA&gdpr=0
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon/amazon?url=https://aax-eu.amazon-adsystem.com%2Fs/ecm3?id=$UID&ex=sovrn.com&dnr=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.14 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 26 Apr 2021 14:10:23 GMT
Server
nginx
X-Powered-By
raptor
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap1ams1
Content-Type
image/gif
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

location
https://ce.lijit.com/merge?pid=85&3pid=AAB_OU7BDZQAAClXIymwfA&gdpr=0
Date
Mon, 26 Apr 2021 14:10:23 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
strict-transport-security
max-age=2592000; includeSubDomains
generic
data.adsrvr.org/track/cmf/ Frame C232 		70 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://data.adsrvr.org/track/cmf/generic?ttd_pid=federatedmedia&gdpr=0&gdpr_consent=
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon/amazon?url=https://aax-eu.amazon-adsystem.com%2Fs/ecm3?id=$UID&ex=sovrn.com&dnr=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.228.162.19 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-228-162-19.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 26 Apr 2021 14:10:20 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
merge
ce.lijit.com/ Frame C232
Redirect Chain
  • https://aorta.clickagy.com/pixel.gif?ch=185&cm=ee7142df8572b096e9192f1b&redir=https%3A%2F%2Fce.lijit.com%2Fmerge%3Fpid%3D84%263pid%3D%7Bvisitor_id%7D&gdpr=0&gdpr_consent=
  • https://ce.lijit.com/merge?pid=84&3pid=c:d5ac9bc0c9bcc03f34ac847e4ba7f3ed
  • https://ce.lijit.com/merge?pid=84&3pid=c%3Ad5ac9bc0c9bcc03f34ac847e4ba7f3ed&dnr=1
0
433 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=84&3pid=c%3Ad5ac9bc0c9bcc03f34ac847e4ba7f3ed&dnr=1
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/beacon/amazon?url=https://aax-eu.amazon-adsystem.com%2Fs/ecm3?id=$UID&ex=sovrn.com&dnr=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.14 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ap.lijit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 26 Apr 2021 14:10:23 GMT
Server
nginx
X-Powered-By
raptor
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap1ams1
Expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 26 Apr 2021 14:10:23 GMT
Server
nginx
X-Powered-By
raptor
P3P
CP="CUR ADM OUR NOR STA NID"
Location
https://ce.lijit.com/merge?pid=84&3pid=c%3Ad5ac9bc0c9bcc03f34ac847e4ba7f3ed&dnr=1
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap1ams1
Content-Length
0
Expires
Fri, 20 Mar 2009 00:00:00 GMT
showad.js
ads.pubmatic.com/AdServer/js/ Frame 0DFE 		38 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.20.198 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-20-198.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
82f1fbe95dbd4e1128a973db542bf50ab7ac8fbf35bfefca2e782b0a0572e564

Request headers

Host
ads.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
same-origin
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
KCCH=YES
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Frtb.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=

Response headers

Last-Modified
Wed, 14 Apr 2021 09:18:30 GMT
ETag
"13006b6-98c2-5bfeb3aef82b4"
Server
Apache/2.2.15 (CentOS)
Accept-Ranges
bytes
Content-Encoding
gzip
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length
14060
Content-Type
text/html; charset=UTF-8
Cache-Control
public, max-age=51456
Expires
Tue, 27 Apr 2021 04:27:56 GMT
Date
Mon, 26 Apr 2021 14:10:20 GMT
Connection
keep-alive
Vary
Accept-Encoding
usersync.aspx
dis.criteo.com/dis/ Frame A4F7 		43 B
304 B 		Document
General
Check archive.org
Download Go to
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.163 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

:method
GET
:authority
dis.criteo.com
:scheme
https
:path
/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

cache-control
no-cache
pragma
no-cache
content-type
image/gif
expires
Mon, 26 Apr 2021 00:00:00 GMT
server
Microsoft-IIS/10.0
x-errorlevel
0
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
server-processing-duration-in-ticks
1271
date
Mon, 26 Apr 2021 14:10:22 GMT
content-length
43
Cookie set Pug
image2.pubmatic.com/AdServer/ Frame 8B8F
Redirect Chain
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=2841471244553776416
42 B
769 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=2841471244553776416
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Host
image2.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
PUBMDCID=3; KRTBCOOKIE_699=22727-AACmq07BDZQAAClHFfwJxQ; KRTBCOOKIE_57=22776-991921832087954775; PugT=1619446223
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

Server
nginx
Date
Mon, 26 Apr 2021 14:10:22 GMT
Content-Type
image/gif; charset=utf-8
Content-Length
42
Connection
keep-alive
Set-Cookie
KRTBCOOKIE_336=5844-2841471244553776416; domain=pubmatic.com; SameSite=None; secure; expires=Wed, 26-May-2021 14:10:22 GMT; path=/ PugT=1619446222; domain=pubmatic.com; SameSite=None; secure; expires=Wed, 26-May-2021 14:10:22 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Sun, 25-Jul-2021 14:10:22 GMT; path=/
X-lat
amspug007:0:269
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private

Redirect headers

location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=2841471244553776416
content-length
0
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
Cookie set Pug
simage2.pubmatic.com/AdServer/ Frame 31E3
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6955468561135171725
42 B
771 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6955468561135171725
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Host
simage2.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
KRTBCOOKIE_153=1923-dGIZaSFrQj5vaxdqcmMMPHNgEWdvMUM9JzSuTXrI&KRTB&19420-dGIZaSFrQj5vaxdqcmMMPHNgEWdvMUM9JzSuTXrI&KRTB&22979-dGIZaSFrQj5vaxdqcmMMPHNgEWdvMUM9JzSuTXrI; PUBMDCID=3; KRTBCOOKIE_80=16514-CAESEHCbxuhMzJGu8BU51c8qego&KRTB&22987-CAESEHCbxuhMzJGu8BU51c8qego&KRTB&23025-CAESEHCbxuhMzJGu8BU51c8qego; PugT=1619446220; KRTBCOOKIE_188=3189-6f65fdf1-a4f8-42a2-81b5-e0ef4f88da37-6086c9cc-4348; SPugT=1619446221
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

Server
nginx
Date
Mon, 26 Apr 2021 14:10:22 GMT
Content-Type
image/gif; charset=utf-8
Content-Length
42
Connection
keep-alive
Set-Cookie
KRTBCOOKIE_1101=23040-6955468561135171725; domain=pubmatic.com; SameSite=None; secure; expires=Wed, 26-May-2021 14:10:22 GMT; path=/ PugT=1619446222; domain=pubmatic.com; SameSite=None; secure; expires=Wed, 26-May-2021 14:10:22 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Sun, 25-Jul-2021 14:10:22 GMT; path=/
X-lat
lhrpug005:0:546
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private

Redirect headers

Server
nginx
Date
Mon, 26 Apr 2021 14:10:22 GMT
Transfer-Encoding
chunked
Connection
keep-alive
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
Set-Cookie
UserID1=6955468561135171725; Max-Age=7776000; domain=.adfarm1.adition.com; Path=/; SameSite=None; Secure
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6955468561135171725
Cookie set Pug
image2.pubmatic.com/AdServer/ Frame 2363
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=?_bee_ppp=1
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFFMTEwN0JEWlFBQUNtdFdSUFZwQQ&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sy...
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAB_OU7BDZQAAClXIymwfA&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpp%252Cpm%26bee_sync_curre...
  • https://match.prod.bidr.io/cookie-sync?bee_sync_partners=pp%2Cpm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=2&userid=441748330147803784
  • https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AAB_OU7BDZQAAClXIymwfA&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fuserid%3D441748330147803784%26bee_sync_partners%3Dpm%26bee_sync_...
  • https://match.prod.bidr.io/cookie-sync?userid=441748330147803784&bee_sync_partners=pm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=3&ev=AAB_OU7BDZQAAClXIymwfA&pid=558502&do...
  • https://match.prod.bidr.io/cookie-sync?userid=441748330147803784&bee_sync_partners=pm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=3&ev=AAB_OU7BDZQAAClXIymwfA&pid=558502&do...
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AACmq07BDZQAAClHFfwJxQ
42 B
773 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AACmq07BDZQAAClHFfwJxQ
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Host
image2.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

Server
nginx
Date
Mon, 26 Apr 2021 14:10:22 GMT
Content-Type
image/gif; charset=utf-8
Content-Length
42
Connection
keep-alive
Set-Cookie
KRTBCOOKIE_699=22727-AACmq07BDZQAAClHFfwJxQ; domain=pubmatic.com; SameSite=None; secure; expires=Wed, 26-May-2021 14:10:22 GMT; path=/ PugT=1619446222; domain=pubmatic.com; SameSite=None; secure; expires=Wed, 26-May-2021 14:10:22 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Sun, 25-Jul-2021 14:10:22 GMT; path=/
X-lat
amspug002:0:475
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private

Redirect headers

Date
Mon, 26 Apr 2021 14:10:23 GMT
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AACmq07BDZQAAClHFfwJxQ
Server
nginx
set-cookie
bito=AACmq07BDZQAAClHFfwJxQ; Domain=bidr.io; expires=Thu, 26 May 2022 10:10:23 GMT; Path=/; SameSite=None; Secure bitoIsSecure=ok; Domain=bidr.io; expires=Thu, 26 May 2022 10:10:23 GMT; Path=/; SameSite=None; Secure checkForPermission=""; Domain=bidr.io; expires=Thu, 01 May 2008 00:00:00 GMT; Path=/; SameSite=None; Secure
strict-transport-security
max-age=2592000; includeSubDomains
Content-Length
0
Connection
keep-alive
bridge
cm.adgrx.com/ Frame E7AE 		43 B
408 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
72.251.241.204 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
Cowboy /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Host
cm.adgrx.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

Date
Mon, 26 Apr 2021 14:10:22 GMT
Content-Type
image/gif
Content-Length
43
Connection
keep-alive
server
Cowboy
X-RealServer-NX
ams-delivery-6
Cache-Control
no-cache, no-store, must-revalidate, proxy-revalidate
Pragma
no-cache
Expires
Thu, 23 Sep 2004 17:42:04 GMT
P3P
CP="NOI OTC OTP OUR NOR"
Access-Control-Allow-Origin
*
ecm3
aax-eu.amazon-adsystem.com/s/ Frame 023D 		43 B
344 B 		Document
General
Check archive.org
Download Go to
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?id=17C97ED6-CF43-4A5E-82A9-974E7830EDF8&ex=pubmatic.com
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.118.60 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Host
aax-eu.amazon-adsystem.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
ad-id=A-hLL7xvJUlDqUgHBuhpUV0; ad-privacy=0
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

Server
Server
Date
Mon, 26 Apr 2021 14:10:20 GMT
Content-Type
image/gif
Content-Length
43
Connection
keep-alive
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma
no-cache
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Vary
User-Agent
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 56A0
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=F8l-1s9DSl6CqZdOeDDt-A%3D%3D
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.20.198 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-20-198.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 26 Apr 2021 14:10:24 GMT
Content-Encoding
gzip
Last-Modified
Wed, 21 Oct 2020 18:57:29 GMT
Server
Apache/2.2.15 (CentOS)
ETag
"1300708-1f78-5b232eb4914bb"
Vary
Accept-Encoding
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
max-age=79282
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
text/html; charset=UTF-8
Content-Length
2654
Expires
Tue, 27 Apr 2021 12:11:46 GMT

Redirect headers

pragma
no-cache
date
Mon, 26 Apr 2021 14:10:20 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
272
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
mw
mwzeom.zeotap.com/ Frame 56A0 		95 B
387 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&gdpr=0&gdpr_consent=&cid=17C97ED6-CF43-4A5E-82A9-974E7830EDF8
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Apr 2021 14:10:20 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://ads.pubmatic.com
access-control-allow-credentials
true
cf-ray
646064db9f36dfcb-FRA
access-control-allow-headers
*
content-length
95
cf-request-id
09b01d5d3e0000dfcb450ed000000001
info2
uipglob.semasio.net/pubmatic/1/ Frame 56A0
Redirect Chain
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=17C97ED6-CF43-4A5E-82A9-974E7830EDF8&sInitiator=external&gdpr=0&gdpr_consent=
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=17C97ED6-CF43-4A5E-82A9-974E7830EDF8&sInitiator=external&gdpr=0&gdpr_consent=
42 B
603 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=17C97ED6-CF43-4A5E-82A9-974E7830EDF8&sInitiator=external&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
77.243.60.138 Aalborg, Denmark, ASN42697 (NETIC-AS, DK),
Reverse DNS
Software
/
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 26 Apr 2021 14:10:22 GMT
frontend-id
7
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
access-control-allow-origin
*
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
image/gif
content-length
42
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 26 Apr 2021 14:10:22 GMT
frontend-id
15
location
/pubmatic/1/info2?sType=sync&sExtCookieId=17C97ED6-CF43-4A5E-82A9-974E7830EDF8&sInitiator=external&gdpr=0&gdpr_consent=
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
access-control-allow-origin
*
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
0
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT
Artemis
aud.pubmatic.com/AdServer/ Frame 56A0
Redirect Chain
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=17C97ED6-CF43-4A5E-82A9-974E7830EDF8&gdpr=
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=17C97ED6-CF43-4A5E-82A9-974E7830EDF8&gdpr=&fbounce=1
  • https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=17C97ED6-CF43-4A5E-82A9-974E7830EDF8&addseg=31
7 B
147 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=17C97ED6-CF43-4A5E-82A9-974E7830EDF8&addseg=31
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.64.190.106 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 26 Apr 2021 14:10:24 GMT
Connection
keep-alive
Content-Length
7
Content-Type
text/plain; charset=utf-8

Redirect headers

date
Mon, 26 Apr 2021 14:10:24 GMT
via
1.1 google
p3p
CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
location
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=17C97ED6-CF43-4A5E-82A9-974E7830EDF8&addseg=31
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-type
text/html; charset=utf-8
alt-svc
clear
content-length
135
Pug
simage2.pubmatic.com/AdServer/ Frame 56A0
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:9ae26086-c9cc-4800-a295-033ec29e3c98&gdpr=0&gdpr_consent=
42 B
946 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:9ae26086-c9cc-4800-a295-033ec29e3c98&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 26 Apr 2021 14:10:22 GMT
X-lat
lhrpug005:0:489
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

Date
Mon, 26 Apr 2021 14:11:56 GMT
Server
MT3 3660 495c301 master cdg-pixel-x3
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:9ae26086-c9cc-4800-a295-033ec29e3c98&gdpr=0&gdpr_consent=
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Mon, 26 Apr 2021 14:11:55 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 56A0
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=6937288142388169623
42 B
801 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=6937288142388169623
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 26 Apr 2021 14:10:22 GMT
X-lat
lhrpug012:0:410
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

pragma
no-cache
date
Mon, 26 Apr 2021 14:10:20 GMT
server
nginx
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=6937288142388169623
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
Pug
image2.pubmatic.com/AdServer/ Frame 56A0
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEHCbxuhMzJGu8BU51c8qego&google_cver=1
42 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEHCbxuhMzJGu8BU51c8qego&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 26 Apr 2021 14:10:20 GMT
X-lat
amspug020:0:293
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

pragma
no-cache
date
Mon, 26 Apr 2021 14:10:20 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEHCbxuhMzJGu8BU51c8qego&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 56A0
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=22e8710e-efc3-413a-8807-132412f14609
42 B
882 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=22e8710e-efc3-413a-8807-132412f14609
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 26 Apr 2021 14:10:22 GMT
X-lat
lhrpug018:0:395
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

pragma
no-cache
date
Mon, 26 Apr 2021 14:10:20 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=22e8710e-efc3-413a-8807-132412f14609
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
313
Pug
image2.pubmatic.com/AdServer/ Frame 56A0
Redirect Chain
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=991921832087954775&gdpr=0&gdpr_consent=
42 B
768 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=991921832087954775&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 26 Apr 2021 14:10:23 GMT
X-lat
amspug015:0:376
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

Pragma
no-cache
Date
Mon, 26 Apr 2021 14:10:24 GMT
X-Proxy-Origin
185.156.175.107; 185.156.175.107; 693.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.173.110:80
AN-X-Request-Uuid
d3eb884d-a5f6-4d5e-96b4-9db3c35b4fdf
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=991921832087954775&gdpr=0&gdpr_consent=
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
17C97ED6-CF43-4A5E-82A9-974E7830EDF8
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 56A0 		43 B
99 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/17C97ED6-CF43-4A5E-82A9-974E7830EDF8?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1288:110:c305::8000 , United Kingdom, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Apr 2021 14:10:20 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
SPug
image4.pubmatic.com/AdServer/ Frame 56A0
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=17C97ED6-CF43-4A5E-82A9-974E7830EDF8&redir=true&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-2saE6UhE2uU8sySvdS1LpVWjiOenvGI-~A&gdpr=0&gdpr_consent=
0
418 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-2saE6UhE2uU8sySvdS1LpVWjiOenvGI-~A&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.81 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 26 Apr 2021 14:10:21 GMT
Cache-Control
no-store, no-cache, private
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Mon, 26 Apr 2021 14:10:20 GMT
Server
ATS/7.1.2.128
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-2saE6UhE2uU8sySvdS1LpVWjiOenvGI-~A&gdpr=0&gdpr_consent=
Connection
keep-alive
Content-Length
0
Pug
simage2.pubmatic.com/AdServer/ Frame 56A0
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://sync.srv.stackadapt.com/sync?nid=50&gdpr=0&gdpr_consent=&gdpr_pd=&ssp=pubmatic
  • https://x.bidswitch.net/sync?dsp_id=188&user_id=sZUjfAaKQsp-6-lA_607Tbmcr2s&user_group=1&ssp=pubmatic&gdpr=0
  • https://x.bidswitch.net/ul_cb/sync?dsp_id=188&user_id=sZUjfAaKQsp-6-lA_607Tbmcr2s&user_group=1&ssp=pubmatic&gdpr=0
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=ed047fc7-8116-4fd2-83bd-7e8ac31bf307&gdpr=0&gdpr_consent=&gdpr_pd=
1 B
745 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=ed047fc7-8116-4fd2-83bd-7e8ac31bf307&gdpr=0&gdpr_consent=&gdpr_pd=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 26 Apr 2021 14:10:27 GMT
X-lat
lhrpug007:0:627
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
1

Redirect headers

location
//simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=ed047fc7-8116-4fd2-83bd-7e8ac31bf307&gdpr=0&gdpr_consent=&gdpr_pd=
date
Mon, 26 Apr 2021 14:10:27 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
Pug
image2.pubmatic.com/AdServer/ Frame 56A0
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=dGIZaSFrQj5vaxdqcmMMPHNgEWdvMUM9JzSuTXrI
42 B
894 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=dGIZaSFrQj5vaxdqcmMMPHNgEWdvMUM9JzSuTXrI
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 26 Apr 2021 14:10:18 GMT
X-lat
amspug007:0:427
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

pragma
no-cache
date
Mon, 26 Apr 2021 14:10:20 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=dGIZaSFrQj5vaxdqcmMMPHNgEWdvMUM9JzSuTXrI
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 56A0
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2855734592565697297&gdpr=0&gdpr_consent=&us_privacy=
1 B
727 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2855734592565697297&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 26 Apr 2021 14:10:22 GMT
X-lat
lhrpug008:0:548
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
1

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2855734592565697297&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Mon, 26 Apr 2021 14:10:19 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
b9pj45k4
sync-tm.everesttech.net/ct/upi/pid/ Frame 56A0
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%...
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%...
85 B
161 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D&_test=YIbJzAAAd6pFQgAC
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.49 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
Jetty(9.4.35.v20201120) /
Resource Hash
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 26 Apr 2021 14:10:20 GMT
via
1.1 varnish
server
Jetty(9.4.35.v20201120)
age
2079
x-served-by
cache-hhn4043-HHN
x-cache
HIT
content-type
image/png
cache-control
no-cache
accept-ranges
bytes
x-timer
S1619446220.294511,VS0,VE0
content-length
85
x-cache-hits
17779

Redirect headers

pragma
no-cache
date
Mon, 26 Apr 2021 14:10:20 GMT
via
1.1 varnish
server
Jetty(9.4.35.v20201120)
x-timer
S1619446220.145337,VS0,VE92
x-served-by
cache-hhn4043-HHN
x-cache
MISS
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
location
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D&_test=YIbJzAAAd6pFQgAC
cache-control
no-cache
accept-ranges
bytes
access-control-allow-origin
*
content-length
0
x-cache-hits
0
Pug
simage2.pubmatic.com/AdServer/ Frame 56A0
Redirect Chain
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:af50982c-3d74-459d-8f9b-eb4ca9e9fd0e&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
42 B
505 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:af50982c-3d74-459d-8f9b-eb4ca9e9fd0e&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 26 Apr 2021 14:10:23 GMT
X-lat
lhrpug018:0:455
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:af50982c-3d74-459d-8f9b-eb4ca9e9fd0e&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Date
Mon, 26 Apr 2021 14:10:23 GMT
Server
Apache/2.4.41 (Ubuntu)
Connection
Keep-Alive
Keep-Alive
timeout=5, max=3000
Content-Length
0
P3P
policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"
Pug
image2.pubmatic.com/AdServer/ Frame 56A0
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=3&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=6f65fdf1-a4f8-42a2-81b5-e0ef4f88da37-6086c9cc-4348&gdpr=0&gdpr_consent=
42 B
800 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=6f65fdf1-a4f8-42a2-81b5-e0ef4f88da37-6086c9cc-4348&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 26 Apr 2021 14:10:20 GMT
X-lat
amspug019:0:262
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

pragma
no-cache
date
Mon, 26 Apr 2021 14:10:20 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=6f65fdf1-a4f8-42a2-81b5-e0ef4f88da37-6086c9cc-4348&gdpr=0&gdpr_consent=
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
current
pubmatic-match.dotomi.com/match/bounce/ Frame 56A0 		0
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=17C97ED6-CF43-4A5E-82A9-974E7830EDF8&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:13::1400 , United States, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 26 Apr 2021 14:10:21 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
pubmatic
um.simpli.fi/ Frame 56A0 		43 B
609 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
169.50.137.190 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
be.89.32a9.ip4.static.sl-reverse.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Apr 2021 14:10:21 GMT
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Sun, 25 Apr 2021 14:10:21 GMT
self
api-mg2.db-ip.com/v2/p14891b727f063924f0d86d8a8e5063678abd2ac/ 		618 B
953 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api-mg2.db-ip.com/v2/p14891b727f063924f0d86d8a8e5063678abd2ac/self?_=1619446220196
Requested by
Host: cdn.ayc0zsm69431gfebd.xyz
URL: https://cdn.ayc0zsm69431gfebd.xyz/prod/dfm/t8y9347t.min.js?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.5.15 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9a15258492b1a593a615cbbab5edf03a2f291898c4a5cd3cffb3324eb3cddca8

Request headers

Referer
https://www.paradisepost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Apr 2021 14:10:20 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=fGBk9TMwhfHeWZTxF3RC4Kf8B1KPqm9OH%2BAAVjgn1fFM7xJFP6VtaUZDCkPy3z%2FulQWNag5e0EBzTgYEieaYhvyAr2aVWNN8Af7Cbncpmc8aTw%3D%3D"}],"max_age":604800}
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=1800
cf-ray
646064dd0b8c1f35-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
09b01d5e2300001f35fa35d000000001
view
securepubads.g.doubleclick.net/pcs/ Frame 5529 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsupRqJsHwMHbX3uz-ubd76FPYKX9J9tTZhU0kZ3upb8wabg8pHJpuzKEag-a_M0EFmmPiOv-FE4xBoo7UuB_e4l-3SdgJhZDD_igQxSvufdI3TnZYXsPyH9b18g1Zgf3FktvPU55hwP0oipy8-8Y4mQ0-Z4eWOZe0yE-yd8Ew6_nVpP6K3HhSzV-z97yk8vqKycjYZOFV4nWuTZaMRJoW9X9ks9wvgqrQJ1LAvD231tCaU36Sy18gaGhgVBAiIiECIEl8WfiKVP69zNVlTMaLc3wkoeOs8_hce-XCj7e97uA4srZCfXIFAJI4H4H2c&sai=AMfl-YScJH8it1c8BkkVwvM86Ma0sjzA87GTfhu6MaqEi1juOjWc7a2t4qX9kcgy3gJ7vQ-tXDNYuRbUCtSiDJDY7Pnq7Ej0IZu8LWUAipE6yaxooqnXGuH1i1MEKO-RLpdT&sig=Cg0ArKJSzALY7aGtNa28EAE&urlfix=1&adurl=
Requested by
Host: www.paradisepost.com
URL: https://www.paradisepost.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.paradisepost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 26 Apr 2021 14:10:20 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
radical.r6.min.js
publish.responsiveads.com/libs/ Frame 5529 		196 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://publish.responsiveads.com/libs/radical.r6.min.js
Requested by
Host: www.paradisepost.com
URL: https://www.paradisepost.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.17.190.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
33d73255ddadc89ded0b0a694b7b15e88cbf0a55687be623d4a8350e162076ea

Request headers

Referer
https://www.paradisepost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 26 Apr 2021 14:10:20 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
x-amz-request-id
82XA60VTVD7J9E8Y
Connection
keep-alive
Content-Length
57895
x-amz-id-2
x94xJQ3yTToJdUZfleyk/EIOmNaPZuMhRvLfH6iSTwSVb/AFePJvN2ZVjYr/IG4r022kZhP0e3U=
Last-Modified
Tue, 23 Mar 2021 11:58:23 GMT
Server
AmazonS3
ETag
"9734b5d43a7fdfc8f4ab7553525e3420"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET,HEAD
Content-Type
application/javascript; charset=UTF-8
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
false
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 5529 		116 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042001.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
dc015126841eaa9b1b79ee123e13d7d07ad7fe77f22366b05c480eff59a7a25e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.paradisepost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Apr 2021 14:10:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1619017370605640"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36032
x-xss-protection
0
expires
Mon, 26 Apr 2021 14:10:20 GMT
container.html
1b0804fc21f67a6688ab78dc3831390d.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame C2BB 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://1b0804fc21f67a6688ab78dc3831390d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042001.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
1b0804fc21f67a6688ab78dc3831390d.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.paradisepost.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.paradisepost.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
3108
date
Mon, 26 Apr 2021 14:10:19 GMT
expires
Tue, 26 Apr 2022 14:10:19 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
1
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
view
securepubads.g.doubleclick.net/pcs/ Frame 4D51 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuxIWY72TUZqDCUH2R8OPXyany-mWze72nXkq8jvCermTPcUbEeq284KtkaUdAmdc_Clxehwm5YtqhwZafY0COwcTv0JBatABYCbzuvIMBRZZn0acwn5ebVD8C19TX-tuzlmKjagP9j5aITi7JUsxJkzFD5sTraNkSigpuD0bJfEMmMGjSqrHzxjrOWJoh8z3hrNlcDS0X14HbzGAhmhLQdb5wg1Voq2Z21wARvruKkZbIfTRYgCWlMpRM84syZaQuyPED3OBYQChGl7imqI_tlihj5bhLiD5rYzOxgi4b2h-721bCp3jXL7pvTxTf3&sai=AMfl-YQA2r7YjbkxQ46P4aEKFlhKKLkz4VON_2NJTI3PK7wyozgkK5-h4mGa1CQ5n60eqojgKM6L-_q_mt5HxPEPLfsXaHVfCOL--WpIuE2A0jbdT0pJG3-Iyzz4_fWSg6yH&sig=Cg0ArKJSzBD_oAnz7J49EAE&adurl=
Requested by
Host: www.paradisepost.com
URL: https://www.paradisepost.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.paradisepost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 26 Apr 2021 14:10:20 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210422/r20110914/ Frame 4D51 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210422/r20110914/abg_lite_fy2019.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042001.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e9f3358441fb5f83ee3575f81df787bbade8b416b009cbdcbd3b71c8b6f560e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.paradisepost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Apr 2021 14:08:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
109
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7028
x-xss-protection
0
server
cafe
etag
3134275839577271762
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 10 May 2021 14:08:31 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210422/r20110914/client/ Frame 4D51 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210422/r20110914/client/window_focus_fy2019.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042001.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.paradisepost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Apr 2021 14:08:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
125
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1303
x-xss-protection
0
server
cafe
etag
14729628269804859526
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 10 May 2021 14:08:15 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 4D51 		116 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042001.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
dc015126841eaa9b1b79ee123e13d7d07ad7fe77f22366b05c480eff59a7a25e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.paradisepost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Apr 2021 14:10:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1619017370605640"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36032
x-xss-protection
0
expires
Mon, 26 Apr 2021 14:10:20 GMT
7925461475630935865
tpc.googlesyndication.com/simgad/ Frame 4D51 		29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/7925461475630935865
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042001.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0d045102d1805eaa14a2969d9034ac1937836a248caeec5e29136c357cb316c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.paradisepost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 21 Apr 2021 22:32:42 GMT
x-content-type-options
nosniff
age
401858
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29314
x-xss-protection
0
last-modified
Mon, 08 Apr 2019 16:48:19 GMT
server
sffe
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 21 Apr 2022 22:32:42 GMT
osd.js
www.googletagservices.com/activeview/js/current/ 		73 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042001.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4956137c69656045c048a157aaa84859657bbc7744019d26cce6b5bded84cc49
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.paradisepost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Apr 2021 14:10:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1619017352525402"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28270
x-xss-protection
0
expires
Mon, 26 Apr 2021 14:10:20 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 8CF1 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstjtoflptXmDTAD5otMPVhHz7qFjqx7Eh-uymZvQjG-OAGBv4A4nhZoNU8lpi8rkuKmOuJ3JDfLyZf_IhboXZ9uHHBRimCJMaO_5Zg3xizi-hHlDefs09EL1uoBOZHvy1VGShdnJnXzN9wzbhjIQopgBBdb5_Gx5uZZ9_7i6tqqhr7peS2qaYwsW-a3OhzppKMx0qAWbxXWMnxqLjPKHrIHmmb82m5QxJ21fnzrzq-0CId8I2f_O3_J7Fm8kDYed-vrRspUWOKSKH2sbYx_iFw5qYkeczbRjUWlVWJEjXTca6c-C47CsS_XB8fWI2Kx&sai=AMfl-YSs_Ltma7SjrA2ffHhQDfH_L8xRmO8GG3y78G1eKrcdYfkV-qUg8LcAeyY7Z0fHt-WDgjShmJ3WEeQqmqLM8x3GwtwYAcHsQY5bfeE4KBY56_-jHA6dOIYZNE827CFJ&sig=Cg0ArKJSzOf4vY3yn1F0EAE&adurl=
Requested by
Host: www.paradisepost.com
URL: https://www.paradisepost.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.paradisepost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 26 Apr 2021 14:10:20 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210422/r20110914/ Frame 8CF1 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210422/r20110914/abg_lite_fy2019.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042001.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e9f3358441fb5f83ee3575f81df787bbade8b416b009cbdcbd3b71c8b6f560e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.paradisepost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Apr 2021 14:08:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
109
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7028
x-xss-protection
0
server
cafe
etag
3134275839577271762
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 10 May 2021 14:08:31 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210422/r20110914/client/ Frame 8CF1 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210422/r20110914/client/window_focus_fy2019.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042001.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.paradisepost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Apr 2021 14:08:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
125
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1303
x-xss-protection
0
server
cafe
etag
14729628269804859526
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 10 May 2021 14:08:15 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 8CF1 		116 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042001.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
dc015126841eaa9b1b79ee123e13d7d07ad7fe77f22366b05c480eff59a7a25e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.paradisepost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Apr 2021 14:10:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1619017370605640"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36032
x-xss-protection
0
expires
Mon, 26 Apr 2021 14:10:20 GMT
l
www.google.com/ads/measurement/ Frame 8CF1 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRRKWNJKtBdpPcnGFN_LsHOzRsGBF6AhaWD2FeRwwKWdMWHj2ifLVTTdvffWOQGv6IEmmqV
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042001.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.paradisepost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
13126429516620988550
tpc.googlesyndication.com/simgad/ Frame 8CF1 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/13126429516620988550
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042001.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2a21b2cc4b971d6a396b220cb3ed6fbb523a2e2ab2507ead7f4fcefdf6909c38
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.paradisepost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Apr 2021 00:00:20 GMT
x-content-type-options
nosniff
age
396600
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28549
x-xss-protection
0
last-modified
Wed, 18 Jul 2018 16:37:07 GMT
server
sffe
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 22 Apr 2022 00:00:20 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 6DEA 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuabB2UQ0lUQHE99U1RwWZ59AjNEuwtR8-DhwyNvpyUHaWudcMXaXSf-EMauizshDKdY87aRibxklEZIUEfiygOX0lg4hGo2CieT0Jm8vleO8GXw931YVL4gPRvJm-YiGOsQTyO9tsCWmjTpWksoLjZx7nj6zxPUJcmTDHhLGDj8H5ZfNYMAlk9JeSQ1XMxf75q3vetkCrEZ_yC5Wq6GPsx8QiawjD58uZcNt4vJFIo5phMLg450jLuruolxOguAxmieLRdMM13NPVj7m0S1ADvkiiSRzAvqZTEMVfs3SSBt0ky9aCjliJgj5jVPSU&sai=AMfl-YQSKyTLSBIjUYctEjlCwwERHS7KphK1GhsMA5njTIFCM48iw6yIivcvJgcsLUA8ymQtjltAEoahkKt9fbSAU9GMm-lzA9B397Posp5aKsjEXdm9_vChN_CvQ81DagdI&sig=Cg0ArKJSzKsSbCjCuewFEAE&urlfix=1&adurl=
Requested by
Host: www.paradisepost.com
URL: https://www.paradisepost.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.paradisepost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 26 Apr 2021 14:10:20 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
radical.r6.min.js
publish.responsiveads.com/libs/ Frame 6DEA 		196 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://publish.responsiveads.com/libs/radical.r6.min.js
Requested by
Host: www.paradisepost.com
URL: https://www.paradisepost.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.17.190.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
33d73255ddadc89ded0b0a694b7b15e88cbf0a55687be623d4a8350e162076ea

Request headers

Referer
https://www.paradisepost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 26 Apr 2021 14:10:20 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
x-amz-request-id
82XA60VTVD7J9E8Y
Connection
keep-alive
Content-Length
57895
x-amz-id-2
x94xJQ3yTToJdUZfleyk/EIOmNaPZuMhRvLfH6iSTwSVb/AFePJvN2ZVjYr/IG4r022kZhP0e3U=
Last-Modified
Tue, 23 Mar 2021 11:58:23 GMT
Server
AmazonS3
ETag
"9734b5d43a7fdfc8f4ab7553525e3420"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET,HEAD
Content-Type
application/javascript; charset=UTF-8
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
false
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 6DEA 		116 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042001.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
dc015126841eaa9b1b79ee123e13d7d07ad7fe77f22366b05c480eff59a7a25e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.paradisepost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Apr 2021 14:10:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1619017370605640"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36032
x-xss-protection
0
expires
Mon, 26 Apr 2021 14:10:20 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame A5DC 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssBhDxPLq9GLZ6S_D9wL8C2hab4nbW_3JDquBCywwyWGdWS__2y2lpUw3OFOl-UDamxZNE_7vy9hv4xyGIj1fEK1JnOT2zK1PaobJpvMsihYKT3_KrSR-YJDSWYTPr2mgQmRH1fH60ZWxpdranvY89Uki8TBAeYSVq2a8I_Ya8k7jv39pNkFt8-_hPSprGLNYXPll79IZa5OvabHBETZr012SkTNwWT-RE3pLH2Kx5cG5RjOS9YFFnV8pkcuWR5iaNl1dKBECm1xUtvCPWu8aX1hAzivJNYBJIC8r8oUpjVjkeiMuGqMPBJU4CEU4Y&sai=AMfl-YTatI7BkgB58UUvwb5okT1QpRI-Ifj_oNqoWhyQz0WO9_VRHxz55SDS4E8Wzs3qKfvxq1OQiGfpZruOZVYRJF4U8lxF0kSCKwlGlYyfPkFLK2qp60l4WE34Uf7qlTq2&sig=Cg0ArKJSzC-VDtgdSm_XEAE&urlfix=1&adurl=
Requested by
Host: www.paradisepost.com
URL: https://www.paradisepost.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.paradisepost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 26 Apr 2021 14:10:20 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
radical.r6.min.js
publish.responsiveads.com/libs/ Frame A5DC 		196 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://publish.responsiveads.com/libs/radical.r6.min.js
Requested by
Host: www.paradisepost.com
URL: https://www.paradisepost.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.17.190.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
33d73255ddadc89ded0b0a694b7b15e88cbf0a55687be623d4a8350e162076ea

Request headers

Referer
https://www.paradisepost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 26 Apr 2021 14:10:20 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
x-amz-request-id
82XA60VTVD7J9E8Y
Connection
keep-alive
Content-Length
57895
x-amz-id-2
x94xJQ3yTToJdUZfleyk/EIOmNaPZuMhRvLfH6iSTwSVb/AFePJvN2ZVjYr/IG4r022kZhP0e3U=
Last-Modified
Tue, 23 Mar 2021 11:58:23 GMT
Server
AmazonS3
ETag
"9734b5d43a7fdfc8f4ab7553525e3420"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET,HEAD
Content-Type
application/javascript; charset=UTF-8
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
false
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame A5DC 		116 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042001.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
dc015126841eaa9b1b79ee123e13d7d07ad7fe77f22366b05c480eff59a7a25e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.paradisepost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Apr 2021 14:10:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1619017370605640"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36032
x-xss-protection
0
expires
Mon, 26 Apr 2021 14:10:20 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 4D51 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvCs48jBNZKgvJrvqkLtMQYjcW8uKXfAWdGlnroXkIwJAU7TGeFheDMIsU-qrmOpspV27Ql9hJgtp3R1w3qVwB7inmwPBWrGm6OVq5CG5jbizLhX3zGh-ij9ENIn_wrSPGotka_QD2Gw5ucVNCpZkc4DRqOLOwnF_SNw6-keiKaiHseL7rEd-ztrcX4oqC6lk7THqkcy1bnLbKPtjOzH1nFsduFijkdrNSzB653HHbbaI1e5TIhlEZr0ovg0LDMcMCJtAXs0hwafL3KmArSd2DWArmRSnFkBfQDW6g59b9N9L17wAkZVb4jKPL936VgoQk&sai=AMfl-YQDnRrbPx_B9cqDynbGTlo0gw3zwWuyvpQYaMEIBeL74Z49WNByf_Db5Q_IAipnD725KRiNu4eRYi1DOs0ld7pFhDIk6-lBb3_3ynH8Csr1FwujCDtOOysWQf7NKi_8&sig=Cg0ArKJSzK-7Pw7fF4BjEAE&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.paradisepost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 26 Apr 2021 14:10:20 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Mon, 26 Apr 2021 14:10:20 GMT
truncated
/ Frame 4D51 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
47538b3441c69a5a8f0ae46e00cbb4170c9073616af2764cf43eae6d82cf4b08

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 5529 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
55066cbb4788eda20bf154e5c84845ba77f1188b4fa7a52b216db2c295bf36f6

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame 8CF1 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu4h56kQooatJvbVsDowh7doVuV8wVlr6WOjFK0sQ2wCrQBMKhmXxEJVKw9q0z_Qp1t4j21w3BuBRwMiZ4yFi5Zhw8nHqCv6TG05DWo1m4gWpT0nKDPpeJV95zXCx9vySfdLc7HwxpN7WyFxXKkXUJ_IH3T_rtF9EDziAX05OjmTLXytU271uCFCxKnmla2oTCSXgDov8UG3kgUEC_PeVaDOoLXrpQ6_-te8ZEWGyxTzNsUZgkw6S8sZyg0SfLOBK1T3mkRw4OXS38FlsPQ3cesIuLd2bilO15_WrStMoZpK7yzg2wvB2UnZijjJM7o_ls&sai=AMfl-YShgijQx-Mj6-QKxw1QHy4u8viwRm42lE87RFSzKJkw9SFXyluqYbOVp-B4y4AlOgv63oBcswfezmHWlHBMO6KuHeFHeLSIsXssEMgVoIn9L31hrHRT7EKl0FI9GZrf&sig=Cg0ArKJSzJoqW2nyACoYEAE&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.paradisepost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 26 Apr 2021 14:10:20 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Mon, 26 Apr 2021 14:10:20 GMT
truncated
/ Frame 8CF1 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
73c1f8af1421442b8cd286a8684a5ae307a64fa80c73e932483c11094c849e3f

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 6DEA 		210 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
76690d68a326a19e7a6239a7db43694a3720be3046d086bf7fa8e8e8f6fd0165

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
ext.js
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame C2BB 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js
Requested by
Host: 1b0804fc21f67a6688ab78dc3831390d.safeframe.googlesyndication.com
URL: https://1b0804fc21f67a6688ab78dc3831390d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://1b0804fc21f67a6688ab78dc3831390d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Apr 2021 11:01:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
11335
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7022
x-xss-protection
0
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 26 Apr 2022 11:01:25 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame C2BB 		116 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 1b0804fc21f67a6688ab78dc3831390d.safeframe.googlesyndication.com
URL: https://1b0804fc21f67a6688ab78dc3831390d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
dc015126841eaa9b1b79ee123e13d7d07ad7fe77f22366b05c480eff59a7a25e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://1b0804fc21f67a6688ab78dc3831390d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Apr 2021 14:10:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1619017370605640"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36032
x-xss-protection
0
expires
Mon, 26 Apr 2021 14:10:20 GMT
truncated
/ Frame A5DC 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b8917f2c5cc155cb631c666a4c80d866455cd7172f40e972f9ab6c1b14818eb0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
d-60347c5c4a5858822d0039dc.js
publish.responsiveads.com/ads/60347c564a5858822d0039c3/ Frame 5529 		202 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://publish.responsiveads.com/ads/60347c564a5858822d0039c3/d-60347c5c4a5858822d0039dc.js
Requested by
Host: publish.responsiveads.com
URL: https://publish.responsiveads.com/libs/radical.r6.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.17.190.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
05054d229264172a8c88c3a9066dd31c790e01e79ab91af836e8e0f821599893

Request headers

Referer
https://www.paradisepost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 26 Apr 2021 14:10:20 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
x-amz-request-id
ZJ7T665965CVCTPJ
Connection
keep-alive
Content-Length
16381
x-amz-id-2
YKcjg5w1CvJTpB717c4bhkv40DvWMPVD6anN41sfBZujhB0H4MOUeWxfvqZWK7FQBccMHluA8lk=
Last-Modified
Tue, 23 Feb 2021 05:45:46 GMT
Server
AmazonS3
ETag
"ad67a26799f21b4d58fbecf4ea69ad31"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET,HEAD
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
private, max-age=0
Access-Control-Allow-Credentials
false
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
d-603483ca4a5858822d003a2b.js
publish.responsiveads.com/ads/603483c34a5858822d003a18/ Frame 6DEA 		393 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://publish.responsiveads.com/ads/603483c34a5858822d003a18/d-603483ca4a5858822d003a2b.js
Requested by
Host: publish.responsiveads.com
URL: https://publish.responsiveads.com/libs/radical.r6.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.17.190.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
74744e3475fd81dccdd1e2428d67f490c0c8ecd3d8cff6ccea4364d76968bdea

Request headers

Referer
https://www.paradisepost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 26 Apr 2021 14:10:20 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
x-amz-request-id
5XFK5N9X2RCRFZ7T
Connection
keep-alive
Content-Length
28342
x-amz-id-2
kkAIxPcVU9zVUcKm28N1mvminLlKUZpvXGukmTuXjZEF34/sJaYVVZYyVzBQgpBwpW9qYlnUH5A=
Last-Modified
Tue, 23 Feb 2021 08:30:32 GMT
Server
AmazonS3
ETag
"4474f9c071cf53cc99d63142a5db0fcb"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET,HEAD
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
private, max-age=0
Access-Control-Allow-Credentials
false
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
d-60347c5c4a5858822d0039dc.js
publish.responsiveads.com/ads/60347c564a5858822d0039c3/ Frame A5DC 		202 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://publish.responsiveads.com/ads/60347c564a5858822d0039c3/d-60347c5c4a5858822d0039dc.js
Requested by
Host: publish.responsiveads.com
URL: https://publish.responsiveads.com/libs/radical.r6.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.17.190.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
05054d229264172a8c88c3a9066dd31c790e01e79ab91af836e8e0f821599893

Request headers

Referer
https://www.paradisepost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 26 Apr 2021 14:10:20 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
x-amz-request-id
ZJ7T665965CVCTPJ
Connection
keep-alive
Content-Length
16381
x-amz-id-2
YKcjg5w1CvJTpB717c4bhkv40DvWMPVD6anN41sfBZujhB0H4MOUeWxfvqZWK7FQBccMHluA8lk=
Last-Modified
Tue, 23 Feb 2021 05:45:46 GMT
Server
AmazonS3
ETag
"ad67a26799f21b4d58fbecf4ea69ad31"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET,HEAD
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
private, max-age=0
Access-Control-Allow-Credentials
false
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
vendors~Auth0UniversalLoginAuthSystem.js
cdn.ayc0zsm69431gfebd.xyz/prod/dfm/ 		143 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ayc0zsm69431gfebd.xyz/prod/dfm/vendors~Auth0UniversalLoginAuthSystem.js
Requested by
Host: cdn.ayc0zsm69431gfebd.xyz
URL: https://cdn.ayc0zsm69431gfebd.xyz/prod/dfm/t8y9347t.min.js?
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/8FC7) /
Resource Hash
6f87d87de84dc36cab28965d9e1d940c250f399860acafe55f3dac01d54399ad

Request headers

Referer
https://www.paradisepost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 26 Apr 2021 14:10:20 GMT
content-encoding
gzip
content-md5
o/3Cfwyx2Hdo/xXi+KtqIw==
age
37970
x-cache
HIT
content-length
43195
x-ms-lease-status
unlocked
last-modified
Thu, 22 Apr 2021 09:08:48 GMT
server
ECAcc (frc/8FC7)
etag
0x8D9056E3D50F079
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
e68315c7-801e-013c-084d-3ad4f1000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control
max-age=43200
x-ms-version
2009-09-19
Auth0UniversalLoginAuthSystem.js
cdn.ayc0zsm69431gfebd.xyz/prod/dfm/ 		11 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ayc0zsm69431gfebd.xyz/prod/dfm/Auth0UniversalLoginAuthSystem.js
Requested by
Host: cdn.ayc0zsm69431gfebd.xyz
URL: https://cdn.ayc0zsm69431gfebd.xyz/prod/dfm/t8y9347t.min.js?
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/8F80) /
Resource Hash
dde5f5e3043fff6c7a7f24a307eac6ac7317e7d6db0085fbbe268eb11ba08699

Request headers

Referer
https://www.paradisepost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 26 Apr 2021 14:10:20 GMT
content-encoding
gzip
content-md5
E5fyjsIr92YKgvTS5SE4ZA==
age
37970
x-cache
HIT
content-length
3400
x-ms-lease-status
unlocked
last-modified
Thu, 22 Apr 2021 09:08:32 GMT
server
ECAcc (frc/8F80)
etag
0x8D9056E339D05A5
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
bbd09de5-901e-00e0-624d-3ac0f7000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control
max-age=43200
x-ms-version
2009-09-19
Auth0AuthSystem.js
cdn.ayc0zsm69431gfebd.xyz/prod/dfm/ 		7 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ayc0zsm69431gfebd.xyz/prod/dfm/Auth0AuthSystem.js
Requested by
Host: cdn.ayc0zsm69431gfebd.xyz
URL: https://cdn.ayc0zsm69431gfebd.xyz/prod/dfm/t8y9347t.min.js?
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/8E9E) /
Resource Hash
99bea1588717259aa23413b0659c1eb6a0fe227b10eb213e8d9068fd1aa23b96

Request headers

Referer
https://www.paradisepost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 26 Apr 2021 14:10:20 GMT
content-encoding
gzip
content-md5
jBig/iW/Mpw+sfYWVt9mLw==
age
37988
x-cache
HIT
content-length
2320
x-ms-lease-status
unlocked
last-modified
Thu, 22 Apr 2021 09:08:31 GMT
server
ECAcc (frc/8E9E)
etag
0x8D9056E3391B836
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
0789aa65-401e-0084-074d-3a7057000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control
max-age=43200
x-ms-version
2009-09-19
CustomAuthSystem.js
cdn.ayc0zsm69431gfebd.xyz/prod/dfm/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ayc0zsm69431gfebd.xyz/prod/dfm/CustomAuthSystem.js
Requested by
Host: cdn.ayc0zsm69431gfebd.xyz
URL: https://cdn.ayc0zsm69431gfebd.xyz/prod/dfm/t8y9347t.min.js?
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/8F12) /
Resource Hash
80e63f47bb601d1782367bf3015482e86cad9fa03cbfce5ec26502c016d4d47b

Request headers

Referer
https://www.paradisepost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 26 Apr 2021 14:10:20 GMT
content-encoding
gzip
content-md5
WtHQ46VooZh5jhibUEIm/g==
age
37988
x-cache
HIT
content-length
2146
x-ms-lease-status
unlocked
last-modified
Thu, 22 Apr 2021 09:08:32 GMT
server
ECAcc (frc/8F12)
etag
0x8D9056E33BE9F96
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
addce849-401e-0121-284d-3a0d1b000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control
max-age=43200
x-ms-version
2009-09-19
JanrainAuthSystem.js
cdn.ayc0zsm69431gfebd.xyz/prod/dfm/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ayc0zsm69431gfebd.xyz/prod/dfm/JanrainAuthSystem.js
Requested by
Host: cdn.ayc0zsm69431gfebd.xyz
URL: https://cdn.ayc0zsm69431gfebd.xyz/prod/dfm/t8y9347t.min.js?
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/8F95) /
Resource Hash
1d4e66ef8f5ea94ffe457c995d263d41163c06c199cb6900dfc368b2214794a0

Request headers

Referer
https://www.paradisepost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 26 Apr 2021 14:10:20 GMT
content-encoding
gzip
content-md5
3loC7XOiphfHLLmAxSEZ5g==
age
37988
x-cache
HIT
content-length
2639
x-ms-lease-status
unlocked
last-modified
Thu, 22 Apr 2021 09:08:32 GMT
server
ECAcc (frc/8F95)
etag
0x8D9056E33C99EC8
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
b189baab-001e-00cc-284d-3a42ca000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control
max-age=43200
x-ms-version
2009-09-19
MG2AuthSystem.js
cdn.ayc0zsm69431gfebd.xyz/prod/dfm/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ayc0zsm69431gfebd.xyz/prod/dfm/MG2AuthSystem.js
Requested by
Host: cdn.ayc0zsm69431gfebd.xyz
URL: https://cdn.ayc0zsm69431gfebd.xyz/prod/dfm/t8y9347t.min.js?
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/8FAB) /
Resource Hash
8cf0bb9486df56f8bfc90a4ba4d7317243f9ca37aa6ec6193214e9a0d640744c

Request headers

Referer
https://www.paradisepost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 26 Apr 2021 14:10:20 GMT
content-encoding
gzip
content-md5
53DSePPJylXjWw4MlYhYcA==
age
37988
x-cache
HIT
content-length
2456
x-ms-lease-status
unlocked
last-modified
Thu, 22 Apr 2021 09:08:32 GMT
server
ECAcc (frc/8FAB)
etag
0x8D9056E33DFC44A
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
a9a59eff-001e-00a1-674d-3ae8e4000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control
max-age=43200
x-ms-version
2009-09-19
NewzwareAuthSystem.js
cdn.ayc0zsm69431gfebd.xyz/prod/dfm/ 		13 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ayc0zsm69431gfebd.xyz/prod/dfm/NewzwareAuthSystem.js
Requested by
Host: cdn.ayc0zsm69431gfebd.xyz
URL: https://cdn.ayc0zsm69431gfebd.xyz/prod/dfm/t8y9347t.min.js?
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/8F8E) /
Resource Hash
2fcc3c30a10f35c852ff3d27a846dcde5c87dfe2b6c2abd7c2a58f67791f9df2

Request headers

Referer
https://www.paradisepost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 26 Apr 2021 14:10:20 GMT
content-encoding
gzip
content-md5
XXTxgTgPuF9lg38Cul1d8Q==
age
37970
x-cache
HIT
content-length
4009
x-ms-lease-status
unlocked
last-modified
Thu, 22 Apr 2021 09:08:32 GMT
server
ECAcc (frc/8F8E)
etag
0x8D9056E33EAC378
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
4e562f8c-501e-00f6-014d-3a0169000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control
max-age=43200
x-ms-version
2009-09-19
LikeButtons4.js
cdn.ayc0zsm69431gfebd.xyz/prod/dfm/ 		114 B
242 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ayc0zsm69431gfebd.xyz/prod/dfm/LikeButtons4.js
Requested by
Host: cdn.ayc0zsm69431gfebd.xyz
URL: https://cdn.ayc0zsm69431gfebd.xyz/prod/dfm/t8y9347t.min.js?
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/8F1E) /
Resource Hash
64ff9f874a5fd24a871b1d9cd7ee49e4d92bc27ce63c05e94bedc4f7adcc0a11

Request headers

Referer
https://www.paradisepost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 26 Apr 2021 14:10:20 GMT
content-md5
0is0k5hNwCAMRJ10IGm41w==
age
37970
x-cache
HIT
content-length
114
x-ms-lease-status
unlocked
last-modified
Thu, 22 Apr 2021 09:08:32 GMT
server
ECAcc (frc/8F1E)
etag
0x8D9056E33D49E04
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
93dd52db-c01e-0070-704d-3a55bb000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control
max-age=43200
x-ms-version
2009-09-19
accept-ranges
bytes
view
securepubads.g.doubleclick.net/pcs/ Frame C2BB 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuR6Q2H_s1q4MgA_x6aDg6zcuTzfFRlxzwG-UVcvXOxoVs00VnKxy0cKJK2yG52iIClGM0UxAu5Up3eVnidf0IshQBVlARnwgQ0tTXuTW0usdXNNQ8RQtA_Nmk_ImV8KjO8VM5lNZFAEW8ygFij1V25YtK3ATxtMqfr3MIMATdZG0Wvo_Nv0jrScx4NTPxGdxT8EsOzk93WSEECYH0EkPF8ZmDiuxZ4bsF_Bx6PMJ65pkEcwzfhdpqsxApEGthGDjCwsV8p2ebcYceQ_uZ_o48Wulnzrhs3CPmKQPz0cYrzr1vwKvesobCzJI4QHgI&sai=AMfl-YThMD1aLsfY5IFZLcbK_V-ciD18WthCmDCrqifBvjK7XKXV17qqdE-bbsNxZdOApjt1rzY6Kx3HDB0giLI6pqr_npAO-VM_y4jClGHc3wkfN3-Kks9Iodi0GX7veemq&sig=Cg0ArKJSzN-zdEdDLYrqEAE&urlfix=1&adurl=
Requested by
Host: 1b0804fc21f67a6688ab78dc3831390d.safeframe.googlesyndication.com
URL: https://1b0804fc21f67a6688ab78dc3831390d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://1b0804fc21f67a6688ab78dc3831390d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 26 Apr 2021 14:10:20 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
radical.r6.min.js
publish.responsiveads.com/libs/ Frame C2BB 		196 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://publish.responsiveads.com/libs/radical.r6.min.js
Requested by
Host: 1b0804fc21f67a6688ab78dc3831390d.safeframe.googlesyndication.com
URL: https://1b0804fc21f67a6688ab78dc3831390d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.17.190.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
33d73255ddadc89ded0b0a694b7b15e88cbf0a55687be623d4a8350e162076ea

Request headers

Referer
https://1b0804fc21f67a6688ab78dc3831390d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 26 Apr 2021 14:10:20 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
x-amz-request-id
82XA60VTVD7J9E8Y
Connection
keep-alive
Content-Length
57895
x-amz-id-2
x94xJQ3yTToJdUZfleyk/EIOmNaPZuMhRvLfH6iSTwSVb/AFePJvN2ZVjYr/IG4r022kZhP0e3U=
Last-Modified
Tue, 23 Mar 2021 11:58:23 GMT
Server
AmazonS3
ETag
"9734b5d43a7fdfc8f4ab7553525e3420"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET,HEAD
Content-Type
application/javascript; charset=UTF-8
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
false
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
truncated
/ Frame C2BB 		210 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5ac01d849ba8bc5cb1db0fb1c11eeb011d67a8781396ded6dbfc645056bb5c8e

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
views
prod-dfm-proxy-connext.azurewebsites.net/api/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://prod-dfm-proxy-connext.azurewebsites.net/api/views?UserId=8c8e5178800d88861eca8b5005abf763&ConfigCode=NORCALNVPRODWP&SiteCode=DFM&SettingsKey=NORCAL%2CPP
Protocol
HTTP/1.1
Server
13.85.16.224 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
access-control-allow-origin,attr,authorization,autoqa,config-code,content-type,environment,location,settingskey,site-code,source-system,ssid,version
Origin
https://www.paradisepost.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Access-Control-Allow-Origin
*
Access-Control-Allow-Headers
access-control-allow-origin,attr,authorization,autoqa,config-code,content-type,environment,location,settingskey,site-code,source-system,ssid,version
X-Powered-By
ASP.NET
Date
Mon, 26 Apr 2021 14:10:20 GMT
Content-Length
0
views
prod-dfm-proxy-connext.azurewebsites.net/api/ 		263 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prod-dfm-proxy-connext.azurewebsites.net/api/views?UserId=8c8e5178800d88861eca8b5005abf763&ConfigCode=NORCALNVPRODWP&SiteCode=DFM&SettingsKey=NORCAL%2CPP
Requested by
Host: cdn.ayc0zsm69431gfebd.xyz
URL: https://cdn.ayc0zsm69431gfebd.xyz/prod/dfm/t8y9347t.min.js?
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.85.16.224 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET, ASP.NET
Resource Hash
f1d76be83af4bf430b48a2aae5454f4bba28f77b95aa11280b3037f5c616c1c4

Request headers

authorization
Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1bmlxdWVfbmFtZSI6IkNvbm5lWHQiLCJleHAiOjE2MTk0NjA2MTl9.V2U-oRgzyTKh8CxU5lt8U46_ch49wW_jxRC0MXBH6Yo
source-system
Plugin
site-code
DFM
autoqa
false
access-control-allow-origin
*
settingskey
NORCAL,PP
ssid
2a5b2a105422aebc5c9e9ceb8e017334
environment
prod
attr
PP
config-code
NORCALNVPRODWP
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
application/json
location
System
accept
application/json
Referer
https://www.paradisepost.com/
version
Version: 2.5.4.3_swg

Response headers

Pragma
no-cache
Date
Mon, 26 Apr 2021 14:10:20 GMT
Content-Encoding
gzip
Expires
-1
Server
Microsoft-IIS/10.0
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET, ASP.NET
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
X-Server-Time,Request-Context
Cache-Control
no-cache
Content-Length
288
X-Server-Time
4/26/2021 2:10:21 PM
Request-Context
appId=cid-v1:b3b1c194-8bfe-45e5-8168-866947d4f019
d-60347c5c4a5858822d0039dc.js
publish.responsiveads.com/ads/60347c564a5858822d0039c3/ Frame C2BB 		202 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://publish.responsiveads.com/ads/60347c564a5858822d0039c3/d-60347c5c4a5858822d0039dc.js
Requested by
Host: publish.responsiveads.com
URL: https://publish.responsiveads.com/libs/radical.r6.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.17.190.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
05054d229264172a8c88c3a9066dd31c790e01e79ab91af836e8e0f821599893

Request headers

Referer
https://1b0804fc21f67a6688ab78dc3831390d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 26 Apr 2021 14:10:20 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
x-amz-request-id
ZJ7T665965CVCTPJ
Connection
keep-alive
Content-Length
16381
x-amz-id-2
YKcjg5w1CvJTpB717c4bhkv40DvWMPVD6anN41sfBZujhB0H4MOUeWxfvqZWK7FQBccMHluA8lk=
Last-Modified
Tue, 23 Feb 2021 05:45:46 GMT
Server
AmazonS3
ETag
"ad67a26799f21b4d58fbecf4ea69ad31"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET,HEAD
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
private, max-age=0
Access-Control-Allow-Credentials
false
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
rad-fl-60347c574a5858822d0039c6.css
publish.responsiveads.com/flowlines/60347c574a5858822d0039c6/ Frame A5DC 		4 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://publish.responsiveads.com/flowlines/60347c574a5858822d0039c6/rad-fl-60347c574a5858822d0039c6.css
Requested by
Host: publish.responsiveads.com
URL: https://publish.responsiveads.com/libs/radical.r6.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.17.190.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bb7357ef4a7f45351bc1caa22ef33958fda13d88cbf539923905490c9131b7e8

Request headers

Referer
https://www.paradisepost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 26 Apr 2021 14:10:20 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
x-amz-request-id
H6T7770SW3NEF7HA
Connection
keep-alive
Content-Length
685
x-amz-id-2
fXYHGmZDcw5ryUrCONP9MpDLoSDjPWiohNb3NWOYRwkWU9rz7dn+CcbO814G0FXgitXfWud5jVw=
Last-Modified
Tue, 23 Feb 2021 03:54:01 GMT
Server
AmazonS3
ETag
"a6b270f24482d5e3329df85a1b007c00"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET,HEAD
Content-Type
text/css
Access-Control-Allow-Origin
*
Cache-Control
max-age=0
Access-Control-Allow-Credentials
false
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
view
securepubads.g.doubleclick.net/pcs/ Frame A5DC 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssPp5gVJHjkHPJmKwCCsuWtb9OPos5ffX5R79OZTR40DfYRDCM5nJmf57Ut9A5_gcUirI_EFqN3q4FA124DWmUDWZBbHy5BkfQb5NeAfkHpbVUg8whak_ZOEWOu45hMSGpizzf53v3E7gK35f-dcAShC6QQxuYfrqmSAOuYkyZdLbOmlqEfUUp0vngjXuCyc-p7NTeRO3STbNtj_W6BujHXpx9T7--BkJAIdYp38vCogRrFgXv0LcoLTyBJGkR_fX2TxJ3mVF5MKgbbKjahu0QAKMKGfsSE1IAzwbkokp1etfGxVJo_86P0Gkq5CRTwWg&sai=AMfl-YRIe_ZF2kaawFHhXLCDAZ3fN0qygxgA3uK1BmBs_Y88CNrP1a2rTcLgb7afxFtE8h3-dlOVhIe209S3nCgnaUKn3gjy2vjX5T-0zkC2At-XE7dnHQ5FSo1_qkrFapE_&sig=Cg0ArKJSzKOmdW07UmCZEAE&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.paradisepost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 26 Apr 2021 14:10:20 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Mon, 26 Apr 2021 14:10:20 GMT
rad-fl-60347c574a5858822d0039c6.css
publish.responsiveads.com/flowlines/60347c574a5858822d0039c6/ Frame 5529 		4 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://publish.responsiveads.com/flowlines/60347c574a5858822d0039c6/rad-fl-60347c574a5858822d0039c6.css
Requested by
Host: publish.responsiveads.com
URL: https://publish.responsiveads.com/libs/radical.r6.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.17.190.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bb7357ef4a7f45351bc1caa22ef33958fda13d88cbf539923905490c9131b7e8

Request headers

Referer
https://www.paradisepost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 26 Apr 2021 14:10:20 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
x-amz-request-id
H6T7770SW3NEF7HA
Connection
keep-alive
Content-Length
685
x-amz-id-2
fXYHGmZDcw5ryUrCONP9MpDLoSDjPWiohNb3NWOYRwkWU9rz7dn+CcbO814G0FXgitXfWud5jVw=
Last-Modified
Tue, 23 Feb 2021 03:54:01 GMT
Server
AmazonS3
ETag
"a6b270f24482d5e3329df85a1b007c00"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET,HEAD
Content-Type
text/css
Access-Control-Allow-Origin
*
Cache-Control
max-age=0
Access-Control-Allow-Credentials
false
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
view
securepubads.g.doubleclick.net/pcs/ Frame 5529 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuOeYvyPHupO5Sf3fNJHIJPUSXFikZXMHcJP8E-yb7hJri4N5VFYyAWPyiaIVzYqYGXhdB5h0AFA7DJW_W73G3SX3LUvNBQhWexUuvrHK0qMjvT2DxAuMeg9U7kUMbprBUgt9WlSgtSLF8hRnaW0aDC5QPrvmAedKQKO657nAtP5i4Drzuk22z4vlY2RaPouxyrohmoPGX5NSS3PR5BVEEp_VfFjKtr3mbPMtReF29WvOLqxdHvnIoaLNEfLqQCgLcxlygpwMEGxDRFviH4qDxNEookvVAbFKrLRVSJ_GhgzBql3aeHwZZVP4XDmUUVzw&sai=AMfl-YRDh2qiIVOkDjo6RzDtlM_awVNo6GoO6jSt2OiMmJOH9R-ghv-hh_cWVV9ZkKPhZUgAzM_VCKOJm_q06NvagfAeBJW5dNGmLpW8FHbx8rCTO5xVyp0Kvls9wjtsP2GA&sig=Cg0ArKJSzBPmZp2ptYWJEAE&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.paradisepost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 26 Apr 2021 14:10:20 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Mon, 26 Apr 2021 14:10:20 GMT
webfontloader.js
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame C2BB 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
Requested by
Host: publish.responsiveads.com
URL: https://publish.responsiveads.com/libs/radical.r6.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://1b0804fc21f67a6688ab78dc3831390d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Apr 2021 14:10:20 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
282307
cross-origin-resource-policy
cross-origin
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
4420
cf-request-id
09b01d60180000bf239ba39000000001
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:17:52 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb04030-30d9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=CFNMkpujSt7S7tx1gkiW3ZdnBB3xLpJ%2BkcKtkNr7AamsJVMM0RG1rTOfCm8HnluK2fnyANPEgLl1OSxlg9QCRmWKCVuZxIFKrK%2FiP4S8GDtZR2SHOrSRdXME9VdFEDkt%2Bg%3D%3D"}],"max_age":604800,"group":"cf-nel"}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
646064e02b20bf23-FRA
expires
Sat, 16 Apr 2022 14:10:20 GMT
logo.png
publish.responsiveads.com/ads/60347c564a5858822d0039c3/img/ Frame C2BB 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://publish.responsiveads.com/ads/60347c564a5858822d0039c3/img/logo.png
Requested by
Host: 1b0804fc21f67a6688ab78dc3831390d.safeframe.googlesyndication.com
URL: https://1b0804fc21f67a6688ab78dc3831390d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.17.190.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7b83f543b8d57f489fb9940d4eeed453ce79b48f58f70561aabe6b6628be52e2

Request headers

Referer
https://1b0804fc21f67a6688ab78dc3831390d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 26 Apr 2021 14:10:20 GMT
x-amz-request-id
RHVE5GHFZ7REQ9VY
Connection
keep-alive
Content-Length
9169
x-amz-id-2
5+qePZMjWDn8nm9iZYoIqQql85t4ZT6ig7+2ONTH07KZeljsYfoS/m+MjZ+Mk5+Ir40Z99OyTDk=
Last-Modified
Tue, 23 Feb 2021 05:45:48 GMT
Server
AmazonS3
ETag
"e004d9c3e4739f12079fe5dacd7443ba"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET,HEAD
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
private, max-age=31392452
Access-Control-Allow-Credentials
false
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
copyy.png
publish.responsiveads.com/ads/60347c564a5858822d0039c3/img/ Frame C2BB 		41 KB
41 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://publish.responsiveads.com/ads/60347c564a5858822d0039c3/img/copyy.png
Requested by
Host: 1b0804fc21f67a6688ab78dc3831390d.safeframe.googlesyndication.com
URL: https://1b0804fc21f67a6688ab78dc3831390d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.17.190.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4e5d26bed2b6c193e54e8ea3aa0918b88020536295d21b6b34cb483b41534f99

Request headers

Referer
https://1b0804fc21f67a6688ab78dc3831390d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 26 Apr 2021 14:10:20 GMT
x-amz-request-id
RHVFJ39FXRDW7CVM
Connection
keep-alive
Content-Length
41688
x-amz-id-2
Yv7Cb+SBpz2dm64XjqXdjisc8MWvreCuw9AOqIqdL84WyuH8CT5Hla3FoPU/TdH4+U9lG5mYjxI=
Last-Modified
Tue, 23 Feb 2021 05:45:48 GMT
Server
AmazonS3
ETag
"7eb746773ac0e5f43b7f43d0d1d7f04b"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET,HEAD
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
private, max-age=31392519
Access-Control-Allow-Credentials
false
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
image.jpg
publish.responsiveads.com/ads/60347c564a5858822d0039c3/img/ Frame C2BB 		125 KB
126 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://publish.responsiveads.com/ads/60347c564a5858822d0039c3/img/image.jpg
Requested by
Host: 1b0804fc21f67a6688ab78dc3831390d.safeframe.googlesyndication.com
URL: https://1b0804fc21f67a6688ab78dc3831390d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.17.190.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a201231235ae318340e214f38c338d79f38d269ffbb64d06ff1e01fc6fffc222

Request headers

Referer
https://1b0804fc21f67a6688ab78dc3831390d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 26 Apr 2021 14:10:20 GMT
x-amz-request-id
RHVCBBJ6RG7AFBER
Connection
keep-alive
Content-Length
128279
x-amz-id-2
z9MBHQiEwveqcEGoiMyiFPbya1MmTAI+n8cDEpPRkM2sByj9NXh2jaibCT7CSNRNA6jRztCwWjo=
Last-Modified
Tue, 23 Feb 2021 05:45:48 GMT
Server
AmazonS3
ETag
"5a930123750366ef75132531191e5dd1"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET,HEAD
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
private, max-age=31392521
Access-Control-Allow-Credentials
false
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
rad-fl-603483c44a5858822d003a19.css
publish.responsiveads.com/flowlines/603483c44a5858822d003a19/ Frame 6DEA 		4 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://publish.responsiveads.com/flowlines/603483c44a5858822d003a19/rad-fl-603483c44a5858822d003a19.css
Requested by
Host: publish.responsiveads.com
URL: https://publish.responsiveads.com/libs/radical.r6.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.17.190.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9c503b0d429a19455b70d241374aeb0fe7c66ae6414aa45d9f2a4fb0d3012a9f

Request headers

Referer
https://www.paradisepost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 26 Apr 2021 14:10:20 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
x-amz-request-id
6RDJ4G6W4T0X9J4W
Connection
keep-alive
Content-Length
684
x-amz-id-2
coyzge+mse0SC5xbNZbrMSpdoQhkwwyHLr5ZfIktjOMIbdgQOCOmOltvioq/hzL87UfnqQuF6Ek=
Last-Modified
Tue, 23 Feb 2021 04:25:44 GMT
Server
AmazonS3
ETag
"d255a3748e7238c2ad3c1f9fac346afe"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET,HEAD
Content-Type
text/css
Access-Control-Allow-Origin
*
Cache-Control
max-age=0
Access-Control-Allow-Credentials
false
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
rad-fl-60347c574a5858822d0039c6.css
publish.responsiveads.com/flowlines/60347c574a5858822d0039c6/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://publish.responsiveads.com/flowlines/60347c574a5858822d0039c6/rad-fl-60347c574a5858822d0039c6.css
Requested by
Host: publish.responsiveads.com
URL: https://publish.responsiveads.com/libs/radical.r6.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.17.190.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bb7357ef4a7f45351bc1caa22ef33958fda13d88cbf539923905490c9131b7e8

Request headers

Referer
https://www.paradisepost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 26 Apr 2021 14:10:20 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
x-amz-request-id
H6T7770SW3NEF7HA
Connection
keep-alive
Content-Length
685
x-amz-id-2
fXYHGmZDcw5ryUrCONP9MpDLoSDjPWiohNb3NWOYRwkWU9rz7dn+CcbO814G0FXgitXfWud5jVw=
Last-Modified
Tue, 23 Feb 2021 03:54:01 GMT
Server
AmazonS3
ETag
"a6b270f24482d5e3329df85a1b007c00"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET,HEAD
Content-Type
text/css
Access-Control-Allow-Origin
*
Cache-Control
max-age=0
Access-Control-Allow-Credentials
false
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
webfontloader.js
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame A5DC 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
Requested by
Host: publish.responsiveads.com
URL: https://publish.responsiveads.com/libs/radical.r6.min.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://www.paradisepost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Apr 2021 14:10:20 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"max_age":604800,"report_to":"cf-nel"}
age
282307
cross-origin-resource-policy
cross-origin
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
4420
cf-request-id
09b01d605200001f3906203000000001
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:17:52 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb04030-30d9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Qdz7D%2FVRzyaMRSBUxgi%2BQ2wnnA1gDyNpLGEtETIFmz59rq3wdX07cri%2BMbqJ6g7DmjIViWwJ4T4gGoygxckIcnDtAtlIYwHkQCoIJRDmsDs%2BwZIMR8aUH6qQU8H%2FRN8VWQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
646064e08b231f39-FRA
expires
Sat, 16 Apr 2022 14:10:20 GMT
logo.png
publish.responsiveads.com/ads/60347c564a5858822d0039c3/img/ Frame A5DC 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://publish.responsiveads.com/ads/60347c564a5858822d0039c3/img/logo.png
Requested by
Host: publish.responsiveads.com
URL: https://publish.responsiveads.com/libs/radical.r6.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.17.190.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7b83f543b8d57f489fb9940d4eeed453ce79b48f58f70561aabe6b6628be52e2

Request headers

Referer
https://www.paradisepost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 26 Apr 2021 14:10:20 GMT
x-amz-request-id
RHVE5GHFZ7REQ9VY
Connection
keep-alive
Content-Length
9169
x-amz-id-2
5+qePZMjWDn8nm9iZYoIqQql85t4ZT6ig7+2ONTH07KZeljsYfoS/m+MjZ+Mk5+Ir40Z99OyTDk=
Last-Modified
Tue, 23 Feb 2021 05:45:48 GMT
Server
AmazonS3
ETag
"e004d9c3e4739f12079fe5dacd7443ba"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET,HEAD
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
private, max-age=31392452
Access-Control-Allow-Credentials
false
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
image.jpg
publish.responsiveads.com/ads/60347c564a5858822d0039c3/img/ Frame A5DC 		125 KB
126 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://publish.responsiveads.com/ads/60347c564a5858822d0039c3/img/image.jpg
Requested by
Host: publish.responsiveads.com
URL: https://publish.responsiveads.com/libs/radical.r6.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.17.190.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a201231235ae318340e214f38c338d79f38d269ffbb64d06ff1e01fc6fffc222

Request headers

Referer
https://www.paradisepost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 26 Apr 2021 14:10:20 GMT
x-amz-request-id
RHVCBBJ6RG7AFBER
Connection
keep-alive
Content-Length
128279
x-amz-id-2
z9MBHQiEwveqcEGoiMyiFPbya1MmTAI+n8cDEpPRkM2sByj9NXh2jaibCT7CSNRNA6jRztCwWjo=
Last-Modified
Tue, 23 Feb 2021 05:45:48 GMT
Server
AmazonS3
ETag
"5a930123750366ef75132531191e5dd1"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET,HEAD
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
private, max-age=31392521
Access-Control-Allow-Credentials
false
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
view
securepubads.g.doubleclick.net/pcs/ Frame 6DEA 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssfoxgI1ox_sCqWuodYDur8vhdPe0zngxNsjJZuQAKWndb4WFHgSCLqjXrrIEIhF6wMk4JGFkItGXjbevkfp8KQYwx-F9RWNr8IqzzZSLYexzk0FFyACZI612qn3jj4uuYKtytw0ihNapwGxQ5gUtbOIExJQDgPdFUJCxsRYmfLPKsrhcpqgLOJAziuuXVCSEnckht3svPYcsol6zdhB92dA5lqzgipsTU5eE1GOkLMwid8nFA0eQXxknQMHSB4XINjmFaRs4px48B-FIpfj0v3W8AuD3bwWmb3gAOyJh9HJQSqKMtbVn6iDI94_38ouA&sai=AMfl-YQFeAZeP1I5ALYafd-iZ0TBVgdfBJ6YmaEq61slIWZ0BhWsT0va-6r0jtY2xxBSlj8LKS7i1VZ5SMd2H9AGF5hZSGu_dRp61kJDll1Cv6gFfbKTcbBmWxA6qO1XhijM&sig=Cg0ArKJSzBz9ZKq8kt1uEAE&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.paradisepost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 26 Apr 2021 14:10:21 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Mon, 26 Apr 2021 14:10:21 GMT
webfontloader.js
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame 5529 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
Requested by
Host: publish.responsiveads.com
URL: https://publish.responsiveads.com/libs/radical.r6.min.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://www.paradisepost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Apr 2021 14:10:20 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"max_age":604800,"report_to":"cf-nel"}
age
282307
cross-origin-resource-policy
cross-origin
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
4420
cf-request-id
09b01d60b600001f39d5990000000001
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:17:52 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb04030-30d9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Wl5fPatTjtmdKHGAf%2F9xk%2BbxAGSQJ1rOVM7%2FB%2F0j59t7vF%2BGwfGX9Ih%2B38clABe1uIyc3MQe5fcyWl4qlQ%2BBw1nnjXpHA2hDDiEuvYyaKqBF1P01FyKRZCA6PBNQetoJzA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
646064e11c571f39-FRA
expires
Sat, 16 Apr 2022 14:10:20 GMT
logo.png
publish.responsiveads.com/ads/60347c564a5858822d0039c3/img/ Frame 5529 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://publish.responsiveads.com/ads/60347c564a5858822d0039c3/img/logo.png
Requested by
Host: publish.responsiveads.com
URL: https://publish.responsiveads.com/libs/radical.r6.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.17.190.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7b83f543b8d57f489fb9940d4eeed453ce79b48f58f70561aabe6b6628be52e2

Request headers

Referer
https://www.paradisepost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 26 Apr 2021 14:10:22 GMT
x-amz-request-id
RHVE5GHFZ7REQ9VY
Connection
keep-alive
Content-Length
9169
x-amz-id-2
5+qePZMjWDn8nm9iZYoIqQql85t4ZT6ig7+2ONTH07KZeljsYfoS/m+MjZ+Mk5+Ir40Z99OyTDk=
Last-Modified
Tue, 23 Feb 2021 05:45:48 GMT
Server
AmazonS3
ETag
"e004d9c3e4739f12079fe5dacd7443ba"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET,HEAD
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
private, max-age=31392450
Access-Control-Allow-Credentials
false
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
image.jpg
publish.responsiveads.com/ads/60347c564a5858822d0039c3/img/ Frame 5529 		125 KB
126 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://publish.responsiveads.com/ads/60347c564a5858822d0039c3/img/image.jpg
Requested by
Host: publish.responsiveads.com
URL: https://publish.responsiveads.com/libs/radical.r6.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.17.190.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a201231235ae318340e214f38c338d79f38d269ffbb64d06ff1e01fc6fffc222

Request headers

Referer
https://www.paradisepost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 26 Apr 2021 14:10:22 GMT
x-amz-request-id
RHVCBBJ6RG7AFBER
Connection
keep-alive
Content-Length
128279
x-amz-id-2
z9MBHQiEwveqcEGoiMyiFPbya1MmTAI+n8cDEpPRkM2sByj9NXh2jaibCT7CSNRNA6jRztCwWjo=
Last-Modified
Tue, 23 Feb 2021 05:45:48 GMT
Server
AmazonS3
ETag
"5a930123750366ef75132531191e5dd1"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET,HEAD
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
private, max-age=31392519
Access-Control-Allow-Credentials
false
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
rad-fl-603483c44a5858822d003a19.css
publish.responsiveads.com/flowlines/603483c44a5858822d003a19/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://publish.responsiveads.com/flowlines/603483c44a5858822d003a19/rad-fl-603483c44a5858822d003a19.css
Requested by
Host: publish.responsiveads.com
URL: https://publish.responsiveads.com/libs/radical.r6.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.17.190.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9c503b0d429a19455b70d241374aeb0fe7c66ae6414aa45d9f2a4fb0d3012a9f

Request headers

Referer
https://www.paradisepost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 26 Apr 2021 14:10:21 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
x-amz-request-id
6RDJ4G6W4T0X9J4W
Connection
keep-alive
Content-Length
684
x-amz-id-2
coyzge+mse0SC5xbNZbrMSpdoQhkwwyHLr5ZfIktjOMIbdgQOCOmOltvioq/hzL87UfnqQuF6Ek=
Last-Modified
Tue, 23 Feb 2021 04:25:44 GMT
Server
AmazonS3
ETag
"d255a3748e7238c2ad3c1f9fac346afe"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET,HEAD
Content-Type
text/css
Access-Control-Allow-Origin
*
Cache-Control
max-age=0
Access-Control-Allow-Credentials
false
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
webfontloader.js
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame 6DEA 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
Requested by
Host: publish.responsiveads.com
URL: https://publish.responsiveads.com/libs/radical.r6.min.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://www.paradisepost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Apr 2021 14:10:21 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"max_age":604800,"report_to":"cf-nel"}
age
282308
cross-origin-resource-policy
cross-origin
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
4420
cf-request-id
09b01d60ca00001f3944a72000000001
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:17:52 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb04030-30d9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=HQWYCRqX7f9LCuu5ahSfJ%2FwCETCISn2MBJPWmMa0lfqK10B1f%2FgNPmPMgqoM96JzRlJ9pfRwhUbUceHnnJ2UwhBck%2BViftRVJvgnFvZ%2F5luEinw%2FpyBnUEFuX2Dx9zlt8w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
646064e14c971f39-FRA
expires
Sat, 16 Apr 2022 14:10:21 GMT
logo.png
publish.responsiveads.com/ads/603483c34a5858822d003a18/img/ Frame 6DEA 		22 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://publish.responsiveads.com/ads/603483c34a5858822d003a18/img/logo.png
Requested by
Host: www.paradisepost.com
URL: https://www.paradisepost.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.17.190.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
130bc30954b49fb8a459a23030da8e99ea81fa334e0ae5815619922abff43aa9

Request headers

Referer
https://www.paradisepost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 26 Apr 2021 14:10:22 GMT
x-amz-request-id
EA5181E486EC8672
Connection
keep-alive
Content-Length
23013
x-amz-id-2
LNV+0B/Ui1nhDZgc6evQf4vT6fCOOSHhy4jhNjSwrJW6XGNiuaC/vPJOjC5MHN6WxX9V4XngTHY=
Last-Modified
Tue, 23 Feb 2021 08:30:35 GMT
Server
AmazonS3
ETag
"76d4ccadea4711df8c0a46ce92447e64"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET,HEAD
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
private, max-age=26783154
Access-Control-Allow-Credentials
false
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
photo.jpg
publish.responsiveads.com/ads/603483c34a5858822d003a18/img/ Frame 6DEA 		25 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://publish.responsiveads.com/ads/603483c34a5858822d003a18/img/photo.jpg
Requested by
Host: www.paradisepost.com
URL: https://www.paradisepost.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.17.190.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9853afb9eeaa6b0e338dce19dbe6d152c3302ae15b685a3b818145cd907ef245

Request headers

Referer
https://www.paradisepost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 26 Apr 2021 14:10:22 GMT
x-amz-request-id
B3415B91F632F223
Connection
keep-alive
Content-Length
25521
x-amz-id-2
QO85wIXrU8Xc+ZUY2dk+E3gOmzQJ5kihmvV9xM+COo6aS6qsjTslIG6YGso4w06qpwdqIASTtIw=
Last-Modified
Tue, 23 Feb 2021 08:30:35 GMT
Server
AmazonS3
ETag
"07176c87144fa90b953a181f7988bca4"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET,HEAD
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
private, max-age=26783168
Access-Control-Allow-Credentials
false
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
ivegotanswers.png
publish.responsiveads.com/ads/603483c34a5858822d003a18/img/ Frame 6DEA 		31 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://publish.responsiveads.com/ads/603483c34a5858822d003a18/img/ivegotanswers.png
Requested by
Host: www.paradisepost.com
URL: https://www.paradisepost.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.17.190.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1088a6316c5ce729bd2db82a26cc4411304b53573dcbd51d4da97c9c205e2b06

Request headers

Referer
https://www.paradisepost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 26 Apr 2021 14:10:22 GMT
x-amz-request-id
1W5T0GEMBX6N0X1G
Connection
keep-alive
Content-Length
31880
x-amz-id-2
9SYawt3InwJF5BkIlbkb3itT8ZEVvSfRd6R5SQjwoqcj2yEGEWBf0DyTjRI+HXFRHTolmM9dkYo=
Last-Modified
Tue, 23 Feb 2021 08:30:35 GMT
Server
AmazonS3
ETag
"95c3b762b4431a6b5087885a75ca151d"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET,HEAD
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
private, max-age=26783200
Access-Control-Allow-Credentials
false
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
css
fonts.googleapis.com/ Frame C2BB 		672 B
445 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Lato:300
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
1f4623db072ce1ab396e285ee6885ac3be5525853e0b795831201de566f7d384
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://1b0804fc21f67a6688ab78dc3831390d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 26 Apr 2021 13:55:13 GMT
server
ESF
date
Mon, 26 Apr 2021 14:10:21 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 26 Apr 2021 14:10:21 GMT
css
fonts.googleapis.com/ Frame C2BB 		664 B
464 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Lato
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
4f492217356942753e3ae962475ec7ca6f0715adc04b49021d39401d83b72e5d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://1b0804fc21f67a6688ab78dc3831390d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 26 Apr 2021 13:17:38 GMT
server
ESF
date
Mon, 26 Apr 2021 14:10:21 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 26 Apr 2021 14:10:21 GMT
css
fonts.googleapis.com/ Frame A5DC 		672 B
359 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Lato:300
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
1f4623db072ce1ab396e285ee6885ac3be5525853e0b795831201de566f7d384
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.paradisepost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 26 Apr 2021 14:03:39 GMT
server
ESF
date
Mon, 26 Apr 2021 14:10:21 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 26 Apr 2021 14:10:21 GMT
css
fonts.googleapis.com/ Frame A5DC 		664 B
355 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Lato
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
4f492217356942753e3ae962475ec7ca6f0715adc04b49021d39401d83b72e5d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.paradisepost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 26 Apr 2021 13:17:22 GMT
server
ESF
date
Mon, 26 Apr 2021 14:10:21 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 26 Apr 2021 14:10:21 GMT
css
fonts.googleapis.com/ Frame 5529 		672 B
359 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Lato:300
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
1f4623db072ce1ab396e285ee6885ac3be5525853e0b795831201de566f7d384
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.paradisepost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 26 Apr 2021 13:48:40 GMT
server
ESF
date
Mon, 26 Apr 2021 14:10:21 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 26 Apr 2021 14:10:21 GMT
css
fonts.googleapis.com/ Frame 5529 		664 B
355 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Lato
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
4f492217356942753e3ae962475ec7ca6f0715adc04b49021d39401d83b72e5d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.paradisepost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 26 Apr 2021 13:05:22 GMT
server
ESF
date
Mon, 26 Apr 2021 14:10:21 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 26 Apr 2021 14:10:21 GMT
css
fonts.googleapis.com/ Frame 6DEA 		672 B
360 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Lato:900
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
783b19ce6e3caa738691d51adf23d6280c4046739a34a6e8cc4c16ec985a6c21
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.paradisepost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 26 Apr 2021 13:15:21 GMT
server
ESF
date
Mon, 26 Apr 2021 14:10:21 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 26 Apr 2021 14:10:21 GMT
css
fonts.googleapis.com/ Frame 6DEA 		776 B
403 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Bodoni+Moda:800
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
26ea50fbe59aa8572f43fbe4fd3063b84aac44caf0288103cbe356bdfb3f47c6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.paradisepost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 26 Apr 2021 14:10:21 GMT
server
ESF
date
Mon, 26 Apr 2021 14:10:21 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 26 Apr 2021 14:10:21 GMT
css
fonts.googleapis.com/ Frame 6DEA 		672 B
359 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Lato:700
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
9c17e2ed4cd8b80956eac25d822740ba6028330f2a1738fdd4f77a8dda5eda3d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.paradisepost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 26 Apr 2021 12:26:21 GMT
server
ESF
date
Mon, 26 Apr 2021 14:10:21 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 26 Apr 2021 14:10:21 GMT
css
fonts.googleapis.com/ Frame 6DEA 		664 B
355 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Lato:400
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
4f492217356942753e3ae962475ec7ca6f0715adc04b49021d39401d83b72e5d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.paradisepost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 26 Apr 2021 13:54:22 GMT
server
ESF
date
Mon, 26 Apr 2021 14:10:21 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 26 Apr 2021 14:10:21 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame C2BB 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuCGSW2xSGEimEeNjgMxararecozQk2h2vb3sjqUuYQULCCsOaxKMvs19QCS7CZG-zO16S3Rk_Rc4HZuvDVekJwD4kRATDBRUC64ImoIU5-niD_iIwvRVDudGKgc2HvyU4pGtm1qpX_2OwkVajYLcy7zt7PWbsU-2YFsCMCMOsGuQ5c3yZ3yTjSrPtosJfen7k1pQn1BTytBDtxvpmGPk6cFvxxacnzeVeN2YBs7mztNUSrf1wNQ-eY38Y4v7zdWLYkyO3m3Pw7yDfYLjGKvENTxYAoiNMKeLP7oS9M1dE1wfTe2g4H-uzLre2EK101HA&sai=AMfl-YSjOqgMY7qktOuQfa9t54Gs5O0YzyCPgbh0t2_tJ8WtnBpmQvMdAPUqqkwC5i9KOnzPOXgvi25a9aMes74eiJM2jpl-_Lxhu5pdxIX3_cmR8BW5M1-BEv2b5Uv6-fmd&sig=Cg0ArKJSzNGUaXsiEn0yEAE&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://1b0804fc21f67a6688ab78dc3831390d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 26 Apr 2021 14:10:21 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Mon, 26 Apr 2021 14:10:21 GMT
S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v17/ Frame C2BB 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v17/S6uyw4BMUTPHjx4wXg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://1b0804fc21f67a6688ab78dc3831390d.safeframe.googlesyndication.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Apr 2021 15:44:07 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:10:46 GMT
server
sffe
age
339974
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23484
x-xss-protection
0
expires
Fri, 22 Apr 2022 15:44:07 GMT
S6u9w4BMUTPHh7USSwiPGQ.woff2
fonts.gstatic.com/s/lato/v17/ Frame C2BB 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v17/S6u9w4BMUTPHh7USSwiPGQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:300
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9194059997d722ec01e41980dffbff03ebe00808b1cdd164a7fd18a561bc312a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://1b0804fc21f67a6688ab78dc3831390d.safeframe.googlesyndication.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Apr 2021 21:58:12 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:12:05 GMT
server
sffe
age
490329
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23248
x-xss-protection
0
expires
Wed, 20 Apr 2022 21:58:12 GMT
S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v17/ Frame A5DC 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v17/S6uyw4BMUTPHjx4wXg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.paradisepost.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Apr 2021 15:44:07 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:10:46 GMT
server
sffe
age
339974
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23484
x-xss-protection
0
expires
Fri, 22 Apr 2022 15:44:07 GMT
S6u9w4BMUTPHh7USSwiPGQ.woff2
fonts.gstatic.com/s/lato/v17/ Frame A5DC 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v17/S6u9w4BMUTPHh7USSwiPGQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:300
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9194059997d722ec01e41980dffbff03ebe00808b1cdd164a7fd18a561bc312a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.paradisepost.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Apr 2021 21:58:12 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:12:05 GMT
server
sffe
age
490329
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23248
x-xss-protection
0
expires
Wed, 20 Apr 2022 21:58:12 GMT
S6u9w4BMUTPHh7USSwiPGQ.woff2
fonts.gstatic.com/s/lato/v17/ Frame 5529 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v17/S6u9w4BMUTPHh7USSwiPGQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:300
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9194059997d722ec01e41980dffbff03ebe00808b1cdd164a7fd18a561bc312a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.paradisepost.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Apr 2021 21:58:12 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:12:05 GMT
server
sffe
age
490329
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23248
x-xss-protection
0
expires
Wed, 20 Apr 2022 21:58:12 GMT
S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v17/ Frame 5529 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v17/S6uyw4BMUTPHjx4wXg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.paradisepost.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Apr 2021 15:44:07 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:10:46 GMT
server
sffe
age
339974
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23484
x-xss-protection
0
expires
Fri, 22 Apr 2022 15:44:07 GMT
aFT67PxzY382XsXX63LUYL6GYFcan6NJrKp-VPjfJMShrpsGFUt8oc7d8Id4tA.woff2
fonts.gstatic.com/s/bodonimoda/v7/ Frame 6DEA 		12 KB
12 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/bodonimoda/v7/aFT67PxzY382XsXX63LUYL6GYFcan6NJrKp-VPjfJMShrpsGFUt8oc7d8Id4tA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Bodoni+Moda:800
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1e6e676903ba72543e90e353e45f2f154b001a2efa9e38a487d37bff083ab061
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.paradisepost.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Apr 2021 15:51:09 GMT
x-content-type-options
nosniff
last-modified
Fri, 19 Mar 2021 04:40:15 GMT
server
sffe
age
339552
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12388
x-xss-protection
0
expires
Fri, 22 Apr 2022 15:51:09 GMT
S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v17/ Frame 6DEA 		22 KB
22 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v17/S6u9w4BMUTPHh6UVSwiPGQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:700
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8d3ca80fa271e94b0c36cf3053b0f806b7a42bb3395b424c99dc0bd218f0ac20
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.paradisepost.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Apr 2021 01:32:03 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:12:12 GMT
server
sffe
age
563898
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
22992
x-xss-protection
0
expires
Wed, 20 Apr 2022 01:32:03 GMT
S6u9w4BMUTPHh50XSwiPGQ.woff2
fonts.gstatic.com/s/lato/v17/ Frame 6DEA 		22 KB
22 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v17/S6u9w4BMUTPHh50XSwiPGQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:900
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7d4243c8e973ec0cfc707904891ae4e3efc03dbc8923acb9755f9a35c92269a6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.paradisepost.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Apr 2021 22:35:36 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:10:30 GMT
server
sffe
age
488085
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
22572
x-xss-protection
0
expires
Wed, 20 Apr 2022 22:35:36 GMT
S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v17/ Frame 6DEA 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v17/S6uyw4BMUTPHjx4wXg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.paradisepost.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Apr 2021 15:44:07 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:10:46 GMT
server
sffe
age
339974
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23484
x-xss-protection
0
expires
Fri, 22 Apr 2022 15:44:07 GMT
copyy.png
publish.responsiveads.com/ads/60347c564a5858822d0039c3/img/ Frame C2BB 		41 KB
41 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://publish.responsiveads.com/ads/60347c564a5858822d0039c3/img/copyy.png
Requested by
Host: 1b0804fc21f67a6688ab78dc3831390d.safeframe.googlesyndication.com
URL: https://1b0804fc21f67a6688ab78dc3831390d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.17.190.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4e5d26bed2b6c193e54e8ea3aa0918b88020536295d21b6b34cb483b41534f99

Request headers

Referer
https://1b0804fc21f67a6688ab78dc3831390d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 26 Apr 2021 14:10:22 GMT
x-amz-request-id
RHVFJ39FXRDW7CVM
Connection
keep-alive
Content-Length
41688
x-amz-id-2
Yv7Cb+SBpz2dm64XjqXdjisc8MWvreCuw9AOqIqdL84WyuH8CT5Hla3FoPU/TdH4+U9lG5mYjxI=
Last-Modified
Tue, 23 Feb 2021 05:45:48 GMT
Server
AmazonS3
ETag
"7eb746773ac0e5f43b7f43d0d1d7f04b"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET,HEAD
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
private, max-age=31392517
Access-Control-Allow-Credentials
false
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
image.jpg
publish.responsiveads.com/ads/60347c564a5858822d0039c3/img/ Frame C2BB 		125 KB
126 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://publish.responsiveads.com/ads/60347c564a5858822d0039c3/img/image.jpg
Requested by
Host: 1b0804fc21f67a6688ab78dc3831390d.safeframe.googlesyndication.com
URL: https://1b0804fc21f67a6688ab78dc3831390d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.17.190.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a201231235ae318340e214f38c338d79f38d269ffbb64d06ff1e01fc6fffc222

Request headers

Referer
https://1b0804fc21f67a6688ab78dc3831390d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 26 Apr 2021 14:10:22 GMT
x-amz-request-id
RHVCBBJ6RG7AFBER
Connection
keep-alive
Content-Length
128279
x-amz-id-2
z9MBHQiEwveqcEGoiMyiFPbya1MmTAI+n8cDEpPRkM2sByj9NXh2jaibCT7CSNRNA6jRztCwWjo=
Last-Modified
Tue, 23 Feb 2021 05:45:48 GMT
Server
AmazonS3
ETag
"5a930123750366ef75132531191e5dd1"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET,HEAD
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
private, max-age=31392519
Access-Control-Allow-Credentials
false
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
___tp.gif
analytics.responsiveads.com/ Frame C2BB 		43 B
187 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analytics.responsiveads.com/___tp.gif?rada=&radb=&aid=60347c564a5858822d0039c3&fl=60347c574a5858822d0039c6&deployment=60347c5c4a5858822d0039dc&pu=undefined&dm=&asid=5672744082&ascid=138340629666&pcat=-1&sr=1600x1200&vs=undefined&as=300x250&o=null&ald=null&ascb=652699239&uuid=635db46a-2ca7-4e48-934e-1d48735ea3bb&ec=0&bl=en-US&pt=undefined&e=impression&cb=1619446221149
Requested by
Host: www.paradisepost.com
URL: https://www.paradisepost.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.218.108.153 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://1b0804fc21f67a6688ab78dc3831390d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 26 Apr 2021 14:10:21 GMT
Connection
keep-alive
transfer-encoding
chunked
Content-Type
image/gif
logo.png
publish.responsiveads.com/ads/60347c564a5858822d0039c3/img/ Frame C2BB 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://publish.responsiveads.com/ads/60347c564a5858822d0039c3/img/logo.png
Requested by
Host: 1b0804fc21f67a6688ab78dc3831390d.safeframe.googlesyndication.com
URL: https://1b0804fc21f67a6688ab78dc3831390d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.17.190.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7b83f543b8d57f489fb9940d4eeed453ce79b48f58f70561aabe6b6628be52e2

Request headers

Referer
https://1b0804fc21f67a6688ab78dc3831390d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 26 Apr 2021 14:10:22 GMT
x-amz-request-id
RHVE5GHFZ7REQ9VY
Connection
keep-alive
Content-Length
9169
x-amz-id-2
5+qePZMjWDn8nm9iZYoIqQql85t4ZT6ig7+2ONTH07KZeljsYfoS/m+MjZ+Mk5+Ir40Z99OyTDk=
Last-Modified
Tue, 23 Feb 2021 05:45:48 GMT
Server
AmazonS3
ETag
"e004d9c3e4739f12079fe5dacd7443ba"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET,HEAD
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
private, max-age=31392450
Access-Control-Allow-Credentials
false
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
image.jpg
publish.responsiveads.com/ads/60347c564a5858822d0039c3/img/ Frame A5DC 		125 KB
126 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://publish.responsiveads.com/ads/60347c564a5858822d0039c3/img/image.jpg
Requested by
Host: www.paradisepost.com
URL: https://www.paradisepost.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.17.190.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a201231235ae318340e214f38c338d79f38d269ffbb64d06ff1e01fc6fffc222

Request headers

Referer
https://www.paradisepost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 26 Apr 2021 14:10:21 GMT
x-amz-request-id
RHVCBBJ6RG7AFBER
Connection
keep-alive
Content-Length
128279
x-amz-id-2
z9MBHQiEwveqcEGoiMyiFPbya1MmTAI+n8cDEpPRkM2sByj9NXh2jaibCT7CSNRNA6jRztCwWjo=
Last-Modified
Tue, 23 Feb 2021 05:45:48 GMT
Server
AmazonS3
ETag
"5a930123750366ef75132531191e5dd1"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET,HEAD
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
private, max-age=31392520
Access-Control-Allow-Credentials
false
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
___tp.gif
analytics.responsiveads.com/ Frame A5DC 		43 B
187 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analytics.responsiveads.com/___tp.gif?rada=&radb=&aid=60347c564a5858822d0039c3&fl=60347c574a5858822d0039c6&deployment=60347c5c4a5858822d0039dc&pu=https%3A%2F%2Fwww.paradisepost.com%2F&dm=&asid=5672744082&ascid=138340629621&pcat=-1&sr=1600x1200&vs=1600x1200&as=1610x250&o=null&ald=null&ascb=1108214041&uuid=ae0caa96-d347-4bf5-a379-419a285404e7&ec=0&bl=en-US&pt=Paradisepost.com%20covers%20local%20news%20in%20Paradise%2C%20California.%20Keep%20up%20with%20all%20business%2C%20wildfire%20recovery%2C%20local%20sports%2C%20outdoors%2C%20local%20columnists%20and%20more.&e=impression&cb=1619446221189
Requested by
Host: www.paradisepost.com
URL: https://www.paradisepost.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.218.108.153 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://www.paradisepost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 26 Apr 2021 14:10:21 GMT
Connection
keep-alive
transfer-encoding
chunked
Content-Type
image/gif
logo.png
publish.responsiveads.com/ads/60347c564a5858822d0039c3/img/ Frame A5DC 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://publish.responsiveads.com/ads/60347c564a5858822d0039c3/img/logo.png
Requested by
Host: www.paradisepost.com
URL: https://www.paradisepost.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.17.190.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7b83f543b8d57f489fb9940d4eeed453ce79b48f58f70561aabe6b6628be52e2

Request headers

Referer
https://www.paradisepost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 26 Apr 2021 14:10:22 GMT
x-amz-request-id
RHVE5GHFZ7REQ9VY
Connection
keep-alive
Content-Length
9169
x-amz-id-2
5+qePZMjWDn8nm9iZYoIqQql85t4ZT6ig7+2ONTH07KZeljsYfoS/m+MjZ+Mk5+Ir40Z99OyTDk=
Last-Modified
Tue, 23 Feb 2021 05:45:48 GMT
Server
AmazonS3
ETag
"e004d9c3e4739f12079fe5dacd7443ba"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET,HEAD
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
private, max-age=31392450
Access-Control-Allow-Credentials
false
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
views
prod-dfm-proxy-connext.azurewebsites.net/api/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://prod-dfm-proxy-connext.azurewebsites.net/api/views
Protocol
HTTP/1.1
Server
13.85.16.224 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
access-control-allow-origin,attr,authorization,autoqa,config-code,content-type,environment,location,settingskey,site-code,source-system,ssid,version
Origin
https://www.paradisepost.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Access-Control-Allow-Origin
*
Access-Control-Allow-Headers
access-control-allow-origin,attr,authorization,autoqa,config-code,content-type,environment,location,settingskey,site-code,source-system,ssid,version
X-Powered-By
ASP.NET
Date
Mon, 26 Apr 2021 14:10:21 GMT
Content-Length
0
views
prod-dfm-proxy-connext.azurewebsites.net/api/ 		0
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prod-dfm-proxy-connext.azurewebsites.net/api/views
Requested by
Host: cdn.ayc0zsm69431gfebd.xyz
URL: https://cdn.ayc0zsm69431gfebd.xyz/prod/dfm/t8y9347t.min.js?
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.85.16.224 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET, ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

authorization
Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1bmlxdWVfbmFtZSI6IkNvbm5lWHQiLCJleHAiOjE2MTk0NjA2MTl9.V2U-oRgzyTKh8CxU5lt8U46_ch49wW_jxRC0MXBH6Yo
source-system
Plugin
site-code
DFM
autoqa
false
access-control-allow-origin
*
settingskey
NORCAL,PP
ssid
2a5b2a105422aebc5c9e9ceb8e017334
environment
prod
attr
PP
config-code
NORCALNVPRODWP
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
application/json
location
System
accept
application/json
Referer
https://www.paradisepost.com/
version
Version: 2.5.4.3_swg

Response headers

Pragma
no-cache
Date
Mon, 26 Apr 2021 14:10:21 GMT
Server
Microsoft-IIS/10.0
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET, ASP.NET
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
X-Server-Time,Request-Context
Cache-Control
no-cache
Request-Context
appId=cid-v1:b3b1c194-8bfe-45e5-8168-866947d4f019
Content-Length
0
X-Server-Time
4/26/2021 2:10:21 PM
Expires
-1
activeview
pagead2.googlesyndication.com/pcs/ Frame 5529 		42 B
501 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuFNY6FdljYNZCJzlDZo_6CKFaFG_V_eHvhAQ3O6-49yS0nlg5ZjQSmGrQBpNVZfjeEMk9r-ti0veft_7kb5hS9lJZgS8W3n3SnsECjfXo&sig=Cg0ArKJSzI4Pt_R2at43EAE&id=lidar2&mcvt=1001&p=182,0,432,1600&mtos=1185,1185,1185,1185,1185&tos=1185,0,0,0,0&v=20210421&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=19&adk=3231401727&rs=4&met=ce&la=1&cr=0&osd=1&vs=4&rst=1619446220275&dlt=0&rpt=327&isd=0&msd=0&r=v&fum=1
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.paradisepost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 26 Apr 2021 14:10:22 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame C2BB 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstrJsFP2dy7HPvzDAznMt5bDEGu031q3kF_RBWflFhWuFNjnU3-j3m6a8c-nYeHUk4s9I0mJUspidTJQdk-zwNJ3Ic2d2oO7p9kFdOlnXw&sig=Cg0ArKJSzKlmEaoBd2v0EAE&id=lidar2&mcvt=1000&p=305,1138,555,1438&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20210421&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=19&adk=301434903&rs=4&met=ce&la=0&cr=0&osd=1&vs=4&rst=1619446220277&dlt=56&rpt=385&isd=0&msd=0&r=v&fum=1
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://1b0804fc21f67a6688ab78dc3831390d.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 26 Apr 2021 14:10:22 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
image.jpg
publish.responsiveads.com/ads/60347c564a5858822d0039c3/img/ Frame 5529 		125 KB
126 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://publish.responsiveads.com/ads/60347c564a5858822d0039c3/img/image.jpg
Requested by
Host: www.paradisepost.com
URL: https://www.paradisepost.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.17.190.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a201231235ae318340e214f38c338d79f38d269ffbb64d06ff1e01fc6fffc222

Request headers

Referer
https://www.paradisepost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 26 Apr 2021 14:10:22 GMT
x-amz-request-id
RHVCBBJ6RG7AFBER
Connection
keep-alive
Content-Length
128279
x-amz-id-2
z9MBHQiEwveqcEGoiMyiFPbya1MmTAI+n8cDEpPRkM2sByj9NXh2jaibCT7CSNRNA6jRztCwWjo=
Last-Modified
Tue, 23 Feb 2021 05:45:48 GMT
Server
AmazonS3
ETag
"5a930123750366ef75132531191e5dd1"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET,HEAD
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
private, max-age=31392519
Access-Control-Allow-Credentials
false
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
___tp.gif
analytics.responsiveads.com/ Frame 5529 		43 B
187 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analytics.responsiveads.com/___tp.gif?rada=&radb=&aid=60347c564a5858822d0039c3&fl=60347c574a5858822d0039c6&deployment=60347c5c4a5858822d0039dc&pu=https%3A%2F%2Fwww.paradisepost.com%2F&dm=&asid=5672744082&ascid=138340565573&pcat=-1&sr=1600x1200&vs=1600x1200&as=1600x250&o=null&ald=null&ascb=906461693&uuid=deb01cc2-8e49-44e3-89ef-2227339ebf5f&ec=0&bl=en-US&pt=Paradisepost.com%20covers%20local%20news%20in%20Paradise%2C%20California.%20Keep%20up%20with%20all%20business%2C%20wildfire%20recovery%2C%20local%20sports%2C%20outdoors%2C%20local%20columnists%20and%20more.&e=impression&cb=1619446222095
Requested by
Host: www.paradisepost.com
URL: https://www.paradisepost.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.218.108.153 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://www.paradisepost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 26 Apr 2021 14:10:22 GMT
Connection
keep-alive
transfer-encoding
chunked
Content-Type
image/gif
logo.png
publish.responsiveads.com/ads/60347c564a5858822d0039c3/img/ Frame 5529 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://publish.responsiveads.com/ads/60347c564a5858822d0039c3/img/logo.png
Requested by
Host: www.paradisepost.com
URL: https://www.paradisepost.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.17.190.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7b83f543b8d57f489fb9940d4eeed453ce79b48f58f70561aabe6b6628be52e2

Request headers

Referer
https://www.paradisepost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 26 Apr 2021 14:10:22 GMT
x-amz-request-id
RHVE5GHFZ7REQ9VY
Connection
keep-alive
Content-Length
9169
x-amz-id-2
5+qePZMjWDn8nm9iZYoIqQql85t4ZT6ig7+2ONTH07KZeljsYfoS/m+MjZ+Mk5+Ir40Z99OyTDk=
Last-Modified
Tue, 23 Feb 2021 05:45:48 GMT
Server
AmazonS3
ETag
"e004d9c3e4739f12079fe5dacd7443ba"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET,HEAD
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
private, max-age=31392450
Access-Control-Allow-Credentials
false
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
ivegotanswers.png
publish.responsiveads.com/ads/603483c34a5858822d003a18/img/ Frame 6DEA 		31 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://publish.responsiveads.com/ads/603483c34a5858822d003a18/img/ivegotanswers.png
Requested by
Host: www.paradisepost.com
URL: https://www.paradisepost.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.17.190.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1088a6316c5ce729bd2db82a26cc4411304b53573dcbd51d4da97c9c205e2b06

Request headers

Referer
https://www.paradisepost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 26 Apr 2021 14:10:22 GMT
x-amz-request-id
1W5T0GEMBX6N0X1G
Connection
keep-alive
Content-Length
31880
x-amz-id-2
9SYawt3InwJF5BkIlbkb3itT8ZEVvSfRd6R5SQjwoqcj2yEGEWBf0DyTjRI+HXFRHTolmM9dkYo=
Last-Modified
Tue, 23 Feb 2021 08:30:35 GMT
Server
AmazonS3
ETag
"95c3b762b4431a6b5087885a75ca151d"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET,HEAD
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
private, max-age=26783200
Access-Control-Allow-Credentials
false
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
logo.png
publish.responsiveads.com/ads/603483c34a5858822d003a18/img/ Frame 6DEA 		22 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://publish.responsiveads.com/ads/603483c34a5858822d003a18/img/logo.png
Requested by
Host: www.paradisepost.com
URL: https://www.paradisepost.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.17.190.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
130bc30954b49fb8a459a23030da8e99ea81fa334e0ae5815619922abff43aa9

Request headers

Referer
https://www.paradisepost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 26 Apr 2021 14:10:22 GMT
x-amz-request-id
EA5181E486EC8672
Connection
keep-alive
Content-Length
23013
x-amz-id-2
LNV+0B/Ui1nhDZgc6evQf4vT6fCOOSHhy4jhNjSwrJW6XGNiuaC/vPJOjC5MHN6WxX9V4XngTHY=
Last-Modified
Tue, 23 Feb 2021 08:30:35 GMT
Server
AmazonS3
ETag
"76d4ccadea4711df8c0a46ce92447e64"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET,HEAD
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
private, max-age=26783154
Access-Control-Allow-Credentials
false
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
photo.jpg
publish.responsiveads.com/ads/603483c34a5858822d003a18/img/ Frame 6DEA 		25 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://publish.responsiveads.com/ads/603483c34a5858822d003a18/img/photo.jpg
Requested by
Host: www.paradisepost.com
URL: https://www.paradisepost.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.17.190.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9853afb9eeaa6b0e338dce19dbe6d152c3302ae15b685a3b818145cd907ef245

Request headers

Referer
https://www.paradisepost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 26 Apr 2021 14:10:22 GMT
x-amz-request-id
B3415B91F632F223
Connection
keep-alive
Content-Length
25521
x-amz-id-2
QO85wIXrU8Xc+ZUY2dk+E3gOmzQJ5kihmvV9xM+COo6aS6qsjTslIG6YGso4w06qpwdqIASTtIw=
Last-Modified
Tue, 23 Feb 2021 08:30:35 GMT
Server
AmazonS3
ETag
"07176c87144fa90b953a181f7988bca4"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET,HEAD
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
private, max-age=26783168
Access-Control-Allow-Credentials
false
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
___tp.gif
analytics.responsiveads.com/ Frame 6DEA 		43 B
187 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analytics.responsiveads.com/___tp.gif?rada=&radb=&aid=603483c34a5858822d003a18&fl=603483c44a5858822d003a19&deployment=603483ca4a5858822d003a2b&pu=https%3A%2F%2Fwww.paradisepost.com%2F&dm=&asid=5674281527&ascid=138340552907&pcat=-1&sr=1600x1200&vs=1600x1200&as=1280x250&o=null&ald=null&ascb=1152454226&uuid=f59667e7-31e1-48ba-a01d-0976c9b5f6c9&ec=0&bl=en-US&pt=Paradisepost.com%20covers%20local%20news%20in%20Paradise%2C%20California.%20Keep%20up%20with%20all%20business%2C%20wildfire%20recovery%2C%20local%20sports%2C%20outdoors%2C%20local%20columnists%20and%20more.&e=impression&cb=1619446222152
Requested by
Host: www.paradisepost.com
URL: https://www.paradisepost.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.218.108.153 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://www.paradisepost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 26 Apr 2021 14:10:22 GMT
Connection
keep-alive
transfer-encoding
chunked
Content-Type
image/gif
lb
be.durationmedia.net/ 		0
578 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://be.durationmedia.net/lb?s=10529&t=SD&c=6
Requested by
Host: tag.durationmedia.net
URL: https://tag.durationmedia.net/sites/10529/dm.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.192.127.138 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-192-127-138.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.paradisepost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 26 Apr 2021 14:10:22 GMT
X-Content-Type-Options
nosniff
X-Frame-Options
DENY
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Connection
keep-alive
Access-Control-Allow-Origin
https://www.paradisepost.com
Access-Control-Expose-Headers
Authorization
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Strict-Transport-Security
max-age=31536000 ; includeSubDomains
Content-Length
0
X-XSS-Protection
1; mode=block
Expires
0
___tp.gif
analytics.responsiveads.com/ Frame 5529 		43 B
187 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analytics.responsiveads.com/___tp.gif?rada=&radb=&aid=60347c564a5858822d0039c3&fl=60347c574a5858822d0039c6&deployment=60347c5c4a5858822d0039dc&pu=https%3A%2F%2Fwww.paradisepost.com%2F&dm=&asid=5672744082&ascid=138340565573&pcat=-1&sr=1600x1200&vs=1600x1200&as=1600x250&o=null&ald=null&ascb=906461693&uuid=deb01cc2-8e49-44e3-89ef-2227339ebf5f&ec=0&e=impressions&vi=true&vit=1000&cb=1619446223095
Requested by
Host: www.paradisepost.com
URL: https://www.paradisepost.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.218.108.153 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://www.paradisepost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 26 Apr 2021 14:10:23 GMT
Connection
keep-alive
transfer-encoding
chunked
Content-Type
image/gif
sponsorships
be.durationmedia.net/ 		603 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://be.durationmedia.net/sponsorships
Requested by
Host: tag.durationmedia.net
URL: https://tag.durationmedia.net/sites/10529/dm.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.192.127.138 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-192-127-138.compute-1.amazonaws.com
Software
/
Resource Hash
8beb818ace68c32da0a2a5548724e355cbfc1b7c8cf1a9cad395fa46afc0cbb3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.paradisepost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

Pragma
no-cache
Date
Mon, 26 Apr 2021 14:10:22 GMT
X-Content-Type-Options
nosniff
X-Frame-Options
DENY
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Connection
keep-alive
Content-Type
application/json
Access-Control-Allow-Origin
https://www.paradisepost.com
Access-Control-Expose-Headers
Authorization
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Strict-Transport-Security
max-age=31536000 ; includeSubDomains
Content-Length
603
X-XSS-Protection
1; mode=block
Expires
0
sponsorships
be.durationmedia.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://be.durationmedia.net/sponsorships
Protocol
HTTP/1.1
Server
34.192.127.138 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-192-127-138.compute-1.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://www.paradisepost.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
content-type
Access-Control-Allow-Methods
POST
Access-Control-Allow-Origin
https://www.paradisepost.com
Access-Control-Expose-Headers
Authorization
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Date
Mon, 26 Apr 2021 14:10:22 GMT
Expires
0
Pragma
no-cache
Strict-Transport-Security
max-age=31536000 ; includeSubDomains
Vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
X-Content-Type-Options
nosniff
X-Frame-Options
DENY
X-XSS-Protection
1; mode=block
Content-Length
0
Connection
keep-alive
cs.js
sb.scorecardresearch.com/internal-c2/default/
Redirect Chain
  • https://sb.scorecardresearch.com/c2/6035443/cs.js
  • https://sb.scorecardresearch.com/internal-c2/default/cs.js
0
349 B 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/internal-c2/default/cs.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.111.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-111-21.mad50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.paradisepost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Apr 2021 13:57:27 GMT
via
1.1 a6f1f6a7cb5a93f6f494d1d5945d867c.cloudfront.net (CloudFront)
etag
"d41d8cd98f00b204e9800998ecf8427e"
last-modified
Mon, 01 Mar 2021 20:42:20 GMT
server
AmazonS3
age
782
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-pop
MAD50-C1
accept-ranges
bytes
content-length
0
x-amz-cf-id
sPjuJgjQ5FAdcjIomsd6Cc48CaiqYC-8aqjxJGbVz0CZostb-URNYQ==

Redirect headers

date
Mon, 26 Apr 2021 14:10:28 GMT
via
1.1 a6f1f6a7cb5a93f6f494d1d5945d867c.cloudfront.net (CloudFront)
x-amz-cf-pop
MAD50-C1
vary
Accept
x-cache
Miss from cloudfront
content-type
text/plain; charset=utf-8
location
/internal-c2/default/cs.js
content-length
48
x-amz-cf-id
V-qX3K025aS-jAwGPvNas6vw3mHsvzpF7UH75hzzY8pG6cd-pIWzTQ==
syncframe
gum.criteo.com/ Frame 7711 		0
150 B 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?topUrl=www.paradisepost.com
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

:method
GET
:authority
gum.criteo.com
:scheme
https
:path
/syncframe?topUrl=www.paradisepost.com
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.paradisepost.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.paradisepost.com/

Response headers

cache-control
private, max-age=0
content-type
text/html; charset=utf-8
strict-transport-security
max-age=31536000
server-processing-duration-in-ticks
1583
date
Mon, 26 Apr 2021 14:10:27 GMT
content-length
0
sodar
pagead2.googlesyndication.com/getconfig/ 		9 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021042001&st=env
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f7c1d06fbe2a5fccddb413ec4898df9dcbf8e47e05896fedbda0a27065da0679
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.paradisepost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 26 Apr 2021 14:10:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6912
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.paradisepost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Apr 2021 14:10:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1616005470650935"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6437
x-xss-protection
0
expires
Mon, 26 Apr 2021 14:10:28 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/222/ Frame 5DD7 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/222/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.paradisepost.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.paradisepost.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
5022
date
Mon, 26 Apr 2021 14:10:04 GMT
expires
Tue, 26 Apr 2022 14:10:04 GMT
last-modified
Wed, 20 Jan 2021 19:23:06 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
24
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
track
dc.services.visualstudio.com/v2/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://dc.services.visualstudio.com/v2/track
Protocol
H2
Server
13.69.65.23 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type,sdk-context
Origin
https://www.paradisepost.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

access-control-allow-methods
POST
access-control-allow-headers
Origin, X-Requested-With, Content-Name, Content-Type, Accept, Sdk-Context
access-control-allow-origin
*
access-control-max-age
3600
x-content-type-options
nosniff
date
Mon, 26 Apr 2021 14:10:27 GMT
content-length
0
track
dc.services.visualstudio.com/v2/ 		736 B
854 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dc.services.visualstudio.com/v2/track
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.69.65.23 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
408c8fde93123f7592b27192935046c74160b9d6c54331b65dfdd15bff41388c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://www.paradisepost.com/
Sdk-Context
appId
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type
application/json

Response headers

x-ms-session-id
2C4AD6F1-0798-4EDB-9DB2-05CD35FC39B8
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
date
Mon, 26 Apr 2021 14:10:27 GMT
access-control-max-age
3600
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Name, Content-Type, Accept, Sdk-Context
content-length
736
wkpRfPPcRT5gRuVOwfaUS9di2m_GhEf8-oTDdHI7uwk.js
pagead2.googlesyndication.com/bg/ Frame 5DD7 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/wkpRfPPcRT5gRuVOwfaUS9di2m_GhEf8-oTDdHI7uwk.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c24a517cf3dc453e6046e54ec1f6944bd762da6fc68447fcfa84c374723bbb09
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Apr 2021 13:37:23 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Thu, 08 Apr 2021 09:18:00 GMT
server
sffe
age
1985
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5710
x-xss-protection
0
expires
Tue, 26 Apr 2022 13:37:23 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=222&t=2&li=gpt_2021042001&jk=2072232144047115&bg=!GxilGFzNAAZUuIlwVLg7ACkAdvg8WqZOuuhA2XWxsjeaxHWE-Lmk_aDFaLjI9JLQdKlgOhxc3YISdwIAAACOUgAAAApoAQcKAEmja0Lr7fp9xKySSR-YusQPThGWyHe6RLjCNWn6TX5B5JYkKhu4N63rww-Zcoa43mq_BjmooKRoOrOj15KfH9M-bd2TrwhA-Pt_mQImoOlgLPH078jM_HCcYRwgrltOOVxBozGJ3J_DkIQxNlnE3lD4R4LOSoss4LZ3BNr5l018Gau2p9qxOeoAdT-rIu7acO3ghnkUaj_OF_XPyoKw5kVoCsD_VeM6qRs72BqZizrItNMzjVj8S-dz4WW4K5hhCRkY1vvrLfPiiqBiFZ-nkxlsxCukRvPQXM-FvkwQgxuIybCvzr4hn63C8_2EWT8z2aQb1gmhGje9Ke1V8l3Qurw0Af1X17KAkAp6pJFkwQGaDN5r1ZLaCB8b3O25gjWXwKmk2HsS-KmlzFLgBUwBkMObELvI4X99TZbmHzHo8d3uc_dbah-4hjp5RchehjXvu-4R_heFRxg7TRK_q-PoekZptxMwmrkSTxHBvo1t7yjLNuI3ad1Kj8na0bzCJr3PuGQ9VJMsyhbSB292jtKPizu5rasRPpg6QiI8YyYmJ3KseIUZFHCH9LZbzd5pHA9CsjiHgvsOAh1HJ6wHIR3VfHzdJYhK8PFOxTy3v4SybwayhXD62I7n3WyCVJ10VFg_27bw6H4KJOqPg7XuOflJ320ehpi4FzkDRQHrseAqn11WIuAIH4oadbNMNApVhFG7187gWHQQl4JfcuhTOaUFFr93QS6rjnPHOO50CS58IOlifJEzGemHmE9xVzCWtNBGqUV75KjwsWhLDf815qrT-wO59_K8g1O-CfCFz17Qdn8LYa0QNsnb1yL_j7VVdh-Zk1JvEg
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.paradisepost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 26 Apr 2021 14:10:28 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

211 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated object| scriptHelpers function| loadCSS object| _wpemojiSettings number| MNG_SSO_TOOLS_GLOBAL_START_TIME function| $ function| jQuery object| MG2 function| PluginInitOverride object| MG2Loader string| loaderVersion string| loaderBuild object| appInsights object| deferredResources object| adLayersDFP object| adLayersAdServer function| AdLayersDFPAPI function| AdLayersAPI object| twemoji object| wp function| mngNewsletterVM function| koExtensions function| getRootUrl function| isTabletDevice function| isMobileDevice function| newsletterVM object| uiConfig object| cryptionService object| newsletterService object| userService object| constants function| isNotValid function| isModified function| notValidAndModified object| mg2Provider object| mg2WidgetAPI object| patterns string| scriptSrc string| serverUrl function| scrollParentToChildInnerId object| ko function| encrypt function| decrypt function| getUserProfileByEmail function| updateUserProfile function| initiateUserProfileUpdate object| CanadianProvinces object| States object| birthMonths object| birthYears object| birthDays object| genders object| ageRanges object| userRole object| newsletterFlow object| emailPrefTypeIds object| newsletterListMode object| newsletterViewStep function| isLogged function| getCustomerRegistrationId function| getContent function| setConfig function| init function| openNewsletter function| unsubscribeNewsletter function| changeProfile function| closeNewsletter function| addEventHandlers object| newsletterVMO object| dfpAdUnits object| googletag number| ranNum string| ranRPN function| DetectDevice string| dcatValue function| getParameterByName string| adTest object| dfpBuiltMappings object| dfpSizeMapping object| dfpAdLayer object| dfpAdDetails object| apstag function| analyticsEvent function| analyticsSocial function| analyticsVPV function| analyticsClearVPV function| analyticsForm object| dataLayer object| ggeac object| google_js_reporting_queue object| AI object| Microsoft function| __extends function| _endsWith object| google_tag_manager function| postscribe object| google_tag_manager_external function| closeMobileAdhesionAd object| picturefillCFG function| picturefill object| lazySizesConfig object| lazySizes boolean| dfmCanRunAds object| webpackChunkknowlton function| Headroom function| Hammer boolean| dml object| google_tag_data string| GoogleAnalyticsObject function| ga string| comscoreID object| _qevents function| fbq function| _fbq object| DML object| _stq function| st_go function| linktracker_init object| wpcom boolean| apstagLOADED undefined| nQuery number| ntvLoadStart object| ntv object| prdom object| onFocusEvents function| ntvjQueryInit function| ntvExtends function| ntvAppendStylesheet function| ntvAppendScript function| ntvArticleTracker function| ntvGetElementViewability function| ntvViewableImpressionTracker object| PostRelease object| ntvToutAds boolean| onFocus function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter undefined| google_measure_js_timing object| PARSELY function| quantserve function| __qc object| ezt object| _qoptions function| qtrack object| gaplugins object| gaGlobal object| gaData object| headertag object| Criteo function| headertag_render object| rubicontag object| LoaderConfig object| dm_logger string| pubcidCookie string| fpVersion string| fpBuild object| DeviceDetector object| Fingerprint object| nxtBundle object| webpackJsonpnxtBundle function| setImmediate function| clearImmediate object| NxtInner object| Connext object| CnnXt object| criteo_pubtag object| criteo_pubtag_106 object| Criteo_106 object| g2ExtendInits object| G2Analytics object| G2Insights object| MG2Insights object| MG2DL function| _typeof object| regeneratorRuntime boolean| dmjs_loaded object| gPartners object| googleToken object| googleIMState function| processGoogleToken number| __google_ad_urls_id number| google_unique_id object| __google_ad_urls boolean| google_osd_loaded boolean| google_onload_fired object| ampInaboxIframes object| ampInaboxPendingMessages function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb object| GoogleGcLKhOms object| google_image_requests

6 Cookies

Domain/Path Name / Value
.pubmatic.com/ Name: PugT
Value: 1619446227
.pubmatic.com/ Name: KRTBCOOKIE_336
Value: 5844-2841471244553776416
.pubmatic.com/ Name: KRTBCOOKIE_57
Value: 22776-991921832087954775
.pubmatic.com/ Name: KRTBCOOKIE_699
Value: 22727-AACmq07BDZQAAClHFfwJxQ
.pubmatic.com/ Name: KRTBCOOKIE_466
Value: 16530-ed047fc7-8116-4fd2-83bd-7e8ac31bf307
.pubmatic.com/ Name: PUBMDCID
Value: 3

41 Console Messages

Source Level URL
Text
console-api info URL: https://c.go-fet.ch/a/embed.js?ver=1.0.0(Line 2)
Message:
Powered by DML âš¡ : 20210329-pathed-headers-1-g79d2644_prod_master
console-api info URL: https://c.go-fet.ch/a/embed.js?ver=1.0.0(Line 2)
Message:
DML Host : paradisepost.com
console-api info URL: https://c.go-fet.ch/a/embed.js?ver=1.0.0(Line 2)
Message:
DML.gpt.refresh slotsToRefreshQueue
console-api warning URL: https://connect.facebook.net/en_US/fbevents.js(Line 24)
Message:
[Facebook Pixel] - Invalid PixelID: null.
console-api error URL: https://www.paradisepost.com/wp-content/plugins/loader-wp/static/loader.min.js?ver=1.0.6.3(Line 8)
Message:
TypeError: Cannot read property 'getItem' of null
console-api error URL: https://www.paradisepost.com/wp-content/plugins/loader-wp/static/loader.min.js?ver=1.0.6.3(Line 8)
Message:
TypeError: Cannot read property 'setItem' of null
console-api error URL: https://www.paradisepost.com/wp-content/plugins/loader-wp/static/loader.min.js?ver=1.0.6.3(Line 8)
Message:
TypeError: Cannot read property 'getItem' of null
console-api error URL: https://www.paradisepost.com/wp-content/plugins/loader-wp/static/loader.min.js?ver=1.0.6.3(Line 8)
Message:
TypeError: Cannot read property 'getItem' of null
console-api error URL: https://www.paradisepost.com/wp-content/plugins/loader-wp/static/loader.min.js?ver=1.0.6.3(Line 8)
Message:
TypeError: Cannot read property 'getItem' of null
console-api error URL: https://www.paradisepost.com/wp-content/plugins/loader-wp/static/loader.min.js?ver=1.0.6.3(Line 8)
Message:
TypeError: Cannot read property 'getItem' of null
console-api error URL: https://www.paradisepost.com/wp-content/plugins/loader-wp/static/loader.min.js?ver=1.0.6.3(Line 8)
Message:
TypeError: Cannot read property 'getItem' of null
console-api error URL: https://www.paradisepost.com/wp-content/plugins/loader-wp/static/loader.min.js?ver=1.0.6.3(Line 8)
Message:
TypeError: Cannot read property 'getItem' of null
console-api error URL: https://www.paradisepost.com/wp-content/plugins/loader-wp/static/loader.min.js?ver=1.0.6.3(Line 8)
Message:
TypeError: Cannot read property 'getItem' of null
console-api error URL: https://www.paradisepost.com/wp-content/plugins/loader-wp/static/loader.min.js?ver=1.0.6.3(Line 8)
Message:
TypeError: Cannot read property 'getItem' of null
console-api error URL: https://www.paradisepost.com/wp-content/plugins/loader-wp/static/loader.min.js?ver=1.0.6.3(Line 8)
Message:
TypeError: Cannot read property 'getItem' of null
console-api info URL: https://c.go-fet.ch/a/embed.js?ver=1.0.0(Line 2)
Message:
DML.gpt.refresh slotsToRefreshQueue
console-api error URL: https://www.paradisepost.com/wp-content/plugins/loader-wp/static/loader.min.js?ver=1.0.6.3(Line 8)
Message:
TypeError: Cannot read property 'getItem' of null
console-api error URL: https://www.paradisepost.com/wp-content/plugins/loader-wp/static/loader.min.js?ver=1.0.6.3(Line 8)
Message:
TypeError: Cannot read property 'setItem' of null
console-api log URL: https://cdn.ayc0zsm69431gfebd.xyz/prod/dfm/t8y9347t.min.js?(Line 1)
Message:
[object Object] Utf8
console-api error URL: https://www.paradisepost.com/wp-content/plugins/loader-wp/static/loader.min.js?ver=1.0.6.3(Line 8)
Message:
TypeError: Cannot read property 'getItem' of null
console-api error URL: https://www.paradisepost.com/wp-content/plugins/loader-wp/static/loader.min.js?ver=1.0.6.3(Line 8)
Message:
TypeError: Cannot read property 'setItem' of null
console-api error URL: https://www.paradisepost.com/wp-content/plugins/loader-wp/static/loader.min.js?ver=1.0.6.3(Line 8)
Message:
TypeError: Cannot read property 'getItem' of null
console-api error URL: https://www.paradisepost.com/wp-content/plugins/loader-wp/static/loader.min.js?ver=1.0.6.3(Line 8)
Message:
TypeError: Cannot read property 'setItem' of null
console-api warning URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js(Line 1)
Message:
AI: UrlTooLong message:"input is too long, it has been truncated to 2048 characters." props:"{data:GET https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2072232144047115&correlator=1139252708100753&output=ldjh&impl=fifs&eid=31060736&vrg=2021042001&ptt=17&sc=1&sfv=1-0-38&ecs=20210426&iu_parts=8013%2Cparadisepost.com%2Chome&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2&prev_iu_szs=1x1%2C728x90%7C970x90%7C970x250%7C970x30%2C300x250%7C300x600%7C300x1050%2C300x250%2C300x250%2C728x90%7C970x90%2C300x70%2C300x70%2C1280x250%7C970x250%7C970x90%7C728x90%2C789x90&prev_scp=POS%3Dinterstitial%26kv%3Dhome%26RPN%3D14%26rurl%3D%26amznbid%3D2%26amznp%3D2%7CPOS%3Dtop_leaderboard%26kv%3Dhome%26RPN%3D14%26rurl%3D%26amznbid%3D2%26amznp%3D2%7CPOS%3DCube1_RRail_ATF%26kv%3Dhome%26RPN%3D14%26rurl%3D%26amznbid%3D2%26amznp%3D2%7CPOS%3DCube2_RRail_mid%26kv%3Dhome%26RPN%3D14%26rurl%3D%26amznbid%3D2%26amznp%3D2%7CPOS%3DCube3_RRail_lower%26kv%3Dhome%26RPN%3D14%26rurl%3D%26amznbid%3D2%26amznp%3D2%7CPOS%3Dbottom_leaderboard%26kv%3Dhome%26RPN%3D14%26rurl%3D%26amznbid%3D2%26amznp%3D2%7CPOS%3DSponsorship_1%26kv%3Dhome%26RPN%3D14%26rurl%3D%26amznbid%3D2%26amznp%3D2%7CPOS%3DSponsorship_1_mobile%26kv%3Dhome%26RPN%3D14%26rurl%3D%7CPOS%3DSponsorship_2%26kv%3Dhome%26RPN%3D14%26rurl%3D%26amznbid%3D2%26amznp%3D2%7CPOS%3Dmobile_adhesion%26kv%3Dhome%26RPN%3D14%26rurl%3D%26amznbid%3D2%26amznp%3D2&eri=1&cookie_enabled=1&bc=31&abxe=1&lmt=1619446219&dt=1619446219606&dlt=1619446217038&idt=1341&frm=20&biw=1600&bih=1200&oid=3&adxs=160%2C436%2C1138%2C1135%2C1135%2C160%2C1140%2C-9%2C-10%2C-12245933&adys=177%2C183%2C306%2C1853%2C2904%2C4283%2C17%2C-9%2C1274%2C-12245933&adks=640484692%2C3231401727%2C301434903%2C1469593279%2C2403591129%2C1980971098%2C1777005721%2C580641259%2C3503441901%2C2663280849&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7%7C8%7C9%7Ca&ifi=1&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.paradisepost.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1280x97%7C1280x97%7C304x935%7C}"
console-api log URL: https://publish.responsiveads.com/libs/radical.r6.min.js(Line 7)
Message:
Metrics: `ad-content-load` took 144ms
console-api log URL: https://publish.responsiveads.com/libs/radical.r6.min.js(Line 7)
Message:
Metrics: `ad-content-load` took 179ms
console-api log URL: https://publish.responsiveads.com/libs/radical.r6.min.js(Line 7)
Message:
Metrics: `ad-content-load` took 86ms
console-api log URL: https://publish.responsiveads.com/libs/radical.r6.min.js(Line 7)
Message:
Metrics: `flowline-load` took 0ms
console-api log URL: https://publish.responsiveads.com/libs/radical.r6.min.js(Line 7)
Message:
Metrics: `ad-content-load` took 249ms
console-api log URL: https://publish.responsiveads.com/libs/radical.r6.min.js(Line 7)
Message:
Metrics: `flowline-load` took 107ms
console-api log URL: https://publish.responsiveads.com/libs/radical.r6.min.js(Line 7)
Message:
Metrics: `flowline-load` took 194ms
console-api log URL: https://publish.responsiveads.com/libs/radical.r6.min.js(Line 7)
Message:
Metrics: `flowline-load` took 142ms
console-api log URL: https://publish.responsiveads.com/libs/radical.r6.min.js(Line 7)
Message:
Metrics: `asset-load-300x250` took 298ms
console-api log URL: https://publish.responsiveads.com/libs/radical.r6.min.js(Line 7)
Message:
Metrics: `ad-render-300x250` took 34ms
console-api log URL: https://publish.responsiveads.com/libs/radical.r6.min.js(Line 7)
Message:
Metrics: `asset-load-1610x250` took 313ms
console-api log URL: https://publish.responsiveads.com/libs/radical.r6.min.js(Line 7)
Message:
Metrics: `ad-render-1610x250` took 14ms
console-api log (Line 1)
Message:
Regular browsing
console-api log URL: https://publish.responsiveads.com/libs/radical.r6.min.js(Line 7)
Message:
Metrics: `asset-load-1600x250` took 1105ms
console-api log URL: https://publish.responsiveads.com/libs/radical.r6.min.js(Line 7)
Message:
Metrics: `ad-render-1600x250` took 10ms
console-api log URL: https://publish.responsiveads.com/libs/radical.r6.min.js(Line 7)
Message:
Metrics: `asset-load-1280x250` took 1085ms
console-api log URL: https://publish.responsiveads.com/libs/radical.r6.min.js(Line 7)
Message:
Metrics: `ad-render-1280x250` took 46ms

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: data: blob:; media-src blob: data: https:; object-src https:; child-src https: data: blob:; upgrade-insecure-requests; block-all-mixed-content;
Strict-Transport-Security max-age=31536000;includeSubdomains

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1b0804fc21f67a6688ab78dc3831390d.safeframe.googlesyndication.com
8idf2m851i.execute-api.us-east-1.amazonaws.com
aax-eu.amazon-adsystem.com
ad.360yield.com
ad.turn.com
ads.pubmatic.com
adservice.google.com
adservice.google.de
ajax.googleapis.com
amazon-tam-match.dotomi.com
analytics.responsiveads.com
aorta.clickagy.com
ap.lijit.com
api-mg2.db-ip.com
api.rlcdn.com
as-sec.casalemedia.com
aud.pubmatic.com
az416426.vo.msecnd.net
b1sync.zemanta.com
be.durationmedia.net
bh.contextweb.com
bidder.criteo.com
c.amazon-adsystem.com
c.go-fet.ch
c1.adform.net
casale-match.dotomi.com
cdn.ayc0zsm69431gfebd.xyz
cdn.parsely.com
cdnjs.cloudflare.com
ce.lijit.com
cm.adgrx.com
cm.g.doubleclick.net
cmp.osano.com
connect.facebook.net
creativecdn.com
cs.emxdgt.com
d1wa9546y9kg0n.cloudfront.net
d1z2jf7jlzjs58.cloudfront.net
d5p.de17a.com
data.adsrvr.org
dc.services.visualstudio.com
dis.criteo.com
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
eb2.3lift.com
eu-u.openx.net
event.clientgear.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
fp-cdn.azureedge.net
g2insights-cdn.azureedge.net
gum.criteo.com
hb.emxdgt.com
hbopenbid.pubmatic.com
htlb.casalemedia.com
ib.adnxs.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
jadserve.postrelease.com
js-sec.indexww.com
loader-cdn.azureedge.net
loadm.exelator.com
match.adsby.bidtheatre.com
match.adsrvr.org
match.deepintent.com
match.prod.bidr.io
mwzeom.zeotap.com
p.rfihub.com
p1.parsely.com
pagead2.googlesyndication.com
paradisepost.com
paywall-ad-bucket.s3.amazonaws.com
pixel-sync.sitescout.com
pixel.quantserve.com
pixel.tapad.com
pixel.wp.com
polyfill.io
pr-bh.ybp.yahoo.com
prod-dfm-proxy-connext.azurewebsites.net
prodmg2.blob.core.windows.net
publish.responsiveads.com
pubmatic-match.dotomi.com
rtb-csync.smartadserver.com
rtb.gumgum.com
rules.quantcount.com
s.amazon-adsystem.com
s.ntv.io
sb.scorecardresearch.com
secure.adnxs.com
secure.quantserve.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
ssbsync.smartadserver.com
ssum-sec.casalemedia.com
static.criteo.net
stats.g.doubleclick.net
stats.wp.com
sync-amz.ads.yieldmo.com
sync-tm.everesttech.net
sync.1rx.io
sync.ipredictive.com
sync.mathtag.com
sync.outbrain.com
sync.srv.stackadapt.com
sync.targeting.unrulymedia.com
sync.technoratimedia.com
tag.durationmedia.net
tg.socdm.com
tlx.3lift.com
tpc.googlesyndication.com
u.openx.net
uipglob.semasio.net
um.simpli.fi
ups.analytics.yahoo.com
us-u.openx.net
visitor.fiftyt.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.paradisepost.com
x.bidswitch.net
104.26.5.15
13.224.105.229
13.224.111.21
13.224.111.48
13.224.112.38
13.224.118.93
13.224.193.104
13.57.61.22
13.69.65.23
13.82.152.48
13.85.16.224
142.250.186.66
143.204.101.90
150.136.25.38
151.101.114.49
159.65.197.210
169.197.150.7
169.50.137.190
178.250.0.163
178.250.2.131
18.156.0.31
18.194.69.169
18.195.155.181
184.25.115.31
184.30.20.198
184.30.20.241
184.30.21.59
185.184.8.30
185.29.135.233
185.64.189.110
185.64.189.112
185.64.189.115
185.64.190.106
185.64.190.80
185.64.190.81
185.86.138.132
185.86.139.114
192.0.66.2
192.0.76.3
193.0.160.128
198.148.27.139
2.17.190.151
2001:678:cb4:bbbb::11
202.241.208.57
213.155.156.183
213.19.147.44
213.19.147.45
213.19.162.21
216.52.2.30
216.58.212.162
2600:9000:20c8:4c00:3:b7e:8940:93a1
2600:9000:20c8:dc00:6:44e3:f8c0:93a1
2600:9000:2156:ba00:c:2267:880:93a1
2600:9000:21f3:4800:10:ce97:9fc0:93a1
2600:9000:21f3:fa00:0:70b1:7080:93a1
2606:2800:233:1cb7:261b:1f9c:2074:3c
2606:4700:10::6816:1857
2606:4700::6810:135e
2620:116:800d:21:5a23:9c4e:e774:96c1
2a00:1288:110:c305::8000
2a00:1450:4001:801::2002
2a00:1450:4001:803::2001
2a00:1450:4001:803::2002
2a00:1450:4001:808::2003
2a00:1450:4001:80e::2003
2a00:1450:4001:80f::2002
2a00:1450:4001:80f::2004
2a00:1450:4001:811::200a
2a00:1450:4001:812::2002
2a00:1450:4001:813::2002
2a00:1450:4001:813::2008
2a00:1450:4001:827::200a
2a00:1450:4001:829::2001
2a00:1450:4001:82a::200e
2a00:1450:4001:82f::2001
2a00:1450:400c:c0c::9d
2a02:2638::1c
2a02:2638::3
2a02:fa8:8806:13::1400
2a02:fa8:8806:16::1400
2a03:2880:f01c:8012:face:b00c:0:3
2a04:4e42:200::621
3.120.57.190
3.124.27.129
3.126.158.103
3.218.108.153
34.120.133.55
34.192.127.138
34.194.161.83
34.98.64.218
35.201.96.126
35.227.248.159
37.157.2.237
37.252.172.45
37.252.173.62
47.252.78.131
52.0.80.108
52.21.173.249
52.210.202.173
52.216.16.248
52.48.151.83
52.57.162.23
52.95.118.60
54.226.160.243
54.228.162.19
54.77.19.59
54.78.254.47
64.202.112.31
64.202.112.95
66.155.71.150
72.21.206.140
72.251.241.204
72.251.249.14
77.243.60.138
85.114.159.93
010cec8aaebdb8d5d22d730acad82d4d249089bfc24f34c76a0c45778875cc85
029aa2098a58aa0ff6a1a2e8111c724cee41e8304b11d3148a602347556b7620
05054d229264172a8c88c3a9066dd31c790e01e79ab91af836e8e0f821599893
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
0859f5f9bf49348ef81d01f953d520c10a2a857961ef1bfad4a7903609889de5
09a93c6dadc9f8ae0e39dd1d80348d200f04f55a4e0834b4473286795b8ef4c7
0a6f418772b2d45638bebd596b47e399eb71474e6a28f1f51f96e3d08a36a793
0a881b8b814334490d0becf963a30456256fb315b555e11b37119722f0f98576
0ae5ed57dc48abbee125d5f915e37110c9f2bb6a95d1aa5ccf3c141f8fe10db3
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
0c5f584d1ea2c3313dc8c55824c2a572d3cf2eae87c5ca62a58e598aec9ddb5c
0d045102d1805eaa14a2969d9034ac1937836a248caeec5e29136c357cb316c0
0ebbc7fba9a50d36ef5422345f624431710db4528f25749d1d438c2c10bb69f2
100569fe3497039fb8d8301073f143d31de2dd8db6987c2b337a659a7f2221f5
1088a6316c5ce729bd2db82a26cc4411304b53573dcbd51d4da97c9c205e2b06
1253a35ae227bc3a277ee86c6fc21068468e8eab706ac80e7ca915f0cde67e05
130bc30954b49fb8a459a23030da8e99ea81fa334e0ae5815619922abff43aa9
1550346cc4acb90924ac38fd0a7157a20e8750c2df0fa0cfab411980c9bc1cfe
182abb62bdb40059dbda691bf6631cf6b471499a85971a5fd04832453d7b4141
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
1ad85dbee2475b4132a556bdbc445a036c823b935f20e42d64b24f72a9c9061f
1d4e66ef8f5ea94ffe457c995d263d41163c06c199cb6900dfc368b2214794a0
1e6e676903ba72543e90e353e45f2f154b001a2efa9e38a487d37bff083ab061
1ea03e7bb14df931f8a649756cffe9465c815aa0efc23acce14b50e21c3d20ad
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4
1f4623db072ce1ab396e285ee6885ac3be5525853e0b795831201de566f7d384
21ce91794ae3eb67c07244a144b7f75e2e9454148e7dc0ffe6bd0f521a41b893
23371b5319a53a0a2d3c59d738d679c384822c244ea4e791ef87a4110b8a291e
26ea50fbe59aa8572f43fbe4fd3063b84aac44caf0288103cbe356bdfb3f47c6
26ec8303cfff0fd4364cdeaa161854510fe4f00e56ea2e7f9ccbee5f6263aeb3
2a21b2cc4b971d6a396b220cb3ed6fbb523a2e2ab2507ead7f4fcefdf6909c38
2bd87606287ca15f713a40bebb5853a144dae7ddbc579705ed200485fccfa028
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2eaea49b9dc69e55921aa5b07325c53a34885ae439d55098ae661786bd39f124
2ecf69d9fb8539e9f6d4e044f126b8fd00e83ff6c8444bc8fda1e11403e50ba7
2fcc3c30a10f35c852ff3d27a846dcde5c87dfe2b6c2abd7c2a58f67791f9df2
31dd1a76f5ec8720d05064e40c40498a3b72c9973c476702b74fe2acf6840ce6
33d73255ddadc89ded0b0a694b7b15e88cbf0a55687be623d4a8350e162076ea
38037d8118d3c1c0064223db4065030d7eb1de0492a3b247a6c2025d2bf88579
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
408c8fde93123f7592b27192935046c74160b9d6c54331b65dfdd15bff41388c
47538b3441c69a5a8f0ae46e00cbb4170c9073616af2764cf43eae6d82cf4b08
4829ce2a70747b09e2e47c17829e2eb30d33cfe497b60cef7a63841d8a13f8aa
486e7061a989cf1c6834390c0fdc9a8d181f9179efe68fe8c35c254ff2d49de6
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
491862dbaffef0edb19176d5d9ff6f463f6b050ef94eba39c172ead124d7fd54
4956137c69656045c048a157aaa84859657bbc7744019d26cce6b5bded84cc49
4d5f2c09a690b52d4d5aacf685ce7e137ef476f335b705223373f6a986bcb287
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e5d26bed2b6c193e54e8ea3aa0918b88020536295d21b6b34cb483b41534f99
4f492217356942753e3ae962475ec7ca6f0715adc04b49021d39401d83b72e5d
51c61dd81616dc947955fc3f59d2e0116540fae383bed015ebddbf9ff4956a57
5201c813c37a4168cc5c20c701d4391fd0a55625f97eb9f263a74fb52b52fd0e
55066cbb4788eda20bf154e5c84845ba77f1188b4fa7a52b216db2c295bf36f6
59883dc82297de1d8ff485a115678ff6e56102eb1fc170c9808737535f6f8070
5ac01d849ba8bc5cb1db0fb1c11eeb011d67a8781396ded6dbfc645056bb5c8e
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
5cd0adb8711d3fef54741106b94d1803915aad414f554f5606d8c63b5d50edbb
5de79bd33c164a62fe3389aeef0af2f54b82e7f8ba5fd7d0721f8080823babcb
62f586be8571b23584eb4a60a45a3157ff7c8388b1b1e3b4e8890e243b3e47de
64ff9f874a5fd24a871b1d9cd7ee49e4d92bc27ce63c05e94bedc4f7adcc0a11
6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc
6967192a69d417179111951f090ee56a970267ee45495965d9e9822e9922e352
6ac6511d2decc1b1308c6aafc1bf148049ddd462cb6bed43154237fe49c1f6f6
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6de150ac6fcf1f516da0817d0fa3ec048dc49ef18889576c5eb488ff954a065e
6f87d87de84dc36cab28965d9e1d940c250f399860acafe55f3dac01d54399ad
6f954747894a16b51f50b3c67f65308a4ae93221eecab415febb1cb471d9c613
70c4634f438568a86bb98789e25bd251a5b979f0e1f68c57956f5c038f53a914
71b1f50e16713946214ff7be7e5bebbe47a7566efc5324caa81703115d8beaea
7249a52eec7a50f4601741f063ae94f1bac54517b4eac07a6638d9b7b057ba5e
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
73c1f8af1421442b8cd286a8684a5ae307a64fa80c73e932483c11094c849e3f
74744e3475fd81dccdd1e2428d67f490c0c8ecd3d8cff6ccea4364d76968bdea
76690d68a326a19e7a6239a7db43694a3720be3046d086bf7fa8e8e8f6fd0165
76db8eaafd56a116fa9f722f596da45b0ef936a6975861fe6b481fe3bccd2398
783b19ce6e3caa738691d51adf23d6280c4046739a34a6e8cc4c16ec985a6c21
7b206b22c0059a3ec620e244f00671cd63ee338391e69ba9649c4ecc16bce5d2
7b83f543b8d57f489fb9940d4eeed453ce79b48f58f70561aabe6b6628be52e2
7d4243c8e973ec0cfc707904891ae4e3efc03dbc8923acb9755f9a35c92269a6
7f859957dbf1bb79caf09a3921834a29fafdb3a5f1924ae260ce4405bf1b735a
8000d797097e74bfff377d2f3fca7e046ee4490ea4edb70c2c0b189575847629
80e63f47bb601d1782367bf3015482e86cad9fa03cbfce5ec26502c016d4d47b
80fcbd06bbf276b74b41aa77405ffd52243587afb254d1efa88027c33fbba932
82f1fbe95dbd4e1128a973db542bf50ab7ac8fbf35bfefca2e782b0a0572e564
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8431f4973d02bcceeadba217953b9a058dad0b1d958f9ba25f9fccfe95d7ae42
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
89a26a60c0fe43b553479ea36bc41866e2b75cc5f2a1d2d18a985f61ce163277
8beb818ace68c32da0a2a5548724e355cbfc1b7c8cf1a9cad395fa46afc0cbb3
8cf0bb9486df56f8bfc90a4ba4d7317243f9ca37aa6ec6193214e9a0d640744c
8d3ca80fa271e94b0c36cf3053b0f806b7a42bb3395b424c99dc0bd218f0ac20
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
9194059997d722ec01e41980dffbff03ebe00808b1cdd164a7fd18a561bc312a
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
96b34914f736b96f184920bea4cf3b30a7b76583c51bf1e9caf2add39705bffd
9853afb9eeaa6b0e338dce19dbe6d152c3302ae15b685a3b818145cd907ef245
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
997b11eee18ed7271476bda93dda727db75eda3e9ed0a16668bd576f24a0fecd
99bea1588717259aa23413b0659c1eb6a0fe227b10eb213e8d9068fd1aa23b96
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
99f3c29fa33b7fa8ec84b85dd5d1274a7ee457ff32d16d781a924b973df362fd
9a15258492b1a593a615cbbab5edf03a2f291898c4a5cd3cffb3324eb3cddca8
9c17e2ed4cd8b80956eac25d822740ba6028330f2a1738fdd4f77a8dda5eda3d
9c503b0d429a19455b70d241374aeb0fe7c66ae6414aa45d9f2a4fb0d3012a9f
9d7ae5b7196c72a8c09f3a766e06e61b2ef1d6192076016838b479136435b678
9e5a3984c873d9f7009795b85f0d9bfa38e8f9dddc2309d83556aea4d7ee41a0
a0d34e030e53272f6e5c18a509df3f0700f47a4c4b6f111c8fea8c870f11f481
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a201231235ae318340e214f38c338d79f38d269ffbb64d06ff1e01fc6fffc222
a2aca9aa200ad3e4dd9afcd27fd2bd5b272a5d297e9f85d708394857ca6a1ffe
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5b62c48b6fffd6c248a7c7b739c591139b62689d98df1dedec151338aa64b72
a7193b4a580e14658a91dd634cc0ef32ebccae115e311886a993b5e07ca5102d
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
aaecd144d2b8763b2fa5c91f09778294363cef363c10504205f4203922644d11
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a
ae6f867129da1933a4a784eb6b333bbd963b3765f777580a6426037501300d37
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b36d838681171ab6906d3206d2fd6cc17a7a7a5867213c7595fe0865aeb9e969
b4b17f5413b0e3f27cd18f38bc9b6958edc70736c8f67bc27a93059b970a9740
b66576908c480f132e7a86373b7b188d62d4d59381463ed2e879284b08f25099
b8917f2c5cc155cb631c666a4c80d866455cd7172f40e972f9ab6c1b14818eb0
b90bba0eebc4a9f2c58d1ac4b6d262ee4025542361263fe4d4f8cb3c168e6291
bb7357ef4a7f45351bc1caa22ef33958fda13d88cbf539923905490c9131b7e8
c10c054c23045b355c4bd2ab6093da6436a4b32f3ec4a9221ec4e53241e1563e
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c24a517cf3dc453e6046e54ec1f6944bd762da6fc68447fcfa84c374723bbb09
c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1
c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645
c7119aedb14f1b026e4494afaab75853681099892d173c20338d54b940e67ca3
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cad86a22f8cd3faa305e03f1d375b68e4f53efb366a3c1b0ba6c49678e076ebd
cbd1c4697689f92387c03993235572abeb602e18146fd0ba2ed979d3b6f9ca81
cf31830057da0b3efe36ef3ac5b39701403ae14fb45b1abc4c6b863b8feaec8a
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d33f5864fd42e9592bcf1af4b473e9b185ef50223c9edc7ce3aff6137be85a02
d97acd5a71c23ea92d5a2f220e770b523e5ad7bc119f95f581126f9d43be747c
dbae94cba2ba3d07d6ae6e79a7c60c4efc36deb442e193ab18e0fd0cd4d97eef
dc015126841eaa9b1b79ee123e13d7d07ad7fe77f22366b05c480eff59a7a25e
dde5f5e3043fff6c7a7f24a307eac6ac7317e7d6db0085fbbe268eb11ba08699
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e01acf3607440e825503bef9c16ac5ffa41fe711378fcf80ea78acec22560f95
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4cb92545debc096ddbad5c1b5aabc2d81619b50a13ae3e4553c7856bf48533b
e9f3358441fb5f83ee3575f81df787bbade8b416b009cbdcbd3b71c8b6f560e0
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1d76be83af4bf430b48a2aae5454f4bba28f77b95aa11280b3037f5c616c1c4
f3386882d46c2675b43bf521d081af97330d31ac35ecc5c8482d92ddb16e467e
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
f7c1d06fbe2a5fccddb413ec4898df9dcbf8e47e05896fedbda0a27065da0679
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
faab9d4ff1966bc569deffa5a21463f6dbebd9c7d0da9db341f986e06e67cb86
fdf2977c4059ef04b96a95516683080b5638115ff47f5c850babff2c3d8719ee