urlscan.io logo urlscan.io
SecurityTrails logo

www.oann.com Open in urlscan Pro
2600:1f1c:adc:8702:9939:31da:b0b6:c3c3  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.oann.com/sen-johnson-says-covid-19-peaked-before-vaccine-rollout-resurged-after-mass-vaccinations/
Submission: On October 01 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 135 IPs in 16 countries across 126 domains to perform 487 HTTP transactions. The main IP is 2600:1f1c:adc:8702:9939:31da:b0b6:c3c3, located in San Jose, United States and belongs to AMAZON-02, US. The main domain is www.oann.com.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on July 17th 2020. Valid for: 2 years.
This is the only time www.oann.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2600:1f1c:adc... 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
27 2600:9000:20e... 16509 (AMAZON-02)
2 2606:4700::68... 13335 (CLOUDFLAR...)
4 2a00:1450:400... 15169 (GOOGLE)
2 2600:9000:21f... 16509 (AMAZON-02)
3 2a03:2880:f02... 32934 (FACEBOOK)
6 142.250.184.226 15169 (GOOGLE)
2 13.225.84.116 16509 (AMAZON-02)
3 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
5 2a00:1450:400... 15169 (GOOGLE)
2 151.139.241.28 33438 (HIGHWINDS2)
14 172.66.42.247 13335 (CLOUDFLAR...)
9 2a00:1450:400... 15169 (GOOGLE)
2 2606:2800:234... 15133 (EDGECAST)
7 151.139.128.11 20446 (HIGHWINDS3)
1 52.219.112.169 16509 (AMAZON-02)
3 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
1 52.218.217.33 16509 (AMAZON-02)
4 199.232.196.134 54113 (FASTLY)
1 151.139.242.29 33438 (HIGHWINDS2)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
7 2600:9000:21f... 16509 (AMAZON-02)
2 151.101.0.134 54113 (FASTLY)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 199.232.192.64 54113 (FASTLY)
2 20 2.18.234.21 16625 (AKAMAI-AS)
6 51.89.9.253 16276 (OVH)
12 17 37.252.172.123 29990 (ASN-APPNEX)
2 8 35.244.159.8 15169 (GOOGLE)
1 34.255.141.19 16509 (AMAZON-02)
2 2 52.59.77.57 16509 (AMAZON-02)
6 7 18.156.0.31 16509 (AMAZON-02)
11 99.80.188.163 16509 (AMAZON-02)
3 68.183.31.14 14061 (DIGITALOC...)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
1 2 18.158.92.16 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
1 2 2a02:2638::1c 44788 (ASN-CRITE...)
2 178.250.0.157 44788 (ASN-CRITE...)
1 4 54.36.109.155 16276 (OVH)
4 8 76.223.111.131 16509 (AMAZON-02)
2 5 37.252.172.45 29990 (ASN-APPNEX)
2 82.145.213.8 39832 (NO-OPERA)
2 150.136.26.45 31898 (ORACLE-BM...)
1 18.196.230.57 16509 (AMAZON-02)
1 178.162.133.150 60781 (LEASEWEB-...)
1 2602:803:c004... 26667 (RUBICONPR...)
2 104.16.68.69 13335 (CLOUDFLAR...)
1 34.149.20.76 15169 (GOOGLE)
1 185.64.189.112 62713 (AS-PUBMATIC)
2 216.52.2.48 30282 (AS-INAPCD...)
2 185.86.138.121 201081 (SMARTADSE...)
1 213.19.147.42 3356 (LEVEL3)
1 2a0c:5c81:514... 55081 (24SHELLS)
1 34.107.148.139 15169 (GOOGLE)
1 35.157.23.185 16509 (AMAZON-02)
3 11 23.37.42.132 16625 (AKAMAI-AS)
1 7 46.249.52.248 50673 (SERVERIUS-AS)
1 67.202.105.32 32748 (STEADFAST)
1 208.100.17.178 32748 (STEADFAST)
1 104.154.142.214 15169 (GOOGLE)
1 151.101.65.108 54113 (FASTLY)
2 2a0c:5c81:509... 55081 (24SHELLS)
1 2a0c:5c81:513... 55081 (24SHELLS)
1 2.18.235.93 16625 (AKAMAI-AS)
1 104.17.120.107 13335 (CLOUDFLAR...)
6 2.18.233.180 16625 (AKAMAI-AS)
2 54.77.47.243 16509 (AMAZON-02)
1 152.199.22.191 15133 (EDGECAST)
7 7 185.29.134.244 30419 (MEDIAMATH...)
3 3 2620:116:800d... 16509 (AMAZON-02)
3 6 37.157.4.41 198622 (ADFORM)
8 11 142.250.186.130 15169 (GOOGLE)
2 2 66.155.71.150 13768 (COGECO-PEER1)
10 5.178.65.245 50673 (SERVERIUS-AS)
8 5.178.65.253 50673 (SERVERIUS-AS)
6 35.201.123.184 15169 (GOOGLE)
2 2 35.227.252.103 15169 (GOOGLE)
2 18.215.193.43 14618 (AMAZON-AES)
2 5 2a02:fa8:8806... 41041 (VCLK-EU-SE)
2 5 162.55.236.225 24940 (HETZNER-AS)
6 72.34.250.75 27630 (AS-XFERNET)
2 2 88.214.206.142 46636 (NATCOWEB)
1 3 185.64.189.115 62713 (AS-PUBMATIC)
2 2 213.155.156.185 1299 (TWELVE99 ...)
4 6 185.64.189.110 62713 (AS-PUBMATIC)
1 2 178.250.0.163 44788 (ASN-CRITE...)
2 2 85.114.159.93 24961 (MYLOC-AS ...)
4 11 185.64.190.80 62713 (AS-PUBMATIC)
5 8 185.64.189.216 62713 (AS-PUBMATIC)
5 7 185.64.189.114 62713 (AS-PUBMATIC)
5 5 52.16.229.21 16509 (AMAZON-02)
1 1 198.148.27.139 19189 (PULSEPOINT)
1 185.86.139.89 201081 (SMARTADSE...)
1 1 162.55.6.212 24940 (HETZNER-AS)
5 7 213.19.147.44 3356 (LEVEL3)
12 12 18.184.35.118 16509 (AMAZON-02)
3 2606:4700:20:... 13335 (CLOUDFLAR...)
2 2 87.98.128.108 16276 (OVH)
3 173.231.180.197 29791 (VOXEL-DOT...)
1 2 2606:4700::68... 13335 (CLOUDFLAR...)
1 169.197.150.7 398989 (DEEPINTENT)
2 3 2a04:4e42:200... 54113 (FASTLY)
1 151.101.129.44 54113 (FASTLY)
1 38.27.122.101 174 (COGENT-174)
1 1 51.79.83.225 16276 (OVH)
23 2606:4700:10:... 13335 (CLOUDFLAR...)
2 5 159.253.128.188 36351 (SOFTLAYER)
1 3 2a00:1288:110... 34010 (YAHOO-IRD)
2 2 63.33.204.129 16509 (AMAZON-02)
4 6 151.101.2.49 54113 (FASTLY)
2 2 2001:678:cb4:... 56396 (AMOBEE)
3 4 66.155.71.149 13768 (COGECO-PEER1)
1 1 178.62.202.251 14061 (DIGITALOC...)
1 1 34.98.107.212 15169 (GOOGLE)
2 35.244.174.68 15169 (GOOGLE)
4 4 69.173.144.165 26667 (RUBICONPR...)
4 69.173.144.139 26667 (RUBICONPR...)
1 2a00:1288:80:... 203220 (YAHOO-DEB)
1 12 2606:4700:10:... 13335 (CLOUDFLAR...)
3 2600:9000:21f... 16509 (AMAZON-02)
2 89.187.169.47 60068 (CDN77 ^_^)
3 5 35.227.248.159 15169 (GOOGLE)
1 2600:1f18:659... 14618 (AMAZON-AES)
2 2 2a05:d018:24:... 16509 (AMAZON-02)
2 3 52.208.28.104 16509 (AMAZON-02)
1 18.198.69.109 16509 (AMAZON-02)
1 1 151.1.205.165 3242 (ASN-ITNET)
2 2 35.201.81.244 15169 (GOOGLE)
1 89.163.159.109 24961 (MYLOC-AS ...)
2 4 34.253.109.165 16509 (AMAZON-02)
1 2 212.82.100.182 34010 (YAHOO-IRD)
1 34.98.67.61 15169 (GOOGLE)
2 52.48.23.163 16509 (AMAZON-02)
1 10 184.30.20.207 16625 (AKAMAI-AS)
1 1 3.226.4.120 14618 (AMAZON-AES)
1 2 52.95.126.160 16509 (AMAZON-02)
2 2 72.246.100.56 16625 (AKAMAI-AS)
2 2 54.217.194.158 16509 (AMAZON-02)
1 13 54.93.135.255 16509 (AMAZON-02)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
3 8 188.132.147.235 42910 (PREMIERDC...)
4 4 135.125.160.160 16276 (OVH)
2 52.0.134.127 14618 (AMAZON-AES)
2 13.225.87.101 16509 (AMAZON-02)
12 2606:4700:10:... 13335 (CLOUDFLAR...)
2 51.158.28.83 12876 (Online SAS)
8 34.102.185.99 15169 (GOOGLE)
2 2 185.86.139.114 201081 (SMARTADSE...)
1 1 184.31.88.106 16625 (AKAMAI-AS)
1 104.22.35.177 13335 (CLOUDFLAR...)
2 2 3.126.175.244 16509 (AMAZON-02)
1 1 54.205.198.81 14618 (AMAZON-AES)
1 1 194.213.62.37 5588 (GTSCE GTS...)
1 1 54.154.121.199 16509 (AMAZON-02)
2 2 18.184.93.79 16509 (AMAZON-02)
2 3 104.111.242.53 16625 (AKAMAI-AS)
1 35.241.40.233 ()
1 1 185.33.223.175 29990 (ASN-APPNEX)
1 1 37.157.2.237 198622 (ADFORM)
2 2 72.251.244.141 29791 (VOXEL-DOT...)
1 185.64.190.81 ()
2 2 3.120.83.159 ()
487 135
1    2600:1f1c:adc:8702:9939:31da:b0b6:c3c3 (San Jose, United States)

ASN16509 (AMAZON-02, US)
www.oann.com
2    2a00:1450:4001:80e::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
27    2600:9000:20eb:1800:9:da2a:f240:21 (United States)

ASN16509 (AMAZON-02, US)
dzm0ugdauank9.cloudfront.net
2    2606:4700::6812:bcf (United States)

ASN13335 (CLOUDFLARENET, US)
maxcdn.bootstrapcdn.com
4    2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2600:9000:21f3:ca00:1:a3fa:7cc0:93a1 (United States)

ASN16509 (AMAZON-02, US)
content.jwplatform.com
3    2a03:2880:f02d:12:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
6    142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net
securepubads.g.doubleclick.net
2    13.225.84.116 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-84-116.fra2.r.cloudfront.net
d2pggiv3o55wnc.cloudfront.net
3    2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2606:4700:20::ac43:49dc (United States)

ASN13335 (CLOUDFLARENET, US)
scripts.poll-maker.com
5    2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    151.139.241.28 (United States)

ASN33438 (HIGHWINDS2, US)
cdn1.lockerdomecdn.com
14    172.66.42.247 (United States)

ASN13335 (CLOUDFLARENET, US)
resources.infolinks.com
router.infolinks.com
9    2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
www.googletagservices.com
2    2606:2800:234:59:254c:406:2366:268c (United States)

ASN15133 (EDGECAST, US)
platform.twitter.com
7    151.139.128.11 (United States)

ASN20446 (HIGHWINDS3, US)
assets.revcontent.com
img.revcontent.com
cdn.revcontent.com
images.revcontent.com
1    52.219.112.169 (San Jose, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-us-west-1-r-w.amazonaws.com
hnwebcontent.s3-us-west-1.amazonaws.com
3    2606:4700::6812:e234 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.onesignal.com
onesignal.com
1    2606:4700:20::681a:154 (United States)

ASN13335 (CLOUDFLARENET, US)
www.privacypolicies.com
1    52.218.217.33 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-us-west-2-r-w.amazonaws.com
oann-push.s3-us-west-2.amazonaws.com
4    199.232.196.134 (United States)

ASN54113 (FASTLY, US)
oann.disqus.com
referrer.disqus.com
1    151.139.242.29 (United States)

ASN33438 (HIGHWINDS2, US)
cdn2.lockerdomecdn.com
1    2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
1    2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
1    2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
2719c13eafd44c117c21cca9347f6566.safeframe.googlesyndication.com
1    2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    2a00:1450:400c:c06::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
7    2600:9000:21f3:a200:6:8656:f5c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
c.disquscdn.com
2    151.101.0.134 (United States)

ASN54113 (FASTLY, US)
disqus.com
2    2a00:1450:4001:80e::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
1    199.232.192.64 (United States)

ASN54113 (FASTLY, US)
tempest.services.disqus.com
20    2.18.234.21 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com
ssum-sec.casalemedia.com
ssum.casalemedia.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
6    51.89.9.253 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip253.ip-51-89-9.eu
onetag-sys.com
17    37.252.172.123 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
ib.adnxs.com
8    35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
u.openx.net
pixfuture2-d.openx.net
eu-u.openx.net
us-u.openx.net
1    34.255.141.19 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-255-141-19.eu-west-1.compute.amazonaws.com
s.cpx.to
2    52.59.77.57 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-59-77-57.eu-central-1.compute.amazonaws.com
pixel.advertising.com
7    18.156.0.31 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-0-31.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
11    99.80.188.163 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-99-80-188-163.eu-west-1.compute.amazonaws.com
trends.revcontent.com
3    68.183.31.14 (North Bergen, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
served-by.pixfuture.com
2    2606:4700:20::681a:b9c (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.pixfuture.com
2    18.158.92.16 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-158-92-16.eu-central-1.compute.amazonaws.com
aa.agkn.com
2    2a00:1450:4001:80e::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
2    2a02:2638::1c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
2    178.250.0.157 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
mug.criteo.com
4    54.36.109.155 (France)

ASN16276 (OVH, FR)
PTR: p05.id5-sync.com
id5-sync.com
8    76.223.111.131 (United States)

ASN16509 (AMAZON-02, US)
PTR: a97adde81b00f2ca4.awsglobalaccelerator.com
match.adsrvr.org
5    37.252.172.45 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
secure.adnxs.com
2    82.145.213.8 (Norway)

ASN39832 (NO-OPERA, NO)
PTR: n-sysadmin-jumpbox-03.feednews.opera.technology
s.adx.opera.com
2    150.136.26.45 (Ashburn, United States)

ASN31898 (ORACLE-BMC-31898, US)
pixfuture.technoratimedia.com
1    18.196.230.57 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-196-230-57.eu-central-1.compute.amazonaws.com
hb.emxdgt.com
1    178.162.133.150 (Rotterdam, Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: ams-1-apex.go.sonobi.com
apex.go.sonobi.com
1    2602:803:c004:200::143 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
2    104.16.68.69 (None, )

ASN13335 (CLOUDFLARENET, US)
dmx.districtm.io
cdn.districtm.io
1    34.149.20.76 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 76.20.149.34.bc.googleusercontent.com
ssc.33across.com
1    185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
2    216.52.2.48 (United States)

ASN30282 (AS-INAPCDN-OCY, US)
ap.lijit.com
2    185.86.138.121 (France)

ASN201081 (SMARTADSERVER, FR)
prg.smartadserver.com
1    213.19.147.42 (United Kingdom)

ASN3356 (LEVEL3, US)
tag.1rx.io
1    2a0c:5c81:5142::2 (London, United Kingdom)

ASN55081 (24SHELLS, US)
ghb.adtelligent.com
1    34.107.148.139 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 139.148.107.34.bc.googleusercontent.com
prebid.media.net
1    35.157.23.185 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-23-185.eu-central-1.compute.amazonaws.com
btlr.sharethrough.com
11    23.37.42.132 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-37-42-132.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
secure-assets.rubiconproject.com
7    46.249.52.248 (Netherlands)

ASN50673 (SERVERIUS-AS, NL)
PTR: ads.us.e-planning.net
ads.us.e-planning.net
sync.e-planning.net
1    67.202.105.32 (United States)

ASN32748 (STEADFAST, US)
PTR: ip32.67-202-105.static.steadfastdns.net
ic.tynt.com
1    208.100.17.178 (United States)

ASN32748 (STEADFAST, US)
PTR: ip178.208-100-17.static.steadfastdns.net
ssc-cms.33across.com
1    104.154.142.214 (Council Bluffs, United States)

ASN15169 (GOOGLE, US)
PTR: 214.142.154.104.bc.googleusercontent.com
lockerdome.com
1    151.101.65.108 (United States)

ASN54113 (FASTLY, US)
acdn.adnxs.com
2    2a0c:5c81:5095:0:225:90ff:fefa:245d (London, United Kingdom)

ASN55081 (24SHELLS, US)
s.adtelligent.com
1    2a0c:5c81:5139::2 (London, United Kingdom)

ASN55081 (24SHELLS, US)
s.console.adtarget.com.tr
1    2.18.235.93 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-235-93.deploy.static.akamaitechnologies.com
contextual.media.net
1    104.17.120.107 (None, )

ASN13335 (CLOUDFLARENET, US)
biddr.brealtime.com
6    2.18.233.180 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-180.deploy.static.akamaitechnologies.com
ads.pubmatic.com
2    54.77.47.243 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-77-47-243.eu-west-1.compute.amazonaws.com
rtb.gumgum.com
1    152.199.22.191 (United States)

ASN15133 (EDGECAST, US)
ad-cdn.technoratimedia.com
7    185.29.134.244 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
3    2620:116:800d:21:5a23:9c4e:e774:96c1 (United States)

ASN16509 (AMAZON-02, US)
pixel.quantserve.com
6    37.157.4.41 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
dmp.adform.net
11    142.250.186.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net
cm.g.doubleclick.net
2    66.155.71.150 (Portsmouth, United Kingdom)

ASN13768 (COGECO-PEER1, CA)
pixel.sitescout.com
10    5.178.65.245 (Woerden, Netherlands)

ASN50673 (SERVERIUS-AS, NL)
PTR: ads.us.e-planning.net
u-ams02.e-planning.net
8    5.178.65.253 (Woerden, Netherlands)

ASN50673 (SERVERIUS-AS, NL)
PTR: i.e-planning.net
s.e-planning.net
6    35.201.123.184 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 184.123.201.35.bc.googleusercontent.com
tags.t.tailtarget.com
d.tailtarget.com
2    35.227.252.103 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com
rtb.openx.net
2    18.215.193.43 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-215-193-43.compute-1.amazonaws.com
a.audrte.com
5    2a02:fa8:8806:16::1370 (Singapore)

ASN41041 (VCLK-EU-SE, US)
prebid-match.dotomi.com
pubmatic-match.dotomi.com
casale-match.dotomi.com
5    162.55.236.225 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.225.236.55.162.clients.your-server.de
sync.richaudience.com
6    72.34.250.75 (North Hollywood, United States)

ASN27630 (AS-XFERNET, US)
sync.go.sonobi.com
2    88.214.206.142 (United Kingdom)

ASN46636 (NATCOWEB, US)
cs.admanmedia.com
3    185.64.189.115 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
2    213.155.156.185 (Uppsala, Sweden)

ASN1299 (TWELVE99 Twelve99, Telia Carrier, SE)
PTR: 213-155-156-185.teliacarrier-cust.com
d5p.de17a.com
6    185.64.189.110 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
2    178.250.0.163 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.criteo.com
2    85.114.159.93 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com
dsp.adfarm1.adition.com
11    185.64.190.80 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
simage2.pubmatic.com
8    185.64.189.216 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image8.pubmatic.com
7    185.64.189.114 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image4.pubmatic.com
5    52.16.229.21 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-16-229-21.eu-west-1.compute.amazonaws.com
match.prod.bidr.io
1    198.148.27.139 (New York, United States)

ASN19189 (PULSEPOINT, US)
bh.contextweb.com
1    185.86.139.89 (France)

ASN201081 (SMARTADSERVER, FR)
rtb-csync.smartadserver.com
1    162.55.6.212 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.212.6.55.162.clients.your-server.de
csync.loopme.me
7    213.19.147.44 (United Kingdom)

ASN3356 (LEVEL3, US)
sync.1rx.io
sync.targeting.unrulymedia.com
12    18.184.35.118 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-184-35-118.eu-central-1.compute.amazonaws.com
x.bidswitch.net
3    2606:4700:20::ac43:4a81 (United States)

ASN13335 (CLOUDFLARENET, US)
ad4m.at
2    87.98.128.108 (France)

ASN16276 (OVH, FR)
PTR: ip108.ip-87-98-128.eu
green.erne.co
3    173.231.180.197 (United States)

ASN29791 (VOXEL-DOT-NET, US)
cm.adgrx.com
2    2606:4700::6812:c05 (United States)

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
1    169.197.150.7 (United States)

ASN398989 (DEEPINTENT, US)
PTR: g.deepintent.com
match.deepintent.com
3    2a04:4e42:200::300 (United States)

ASN54113 (FASTLY, US)
trc.taboola.com
1    151.101.129.44 (United States)

ASN54113 (FASTLY, US)
match.taboola.com
1    38.27.122.101 (Chestertown, United States)

ASN174 (COGENT-174, US)
match.bnmla.com
1    51.79.83.225 (Beauharnois, Canada)

ASN16276 (OVH, FR)
PTR: pikafka-5.cloudy.ovh
pixel.onaudience.com
23    2606:4700:10::6816:1857 (United States)

ASN13335 (CLOUDFLARENET, US)
spl.zeotap.com
mwzeom.zeotap.com
5    159.253.128.188 (Amsterdam, Netherlands)

ASN36351 (SOFTLAYER, US)
PTR: bc.80.fd9f.ip4.static.sl-reverse.com
um.simpli.fi
3    2a00:1288:110:c305::8000 (Dublin, Ireland)

ASN34010 (YAHOO-IRD, GB)
pr-bh.ybp.yahoo.com
2    63.33.204.129 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-33-204-129.eu-west-1.compute.amazonaws.com
ads.avct.cloud
6    151.101.2.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
2    2001:678:cb4:bbbb::11 (United Kingdom)

ASN56396 (AMOBEE, GB)
ad.turn.com
4    66.155.71.149 (Portsmouth, United Kingdom)

ASN13768 (COGECO-PEER1, CA)
pixel-sync.sitescout.com
1    178.62.202.251 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)
match.adsby.bidtheatre.com
1    34.98.107.212 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 212.107.98.34.bc.googleusercontent.com
ads.playground.xyz
2    35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com
id.rlcdn.com
idsync.rlcdn.com
4    69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
4    69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
pixel-eu.rubiconproject.com
1    2a00:1288:80:800::7001 (Frankfurt am Main, Germany)

ASN203220 (YAHOO-DEB, GB)
ads.yahoo.com
12    2606:4700:10::ac43:8f4 (United States)

ASN13335 (CLOUDFLARENET, US)
api.retargetly.com
app.retargetly.com
3    2600:9000:21f3:8400:f:4f64:8940:93a1 (United States)

ASN16509 (AMAZON-02, US)
js.adscale.de
2    89.187.169.47 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)
PTR: unn-89-187-169-47.cdn77.com
cdn.admatic.com.tr
5    35.227.248.159 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 159.248.227.35.bc.googleusercontent.com
pixel.tapad.com
1    2600:1f18:6593:f602:82a0:df8e:67ea:6e72 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
dmp.v.fwmrm.net
2    2a05:d018:24:b001:6cd5:9d52:6dd6:6c58 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
sync.tidaltv.com
3    52.208.28.104 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-208-28-104.eu-west-1.compute.amazonaws.com
dpm.demdex.net
1    18.198.69.109 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-198-69-109.eu-central-1.compute.amazonaws.com
loadeu.exelator.com
1    151.1.205.165 (Bellagio, Italy)

ASN3242 (ASN-ITNET, IT)
bn01.er.bemail.it
2    35.201.81.244 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 244.81.201.35.bc.googleusercontent.com
idsync.frontend.weborama.fr
1    89.163.159.109 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
dmp.theadex.com
4    34.253.109.165 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-253-109-165.eu-west-1.compute.amazonaws.com
bcp.crwdcntrl.net
2    212.82.100.182 (Dublin, Ireland)

ASN34010 (YAHOO-IRD, GB)
PTR: spcms.pbp.vip.ir2.yahoo.com
cms.analytics.yahoo.com
1    34.98.67.61 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 61.67.98.34.bc.googleusercontent.com
odr.mookie1.com
2    52.48.23.163 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-48-23-163.eu-west-1.compute.amazonaws.com
beacon.krxd.net
10    184.30.20.207 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-20-207.deploy.static.akamaitechnologies.com
pixel.mathtag.com
1    3.226.4.120 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-226-4-120.compute-1.amazonaws.com
usermatch.krxd.net
2    52.95.126.160 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
2    72.246.100.56 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a72-246-100-56.deploy.static.akamaitechnologies.com
tags.bluekai.com
2    54.217.194.158 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-217-194-158.eu-west-1.compute.amazonaws.com
obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com
13    54.93.135.255 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-93-135-255.eu-central-1.compute.amazonaws.com
ih.adscale.de
1    2606:4700:10::ac43:1cda (United States)

ASN13335 (CLOUDFLARENET, US)
resources-rt.idx.lat
8    188.132.147.235 (Turkey)

ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR)
PTR: static-235-147-132-188.sadecehosting.net
ads3.admatic.com.tr
ads4.admatic.com.tr
4    135.125.160.160 (France)

ASN16276 (OVH, FR)
PTR: ns3198892.ip-135-125-160.eu
gu.dyntrk.com
2    52.0.134.127 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-0-134-127.compute-1.amazonaws.com
rt.idx.lat
2    13.225.87.101 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-87-101.fra2.r.cloudfront.net
tags.crwdcntrl.net
12    2606:4700:10::6816:397e (United States)

ASN13335 (CLOUDFLARENET, US)
sync.quantumdex.io
2    51.158.28.83 (Paris, France)

ASN12876 (Online SAS, FR)
PTR: 51-158-28-83.rev.poneytelecom.eu
js.cookieless-data.com
8    34.102.185.99 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 99.185.102.34.bc.googleusercontent.com
b.t.tailtarget.com
tt-10759-0.seg.t.tailtarget.com
t.tailtarget.com
2    185.86.139.114 (France)

ASN201081 (SMARTADSERVER, FR)
sync.smartadserver.com
1    184.31.88.106 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-31-88-106.deploy.static.akamaitechnologies.com
sync.teads.tv
1    104.22.35.177 (None, )

ASN13335 (CLOUDFLARENET, US)
ads01.groovinads.com
2    3.126.175.244 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-175-244.eu-central-1.compute.amazonaws.com
match.sharethrough.com
1    54.205.198.81 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-205-198-81.compute-1.amazonaws.com
sync.extend.tv
1    194.213.62.37 (Novy Jicin, Czech Republic)

ASN5588 (GTSCE GTS Central Europe Antel Germany, CZ)
PTR: bbnautid4.ibillboard.com
bbnaut.ibillboard.com
1    54.154.121.199 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-154-121-199.eu-west-1.compute.amazonaws.com
d.adroll.com
2    18.184.93.79 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-184-93-79.eu-central-1.compute.amazonaws.com
pm.w55c.net
3    104.111.242.53 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-242-53.deploy.static.akamaitechnologies.com
px.owneriq.net
1    35.241.40.233 (None, )

ASN- ()
dmp.brand-display.com
1    185.33.223.175 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 815.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
adscale-emea.adnxs.com
1    37.157.2.237 (Denmark)

ASN198622 (ADFORM, DK)
track.adform.net
2    72.251.244.141 (Amsterdam, Netherlands)

ASN29791 (VOXEL-DOT-NET, US)
tracking.m6r.eu
1    185.64.190.81 (None, )

ASN- ()
simage4.pubmatic.com
2    3.120.83.159 (None, )

ASN- ()
ads.creative-serving.com
Apex Domain
Subdomains		 Transfer
43 pubmatic.com
image2.pubmatic.com Failed
image4.pubmatic.com Failed
hbopenbid.pubmatic.com
ads.pubmatic.com
image6.pubmatic.com
simage2.pubmatic.com
image8.pubmatic.com
simage4.pubmatic.com
54 KB
29 cloudfront.net
dzm0ugdauank9.cloudfront.net
d2pggiv3o55wnc.cloudfront.net
2 MB
25 e-planning.net
ads.us.e-planning.net
u-ams02.e-planning.net
s.e-planning.net
sync.e-planning.net
37 KB
24 adnxs.com
ib.adnxs.com
secure.adnxs.com
acdn.adnxs.com
adscale-emea.adnxs.com
34 KB
23 zeotap.com
spl.zeotap.com
mwzeom.zeotap.com
7 KB
20 rubiconproject.com
fastlane.rubiconproject.com
eus.rubiconproject.com
secure-assets.rubiconproject.com
token.rubiconproject.com
pixel.rubiconproject.com
pixel-eu.rubiconproject.com
44 KB
20 casalemedia.com
ssum-sec.casalemedia.com
dsum-sec.casalemedia.com Failed
ssum.casalemedia.com
dsum.casalemedia.com
28 KB
19 doubleclick.net
securepubads.g.doubleclick.net
googleads.g.doubleclick.net
stats.g.doubleclick.net
cm.g.doubleclick.net
161 KB
18 revcontent.com
assets.revcontent.com
trends.revcontent.com
img.revcontent.com
cdn.revcontent.com
images.revcontent.com
293 KB
17 mathtag.com
sync.mathtag.com
pixel.mathtag.com
11 KB
16 adscale.de
js.adscale.de
ih.adscale.de
17 KB
14 tailtarget.com
tags.t.tailtarget.com
d.tailtarget.com
b.t.tailtarget.com
tt-10759-0.seg.t.tailtarget.com
t.tailtarget.com
49 KB
14 infolinks.com
resources.infolinks.com
router.infolinks.com
278 KB
13 yahoo.com
ups.analytics.yahoo.com
pr-bh.ybp.yahoo.com
ads.yahoo.com
cms.analytics.yahoo.com
8 KB
12 quantumdex.io
sync.quantumdex.io
3 KB
12 retargetly.com
api.retargetly.com
app.retargetly.com
11 KB
12 bidswitch.net
x.bidswitch.net
4 KB
10 admatic.com.tr
cdn.admatic.com.tr
ads3.admatic.com.tr
ads4.admatic.com.tr
22 KB
10 openx.net
u.openx.net
pixfuture2-d.openx.net
eu-u.openx.net
us-u.openx.net
rtb.openx.net
2 KB
10 googlesyndication.com
pagead2.googlesyndication.com
2719c13eafd44c117c21cca9347f6566.safeframe.googlesyndication.com
tpc.googlesyndication.com
88 KB
8 adsrvr.org
match.adsrvr.org Failed
4 KB
7 adform.net
c1.adform.net
dmp.adform.net
track.adform.net
3 KB
7 1rx.io
tag.1rx.io
sync.1rx.io
4 KB
7 sonobi.com
sync.go.sonobi.com Failed
apex.go.sonobi.com
3 KB
7 disquscdn.com
c.disquscdn.com
350 KB
7 disqus.com
oann.disqus.com
disqus.com
tempest.services.disqus.com
referrer.disqus.com
73 KB
6 crwdcntrl.net
bcp.crwdcntrl.net
tags.crwdcntrl.net
24 KB
6 everesttech.net
sync-tm.everesttech.net
2 KB
6 sitescout.com
pixel.sitescout.com
pixel-sync.sitescout.com
2 KB
6 criteo.com
gum.criteo.com
mug.criteo.com
dis.criteo.com
2 KB
6 onetag-sys.com
onetag-sys.com
5 KB
5 tapad.com
pixel.tapad.com
2 KB
5 simpli.fi
um.simpli.fi
2 KB
5 bidr.io
match.prod.bidr.io
2 KB
5 richaudience.com
sync.richaudience.com
1 KB
5 dotomi.com
prebid-match.dotomi.com
pubmatic-match.dotomi.com
casale-match.dotomi.com
682 B
5 smartadserver.com
prg.smartadserver.com
rtb-csync.smartadserver.com
sync.smartadserver.com
2 KB
5 pixfuture.com
served-by.pixfuture.com
cdn.pixfuture.com
463 KB
5 gstatic.com
fonts.gstatic.com
156 KB
4 dyntrk.com
gu.dyntrk.com
2 KB
4 taboola.com
trc.taboola.com
match.taboola.com
829 B
4 id5-sync.com
id5-sync.com
5 KB
4 googleapis.com
fonts.googleapis.com
3 KB
3 owneriq.net
px.owneriq.net
1 KB
3 idx.lat
resources-rt.idx.lat
rt.idx.lat
8 KB
3 krxd.net
beacon.krxd.net
usermatch.krxd.net
944 B
3 demdex.net
dpm.demdex.net
2 KB
3 adgrx.com
cm.adgrx.com
1 KB
3 ad4m.at
ad4m.at
974 B
3 quantserve.com
pixel.quantserve.com
1 KB
3 sharethrough.com
btlr.sharethrough.com
match.sharethrough.com
506 B
3 adtelligent.com
ghb.adtelligent.com
s.adtelligent.com
sync.adtelligent.com Failed
3 KB
3 technoratimedia.com
pixfuture.technoratimedia.com
ad-cdn.technoratimedia.com
6 KB
3 google.com
adservice.google.com
www.google.com
2 KB
3 onesignal.com
cdn.onesignal.com
onesignal.com
73 KB
3 lockerdomecdn.com
cdn1.lockerdomecdn.com
cdn2.lockerdomecdn.com
8 KB
3 google-analytics.com
www.google-analytics.com
21 KB
3 facebook.net
connect.facebook.net
81 KB
2 creative-serving.com
ads.creative-serving.com
1 KB
2 m6r.eu
tracking.m6r.eu
1 KB
2 w55c.net
pm.w55c.net
2 KB
2 cookieless-data.com
js.cookieless-data.com
1 KB
2 imrworldwide.com
obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com
427 B
2 bluekai.com
tags.bluekai.com
657 B
2 weborama.fr
idsync.frontend.weborama.fr
843 B
2 tidaltv.com
sync.tidaltv.com
791 B
2 turn.com
ad.turn.com
943 B
2 avct.cloud
ads.avct.cloud
894 B
2 tribalfusion.com
a.tribalfusion.com
s.tribalfusion.com
1 KB
2 erne.co
green.erne.co
501 B
2 adition.com
dsp.adfarm1.adition.com
1 KB
2 de17a.com
d5p.de17a.com
637 B
2 admanmedia.com
cs.admanmedia.com
1 KB
2 audrte.com
a.audrte.com
4 KB
2 gumgum.com
rtb.gumgum.com
1 KB
2 media.net
prebid.media.net
contextual.media.net
9 KB
2 districtm.io
dmx.districtm.io
cdn.districtm.io
282 B
2 opera.com
s.adx.opera.com
229 B
2 rlcdn.com
api.rlcdn.com Failed
id.rlcdn.com
idsync.rlcdn.com
2 agkn.com
aa.agkn.com
379 B
2 googletagservices.com
www.googletagservices.com
64 KB
2 amazon-adsystem.com
s.amazon-adsystem.com Failed
aax-eu.amazon-adsystem.com
1 KB
2 33across.com
ssc-cms.33across.com Failed
ssc.33across.com
296 B
2 lijit.com
ap.lijit.com Failed
742 B
2 advertising.com
pixel.advertising.com
674 B
2 google.de
adservice.google.de
www.google.de
1 KB
2 amazonaws.com
hnwebcontent.s3-us-west-1.amazonaws.com
oann-push.s3-us-west-2.amazonaws.com
3 KB
2 twitter.com
platform.twitter.com
syndication.twitter.com Failed
132 KB
2 jwplatform.com
content.jwplatform.com
2 bootstrapcdn.com
maxcdn.bootstrapcdn.com
62 KB
2 googletagmanager.com
www.googletagmanager.com
70 KB
1 brand-display.com
dmp.brand-display.com
253 B
1 adroll.com
d.adroll.com
112 B
1 ibillboard.com
bbnaut.ibillboard.com
550 B
1 extend.tv
sync.extend.tv
546 B
1 groovinads.com
ads01.groovinads.com
591 B
1 teads.tv
sync.teads.tv
202 B
1 mookie1.com
odr.mookie1.com
324 B
1 theadex.com
dmp.theadex.com
378 B
1 bemail.it
bn01.er.bemail.it
659 B
1 exelator.com
loadeu.exelator.com
324 B
1 fwmrm.net
dmp.v.fwmrm.net
411 B
1 playground.xyz
ads.playground.xyz
484 B
1 bidtheatre.com
match.adsby.bidtheatre.com
550 B
1 onaudience.com
pixel.onaudience.com
398 B
1 loopme.me
csync.loopme.me
184 B
1 contextweb.com
bh.contextweb.com
497 B
1 brealtime.com
biddr.brealtime.com
1 KB
1 adtarget.com.tr
s.console.adtarget.com.tr
sync.console.adtarget.com.tr Failed
1 KB
1 emxdgt.com
hb.emxdgt.com
157 B
1 deepintent.com
match.deepintent.com Failed
44 B
1 bnmla.com
match.bnmla.com Failed
114 B
1 cpx.to
s.cpx.to
944 B
1 unrulymedia.com
sync.targeting.unrulymedia.com Failed
535 B
1 tynt.com
de.tynt.com Failed
ic.tynt.com
1 lockerdome.com
lockerdome.com Failed
342 B
1 privacypolicies.com
www.privacypolicies.com
45 KB
1 poll-maker.com
scripts.poll-maker.com
2 KB
1 oann.com
www.oann.com
17 KB
0 cognitivlabs.com Failed
beacon.lynx.cognitivlabs.com Failed
0 adotmob.com Failed
sync.adotmob.com Failed
0 advangelists.com Failed
nep.advangelists.com Failed
0 facebook.com Failed
www.facebook.com Failed
0 rfihub.com Failed
p.rfihub.com Failed
0 adkernel.com Failed
dsp.adkernel.com Failed
0 zemanta.com Failed
b1sync.zemanta.com Failed
487 126
Domain Requested by
27 dzm0ugdauank9.cloudfront.net www.oann.com
17 ib.adnxs.com 12 redirects cdn.pixfuture.com
acdn.adnxs.com
spl.zeotap.com
ssum.casalemedia.com
16 mwzeom.zeotap.com spl.zeotap.com
ads.us.e-planning.net
13 ih.adscale.de 1 redirects js.adscale.de
ih.adscale.de
12 sync.quantumdex.io ads.us.e-planning.net
sync.quantumdex.io
ssum-sec.casalemedia.com
12 x.bidswitch.net 12 redirects
11 simage2.pubmatic.com 4 redirects ads.pubmatic.com
11 cm.g.doubleclick.net 8 redirects eu-u.openx.net
11 dsum-sec.casalemedia.com ssum-sec.casalemedia.com
ssum.casalemedia.com
11 trends.revcontent.com assets.revcontent.com
11 router.infolinks.com resources.infolinks.com
router.infolinks.com
ssum-sec.casalemedia.com
ads.pubmatic.com
10 pixel.mathtag.com 1 redirects api.retargetly.com
pixel.mathtag.com
ads.us.e-planning.net
10 u-ams02.e-planning.net ads.us.e-planning.net
ssum.casalemedia.com
8 app.retargetly.com api.retargetly.com
ads.us.e-planning.net
8 image8.pubmatic.com 5 redirects ads.pubmatic.com
8 s.e-planning.net ads.us.e-planning.net
8 eus.rubiconproject.com cdn.pixfuture.com
eus.rubiconproject.com
ads.us.e-planning.net
s.adtelligent.com
8 match.adsrvr.org ssum-sec.casalemedia.com
cdn.pixfuture.com
eu-u.openx.net
ssum.casalemedia.com
7 spl.zeotap.com ads.pubmatic.com
ads.us.e-planning.net
spl.zeotap.com
7 sync.mathtag.com 7 redirects
7 image4.pubmatic.com router.infolinks.com
ads.pubmatic.com
7 ups.analytics.yahoo.com 6 redirects ssum.casalemedia.com
7 c.disquscdn.com oann.disqus.com
disqus.com
7 pagead2.googlesyndication.com www.googletagmanager.com
securepubads.g.doubleclick.net
tpc.googlesyndication.com
www.googletagservices.com
6 sync-tm.everesttech.net 4 redirects ssum.casalemedia.com
6 sync.1rx.io 4 redirects sync.quantumdex.io
6 ads.pubmatic.com cdn.pixfuture.com
ads.us.e-planning.net
ads.pubmatic.com
s.adtelligent.com
s.console.adtarget.com.tr
6 sync.go.sonobi.com router.infolinks.com
ads.us.e-planning.net
sync.quantumdex.io
6 image2.pubmatic.com router.infolinks.com
ads.pubmatic.com
6 onetag-sys.com router.infolinks.com
cdn.pixfuture.com
ads.us.e-planning.net
sync.quantumdex.io
6 securepubads.g.doubleclick.net www.oann.com
securepubads.g.doubleclick.net
www.googletagservices.com
5 ads3.admatic.com.tr cdn.admatic.com.tr
s.console.adtarget.com.tr
5 pixel.tapad.com 3 redirects spl.zeotap.com
api.retargetly.com
5 um.simpli.fi 2 redirects ads.pubmatic.com
ssum.casalemedia.com
ssum-sec.casalemedia.com
5 match.prod.bidr.io 5 redirects
5 sync.richaudience.com 2 redirects ads.us.e-planning.net
spl.zeotap.com
5 c1.adform.net 3 redirects ads.pubmatic.com
ssum-sec.casalemedia.com
5 secure.adnxs.com 2 redirects cdn.pixfuture.com
ssum.casalemedia.com
ssum-sec.casalemedia.com
5 fonts.gstatic.com fonts.googleapis.com
4 b.t.tailtarget.com d.tailtarget.com
4 d.tailtarget.com www.oann.com
d.tailtarget.com
4 gu.dyntrk.com 4 redirects
4 bcp.crwdcntrl.net 2 redirects api.retargetly.com
ssum-sec.casalemedia.com
4 api.retargetly.com 1 redirects s.e-planning.net
api.retargetly.com
4 token.rubiconproject.com 4 redirects
4 pixel-sync.sitescout.com 3 redirects api.retargetly.com
4 sync.e-planning.net ads.us.e-planning.net
sync.quantumdex.io
4 id5-sync.com 1 redirects cdn.pixfuture.com
sync.quantumdex.io
4 ssum-sec.casalemedia.com 1 redirects router.infolinks.com
ssum-sec.casalemedia.com
sync.quantumdex.io
4 fonts.googleapis.com www.oann.com
client
3 ads4.admatic.com.tr 3 redirects
3 px.owneriq.net 2 redirects ssum-sec.casalemedia.com
3 dpm.demdex.net 2 redirects ssum.casalemedia.com
3 js.adscale.de s.console.adtarget.com.tr
js.adscale.de
ih.adscale.de
3 ssum.casalemedia.com 1 redirects ads.us.e-planning.net
3 pixel.rubiconproject.com eus.rubiconproject.com
3 pr-bh.ybp.yahoo.com 1 redirects ads.pubmatic.com
ssum.casalemedia.com
3 trc.taboola.com 2 redirects spl.zeotap.com
3 cm.adgrx.com ads.pubmatic.com
ssum.casalemedia.com
ssum-sec.casalemedia.com
3 ad4m.at ads.pubmatic.com
ssum.casalemedia.com
3 image6.pubmatic.com 1 redirects ads.pubmatic.com
spl.zeotap.com
3 secure-assets.rubiconproject.com 3 redirects
3 pixel.quantserve.com 3 redirects
3 eu-u.openx.net cdn.pixfuture.com
eu-u.openx.net
3 ads.us.e-planning.net 1 redirects cdn.pixfuture.com
s.console.adtarget.com.tr
3 served-by.pixfuture.com securepubads.g.doubleclick.net
cdn.pixfuture.com
3 oann.disqus.com dzm0ugdauank9.cloudfront.net
oann.disqus.com
3 resources.infolinks.com www.googletagmanager.com
www.oann.com
resources.infolinks.com
3 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
3 connect.facebook.net www.oann.com
connect.facebook.net
2 ads.creative-serving.com 2 redirects
2 tracking.m6r.eu 2 redirects
2 t.tailtarget.com ads.us.e-planning.net
2 tt-10759-0.seg.t.tailtarget.com d.tailtarget.com
2 pm.w55c.net 2 redirects
2 match.sharethrough.com 2 redirects
2 sync.smartadserver.com 2 redirects
2 js.cookieless-data.com s.e-planning.net
2 tags.crwdcntrl.net s.e-planning.net
2 rt.idx.lat resources-rt.idx.lat
2 dsum.casalemedia.com ssum.casalemedia.com
ssum-sec.casalemedia.com
2 casale-match.dotomi.com 2 redirects
2 obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com 2 redirects
2 tags.bluekai.com 2 redirects
2 aax-eu.amazon-adsystem.com 1 redirects ads.us.e-planning.net
2 beacon.krxd.net spl.zeotap.com
ads.us.e-planning.net
2 cms.analytics.yahoo.com 1 redirects api.retargetly.com
2 idsync.frontend.weborama.fr 2 redirects
2 sync.tidaltv.com 2 redirects
2 cdn.admatic.com.tr s.console.adtarget.com.tr
cdn.admatic.com.tr
2 ad.turn.com 2 redirects
2 ads.avct.cloud 2 redirects
2 green.erne.co 2 redirects
2 dsp.adfarm1.adition.com 2 redirects
2 dis.criteo.com 1 redirects ads.pubmatic.com
2 d5p.de17a.com 2 redirects
2 cs.admanmedia.com 2 redirects
2 prebid-match.dotomi.com ads.us.e-planning.net
2 a.audrte.com ads.us.e-planning.net
2 rtb.openx.net 2 redirects
2 tags.t.tailtarget.com ads.us.e-planning.net
2 pixel.sitescout.com 2 redirects
2 us-u.openx.net eu-u.openx.net
2 rtb.gumgum.com cdn.pixfuture.com
ads.pubmatic.com
2 s.adtelligent.com cdn.pixfuture.com
s.console.adtarget.com.tr
2 prg.smartadserver.com cdn.pixfuture.com
2 pixfuture.technoratimedia.com cdn.pixfuture.com
2 s.adx.opera.com cdn.pixfuture.com
2 mug.criteo.com
2 gum.criteo.com 1 redirects
2 tpc.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
2 aa.agkn.com 1 redirects cdn.pixfuture.com
2 cdn.pixfuture.com served-by.pixfuture.com
cdn.pixfuture.com
2 cdn.revcontent.com www.oann.com
assets.revcontent.com
2 img.revcontent.com www.oann.com
assets.revcontent.com
2 www.googletagservices.com securepubads.g.doubleclick.net
2 ap.lijit.com router.infolinks.com
cdn.pixfuture.com
2 pixel.advertising.com 2 redirects
2 u.openx.net 2 redirects
2 www.google.com www.oann.com
tpc.googlesyndication.com
2 disqus.com oann.disqus.com
2 cdn.onesignal.com www.oann.com
cdn.onesignal.com
2 assets.revcontent.com www.oann.com
cdn.pixfuture.com
2 platform.twitter.com www.oann.com
platform.twitter.com
2 cdn1.lockerdomecdn.com www.googletagmanager.com
cdn1.lockerdomecdn.com
2 d2pggiv3o55wnc.cloudfront.net www.oann.com
2 content.jwplatform.com www.oann.com
2 maxcdn.bootstrapcdn.com www.oann.com
maxcdn.bootstrapcdn.com
2 www.googletagmanager.com www.oann.com
1 simage4.pubmatic.com ads.pubmatic.com
1 track.adform.net 1 redirects
1 adscale-emea.adnxs.com 1 redirects
1 idsync.rlcdn.com ssum-sec.casalemedia.com
1 dmp.brand-display.com ssum-sec.casalemedia.com
1 d.adroll.com 1 redirects
1 bbnaut.ibillboard.com 1 redirects
1 sync.extend.tv 1 redirects
1 ads01.groovinads.com api.retargetly.com
1 sync.teads.tv 1 redirects
1 resources-rt.idx.lat api.retargetly.com
1 usermatch.krxd.net 1 redirects
1 odr.mookie1.com spl.zeotap.com
1 dmp.theadex.com spl.zeotap.com
1 bn01.er.bemail.it 1 redirects
1 loadeu.exelator.com spl.zeotap.com
1 dmp.v.fwmrm.net spl.zeotap.com
1 dmp.adform.net spl.zeotap.com
1 pixel-eu.rubiconproject.com eus.rubiconproject.com
1 ads.yahoo.com
1 id.rlcdn.com
1 ads.playground.xyz 1 redirects
1 match.adsby.bidtheatre.com 1 redirects
1 pubmatic-match.dotomi.com ads.pubmatic.com
1 pixel.onaudience.com 1 redirects
1 match.taboola.com ads.pubmatic.com
1 s.tribalfusion.com ads.pubmatic.com
1 a.tribalfusion.com 1 redirects
1 csync.loopme.me 1 redirects
1 rtb-csync.smartadserver.com ads.pubmatic.com
1 bh.contextweb.com 1 redirects
1 ad-cdn.technoratimedia.com cdn.pixfuture.com
1 biddr.brealtime.com cdn.pixfuture.com
1 contextual.media.net cdn.pixfuture.com
1 s.console.adtarget.com.tr cdn.pixfuture.com
1 acdn.adnxs.com cdn.pixfuture.com
1 cdn.districtm.io cdn.pixfuture.com
1 ic.tynt.com cdn.pixfuture.com
1 images.revcontent.com
1 btlr.sharethrough.com cdn.pixfuture.com
1 pixfuture2-d.openx.net cdn.pixfuture.com
1 prebid.media.net cdn.pixfuture.com
1 ghb.adtelligent.com cdn.pixfuture.com
1 tag.1rx.io cdn.pixfuture.com
1 hbopenbid.pubmatic.com cdn.pixfuture.com
1 ssc.33across.com cdn.pixfuture.com
1 dmx.districtm.io cdn.pixfuture.com
1 fastlane.rubiconproject.com cdn.pixfuture.com
1 apex.go.sonobi.com cdn.pixfuture.com
1 hb.emxdgt.com cdn.pixfuture.com
1 match.deepintent.com ssum-sec.casalemedia.com
ads.pubmatic.com
1 ssc-cms.33across.com router.infolinks.com
cdn.pixfuture.com
1 match.bnmla.com router.infolinks.com
ads.pubmatic.com
1 s.cpx.to router.infolinks.com
1 sync.targeting.unrulymedia.com router.infolinks.com
1 onesignal.com cdn.onesignal.com
1 referrer.disqus.com www.oann.com
1 tempest.services.disqus.com oann.disqus.com
1 www.google.de www.oann.com
1 lockerdome.com cdn2.lockerdomecdn.com
cdn.pixfuture.com
1 stats.g.doubleclick.net www.google-analytics.com
1 googleads.g.doubleclick.net pagead2.googlesyndication.com
1 2719c13eafd44c117c21cca9347f6566.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 adservice.google.com securepubads.g.doubleclick.net
1 adservice.google.de securepubads.g.doubleclick.net
1 cdn2.lockerdomecdn.com cdn1.lockerdomecdn.com
1 oann-push.s3-us-west-2.amazonaws.com www.oann.com
1 www.privacypolicies.com www.oann.com
1 hnwebcontent.s3-us-west-1.amazonaws.com www.oann.com
1 scripts.poll-maker.com www.oann.com
1 www.oann.com
0 sync.console.adtarget.com.tr Failed s.console.adtarget.com.tr
ads.us.e-planning.net
js.adscale.de
0 sync.adtelligent.com Failed cdn.pixfuture.com
s.adtelligent.com
ads.us.e-planning.net
0 api.rlcdn.com Failed cdn.pixfuture.com
0 syndication.twitter.com Failed platform.twitter.com
0 beacon.lynx.cognitivlabs.com Failed ssum-sec.casalemedia.com
0 sync.adotmob.com Failed ssum-sec.casalemedia.com
0 nep.advangelists.com Failed ssum-sec.casalemedia.com
0 s.amazon-adsystem.com Failed ssum-sec.casalemedia.com
0 www.facebook.com Failed connect.facebook.net
0 p.rfihub.com Failed router.infolinks.com
0 dsp.adkernel.com Failed router.infolinks.com
0 b1sync.zemanta.com Failed router.infolinks.com
0 de.tynt.com Failed router.infolinks.com
487 213

This site contains links to these domains. Also see Links.

Domain
www.pixfuture.com
Subject Issuer Validity Valid
www.herringnetwork.com
Sectigo RSA Domain Validation Secure Server CA		 2020-07-17 -
2022-10-19		 2 years crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
*.cloudfront.net
Amazon		 2021-03-19 -
2022-03-17		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-03-01 -
2022-02-28		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
jwplayer.com
Amazon		 2021-01-29 -
2022-02-26		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2021-09-09 -
2021-12-08		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
*.gstatic.com
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
cdn1.lockerdomecdn.com
Go Daddy Secure Certificate Authority - G2		 2021-03-06 -
2022-04-07		 a year crt.sh
*.twimg.com
DigiCert TLS RSA SHA256 2020 CA1		 2020-11-05 -
2021-11-09		 a year crt.sh
assets.revcontent.com
R3		 2021-09-11 -
2021-12-10		 3 months crt.sh
*.s3-us-west-1.amazonaws.com
DigiCert Baltimore CA-2 G2		 2021-06-23 -
2022-07-24		 a year crt.sh
privacypolicies.com
Cloudflare Inc ECC CA-3		 2021-06-26 -
2022-06-25		 a year crt.sh
*.s3-us-west-2.amazonaws.com
DigiCert Baltimore CA-2 G2		 2021-06-23 -
2022-07-24		 a year crt.sh
*.disqus.com
DigiCert SHA2 Secure Server CA		 2020-04-20 -
2022-05-09		 2 years crt.sh
cdn2.lockerdomecdn.com
Go Daddy Secure Certificate Authority - G2		 2021-03-06 -
2022-04-07		 a year crt.sh
*.google.de
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
*.google.com
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
a.disquscdn.com
Amazon		 2020-11-30 -
2021-12-29		 a year crt.sh
www.google.com
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
www.google.de
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
*.services.disqus.com
GlobalSign Atlas R3 DV TLS CA 2020		 2021-04-26 -
2022-05-28		 a year crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018		 2021-02-05 -
2022-02-09		 a year crt.sh
onetag-sys.com
R3		 2021-07-26 -
2021-10-24		 3 months crt.sh
s.cpx.to
Sectigo RSA Domain Validation Secure Server CA		 2021-02-03 -
2022-02-09		 a year crt.sh
revcontent.com
Amazon		 2021-08-09 -
2022-09-07		 a year crt.sh
*.pixfuture.com
Sectigo RSA Domain Validation Secure Server CA		 2019-12-03 -
2021-12-02		 2 years crt.sh
img.revcontent.com
R3		 2021-09-12 -
2021-12-11		 3 months crt.sh
cdn.revcontent.com
R3		 2021-09-13 -
2021-12-12		 3 months crt.sh
*.agkn.com
RapidSSL RSA CA 2018		 2020-07-25 -
2022-09-18		 2 years crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-09-09 -
2021-12-07		 3 months crt.sh
*.id5-sync.com
R3		 2021-07-13 -
2021-10-11		 3 months crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2021-03-18 -
2022-04-19		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2021-03-05 -
2022-02-19		 a year crt.sh
*.emxdgt.com
Amazon		 2021-07-02 -
2022-07-31		 a year crt.sh
*.go.sonobi.com
Go Daddy Secure Certificate Authority - G2		 2020-12-06 -
2022-01-07		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-03-30 -
2022-04-04		 a year crt.sh
districtm.io
Cloudflare Inc ECC CA-3		 2021-06-02 -
2022-06-01		 a year crt.sh
*.adx.opera.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-05-14 -
2022-06-10		 a year crt.sh
ssc.33across.com
GTS CA 1D4		 2021-09-28 -
2021-12-27		 3 months crt.sh
*.technoratimedia.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-09-17 -
2022-10-05		 a year crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2020-12-07 -
2021-12-14		 a year crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2021-03-11 -
2022-04-12		 a year crt.sh
*.smartadserver.com
DigiCert ECC Secure Server CA		 2020-01-30 -
2022-02-03		 2 years crt.sh
*.1rx.io
Sectigo RSA Domain Validation Secure Server CA		 2021-06-01 -
2022-07-02		 a year crt.sh
ghb.adtelligent.com
ZeroSSL ECC Domain Secure Site CA		 2021-08-10 -
2021-11-08		 3 months crt.sh
*.media.net
Sectigo RSA Domain Validation Secure Server CA		 2021-04-12 -
2022-05-05		 a year crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2021-07-08 -
2022-08-08		 a year crt.sh
*.sharethrough.com
Amazon		 2021-08-13 -
2022-09-11		 a year crt.sh
images.revcontent.com
R3		 2021-09-11 -
2021-12-10		 3 months crt.sh
ads.us.e-planning.net
R3		 2021-08-01 -
2021-10-30		 3 months crt.sh
*.tynt.com
Sectigo RSA Domain Validation Secure Server CA		 2021-09-23 -
2022-09-30		 a year crt.sh
*.33across.com
Sectigo RSA Domain Validation Secure Server CA		 2021-09-23 -
2022-09-30		 a year crt.sh
*.lockerdome.com
Go Daddy Secure Certificate Authority - G2		 2020-09-27 -
2021-10-29		 a year crt.sh
cdn.adnxs.com
GlobalSign Organization Validated CA - SHA256 - G4		 2021-05-10 -
2022-06-11		 a year crt.sh
s.adtelligent.com
ZeroSSL ECC Domain Secure Site CA		 2021-08-05 -
2021-11-03		 3 months crt.sh
s.console.adtarget.com.tr
ZeroSSL ECC Domain Secure Site CA		 2021-09-30 -
2021-12-29		 3 months crt.sh
*.brealtime.com
Go Daddy Secure Certificate Authority - G2		 2020-01-22 -
2022-03-22		 2 years crt.sh
*.gumgum.com
Amazon		 2021-06-05 -
2022-07-04		 a year crt.sh
*.e-planning.net
R3		 2021-08-13 -
2021-11-11		 3 months crt.sh
*.tailtarget.com
Sectigo RSA Domain Validation Secure Server CA		 2021-05-26 -
2022-06-25		 a year crt.sh
*.audrte.com
Amazon		 2021-01-26 -
2022-02-24		 a year crt.sh
*.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2021-08-10 -
2022-09-11		 a year crt.sh
*.richaudience.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2021-03-17 -
2022-03-16		 a year crt.sh
track.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-06 -
2022-10-07		 a year crt.sh
public1.adgear.com
Sectigo RSA Domain Validation Secure Server CA		 2021-02-24 -
2022-03-26		 a year crt.sh
*.deepintent.com
Go Daddy Secure Certificate Authority - G2		 2020-04-09 -
2022-06-08		 2 years crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1		 2020-11-25 -
2021-12-26		 a year crt.sh
*.bnmla.com
Go Daddy Secure Certificate Authority - G2		 2021-01-06 -
2022-02-07		 a year crt.sh
*.simpli.fi
DigiCert SHA2 Secure Server CA		 2019-09-18 -
2021-12-12		 2 years crt.sh
*.pbp.bf2.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2021-08-18 -
2021-11-17		 3 months crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2021-02-25 -
2022-03-28		 a year crt.sh
*.everesttech.net
GlobalSign Atlas R3 DV TLS CA 2020		 2021-03-22 -
2022-04-23		 a year crt.sh
*.ads.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2021-09-27 -
2021-11-17		 2 months crt.sh
*.retargetly.com
Sectigo RSA Domain Validation Secure Server CA		 2020-12-22 -
2021-12-22		 a year crt.sh
*.adscale.de
Amazon		 2021-08-08 -
2022-09-06		 a year crt.sh
cdn.admatic.com.tr
R3		 2021-09-19 -
2021-12-18		 3 months crt.sh
*.v.fwmrm.net
DigiCert TLS RSA SHA256 2020 CA1		 2020-11-17 -
2021-12-18		 a year crt.sh
*.exelator.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-06-02 -
2022-06-07		 a year crt.sh
*.tapad.com
DigiCert SHA2 Secure Server CA		 2020-10-05 -
2021-11-06		 a year crt.sh
*.theadex.com
GeoTrust RSA CA 2018		 2019-10-11 -
2021-10-10		 2 years crt.sh
*.mookie1.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-02-22 -
2022-03-25		 a year crt.sh
beacon.krxd.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-01-13 -
2022-01-07		 a year crt.sh
aax-eu.amazon-adsystem.com
Amazon		 2021-04-09 -
2022-03-20		 a year crt.sh
ups.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2021-08-17 -
2022-02-09		 6 months crt.sh
ads4.admatic.com.tr
R3		 2021-08-07 -
2021-11-05		 3 months crt.sh
*.demdex.net
DigiCert TLS RSA SHA256 2020 CA1		 2020-12-02 -
2022-01-02		 a year crt.sh
idx.lat
Amazon		 2020-11-30 -
2021-12-29		 a year crt.sh
*.crwdcntrl.net
Go Daddy Secure Certificate Authority - G2		 2021-04-29 -
2022-05-31		 a year crt.sh
js.cookieless-data.com
R3		 2021-09-30 -
2021-12-29		 3 months crt.sh
pixel.mathtag.com
DigiCert SHA2 Secure Server CA		 2021-06-29 -
2022-07-07		 a year crt.sh
*.sitescout.com
RapidSSL RSA CA 2018		 2020-01-15 -
2022-02-02		 2 years crt.sh
*.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2021-05-24 -
2021-11-17		 6 months crt.sh
*.groovinads.com
Sectigo RSA Domain Validation Secure Server CA		 2021-02-01 -
2022-03-03		 a year crt.sh
*.owneriq.net
GeoTrust RSA CA 2018		 2021-01-29 -
2022-02-02		 a year crt.sh
*.brand-display.com
GeoTrust RSA CA 2018		 2020-06-24 -
2022-06-24		 2 years crt.sh

This page contains 85 frames:

Primary Page: https://www.oann.com/sen-johnson-says-covid-19-peaked-before-vaccine-rollout-resurged-after-mass-vaccinations/
Frame ID: 69B4D1104357A138717831126D0813F3
Requests: 136 HTTP requests in this frame

Frame: https://2719c13eafd44c117c21cca9347f6566.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: B3AE66790FED7542B75451CDD4AC55FB
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210928/r20190131/zrt_lookup.html
Frame ID: 8E58F07BA44760D9DF466F7DCAF40F8A
Requests: 1 HTTP requests in this frame

Frame: https://lockerdome.com/lad/13804039184004198?pubid=ld-13804039184004198&pubo=https%3A%2F%2Fwww.oann.com&rid=&width=374
Frame ID: 0D9E41358180F200992B173F651DFC3C
Requests: 1 HTTP requests in this frame

Frame: https://lockerdome.com/lad/13247072555993446?pubid=ld-13247072555993446&pubo=https%3A%2F%2Fwww.oann.com&rid=&width=777
Frame ID: D30C1F693DE9276730AE76984CCD0540
Requests: 1 HTTP requests in this frame

Frame: https://lockerdome.com/lad/13247071683578214?pubid=ld-13247071683578214&pubo=https%3A%2F%2Fwww.oann.com&rid=&width=777
Frame ID: D876EC1EA7B9FC872C03CD9D65A2261E
Requests: 1 HTTP requests in this frame

Frame: https://router.infolinks.com/usync/manage?pid=3311725&wsid=0&pdom=www.oann.com&purl=https%3A%2F%2Fwww.oann.com%2Fsen-johnson-says-covid-19-peaked-before-vaccine-rollout-resurged-after-mass-vaccinations%2F
Frame ID: E71DCEB266309AB109FDD05FDF661701
Requests: 17 HTTP requests in this frame

Frame: https://disqus.com/embed/comments/?base=default&f=oann&t_i=2536903%20https%3A%2F%2Fwww.oann.com%2F%3Fp%3D2536903&t_u=https%3A%2F%2Fwww.oann.com%2Fsen-johnson-says-covid-19-peaked-before-vaccine-rollout-resurged-after-mass-vaccinations%2F&t_e=Sen.%20Johnson%20says%20COVID-19%20peaked%20before%20vaccine%20rollout%2C%20resurged%20after%20mass%20vaccinations&t_d=Sen.%20Johnson%20says%20COVID-19%20peaked%20before%20vaccine%20rollout%2C%20resurged%20after%20mass%20vaccinations&t_t=Sen.%20Johnson%20says%20COVID-19%20peaked%20before%20vaccine%20rollout%2C%20resurged%20after%20mass%20vaccinations&s_o=default
Frame ID: 39A877CF92FA13E07B39E1E5C6C0FE93
Requests: 1 HTTP requests in this frame

Frame: https://de.tynt.com/deb/?m=xch&rt=html&sid=0010b00002CpYhEAAV
Frame ID: 29E9DAA3353D57F421772152272BAC91
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1
Frame ID: 6C367A0B44676D0CF207D729B3AC86F3
Requests: 10 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=598ce3ddaee8c90
Frame ID: 3961AD5B641DCEAF1EEEA8C5B5C1D32F
Requests: 1 HTTP requests in this frame

Frame: https://disqus.com/recommendations/?base=default&f=oann&t_i=2536903%20https%3A%2F%2Fwww.oann.com%2F%3Fp%3D2536903&t_u=https%3A%2F%2Fwww.oann.com%2Fsen-johnson-says-covid-19-peaked-before-vaccine-rollout-resurged-after-mass-vaccinations%2F&t_e=Sen.%20Johnson%20says%20COVID-19%20peaked%20before%20vaccine%20rollout%2C%20resurged%20after%20mass%20vaccinations&t_d=Sen.%20Johnson%20says%20COVID-19%20peaked%20before%20vaccine%20rollout%2C%20resurged%20after%20mass%20vaccinations&t_t=Sen.%20Johnson%20says%20COVID-19%20peaked%20before%20vaccine%20rollout%2C%20resurged%20after%20mass%20vaccinations
Frame ID: DD73713EC8BD6E1E26BD877A4E6917B4
Requests: 2 HTTP requests in this frame

Frame: https://lockerdome.com/lad/14262018928489574?pubid=ld-14262018928489574&pubo=https%3A%2F%2Fwww.oann.com&rid=&width=1560
Frame ID: 645A2543A21517677B67D0632974182F
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/v3.2/plugins/like_box.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3a5881e33b69c8%26domain%3Dwww.oann.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.oann.com%252Ff39fc12b9c17948%26relation%3Dparent.parent&container_width=374&header=false&height=430&href=https%3A%2F%2Fwww.facebook.com%2FOneAmericaNewsNetwork&locale=en_US&sdk=joey&show_border=false&show_faces=true&stream=false&width=374
Frame ID: 6909381ACC6F90EDD137A2472FE4350F
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.58065ae230495f5d9e4b6a916472b2c1.html?origin=https%3A%2F%2Fwww.oann.com
Frame ID: 0DDE618C1903BF45B85A993CB923FCC4
Requests: 2 HTTP requests in this frame

Frame: https://2719c13eafd44c117c21cca9347f6566.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 72EC1E2E2CFC7B713968C12D71467BF3
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 763AD32B7F9D9E7231BB5FDDD020A9F5
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 37E7F9E41789527AA55D1C5FD8BB466E
Requests: 2 HTTP requests in this frame

Frame: https://assets.revcontent.com/master/delivery.js
Frame ID: 57050C56B21F2FB934987C28701033CF
Requests: 14 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 3CCFB28D8CFE107B09DFA19EE50B85E8
Requests: 10 HTTP requests in this frame

Frame: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Frame ID: 155A9B374198B8533F72A7D09194779E
Requests: 24 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=9d434638-ce6f-418d-ac16-6301775de208&gdpr=1
Frame ID: 6F43D81D9E4D859700550358E3EF31DE
Requests: 7 HTTP requests in this frame

Frame: https://ic.tynt.com/r/d?m=xch&rt=html&gdpr={gdpr}gdpr_consent={gdpr_consent}&us_privacy={us_privacy}&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X
Frame ID: 4B362F6E8F28DC95FF6736213723D91B
Requests: 1 HTTP requests in this frame

Frame: https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=azC7qard4r6OkMaKlId8sQ&gdpr_consent=undefined&us_privacy=undefined
Frame ID: 1DCCD9B657221D6FB085E557A61B3DB1
Requests: 1 HTTP requests in this frame

Frame: https://cdn.districtm.io/ids/index.html
Frame ID: 1D8F2064E7D5437DFBA70BA27130A84C
Requests: 1 HTTP requests in this frame

Frame: https://lockerdome.com/usync/prebidserver?pid=11201047612067584&gdpr={gdpr}&gdpr_consent={gdpr_consent}&us_privacy={us_privacy}&redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D285400%26extuid%3D
Frame ID: 6EDE28C6B2973FD1537169F0E39A40FE
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 65272B3E23B3CE5F32BDC46113920742
Requests: 3 HTTP requests in this frame

Frame: https://s.adtelligent.com/sync.html?aid=651796
Frame ID: 0EF30227072F7A434EC1C06507C283C9
Requests: 3 HTTP requests in this frame

Frame: https://s.console.adtarget.com.tr/sync.html?aid=609096
Frame ID: A891715C48330B7D4FD15B88CA02C16B
Requests: 2 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUIUMTP7&prvid=2034%2C2033%2C2011%2C3022%2C3020%2C2030%2C273%2C251%2C175%2C2009%2C255%2C178%2C3018%2C2028%2C3017%2C2027%2C3016%2C236%2C214%2C237%2C2025%2C3014%2C117%2C97%2C99%2C77%2C38%2C3012%2C3011%2C3010%2C182%2C261%2C141%2C222%2C3007%2C201%2C4%2C301%2C246%2C225%2C203%2C80%2C10000%2C9%2C108&purpose1=1&gdprconsent=0&gdpr=1&usp_status=0&usp_consent=1&itype=PREBID
Frame ID: 3B4E7D81B0466427AA199B173064861B
Requests: 1 HTTP requests in this frame

Frame: https://biddr.brealtime.com/check.html
Frame ID: B3B3B953A42430FAFAB92BC981C9CFFC
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158127
Frame ID: BE72A6DBC5316CA500EB1207E8AF4774
Requests: 23 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=59a18369e249bfb
Frame ID: A8EF0DAF81BB57FE10E9F2315F952846
Requests: 1 HTTP requests in this frame

Frame: https://ap.lijit.com/beacon?informer=13480300
Frame ID: 17228C1720493F50546091B1F0AAA151
Requests: 1 HTTP requests in this frame

Frame: https://sync.adtelligent.com/csync?t=a&ep=319130&extuid=a11f3cd2-aa51-4d80-8e5e-7b26bc56383c
Frame ID: 72747CB288951914959A9F201325467B
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usync/prbds2s?gdpr={gdpr}&gdpr_consent={gdpr_consent}&us_privacy={us_privacy}&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D289657%26extuid%3D
Frame ID: 65F152FF89B1E55A4C6D797C43BC9F00
Requests: 1 HTTP requests in this frame

Frame: https://ad-cdn.technoratimedia.com/html/usersync.html?src=prebid_prebid_5.9.0-pre
Frame ID: C3E67D742804313A57550F6034E1F94C
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Frame ID: 37155C32F7B7604A6666756420C1E749
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D77699cccf08a309c%26uid%3D
Frame ID: CC75A7B4B18436FCF57D12EB4AD32475
Requests: 1 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?party=14&cid=94A8FEED-3C24-4429-940E-599AF60A8C6A
Frame ID: 8359BB7756FC79C2F1BA40EF6F50F173
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=6090178948821815727
Frame ID: C635BCCE32D2D30CCF083007AB4D77CB
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: E04B29CC028692E0609D6DDA172D2D3D
Requests: 1 HTTP requests in this frame

Frame: https://router.infolinks.com/dyn/pbm-usync?uid=94A8FEED-3C24-4429-940E-599AF60A8C6A
Frame ID: 0EC9F9839AA67342CD7F45326D6741F4
Requests: 1 HTTP requests in this frame

Frame: https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AABHVU7Crm4AABU6TyHI-A&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3%26userid%3DSMART_USER_ID
Frame ID: 1275E506B8D0255480BFC688DF10D2A1
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0
Frame ID: E781002CB1F6807A4D24039F0577C3B8
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-8429784b-6615-44da-bd38-2e8cbd66d778-003
Frame ID: 624FF96E117DFA59985A9781B02A238E
Requests: 1 HTTP requests in this frame

Frame: https://ad4m.at/ad/dpe?b=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjkmdGw9MTI5NjAw&piggybackCookie=$UID
Frame ID: D30A099309370AE0D3BAF9FDF556BBF4
Requests: 1 HTTP requests in this frame

Frame: https://router.infolinks.com/dyn/pbm-usync?uid=94A8FEED-3C24-4429-940E-599AF60A8C6A
Frame ID: E09B72146DC1D7771AA3CFF1C43DE677
Requests: 1 HTTP requests in this frame

Frame: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Frame ID: DBE8C17F789C67F937D311D0BB8AAC59
Requests: 1 HTTP requests in this frame

Frame: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: AE4FE980FA3902F9120FE93F72580163
Requests: 1 HTTP requests in this frame

Frame: https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent=
Frame ID: E6227FE9696BECEB22CB6E4498BCA80B
Requests: 1 HTTP requests in this frame

Frame: https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=f4522dd7-ac4b-481a-a93d-0009919078c9-tuct850bc7a&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Frame ID: 59EC7DD3E4959A388A65D6C3BA846260
Requests: 1 HTTP requests in this frame

Frame: https://match.bnmla.com/usersync?sspid=10738&redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3NzUmdGw9MTI5NjAw%26piggybackCookie%3D%5BUUID%5D
Frame ID: C953309FDC8189DC917202FDC9079A91
Requests: 1 HTTP requests in this frame

Frame: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D77699cccf08a309c%26uid%3D
Frame ID: 31BCC8BF64E3945F63C99218E2E8281B
Requests: 10 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=5927d926323dc2c
Frame ID: 39DF87E57258AF9A78133DCDBFE0859E
Requests: 1 HTTP requests in this frame

Frame: https://spl.zeotap.com/cmp?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f0721f19-9a11-4603-6d77-11da737a68df&reqId=c00f89ce-c871-4734-7fb3-83f9afeba165&zdid=1361&cmp=0
Frame ID: 465792FA5E0D2DC301D137CCFF45BED0
Requests: 31 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Frame ID: 0EA875EC2AE346734E5E6E91AEE00AEE
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=17184-d
Frame ID: 0ED677383478C5B8D55E7DFBABAFA9BE
Requests: 3 HTTP requests in this frame

Frame: https://js.adscale.de/pbsync.html?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307565%26extuid%3D
Frame ID: 24D5C66918A647ACAED1996C4E4EEFA1
Requests: 5 HTTP requests in this frame

Frame: https://sync.console.adtarget.com.tr/csync?t=a&ep=307457&extuid=6142303374695120563
Frame ID: 014ED2EA7670D16C2D6156D0913F5433
Requests: 1 HTTP requests in this frame

Frame: https://cdn.admatic.com.tr/user
Frame ID: 4E086ABB77B1AD7740929D198ECCF8A1
Requests: 8 HTTP requests in this frame

Frame: https://s.adtelligent.com/sync.html?aid=609724
Frame ID: 9BD58EEDAE24B04664AA86C91FF602F7
Requests: 2 HTTP requests in this frame

Frame: https://sync.console.adtarget.com.tr/csync?t=a&ep=307080&extuid=C3GOyp9DMzhQygpJx0JW&pi=admatic&tc=1
Frame ID: 93C6201C120F0B1B04D825625BB7FCA1
Requests: 1 HTTP requests in this frame

Frame: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Frame ID: 0D59A1F0706955B8C4B54AC3F3526972
Requests: 21 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307406%26extuid%3D
Frame ID: 9CD0CC633CC8AC56C8363AAB8422D641
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Frame ID: 259753D90AC2EB5EF45A5E2E448B6719
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D77699cccf08a309c%26uid%3D
Frame ID: 44A0D07BA95CEC5318E254F565BDD1CB
Requests: 1 HTTP requests in this frame

Frame: https://api.retargetly.com/api?id=1473&src=0&url=https%3A%2F%2Fwww.oann.com%2Fsen-johnson-says-covid-19-peaked-before-vaccine-rollout-resurged-after-mass-vaccinations%2F&browserUrl=https%3A%2F%2Fads.us.e-planning.net%2Fuspd%2F1%2F%3Fct%3D1%26du%3Dhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D307971%2526extuid%253D%2524UID&ref=https%3A%2F%2Fads.us.e-planning.net%2Fuspd%2F1%2F%3Fct%3D1%26du%3Dhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D307971%2526extuid%253D%2524UID&utmz=&n=&md=&mk=&il=1&limit_drop=&userid=c2782a55-36d2-4c85-ad56-be18fe047c32&idx=&_rlid=c2782a55-36d2-4c85-ad56-be18fe047c32
Frame ID: 0FC882936795E338CFC261872F3D81C1
Requests: 17 HTTP requests in this frame

Frame: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D77699cccf08a309c%26uid%3D
Frame ID: D9A5E837B25627CBD4F40A2DBCFC017A
Requests: 10 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=5927d926323dc2c
Frame ID: B7514BD7D1C4392D721AC76B90CED8CE
Requests: 1 HTTP requests in this frame

Frame: https://spl.zeotap.com/cmp?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f0721f19-9a11-4603-6d77-11da737a68df&reqId=07bc0cc4-3bb5-417b-6fc7-f6c668b0725a&zdid=1361&cmp=0
Frame ID: 8D487D0E0EB7B678C32AF07157BF7A8F
Requests: 4 HTTP requests in this frame

Frame: https://s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/sirdata_03022021.html
Frame ID: 7FB9760EAC9653AA5D77C5EBEA4CDC39
Requests: 2 HTTP requests in this frame

Frame: https://sync.quantumdex.io/usersync/e-planning
Frame ID: 09B9A01905C80D583C9DC59F6BB8A45E
Requests: 9 HTTP requests in this frame

Frame: https://sync.adtelligent.com/csync?t=a&ep=307971&extuid=AO1x6Pc7irhc9WWn
Frame ID: FF3DB51A1BA238C839656AF22F1CE702
Requests: 1 HTTP requests in this frame

Frame: https://s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/sirdata_03022021.html
Frame ID: BC3F4641E19CC4623F2A26A4171C5D1B
Requests: 2 HTTP requests in this frame

Frame: https://sync.quantumdex.io/usersync/e-planning
Frame ID: D180CF416CFF29266D149F8F3B0739A5
Requests: 9 HTTP requests in this frame

Frame: https://sync.console.adtarget.com.tr/csync?t=a&ep=307442&extuid=AO1x6Pc7irhc9WWn
Frame ID: 8E270201568173629089DC70D60C560C
Requests: 1 HTTP requests in this frame

Frame: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Frame ID: DA9085F4309415DD787F84852B917224
Requests: 11 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Frame ID: 38499096A336167FE056D4B72A75F74B
Requests: 10 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=2bb78272a859ca6
Frame ID: BAB6E65E91EBF8F1821F057154D02C65
Requests: 1 HTTP requests in this frame

Frame: https://sync.go.sonobi.com/uc.html?pubid=4d443a3ea2
Frame ID: 954FE65CC0F0B4E6898DF1A1C0F7A84F
Requests: 1 HTTP requests in this frame

Frame: https://pixel.mathtag.com/sync/iframe?mt_uuid=714d6157-36fa-4300-b14d-a18edead5062&no_iframe=1&exsync=https%3A%2F%2Fapp.retargetly.com%2Fsync%3Fsid%3D%5BMM_UUID%5D%26pid%3D10&mt_lim=12&source=mathtag
Frame ID: 19F66673FD26EE1AA9B9E02F2F257921
Requests: 7 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=2bb78272a859ca6
Frame ID: CEC80B66E3561024954CD4CE31B03C79
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Frame ID: B8E440E9561F4EC93CA3FD719A5BF056
Requests: 10 HTTP requests in this frame

Frame: https://sync.go.sonobi.com/uc.html?pubid=4d443a3ea2
Frame ID: 64083D10D7774FEDF0359271D8C7B005
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
  • wp-embed\.min\.js\?ver=([\d.]+)
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
  • googletagmanager\.com/gtm\.js
Overall confidence: 100%
Detected patterns
  • cdn\.onesignal\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • tracker\.js
Overall confidence: 100%
Detected patterns
  • //platform\.twitter\.com/widgets\.js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

487
Requests

90 %
HTTPS

26 %
IPv6

126
Domains

213
Subdomains

135
IPs

16
Countries

4564 kB
Transfer

7677 kB
Size

165
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 92
  • https://ssum-sec.casalemedia.com/usermatch?s=191306&cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D HTTP 302
  • https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1
Request Chain 94
  • https://image8.pubmatic.com/AdServer/ImgSync?p=156872&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D156872%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Frouter.infolinks.com%252Fdyn%252Fpbm-usync%253Fuid%253D%2523PMUID HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?p=156872&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D156872%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Frouter.infolinks.com%252Fdyn%252Fpbm-usync%253Fuid%253D%2523PMUID&rdf=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=OTRBOEZFRUQtM0MyNC00NDI5LTk0MEUtNTk5QUY2MEE4QzZB&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=OTRBOEZFRUQtM0MyNC00NDI5LTk0MEUtNTk5QUY2MEE4QzZB&gdpr=0&gdpr_consent=&google_tc= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 95
  • https://ib.adnxs.com/getuid?https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fapn-usync%3Fuser_id%3D%24UID HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Frouter.infolinks.com%252Fdyn%252Fapn-usync%253Fuser_id%253D%2524UID HTTP 302
  • https://router.infolinks.com/dyn/apn-usync?user_id=5625641726557375293
Request Chain 96
  • https://u.openx.net/w/1.0/cm?id=9b5994f2-035d-46de-8c12-bc0e9a4e66c2&r=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fox-usync%3Fuid%3D HTTP 302
  • https://u.openx.net/w/1.0/cm?cc=1&id=9b5994f2-035d-46de-8c12-bc0e9a4e66c2&r=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fox-usync%3Fuid%3D HTTP 302
  • https://router.infolinks.com/dyn/ox-usync?uid=b214017d-711d-4d6c-9886-24aeed7c8cc6
Request Chain 97
  • https://ups.analytics.yahoo.com/ups/58422/occ HTTP 302
  • https://ups.analytics.yahoo.com/ups/58422/occ?verify=true HTTP 302
  • https://router.infolinks.com/dyn/VR-usync?uid=y-mTXOWBpE2uHL.P4UjCAh6thOLF9faVQge.mK5is-~A
Request Chain 98
  • https://sync.1rx.io/usersync2/infolinks HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=677120005 HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=677120005 HTTP 302
  • https://sync.1rx.io/usersync/tradedesk/23a9f547-69cd-444a-8891-728ca5b966b6 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-8429784b-6615-44da-bd38-2e8cbd66d778-003?redir=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fr1-usync%3Fuid%3DRX-8429784b-6615-44da-bd38-2e8cbd66d778-003
Request Chain 101
  • https://ib.adnxs.com/getuid?https://s.cpx.to/ca.png?ref=https%253A%252F%252Fwww.oann.com%252Fsen-johnson-says-covid-19-peaked-before-vaccine-rollout-resurged-after-mass-vaccinations%252F&pid=12306&adnxs_uid=$UID HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fs.cpx.to%2Fca.png%3Fref%3Dhttps%25253A%25252F%25252Fwww.oann.com%25252Fsen-johnson-says-covid-19-peaked-before-vaccine-rollout-resurged-after-mass-vaccinations%25252F%26pid%3D12306%26adnxs_uid%3D%24UID HTTP 302
  • https://s.cpx.to/ca.png?ref=https%3A%2F%2Fwww.oann.com%2Fsen-johnson-says-covid-19-peaked-before-vaccine-rollout-resurged-after-mass-vaccinations%2F&pid=12306&adnxs_uid=634636179186247923
Request Chain 103
  • https://pixel.advertising.com/ups/58237/sync?&gdpr=&gdpr_consent=&redir=true HTTP 302
  • https://pixel.advertising.com/ups/58237/sync?&gdpr=&gdpr_consent=&redir=true&verify=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/58237/sync?&gdpr=&gdpr_consent=&redir=true&apid=UP7c1d2a32-22d4-11ec-b5b8-06584a1aed54 HTTP 302
  • https://router.infolinks.com/dyn/outh-usync?uid=y-tgeACKhE2uGzPyY2hNS3QtU_iNXvPGvI~A~UP7c1d2a32-22d4-11ec-b5b8-06584a1aed54
Request Chain 106
  • https://image8.pubmatic.com/AdServer/ImgSync?p=60809&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D60809%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Frouter.infolinks.com%252Fdyn%252Fusersync%253Fpmuservalue%253D%2523PMUID HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?p=60809&pmc=1&pr=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fusersync%3Fpmuservalue%3D94A8FEED-3C24-4429-940E-599AF60A8C6A
Request Chain 118
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YVc2988_j77K_IFFqvvWpgAABMIAAAAB&gdpr_consent=&us_privacy=&gdpr=1 HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEKwiGG_uD85_d0VPjmYwlAM&google_cver=1
Request Chain 146
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.oann.com%2F&domain=www.oann.com&cw=1&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=FrYQiXw5clRORlpZODVSMGdBSE1yUC9zVW9yUEljZVN2djArbFRYck9GNmMrNVZEbVVzbDU2emJoNkphMk9VMzBmb3NDdG4yTFpqODNkMTBpUGErM0dXaHQ2YjRNdzhtejdWVXFZUHM3TTRCSEEwbFRVZFUvcnNJUENVVVVGckZXZEtKaXM2RDNNMG1WSzNzZUJVV1h5YTc0SUtlVkh6L3hmUVhER055NFdCT1NJbDZWc3BlRDY1VDYwbENaY1pZcGh5Q2NydHpSQmVHSGo3N1BTeE9XWnFOd1NvNG1HeDRmSndMZytaTllhei9QcDdvPXw&cppv=2
Request Chain 195
  • https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID HTTP 302
  • https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Request Chain 209
  • https://csync.loopme.me/?redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D319130%26extuid%3D%7Bdevice_id%7D HTTP 307
  • https://sync.adtelligent.com/csync?t=a&ep=319130&extuid=a11f3cd2-aa51-4d80-8e5e-7b26bc56383c
Request Chain 212
  • https://rtb.openx.net/sync/prebid?gdpr={gdpr}&gdpr_consent={gdpr_consent}&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309255%26extuid%3D%24%7BUID%7D HTTP 302
  • https://sync.adtelligent.com/csync?t=a&ep=309255&extuid=a05dac23-db56-4909-b2c5-d3499480ebde
Request Chain 213
  • https://ad.360yield.com/server_match?gdpr={gdpr}&gdpr_consent={gdpr_consent}&us_privacy={us_privacy}&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D289656%26extuid%3D%7BPUB_USER_ID%7D HTTP 302
  • https://ad.360yield.com/ul_cb/server_match?gdpr=%7Bgdpr%7D&gdpr_consent=%7Bgdpr_consent%7D&us_privacy=%7Bus_privacy%7D&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D289656%26extuid%3D%7BPUB_USER_ID%7D HTTP 302
  • https://sync.adtelligent.com/csync?t=a&ep=289656&extuid=8bbb3c3b-709d-4908-9575-e5cf2556304b
Request Chain 214
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D310570%26extuid%3D%24UID HTTP 307
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D310570%26extuid%3D%24UID&sovrn_retry=true HTTP 307
  • https://sync.adtelligent.com/csync?t=a&ep=310570&extuid=ef52bbd9d008f9d4581e3908
Request Chain 216
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D297253%26extuid%3D%24UID HTTP 302
  • https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=634636179186247923
Request Chain 217
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=536872786&val=714d6157-36fa-4300-b14d-a18edead5062
Request Chain 218
  • https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=1 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=rYsvu6iMfO22inm-otg36vnceL-2jHzpqoiJTTBI
Request Chain 219
  • https://c1.adform.net/serving/cookie/match?party=22 HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=22 HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=6142303374695120563
Request Chain 222
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEKZxJ0rKv_JUPEkny7_GQuQ&google_cver=1
Request Chain 225
  • https://pixel.sitescout.com/dmp/pixelSync?network=EPLANNING&rurl=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fuid%3D%7BUSER_ID%7D%26dc%3D0abbcb4eba840e59%26fi%3D77699cccf08a309c HTTP 302
  • https://u-ams02.e-planning.net/um?uid=no-consent&dc=0abbcb4eba840e59&fi=77699cccf08a309c
Request Chain 229
  • https://rtb.openx.net/sync/prebid?r=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Dff96d1aa62deeebd%26fi%3D77699cccf08a309c%26uid%3D%24%7BUID%7D HTTP 302
  • https://u-ams02.e-planning.net/um?dc=ff96d1aa62deeebd&fi=77699cccf08a309c&uid=a05dac23-db56-4909-b2c5-d3499480ebde
Request Chain 233
  • https://sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/?p=25BiP9IMgN&r=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fuid%3D[PDID]%26dc%3Dfabfd6762b833237%26fi%3D77699cccf08a309c HTTP 302
  • https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fads.us.e-planning.net%2F
Request Chain 234
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D8103fa85295fbe60%26fi%3D77699cccf08a309c%26uid%3D%24UID HTTP 302
  • https://u-ams02.e-planning.net/um?dc=8103fa85295fbe60&fi=77699cccf08a309c&uid=634636179186247923
Request Chain 236
  • https://ups.analytics.yahoo.com/ups/58414/occ HTTP 302
  • https://sync.e-planning.net/um?dc=d5ef3eaea371187e&iss=1&uid=y-mTXOWBpE2uHL.P4UjCAh6thOLF9faVQge.mK5is-~A
Request Chain 237
  • https://cs.admanmedia.com/sync/eplanning?redir=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D227acb3d18564968%26fi%3D77699cccf08a309c%26uid%3D%7B%24UID%7D HTTP 302
  • https://u-ams02.e-planning.net/um?dc=227acb3d18564968&fi=77699cccf08a309c&uid=c00944b7336de56682eaf6b93403ee305869d87d
Request Chain 238
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?&p=12186&endpoint=eu HTTP 301
  • https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Request Chain 243
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=6090178948821815727
Request Chain 245
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7014135392026556563 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?p=156872&pmc=1&pr=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fpbm-usync%3Fuid%3D94A8FEED-3C24-4429-940E-599AF60A8C6A HTTP 302
  • https://router.infolinks.com/dyn/pbm-usync?uid=94A8FEED-3C24-4429-940E-599AF60A8C6A
Request Chain 246
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent= HTTP 303
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=?_bee_ppp=1 HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFCSFZVN0NybTRBQUJVNlR5SEktQQ&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 303
  • https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AABHVU7Crm4AABU6TyHI-A&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dsas%252Cpm%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?bee_sync_partners=sas%2Cpm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=2&ev=AABHVU7Crm4AABU6TyHI-A&pid=558502&do=add HTTP 303
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AABHVU7Crm4AABU6TyHI-A&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3%26userid%3DSMART_USER_ID
Request Chain 247
  • https://csync.loopme.me/?redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={device_id}&gdpr=0&gdpr_consent= HTTP 307
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0
Request Chain 248
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?ssp=adconductor&user_id=RX-8429784b-6615-44da-bd38-2e8cbd66d778-003&rndcb=837588987 HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=adconductor&user_id=RX-8429784b-6615-44da-bd38-2e8cbd66d778-003&rndcb=837588987 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=adconductor&bsw_param=680c3cbc-9414-4cc3-aac9-b2fdeafbe98c&google_hm=NjgwYzNjYmMtOTQxNC00Y2MzLWFhYzktYjJmZGVhZmJlOThj HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESELyz8I4ACzYl4DOByQZ9pOM&google_cver=1&ssp=adconductor&bsw_param=680c3cbc-9414-4cc3-aac9-b2fdeafbe98c HTTP 302
  • https://sync.1rx.io/usersync/bidswitch/680c3cbc-9414-4cc3-aac9-b2fdeafbe98c?gdpr=&gdpr_consent= HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-8429784b-6615-44da-bd38-2e8cbd66d778-003?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%3D%26piggybackCookie%3DRX-8429784b-6615-44da-bd38-2e8cbd66d778-003 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-8429784b-6615-44da-bd38-2e8cbd66d778-003
Request Chain 250
  • https://green.erne.co/pubmatic/cm HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=QJTrkX5HMx3AM8MQjJDaXky7 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?p=156872&pmc=1&pr=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fpbm-usync%3Fuid%3D94A8FEED-3C24-4429-940E-599AF60A8C6A HTTP 302
  • https://router.infolinks.com/dyn/pbm-usync?uid=94A8FEED-3C24-4429-940E-599AF60A8C6A
Request Chain 252
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID} HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Request Chain 254
  • https://trc.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=uid:$UID HTTP 302
  • https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=f4522dd7-ac4b-481a-a93d-0009919078c9-tuct850bc7a&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Request Chain 256
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=lKj-7TwkRCmUDlma9gqMag%3D%3D HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Request Chain 257
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=714d6157-36fa-4300-b14d-a18edead5062
Request Chain 258
  • https://pixel.onaudience.com/?partner=214&mapped=94A8FEED-3C24-4429-940E-599AF60A8C6A HTTP 302
  • https://spl.zeotap.com/?zdid=1332&zcluid=2f1b0a2414f63232
Request Chain 259
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESELziic0k1NqFrBcNBV2PS7w&google_cver=1 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?p=156872&pmc=1&pr=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fpbm-usync%3Fuid%3D94A8FEED-3C24-4429-940E-599AF60A8C6A HTTP 302
  • https://router.infolinks.com/dyn/pbm-usync?uid=94A8FEED-3C24-4429-940E-599AF60A8C6A
Request Chain 261
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:714d6157-36fa-4300-b14d-a18edead5062&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Request Chain 262
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=6142303374695120563 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Request Chain 263
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=23a9f547-69cd-444a-8891-728ca5b966b6 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Request Chain 264
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=634636179186247923&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?p=156872&pmc=1&pr=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fpbm-usync%3Fuid%3D94A8FEED-3C24-4429-940E-599AF60A8C6A HTTP 302
  • https://router.infolinks.com/dyn/pbm-usync?uid=94A8FEED-3C24-4429-940E-599AF60A8C6A
Request Chain 265
  • https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=r4vzpKqMoPK0iqWhoNjr9fvcpKC0jKD2qIjqsxBB HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?p=156872&pmc=1&pr=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fpbm-usync%3Fuid%3D94A8FEED-3C24-4429-940E-599AF60A8C6A HTTP 302
  • https://router.infolinks.com/dyn/pbm-usync?uid=94A8FEED-3C24-4429-940E-599AF60A8C6A
Request Chain 266
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=94A8FEED-3C24-4429-940E-599AF60A8C6A&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-J5MgTgxE2uX_qkd4LytRJ70FFd_CYcs-~A&gdpr=0&gdpr_consent=
Request Chain 268
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.avct.cloud/getuid?url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dpubmatic HTTP 307
  • https://ads.avct.cloud/getuid?bounce=true&url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dpubmatic HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=59&user_id=ce889fc3-6233-4a3a-a2df-c3756a2b9266&ssp=pubmatic HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=680c3cbc-9414-4cc3-aac9-b2fdeafbe98c&gdpr=&gdpr_consent=&gdpr_pd=
Request Chain 270
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D&_test=YVc2_gAAAlCrpAA6 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YVc2_gAAAlCrpAA6&gdpr=0&gdpr_consent=&_test=YVc2_gAAAlCrpAA6
Request Chain 271
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2355061870237820537&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 272
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=no-consent&gdpr=1&gdpr_consent=
Request Chain 273
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:9eefde78-b001-477b-a198-857af31bb00d&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Request Chain 274
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=634636179186247923
Request Chain 277
  • https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D&_test=YVc2_gAAAFeeZgAT
Request Chain 278
  • https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YmUyYWM4M2M2ODUzYjcxM2FkYjM3MzQ0YWZiYjliN2NjNzFiNzBmYw
Request Chain 279
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESENAw25ZYkpWpsB7Y_YJRSZ8&google_cver=1
Request Chain 280
  • https://token.rubiconproject.com/token?pid=26594 HTTP 302
  • https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KU8KXX7B-1T-OVE&sigv=1&esig=2~9003e5b88665ca02cac1e2cb5d84763ff5ea28e4
Request Chain 281
  • https://token.rubiconproject.com/token?pid=25470 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1U4S1hYN0ItMVQtT1ZF
Request Chain 283
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/yzskfeq2DJNhdoSa7xWeWA?csrc= HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=3742114756429214828
Request Chain 290
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=17184-d HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=17184-d
Request Chain 291
  • https://ssum-sec.casalemedia.com/usermatchredir?s=189529&cb=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D323546%26extuid%3D HTTP 302
  • https://sync.adtelligent.com/csync?t=a&ep=323546&extuid=YVc2988-j77K-IFFqvvWpgAA%261218
Request Chain 294
  • https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307457%26extuid%3D%24UID HTTP 303
  • https://sync.console.adtarget.com.tr/csync?t=a&ep=307457&extuid=6142303374695120563
Request Chain 297
  • https://creativecdn.com/cm-notify?pi=admatic HTTP 302
  • https://creativecdn.com/cm-notify?pi=admatic&tc=1 HTTP 302
  • https://sync.console.adtarget.com.tr/csync?t=a&ep=307080&extuid=C3GOyp9DMzhQygpJx0JW&pi=admatic&tc=1
Request Chain 303
  • https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f0721f19-9a11-4603-6d77-11da737a68df&reqId=c00f89ce-c871-4734-7fb3-83f9afeba165&zdid=1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?google_gid=CAESEIuC-u-ahzj33O7KGK_1r2k&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f0721f19-9a11-4603-6d77-11da737a68df&reqId=c00f89ce-c871-4734-7fb3-83f9afeba165&zdid=1361
Request Chain 304
  • https://pixel.tapad.com/idsync/ex/push?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Df0721f19-9a11-4603-6d77-11da737a68df%26reqId%3Dc00f89ce-c871-4734-7fb3-83f9afeba165%26zdid%3D1361 HTTP 302
  • https://pixel.tapad.com/idsync/ex/push/check?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Df0721f19-9a11-4603-6d77-11da737a68df%26reqId%3Dc00f89ce-c871-4734-7fb3-83f9afeba165%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=f2586434-7c50-4ab5-bc63-f51731c0a231&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f0721f19-9a11-4603-6d77-11da737a68df&reqId=c00f89ce-c871-4734-7fb3-83f9afeba165&zdid=1361
Request Chain 306
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=2xlgrzl&ttd_tpi=1&ttd_puid=env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Df0721f19-9a11-4603-6d77-11da737a68df%26reqId%3Dc00f89ce-c871-4734-7fb3-83f9afeba165%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=23a9f547-69cd-444a-8891-728ca5b966b6&zpartnerid=6&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f0721f19-9a11-4603-6d77-11da737a68df&reqId=c00f89ce-c871-4734-7fb3-83f9afeba165&zdid=1361
Request Chain 310
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f0721f19-9a11-4603-6d77-11da737a68df&reqId=c00f89ce-c871-4734-7fb3-83f9afeba165&zdid=1361 HTTP 302
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f0721f19-9a11-4603-6d77-11da737a68df&reqId=c00f89ce-c871-4734-7fb3-83f9afeba165&zdid=1361&s_h=1 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=a6b9f5a8-a17b-4b71-9928-48d0301a5c24&zpartnerid=317&gdpr=1&gdpr_consent=
Request Chain 311
  • https://dpm.demdex.net/ibs:dpid=199624&dpuuid=f0721f19-9a11-4603-6d77-11da737a68df&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Df0721f19-9a11-4603-6d77-11da737a68df%26reqId%3Dc00f89ce-c871-4734-7fb3-83f9afeba165%26zdid%3D1361 HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=199624&dpuuid=f0721f19-9a11-4603-6d77-11da737a68df&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Df0721f19-9a11-4603-6d77-11da737a68df%26reqId%3Dc00f89ce-c871-4734-7fb3-83f9afeba165%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=25895917415134187250073887492006020299&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f0721f19-9a11-4603-6d77-11da737a68df&reqId=c00f89ce-c871-4734-7fb3-83f9afeba165&zdid=1361
Request Chain 313
  • https://bn01.er.bemail.it/zeotap.php?_bid=f0721f19-9a11-4603-6d77-11da737a68df&_from=Zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f0721f19-9a11-4603-6d77-11da737a68df&reqId=c00f89ce-c871-4734-7fb3-83f9afeba165&zdid=1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=BE1-2021100118-84449-0.089171001633105644-cf3bd9d0e676657ef4d48816d570e159&zdid=533&env=mWeb
Request Chain 314
  • https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%25%25COOKIE%25%25%26env%3DmWeb%26zpartnerid%3D563%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Df0721f19-9a11-4603-6d77-11da737a68df%26reqId%3Dc00f89ce-c871-4734-7fb3-83f9afeba165%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=7014135392026556563&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f0721f19-9a11-4603-6d77-11da737a68df&reqId=c00f89ce-c871-4734-7fb3-83f9afeba165&zdid=1361
Request Chain 315
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2885&partner_device_id=f0721f19-9a11-4603-6d77-11da737a68df HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2885&partner_device_id=f0721f19-9a11-4603-6d77-11da737a68df
Request Chain 316
  • https://idsync.frontend.weborama.fr/ids?key=zeotap&value=f0721f19-9a11-4603-6d77-11da737a68df&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Df0721f19-9a11-4603-6d77-11da737a68df%26reqId%3Dc00f89ce-c871-4734-7fb3-83f9afeba165%26zdid%3D1361 HTTP 302
  • https://idsync.frontend.weborama.fr/ids?key=zeotap&value=f0721f19-9a11-4603-6d77-11da737a68df&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Df0721f19-9a11-4603-6d77-11da737a68df%26reqId%3Dc00f89ce-c871-4734-7fb3-83f9afeba165%26zdid%3D1361&bounce=1&random=21554955 HTTP 302
  • https://mwzeom.zeotap.com/mw?webouuid=/KWcLfui7U6hK.08hxWb0u&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f0721f19-9a11-4603-6d77-11da737a68df&reqId=c00f89ce-c871-4734-7fb3-83f9afeba165&zdid=1361
Request Chain 318
  • https://bcp.crwdcntrl.net/map/c=13620/tp=ZEOT/tpid=f0721f19-9a11-4603-6d77-11da737a68df?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f0721f19-9a11-4603-6d77-11da737a68df&reqId=c00f89ce-c871-4734-7fb3-83f9afeba165&zdid=1361 HTTP 302
  • https://bcp.crwdcntrl.net/map/ct=y/c=13620/tp=ZEOT/tpid=f0721f19-9a11-4603-6d77-11da737a68df?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f0721f19-9a11-4603-6d77-11da737a68df&reqId=c00f89ce-c871-4734-7fb3-83f9afeba165&zdid=1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?pid=101aa7b3afa5d30f46ca46c812d1c2f1&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f0721f19-9a11-4603-6d77-11da737a68df&reqId=c00f89ce-c871-4734-7fb3-83f9afeba165&zdid=1361
Request Chain 319
  • https://cms.analytics.yahoo.com/cms?partner_id=ZTAP HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=y-qu1efLZE2opJPbkQcDhxGA27w5Ztsm8Xww--~A&zpartnerid=570&env=mWeb
Request Chain 320
  • https://aa.agkn.com/adscores/g.pixel?sid=9212299398&zctry=DEU&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f0721f19-9a11-4603-6d77-11da737a68df&reqId=c00f89ce-c871-4734-7fb3-83f9afeba165&zdid=1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1361&cid=4KrTc7jWVdGsU%2FvZB56tqpzKdkFCD3bL%2BS41iYitP1U%3D
Request Chain 324
  • https://sync-tm.everesttech.net/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Df0721f19-9a11-4603-6d77-11da737a68df%26reqId%3Dc00f89ce-c871-4734-7fb3-83f9afeba165%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=YVc2_gAAAlCrpAA6&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f0721f19-9a11-4603-6d77-11da737a68df&reqId=c00f89ce-c871-4734-7fb3-83f9afeba165&zdid=1361
Request Chain 325
  • https://pixel.mathtag.com/sync/img?mt_exid=10092&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%5BMM_UUID%5D%26env%3DmWeb%26zpartnerid%3D979%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Df0721f19-9a11-4603-6d77-11da737a68df%26reqId%3Dc00f89ce-c871-4734-7fb3-83f9afeba165%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=714d6157-36fa-4300-b14d-a18edead5062&env=mWeb&zpartnerid=979&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f0721f19-9a11-4603-6d77-11da737a68df&reqId=c00f89ce-c871-4734-7fb3-83f9afeba165&zdid=1361
Request Chain 326
  • https://usermatch.krxd.net/um/v2?partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f0721f19-9a11-4603-6d77-11da737a68df&reqId=c00f89ce-c871-4734-7fb3-83f9afeba165&zdid=1361 HTTP 302
  • https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f0721f19-9a11-4603-6d77-11da737a68df&reqId=c00f89ce-c871-4734-7fb3-83f9afeba165&zdid=1361
Request Chain 327
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=f0721f19-9a11-4603-6d77-11da737a68df&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f0721f19-9a11-4603-6d77-11da737a68df&reqId=c00f89ce-c871-4734-7fb3-83f9afeba165&zdid=1361 HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=f0721f19-9a11-4603-6d77-11da737a68df&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f0721f19-9a11-4603-6d77-11da737a68df&reqId=c00f89ce-c871-4734-7fb3-83f9afeba165&zdid=1361&dcc=t
Request Chain 328
  • https://tags.bluekai.com/site/87734?id=f0721f19-9a11-4603-6d77-11da737a68df&gdpr=1&gdpr_consent=&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1202%26env%3DmWeb%26cid%3D%24_BK_UUID%26BK_SWAP_DEST%3D87734&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f0721f19-9a11-4603-6d77-11da737a68df&reqId=c00f89ce-c871-4734-7fb3-83f9afeba165&zdid=1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?zpartnerid=1202&env=mWeb&cid=$_BK_UUID&BK_SWAP_DEST=87734
Request Chain 329
  • https://obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com/zeo?url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1395%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Df0721f19-9a11-4603-6d77-11da737a68df%26reqId%3Dc00f89ce-c871-4734-7fb3-83f9afeba165%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f0721f19-9a11-4603-6d77-11da737a68df&reqId=c00f89ce-c871-4734-7fb3-83f9afeba165&zdid=1361
Request Chain 332
  • https://pixel.sitescout.com/dmp/pixelSync?network=EPLANNING&rurl=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fuid%3D%7BUSER_ID%7D%26dc%3D0abbcb4eba840e59%26fi%3D77699cccf08a309c HTTP 302
  • https://u-ams02.e-planning.net/um?uid=no-consent&dc=0abbcb4eba840e59&fi=77699cccf08a309c
Request Chain 336
  • https://rtb.openx.net/sync/prebid?r=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Dff96d1aa62deeebd%26fi%3D77699cccf08a309c%26uid%3D%24%7BUID%7D HTTP 302
  • https://u-ams02.e-planning.net/um?dc=ff96d1aa62deeebd&fi=77699cccf08a309c&uid=a05dac23-db56-4909-b2c5-d3499480ebde
Request Chain 340
  • https://sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/?p=25BiP9IMgN&r=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fuid%3D[PDID]%26dc%3Dfabfd6762b833237%26fi%3D77699cccf08a309c HTTP 302
  • https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fads.us.e-planning.net%2F
Request Chain 341
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D8103fa85295fbe60%26fi%3D77699cccf08a309c%26uid%3D%24UID HTTP 302
  • https://u-ams02.e-planning.net/um?dc=8103fa85295fbe60&fi=77699cccf08a309c&uid=634636179186247923
Request Chain 343
  • https://ups.analytics.yahoo.com/ups/58414/occ HTTP 302
  • https://sync.e-planning.net/um?dc=d5ef3eaea371187e&iss=1&uid=y-mTXOWBpE2uHL.P4UjCAh6thOLF9faVQge.mK5is-~A
Request Chain 344
  • https://cs.admanmedia.com/sync/eplanning?redir=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D227acb3d18564968%26fi%3D77699cccf08a309c%26uid%3D%7B%24UID%7D HTTP 302
  • https://u-ams02.e-planning.net/um?dc=227acb3d18564968&fi=77699cccf08a309c&uid=c00944b7336de56682eaf6b93403ee305869d87d
Request Chain 345
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?&p=12186&endpoint=eu HTTP 301
  • https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Request Chain 347
  • https://ih.adscale.de/uu?cbfn=receive&t=1633105658 HTTP 302
  • https://ih.adscale.de/uu?cbfn=receive&t=1633105658&nut&uu=5aa65adb05774b408f82c0e5cd97dce9
Request Chain 352
  • https://ad.turn.com/r/cs?pid=21&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=2355061870237820537
Request Chain 360
  • https://api.retargetly.com/api?id=1473&src=0&url=https%3A%2F%2Fwww.oann.com%2Fsen-johnson-says-covid-19-peaked-before-vaccine-rollout-resurged-after-mass-vaccinations%2F&browserUrl=https%3A%2F%2Fads.us.e-planning.net%2Fuspd%2F1%2F%3Fct%3D1%26du%3Dhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D307971%2526extuid%253D%2524UID&ref=https%3A%2F%2Fads.us.e-planning.net%2Fuspd%2F1%2F%3Fct%3D1%26du%3Dhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D307971%2526extuid%253D%2524UID&utmz=&n=&md=&mk=&il=1&limit_drop=&userid=c2782a55-36d2-4c85-ad56-be18fe047c32&idx= HTTP 302
  • https://api.retargetly.com/api?id=1473&src=0&url=https%3A%2F%2Fwww.oann.com%2Fsen-johnson-says-covid-19-peaked-before-vaccine-rollout-resurged-after-mass-vaccinations%2F&browserUrl=https%3A%2F%2Fads.us.e-planning.net%2Fuspd%2F1%2F%3Fct%3D1%26du%3Dhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D307971%2526extuid%253D%2524UID&ref=https%3A%2F%2Fads.us.e-planning.net%2Fuspd%2F1%2F%3Fct%3D1%26du%3Dhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D307971%2526extuid%253D%2524UID&utmz=&n=&md=&mk=&il=1&limit_drop=&userid=c2782a55-36d2-4c85-ad56-be18fe047c32&idx=&_rlid=c2782a55-36d2-4c85-ad56-be18fe047c32
Request Chain 367
  • https://obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com/zeo?url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1395%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Df0721f19-9a11-4603-6d77-11da737a68df%26reqId%3D07bc0cc4-3bb5-417b-6fc7-f6c668b0725a%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f0721f19-9a11-4603-6d77-11da737a68df&reqId=07bc0cc4-3bb5-417b-6fc7-f6c668b0725a&zdid=1361
Request Chain 369
  • https://match.prod.bidr.io/cookie-sync/ie?gdpr=1 HTTP 303
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AABHVU7Crm4AABU6TyHI-A&expiration=1634315258&gdpr=1
Request Chain 370
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=714d6157-36fa-4300-b14d-a18edead5062&gdpr=1&gdpr_consent=
Request Chain 371
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1&gdpr=1 HTTP 302
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1633192058&gdpr=1
Request Chain 372
  • https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID&gdpr=1 HTTP 302
  • https://um.simpli.fi/no_match_opted_out
Request Chain 374
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&gdpr=1 HTTP 302
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&gdpr=1&prevuid=&knw=0 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=
Request Chain 401
  • https://cm.g.doubleclick.net/pixel?google_nid=retargetly_ddp&google_hm=YzI3ODJhNTUtMzZkMi00Yzg1LWFkNTYtYmUxOGZlMDQ3YzMy&google_cm HTTP 302
  • https://app.retargetly.com/sync?pid=11&google_gid=CAESEIsWKANsqV95WQ73JHcwsAQ&google_cver=1
Request Chain 404
  • https://tags.bluekai.com/site/28347?limit=0&id=c2782a55-36d2-4c85-ad56-be18fe047c32&redir=https%3A%2F%2Fapp.retargetly.com%2Fsync%3Fsid%3D%24_BK_UUID%26pid%3D9 HTTP 302
  • https://app.retargetly.com/sync?sid=$_BK_UUID&pid=9
Request Chain 405
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=83i98y4&ttd_tpi=1 HTTP 302
  • https://api.retargetly.com/sync?pid=13&sid=23a9f547-69cd-444a-8891-728ca5b966b6
Request Chain 408
  • https://secure.adnxs.com/getuid?https://app.retargetly.com/sync?sid=$UID&pid=2 HTTP 302
  • https://app.retargetly.com/sync?sid=634636179186247923&pid=2
Request Chain 409
  • https://trc.taboola.com/sg/retargetly/1/cm HTTP 302
  • https://app.retargetly.com/sync?pid=39&sid=f4522dd7-ac4b-481a-a93d-0009919078c9-tuct850bc7a
Request Chain 410
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3a%2f%2fapp.retargetly.com%2fsync%3fpid%3d14%26sid%3d%23PM_USER_ID HTTP 302
  • https://app.retargetly.com/sync?pid=14&sid=94A8FEED-3C24-4429-940E-599AF60A8C6A
Request Chain 411
  • https://sync.smartadserver.com/getuid?gdpr=0&url=https%3A%2F%2Fapp.retargetly.com%2Fsync%3Fsid%3D%5Bsas_uid%5D%26pid%3D63 HTTP 302
  • https://sync.smartadserver.com/getuid?gdpr=0&url=https://app.retargetly.com/sync?sid=[sas_uid]&pid=63&cklb=1 HTTP 302
  • https://app.retargetly.com/sync?sid=1428628817216158652
Request Chain 412
  • https://sync.teads.tv/rt/sync?vid=c2782a55-36d2-4c85-ad56-be18fe047c32&gdpr=0&us_privacy=%221-N-%22 HTTP 302
  • https://app.retargetly.com/sync?pid=51&sid=c2782a55-36d2-4c85-ad56-be18fe047c32
Request Chain 415
  • https://id5-sync.com/i/495/0.gif?callback=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dinmobi%26uid%3D%7BID5UID%7D HTTP 302
  • https://id5-sync.com/c/495/0/0/1.gif?gdpr=1&gdpr_consent=
Request Chain 416
  • https://ups.analytics.yahoo.com/ups/58424/occ HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-mTXOWBpE2uHL.P4UjCAh6thOLF9faVQge.mK5is-~A
Request Chain 417
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=appnexus&uid=634636179186247923
Request Chain 418
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danswermedia%26uid%3D%24UID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=answermedia&uid=634636179186247923
Request Chain 419
  • https://sync.1rx.io/usersync2/rmphb?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dunruly%26uid%3D%5BRX_UUID%5D HTTP 302
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=110&redir=https%3A%2F%2Fsync.1rx.io%2Fusersync3%2Fcentro%2F2064%2F%7BuserId%7D%3Fzcc%3D0%26sspret%3D1&rndcb=4567044888 HTTP 302
  • https://sync.1rx.io/usersync3/centro/2064/no-consent?zcc=0&sspret=1&rndcb=4567044888
Request Chain 421
  • https://match.sharethrough.com/FGMrCMMc/v1?redirectUri=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsharethrough%26uid%3D%24UID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=61406616-df60-4359-accf-c4093edc120b
Request Chain 429
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=714d6157-36fa-4300-b14d-a18edead5062&gdpr=1&gdpr_consent=
Request Chain 430
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1&gdpr=1 HTTP 302
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1633192058&gdpr=1
Request Chain 431
  • https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID&gdpr=1 HTTP 302
  • https://um.simpli.fi/no_match_opted_out
Request Chain 432
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=48&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=64&external_user_id=no-consent&expiration=1635697658
Request Chain 435
  • https://sync.extend.tv/r.gif?exchange=index HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=7d2e0559-9bac-4761-9788-67ba88ff47e9
Request Chain 436
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&gdpr=1 HTTP 302
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&gdpr=1&prevuid=&knw=0 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=
Request Chain 438
  • https://bbnaut.ibillboard.com/match/AdScale?partneruid=5aa65adb05774b408f82c0e5cd97dce9&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F0270885f19d346e0b337d29a4c93a7cf%2F1633105658670%2F0%2Fimg%3Ftpid%3D101%26tpuid%3DIBB_USER_ID&gdpr=0 HTTP 302
  • https://ih.adscale.de/sium/0270885f19d346e0b337d29a4c93a7cf/1633105658670/0/img?tpid=101&tpuid=BBID-01-03078196587711906-16408188
Request Chain 439
  • https://ups.analytics.yahoo.com/ups/58424/occ HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-mTXOWBpE2uHL.P4UjCAh6thOLF9faVQge.mK5is-~A
Request Chain 441
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=appnexus&uid=634636179186247923
Request Chain 442
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danswermedia%26uid%3D%24UID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=answermedia&uid=634636179186247923
Request Chain 443
  • https://sync.1rx.io/usersync2/rmphb?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dunruly%26uid%3D%5BRX_UUID%5D HTTP 302
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.1rx.io%2Fusersync3%2Fappnexus%2F2064%2F%24UID%3Fzcc%3D0%26sspret%3D1&rndcb=868990976 HTTP 302
  • https://sync.1rx.io/usersync3/appnexus/2064/634636179186247923?zcc=0&sspret=1&rndcb=868990976
Request Chain 445
  • https://match.sharethrough.com/FGMrCMMc/v1?redirectUri=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsharethrough%26uid%3D%24UID HTTP 302
  • https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=61406616-df60-4359-accf-c4093edc120b
Request Chain 454
  • https://pixel.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=1&external_user_id=J4F3UCKGJAY8gCFVKNJvAXPWIFQ8hiQCIIKNKI70
Request Chain 456
  • https://d.adroll.com/cm/index/ssp?gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0
Request Chain 457
  • https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_&gdpr=1 HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=odogLR3z1MwlnQ5&gdpr=1
Request Chain 458
  • https://px.owneriq.net/eucm/p/cc?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D31%26external_user_id%3D(OIQ_UUID) HTTP 302
  • https://px.owneriq.net/ecc?redir=https%3a%2f%2fdsum-sec.casalemedia.com%2fcrum%3fcm_dsp_id%3d31%26external_user_id%3dQ6863920581470284846&uid=Q6863920581470284846&ref=%2Feucm%2Fp%2Fcc HTTP 302
  • https://px.owneriq.net/noop?ct=image%2Fgif
Request Chain 463
  • https://sync.mathtag.com/sync/img?mt_exid=26&redir=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D108%26tpuid%3D%5BMM_UUID%5D&uid=a3679d52f51aa1971177c6f88cc693a0586716071fb504c387ee982a54e030d3&tpid=108&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F0270885f19d346e0b337d29a4c93a7cf%2F1633105658670%2F0%2Fimg&gdpr=0 HTTP 302
  • https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=108&tpuid=714d6157-36fa-4300-b14d-a18edead5062&gdpr=0&gdpr_consent=
Request Chain 464
  • https://adscale-emea.adnxs.com/getuid?https%3A%2F%2Fih.adscale.de%2Fsium%2F0270885f19d346e0b337d29a4c93a7cf%2F1633105658670%2F0%2Fimg%3Ftpid%3D75%26tpuid%3D%24UID&gdpr=0 HTTP 302
  • https://ih.adscale.de/sium/0270885f19d346e0b337d29a4c93a7cf/1633105658670/0/img?tpid=75&tpuid=634636179186247923&gdpr=0
Request Chain 469
  • https://ssum.casalemedia.com/usermatchredir?s=183592&cb=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D63%26tpuid%3D__UID__&uid=70b99bd78c82242f9b54d015cde7681055b5e6c9d1ad9f2c7f0939a67a3e378e&tpid=63&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F0270885f19d346e0b337d29a4c93a7cf%2F1633105658670%2F0%2Fimg&gdpr=0 HTTP 302
  • https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?gdpr=0&tpid=63&tpuid=YVc2988-j77K-IFFqvvWpgAA%261218
Request Chain 470
  • https://track.adform.net/serving/cookie/match/?party=9&uid=6fb7416cee729a96f6e766a4037d1390e43cc847b02375a05882fd65abd52b0a&tpid=42&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F0270885f19d346e0b337d29a4c93a7cf%2F1633105658670%2F0%2Fimg&gdpr=0 HTTP 302
  • https://ih.adscale.de/sium/0270885f19d346e0b337d29a4c93a7cf/1633105658670/0/img?tpid=42&gdpr=0&tpuid=6142303374695120563
Request Chain 473
  • https://dis.criteo.com/dis/usersync.aspx?r=17&p=32&cp=adscale&url=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D40%26tpuid%3D%40%40CRITEO_USERID%40%40&uid=cb1547ce6dff6480e4825408f1e5dc5025772dfd0f5547489097f7677672bf71&tpid=40&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F0270885f19d346e0b337d29a4c93a7cf%2F1633105658670%2F0%2Fimg&gdpr=0 HTTP 302
  • https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=40&tpuid=8f0de17b-dcc6-4f2e-a1fb-540214255d99&gdpr=0
Request Chain 474
  • https://sync.mathtag.com/sync/img?mt_exid=26&redir=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D39%26tpuid%3D%5BMM_UUID%5D&uid=0cef94c27974234f0f4b65a05509515fcc6d7076921d08c1dc18d47a01f4817e&tpid=39&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F0270885f19d346e0b337d29a4c93a7cf%2F1633105658670%2F0%2Fimg&gdpr=0 HTTP 302
  • https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=39&tpuid=714d6157-36fa-4300-b14d-a18edead5062&gdpr=0&gdpr_consent=
Request Chain 476
  • https://tracking.m6r.eu/sync/adscaleRedirect?gdprFallback=true&uid=27165c8b6312122d7b8462d8a2b7a397b616c9ac093fb5ff80feb369ccfbeba9&tpid=48&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F0270885f19d346e0b337d29a4c93a7cf%2F1633105658670%2F0%2Fjs&gdpr=0 HTTP 302
  • https://tracking.m6r.eu/sync/adscaleRedirect?gdprFallback=true&uid=27165c8b6312122d7b8462d8a2b7a397b616c9ac093fb5ff80feb369ccfbeba9&tpid=48&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F0270885f19d346e0b337d29a4c93a7cf%2F1633105658670%2F0%2Fjs&gdpr=0&checkcookies=true HTTP 302
  • https://ih.adscale.de/sium/0270885f19d346e0b337d29a4c93a7cf/1633105658670/0/js?tpid=48&tpuid=d4207fbca845d5fa4bd808ebade7bbc6
Request Chain 480
  • https://x.bidswitch.net/sync?ssp=admatic HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=bidswitch&ttd_tpi=1&ttd_puid=admatic&gdpr=&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=93&user_id=23a9f547-69cd-444a-8891-728ca5b966b6&expires=30&ssp=admatic&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT_21} HTTP 302
  • https://ads4.admatic.com.tr/showad/px/ums/sync/bsw?bsw_uuid=680c3cbc-9414-4cc3-aac9-b2fdeafbe98c&dsp_uuid=&dsp_id= HTTP 302
  • https://ads3.admatic.com.tr/user?bsw_uuid=680c3cbc-9414-4cc3-aac9-b2fdeafbe98c&dsp_uuid=&dsp_id=
Request Chain 482
  • https://x.bidswitch.net/sync?ssp=admatic HTTP 302
  • https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=admatic&bsw_custom_parameter=680c3cbc-9414-4cc3-aac9-b2fdeafbe98c HTTP 302
  • https://ads.creative-serving.com/ul_cb/bsw_sync?bidswitch_ssp_id=admatic&bsw_custom_parameter=680c3cbc-9414-4cc3-aac9-b2fdeafbe98c HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=4&user_id=3768f4b2-d992-45c4-aa5e-26d3cf12e45b&ssp=admatic&expires=30&user_group=5&bsw_param=680c3cbc-9414-4cc3-aac9-b2fdeafbe98c HTTP 302
  • https://ads4.admatic.com.tr/showad/px/ums/sync/bsw?bsw_uuid=680c3cbc-9414-4cc3-aac9-b2fdeafbe98c&dsp_uuid=&dsp_id= HTTP 302
  • https://ads3.admatic.com.tr/user?bsw_uuid=680c3cbc-9414-4cc3-aac9-b2fdeafbe98c&dsp_uuid=&dsp_id=
Request Chain 486
  • https://x.bidswitch.net/sync?ssp=admatic HTTP 302
  • https://green.erne.co/bidswitch/cm?bidswitch_ssp_id=admatic&gdpr=&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=270&expires=10&user_id=QJTrkX5HMx3AM8MQjJDaXky7&ssp=admatic HTTP 302
  • https://ads4.admatic.com.tr/showad/px/ums/sync/bsw?bsw_uuid=680c3cbc-9414-4cc3-aac9-b2fdeafbe98c&dsp_uuid=&dsp_id= HTTP 302
  • https://ads3.admatic.com.tr/user?bsw_uuid=680c3cbc-9414-4cc3-aac9-b2fdeafbe98c&dsp_uuid=&dsp_id=

487 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.oann.com/sen-johnson-says-covid-19-peaked-before-vaccine-rollout-resurged-after-mass-vaccinations/ 		65 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.oann.com/sen-johnson-says-covid-19-peaked-before-vaccine-rollout-resurged-after-mass-vaccinations/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f1c:adc:8702:9939:31da:b0b6:c3c3 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache/2.4.46 () PHP/7.4.5 / PHP/7.4.5
Resource Hash
80e3eee7e7c83a1117ee99d89d6c0f5adb65d0d4164f636b958d77caf2a45df1

Request headers

:method
GET
:authority
www.oann.com
:scheme
https
:path
/sen-johnson-says-covid-19-peaked-before-vaccine-rollout-resurged-after-mass-vaccinations/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Fri, 01 Oct 2021 16:27:34 GMT
content-type
text/html; charset=UTF-8
set-cookie
AWSALBTG=+olUmdoj4NhdgSIA++EMhRQeXY5wewjlzfipz8pNyYs90/3IjBeaOoRIqVUkpyM5zOhsrz2NGJ5Drv7lo+3yBu1l03mA3akWEdCM16H3kcJQrGwPVTYVPX5iGsLy/hgUGJriD2nzBHC8NHUIyVuO5UV9SYnsJiBdQlWBZRrRD9ZV1VpCvFI=; Expires=Fri, 08 Oct 2021 16:27:34 GMT; Path=/ AWSALBTGCORS=+olUmdoj4NhdgSIA++EMhRQeXY5wewjlzfipz8pNyYs90/3IjBeaOoRIqVUkpyM5zOhsrz2NGJ5Drv7lo+3yBu1l03mA3akWEdCM16H3kcJQrGwPVTYVPX5iGsLy/hgUGJriD2nzBHC8NHUIyVuO5UV9SYnsJiBdQlWBZRrRD9ZV1VpCvFI=; Expires=Fri, 08 Oct 2021 16:27:34 GMT; Path=/; SameSite=None; Secure AWSALB=p1oyEBxMcqp4AGuwwgh5d7OcAE/824F47BX2Jira+drNEav6XprL80tbdPrUnpFOUtT2gX61SM6ZuokGAnLRiEX9h1aFhoqctfMa2z2iLlNLVDRylc+nfuGDCRrh; Expires=Fri, 08 Oct 2021 16:27:34 GMT; Path=/ AWSALBCORS=p1oyEBxMcqp4AGuwwgh5d7OcAE/824F47BX2Jira+drNEav6XprL80tbdPrUnpFOUtT2gX61SM6ZuokGAnLRiEX9h1aFhoqctfMa2z2iLlNLVDRylc+nfuGDCRrh; Expires=Fri, 08 Oct 2021 16:27:34 GMT; Path=/; SameSite=None; Secure
server
Apache/2.4.46 () PHP/7.4.5
x-powered-by
PHP/7.4.5
link
<https://www.oann.com/wp-json/>; rel="https://api.w.org/" <https://www.oann.com/wp-json/wp/v2/posts/2536903>; rel="alternate"; type="application/json" <https://www.oann.com/?p=2536903>; rel=shortlink
last-modified
Fri, 01 Oct 2021 16:11:52 GMT
etag
"031cf486a5ff4426d8cf43b4925830d3"
content-encoding
gzip
vary
Accept-Encoding
access-control-allow-origin
*
referrer-policy
no-referrer-when-downgrade
js
www.googletagmanager.com/gtag/ 		96 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-98105905-1
Requested by
Host: www.oann.com
URL: https://www.oann.com/sen-johnson-says-covid-19-peaked-before-vaccine-rollout-resurged-after-mass-vaccinations/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
c87273285a7f89697937eac81b667834a441ce92498bb7140fd898939930a2cc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.oann.com/sen-johnson-says-covid-19-peaked-before-vaccine-rollout-resurged-after-mass-vaccinations/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 16:27:34 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38982
x-xss-protection
0
last-modified
Fri, 01 Oct 2021 15:21:36 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 01 Oct 2021 16:27:34 GMT
style.min.css
dzm0ugdauank9.cloudfront.net/wp-includes/css/dist/block-library/ 		79 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://dzm0ugdauank9.cloudfront.net/wp-includes/css/dist/block-library/style.min.css?ver=5.8.1
Requested by
Host: www.oann.com
URL: https://www.oann.com/sen-johnson-says-covid-19-peaked-before-vaccine-rollout-resurged-after-mass-vaccinations/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:1800:9:da2a:f240:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache/2.4.46 () PHP/7.4.5 /
Resource Hash
9110fc122dda3067c424d9b8ff7747e2030b0bd9298f69a3683d399ad3373a6a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.oann.com/sen-johnson-says-covid-19-peaked-before-vaccine-rollout-resurged-after-mass-vaccinations/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 17:48:51 GMT
content-encoding
gzip
age
340723
x-edge-origin-shield-skipped
0, 0
x-cache
Hit from cloudfront
content-length
10523
access-control-allow-origin
*
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 21 Sep 2021 20:33:27 GMT
server
Apache/2.4.46 () PHP/7.4.5
etag
"13abe-5cc874f616338-gzip"
vary
Accept-Encoding
content-type
text/css
via
1.1 eb83e7e264681d87a86c9b6a2159e502.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA2-C1
accept-ranges
bytes
x-amz-cf-id
UO657kMtIrYrDQBRP74cC3vc9i62-HtG_jCsu_3SORk2MRBYPzOSDQ==
expires
Tue, 27 Sep 2022 17:48:51 GMT
wpa-style.css
dzm0ugdauank9.cloudfront.net/wp-content/plugins/wp-accessibility/css/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://dzm0ugdauank9.cloudfront.net/wp-content/plugins/wp-accessibility/css/wpa-style.css?ver=5.8.1
Requested by
Host: www.oann.com
URL: https://www.oann.com/sen-johnson-says-covid-19-peaked-before-vaccine-rollout-resurged-after-mass-vaccinations/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:1800:9:da2a:f240:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache/2.4.46 () PHP/7.4.5 /
Resource Hash
e98fe68918e568093cd41f1eba2d1be09184150201f54c3c46df76ebfce6f852

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.oann.com/sen-johnson-says-covid-19-peaked-before-vaccine-rollout-resurged-after-mass-vaccinations/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 19:55:11 GMT
content-encoding
gzip
age
333143
x-edge-origin-shield-skipped
0, 0
x-cache
Hit from cloudfront
content-length
946
access-control-allow-origin
*
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 18 Aug 2021 20:34:21 GMT
server
Apache/2.4.46 () PHP/7.4.5
etag
"b59-5c9db5bf015f8-gzip"
vary
Accept-Encoding
content-type
text/css
via
1.1 eb83e7e264681d87a86c9b6a2159e502.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA2-C1
accept-ranges
bytes
x-amz-cf-id
FlrN3Czu3jG-3Xwe9jVSGwZoGlrPv3G_-znDa-wkZ0wAnY164eMzfg==
expires
Tue, 27 Sep 2022 19:55:11 GMT
style.css
dzm0ugdauank9.cloudfront.net/wp-content/themes/mh_newsdesk/ 		36 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://dzm0ugdauank9.cloudfront.net/wp-content/themes/mh_newsdesk/style.css?ver=1.0.2
Requested by
Host: www.oann.com
URL: https://www.oann.com/sen-johnson-says-covid-19-peaked-before-vaccine-rollout-resurged-after-mass-vaccinations/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:1800:9:da2a:f240:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache/2.4.46 () PHP/7.4.5 /
Resource Hash
d82efa509f154d1fdc5cb2e1c357964aca8cd3cba871ed300aef074bfe955115

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.oann.com/sen-johnson-says-covid-19-peaked-before-vaccine-rollout-resurged-after-mass-vaccinations/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 17:46:27 GMT
content-encoding
gzip
age
340867
x-edge-origin-shield-skipped
0, 0
x-cache
Hit from cloudfront
content-length
7881
access-control-allow-origin
*
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 09 Feb 2021 00:45:08 GMT
server
Apache/2.4.46 () PHP/7.4.5
etag
"8f2d-5badc9924fd98-gzip"
vary
Accept-Encoding
content-type
text/css
via
1.1 eb83e7e264681d87a86c9b6a2159e502.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA2-C1
accept-ranges
bytes
x-amz-cf-id
X_jxPzcYD6kQCKR5cXd6aCcrE1PaATll8nq2vqGiWK9_vrzAbbpRIQ==
expires
Tue, 27 Sep 2022 17:46:27 GMT
font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.3.0/css/ 		23 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/font-awesome/4.3.0/css/font-awesome.min.css
Requested by
Host: www.oann.com
URL: https://www.oann.com/sen-johnson-says-covid-19-peaked-before-vaccine-rollout-resurged-after-mass-vaccinations/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
541ac58217a8ade1a5e292a65a0661dc9db7a49ae13654943817a4fbc6761afd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.oann.com/sen-johnson-says-covid-19-peaked-before-vaccine-rollout-resurged-after-mass-vaccinations/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 16:27:34 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
632, 617
age
16658736
cdn-cachedat
2021-03-11 11:57:55
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
timing-allow-origin
*
access-control-allow-origin
*
last-modified
Mon, 25 Jan 2021 22:04:54 GMT
server
cloudflare
cdn-requestpullcode
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/css; charset=utf-8
cdn-cache
HIT
vary
Accept-Encoding
cache-control
public, max-age=31919000
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid
a9f1136dc57a7605179530d5ffb85493
cf-ray
69770f24589f1776-FRA
cdn-requestcountrycode
DE
cdn-requestpullsuccess
True
css
fonts.googleapis.com/ 		10 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=PT+Serif:300,400,400italic,600,700|Oswald:300,400,400italic,600,700
Requested by
Host: www.oann.com
URL: https://www.oann.com/sen-johnson-says-covid-19-peaked-before-vaccine-rollout-resurged-after-mass-vaccinations/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d9c895d200224618020ba6c844060d7edf258372a85b9140b36aa4177b895590
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.oann.com/sen-johnson-says-covid-19-peaked-before-vaccine-rollout-resurged-after-mass-vaccinations/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 01 Oct 2021 15:54:28 GMT
server
ESF
date
Fri, 01 Oct 2021 16:27:34 GMT
x-frame-options
SAMEORIGIN
report-to
{"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only
same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"
expires
Fri, 01 Oct 2021 16:27:34 GMT
frontend-gtag.min.js
dzm0ugdauank9.cloudfront.net/wp-content/plugins/google-analytics-dashboard-for-wp/assets/js/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dzm0ugdauank9.cloudfront.net/wp-content/plugins/google-analytics-dashboard-for-wp/assets/js/frontend-gtag.min.js?ver=7.0.1
Requested by
Host: www.oann.com
URL: https://www.oann.com/sen-johnson-says-covid-19-peaked-before-vaccine-rollout-resurged-after-mass-vaccinations/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:1800:9:da2a:f240:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache/2.4.46 () PHP/7.4.5 /
Resource Hash
ed748eabea3237e3fa0cac6fb04d0b8e64f937cf5a717105ed3dc1f3c6e0e20d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.oann.com/sen-johnson-says-covid-19-peaked-before-vaccine-rollout-resurged-after-mass-vaccinations/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 28 Sep 2021 22:21:37 GMT
content-encoding
gzip
age
237957
x-edge-origin-shield-skipped
0, 0
x-cache
Hit from cloudfront
content-length
3221
access-control-allow-origin
*
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 16 Sep 2021 15:08:39 GMT
server
Apache/2.4.46 () PHP/7.4.5
etag
"2e45-5cc1e30951c88-gzip"
vary
Accept-Encoding
content-type
application/x-javascript
via
1.1 eb83e7e264681d87a86c9b6a2159e502.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA2-C1
accept-ranges
bytes
x-amz-cf-id
JGkP5B_4LQvovYFUvMliXHLLUxYCmGgVN-jJ71GELIUIHgMHb1dUOA==
expires
Wed, 28 Sep 2022 22:21:37 GMT
jquery.min.js
dzm0ugdauank9.cloudfront.net/wp-includes/js/jquery/ 		87 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dzm0ugdauank9.cloudfront.net/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
Requested by
Host: www.oann.com
URL: https://www.oann.com/sen-johnson-says-covid-19-peaked-before-vaccine-rollout-resurged-after-mass-vaccinations/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:1800:9:da2a:f240:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache/2.4.46 () PHP/7.4.5 /
Resource Hash
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.oann.com/sen-johnson-says-covid-19-peaked-before-vaccine-rollout-resurged-after-mass-vaccinations/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 17:42:51 GMT
content-encoding
gzip
age
341083
x-edge-origin-shield-skipped
0, 0
x-cache
Hit from cloudfront
content-length
30908
access-control-allow-origin
*
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 21 Sep 2021 20:33:33 GMT
server
Apache/2.4.46 () PHP/7.4.5
etag
"15db1-5cc874fb92be0-gzip"
vary
Accept-Encoding
content-type
application/x-javascript
via
1.1 eb83e7e264681d87a86c9b6a2159e502.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA2-C1
accept-ranges
bytes
x-amz-cf-id
hTuyit4-IXlGsU36upUoRHE64f2rKnzZ0EnYkY2feQ0k_BDgDg5j5A==
expires
Tue, 27 Sep 2022 17:42:51 GMT
jquery-migrate.min.js
dzm0ugdauank9.cloudfront.net/wp-includes/js/jquery/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dzm0ugdauank9.cloudfront.net/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by
Host: www.oann.com
URL: https://www.oann.com/sen-johnson-says-covid-19-peaked-before-vaccine-rollout-resurged-after-mass-vaccinations/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:1800:9:da2a:f240:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache/2.4.46 () PHP/7.4.5 /
Resource Hash
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.oann.com/sen-johnson-says-covid-19-peaked-before-vaccine-rollout-resurged-after-mass-vaccinations/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 30 Sep 2021 21:53:15 GMT
content-encoding
gzip
age
66859
x-edge-origin-shield-skipped
0, 0
x-cache
Hit from cloudfront
content-length
4169
access-control-allow-origin
*
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 29 Dec 2020 04:42:36 GMT
server
Apache/2.4.46 () PHP/7.4.5
etag
"2bd8-5b7930512b970-gzip"
vary
Accept-Encoding
content-type
application/x-javascript
via
1.1 eb83e7e264681d87a86c9b6a2159e502.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA2-C1
accept-ranges
bytes
x-amz-cf-id
sxSOCe08CDEvvuLjDdfkdU9eMcc7eHppeyey-vle90GZ99kXx3hluw==
expires
Fri, 30 Sep 2022 21:53:15 GMT
gtm4wp-form-move-tracker.js
dzm0ugdauank9.cloudfront.net/wp-content/plugins/duracelltomi-google-tag-manager/js/ 		2 KB
874 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dzm0ugdauank9.cloudfront.net/wp-content/plugins/duracelltomi-google-tag-manager/js/gtm4wp-form-move-tracker.js?ver=1.13.1
Requested by
Host: www.oann.com
URL: https://www.oann.com/sen-johnson-says-covid-19-peaked-before-vaccine-rollout-resurged-after-mass-vaccinations/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:1800:9:da2a:f240:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache/2.4.46 () PHP/7.4.5 /
Resource Hash
dfbdff6c9f2de2d75edb5ae49d26a9c0af81801b17de08739e32b738ef23058e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.oann.com/sen-johnson-says-covid-19-peaked-before-vaccine-rollout-resurged-after-mass-vaccinations/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 30 Sep 2021 13:03:33 GMT
content-encoding
gzip
age
98641
x-edge-origin-shield-skipped
0, 0
x-cache
Hit from cloudfront
content-length
340
access-control-allow-origin
*
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 20 May 2021 20:01:45 GMT
server
Apache/2.4.46 () PHP/7.4.5
etag
"600-5c2c869a28e70-gzip"
vary
Accept-Encoding
content-type
application/x-javascript
via
1.1 eb83e7e264681d87a86c9b6a2159e502.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA2-C1
accept-ranges
bytes
x-amz-cf-id
ZNN9ZNKWo0H0nqe5c0EQFugHoo-S1abuqiUens3PAc3MO4PhBrxJqQ==
expires
Fri, 30 Sep 2022 13:03:33 GMT
scripts.js
dzm0ugdauank9.cloudfront.net/wp-content/themes/mh_newsdesk/js/ 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dzm0ugdauank9.cloudfront.net/wp-content/themes/mh_newsdesk/js/scripts.js?ver=5.8.1
Requested by
Host: www.oann.com
URL: https://www.oann.com/sen-johnson-says-covid-19-peaked-before-vaccine-rollout-resurged-after-mass-vaccinations/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:1800:9:da2a:f240:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache/2.4.46 () PHP/7.4.5 /
Resource Hash
2f325ae6eba35146be280cb1b42f68dda3d172bc2e0213ac9c35c4452dad1317

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.oann.com/sen-johnson-says-covid-19-peaked-before-vaccine-rollout-resurged-after-mass-vaccinations/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 19:55:11 GMT
content-encoding
gzip
age
333143
x-edge-origin-shield-skipped
0, 0
x-cache
Hit from cloudfront
content-length
5811
access-control-allow-origin
*
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 11 Jun 2020 14:47:31 GMT
server
Apache/2.4.46 () PHP/7.4.5
etag
"3a3c-5a7d00a549200-gzip"
vary
Accept-Encoding
content-type
application/x-javascript
via
1.1 eb83e7e264681d87a86c9b6a2159e502.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA2-C1
accept-ranges
bytes
x-amz-cf-id
vw2qCbBvjKwTHdc03beogNFQ-38Jn6pehKjV_Ts3rGC-C8c1-ZrLAw==
expires
Tue, 27 Sep 2022 19:55:11 GMT
qfycdXMQ-fQdxgz20.js
content.jwplatform.com/players/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://content.jwplatform.com/players/qfycdXMQ-fQdxgz20.js
Requested by
Host: www.oann.com
URL: https://www.oann.com/sen-johnson-says-covid-19-peaked-before-vaccine-rollout-resurged-after-mass-vaccinations/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:ca00:1:a3fa:7cc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
openresty /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.oann.com/sen-johnson-says-covid-19-peaked-before-vaccine-rollout-resurged-after-mass-vaccinations/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 16:27:26 GMT
content-encoding
gzip
server
openresty
age
8
x-edge-origin-shield-skipped
0
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
x-cache
Error from cloudfront
x-amz-cf-pop
FRA2-C2
content-length
240
via
1.1 784dd167d622737126ee2d76985e7d3c.cloudfront.net (CloudFront)
x-amz-cf-id
Mw9D8tIfu2r1hlBjOVB6aEEl5uocfyCOi_W-FAK5Zj6ypGRMLuD5nw==
sdk.js
connect.facebook.net/en_US/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js
Requested by
Host: www.oann.com
URL: https://www.oann.com/sen-johnson-says-covid-19-peaked-before-vaccine-rollout-resurged-after-mass-vaccinations/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
76ad5f8e17afd508bbce1d69b469d00e983b15889711fd96f504282a90f3ec95
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.oann.com/sen-johnson-says-covid-19-peaked-before-vaccine-rollout-resurged-after-mass-vaccinations/
Origin
https://www.oann.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
PxbBpXlggIf6IMzvUZ6yQA==
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
1684
x-fb-rlafr
0
x-fb-debug
048FYctXvEKpxGcCK72+T9Dmrm0pdoosdvdEuDnobJuEe69j3SUNEHEFUEH9u7hcbY6Z5OcOApPjYTCiQz3rKw==
x-fb-trip-id
917726464
x-fb-content-md5
6a99e361e1c3351c6dc728b243766522
x-frame-options
DENY
date
Fri, 01 Oct 2021 16:27:34 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
etag
"7a9578e3af0ff8952b2af4f50d5f8cc9"
timing-allow-origin
*
priority
u=3,i
expires
Fri, 01 Oct 2021 16:29:24 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		73 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: www.oann.com
URL: https://www.oann.com/sen-johnson-says-covid-19-peaked-before-vaccine-rollout-resurged-after-mass-vaccinations/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
sffe /
Resource Hash
0260dfd9a71c817954b58243bfc5190c85476fb0d4b4ae55662627230641ae72
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.oann.com/sen-johnson-says-covid-19-peaked-before-vaccine-rollout-resurged-after-mass-vaccinations/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 16:27:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1002 / 406 of 1000 / last-modified: 1633086334"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
25726
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 01 Oct 2021 16:27:34 GMT
OANtoplogo.jpg
d2pggiv3o55wnc.cloudfront.net/oann/wp-content/uploads/2019/10/ 		55 KB
55 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d2pggiv3o55wnc.cloudfront.net/oann/wp-content/uploads/2019/10/OANtoplogo.jpg
Requested by
Host: www.oann.com
URL: https://www.oann.com/sen-johnson-says-covid-19-peaked-before-vaccine-rollout-resurged-after-mass-vaccinations/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.225.84.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-84-116.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8c6fd8717d86c8dfe9a40fdc7b86770c0581553efebc75894fa8cf9f2bc501d6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.oann.com/sen-johnson-says-covid-19-peaked-before-vaccine-rollout-resurged-after-mass-vaccinations/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Tue, 13 Apr 2021 16:56:43 GMT
Via
1.1 32e3b86ae254a231182567c0124af893.cloudfront.net (CloudFront)
Connection
keep-alive
Last-Modified
Thu, 03 Oct 2019 22:57:13 GMT
Server
AmazonS3
Age
14772652
ETag
"6ded9aebb726b3af88e73cf871822bac"
X-Cache
Hit from cloudfront
Content-Type
image/jpeg
Cache-Control
max-age=31536000
X-Amz-Cf-Pop
FRA2-C2
Accept-Ranges
bytes
Content-Length
56130
X-Amz-Cf-Id
Guw_DacHpB0yEor53_T09p09SSwKNKPMFX1w6skjUbLnJkuAS8L7WQ==
Expires
Fri, 02 Oct 2020 22:57:12 GMT
KlowdTV-top-banner-2.jpg
dzm0ugdauank9.cloudfront.net/wp-content/uploads/2021/06/ 		74 KB
75 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dzm0ugdauank9.cloudfront.net/wp-content/uploads/2021/06/KlowdTV-top-banner-2.jpg
Requested by
Host: www.oann.com
URL: https://www.oann.com/sen-johnson-says-covid-19-peaked-before-vaccine-rollout-resurged-after-mass-vaccinations/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:1800:9:da2a:f240:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache/2.4.46 () PHP/7.4.5 /
Resource Hash
bde02ae501da9b3a9d23abd317e2d6730aa840c244fb7bb25b9a6774528ede44

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.oann.com/sen-johnson-says-covid-19-peaked-before-vaccine-rollout-resurged-after-mass-vaccinations/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 01:30:04 GMT
via
1.1 eb83e7e264681d87a86c9b6a2159e502.cloudfront.net (CloudFront)
age
53850
x-edge-origin-shield-skipped
0, 0
x-cache
Hit from cloudfront
content-length
76278
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 03 Jun 2021 16:15:56 GMT
server
Apache/2.4.46 () PHP/7.4.5
etag
"129f6-5c3dee3e19c78"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
x-amz-cf-pop
FRA2-C1
accept-ranges
bytes
x-amz-cf-id
aZYYkfgZ1vPLqHzM39hz9h7YTC4A-AMtFsXjm0VJX62lwMZvhXLBLQ==
expires
Sat, 01 Oct 2022 01:30:04 GMT
qfycdXMQ-fQdxgz20.js
content.jwplatform.com/players/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://content.jwplatform.com/players/qfycdXMQ-fQdxgz20.js
Requested by
Host: www.oann.com
URL: https://www.oann.com/sen-johnson-says-covid-19-peaked-before-vaccine-rollout-resurged-after-mass-vaccinations/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:ca00:1:a3fa:7cc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
openresty /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.oann.com/sen-johnson-says-covid-19-peaked-before-vaccine-rollout-resurged-after-mass-vaccinations/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 16:27:26 GMT
content-encoding
gzip
server
openresty
age
8
x-edge-origin-shield-skipped
0
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
x-cache
Error from cloudfront
x-amz-cf-pop
FRA2-C2
content-length
240
via
1.1 784dd167d622737126ee2d76985e7d3c.cloudfront.net (CloudFront)
x-amz-cf-id
X2RAdKUtfAg9Z-5yYHFtyD4avF2EGD2x1B1gSRH8vp6oSb1hWel6IQ==
analytics.js
www.google-analytics.com/ 		48 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-98105905-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.oann.com/sen-johnson-says-covid-19-peaked-before-vaccine-rollout-resurged-after-mass-vaccinations/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 11 Aug 2021 00:32:57 GMT
server
Golfe2
age
5734
date
Fri, 01 Oct 2021 14:52:00 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19747
expires
Fri, 01 Oct 2021 16:52:00 GMT
gtm.js
www.googletagmanager.com/ 		81 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-NBMK8NJ
Requested by
Host: www.oann.com
URL: https://www.oann.com/sen-johnson-says-covid-19-peaked-before-vaccine-rollout-resurged-after-mass-vaccinations/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
cb075fa27e70474142a19eabb082529569f5eb549be48370fa4c9ce1132e02fa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.oann.com/sen-johnson-says-covid-19-peaked-before-vaccine-rollout-resurged-after-mass-vaccinations/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 16:27:34 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
32591
x-xss-protection
0
last-modified
Fri, 01 Oct 2021 15:21:36 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 01 Oct 2021 16:27:34 GMT
pollembed.js
scripts.poll-maker.com/3012/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://scripts.poll-maker.com/3012/pollembed.js
Requested by
Host: www.oann.com
URL: https://www.oann.com/sen-johnson-says-covid-19-peaked-before-vaccine-rollout-resurged-after-mass-vaccinations/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:49dc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
b301995ea6cfc1e520a7fdf267e26b60dfa9eaf40c313b236d7db34126027075

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.oann.com/sen-johnson-says-covid-19-peaked-before-vaccine-rollout-resurged-after-mass-vaccinations/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 16:27:34 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
462609
x-powered-by
ASP.NET
last-modified
Mon, 13 Sep 2021 00:29:11 GMT
server
cloudflare
etag
W/"643cf5f36a8d71:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=59f6bCD2TueK8Uv21KTjWPSqMKwtBlFIvIQJpahPjsGPv2Nzv5ypaGURkWacchTsDhym9UsTTxyd%2BPMKiPZl%2BH%2BckBOaU4OHKZM5MXt%2BnzY%2F%2FBVAceR5ej%2BTL%2BSTxATzHr9X0lFimVFDgfE4YXh8EXWK%2BMY%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=691200
cf-ray
69770f24e86b5c85-FRA
cf-bgj
minify
background-takeover-plain.jpg
d2pggiv3o55wnc.cloudfront.net/oann/wp-content/uploads/2018/12/ 		215 KB
216 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d2pggiv3o55wnc.cloudfront.net/oann/wp-content/uploads/2018/12/background-takeover-plain.jpg
Requested by
Host: www.oann.com
URL: https://www.oann.com/sen-johnson-says-covid-19-peaked-before-vaccine-rollout-resurged-after-mass-vaccinations/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.225.84.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-84-116.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d837a8bd2d9d0030c7dc50304ecc5f7c83ca5d0992cf58eecd61079d35f83dba

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.oann.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Tue, 31 Aug 2021 06:20:25 GMT
Via
1.1 57d93b321db68494cc6755a0d3fb29cd.cloudfront.net (CloudFront)
Connection
keep-alive
Last-Modified
Tue, 04 Dec 2018 16:21:00 GMT
Server
AmazonS3
Age
2714830
ETag
"2dc2b57c085e8e5b146b6aa613340775"
X-Cache
Hit from cloudfront
Content-Type
image/jpeg
Cache-Control
max-age=31536000
X-Amz-Cf-Pop
FRA2-C2
Accept-Ranges
bytes
Content-Length
220138
X-Amz-Cf-Id
cB22v005Fxx4VU8Jr5JyUXpKYlTBmA8DKGvpwRfyiT0rWKzaMMMYAg==
Expires
Wed, 04 Dec 2019 16:20:59 GMT
TK3iWkUHHAIjg752GT8G.woff2
fonts.gstatic.com/s/oswald/v40/ 		31 KB
31 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/oswald/v40/TK3iWkUHHAIjg752GT8G.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT+Serif:300,400,400italic,600,700|Oswald:300,400,400italic,600,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d287da709652059aee8af366398fb5597fa3bf2e9cbe53b7c8ffe3da44f19ff8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.oann.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 19:58:57 GMT
x-content-type-options
nosniff
age
332917
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31624
x-xss-protection
0
last-modified
Tue, 10 Aug 2021 00:16:38 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 27 Sep 2022 19:58:57 GMT
EJRVQgYoZZY2vCFuvAFWzr8.woff2
fonts.gstatic.com/s/ptserif/v12/ 		32 KB
32 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ptserif/v12/EJRVQgYoZZY2vCFuvAFWzr8.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT+Serif:300,400,400italic,600,700|Oswald:300,400,400italic,600,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ef391572f9fbb7bab7fef6ce2c4fc92ad68a8c148889a79cb9f9b1452d851fab
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.oann.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 07:13:16 GMT
x-content-type-options
nosniff
age
378858
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
32960
x-xss-protection
0
last-modified
Thu, 10 Sep 2020 17:06:03 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 27 Sep 2022 07:13:16 GMT
sdk.js
connect.facebook.net/en_US/ 		269 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js?hash=0a8addf8a208dfc2e2264eade858e5bb
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
521bfaef9d8db07362d322f775abb899adf53cdab9fd752cd6fd87b9e84d4705
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.oann.com/sen-johnson-says-covid-19-peaked-before-vaccine-rollout-resurged-after-mass-vaccinations/
Origin
https://www.oann.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
LIuiUML7IRxS79JZmrLyaQ==
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
77716
x-fb-rlafr
0
x-fb-debug
Bd/HdahqUNY/ifxWt6+c2LmdOROBVlL9DcfigzL2pYHLB1kNNOCFh1Pr9s0a+TWq80/ql9OYH7Klb9K3rfjcvA==
x-fb-trip-id
917726464
x-fb-content-md5
805cdeceaac3ac4ae2710177566170dc
x-frame-options
DENY
date
Fri, 01 Oct 2021 16:27:34 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
etag
"1a0abcb40fe9e6790b9ba56ebec5f7dc"
timing-allow-origin
*
expires
Sat, 01 Oct 2022 14:58:08 GMT
oneamericanewsnetwork.js
cdn1.lockerdomecdn.com/embeds/ 		8 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn1.lockerdomecdn.com/embeds/oneamericanewsnetwork.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NBMK8NJ
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.139.241.28 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
nginx /
Resource Hash
bae0b6cbc6f070c5e7422511065ecb1afe95c4bb3bdda660101d1a031f8b53e1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.oann.com/sen-johnson-says-covid-19-peaked-before-vaccine-rollout-resurged-after-mass-vaccinations/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 16:27:34 GMT
content-encoding
gzip
last-modified
Tue, 03 Aug 2021 18:08:23 GMT
server
nginx
etag
W/"217a6f61f92769a8ad90bdab4c5fc311"
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript
accept-ranges
bytes
infolinks_main.js
resources.infolinks.com/js/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://resources.infolinks.com/js/infolinks_main.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NBMK8NJ
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3be0a5a4f4980d0f231ca381f2ff37a91b9adcb061efe6d814cdb1c5a4f7f724

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.oann.com/sen-johnson-says-covid-19-peaked-before-vaccine-rollout-resurged-after-mass-vaccinations/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

cf-ray
69770f255a784007-CDG
date
Fri, 01 Oct 2021 16:27:34 GMT
via
1.1 google
cf-cache-status
HIT
last-modified
Fri, 01 Oct 2021 09:28:11 GMT
server
cloudflare
age
10760
etag
W/"d75-5cd472e8f79e3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600
content-encoding
gzip
expires
Fri, 01 Oct 2021 14:28:14 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		141 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NBMK8NJ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
38dfac74df11512b29ed7fc2dbc518c935784ffbbde4f270cad34aa73f7366ca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.oann.com/sen-johnson-says-covid-19-peaked-before-vaccine-rollout-resurged-after-mass-vaccinations/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 16:27:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
50349
x-xss-protection
0
server
cafe
etag
10491798343361560794
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Fri, 01 Oct 2021 16:27:34 GMT
widgets.js
platform.twitter.com/ 		96 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets.js
Requested by
Host: www.oann.com
URL: https://www.oann.com/sen-johnson-says-covid-19-peaked-before-vaccine-rollout-resurged-after-mass-vaccinations/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (mil/6CF9) /
Resource Hash
cfd3099998b0c37ace8024cbd802160585ba9be1c0047fefc172035184f074df

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.oann.com/sen-johnson-says-covid-19-peaked-before-vaccine-rollout-resurged-after-mass-vaccinations/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Fri, 01 Oct 2021 16:27:34 GMT
Content-Encoding
gzip
Last-Modified
Thu, 30 Sep 2021 19:09:26 GMT
Server
ECS (mil/6CF9)
Age
42
Etag
"f9ab884058c9d8de47075baa622f0e7e+gzip"
Vary
Accept-Encoding
x-tw-cdn
VZ
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=1800
X-Cache
HIT
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Content-Length
28869
delivery.js
assets.revcontent.com/master/ 		388 KB
108 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.revcontent.com/master/delivery.js
Requested by
Host: www.oann.com
URL: https://www.oann.com/sen-johnson-says-covid-19-peaked-before-vaccine-rollout-resurged-after-mass-vaccinations/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c225fd985ca2ebd5f97e2f81d24ba0b4219def9c054f9cf44739c7d108d193bf

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.oann.com/sen-johnson-says-covid-19-peaked-before-vaccine-rollout-resurged-after-mass-vaccinations/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 16:27:34 GMT
content-encoding
gzip
last-modified
Thu, 30 Sep 2021 14:49:07 GMT
server
AmazonS3
x-amz-request-id
SDN3WENF8KJM4H23
etag
"6c2624b28eb3abc544ba2eb423e77e5a"
x-hw
1633105654.cds164.fr8.hn,1633105654.cds055.fr8.c
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public,max-age=60
accept-ranges
bytes
content-length
110585
x-amz-id-2
kRpyDvUUeLGa/Pi34FtzNyKA1TiYxE4yLZRBRQVPdeSEkDtq0hhmYeKrH4jVYpSqg+FS8hGRdAQ=
parler_white.png
hnwebcontent.s3-us-west-1.amazonaws.com/oann/wp-content/uploads/2020/11/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hnwebcontent.s3-us-west-1.amazonaws.com/oann/wp-content/uploads/2020/11/parler_white.png
Requested by
Host: www.oann.com
URL: https://www.oann.com/sen-johnson-says-covid-19-peaked-before-vaccine-rollout-resurged-after-mass-vaccinations/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.219.112.169 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-us-west-1-r-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
cb34d27bca125b742bee85f479c0bb789630c9f12410df9f4913de21d474a256

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.oann.com/sen-johnson-says-covid-19-peaked-before-vaccine-rollout-resurged-after-mass-vaccinations/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Fri, 01 Oct 2021 16:27:36 GMT
Last-Modified
Thu, 03 Dec 2020 23:16:17 GMT
Server
AmazonS3
x-amz-request-id
DEKR36RV1F9FQFVA
ETag
"ac1957a97afa875c971a0bf906361564"
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
1922
x-amz-id-2
QE67pVOXFzzbigQeJE1zve/xvHFSSJJKT0Au+8NXpDiiZ4CzwwLphb6JLZ2cYRhW4FHR9Gc6OKc=
07-01-2021_FreeTalk45_LARGE.png
dzm0ugdauank9.cloudfront.net/wp-content/uploads/2021/07/ 		468 KB
469 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dzm0ugdauank9.cloudfront.net/wp-content/uploads/2021/07/07-01-2021_FreeTalk45_LARGE.png
Requested by
Host: www.oann.com
URL: https://www.oann.com/sen-johnson-says-covid-19-peaked-before-vaccine-rollout-resurged-after-mass-vaccinations/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:1800:9:da2a:f240:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache/2.4.46 () PHP/7.4.5 /
Resource Hash
279165340fde9c5e5ace9ac2edd77824664af98da8f6e0f55c6b4a7cdea822df

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.oann.com/sen-johnson-says-covid-19-peaked-before-vaccine-rollout-resurged-after-mass-vaccinations/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 30 Sep 2021 12:57:40 GMT
via
1.1 eb83e7e264681d87a86c9b6a2159e502.cloudfront.net (CloudFront)
age
98993
x-edge-origin-shield-skipped
0, 0
x-cache
Hit from cloudfront
content-length
479542
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 02 Jul 2021 16:34:27 GMT
server
Apache/2.4.46 () PHP/7.4.5
etag
"75136-5c62687724498"
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=31536000
x-amz-cf-pop
FRA2-C1
accept-ranges
bytes
x-amz-cf-id
jChEGxaSbSpVECIcqxbbwl0A4gj30bNDBv3sx_ovXQyELJOIJ4_UgA==
expires
Fri, 30 Sep 2022 12:57:40 GMT
p.jpg
dzm0ugdauank9.cloudfront.net/wp-content/uploads/2021/06/ 		215 KB
215 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dzm0ugdauank9.cloudfront.net/wp-content/uploads/2021/06/p.jpg
Requested by
Host: www.oann.com
URL: https://www.oann.com/sen-johnson-says-covid-19-peaked-before-vaccine-rollout-resurged-after-mass-vaccinations/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:1800:9:da2a:f240:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache/2.4.46 () PHP/7.4.5 /
Resource Hash
37430d4d05c7f8cdfa516b082653629ddac7d0361b9af9fc72a0c6c46f368670

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.oann.com/sen-johnson-says-covid-19-peaked-before-vaccine-rollout-resurged-after-mass-vaccinations/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 19:06:20 GMT
via
1.1 eb83e7e264681d87a86c9b6a2159e502.cloudfront.net (CloudFront)
age
163274
x-edge-origin-shield-skipped
0, 0
x-cache
Hit from cloudfront
content-length
219886
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 28 Jun 2021 17:58:40 GMT
server
Apache/2.4.46 () PHP/7.4.5
etag
"35aee-5c5d73d4ad078"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
x-amz-cf-pop
FRA2-C1
accept-ranges
bytes
x-amz-cf-id
lfv9MtCndUtwuJHx_hM5x8wahl-Tb1aFlyVaXXxTKM8pnb4XrpdY6w==
expires
Thu, 29 Sep 2022 19:06:20 GMT
comment_count.js
dzm0ugdauank9.cloudfront.net/wp-content/plugins/disqus-comment-system/public/js/ 		889 B
977 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dzm0ugdauank9.cloudfront.net/wp-content/plugins/disqus-comment-system/public/js/comment_count.js?ver=3.0.22
Requested by
Host: www.oann.com
URL: https://www.oann.com/sen-johnson-says-covid-19-peaked-before-vaccine-rollout-resurged-after-mass-vaccinations/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:1800:9:da2a:f240:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache/2.4.46 () PHP/7.4.5 /
Resource Hash
cea0a05c5af6e21a409875328ed2e3dba79131b7c41f8ea07d0e0e02c7b7b59e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.oann.com/sen-johnson-says-covid-19-peaked-before-vaccine-rollout-resurged-after-mass-vaccinations/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 30 Sep 2021 19:42:27 GMT
content-encoding
gzip
age
74707
x-edge-origin-shield-skipped
0, 0
x-cache
Hit from cloudfront
content-length
440
access-control-allow-origin
*
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 28 May 2021 16:55:47 GMT
server
Apache/2.4.46 () PHP/7.4.5
etag
"379-5c366bf51f060-gzip"
vary
Accept-Encoding
content-type
application/x-javascript
via
1.1 eb83e7e264681d87a86c9b6a2159e502.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA2-C1
accept-ranges
bytes
x-amz-cf-id
dLn_fNIILS3J2FJvDT72rNNtKaHC1Y2EWqZI-rXOpD5llqJW-sc6PQ==
expires
Fri, 30 Sep 2022 19:42:27 GMT
comment_embed.js
dzm0ugdauank9.cloudfront.net/wp-content/plugins/disqus-comment-system/public/js/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dzm0ugdauank9.cloudfront.net/wp-content/plugins/disqus-comment-system/public/js/comment_embed.js?ver=3.0.22
Requested by
Host: www.oann.com
URL: https://www.oann.com/sen-johnson-says-covid-19-peaked-before-vaccine-rollout-resurged-after-mass-vaccinations/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:1800:9:da2a:f240:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache/2.4.46 () PHP/7.4.5 /
Resource Hash
556172885a172763c715eace05597d5575ee4d4f2df6b61d723f4666b0a730a9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.oann.com/sen-johnson-says-covid-19-peaked-before-vaccine-rollout-resurged-after-mass-vaccinations/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 30 Sep 2021 19:42:27 GMT
content-encoding
gzip
age
74707
x-edge-origin-shield-skipped
0, 0
x-cache
Hit from cloudfront
content-length
519
access-control-allow-origin
*
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 28 May 2021 16:55:47 GMT
server
Apache/2.4.46 () PHP/7.4.5
etag
"4d0-5c366bf51adf8-gzip"
vary
Accept-Encoding
content-type
application/x-javascript
via
1.1 eb83e7e264681d87a86c9b6a2159e502.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA2-C1
accept-ranges
bytes
x-amz-cf-id
IkySBT0TQz9EwCm5-B4Go-vb3H8VS82JQJqKKMdDoCCPT-o4ppX20g==
expires
Fri, 30 Sep 2022 19:42:27 GMT
longdesc.button.js
dzm0ugdauank9.cloudfront.net/wp-content/plugins/wp-accessibility/js/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dzm0ugdauank9.cloudfront.net/wp-content/plugins/wp-accessibility/js/longdesc.button.js?ver=1.0
Requested by
Host: www.oann.com
URL: https://www.oann.com/sen-johnson-says-covid-19-peaked-before-vaccine-rollout-resurged-after-mass-vaccinations/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:1800:9:da2a:f240:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache/2.4.46 () PHP/7.4.5 /
Resource Hash
038a45acddcad81c3766a9110ca62f49e93db36e7e396f886bd9c188da25fee0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.oann.com/sen-johnson-says-covid-19-peaked-before-vaccine-rollout-resurged-after-mass-vaccinations/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 30 Sep 2021 13:03:34 GMT
content-encoding
gzip
age
98640
x-edge-origin-shield-skipped
0, 0
x-cache
Hit from cloudfront
content-length
802
access-control-allow-origin
*
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 18 Aug 2021 20:34:21 GMT
server
Apache/2.4.46 () PHP/7.4.5
etag
"a2e-5c9db5bf1bbd8-gzip"
vary
Accept-Encoding
content-type
application/x-javascript
via
1.1 eb83e7e264681d87a86c9b6a2159e502.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA2-C1
accept-ranges
bytes
x-amz-cf-id
cLQxjmr2J0nOlI-bZCJtQdWkWO7kvRYiBjdK5wdnXKdfOkg5byFCVA==
expires
Fri, 30 Sep 2022 13:03:34 GMT
current-menu-item.js
dzm0ugdauank9.cloudfront.net/wp-content/plugins/wp-accessibility/js/ 		138 B
657 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dzm0ugdauank9.cloudfront.net/wp-content/plugins/wp-accessibility/js/current-menu-item.js?ver=1.0
Requested by
Host: www.oann.com
URL: https://www.oann.com/sen-johnson-says-covid-19-peaked-before-vaccine-rollout-resurged-after-mass-vaccinations/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:1800:9:da2a:f240:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache/2.4.46 () PHP/7.4.5 /
Resource Hash
b97e05411def19f898ee5b52a8241d47780894133d4176dbafd074fbc9f90af6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.oann.com/sen-johnson-says-covid-19-peaked-before-vaccine-rollout-resurged-after-mass-vaccinations/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 01:30:04 GMT
content-encoding
gzip
age
53850
x-edge-origin-shield-skipped
0, 0
x-cache
Hit from cloudfront
content-length
121
access-control-allow-origin
*
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 18 Aug 2021 20:34:21 GMT
server
Apache/2.4.46 () PHP/7.4.5
etag
"8a-5c9db5bf240a8-gzip"
vary
Accept-Encoding
content-type
application/x-javascript
via
1.1 eb83e7e264681d87a86c9b6a2159e502.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA2-C1
accept-ranges
bytes
x-amz-cf-id
yRir2MdVN5-iI16jIpq_V_jS4a8wNTjQJ0EUO8k8VXLxENIyig52zQ==
expires
Sat, 01 Oct 2022 01:30:04 GMT
comment-reply.min.js
dzm0ugdauank9.cloudfront.net/wp-includes/js/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dzm0ugdauank9.cloudfront.net/wp-includes/js/comment-reply.min.js?ver=5.8.1
Requested by
Host: www.oann.com
URL: https://www.oann.com/sen-johnson-says-covid-19-peaked-before-vaccine-rollout-resurged-after-mass-vaccinations/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:1800:9:da2a:f240:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache/2.4.46 () PHP/7.4.5 /
Resource Hash
143ce443c390db3b8598f951de20bd04623859a581a15b8cde43ebfa1f8ec103

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.oann.com/sen-johnson-says-covid-19-peaked-before-vaccine-rollout-resurged-after-mass-vaccinations/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 30 Sep 2021 19:41:09 GMT
content-encoding
gzip
age
74785
x-edge-origin-shield-skipped
0, 0
x-cache
Hit from cloudfront
content-length
1346
access-control-allow-origin
*
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 28 Jun 2021 15:24:06 GMT
server
Apache/2.4.46 () PHP/7.4.5
etag
"ba8-5c5d5147ef1f8-gzip"
vary
Accept-Encoding
content-type
application/x-javascript
via
1.1 eb83e7e264681d87a86c9b6a2159e502.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA2-C1
accept-ranges
bytes
x-amz-cf-id
jJp3PIwpAm7VqDFCUo8l21Ejdemx6R6gooU6a4veM6bDQ0MUoyqdwg==
expires
Fri, 30 Sep 2022 19:41:09 GMT
wp-accessibility.js
dzm0ugdauank9.cloudfront.net/wp-content/plugins/wp-accessibility/js/ 		915 B
914 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dzm0ugdauank9.cloudfront.net/wp-content/plugins/wp-accessibility/js/wp-accessibility.js?ver=1.0
Requested by
Host: www.oann.com
URL: https://www.oann.com/sen-johnson-says-covid-19-peaked-before-vaccine-rollout-resurged-after-mass-vaccinations/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:1800:9:da2a:f240:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache/2.4.46 () PHP/7.4.5 /
Resource Hash
dab4e8e5049584bfe935b784b24f987bb12df253a775384fd355cf733b2d53d0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.oann.com/sen-johnson-says-covid-19-peaked-before-vaccine-rollout-resurged-after-mass-vaccinations/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 19:55:11 GMT
content-encoding
gzip
age
333143
x-edge-origin-shield-skipped
0, 0
x-cache
Hit from cloudfront
content-length
377
access-control-allow-origin
*
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 18 Aug 2021 20:34:21 GMT
server
Apache/2.4.46 () PHP/7.4.5
etag
"393-5c9db5bf31398-gzip"
vary
Accept-Encoding
content-type
application/x-javascript
via
1.1 eb83e7e264681d87a86c9b6a2159e502.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA2-C1
accept-ranges
bytes
x-amz-cf-id
jokWWsLH_dI_316o8Xp66Zef36XwaRoF41-y-HaWXdCtY6zMfBfOSw==
expires
Tue, 27 Sep 2022 19:55:11 GMT
wp-embed.min.js
dzm0ugdauank9.cloudfront.net/wp-includes/js/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dzm0ugdauank9.cloudfront.net/wp-includes/js/wp-embed.min.js?ver=5.8.1
Requested by
Host: www.oann.com
URL: https://www.oann.com/sen-johnson-says-covid-19-peaked-before-vaccine-rollout-resurged-after-mass-vaccinations/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:1800:9:da2a:f240:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache/2.4.46 () PHP/7.4.5 /
Resource Hash
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.oann.com/sen-johnson-says-covid-19-peaked-before-vaccine-rollout-resurged-after-mass-vaccinations/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 19:55:11 GMT
content-encoding
gzip
age
333143
x-edge-origin-shield-skipped
0, 0
x-cache
Hit from cloudfront
content-length
765
access-control-allow-origin
*
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 09 Feb 2021 00:29:08 GMT
server
Apache/2.4.46 () PHP/7.4.5
etag
"592-5badc5fefe8f8-gzip"
vary
Accept-Encoding
content-type
application/x-javascript
via
1.1 eb83e7e264681d87a86c9b6a2159e502.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA2-C1
accept-ranges
bytes
x-amz-cf-id
5oDkGQPkevwSgxeKOxigepSk81A-ftMT0SDym1TpA-R8UCwTjGyBIQ==
expires
Tue, 27 Sep 2022 19:55:11 GMT
OneSignalSDK.js
cdn.onesignal.com/sdks/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.onesignal.com/sdks/OneSignalSDK.js?ver=5.8.1
Requested by
Host: www.oann.com
URL: https://www.oann.com/sen-johnson-says-covid-19-peaked-before-vaccine-rollout-resurged-after-mass-vaccinations/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:e234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8e72afcd1a38e3ab0bb322104a9238e75dda48df9c455e5471bbaaece5207d83

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.oann.com/sen-johnson-says-covid-19-peaked-before-vaccine-rollout-resurged-after-mass-vaccinations/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 16:27:34 GMT
content-encoding
br
cf-cache-status
HIT
server
cloudflare
age
2308
etag
W/"cf0cbe7aadaadd0a12673a93ac7780e1"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
69770f254aaddfbb-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Mon, 04 Oct 2021 16:27:34 GMT
cookie-consent.js
www.privacypolicies.com/public/cookie-consent/3.1.0/ 		160 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.privacypolicies.com/public/cookie-consent/3.1.0/cookie-consent.js?ver=5.8.1
Requested by
Host: www.oann.com
URL: https://www.oann.com/sen-johnson-says-covid-19-peaked-before-vaccine-rollout-resurged-after-mass-vaccinations/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:154 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
29eea8cab274ca49259eb2351309225a995844b5a88e72ee37bc0dcec68602ae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.oann.com/sen-johnson-says-covid-19-peaked-before-vaccine-rollout-resurged-after-mass-vaccinations/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 16:27:34 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3443
x-priority
5/n
x-z
3246
last-modified
Fri, 01 Oct 2021 14:20:44 GMT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
cf-bgj
minify
server
cloudflare
x-frame-options
sameorigin
etag
W/"16035248120912775bfc8284840f5230"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wPnpr7JkYuK0%2Bgk5I7nHq%2BfOiIr0nqs6KXo%2FA224GJX4BSXTJtErSg5WsvoywQNDTqEm00KKIc%2BeXSU3z1Nyc7c6i6KvO8E3c2z6mCPgEl5m4R1LtUxNO7hkkfjvV0kRqgN9S43%2FkIRkWty2QjV5DNpojHok"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, immutable, max-age=3600
cf-ray
69770f255fae074a-FRA
expires
Fri, 01 Oct 2021 16:20:44 GMT
adsync.js
oann-push.s3-us-west-2.amazonaws.com/ 		622 B
991 B 		Script
General
Check archive.org
Download Go to
Full URL
https://oann-push.s3-us-west-2.amazonaws.com/adsync.js?ver=5.8.1
Requested by
Host: www.oann.com
URL: https://www.oann.com/sen-johnson-says-covid-19-peaked-before-vaccine-rollout-resurged-after-mass-vaccinations/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.218.217.33 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-us-west-2-r-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
30ad7518daae9ffbd368abe59ea5ee79784e4ef502c36d0db941d4d2a246d5bc

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.oann.com/sen-johnson-says-covid-19-peaked-before-vaccine-rollout-resurged-after-mass-vaccinations/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Fri, 01 Oct 2021 16:27:36 GMT
Last-Modified
Tue, 09 Mar 2021 01:45:42 GMT
Server
AmazonS3
x-amz-request-id
DEKG1RZPMEY6WXDD
ETag
"3f588733175c8e01d163f4eeac186863"
Content-Type
application/javascript
Accept-Ranges
bytes
Content-Length
622
x-amz-id-2
jhszUWzaxm2O7yrqPHMt8ffD6KQO1VbV6ZUapsQsmOh41dDn0qC6RPMzYwWkYFUSByCr+2NO/1E=
linkid.js
www.google-analytics.com/plugins/ua/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/plugins/ua/linkid.js
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.oann.com/sen-johnson-says-covid-19-peaked-before-vaccine-rollout-resurged-after-mass-vaccinations/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 15:43:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2656
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
859
x-xss-protection
0
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Fri, 01 Oct 2021 16:43:18 GMT
EJRSQgYoZZY2vCFuvAnt66qSVys.woff2
fonts.gstatic.com/s/ptserif/v12/ 		29 KB
29 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ptserif/v12/EJRSQgYoZZY2vCFuvAnt66qSVys.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT+Serif:300,400,400italic,600,700|Oswald:300,400,400italic,600,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e548abcd8734bfcf8b4ebbbca1af98f9e8ae1e0ff884c0971f29498a4fc108f4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.oann.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 09:02:52 GMT
x-content-type-options
nosniff
age
199482
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29400
x-xss-protection
0
last-modified
Thu, 10 Sep 2020 17:05:20 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 29 Sep 2022 09:02:52 GMT
fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.3.0/fonts/ 		55 KB
56 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/font-awesome/4.3.0/fonts/fontawesome-webfont.woff2?v=4.3.0
Requested by
Host: maxcdn.bootstrapcdn.com
URL: https://maxcdn.bootstrapcdn.com/font-awesome/4.3.0/css/font-awesome.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aadc3580d2b64ff5a7e6f1425587db4e8b033efcbf8f5c332ca52a5ed580c87c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://maxcdn.bootstrapcdn.com/font-awesome/4.3.0/css/font-awesome.min.css
Origin
https://www.oann.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 16:27:34 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
632, 617, 617
age
13950160
cdn-cachedat
2021-04-23 07:12:17
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
56780
timing-allow-origin
*
access-control-allow-origin
*
last-modified
Mon, 25 Jan 2021 22:04:54 GMT
server
cloudflare
cdn-requestpullcode
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
font/woff2
cdn-cache
HIT
vary
Accept-Encoding
cache-control
public, max-age=31919000
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid
dcae05e82b6e3d3a164b0cca6111904b
accept-ranges
bytes
cf-ray
69770f256df91f31-FRA
cdn-requestcountrycode
DE
cdn-requestpullsuccess
True
AP21264535299254.jpg
dzm0ugdauank9.cloudfront.net/wp-content/uploads/2021/10/ 		113 KB
114 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dzm0ugdauank9.cloudfront.net/wp-content/uploads/2021/10/AP21264535299254.jpg
Requested by
Host: www.oann.com
URL: https://www.oann.com/sen-johnson-says-covid-19-peaked-before-vaccine-rollout-resurged-after-mass-vaccinations/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:1800:9:da2a:f240:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache/2.4.46 () PHP/7.4.5 /
Resource Hash
aea163da4219117e288da03eeb745e9269ac3795629c974e7538fafdcefa524a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.oann.com/sen-johnson-says-covid-19-peaked-before-vaccine-rollout-resurged-after-mass-vaccinations/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 14:11:22 GMT
via
1.1 eb83e7e264681d87a86c9b6a2159e502.cloudfront.net (CloudFront)
age
8172
x-edge-origin-shield-skipped
1, 0
x-cache
Hit from cloudfront
content-length
115908
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 01 Oct 2021 14:06:58 GMT
server
Apache/2.4.46 () PHP/7.4.5
etag
"1c4c4-5cd4b1397c8c8"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
x-amz-cf-pop
FRA2-C1
accept-ranges
bytes
x-amz-cf-id
QMMDHQL4VM8yi85oNjk6ccHm7aoLuD0u0XrwRmG8USpw-i1dfgx5qQ==
expires
Sat, 01 Oct 2022 14:11:22 GMT
pubads_impl_2021092101.js
securepubads.g.doubleclick.net/gpt/ 		336 KB
118 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021092101.js?31062995
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
sffe /
Resource Hash
9cddc4e1c7049c1e45ebb678a8a47bb3b67dfa86009c877de6a9e6da0cfae474
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.oann.com/sen-johnson-says-covid-19-peaked-before-vaccine-rollout-resurged-after-mass-vaccinations/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 16:27:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
120556
x-xss-protection
0
last-modified
Tue, 21 Sep 2021 08:37:56 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 01 Oct 2021 16:27:34 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		110 B
119 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.oann.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
e8b7fb908d956404cecbbbfb6fc55b75067b33312af3db2c14662d9767fbf26e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.oann.com/sen-johnson-says-covid-19-peaked-before-vaccine-rollout-resurged-after-mass-vaccinations/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 01 Oct 2021 16:27:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
94
x-xss-protection
0
expires
Fri, 01 Oct 2021 16:27:34 GMT
kajhdfjhs.jpg
dzm0ugdauank9.cloudfront.net/wp-content/uploads/2021/09/ 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dzm0ugdauank9.cloudfront.net/wp-content/uploads/2021/09/kajhdfjhs.jpg
Requested by
Host: www.oann.com
URL: https://www.oann.com/sen-johnson-says-covid-19-peaked-before-vaccine-rollout-resurged-after-mass-vaccinations/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:1800:9:da2a:f240:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache/2.4.46 () PHP/7.4.5 /
Resource Hash
65500e31dcb74da5d1bea4999eab9e6eae960a68b5be358403a1e0ca09569242

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.oann.com/sen-johnson-says-covid-19-peaked-before-vaccine-rollout-resurged-after-mass-vaccinations/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 02:32:36 GMT
via
1.1 eb83e7e264681d87a86c9b6a2159e502.cloudfront.net (CloudFront)
age
50098
x-edge-origin-shield-skipped
0, 0
x-cache
Hit from cloudfront
content-length
28345
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 01 Oct 2021 02:27:22 GMT
server
Apache/2.4.46 () PHP/7.4.5
etag
"6eb9-5cd414d9935c0"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
x-amz-cf-pop
FRA2-C1
accept-ranges
bytes
x-amz-cf-id
DH0DmEp285fVUsD6iPUkL4nadOVIh7uJj0UiYXNVkVsDPGaVa_a8Lw==
expires
Sat, 01 Oct 2022 02:32:36 GMT
jadjflksj.jpg
dzm0ugdauank9.cloudfront.net/wp-content/uploads/2021/09/ 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dzm0ugdauank9.cloudfront.net/wp-content/uploads/2021/09/jadjflksj.jpg
Requested by
Host: www.oann.com
URL: https://www.oann.com/sen-johnson-says-covid-19-peaked-before-vaccine-rollout-resurged-after-mass-vaccinations/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:1800:9:da2a:f240:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache/2.4.46 () PHP/7.4.5 /
Resource Hash
67c9e4930a98c185b95b886eeb9fc73d1f3641efd72b89fc556fc22fb228359f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.oann.com/sen-johnson-says-covid-19-peaked-before-vaccine-rollout-resurged-after-mass-vaccinations/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 30 Sep 2021 22:22:02 GMT
via
1.1 eb83e7e264681d87a86c9b6a2159e502.cloudfront.net (CloudFront)
age
65132
x-edge-origin-shield-skipped
0, 0
x-cache
Hit from cloudfront
content-length
27364
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 30 Sep 2021 22:19:20 GMT
server
Apache/2.4.46 () PHP/7.4.5
etag
"6ae4-5cd3dd6979a00"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
x-amz-cf-pop
FRA2-C1
accept-ranges
bytes
x-amz-cf-id
7ScWZgwYKpnkVe4LR1MiCo5O71qrEOqPyBdnddqgCZuN69lBZqOssg==
expires
Fri, 30 Sep 2022 22:22:02 GMT
AP21274425002990.jpg
dzm0ugdauank9.cloudfront.net/wp-content/uploads/2021/10/ 		105 KB
105 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dzm0ugdauank9.cloudfront.net/wp-content/uploads/2021/10/AP21274425002990.jpg
Requested by
Host: www.oann.com
URL: https://www.oann.com/sen-johnson-says-covid-19-peaked-before-vaccine-rollout-resurged-after-mass-vaccinations/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:1800:9:da2a:f240:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache/2.4.46 () PHP/7.4.5 /
Resource Hash
588f897c100382b2f619d53a089eef063305383d525bdbb995b0e0477c6cfd17

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.oann.com/sen-johnson-says-covid-19-peaked-before-vaccine-rollout-resurged-after-mass-vaccinations/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 13:33:23 GMT
via
1.1 eb83e7e264681d87a86c9b6a2159e502.cloudfront.net (CloudFront)
age
10451
x-edge-origin-shield-skipped
0, 0
x-cache
Hit from cloudfront
content-length
107236
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 01 Oct 2021 13:20:25 GMT
server
Apache/2.4.46 () PHP/7.4.5
etag
"1a2e4-5cd4a6d1e5a48"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
x-amz-cf-pop
FRA2-C1
accept-ranges
bytes
x-amz-cf-id
HXaiorn9NOVb8HhfNsItQNrUj3AR8E6PbDkVqOs6xILLDOffl0PWWg==
expires
Sat, 01 Oct 2022 13:33:23 GMT
AP21264535299254-120x67.jpg
dzm0ugdauank9.cloudfront.net/wp-content/uploads/2021/10/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dzm0ugdauank9.cloudfront.net/wp-content/uploads/2021/10/AP21264535299254-120x67.jpg
Requested by
Host: www.oann.com
URL: https://www.oann.com/sen-johnson-says-covid-19-peaked-before-vaccine-rollout-resurged-after-mass-vaccinations/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:1800:9:da2a:f240:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache/2.4.46 () PHP/7.4.5 /
Resource Hash
c823ca97d2f90ed6364e37ce7ab978adb1f80419a9b665f8ac13aeed67177e78

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.oann.com/sen-johnson-says-covid-19-peaked-before-vaccine-rollout-resurged-after-mass-vaccinations/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 14:11:00 GMT
via
1.1 eb83e7e264681d87a86c9b6a2159e502.cloudfront.net (CloudFront)
age
8194
x-edge-origin-shield-skipped
0, 0
x-cache
Hit from cloudfront
content-length
2801
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 01 Oct 2021 14:08:20 GMT
server
Apache/2.4.46 () PHP/7.4.5
etag
"af1-5cd4b187c5520"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
x-amz-cf-pop
FRA2-C1
accept-ranges
bytes
x-amz-cf-id
9Y2NYCEJyJPRzVgpFHfdIzA_caGcucK01f5_-dImU76ttrQXQe4OMg==
expires
Sat, 01 Oct 2022 14:11:00 GMT
DOD.jpg
dzm0ugdauank9.cloudfront.net/wp-content/uploads/2021/09/ 		72 KB
73 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dzm0ugdauank9.cloudfront.net/wp-content/uploads/2021/09/DOD.jpg
Requested by
Host: www.oann.com
URL: https://www.oann.com/sen-johnson-says-covid-19-peaked-before-vaccine-rollout-resurged-after-mass-vaccinations/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:1800:9:da2a:f240:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache/2.4.46 () PHP/7.4.5 /
Resource Hash
1bbb0716e19530fa27a841b40f64a8011245b6337afad89eddedb374c5e9eeba

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.oann.com/sen-johnson-says-covid-19-peaked-before-vaccine-rollout-resurged-after-mass-vaccinations/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 00:52:59 GMT
via
1.1 eb83e7e264681d87a86c9b6a2159e502.cloudfront.net (CloudFront)
age
56075
x-edge-origin-shield-skipped
1, 0
x-cache
Hit from cloudfront
content-length
74238
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 01 Oct 2021 00:50:32 GMT
server
Apache/2.4.46 () PHP/7.4.5
etag
"121fe-5cd3ff355af90"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
x-amz-cf-pop
FRA2-C1
accept-ranges
bytes
x-amz-cf-id
BxToNUtHPdsMVKKuEmOKYuACAZqeUzNLd4dsSdKsvFjpcrU4uCN_ig==
expires
Sat, 01 Oct 2022 00:52:59 GMT
JENPSAK.jpg
dzm0ugdauank9.cloudfront.net/wp-content/uploads/2021/09/ 		80 KB
80 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dzm0ugdauank9.cloudfront.net/wp-content/uploads/2021/09/JENPSAK.jpg
Requested by
Host: www.oann.com
URL: https://www.oann.com/sen-johnson-says-covid-19-peaked-before-vaccine-rollout-resurged-after-mass-vaccinations/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:1800:9:da2a:f240:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache/2.4.46 () PHP/7.4.5 /
Resource Hash
6f89b7d01b93e358ad90b5f0d3f8e03b691467f1bc1055f3db5bfb8179233dd1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.oann.com/sen-johnson-says-covid-19-peaked-before-vaccine-rollout-resurged-after-mass-vaccinations/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 01:26:44 GMT
via
1.1 eb83e7e264681d87a86c9b6a2159e502.cloudfront.net (CloudFront)
age
54050
x-edge-origin-shield-skipped
1, 0
x-cache
Hit from cloudfront
content-length
81766
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 01 Oct 2021 01:19:13 GMT
server
Apache/2.4.46 () PHP/7.4.5
etag
"13f66-5cd4059e218c0"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
x-amz-cf-pop
FRA2-C1
accept-ranges
bytes
x-amz-cf-id
AifvGrfSQsqvYVkAZYPGom1aWdQOkuVrI8AOY6_ch0Ot15Inz0kfaQ==
expires
Sat, 01 Oct 2022 01:26:44 GMT
BACON.jpg
dzm0ugdauank9.cloudfront.net/wp-content/uploads/2021/09/ 		146 KB
146 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dzm0ugdauank9.cloudfront.net/wp-content/uploads/2021/09/BACON.jpg
Requested by
Host: www.oann.com
URL: https://www.oann.com/sen-johnson-says-covid-19-peaked-before-vaccine-rollout-resurged-after-mass-vaccinations/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:1800:9:da2a:f240:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache/2.4.46 () PHP/7.4.5 /
Resource Hash
5eb9030b91e8628d931a2262532c85d7f8cff2eda2f35f672a17a1d0df160a7b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.oann.com/sen-johnson-says-covid-19-peaked-before-vaccine-rollout-resurged-after-mass-vaccinations/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 03:12:09 GMT
via
1.1 eb83e7e264681d87a86c9b6a2159e502.cloudfront.net (CloudFront)
age
47725
x-edge-origin-shield-skipped
0, 0
x-cache
Hit from cloudfront
content-length
149213
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 01 Oct 2021 02:50:07 GMT
server
Apache/2.4.46 () PHP/7.4.5
etag
"246dd-5cd419f02ee38"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
x-amz-cf-pop
FRA2-C1
accept-ranges
bytes
x-amz-cf-id
1YEhGQO9rwpOoC0IzLMumYsvwGSOAfm8ICh6oc-SjZcEI6cI_KXPrg==
expires
Sat, 01 Oct 2022 03:12:09 GMT
cawthorqw.jpg
dzm0ugdauank9.cloudfront.net/wp-content/uploads/2021/09/ 		54 KB
55 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dzm0ugdauank9.cloudfront.net/wp-content/uploads/2021/09/cawthorqw.jpg
Requested by
Host: www.oann.com
URL: https://www.oann.com/sen-johnson-says-covid-19-peaked-before-vaccine-rollout-resurged-after-mass-vaccinations/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:1800:9:da2a:f240:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache/2.4.46 () PHP/7.4.5 /
Resource Hash
27b7f9a56027075cbb8170f636ac61977fe920ae5320b2384f79ec7b5f0c0966

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.oann.com/sen-johnson-says-covid-19-peaked-before-vaccine-rollout-resurged-after-mass-vaccinations/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 00:38:13 GMT
via
1.1 eb83e7e264681d87a86c9b6a2159e502.cloudfront.net (CloudFront)
age
56961
x-edge-origin-shield-skipped
1, 0
x-cache
Hit from cloudfront
content-length
55600
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 01 Oct 2021 00:35:45 GMT
server
Apache/2.4.46 () PHP/7.4.5
etag
"d930-5cd3fbe6d67a0"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
x-amz-cf-pop
FRA2-C1
accept-ranges
bytes
x-amz-cf-id
KxHBlpF24_4strcRX3kAw9bTReU3FSiyQbeObQ3aPA9qem66t2ROhQ==
expires
Sat, 01 Oct 2022 00:38:13 GMT
all.js
connect.facebook.net/en_US/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/all.js
Requested by
Host: www.oann.com
URL: https://www.oann.com/sen-johnson-says-covid-19-peaked-before-vaccine-rollout-resurged-after-mass-vaccinations/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
eb2f63939c45c47279a9f9dd558b32a51e08e787b1013588375145020c947e8e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.oann.com/sen-johnson-says-covid-19-peaked-before-vaccine-rollout-resurged-after-mass-vaccinations/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
Dn/CcSp7xMT4K3/PrjapCA==
cross-origin-resource-policy
cross-origin
expires
Fri, 01 Oct 2021 16:39:27 GMT
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
1685
x-fb-rlafr
0
x-fb-debug
T3WXIrNDbr1XVwriPuRWjNkhzYoizHlWZctwISRgGIscJOV9WC0ufoRh+x6itd7aqVEw46HwDVRZaAIsa8ITLA==
x-fb-trip-id
917726464
x-fb-content-md5
7fea99390e15d6d347129290e4fedf3e
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Fri, 01 Oct 2021 16:27:34 GMT
x-frame-options
DENY
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public,max-age=1200,stale-while-revalidate=3600
etag
"ee70d9c8c21af2ec65d1048728cd690b"
timing-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
count.js
oann.disqus.com/ 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://oann.disqus.com/count.js
Requested by
Host: dzm0ugdauank9.cloudfront.net
URL: https://dzm0ugdauank9.cloudfront.net/wp-content/plugins/disqus-comment-system/public/js/comment_count.js?ver=3.0.22
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.196.134 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
3487ef2baf0c08ba660a8a143cdeb8ebeec961eea04bccd7c49096b4eb26b875
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubdomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.oann.com/sen-johnson-says-covid-19-peaked-before-vaccine-rollout-resurged-after-mass-vaccinations/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Fri, 01 Oct 2021 16:27:34 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Age
18
X-Edge-Origin-Shield-Skipped
0
Connection
keep-alive
Content-Length
871
X-XSS-Protection
1; mode=block
Last-Modified
Wed, 29 Sep 2021 16:35:15 GMT
Server
nginx
ETag
"615495c3-367"
Vary
Accept-Encoding
Strict-Transport-Security
max-age=300; includeSubdomains
Content-Type
application/javascript; charset=utf-8
Cache-Control
public, max-age=300
X-Amz-Cf-Pop
DFW53-C1
Link
<https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect
X-Amz-Cf-Id
9WSwIXjMreQBPXiE8p250YxLevpBfuowpzloNjJtcLj7niPwFiv4mw==
collect
www.google-analytics.com/j/ 		2 B
205 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j93&a=1276266849&t=pageview&_s=1&dl=https%3A%2F%2Fwww.oann.com%2Fsen-johnson-says-covid-19-peaked-before-vaccine-rollout-resurged-after-mass-vaccinations%2F&ul=en-us&de=UTF-8&dt=Sen.%20Johnson%20says%20COVID-19%20peaked%20before%20vaccine%20rollout%2C%20resurged%20after%20mass%20vaccinations%20%7C%20One%20America%20News%20Network&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGBAAUIhAAAAAC~&jid=619426116&gjid=1678318404&cid=761376765.1633105655&tid=UA-98105905-1&_gid=1349894832.1633105655&_r=1&gtm=2ou9r0&did=dNDMyYj&z=1393040374
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.oann.com/sen-johnson-says-covid-19-peaked-before-vaccine-rollout-resurged-after-mass-vaccinations/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 01 Oct 2021 16:27:34 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.oann.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
embed.js
oann.disqus.com/ 		75 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://oann.disqus.com/embed.js
Requested by
Host: dzm0ugdauank9.cloudfront.net
URL: https://dzm0ugdauank9.cloudfront.net/wp-content/plugins/disqus-comment-system/public/js/comment_embed.js?ver=3.0.22
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.196.134 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
openresty /
Resource Hash
267fae96246b0ae55f6fd892ff784ee1d62782c8cbc120bc3f4cf92633990e00
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubdomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.oann.com/sen-johnson-says-covid-19-peaked-before-vaccine-rollout-resurged-after-mass-vaccinations/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Fri, 01 Oct 2021 16:27:35 GMT
Content-Encoding
gzip
Server
openresty
Age
95
Vary
Accept-Encoding
Connection
keep-alive
Content-Type
application/javascript; charset=utf-8
Cache-Control
private, max-age=60
X-Service
router
Strict-Transport-Security
max-age=300; includeSubdomains
Link
<https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect
Content-Length
24728
sjs.js
cdn1.lockerdomecdn.com/embeds/ 		17 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn1.lockerdomecdn.com/embeds/sjs.js
Requested by
Host: cdn1.lockerdomecdn.com
URL: https://cdn1.lockerdomecdn.com/embeds/oneamericanewsnetwork.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.139.241.28 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
nginx /
Resource Hash
4e2ff4dda6510591e0123ec9153d0dd7f35a566566df7095694625e6c654e527

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.oann.com/sen-johnson-says-covid-19-peaked-before-vaccine-rollout-resurged-after-mass-vaccinations/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 16:27:34 GMT
content-encoding
gzip
last-modified
Mon, 24 May 2021 16:45:53 GMT
server
nginx
etag
W/"4b1238444af4e820876b6750a0d87dbf"
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript
accept-ranges
bytes
ajs.js
cdn2.lockerdomecdn.com/_js/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn2.lockerdomecdn.com/_js/ajs.js
Requested by
Host: cdn1.lockerdomecdn.com
URL: https://cdn1.lockerdomecdn.com/embeds/oneamericanewsnetwork.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.139.242.29 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
nginx /
Resource Hash
17c017479dd90e883c66518bc09e8e77eb17fd4186fc172b5565e2014ad8e2e9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.oann.com/sen-johnson-says-covid-19-peaked-before-vaccine-rollout-resurged-after-mass-vaccinations/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 16:27:34 GMT
content-encoding
gzip
last-modified
Tue, 28 Sep 2021 21:47:19 GMT
server
nginx
etag
W/"14f4-17c2e605af0"
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
https://lockerdome.com
content-length
2348
OneSignalPageSDKES6.js
cdn.onesignal.com/sdks/ 		284 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151508
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js?ver=5.8.1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:e234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b63fe792eca92d7cb67c652ddc4e76692c7f7f0899316ada620039b6438b8961

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.oann.com/sen-johnson-says-covid-19-peaked-before-vaccine-rollout-resurged-after-mass-vaccinations/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 16:27:35 GMT
content-encoding
br
cf-cache-status
HIT
server
cloudflare
age
25
etag
W/"fff10df2ca37ad0e879283b24dd072d7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
69770f288f3bdfbb-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires
Mon, 04 Oct 2021 16:27:35 GMT
integrator.js
adservice.google.de/adsid/ 		107 B
853 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.oann.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021092101.js?31062995
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.oann.com/sen-johnson-says-covid-19-peaked-before-vaccine-rollout-resurged-after-mass-vaccinations/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 01 Oct 2021 16:27:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
570 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.oann.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021092101.js?31062995
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.oann.com/sen-johnson-says-covid-19-peaked-before-vaccine-rollout-resurged-after-mass-vaccinations/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 01 Oct 2021 16:27:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		51 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=606261880366200&correlator=3185471199458086&output=ldjh&impl=fifs&eid=31061422%2C31062995%2C31061424&vrg=2021092101&ptt=17&sc=1&sfv=1-0-38&ecs=20211001&iu_parts=21742901137%2COAN%2CSidebar_1%2CSidebar_2%2CSidebar_3&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F3%2C%2F0%2F1%2F4&prev_iu_szs=300x250%2C300x250%2C300x250%7C300x600&cookie_enabled=1&bc=31&abxe=1&lmt=1633104712&dt=1633105654852&dlt=1633105654417&idt=413&frm=20&biw=1600&bih=1200&oid=3&adxs=-9%2C1016%2C1016&adys=-9%2C833%2C1558&adks=2798086097%2C915572114%2C2439424719&ucis=1%7C2%7C3&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.oann.com%2Fsen-johnson-says-covid-19-peaked-before-vaccine-rollout-resurged-after-mass-vaccinations%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x-1%7C373x250%7C373x0&msz=0x-1%7C300x-1%7C373x0&ga_vid=761376765.1633105655&ga_sid=1633105655&ga_hid=1276266849&ga_fc=false&fws=2%2C4%2C4&ohw=0%2C373%2C373&btvi=-1%7C0%7C1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021092101.js?31062995
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
f4ca196c86f0e1ad0fbaa6723936f6ab8ddf077941e05037f33b2f17baaa193b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.oann.com/sen-johnson-says-covid-19-peaked-before-vaccine-rollout-resurged-after-mass-vaccinations/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 16:27:35 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2,-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11214
x-xss-protection
0
google-lineitem-id
5684949964,5683939159,5684028633
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138349074352,138348502562,138349077196
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.oann.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
2719c13eafd44c117c21cca9347f6566.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame B3AE 		6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://2719c13eafd44c117c21cca9347f6566.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021092101.js?31062995
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
2719c13eafd44c117c21cca9347f6566.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.oann.com/sen-johnson-says-covid-19-peaked-before-vaccine-rollout-resurged-after-mass-vaccinations/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.oann.com/sen-johnson-says-covid-19-peaked-before-vaccine-rollout-resurged-after-mass-vaccinations/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Fri, 01 Oct 2021 16:27:34 GMT
expires
Sat, 01 Oct 2022 16:27:34 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
ice.js
resources.infolinks.com/js/1757.010-3.025/ 		584 KB
187 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://resources.infolinks.com/js/1757.010-3.025/ice.js
Requested by
Host: www.oann.com
URL: https://www.oann.com/sen-johnson-says-covid-19-peaked-before-vaccine-rollout-resurged-after-mass-vaccinations/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cc8562872dc541ccfe9ab57d0d85581b33b22924c126651f11d1dc3456ad7961

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.oann.com/sen-johnson-says-covid-19-peaked-before-vaccine-rollout-resurged-after-mass-vaccinations/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

cf-ray
69770f26ed3c4007-CDG
date
Fri, 01 Oct 2021 16:27:34 GMT
via
1.1 google
cf-cache-status
HIT
last-modified
Sat, 11 Sep 2021 18:19:48 GMT
server
cloudflare
age
6592
etag
W/"91e1d-5cbbc46f1d11c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2592000
content-encoding
gzip
expires
Sun, 31 Oct 2021 14:37:42 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20210928/r20190131/ Frame 8E58 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20210928/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8806d9eaf9e8ca89fa2404e8cb66a9fa115e0a0f687ad0dcd91cabce4c2179c6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/html/r20210928/r20190131/zrt_lookup.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.oann.com/sen-johnson-says-covid-19-peaked-before-vaccine-rollout-resurged-after-mass-vaccinations/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.oann.com/sen-johnson-says-covid-19-peaked-before-vaccine-rollout-resurged-after-mass-vaccinations/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Thu, 30 Sep 2021 23:06:38 GMT
expires
Thu, 14 Oct 2021 23:06:38 GMT
content-type
text/html; charset=UTF-8
etag
297313706323796346
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4617
x-xss-protection
0
age
62456
cache-control
public, max-age=1209600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
collect
stats.g.doubleclick.net/j/ 		4 B
461 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j93&tid=UA-98105905-1&cid=761376765.1633105655&jid=619426116&gjid=1678318404&_gid=1349894832.1633105655&_u=aGBAAUIgAAAAAC~&z=1005465590
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c06::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.oann.com/sen-johnson-says-covid-19-peaked-before-vaccine-rollout-resurged-after-mass-vaccinations/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Fri, 01 Oct 2021 16:27:34 GMT
content-type
text/plain
access-control-allow-origin
https://www.oann.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
lounge.f586f6de31a54517b5af7f019af2ba8d.css
c.disquscdn.com/next/embed/styles/ 		0
26 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://c.disquscdn.com/next/embed/styles/lounge.f586f6de31a54517b5af7f019af2ba8d.css
Requested by
Host: oann.disqus.com
URL: https://oann.disqus.com/embed.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:a200:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.oann.com/sen-johnson-says-covid-19-peaked-before-vaccine-rollout-resurged-after-mass-vaccinations/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 19:47:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
765587
x-edge-origin-shield-skipped
0
x-cache
Hit from cloudfront
content-length
25977
x-xss-protection
1; mode=block
x-served-by
static-web-1
access-control-allow-origin
*
surrogate-key
next
last-modified
Wed, 22 Sep 2021 19:30:27 GMT
server
nginx
etag
"614b8453-6579"
content-type
text/css; charset=utf-8
via
1.1 06d36e78e8dfd9468327f09115761a9e.cloudfront.net (CloudFront)
expires
Thu, 22 Sep 2022 19:47:46 GMT
cache-control
max-age=31536000, public, immutable, no-transform
x-amz-cf-pop
FRA2-C2
timing-allow-origin
*
x-amz-cf-id
E9tRo0Wd9S507LywLXpKoDUC4LkcXIDJH5222W_czPCIqBVYalPD-Q==
x-cache-hits
0
common.bundle.a0ed109e21af94c55c513d7580d5773c.js
c.disquscdn.com/next/embed/ 		0
93 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://c.disquscdn.com/next/embed/common.bundle.a0ed109e21af94c55c513d7580d5773c.js
Requested by
Host: oann.disqus.com
URL: https://oann.disqus.com/embed.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:a200:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.oann.com/sen-johnson-says-covid-19-peaked-before-vaccine-rollout-resurged-after-mass-vaccinations/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 19:47:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
765587
x-edge-origin-shield-skipped
0
x-cache
Hit from cloudfront
content-length
94787
x-xss-protection
1; mode=block
x-served-by
static-web-2
access-control-allow-origin
*
surrogate-key
next
last-modified
Wed, 22 Sep 2021 19:30:27 GMT
server
nginx
etag
"614b8453-17243"
content-type
application/javascript; charset=utf-8
via
1.1 06d36e78e8dfd9468327f09115761a9e.cloudfront.net (CloudFront)
expires
Thu, 22 Sep 2022 19:47:46 GMT
cache-control
max-age=31536000, public, immutable, no-transform
x-amz-cf-pop
FRA2-C2
timing-allow-origin
*
x-amz-cf-id
3egX06Th8YGdc98km5whJSfmoCA8B3006rKh3q006fSkjYaJbZc6ww==
x-cache-hits
0
lounge.bundle.96662f29a1f56adcd7ebcd257a3eed8e.js
c.disquscdn.com/next/embed/ 		0
119 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://c.disquscdn.com/next/embed/lounge.bundle.96662f29a1f56adcd7ebcd257a3eed8e.js
Requested by
Host: oann.disqus.com
URL: https://oann.disqus.com/embed.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:a200:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.oann.com/sen-johnson-says-covid-19-peaked-before-vaccine-rollout-resurged-after-mass-vaccinations/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 19:47:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
765586
x-edge-origin-shield-skipped
0
x-cache
Hit from cloudfront
content-length
120691
x-xss-protection
1; mode=block
x-served-by
static-web-1
access-control-allow-origin
*
surrogate-key
next
last-modified
Wed, 22 Sep 2021 19:30:27 GMT
server
nginx
etag
"614b8453-1d773"
content-type
application/javascript; charset=utf-8
via
1.1 06d36e78e8dfd9468327f09115761a9e.cloudfront.net (CloudFront)
expires
Thu, 22 Sep 2022 19:47:47 GMT
cache-control
max-age=31536000, public, immutable, no-transform
x-amz-cf-pop
FRA2-C2
timing-allow-origin
*
x-amz-cf-id
7EhiVwDbt8BTwK76cs6AlQb1GZTyQznWtQzNCr-yLQDf6EAjeIXIDw==
x-cache-hits
0
config.js
disqus.com/next/ 		0
12 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://disqus.com/next/config.js
Requested by
Host: oann.disqus.com
URL: https://oann.disqus.com/embed.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.0.134 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.oann.com/sen-johnson-says-covid-19-peaked-before-vaccine-rollout-resurged-after-mass-vaccinations/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Fri, 01 Oct 2021 16:27:34 GMT
X-Content-Type-Options
nosniff
Content-Type
application/javascript; charset=UTF-8
Server
nginx
Age
48
X-Frame-Options
SAMEORIGIN
Strict-Transport-Security
max-age=300; includeSubdomains
p3p
CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Access-Control-Allow-Origin
*
Cache-Control
public, stale-while-revalidate=300, s-stalewhilerevalidate=3600, max-age=60
Connection
keep-alive
Timing-Allow-Origin
*
Content-Length
12240
X-XSS-Protection
1; mode=block
recommendations.js
oann.disqus.com/ 		62 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://oann.disqus.com/recommendations.js
Requested by
Host: oann.disqus.com
URL: https://oann.disqus.com/embed.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.196.134 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
openresty /
Resource Hash
411cf73437ceb503df8414fe6abe2c9b575004ead0d0e8799ff2179c942cfcf8
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubdomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.oann.com/sen-johnson-says-covid-19-peaked-before-vaccine-rollout-resurged-after-mass-vaccinations/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Fri, 01 Oct 2021 16:27:35 GMT
Content-Encoding
gzip
Server
openresty
Age
0
Vary
Accept-Encoding, Accept, Accept-Encoding, X-Forwarded-Proto, X-Disqus-Shortname, X-Disqus-Device, X-Disqus-Experiment, X-Disqus-Is-Private, X-Disqus-Development-Base
Connection
keep-alive
Content-Type
application/javascript; charset=utf-8
Cache-Control
stale-while-revalidate=60, public, stale-if-error=86400, max-age=60
X-Service
router
Strict-Transport-Security
max-age=300; includeSubdomains
Link
<https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect
Content-Length
20848
13804039184004198
lockerdome.com/lad/ Frame 0D9E 		0
0
13247072555993446
lockerdome.com/lad/ Frame D30C 		0
0
13247071683578214
lockerdome.com/lad/ Frame D876 		0
0
pbice.js
resources.infolinks.com/js/pbice/3.025/ 		279 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://resources.infolinks.com/js/pbice/3.025/pbice.js
Requested by
Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1757.010-3.025/ice.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
95efc6a1b0e18636b608c1280049e1e31e5dac2f28c111ae489cea912f8b927b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.oann.com/sen-johnson-says-covid-19-peaked-before-vaccine-rollout-resurged-after-mass-vaccinations/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

cf-ray
69770f27be9a4007-CDG
date
Fri, 01 Oct 2021 16:27:35 GMT
via
1.1 google
cf-cache-status
HIT
last-modified
Wed, 30 Jun 2021 09:40:59 GMT
server
cloudflare
age
12053
etag
W/"45adc-5c5f8851c3ea8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2592000
content-encoding
gzip
expires
Sun, 31 Oct 2021 13:06:42 GMT
manage
router.infolinks.com/usync/ Frame E71D 		9 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://router.infolinks.com/usync/manage?pid=3311725&wsid=0&pdom=www.oann.com&purl=https%3A%2F%2Fwww.oann.com%2Fsen-johnson-says-covid-19-peaked-before-vaccine-rollout-resurged-after-mass-vaccinations%2F
Requested by
Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1757.010-3.025/ice.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb53600f2d48e974798ca3a0415ebd6ddd0b24485b4feedb89a9c0fe2c285ba7

Request headers

:method
GET
:authority
router.infolinks.com
:scheme
https
:path
/usync/manage?pid=3311725&wsid=0&pdom=www.oann.com&purl=https%3A%2F%2Fwww.oann.com%2Fsen-johnson-says-covid-19-peaked-before-vaccine-rollout-resurged-after-mass-vaccinations%2F
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.oann.com/sen-johnson-says-covid-19-peaked-before-vaccine-rollout-resurged-after-mass-vaccinations/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.oann.com/sen-johnson-says-covid-19-peaked-before-vaccine-rollout-resurged-after-mass-vaccinations/

Response headers

date
Fri, 01 Oct 2021 16:27:35 GMT
content-type
text/html;charset=UTF-8
cache-control
no-store
p3p
CP="NON DSP NID OUR COR"
via
1.1 google
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
69770f27ff014007-CDG
content-encoding
gzip
lcmanage
router.infolinks.com/usync/ 		0
52 B 		Script
General
Check archive.org
Download Go to
Full URL
https://router.infolinks.com/usync/lcmanage?pid=3311725&wsid=0&pdom=www.oann.com&purl=https%3A%2F%2Fwww.oann.com%2Fsen-johnson-says-covid-19-peaked-before-vaccine-rollout-resurged-after-mass-vaccinations%2F
Requested by
Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1757.010-3.025/ice.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.oann.com/sen-johnson-says-covid-19-peaked-before-vaccine-rollout-resurged-after-mass-vaccinations/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 16:27:35 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cache-control
no-store
cf-ray
69770f27ff054007-CDG
content-length
0
gsd
router.infolinks.com/ 		0
34 B 		Script
General
Check archive.org
Download Go to
Full URL
https://router.infolinks.com/gsd?evt=afterGSD&pid=3311725&wsid=0&pdom=www.oann.com&purl=https%3A%2F%2Fwww.oann.com%2Fsen-johnson-says-covid-19-peaked-before-vaccine-rollout-resurged-after-mass-vaccinations%2F&jsv=1757.010-3.025&_cb=16331056550190
Requested by
Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1757.010-3.025/ice.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.oann.com/sen-johnson-says-covid-19-peaked-before-vaccine-rollout-resurged-after-mass-vaccinations/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 16:27:35 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
69770f27ff024007-CDG
content-length
0
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
ga-audiences
www.google.com/ads/ 		42 B
522 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j93&tid=UA-98105905-1&cid=761376765.1633105655&jid=619426116&_u=aGBAAUIgAAAAAC~&z=742168039
Requested by
Host: www.oann.com
URL: https://www.oann.com/sen-johnson-says-covid-19-peaked-before-vaccine-rollout-resurged-after-mass-vaccinations/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.oann.com/sen-johnson-says-covid-19-peaked-before-vaccine-rollout-resurged-after-mass-vaccinations/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Oct 2021 16:27:35 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
522 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j93&tid=UA-98105905-1&cid=761376765.1633105655&jid=619426116&_u=aGBAAUIgAAAAAC~&z=742168039
Requested by
Host: www.oann.com
URL: https://www.oann.com/sen-johnson-says-covid-19-peaked-before-vaccine-rollout-resurged-after-mass-vaccinations/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.oann.com/sen-johnson-says-covid-19-peaked-before-vaccine-rollout-resurged-after-mass-vaccinations/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Oct 2021 16:27:35 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
disqus.com/embed/comments/ Frame 39A8 		0
0
/
tempest.services.disqus.com/ads-iframe/taboola/ 		28 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://tempest.services.disqus.com/ads-iframe/taboola/?position=bottom&shortname=oann&experiment=network_default&variant=fallthrough&service=dynamic&anchorColor=%231f1e1e&colorScheme=light&sourceUrl=https%3A%2F%2Fwww.oann.com%2Fsen-johnson-says-covid-19-peaked-before-vaccine-rollout-resurged-after-mass-vaccinations%2F&typeface=serif&canonicalUrl=https%3A%2F%2Fwww.oann.com%2Fsen-johnson-says-covid-19-peaked-before-vaccine-rollout-resurged-after-mass-vaccinations%2F&disqus_version=current
Requested by
Host: oann.disqus.com
URL: https://oann.disqus.com/embed.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.192.64 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
openresty /
Resource Hash
b6cb35af8160fdccef229d7fdf1852a60bea8320a9f8f0e73dfb1d62425ebf42

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.oann.com/sen-johnson-says-covid-19-peaked-before-vaccine-rollout-resurged-after-mass-vaccinations/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Fri, 01 Oct 2021 16:27:35 GMT
Content-Encoding
gzip
Server
openresty
Age
0
Vary
Accept-Encoding,
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=300
X-Service
router
Connection
keep-alive
Content-Length
9371
event.gif
referrer.disqus.com/juggler/ 		43 B
295 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://referrer.disqus.com/juggler/event.gif?imp=2r5r8klldvspf&experiment=network_default&variant=fallthrough&service=dynamic&area=bottom&product=embed&forum=oann&zone=thread&version=33fd930adde1d4970f3f907d75eb8409&page_url=https%3A%2F%2Fwww.oann.com%2Fsen-johnson-says-covid-19-peaked-before-vaccine-rollout-resurged-after-mass-vaccinations%2F&page_referrer=&object_type=provider&event=activity&ad_product_name=iab_display&ad_product_layout=iab_display&bin=embed%3Apromoted_discovery%3Adynamic%3Anetwork_default%3Afallthrough&section=default&verb=call&adjective=1&forum_id=4468287
Requested by
Host: www.oann.com
URL: https://www.oann.com/sen-johnson-says-covid-19-peaked-before-vaccine-rollout-resurged-after-mass-vaccinations/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.196.134 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.oann.com/sen-johnson-says-covid-19-peaked-before-vaccine-rollout-resurged-after-mass-vaccinations/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Fri, 01 Oct 2021 16:27:35 GMT
X-Content-Type-Options
nosniff
Last-Modified
Mon, 28 Sep 1970 06:00:00 GMT
Server
nginx
Content-Type
image/gif
Connection
keep-alive
Content-Length
43
X-XSS-Protection
1; mode=block
recommendations.eff219b98b7c4167b4b289065f36f391.css
c.disquscdn.com/next/recommendations/styles/ 		0
4 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://c.disquscdn.com/next/recommendations/styles/recommendations.eff219b98b7c4167b4b289065f36f391.css
Requested by
Host: oann.disqus.com
URL: https://oann.disqus.com/recommendations.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:a200:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.oann.com/sen-johnson-says-covid-19-peaked-before-vaccine-rollout-resurged-after-mass-vaccinations/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 06 May 2021 10:11:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
12809780
x-cache
Hit from cloudfront
content-length
3748
x-xss-protection
1; mode=block
x-served-by
static-web-2
access-control-allow-origin
*
surrogate-key
next
last-modified
Wed, 28 Apr 2021 21:48:08 GMT
server
nginx
etag
"6089d818-ea4"
content-type
text/css; charset=utf-8
via
1.1 06d36e78e8dfd9468327f09115761a9e.cloudfront.net (CloudFront)
expires
Fri, 06 May 2022 10:11:15 GMT
cache-control
max-age=31536000, public, immutable, no-transform
x-amz-cf-pop
FRA2-C2
timing-allow-origin
*
x-amz-cf-id
W75MEmss6vfMHjbpcwj1n_omatYCWZ9mNyRm5ASWw-XRK6FSPxU5tw==
x-cache-hits
0
common.bundle.3599f83da3e37f2d8675b56e0b4f87a4.js
c.disquscdn.com/next/recommendations/ 		0
87 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://c.disquscdn.com/next/recommendations/common.bundle.3599f83da3e37f2d8675b56e0b4f87a4.js
Requested by
Host: oann.disqus.com
URL: https://oann.disqus.com/recommendations.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:a200:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.oann.com/sen-johnson-says-covid-19-peaked-before-vaccine-rollout-resurged-after-mass-vaccinations/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 19:47:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
765594
x-edge-origin-shield-skipped
0
x-cache
Hit from cloudfront
content-length
88862
x-xss-protection
1; mode=block
x-served-by
static-web-1
access-control-allow-origin
*
surrogate-key
next
last-modified
Wed, 22 Sep 2021 19:30:27 GMT
server
nginx
etag
"614b8453-15b1e"
content-type
application/javascript; charset=utf-8
via
1.1 06d36e78e8dfd9468327f09115761a9e.cloudfront.net (CloudFront)
expires
Thu, 22 Sep 2022 19:47:41 GMT
cache-control
max-age=31536000, public, immutable, no-transform
x-amz-cf-pop
FRA2-C2
timing-allow-origin
*
x-amz-cf-id
XVH3YqmuHs_dg9ph4Xs45BpBt2U_jjvAGTz9Vv9gW1B6iuHSkwymvw==
x-cache-hits
0
recommendations.bundle.4e863665d1a7f5fe148423ae719c9df7.js
c.disquscdn.com/next/recommendations/ 		0
20 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://c.disquscdn.com/next/recommendations/recommendations.bundle.4e863665d1a7f5fe148423ae719c9df7.js
Requested by
Host: oann.disqus.com
URL: https://oann.disqus.com/recommendations.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:a200:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.oann.com/sen-johnson-says-covid-19-peaked-before-vaccine-rollout-resurged-after-mass-vaccinations/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 02 Sep 2021 18:15:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2499100
x-cache
Hit from cloudfront
content-length
20099
x-xss-protection
1; mode=block
x-served-by
static-web-2
access-control-allow-origin
*
surrogate-key
next
last-modified
Thu, 02 Sep 2021 17:40:39 GMT
server
nginx
etag
"61310c97-4e83"
content-type
application/javascript; charset=utf-8
via
1.1 06d36e78e8dfd9468327f09115761a9e.cloudfront.net (CloudFront)
expires
Fri, 02 Sep 2022 18:15:55 GMT
cache-control
max-age=31536000, public, immutable, no-transform
x-amz-cf-pop
FRA2-C2
timing-allow-origin
*
x-amz-cf-id
E5ZxgtuhpaHx6b9D4UEP1UGio1_bCMCGyROfADGuIJyd3b0sY8AQtQ==
x-cache-hits
0
web
onesignal.com/api/v1/sync/3dafbfb4-c98b-47f2-b7c2-0bf087623d4e/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://onesignal.com/api/v1/sync/3dafbfb4-c98b-47f2-b7c2-0bf087623d4e/web?callback=__jp0
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151508
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:e234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
91195428cd9efd75eaa98937bd92a5684b20d3c7c2a9a3d79a1e3f1db7f51696
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.oann.com/sen-johnson-says-covid-19-peaked-before-vaccine-rollout-resurged-after-mass-vaccinations/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 16:27:35 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
2377
cf-polished
origSize=3421
status
200 OK
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection
1; mode=block
x-request-id
69ed5014-9ccf-4ad0-aa5c-a84e79d17344
x-runtime
0.087226
referrer-policy
strict-origin-when-cross-origin
cf-bgj
minify
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"802cfb2aaaa3825ec880c259c5d9277c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=3600
cf-ray
69770f28e817dfbb-FRA
access-control-allow-headers
SDK-Version
expires
Fri, 01 Oct 2021 17:27:35 GMT
/
de.tynt.com/deb/ Frame 29E9 		0
0
Cookie set usermatch
ssum-sec.casalemedia.com/ Frame 6C36
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatch?s=191306&cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D
  • https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1
2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1
Requested by
Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3311725&wsid=0&pdom=www.oann.com&purl=https%3A%2F%2Fwww.oann.com%2Fsen-johnson-says-covid-19-peaked-before-vaccine-rollout-resurged-after-mass-vaccinations%2F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
0ec88001969168d59388e45c39e5cfc59eba6ad8cf7501d40e50ce0f24650404

Request headers

Host
ssum-sec.casalemedia.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://router.infolinks.com/
Accept-Encoding
gzip, deflate, br
Cookie
CMID=YVc2988-j77K-IFFqvvWpgAA; CMPS=5222
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://router.infolinks.com/

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
39|45|230|241|195|13|8|176
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Content-Length
1753
Expires
Fri, 01 Oct 2021 16:27:35 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Fri, 01 Oct 2021 16:27:35 GMT
Connection
keep-alive
Set-Cookie
CMID=YVc2988-j77K-IFFqvvWpgAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sat, 01 Oct 2022 16:27:35 GMT CMPS=5222;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Thu, 30 Dec 2021 16:27:35 GMT CMPRO=1218;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Thu, 30 Dec 2021 16:27:35 GMT CMRUM3=b0615736f705a00&e6615736f72760&2d615736f705a0&08615736f705a00&0d615736f705a0&f1615736f705a0&c3615736f705a00&27615736f70b40;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sat, 01 Oct 2022 16:27:35 GMT CMST=YVc292FXNvcA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sat, 02 Oct 2021 16:27:35 GMT

Redirect headers

Server
Apache
Content-Length
311
Content-Type
text/html; charset=iso-8859-1
Location
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fix-usync%3Fuid%3D&s=191306&C=1
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Expires
Fri, 01 Oct 2021 16:27:35 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Fri, 01 Oct 2021 16:27:35 GMT
Connection
keep-alive
Set-Cookie
CMID=YVc2988-j77K-IFFqvvWpgAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sat, 01 Oct 2022 16:27:35 GMT CMPS=5222;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Thu, 30 Dec 2021 16:27:35 GMT
/
onetag-sys.com/usync/ Frame 3961 		2 KB
823 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=598ce3ddaee8c90
Requested by
Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3311725&wsid=0&pdom=www.oann.com&purl=https%3A%2F%2Fwww.oann.com%2Fsen-johnson-says-covid-19-peaked-before-vaccine-rollout-resurged-after-mass-vaccinations%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip253.ip-51-89-9.eu
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

:method
GET
:authority
onetag-sys.com
:scheme
https
:path
/usync/?pubId=598ce3ddaee8c90
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://router.infolinks.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://router.infolinks.com/

Response headers

content-type
text/html
cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
strict-transport-security
max-age=15552000
Pug
image2.pubmatic.com/AdServer/ Frame E71D
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=156872&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D156872%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Frouter.infoli...
  • https://image8.pubmatic.com/AdServer/ImgSync?p=156872&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D156872%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Frouter.infoli...
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=OTRBOEZFRUQtM0MyNC00NDI5LTk0MEUtNTk5QUY2MEE4QzZB&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=OTRBOEZFRUQtM0MyNC00NDI5LTk0MEUtNTk5QUY2MEE4QzZB&gdpr=0&gdpr_consent=&google_tc=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
0
0
apn-usync
router.infolinks.com/dyn/ Frame E71D
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fapn-usync%3Fuser_id%3D%24UID
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Frouter.infolinks.com%252Fdyn%252Fapn-usync%253Fuser_id%253D%2524UID
  • https://router.infolinks.com/dyn/apn-usync?user_id=5625641726557375293
35 B
256 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://router.infolinks.com/dyn/apn-usync?user_id=5625641726557375293
Requested by
Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3311725&wsid=0&pdom=www.oann.com&purl=https%3A%2F%2Fwww.oann.com%2Fsen-johnson-says-covid-19-peaked-before-vaccine-rollout-resurged-after-mass-vaccinations%2F
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://router.infolinks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Oct 2021 16:27:35 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NON DSP NID OUR COR"
content-type
image/gif
cache-control
no-store, no-cache, private
cf-ray
69770f29491d4007-CDG
content-length
35
expires
Thu, 01 Oct 2020 16:27:35 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 01 Oct 2021 16:27:35 GMT
X-Proxy-Origin
194.36.108.21; 194.36.108.21; 868.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
cab7dfba-cce9-4c59-a18b-4614cf7ab5a5
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://router.infolinks.com/dyn/apn-usync?user_id=5625641726557375293
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
ox-usync
router.infolinks.com/dyn/ Frame E71D
Redirect Chain
  • https://u.openx.net/w/1.0/cm?id=9b5994f2-035d-46de-8c12-bc0e9a4e66c2&r=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fox-usync%3Fuid%3D
  • https://u.openx.net/w/1.0/cm?cc=1&id=9b5994f2-035d-46de-8c12-bc0e9a4e66c2&r=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fox-usync%3Fuid%3D
  • https://router.infolinks.com/dyn/ox-usync?uid=b214017d-711d-4d6c-9886-24aeed7c8cc6
35 B
199 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://router.infolinks.com/dyn/ox-usync?uid=b214017d-711d-4d6c-9886-24aeed7c8cc6
Requested by
Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3311725&wsid=0&pdom=www.oann.com&purl=https%3A%2F%2Fwww.oann.com%2Fsen-johnson-says-covid-19-peaked-before-vaccine-rollout-resurged-after-mass-vaccinations%2F
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://router.infolinks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Oct 2021 16:27:35 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NON DSP NID OUR COR"
content-type
image/gif
cache-control
no-store, no-cache, private
cf-ray
69770f2959624007-CDG
content-length
35
expires
Thu, 01 Oct 2020 16:27:35 GMT

Redirect headers

date
Fri, 01 Oct 2021 16:27:35 GMT
content-encoding
gzip
server
OXGW/16.216.4
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://router.infolinks.com/dyn/ox-usync?uid=b214017d-711d-4d6c-9886-24aeed7c8cc6
content-type
image/gif
alt-svc
clear
content-length
0
via
1.1 google
VR-usync
router.infolinks.com/dyn/ Frame E71D
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58422/occ
  • https://ups.analytics.yahoo.com/ups/58422/occ?verify=true
  • https://router.infolinks.com/dyn/VR-usync?uid=y-mTXOWBpE2uHL.P4UjCAh6thOLF9faVQge.mK5is-~A
0
0
RX-8429784b-6615-44da-bd38-2e8cbd66d778-003
sync.targeting.unrulymedia.com/csync/ Frame E71D
Redirect Chain
  • https://sync.1rx.io/usersync2/infolinks
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=677120005
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=677120005
  • https://sync.1rx.io/usersync/tradedesk/23a9f547-69cd-444a-8891-728ca5b966b6
  • https://sync.targeting.unrulymedia.com/csync/RX-8429784b-6615-44da-bd38-2e8cbd66d778-003?redir=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fr1-usync%3Fuid%3DRX-8429784b-6615-44da-bd38-2e8cbd66d778-003
0
0
/
b1sync.zemanta.com/usersync/infolinks/ Frame E71D 		0
0
us
sync.go.sonobi.com/ Frame E71D 		0
0
ca.png
s.cpx.to/ Frame E71D
Redirect Chain
  • https://ib.adnxs.com/getuid?https://s.cpx.to/ca.png?ref=https%253A%252F%252Fwww.oann.com%252Fsen-johnson-says-covid-19-peaked-before-vaccine-rollout-resurged-after-mass-vaccinations%252F&pid=12306&...
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fs.cpx.to%2Fca.png%3Fref%3Dhttps%25253A%25252F%25252Fwww.oann.com%25252Fsen-johnson-says-covid-19-peaked-before-vaccine-rollout-resurged-after-m...
  • https://s.cpx.to/ca.png?ref=https%3A%2F%2Fwww.oann.com%2Fsen-johnson-says-covid-19-peaked-before-vaccine-rollout-resurged-after-mass-vaccinations%2F&pid=12306&adnxs_uid=634636179186247923
95 B
944 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.cpx.to/ca.png?ref=https%3A%2F%2Fwww.oann.com%2Fsen-johnson-says-covid-19-peaked-before-vaccine-rollout-resurged-after-mass-vaccinations%2F&pid=12306&adnxs_uid=634636179186247923
Requested by
Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3311725&wsid=0&pdom=www.oann.com&purl=https%3A%2F%2Fwww.oann.com%2Fsen-johnson-says-covid-19-peaked-before-vaccine-rollout-resurged-after-mass-vaccinations%2F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.255.141.19 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-255-141-19.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab
Security Headers
Name Value
Content-Security-Policy default-src 'self'
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://router.infolinks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache, no-cache
Content-Security-Policy
default-src 'self'
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Date
Fri, 01 Oct 2021 16:27:35 GMT
X-Frame-Options
sameorigin
Connection
keep-alive
P3P
CP="NOI DEV ADM"
Cache-Control
no-store, must-revalidate, private, max-age=0, no-store, must-revalidate, private, max-age=0
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
image/png
Content-Length
95
Expires
Fri, 01 Oct 2021 16:27:35 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 01 Oct 2021 16:27:35 GMT
X-Proxy-Origin
194.36.108.21; 194.36.108.21; 868.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
5df2e067-e491-4705-b1e8-5d0c25cd1da3
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://s.cpx.to/ca.png?ref=https%3A%2F%2Fwww.oann.com%2Fsen-johnson-says-covid-19-peaked-before-vaccine-rollout-resurged-after-mass-vaccinations%2F&pid=12306&adnxs_uid=634636179186247923
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
dsp.adkernel.com/ Frame E71D 		0
0
outh-usync
router.infolinks.com/dyn/ Frame E71D
Redirect Chain
  • https://pixel.advertising.com/ups/58237/sync?&gdpr=&gdpr_consent=&redir=true
  • https://pixel.advertising.com/ups/58237/sync?&gdpr=&gdpr_consent=&redir=true&verify=true
  • https://ups.analytics.yahoo.com/ups/58237/sync?&gdpr=&gdpr_consent=&redir=true&apid=UP7c1d2a32-22d4-11ec-b5b8-06584a1aed54
  • https://router.infolinks.com/dyn/outh-usync?uid=y-tgeACKhE2uGzPyY2hNS3QtU_iNXvPGvI~A~UP7c1d2a32-22d4-11ec-b5b8-06584a1aed54
35 B
235 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://router.infolinks.com/dyn/outh-usync?uid=y-tgeACKhE2uGzPyY2hNS3QtU_iNXvPGvI~A~UP7c1d2a32-22d4-11ec-b5b8-06584a1aed54
Requested by
Host: router.infolinks.com
URL: https://router.infolinks.com/usync/manage?pid=3311725&wsid=0&pdom=www.oann.com&purl=https%3A%2F%2Fwww.oann.com%2Fsen-johnson-says-covid-19-peaked-before-vaccine-rollout-resurged-after-mass-vaccinations%2F
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://router.infolinks.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Oct 2021 16:27:35 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NON DSP NID OUR COR"
content-type
image/gif
cache-control
no-store, no-cache, private
cf-ray
69770f2979934007-CDG
content-length
35
expires
Thu, 01 Oct 2020 16:27:35 GMT

Redirect headers

Date
Fri, 01 Oct 2021 16:27:35 GMT
Server
ATS/7.1.2.138
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://router.infolinks.com/dyn/outh-usync?uid=y-tgeACKhE2uGzPyY2hNS3QtU_iNXvPGvI~A~UP7c1d2a32-22d4-11ec-b5b8-06584a1aed54
Connection
keep-alive
Content-Length
0
usersync
match.bnmla.com/ Frame E71D 		0
0
pixel
ap.lijit.com/ Frame E71D 		0
0
SPug
image4.pubmatic.com/AdServer/ Frame E71D
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=60809&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D60809%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Frouter.infolink...
  • https://image4.pubmatic.com/AdServer/SPug?p=60809&pmc=1&pr=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fusersync%3Fpmuservalue%3D94A8FEED-3C24-4429-940E-599AF60A8C6A
0
0
iq-usync
router.infolinks.com/dyn/ Frame E71D 		0
0
cm
p.rfihub.com/ Frame E71D 		0
0
/
ssc-cms.33across.com/ps/ Frame E71D 		0
0
/
disqus.com/recommendations/ Frame DD73 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://disqus.com/recommendations/?base=default&f=oann&t_i=2536903%20https%3A%2F%2Fwww.oann.com%2F%3Fp%3D2536903&t_u=https%3A%2F%2Fwww.oann.com%2Fsen-johnson-says-covid-19-peaked-before-vaccine-rollout-resurged-after-mass-vaccinations%2F&t_e=Sen.%20Johnson%20says%20COVID-19%20peaked%20before%20vaccine%20rollout%2C%20resurged%20after%20mass%20vaccinations&t_d=Sen.%20Johnson%20says%20COVID-19%20peaked%20before%20vaccine%20rollout%2C%20resurged%20after%20mass%20vaccinations&t_t=Sen.%20Johnson%20says%20COVID-19%20peaked%20before%20vaccine%20rollout%2C%20resurged%20after%20mass%20vaccinations
Requested by
Host: oann.disqus.com
URL: https://oann.disqus.com/recommendations.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.0.134 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
4c14c984c41c97195a5a7eb06fe3456f08f4a4bfe6dd56f16c0b6ae63c08d011
Security Headers
Name Value
Content-Security-Policy script-src https://*.twitter.com:* https://www.gstatic.com/recaptcha/ https://a.disquscdn.com https://c.disquscdn.com c.disquscdn.com https://*.services.disqus.com:* https://cdn.boomtrain.com/p13n/ https://apis.google.com https://cdn.syndication.twimg.com/tweets.json https://connect.facebook.net/en_US/sdk.js https://referrer.disqus.com/juggler/ 'unsafe-inline' https://com-disqus.netmng.com:* https://www.google.com/recaptcha/ https://cf.ignitionone.com:* https://disqus.com
Strict-Transport-Security max-age=300; includeSubdomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Host
disqus.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.oann.com/sen-johnson-says-covid-19-peaked-before-vaccine-rollout-resurged-after-mass-vaccinations/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.oann.com/sen-johnson-says-covid-19-peaked-before-vaccine-rollout-resurged-after-mass-vaccinations/

Response headers

Connection
keep-alive
Content-Length
2423
Server
nginx
Content-Type
text/html; charset=utf-8
Content-Security-Policy
script-src https://*.twitter.com:* https://www.gstatic.com/recaptcha/ https://a.disquscdn.com https://c.disquscdn.com c.disquscdn.com https://*.services.disqus.com:* https://cdn.boomtrain.com/p13n/ https://apis.google.com https://cdn.syndication.twimg.com/tweets.json https://connect.facebook.net/en_US/sdk.js https://referrer.disqus.com/juggler/ 'unsafe-inline' https://com-disqus.netmng.com:* https://www.google.com/recaptcha/ https://cf.ignitionone.com:* https://disqus.com
Last-Modified
Mon, 27 Sep 2021 07:24:03 GMT
Link
<https://c.disquscdn.com>;rel=preconnect,<https://c.disquscdn.com>;rel=dns-prefetch
Cache-Control
stale-while-revalidate=30, no-cache, must-revalidate, stale-if-error=3600, public
p3p
CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Timing-Allow-Origin
*
X-Content-Type-Options
nosniff
X-XSS-Protection
1; mode=block
Content-Encoding
gzip
Date
Fri, 01 Oct 2021 16:27:35 GMT
Age
0
Vary
Accept-Encoding
Strict-Transport-Security
max-age=300; includeSubdomains
14262018928489574
lockerdome.com/lad/ Frame 645A 		0
0
/
trends.revcontent.com/api/demand/ 		52 B
264 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://trends.revcontent.com/api/demand/?w=169569
Requested by
Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.80.188.163 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-80-188-163.eu-west-1.compute.amazonaws.com
Software
Apache/2.4.25 (Debian) /
Resource Hash
8b4b43fd2629a9ae29c5220a852bbc8ff169c571cdf77798633efec65c934df7
Security Headers
Name Value
Strict-Transport-Security max-age=931536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.oann.com/sen-johnson-says-covid-19-peaked-before-vaccine-rollout-resurged-after-mass-vaccinations/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

access-control-allow-origin
https://www.oann.com
date
Fri, 01 Oct 2021 16:27:35 GMT
access-control-allow-credentials
true
server
Apache/2.4.25 (Debian)
content-length
52
strict-transport-security
max-age=931536000; includeSubDomains
content-type
text/html; charset=UTF-8
sync
trends.revcontent.com/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://trends.revcontent.com/sync
Requested by
Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.80.188.163 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-80-188-163.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.oann.com/sen-johnson-says-covid-19-peaked-before-vaccine-rollout-resurged-after-mass-vaccinations/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

access-control-allow-origin
https://www.oann.com
date
Fri, 01 Oct 2021 16:27:35 GMT
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
like_box.php
www.facebook.com/v3.2/plugins/ Frame 6909 		0
0
widget_iframe.58065ae230495f5d9e4b6a916472b2c1.html
platform.twitter.com/widgets/ Frame 0DDE 		319 KB
103 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets/widget_iframe.58065ae230495f5d9e4b6a916472b2c1.html?origin=https%3A%2F%2Fwww.oann.com
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (mil/6CF5) /
Resource Hash
c6d03b7a5561687268e57b13d9d4a6a4c71ee570ea74718040ce9227676e3e5e

Request headers

Host
platform.twitter.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.oann.com/sen-johnson-says-covid-19-peaked-before-vaccine-rollout-resurged-after-mass-vaccinations/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.oann.com/sen-johnson-says-covid-19-peaked-before-vaccine-rollout-resurged-after-mass-vaccinations/

Response headers

Content-Encoding
gzip
Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Age
76551
Cache-Control
public, max-age=315360000
Content-Type
text/html; charset=utf-8
Date
Fri, 01 Oct 2021 16:27:35 GMT
Etag
"8321d7cf58d70200c1423dfa0bca40f6+gzip"
Last-Modified
Thu, 30 Sep 2021 18:56:47 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (mil/6CF5)
Vary
Accept-Encoding
X-Cache
HIT
x-tw-cdn
VZ
Content-Length
105433
casale
match.adsrvr.org/track/cmf/ Frame 6C36 		0
0
rrum
dsum-sec.casalemedia.com/ Frame 6C36 		0
0
usermatchredir
ssum-sec.casalemedia.com/ Frame 6C36
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YVc2988_j77K_IFFqvvWpgAABMIAAAAB&gdpr_consent=&us_privacy=&gdpr=1
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEKwiGG_uD85_d0VPjmYwlAM&google_cver=1
0
0
dcm
s.amazon-adsystem.com/ Frame 6C36 		0
0
user-sync
nep.advangelists.com/xp/ Frame 6C36 		0
0
indexexchange
sync.adotmob.com/cookie/ Frame 6C36 		0
0
ix.gif
beacon.lynx.cognitivlabs.com/ Frame 6C36 		0
0
113
match.deepintent.com/usersync/ Frame 6C36 		0
0
ix-usync
router.infolinks.com/dyn/ Frame 6C36 		0
0
recommendations.load.468b97d62a371c49ae174c537bd78912.js
c.disquscdn.com/next/recommendations/ Frame DD73 		923 B
0 		Script
General
Check archive.org
Download Go to
Full URL
https://c.disquscdn.com/next/recommendations/recommendations.load.468b97d62a371c49ae174c537bd78912.js
Requested by
Host: disqus.com
URL: https://disqus.com/recommendations/?base=default&f=oann&t_i=2536903%20https%3A%2F%2Fwww.oann.com%2F%3Fp%3D2536903&t_u=https%3A%2F%2Fwww.oann.com%2Fsen-johnson-says-covid-19-peaked-before-vaccine-rollout-resurged-after-mass-vaccinations%2F&t_e=Sen.%20Johnson%20says%20COVID-19%20peaked%20before%20vaccine%20rollout%2C%20resurged%20after%20mass%20vaccinations&t_d=Sen.%20Johnson%20says%20COVID-19%20peaked%20before%20vaccine%20rollout%2C%20resurged%20after%20mass%20vaccinations&t_t=Sen.%20Johnson%20says%20COVID-19%20peaked%20before%20vaccine%20rollout%2C%20resurged%20after%20mass%20vaccinations
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:a200:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://disqus.com/
Origin
https://disqus.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 19:47:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
765593
x-edge-origin-shield-skipped
0
x-cache
Hit from cloudfront
content-length
448
x-xss-protection
1; mode=block
x-served-by
static-web-1
access-control-allow-origin
*
surrogate-key
next
last-modified
Wed, 22 Sep 2021 19:30:27 GMT
server
nginx
etag
"614b8453-1c0"
content-type
application/javascript; charset=utf-8
via
1.1 182ef5a8d12abb5df1553676864737b1.cloudfront.net (CloudFront)
expires
Thu, 22 Sep 2022 19:47:42 GMT
cache-control
max-age=31536000, public, immutable, no-transform
x-amz-cf-pop
FRA2-C2
timing-allow-origin
*
x-amz-cf-id
hOkEEU_MMVi9dziw_Ezw27-RgReTi4UoorE7DDFP78h2Juf6lPuRiA==
x-cache-hits
0
settings
syndication.twitter.com/ Frame 0DDE 		0
0
gen_204
pagead2.googlesyndication.com/pagead/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=gfp_cw_status&domain=oann.com&host=www.oann.com&success=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021092101.js?31062995
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.oann.com/sen-johnson-says-covid-19-peaked-before-vaccine-rollout-resurged-after-mass-vaccinations/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Oct 2021 16:27:35 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
2719c13eafd44c117c21cca9347f6566.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 72EC 		0
0
view
securepubads.g.doubleclick.net/pcs/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuM2ygMmyJUnclzGHzenMnsBJpu-zWHQXgDyZ7DssXJs758Q7FSiVepcMUXE1WcE7P5fDi5_D26FbrYGe2v6j5t8G8LC9XJlKO_u-0W1nKmuU54ic1HwaF5zZzqE_RwbqWmLKmGDG64lD1Og-mdgLYBXWS9H0uaM0pFVfzBONenhMNS6kqNMwKSvp9qot5fldaxC1PIPFmEIb1NlFrLEKg1uqI2wrnxEk13LPoJYglF61yRhVSrz82GIa2NcPvLTFzY34Kds934hS3fp2K_VcQw_RMEHN9K6ns4lfpf8Gqa2-T06S5ehDEL8gyEdPE&sai=AMfl-YTpPxzNfk7L_bCS-ZC_HaVSwZqqccd5uyGmInniR9oeirCUa6QCeSwHtfZd0fF80koUZ1cU-NcgBJnLh2cCwnh8TrcW6bPyUwqeik7eFAsAAqpVTFLtqIxpNRQygse5&sig=Cg0ArKJSzPyzv2NEQGNFEAE&urlfix=1&adurl=
Requested by
Host: www.oann.com
URL: https://www.oann.com/sen-johnson-says-covid-19-peaked-before-vaccine-rollout-resurged-after-mass-vaccinations/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.oann.com/sen-johnson-says-covid-19-peaked-before-vaccine-rollout-resurged-after-mass-vaccinations/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 01 Oct 2021 16:27:35 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
headerbid.js
served-by.pixfuture.com/www/delivery/ 		973 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://served-by.pixfuture.com/www/delivery/headerbid.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021092101.js?31062995
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
68.183.31.14 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
d490f2efc64637640a21c5282a89dd22344e58974641bc7bbbfa4c7e4dc8648e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.oann.com/sen-johnson-says-covid-19-peaked-before-vaccine-rollout-resurged-after-mass-vaccinations/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 16:27:35 GMT
last-modified
Tue, 02 Mar 2021 20:36:48 GMT
server
nginx/1.10.3 (Ubuntu)
etag
"603ea1e0-3cd"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=172800, public, no-transform
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
973
expires
Sun, 03 Oct 2021 16:27:35 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ 		122 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021092101.js?31062995
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eb35e2fc6b44a1ba314358847a3ecffb044ac056ff0b374ec17856062cc75ee3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.oann.com/sen-johnson-says-covid-19-peaked-before-vaccine-rollout-resurged-after-mass-vaccinations/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date
Fri, 01 Oct 2021 16:27:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37846
x-xss-protection
0
server
sffe
etag
"1632957210746890"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="active-view-scs-read-write-acl"
expires
Fri, 01 Oct 2021 16:27:35 GMT
osd.js
www.googletagservices.com/activeview/js/current/ 		72 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021092101.js?31062995
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c72976d3b4c427a85952b5cea1ad2efafcc4b2dc6fdd9ef5a505e5e582e62928
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.oann.com/sen-johnson-says-covid-19-peaked-before-vaccine-rollout-resurged-after-mass-vaccinations/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 16:27:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27601
x-xss-protection
0
server
sffe
etag
"1632957222552500"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="active-view-scs-read-write-acl"
expires
Fri, 01 Oct 2021 16:27:35 GMT
/
trends.revcontent.com/api/delivery/ 		30 KB
12 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://trends.revcontent.com/api/delivery/?is_blocked=undefined&w=169569&width=1600&rev_allow_cookies=0&site_url=https%3A%2F%2Fwww.oann.com%2Fsen-johnson-says-covid-19-peaked-before-vaccine-rollout-resurged-after-mass-vaccinations%2F&icr_url=&va=0&time=1633105655471&up=pc&bn=chrome&bv=93&widget_width=741&style_id=0
Requested by
Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.80.188.163 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-80-188-163.eu-west-1.compute.amazonaws.com
Software
Apache/2.4.25 (Debian) /
Resource Hash
f2c2b65c77725fe19667e4b727c1785d4d3c90d150029030cfc0e923ec9d6bd3
Security Headers
Name Value
Strict-Transport-Security max-age=931536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.oann.com/sen-johnson-says-covid-19-peaked-before-vaccine-rollout-resurged-after-mass-vaccinations/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 16:27:35 GMT
content-encoding
gzip
server
Apache/2.4.25 (Debian)
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://www.oann.com
access-control-allow-credentials
true
strict-transport-security
max-age=931536000; includeSubDomains
content-length
12356
impression
trends.revcontent.com/event/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://trends.revcontent.com/event/impression
Requested by
Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.80.188.163 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-80-188-163.eu-west-1.compute.amazonaws.com
Software
Grizzly/2.4.4 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=931536000; includeSubDomains

Request headers

Referer
https://www.oann.com/sen-johnson-says-covid-19-peaked-before-vaccine-rollout-resurged-after-mass-vaccinations/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin
https://www.oann.com
date
Fri, 01 Oct 2021 16:27:35 GMT
access-control-allow-credentials
true
server
Grizzly/2.4.4
access-control-allow-headers
Content-Type
strict-transport-security
max-age=931536000; includeSubDomains
css2
fonts.googleapis.com/ 		5 KB
677 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Oswald:wght@300;400;500&display=swap
Requested by
Host: client
URL: about:client
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
6e65c663913ab0ce19c82af3ed5f7d792e052063b1e53812f50acc0382868244
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.oann.com/sen-johnson-says-covid-19-peaked-before-vaccine-rollout-resurged-after-mass-vaccinations/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 01 Oct 2021 15:24:09 GMT
server
ESF
date
Fri, 01 Oct 2021 16:27:35 GMT
x-frame-options
SAMEORIGIN
report-to
{"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only
same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"
expires
Fri, 01 Oct 2021 16:27:35 GMT
/
img.revcontent.com/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.revcontent.com/?url=https://cdn.revcontent.com/assets/img/full_color.png&static=true
Requested by
Host: www.oann.com
URL: https://www.oann.com/sen-johnson-says-covid-19-peaked-before-vaccine-rollout-resurged-after-mass-vaccinations/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
c842ab9a59af3f3d62511fdb5488ad527d2193c3371b5561ade4a2a19a8e7062

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.oann.com/sen-johnson-says-covid-19-peaked-before-vaccine-rollout-resurged-after-mass-vaccinations/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 16:27:35 GMT
last-modified
Wed, 01 Jul 2020 17:13:25 GMT
etag
"1593623605"
x-hw
1633105655.cds010.fr8.hn,1633105655.cds260.fr8.c
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
content-length
20438
rc-logo.png
cdn.revcontent.com/assets/img/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.revcontent.com/assets/img/rc-logo.png
Requested by
Host: www.oann.com
URL: https://www.oann.com/sen-johnson-says-covid-19-peaked-before-vaccine-rollout-resurged-after-mass-vaccinations/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
66e0312cb1c8f068831abec6de6c5c6e8e7b6134881cc245c3fd99744619aec1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.oann.com/sen-johnson-says-covid-19-peaked-before-vaccine-rollout-resurged-after-mass-vaccinations/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 16:27:35 GMT
last-modified
Mon, 13 Sep 2021 19:23:45 GMT
etag
"1631561025"
x-hw
1633105655.cds005.fr8.hn,1633105655.cds130.fr8.c
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=34984
accept-ranges
bytes
content-length
4298
truncated
/ 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
745c6d482ce31e61364197404efc13f221c98be409582b5d4bc6a2bf95cf29c5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/png
hb_v2.js
cdn.pixfuture.com/ 		33 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.pixfuture.com/hb_v2.js
Requested by
Host: served-by.pixfuture.com
URL: https://served-by.pixfuture.com/www/delivery/headerbid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:b9c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
45df10c585e01c07a3602ed16c1c6842d2572d6b15bceff9cb1f58256d330e31

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.oann.com/sen-johnson-says-covid-19-peaked-before-vaccine-rollout-resurged-after-mass-vaccinations/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 16:27:35 GMT
cf-cache-status
HIT
last-modified
Tue, 28 Sep 2021 15:09:43 GMT
server
cloudflare
age
91063
etag
W/"61533037-84f5"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0aHZHh7ZVRjSAWuIZYuJ%2Bci%2BmWkZFKv7Eo5UM99RcCqEsoFOs30mnp1r8aj4gCd1Sxn7gEC5QeHafY85yFcjnFJQ57rmuhUPl6Hw74qP%2B5OmhzCJ6%2FIqVPYjCXjwm4A%2FSTcdGBjRxCuL6Ek60%2Bkf"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
expires
Sat, 02 Oct 2021 15:09:52 GMT
cache-control
public, max-age=2678400, no-transform
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
69770f2d7cd25c02-FRA
cf-bgj
minify
pbix.js
cdn.pixfuture.com/ 		423 KB
424 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.pixfuture.com/pbix.js
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/hb_v2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:b9c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
536386f4e5a08dcde004ad0d24c4ea816a2054ba53f5da25ebb12fa4493f693f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.oann.com/sen-johnson-says-covid-19-peaked-before-vaccine-rollout-resurged-after-mass-vaccinations/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 16:27:35 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
96201
cf-polished
origSize=433266
cf-bgj
minify
last-modified
Mon, 23 Aug 2021 13:19:22 GMT
server
cloudflare
etag
W/"6123a05a-69c72"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qbVKqk1hKanqC3fcx0l%2BSde66AihLNgzFwK4zUMd%2F7Eem0ryFrZSpCKElKFYtDhkUiR%2F%2Fgx2DeUfxwh1t6fPuKoXrw6CiXgYwiOeoiK69MjTJ3wjf%2Fil5dBSu8NAFUR1a6dW84EKoPTt0Payqudf"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=2678400, no-transform
cf-ray
69770f2dad215c02-FRA
expires
Sat, 02 Oct 2021 13:44:04 GMT
r.js
aa.agkn.com/adscores/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://aa.agkn.com/adscores/r.js?sid=9112309848
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/hb_v2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.158.92.16 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-158-92-16.eu-central-1.compute.amazonaws.com
Software
AAWebServer /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.oann.com/sen-johnson-says-covid-19-peaked-before-vaccine-rollout-resurged-after-mass-vaccinations/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 16:27:36 GMT
server
AAWebServer
content-type
text/plain
content-length
22
p3p
policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
hb_v2.php
served-by.pixfuture.com/www/delivery/ 		3 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://served-by.pixfuture.com/www/delivery/hb_v2.php?dat=25449x300x250x4195x_ADSLOT3&keywords=&refUrl=&refresh=false&innerWidth=1600
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/hb_v2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
68.183.31.14 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
a7e35e777af2e0a0f266124a79c171b4e58e69dbe6db8cbbfc02d0a18563f940

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.oann.com/sen-johnson-says-covid-19-peaked-before-vaccine-rollout-resurged-after-mass-vaccinations/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Oct 2021 16:27:36 GMT
server
nginx/1.10.3 (Ubuntu)
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=172800, public, no-transform
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires
Sun, 03 Oct 2021 16:27:36 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		11 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021092101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021092101.js?31062995
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1ef4968512ccd040e47009b27e7759b29389922fefb9d952aef49769d19c99d8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.oann.com/sen-johnson-says-covid-19-peaked-before-vaccine-rollout-resurged-after-mass-vaccinations/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 01 Oct 2021 16:27:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8530
x-xss-protection
0
view
securepubads.g.doubleclick.net/pcs/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstF_kx6v623Uui4-cKYiAFuhWiHogQl4c5_LIfYhVTz7FUzLALrUUQL1nCW9f8bP8KPOySM82IWgyPKal76hSMPbiB2eeHifvACEZihLe7xxg86AHExuTx5hReiYlvfElAjKEnU0XII-13O_tZDOnDARpWM9EIea-evkS5DqD-n1h_XghjNEMfy75gdySBDnBaOKZOsv95KqrXguFEyMd533WHVmT50yHA59mIaqWFQmvNtbm3nODnQzq5szpKwyMt-h24qg4qK65_ViRiAPM52euy7oVd6cXyHWXeBCE3-fy0F1AQww3AW7-9woSKjCg&sai=AMfl-YTCPmJzSnBMVAEoNzdJN09RwOpJ4sK4QKIU5Rreq8xzOhmBUs5ixGZRkzo85NZ9NoCoWSK-OmEvNHfdHh5SpPEw8pD0G5j8Bj69hjSESqXt4AYJBGkKiRMug_brqKK5&sig=Cg0ArKJSzFWhjTBTvgybEAE&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.oann.com/sen-johnson-says-covid-19-peaked-before-vaccine-rollout-resurged-after-mass-vaccinations/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 01 Oct 2021 16:27:36 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Fri, 01 Oct 2021 16:27:36 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021092101.js?31062995
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.oann.com/sen-johnson-says-covid-19-peaked-before-vaccine-rollout-resurged-after-mass-vaccinations/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 16:27:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1624308425655142"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6467
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
expires
Fri, 01 Oct 2021 16:27:36 GMT
sid
mug.criteo.com/
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.oann.com%2F&domain=www.oann.com&cw=1&lsw=1
  • https://mug.criteo.com/sid?cpp=FrYQiXw5clRORlpZODVSMGdBSE1yUC9zVW9yUEljZVN2djArbFRYck9GNmMrNVZEbVVzbDU2emJoNkphMk9VMzBmb3NDdG4yTFpqODNkMTBpUGErM0dXaHQ2YjRNdzhtejdWVXFZUHM3TTRCSEEwbFRVZFUvcnNJUENVVV...
348 B
605 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=FrYQiXw5clRORlpZODVSMGdBSE1yUC9zVW9yUEljZVN2djArbFRYck9GNmMrNVZEbVVzbDU2emJoNkphMk9VMzBmb3NDdG4yTFpqODNkMTBpUGErM0dXaHQ2YjRNdzhtejdWVXFZUHM3TTRCSEEwbFRVZFUvcnNJUENVVVVGckZXZEtKaXM2RDNNMG1WSzNzZUJVV1h5YTc0SUtlVkh6L3hmUVhER055NFdCT1NJbDZWc3BlRDY1VDYwbENaY1pZcGh5Q2NydHpSQmVHSGo3N1BTeE9XWnFOd1NvNG1HeDRmSndMZytaTllhei9QcDdvPXw&cppv=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
6c5ef5c0f76ca96caba5c40cbe16d97577450ce7d4194011ab334a3220c008b6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.oann.com/sen-johnson-says-covid-19-peaked-before-vaccine-rollout-resurged-after-mass-vaccinations/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
content-encoding
gzip
date
Fri, 01 Oct 2021 16:27:35 GMT
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
2682
expires
0

Redirect headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Fri, 01 Oct 2021 16:27:35 GMT
location
https://mug.criteo.com/sid?cpp=FrYQiXw5clRORlpZODVSMGdBSE1yUC9zVW9yUEljZVN2djArbFRYck9GNmMrNVZEbVVzbDU2emJoNkphMk9VMzBmb3NDdG4yTFpqODNkMTBpUGErM0dXaHQ2YjRNdzhtejdWVXFZUHM3TTRCSEEwbFRVZFUvcnNJUENVVVVGckZXZEtKaXM2RDNNMG1WSzNzZUJVV1h5YTc0SUtlVkh6L3hmUVhER055NFdCT1NJbDZWc3BlRDY1VDYwbENaY1pZcGh5Q2NydHpSQmVHSGo3N1BTeE9XWnFOd1NvNG1HeDRmSndMZytaTllhei9QcDdvPXw&cppv=2
access-control-allow-methods
GET
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.oann.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1858
content-length
482
expires
0
529.json
id5-sync.com/g/v2/ 		213 B
530 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/529.json
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.36.109.155 , France, ASN16276 (OVH, FR),
Reverse DNS
p05.id5-sync.com
Software
/
Resource Hash
a1eb18ae633f51f7d29c4824f20f7e5d5a5c64a0b19d88224fe8b4141ba48b43
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.oann.com/sen-johnson-says-covid-19-peaked-before-vaccine-rollout-resurged-after-mass-vaccinations/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://www.oann.com
Date
Fri, 01 Oct 2021 16:27:36 GMT
Access-Control-Allow-Credentials
true
Vary
Origin
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
Content-Type
application/json;charset=UTF-8
envelope
api.rlcdn.com/api/identity/ 		0
0
rid
match.adsrvr.org/track/ 		108 B
648 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=yoni5uv&fmt=json
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.131 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a97adde81b00f2ca4.awsglobalaccelerator.com
Software
/
Resource Hash
0f2e6ecd74d9b08b503c5131e0241a09f4997a3e59dfd59eab7dcc1062c7ecdb

Request headers

Referer
https://www.oann.com/sen-johnson-says-covid-19-peaked-before-vaccine-rollout-resurged-after-mass-vaccinations/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 01 Oct 2021 16:27:36 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.oann.com
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
108
expires
Sun, 31 Oct 2021 16:27:36 GMT
seg
secure.adnxs.com/ 		0
1004 B 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.adnxs.com/seg?add=27578926%2C27578926&t=1
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/hb_v2.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.45 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.oann.com/sen-johnson-says-covid-19-peaked-before-vaccine-rollout-resurged-after-mass-vaccinations/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 01 Oct 2021 16:27:36 GMT
X-Proxy-Origin
194.36.108.21; 194.36.108.21; 693.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
5429c050-183e-462e-b7f8-49229233aef4
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/javascript; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
generic
trends.revcontent.com/event/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://trends.revcontent.com/event/generic
Requested by
Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.80.188.163 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-80-188-163.eu-west-1.compute.amazonaws.com
Software
Grizzly/2.4.4 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=931536000; includeSubDomains

Request headers

Referer
https://www.oann.com/sen-johnson-says-covid-19-peaked-before-vaccine-rollout-resurged-after-mass-vaccinations/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin
https://www.oann.com
date
Fri, 01 Oct 2021 16:27:36 GMT
access-control-allow-credentials
true
server
Grizzly/2.4.4
access-control-allow-headers
Content-Type
strict-transport-security
max-age=931536000; includeSubDomains
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.oann.com%2F&domain=www.oann.com&cw=1&lsw=1
Protocol
H2
Server
2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type
Origin
https://www.oann.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
content-type
application/json; charset=utf-8
expires
0
strict-transport-security
max-age=31536000
access-control-allow-origin
https://www.oann.com
access-control-allow-headers
content-type
access-control-allow-credentials
true
access-control-allow-methods
GET
server-processing-duration-in-ticks
1723
date
Fri, 01 Oct 2021 16:27:35 GMT
content-encoding
gzip
vary
Accept-Encoding
pub5644548548544
s.adx.opera.com/ortb/v2/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://s.adx.opera.com/ortb/v2/pub5644548548544?ep=ep5644764124224
Protocol
H2
Server
82.145.213.8 , Norway, ASN39832 (NO-OPERA, NO),
Reverse DNS
n-sysadmin-jumpbox-03.feednews.opera.technology
Software
Tengine /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type,x-openrtb-version
Origin
https://www.oann.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
Tengine
date
Fri, 01 Oct 2021 16:27:36 GMT
access-control-allow-credentials
true
access-control-allow-headers
Origin,Content-Length,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST
access-control-allow-origin
https://www.oann.com
access-control-max-age
604800
content-encoding
gzip
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
pixfuture
pixfuture.technoratimedia.com/openrtb/bids/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://pixfuture.technoratimedia.com/openrtb/bids/pixfuture?src=prebid_prebid_5.9.0-pre
Protocol
H2
Server
150.136.26.45 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://www.oann.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Fri, 01 Oct 2021 16:27:36 GMT
access-control-allow-headers
content-type
access-control-allow-origin
https://www.oann.com
access-control-allow-credentials
true
access-control-allow-methods
POST,GET,HEAD,OPTIONS
x-varnish
80234419
age
0
via
1.1 varnish
/
hb.emxdgt.com/ 		0
157 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.emxdgt.com/?t=3000&ts=1633105656332&src=pbjs
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.196.230.57 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-196-230-57.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.oann.com/sen-johnson-says-covid-19-peaked-before-vaccine-rollout-resurged-after-mass-vaccinations/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.oann.com
date
Fri, 01 Oct 2021 16:27:36 GMT
cache-control
no-cache
access-control-allow-credentials
true
access-control-allow-headers
security, Content-Type
trinity.json
apex.go.sonobi.com/ 		94 B
726 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%224d812cfc92738c%22%3A%22833199e4bd4003904bc3%7C300x250%7Cf%3D0.3%22%7D&ref=https%3A%2F%2Fwww.oann.com%2Fsen-johnson-says-covid-19-peaked-before-vaccine-rollout-resurged-after-mass-vaccinations%2F&s=b5a186cf-7d5e-407f-9718-2e989c644eb9&pv=069eb313-4cde-4cee-a219-1fbdca85e6eb&vp=desktop&lib_name=prebid&lib_v=5.9.0-pre&us=0&ius=1&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22pixfuture.com%22%2C%22sid%22%3A%224195%22%2C%22hp%22%3A1%7D%5D%7D&userid=%7B%22id5id%22%3A%220%22%2C%22tdid%22%3A%2223a9f547-69cd-444a-8891-728ca5b966b6%22%7D&eids=%5B%7B%22source%22%3A%22id5-sync.com%22%2C%22uids%22%3A%5B%7B%22id%22%3A%220%22%2C%22atype%22%3A1%2C%22ext%22%3A%7B%22linkType%22%3A0%7D%7D%5D%7D%2C%7B%22source%22%3A%22adserver.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%2223a9f547-69cd-444a-8891-728ca5b966b6%22%2C%22atype%22%3A1%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22TDID%22%7D%7D%5D%7D%5D&coppa=0
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.150 Rotterdam, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-apex.go.sonobi.com
Software
sonobi-go /
Resource Hash
528674035413ceec12e2be6253fcd0328a25d31c04c77674c3c2da4a4f3daea8
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.oann.com/sen-johnson-says-covid-19-peaked-before-vaccine-rollout-resurged-after-mass-vaccinations/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 01 Oct 2021 16:27:36 GMT
Content-Encoding
gzip
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
apex-ams-1-6-8
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
https://www.oann.com
Cache-Control
no-cache, no-store, private
Access-Control-Allow-Credentials
true
Tcn
Choice
Content-Type
application/json
Content-Length
119
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		241 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=23564&site_id=377492&zone_id=2082582&size_id=15&p_pos=atf&rp_schain=1.0,1!pixfuture.com,4195,1,,,&eid_id5-sync.com=0%5E1%5E&tpid_tdid=23a9f547-69cd-444a-8891-728ca5b966b6&eid_adserver.org=23a9f547-69cd-444a-8891-728ca5b966b6&rf=https%3A%2F%2Fwww.oann.com%2Fsen-johnson-says-covid-19-peaked-before-vaccine-rollout-resurged-after-mass-vaccinations%2F&tk_flint=pbjs_lite_v5.9.0-pre&x_source.tid=c7ae644a-9d83-402d-8a31-8ac91435191c&p_screen_res=1600x1200&rp_floor=0.1&rp_secure=1&rp_maxbids=1&slots=1&rand=0.7079493273721205
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
2602:803:c004:200::143 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
50c6c8fc80bf8b2be4e6a4853646df3717eeec7689614912c794a79cba96dc6b

Request headers

Referer
https://www.oann.com/sen-johnson-says-covid-19-peaked-before-vaccine-rollout-resurged-after-mass-vaccinations/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 01 Oct 2021 16:27:36 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.oann.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
241
Expires
Wed, 17 Sep 1975 21:32:10 GMT
prebid
ib.adnxs.com/ut/v3/ 		144 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
b86f73d212769f38acc9cc88280343234725334eccc93c426c50a06a69578166
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.oann.com/sen-johnson-says-covid-19-peaked-before-vaccine-rollout-resurged-after-mass-vaccinations/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 01 Oct 2021 16:27:36 GMT
X-Proxy-Origin
194.36.108.21; 194.36.108.21; 868.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
eb5a27fd-1c44-497f-9eb3-3d74efab3a9f
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.oann.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
144
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
v1
dmx.districtm.io/b/ 		0
282 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dmx.districtm.io/b/v1
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.68.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.oann.com/sen-johnson-says-covid-19-peaked-before-vaccine-rollout-resurged-after-mass-vaccinations/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 01 Oct 2021 16:27:36 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD, POST, OPTIONS
access-control-allow-origin
https://www.oann.com
access-control-allow-credentials
true
cf-ray
69770f307ed0408d-CDG
access-control-allow-headers
Content-Type, Origin
pub5644548548544
s.adx.opera.com/ortb/v2/ 		0
229 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.adx.opera.com/ortb/v2/pub5644548548544?ep=ep5644764124224
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
82.145.213.8 , Norway, ASN39832 (NO-OPERA, NO),
Reverse DNS
n-sysadmin-jumpbox-03.feednews.opera.technology
Software
Tengine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.oann.com/sen-johnson-says-covid-19-peaked-before-vaccine-rollout-resurged-after-mass-vaccinations/
x-openrtb-version
2.5
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://www.oann.com
date
Fri, 01 Oct 2021 16:27:36 GMT
content-encoding
gzip
x-openrtb-version
2.5
server
Tengine
access-control-allow-credentials
true
vary
Origin
hb
ssc.33across.com/api/v1/ 		66 B
296 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb?guid=azC7qard4r6OkMaKlId8sQ
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
f965d9119183d5554d0fc800865f04af240ab1fe28a968fc970cf53580ad8cd7

Request headers

Referer
https://www.oann.com/sen-johnson-says-covid-19-peaked-before-vaccine-rollout-resurged-after-mass-vaccinations/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 01 Oct 2021 16:27:36 GMT
content-encoding
gzip
status
200 OK
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.oann.com
access-control-allow-credentials
true
alt-svc
clear
via
1.1 google
pixfuture
pixfuture.technoratimedia.com/openrtb/bids/ 		0
292 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pixfuture.technoratimedia.com/openrtb/bids/pixfuture?src=prebid_prebid_5.9.0-pre
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
150.136.26.45 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.oann.com/sen-johnson-says-covid-19-peaked-before-vaccine-rollout-resurged-after-mass-vaccinations/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 01 Oct 2021 16:27:36 GMT
via
1.1 varnish
server
nginx
age
0
access-control-allow-methods
POST,GET,HEAD,OPTIONS
x-varnish
583375208
access-control-allow-origin
https://www.oann.com
access-control-allow-credentials
true
translator
hbopenbid.pubmatic.com/ 		0
114 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.oann.com/sen-johnson-says-covid-19-peaked-before-vaccine-rollout-resurged-after-mass-vaccinations/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.oann.com
date
Fri, 01 Oct 2021 16:27:36 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
bid
ap.lijit.com/rtb/ 		94 B
742 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_5.9.0-pre
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.48 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
c3072c382f769330b572fbc29dac6c72b6d81b99d017e70cb8020c04b9c3d90a

Request headers

Referer
https://www.oann.com/sen-johnson-says-covid-19-peaked-before-vaccine-rollout-resurged-after-mass-vaccinations/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

Date
Fri, 01 Oct 2021 16:27:36 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://www.oann.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap5ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
98
v1
prg.smartadserver.com/prebid/ 		171 B
562 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.121 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://www.oann.com/sen-johnson-says-covid-19-peaked-before-vaccine-rollout-resurged-after-mass-vaccinations/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 01 Oct 2021 16:27:36 GMT
content-encoding
br
vary
Accept-Encoding
x-smrt-d
4%3b3%3b57
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://www.oann.com
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
transfer-encoding
chunked
v1
prg.smartadserver.com/prebid/ 		171 B
563 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.121 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://www.oann.com/sen-johnson-says-covid-19-peaked-before-vaccine-rollout-resurged-after-mass-vaccinations/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 01 Oct 2021 16:27:36 GMT
content-encoding
br
vary
Accept-Encoding
x-smrt-d
4%3b26%3b99
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://www.oann.com
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
transfer-encoding
chunked
mvo
tag.1rx.io/rmp/236374/0/ 		0
168 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tag.1rx.io/rmp/236374/0/mvo?z=1r&hbv=5.9.0-pre,2.1
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.42 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Tengine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.oann.com/sen-johnson-says-covid-19-peaked-before-vaccine-rollout-resurged-after-mass-vaccinations/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.oann.com
pragma
no-cache
date
Fri, 01 Oct 2021 16:27:36 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
Tengine
/
ghb.adtelligent.com/v2/auction/ 		2 KB
1011 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ghb.adtelligent.com/v2/auction/
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
5f574e279c22cd42addc9788e80e6f0becb98f5dbd39cef396b0551854a49f32

Request headers

Referer
https://www.oann.com/sen-johnson-says-covid-19-peaked-before-vaccine-rollout-resurged-after-mass-vaccinations/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

Date
Fri, 01 Oct 2021 16:27:36 GMT
Content-Encoding
gzip
Server
VertaMedia 1.0
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
https://www.oann.com
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Content-Length
724
prebid
prebid.media.net/rtb/ 		1 KB
797 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CUIUMTP7
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.148.139 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
139.148.107.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
65f128358082182b4e73184a93da15ea4bbbd0cf773c0ac8b1550a28cfafd762

Request headers

Referer
https://www.oann.com/sen-johnson-says-covid-19-peaked-before-vaccine-rollout-resurged-after-mass-vaccinations/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 01 Oct 2021 16:27:36 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.oann.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
clear
via
1.1 google
arj
pixfuture2-d.openx.net/w/1.0/ 		172 B
472 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pixfuture2-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.oann.com%2Fsen-johnson-says-covid-19-peaked-before-vaccine-rollout-resurged-after-mass-vaccinations%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=c7ae644a-9d83-402d-8a31-8ac91435191c&nocache=1633105656350&id5id=0&ttduuid=23a9f547-69cd-444a-8891-728ca5b966b6&pubcid=c15ce7da-a14c-4d2c-aa79-42647c108bc6&schain=1.0%2C1!pixfuture.com%2C4195%2C1%2C%2C%2C&aus=300x250&divids=25449x300x250x4195x_ADSLOT3&aucs=&auid=540580840&tps=bXlrZXl3b3JkPSZteW90aGVya2V5d29yZD0%3D
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.216.4 /
Resource Hash
6645eb342334489c8f246aaf10a4fa1a4cc639ad87500875b0b9ea491af6b889

Request headers

Referer
https://www.oann.com/sen-johnson-says-covid-19-peaked-before-vaccine-rollout-resurged-after-mass-vaccinations/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 01 Oct 2021 16:27:36 GMT
content-encoding
gzip
server
OXGW/16.216.4
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.oann.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
clear
content-length
163
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
v1
btlr.sharethrough.com/WYu2BXv1/ 		0
112 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/WYu2BXv1/v1
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.157.23.185 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-23-185.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.oann.com/sen-johnson-says-covid-19-peaked-before-vaccine-rollout-resurged-after-mass-vaccinations/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.oann.com
date
Fri, 01 Oct 2021 16:27:36 GMT
access-control-allow-credentials
true
vary
Origin
runner.html
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 763A 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/224/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.oann.com/sen-johnson-says-covid-19-peaked-before-vaccine-rollout-resurged-after-mass-vaccinations/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.oann.com/sen-johnson-says-covid-19-peaked-before-vaccine-rollout-resurged-after-mass-vaccinations/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length
5029
date
Fri, 01 Oct 2021 15:14:50 GMT
expires
Sat, 01 Oct 2022 15:14:50 GMT
last-modified
Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
4366
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame 37E7 		783 B
999 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
603163219032226a42439270ebb0c5ea3ea6f0d80715de393fbdf344e14ee238
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-vqMqO9xOjkG34BHbDXYUbA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/aframe
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.oann.com/sen-johnson-says-covid-19-peaked-before-vaccine-rollout-resurged-after-mass-vaccinations/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.oann.com/sen-johnson-says-covid-19-peaked-before-vaccine-rollout-resurged-after-mass-vaccinations/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy-report-only
require-corp; report-to="recaptcha"
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Fri, 01 Oct 2021 16:27:36 GMT
date
Fri, 01 Oct 2021 16:27:36 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-vqMqO9xOjkG34BHbDXYUbA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
515
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
sid
mug.criteo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=FrYQiXw5clRORlpZODVSMGdBSE1yUC9zVW9yUEljZVN2djArbFRYck9GNmMrNVZEbVVzbDU2emJoNkphMk9VMzBmb3NDdG4yTFpqODNkMTBpUGErM0dXaHQ2YjRNdzhtejdWVXFZUHM3TTRCSEEwbFRVZFUvcnNJUENVVVVGckZXZEtKaXM2RDNNMG1WSzNzZUJVV1h5YTc0SUtlVkh6L3hmUVhER055NFdCT1NJbDZWc3BlRDY1VDYwbENaY1pZcGh5Q2NydHpSQmVHSGo3N1BTeE9XWnFOd1NvNG1HeDRmSndMZytaTllhei9QcDdvPXw&cppv=2
Protocol
H2
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type
Origin
null
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
content-type
application/json; charset=utf-8
expires
0
strict-transport-security
max-age=31536000
access-control-allow-origin
null
access-control-allow-headers
content-type
access-control-allow-credentials
true
access-control-allow-methods
GET
server-processing-duration-in-ticks
1170
date
Fri, 01 Oct 2021 16:27:36 GMT
content-encoding
gzip
vary
Accept-Encoding
y_GpSJCDeJUhy2edwqiqULXjheMgRVI09JfpD4O8H0g.js
pagead2.googlesyndication.com/bg/ Frame 763A 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/y_GpSJCDeJUhy2edwqiqULXjheMgRVI09JfpD4O8H0g.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cbf1a9489083789521cb679dc2a8aa50b5e385e320455234f497e90f83bc1f48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 30 Sep 2021 06:56:07 GMT
content-encoding
br
x-content-type-options
nosniff
age
120689
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13365
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 10:18:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="botguard-scs"
expires
Fri, 30 Sep 2022 06:56:07 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 37E7 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gpt_2021092101&jk=606261880366200&rc=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&t=2&li=gpt_2021092101&jk=606261880366200&bg=!o6CloOTNAAZE-GIIRPg7ACkAdvg8Wgw6Zp_P2mfNiufXHECICW7YMBcMxwpsGvwA8wJBU260AwJHnAIAAABUUgAAAAloAQcKAIWmJzm5iDlEMpfMHUvYfHT9Wt0B6sJLDpd1Pk4Q3E1DFdbVjJ-r_Ma97XK_fEr49DLH8u99H2C-QLc-6GRglpNPoVeY_KgA2YF9XAQyTq2ypNImhlBA0DNetb1yfYOMpJa8M0MHP1TkQbegdeYxPWxP6YB5eM4ADlDYxlVoxxU38qtqVQBimQKys1AF3o1aGyLka_1RmSt7b-CQwriXiwF0cPNO1sQfmLqpZBSxcQQ8f3aEcwJNuUI90gBmyPYyQS-3gIAtVQKynUKdcqtQq7t-J7ogmGY_6WEQhoG1JzhwwT_v7jkUojID2KhHQhEhVHsGjtWIFyeE5QiKGfHO6QbG7oZP9P9L5lcXN7Gs0lgjLcYjJXr6K31YMEVTG4VAc31NFEVd_Zwd6vMp3Qa-Lu6VLuMY0zqq6Abnu0T5uUASzT7OPvewaHprHXXO4IeQepz778NUMAn54H1w9e-mqbwy3nSvEPvb_U8lJ75CEHZc0ZQo7hJd4_kLsBZiLsVdLX5Icoc_ucN2H8uOiOsnmM-KHeSLOiReHMv7SAIWXwxxxKE-bD_oAtFiwl7EGRJbdf7MTLvKtQbSbtVvfw9NkkGMXvSIlbLVUY3CpnqRyoL8pRk4kfb4sw1fZAMjld73fwpbzsfzJ5qs5a-GbzZEceLSuwBxaV3oxK5SJS_t4vnyVXFnUksZcwurevNci6srvh1G5v4Uq76YzadzXi8i_ocVkRB6r0wn9b2l_jNfARxTSNj-vYVWdg1kqs3AOrqYfVns86oD7rwyz4n5G3mvqKTwtNCFLIHkXnLwEAiPX0X6MC0IbqCSXw3aLjbA2N8VbmhKC9jCZqCdHbELX3DFj4s6x5XvDXxeUgjHVRWOKrp1u9hSeJP5p4RJBd9-srb9A3XmYgJjBPU1qwL9SU8iwSD-DM7-Fg7OcL_-fdS0E0FrVIivgfgFZ9BCBnITvnRdg-oF_i622VZFD8nW5TTZ11ST2qsn6fxJIlt-UtE2MmdcfPXm9OetthggPG81mSp5cDaiR5pzfSuq4J3rsKicz7FPhN_srP8OxgbJUZCbUAvltZ3NmVsbAmx68q9GXO46bMbacv-vqMK0UoSg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.oann.com/sen-johnson-says-covid-19-peaked-before-vaccine-rollout-resurged-after-mass-vaccinations/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers
delivery.js
assets.revcontent.com/master/ Frame 5705 		388 KB
108 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.revcontent.com/master/delivery.js
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/hb_v2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c225fd985ca2ebd5f97e2f81d24ba0b4219def9c054f9cf44739c7d108d193bf

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.oann.com/sen-johnson-says-covid-19-peaked-before-vaccine-rollout-resurged-after-mass-vaccinations/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 16:27:36 GMT
content-encoding
gzip
last-modified
Thu, 30 Sep 2021 14:49:07 GMT
server
AmazonS3
x-amz-request-id
SDN3WENF8KJM4H23
etag
"6c2624b28eb3abc544ba2eb423e77e5a"
x-hw
1633105656.cds164.fr8.hn,1633105656.cds055.fr8.c
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public,max-age=60
accept-ranges
bytes
content-length
110585
x-amz-id-2
kRpyDvUUeLGa/Pi34FtzNyKA1TiYxE4yLZRBRQVPdeSEkDtq0hhmYeKrH4jVYpSqg+FS8hGRdAQ=
tracking.php
served-by.pixfuture.com/www/headerbid/library/tracking/ 		0
309 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://served-by.pixfuture.com/www/headerbid/library/tracking/tracking.php
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/hb_v2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
68.183.31.14 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.oann.com/sen-johnson-says-covid-19-peaked-before-vaccine-rollout-resurged-after-mass-vaccinations/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Fri, 01 Oct 2021 16:27:36 GMT
server
nginx/1.10.3 (Ubuntu)
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
cache-control
max-age=172800
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires
Sun, 03 Oct 2021 16:27:36 GMT
/
trends.revcontent.com/api/demand/ Frame 5705 		52 B
264 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://trends.revcontent.com/api/demand/?w=169616
Requested by
Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.80.188.163 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-80-188-163.eu-west-1.compute.amazonaws.com
Software
Apache/2.4.25 (Debian) /
Resource Hash
8b4b43fd2629a9ae29c5220a852bbc8ff169c571cdf77798633efec65c934df7
Security Headers
Name Value
Strict-Transport-Security max-age=931536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.oann.com/sen-johnson-says-covid-19-peaked-before-vaccine-rollout-resurged-after-mass-vaccinations/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

access-control-allow-origin
https://www.oann.com
date
Fri, 01 Oct 2021 16:27:37 GMT
access-control-allow-credentials
true
server
Apache/2.4.25 (Debian)
content-length
52
strict-transport-security
max-age=931536000; includeSubDomains
content-type
text/html; charset=UTF-8
sync
trends.revcontent.com/ Frame 5705 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://trends.revcontent.com/sync
Requested by
Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.80.188.163 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-80-188-163.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.oann.com/sen-johnson-says-covid-19-peaked-before-vaccine-rollout-resurged-after-mass-vaccinations/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

access-control-allow-origin
https://www.oann.com
date
Fri, 01 Oct 2021 16:27:36 GMT
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
/
trends.revcontent.com/api/delivery/ Frame 5705 		8 KB
4 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://trends.revcontent.com/api/delivery/?is_blocked=undefined&w=169616&width=300&rev_allow_cookies=0&site_url=https%3A%2F%2Fwww.oann.com%2Fsen-johnson-says-covid-19-peaked-before-vaccine-rollout-resurged-after-mass-vaccinations%2F&icr_url=&va=0&time=1633105657020&up=pc&bn=chrome&bv=93&widget_width=300&style_id=0
Requested by
Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.80.188.163 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-80-188-163.eu-west-1.compute.amazonaws.com
Software
Apache/2.4.25 (Debian) /
Resource Hash
231bd98642687563dc171a7e474a91e4a55005faa23baf62a4ba899a117903f3
Security Headers
Name Value
Strict-Transport-Security max-age=931536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.oann.com/sen-johnson-says-covid-19-peaked-before-vaccine-rollout-resurged-after-mass-vaccinations/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 16:27:37 GMT
content-encoding
gzip
server
Apache/2.4.25 (Debian)
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://www.oann.com
access-control-allow-credentials
true
strict-transport-security
max-age=931536000; includeSubDomains
content-length
3832
activeview
pagead2.googlesyndication.com/pcs/ 		42 B
174 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvpDlCf2qnKx8peOBA3iGuQ4wPrmHn_G8YUDkRsHlh8jqqNxS04r0DbxMMxtOkb5aYZLNXg8VUKnhtRxbKZd-ReIW0zK6GPxKybHqPMxkyrP7dqOX1H&sig=Cg0ArKJSzLoNLnXeI9o5EAE&id=lidar2&mcvt=1000&p=0,0,250,1600&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20210929&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=19&adk=2439424719&rs=4&met=mue&la=1&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1633105653817&rpt=2263
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.oann.com/sen-johnson-says-covid-19-peaked-before-vaccine-rollout-resurged-after-mass-vaccinations/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Oct 2021 16:27:37 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
impression
trends.revcontent.com/event/ Frame 5705 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://trends.revcontent.com/event/impression
Requested by
Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.80.188.163 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-80-188-163.eu-west-1.compute.amazonaws.com
Software
Grizzly/2.4.4 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=931536000; includeSubDomains

Request headers

Referer
https://www.oann.com/sen-johnson-says-covid-19-peaked-before-vaccine-rollout-resurged-after-mass-vaccinations/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin
https://www.oann.com
date
Fri, 01 Oct 2021 16:27:37 GMT
access-control-allow-credentials
true
server
Grizzly/2.4.4
access-control-allow-headers
Content-Type
strict-transport-security
max-age=931536000; includeSubDomains
css2
fonts.googleapis.com/ Frame 5705 		5 KB
654 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Oswald:wght@300;400;500&display=swap
Requested by
Host: client
URL: about:client
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
6e65c663913ab0ce19c82af3ed5f7d792e052063b1e53812f50acc0382868244
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.oann.com/sen-johnson-says-covid-19-peaked-before-vaccine-rollout-resurged-after-mass-vaccinations/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 01 Oct 2021 15:37:51 GMT
server
ESF
date
Fri, 01 Oct 2021 16:27:37 GMT
x-frame-options
SAMEORIGIN
report-to
{"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only
same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"
expires
Fri, 01 Oct 2021 16:27:37 GMT
css2
fonts.googleapis.com/ Frame 5705 		1 KB
562 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=PT+Serif&display=swap
Requested by
Host: client
URL: about:client
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
12a2477ddcc5a8e47efe6f1ba6ef3b43f9d1296790e643a0c20a7bbfe0083852
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.oann.com/sen-johnson-says-covid-19-peaked-before-vaccine-rollout-resurged-after-mass-vaccinations/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 01 Oct 2021 14:32:52 GMT
server
ESF
date
Fri, 01 Oct 2021 16:27:37 GMT
x-frame-options
SAMEORIGIN
report-to
{"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only
same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"
expires
Fri, 01 Oct 2021 16:27:37 GMT
/
img.revcontent.com/ Frame 5705 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.revcontent.com/?url=https://cdn.revcontent.com/assets/img/full_color.png&static=true
Requested by
Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
c842ab9a59af3f3d62511fdb5488ad527d2193c3371b5561ade4a2a19a8e7062

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.oann.com/sen-johnson-says-covid-19-peaked-before-vaccine-rollout-resurged-after-mass-vaccinations/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 16:27:37 GMT
last-modified
Wed, 01 Jul 2020 17:13:25 GMT
etag
"1593623605"
x-hw
1633105657.cds010.fr8.hn,1633105657.cds260.fr8.c
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
content-length
20438
rc-logo.png
cdn.revcontent.com/assets/img/ Frame 5705 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.revcontent.com/assets/img/rc-logo.png
Requested by
Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
66e0312cb1c8f068831abec6de6c5c6e8e7b6134881cc245c3fd99744619aec1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.oann.com/sen-johnson-says-covid-19-peaked-before-vaccine-rollout-resurged-after-mass-vaccinations/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 16:27:37 GMT
last-modified
Mon, 13 Sep 2021 19:23:45 GMT
etag
"1631561025"
x-hw
1633105657.cds005.fr8.hn,1633105657.cds130.fr8.c
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=34982
accept-ranges
bytes
content-length
4298
f55203f1e80d55cd335dc28b4268bb9f.jpg
images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_225,w_300,c_fill,g_face/pg_1/https://media.revcontent.com/content/images/ Frame 5705 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_225,w_300,c_fill,g_face/pg_1/https://media.revcontent.com/content/images/f55203f1e80d55cd335dc28b4268bb9f.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
Cloudinary /
Resource Hash
4faf6d9d8e93c3d2dacfdc8381a071ec2f37e4e6be8e74a56f7f1a5fe08d79a3
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.oann.com/sen-johnson-says-covid-19-peaked-before-vaccine-rollout-resurged-after-mass-vaccinations/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 16:27:37 GMT
x-content-type-options
nosniff
server-timing
fastly;dur=621;cpu=0;start=2021-05-06T14:16:20.260Z;desc=miss,rtt;dur=3,cloudinary;dur=523;start=2021-05-06T14:16:20.304Z,cld-id;desc=3fe0d2d2e1474f11266b67180ea38660
content-length
10385
x-request-id
3fe0d2d2e1474f11266b67180ea38660
last-modified
Tue, 04 May 2021 18:05:16 GMT
server
Cloudinary
etag
"dc947f53dd64090be12113b0106843d4"
strict-transport-security
max-age=604800
x-hw
1633105657.cds007.fr8.hn,1633105657.cds143.fr8.c
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length,ETag,Server-Timing,X-Content-Type-Options
cache-control
public, no-transform, immutable, max-age=604800
accept-ranges
bytes
timing-allow-origin
*
TK3iWkUHHAIjg752GT8G.woff2
fonts.gstatic.com/s/oswald/v40/ Frame 5705 		31 KB
31 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/oswald/v40/TK3iWkUHHAIjg752GT8G.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Oswald:wght@300;400;500&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d287da709652059aee8af366398fb5597fa3bf2e9cbe53b7c8ffe3da44f19ff8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.oann.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 19:58:57 GMT
x-content-type-options
nosniff
age
332920
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31624
x-xss-protection
0
last-modified
Tue, 10 Aug 2021 00:16:38 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 27 Sep 2022 19:58:57 GMT
EJRVQgYoZZY2vCFuvAFWzr8.woff2
fonts.gstatic.com/s/ptserif/v12/ Frame 5705 		32 KB
32 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ptserif/v12/EJRVQgYoZZY2vCFuvAFWzr8.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=PT+Serif&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ef391572f9fbb7bab7fef6ce2c4fc92ad68a8c148889a79cb9f9b1452d851fab
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.oann.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 07:13:16 GMT
x-content-type-options
nosniff
age
378861
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
32960
x-xss-protection
0
last-modified
Thu, 10 Sep 2020 17:06:03 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 27 Sep 2022 07:13:16 GMT
generic
trends.revcontent.com/event/ Frame 5705 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://trends.revcontent.com/event/generic
Requested by
Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.80.188.163 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-80-188-163.eu-west-1.compute.amazonaws.com
Software
Grizzly/2.4.4 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=931536000; includeSubDomains

Request headers

Referer
https://www.oann.com/sen-johnson-says-covid-19-peaked-before-vaccine-rollout-resurged-after-mass-vaccinations/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin
https://www.oann.com
date
Fri, 01 Oct 2021 16:27:37 GMT
access-control-allow-credentials
true
server
Grizzly/2.4.4
access-control-allow-headers
Content-Type
strict-transport-security
max-age=931536000; includeSubDomains
generic
trends.revcontent.com/event/ Frame 5705 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://trends.revcontent.com/event/generic
Requested by
Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.80.188.163 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-80-188-163.eu-west-1.compute.amazonaws.com
Software
Grizzly/2.4.4 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=931536000; includeSubDomains

Request headers

Referer
https://www.oann.com/sen-johnson-says-covid-19-peaked-before-vaccine-rollout-resurged-after-mass-vaccinations/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin
https://www.oann.com
date
Fri, 01 Oct 2021 16:27:37 GMT
access-control-allow-credentials
true
server
Grizzly/2.4.4
access-control-allow-headers
Content-Type
strict-transport-security
max-age=931536000; includeSubDomains
usync.html
eus.rubiconproject.com/ Frame 3CCF 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-42-132.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Host
eus.rubiconproject.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.oann.com/sen-johnson-says-covid-19-peaked-before-vaccine-rollout-resurged-after-mass-vaccinations/
Accept-Encoding
gzip, deflate, br
Cookie
khaos=KU8KXX7B-1T-OVE; rsid=1|AIfsdBUO++vuGxiryvY4NyLgsLINffPD0nJRTZPyMmB0r4WWOQTuL9+eZLvlgeCkRh3C4GjGYWrGRQSWDHOtFAT+ngdWyQZYykB4JZyHexlK9j7tYKExPQ==; audit=1|hLZGFuTafB38Wygj3GuT20ZeVCuLeoYaJAQRvrb7NaaVL7v9nbH7lg7eXlkMNyatTSCe5WDhxwxymPvo8pleP2KLLa4BRoMRcV9NAwqhSw8=
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.oann.com/sen-johnson-says-covid-19-peaked-before-vaccine-rollout-resurged-after-mass-vaccinations/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Thu, 30 Sep 2021 18:24:26 GMT
ETag
"403b8-119-5cd3a8e7e6a80"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Fri, 01 Oct 2021 16:27:37 GMT
Connection
keep-alive
Vary
Accept-Encoding
/
ads.us.e-planning.net/uspd/1/ Frame 155A
Redirect Chain
  • https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
  • https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.249.52.248 , Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
b8449b516d1b81bd783fba83660fbdfe92bb15d8ca9f6eab488314f43cdaadb7

Request headers

:method
GET
:authority
ads.us.e-planning.net
:scheme
https
:path
/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.oann.com/sen-johnson-says-covid-19-peaked-before-vaccine-rollout-resurged-after-mass-vaccinations/
accept-encoding
gzip, deflate, br
cookie
CT=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.oann.com/sen-johnson-says-covid-19-peaked-before-vaccine-rollout-resurged-after-mass-vaccinations/

Response headers

server
openresty
date
Fri, 01 Oct 2021 16:27:38 GMT
content-type
text/html
cache-control
max-age=0, no-cache
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
set-cookie
E=AO1x6Pc7irhc9WWn; path=/; domain=e-planning.net; expires=Fri, 29-Sep-2028 16:27:38 GMT; SameSite=None; Secure
expires
Fri, 01 Oct 2021 16:27:38 GMT
x-sid
AMS-745
content-encoding
gzip

Redirect headers

server
openresty
date
Fri, 01 Oct 2021 16:27:37 GMT
content-type
text/html; charset=iso-8859-1
set-cookie
CT=1; path=/; SameSite=None; Secure
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
location
/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
x-sid
AMS-745
pd
eu-u.openx.net/w/1.0/ Frame 6F43 		668 B
730 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eu-u.openx.net/w/1.0/pd?plm=6&ph=9d434638-ce6f-418d-ac16-6301775de208&gdpr=1
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.216.4 /
Resource Hash
86ae7f67ca295fae5f0c19d290680b8a6d1025e2b173d6527f3b1c336efe6fa5

Request headers

:method
GET
:authority
eu-u.openx.net
:scheme
https
:path
/w/1.0/pd?plm=6&ph=9d434638-ce6f-418d-ac16-6301775de208&gdpr=1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.oann.com/sen-johnson-says-covid-19-peaked-before-vaccine-rollout-resurged-after-mass-vaccinations/
accept-encoding
gzip, deflate, br
cookie
i=4a2f1cb5-cb4e-4517-839f-dbb471fc1aae|1633105655
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.oann.com/sen-johnson-says-covid-19-peaked-before-vaccine-rollout-resurged-after-mass-vaccinations/

Response headers

vary
Accept, Accept-Encoding
set-cookie
i=4a2f1cb5-cb4e-4517-839f-dbb471fc1aae|1633105655; Version=1; Expires=Sat, 01-Oct-2022 16:27:37 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None pd=v2|1633105657|gekin0vNiygu; Version=1; Expires=Sat, 16-Oct-2021 16:27:37 GMT; Max-Age=1296000; Secure; Domain=.openx.net; Path=/; SameSite=None
server
OXGW/16.216.4
p3p
CP="CUR ADM OUR NOR STA NID"
date
Fri, 01 Oct 2021 16:27:37 GMT
content-type
text/html
content-length
418
content-encoding
gzip
via
1.1 google
alt-svc
clear
d
ic.tynt.com/r/ Frame 4B36 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ic.tynt.com/r/d?m=xch&rt=html&gdpr={gdpr}gdpr_consent={gdpr_consent}&us_privacy={us_privacy}&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.32 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip32.67-202-105.static.steadfastdns.net
Software
nginx/1.16.1 /
Resource Hash

Request headers

:method
GET
:authority
ic.tynt.com
:scheme
https
:path
/r/d?m=xch&rt=html&gdpr={gdpr}gdpr_consent={gdpr_consent}&us_privacy={us_privacy}&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.oann.com/sen-johnson-says-covid-19-peaked-before-vaccine-rollout-resurged-after-mass-vaccinations/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.oann.com/sen-johnson-says-covid-19-peaked-before-vaccine-rollout-resurged-after-mass-vaccinations/

Response headers

server
nginx/1.16.1
date
Fri, 01 Oct 2021 16:27:38 GMT
cache-control
"no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires
"Sat, 26 Jul 1997 05:00:00 GMT"
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
/
ssc-cms.33across.com/ps/ Frame 1DCC 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=azC7qard4r6OkMaKlId8sQ&gdpr_consent=undefined&us_privacy=undefined
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
208.100.17.178 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip178.208-100-17.static.steadfastdns.net
Software
33XP004 /
Resource Hash

Request headers

:method
GET
:authority
ssc-cms.33across.com
:scheme
https
:path
/ps/?m=xch&rt=html&ru=deb&id=azC7qard4r6OkMaKlId8sQ&gdpr_consent=undefined&us_privacy=undefined
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.oann.com/sen-johnson-says-covid-19-peaked-before-vaccine-rollout-resurged-after-mass-vaccinations/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.oann.com/sen-johnson-says-covid-19-peaked-before-vaccine-rollout-resurged-after-mass-vaccinations/

Response headers

x-33x-status
2000208
server
33XP004
date
Fri, 01 Oct 2021 16:27:37 GMT
index.html
cdn.districtm.io/ids/ Frame 1D8F 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.districtm.io/ids/index.html
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.68.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

:method
GET
:authority
cdn.districtm.io
:scheme
https
:path
/ids/index.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.oann.com/sen-johnson-says-covid-19-peaked-before-vaccine-rollout-resurged-after-mass-vaccinations/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.oann.com/sen-johnson-says-covid-19-peaked-before-vaccine-rollout-resurged-after-mass-vaccinations/

Response headers

date
Fri, 01 Oct 2021 16:27:37 GMT
access-control-allow-origin
*
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Origin
access-control-allow-methods
GET, HEAD, POST, OPTIONS
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
server
cloudflare
cf-ray
69770f3a5ad7408d-CDG
prebidserver
lockerdome.com/usync/ Frame 6EDE 		43 B
342 B 		Document
General
Check archive.org
Download Go to
Full URL
https://lockerdome.com/usync/prebidserver?pid=11201047612067584&gdpr={gdpr}&gdpr_consent={gdpr_consent}&us_privacy={us_privacy}&redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D285400%26extuid%3D
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.154.142.214 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
214.142.154.104.bc.googleusercontent.com
Software
/
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Host
lockerdome.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.oann.com/sen-johnson-says-covid-19-peaked-before-vaccine-rollout-resurged-after-mass-vaccinations/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.oann.com/sen-johnson-says-covid-19-peaked-before-vaccine-rollout-resurged-after-mass-vaccinations/

Response headers

P3P
CP='LockerDome does not have a P3P policy. Learn why here: http://lockerdome.com/p3p'
Content-Type
image/gif
Cache-Control
no-cache, max-age=0, must-revalidate, no-store
Content-Length
43
ETag
W/"2b-J5MV1QeFXGpDUeHiwvOd2c0vzNg"
Date
Fri, 01 Oct 2021 16:27:38 GMT
async_usersync.html
acdn.adnxs.com/dmp/ Frame 6527 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Host
acdn.adnxs.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.oann.com/sen-johnson-says-covid-19-peaked-before-vaccine-rollout-resurged-after-mass-vaccinations/
Accept-Encoding
gzip, deflate, br
Cookie
uuid2=634636179186247923; anj=dTM7k!M4/8CxrEQF']wIg2In2u@O]#!]tbP6j2F-XstGt!@DmC$q7R%; icu=ChgI3sJXEAoYASABKAEw-O3cigY4AUABSAEQ-O3cigYYAA..
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.oann.com/sen-johnson-says-covid-19-peaked-before-vaccine-rollout-resurged-after-mass-vaccinations/

Response headers

Connection
keep-alive
Content-Length
17053
Server
nginx/1.18.0 (Ubuntu)
Content-Type
text/html
Last-Modified
Wed, 02 Dec 2020 20:56:47 GMT
ETag
W/"5fc7ff8f-cf34"
Expires
Fri, 01 Oct 2021 05:08:47 GMT
Cache-Control
max-age=86402
Access-Control-Allow-Origin
*
Content-Encoding
gzip
Via
1.1 varnish, 1.1 varnish
Accept-Ranges
bytes
Date
Fri, 01 Oct 2021 16:27:37 GMT
Age
40730
X-Served-By
cache-lga21972-LGA, cache-hhn4026-HHN
X-Cache
HIT, HIT
X-Cache-Hits
1, 720069
X-Timer
S1633105658.988332,VS0,VE0
Vary
Accept-Encoding
sync.html
s.adtelligent.com/ Frame 0EF3 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.adtelligent.com/sync.html?aid=651796
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5095:0:225:90ff:fefa:245d London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
282891b3961bb82bfa9850b4b003d09b309c4ac8250ee56592172c165047373a

Request headers

Host
s.adtelligent.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.oann.com/sen-johnson-says-covid-19-peaked-before-vaccine-rollout-resurged-after-mass-vaccinations/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.oann.com/sen-johnson-says-covid-19-peaked-before-vaccine-rollout-resurged-after-mass-vaccinations/

Response headers

Server
VertaMedia 1.0
Date
Fri, 01 Oct 2021 16:27:37 GMT
Content-Type
text/html; charset=UTF-8
Content-Length
792
Access-Control-Allow-Origin
https://www.oann.com
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Content-Encoding
gzip
sync.html
s.console.adtarget.com.tr/ Frame A891 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.console.adtarget.com.tr/sync.html?aid=609096
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5139::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
5937250307e54f41efc516d6fd591d94ca56db829f5f2f35376178b286305950

Request headers

Host
s.console.adtarget.com.tr
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.oann.com/sen-johnson-says-covid-19-peaked-before-vaccine-rollout-resurged-after-mass-vaccinations/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.oann.com/sen-johnson-says-covid-19-peaked-before-vaccine-rollout-resurged-after-mass-vaccinations/

Response headers

Server
VertaMedia 1.0
Date
Fri, 01 Oct 2021 16:27:37 GMT
Content-Type
text/html; charset=UTF-8
Content-Length
876
Access-Control-Allow-Origin
https://www.oann.com
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Content-Encoding
gzip
checksync.php
contextual.media.net/ Frame 3B4E 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUIUMTP7&prvid=2034%2C2033%2C2011%2C3022%2C3020%2C2030%2C273%2C251%2C175%2C2009%2C255%2C178%2C3018%2C2028%2C3017%2C2027%2C3016%2C236%2C214%2C237%2C2025%2C3014%2C117%2C97%2C99%2C77%2C38%2C3012%2C3011%2C3010%2C182%2C261%2C141%2C222%2C3007%2C201%2C4%2C301%2C246%2C225%2C203%2C80%2C10000%2C9%2C108&purpose1=1&gdprconsent=0&gdpr=1&usp_status=0&usp_consent=1&itype=PREBID
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-93.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
038591f3363a100018191937e5320f59a8184d96ad1ed5922b7e5ded26a580e2
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

:method
GET
:authority
contextual.media.net
:scheme
https
:path
/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUIUMTP7&prvid=2034%2C2033%2C2011%2C3022%2C3020%2C2030%2C273%2C251%2C175%2C2009%2C255%2C178%2C3018%2C2028%2C3017%2C2027%2C3016%2C236%2C214%2C237%2C2025%2C3014%2C117%2C97%2C99%2C77%2C38%2C3012%2C3011%2C3010%2C182%2C261%2C141%2C222%2C3007%2C201%2C4%2C301%2C246%2C225%2C203%2C80%2C10000%2C9%2C108&purpose1=1&gdprconsent=0&gdpr=1&usp_status=0&usp_consent=1&itype=PREBID
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.oann.com/sen-johnson-says-covid-19-peaked-before-vaccine-rollout-resurged-after-mass-vaccinations/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.oann.com/sen-johnson-says-covid-19-peaked-before-vaccine-rollout-resurged-after-mass-vaccinations/

Response headers

server
Apache
content-type
text/html; charset=UTF-8
set-cookie
gdpr_status=1; Expires=Mon, 04 Apr 2022 16:27:38 GMT; domain=.media.net; Path=/; sameSite=none; secure=true
x-mnet-hl2
E
strict-transport-security
max-age=604800
vary
Accept-Encoding
content-encoding
gzip
cache-control
max-age=172800
expires
Sun, 03 Oct 2021 16:27:38 GMT
date
Fri, 01 Oct 2021 16:27:38 GMT
content-length
8156
check.html
biddr.brealtime.com/ Frame B3B3 		926 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://biddr.brealtime.com/check.html
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.17.120.107 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
868a78df4f3d0a21f89c48ccc709df44d3875f5fb33e22bf51ca8b5c28be4202

Request headers

Host
biddr.brealtime.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.oann.com/sen-johnson-says-covid-19-peaked-before-vaccine-rollout-resurged-after-mass-vaccinations/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.oann.com/sen-johnson-says-covid-19-peaked-before-vaccine-rollout-resurged-after-mass-vaccinations/

Response headers

Date
Fri, 01 Oct 2021 16:27:38 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
x-amz-id-2
5sVfRN9Hv2PMYxCnoY10VdF4kUiLQuJi1ybpv+JEnYRkRF5nug7EypGJFnO0pPlzt/gp5FksvdU=
x-amz-request-id
5ZW0XMFZBWFK31VB
Last-Modified
Tue, 08 Sep 2020 13:51:51 GMT
CF-Cache-Status
HIT
Age
4626
Expires
Fri, 01 Oct 2021 16:28:38 GMT
Cache-Control
public, max-age=60
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary
Accept-Encoding
Server
cloudflare
CF-RAY
69770f3a98723a8d-CDG
Content-Encoding
gzip
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame BE72 		14 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158127
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba

Request headers

:method
GET
:authority
ads.pubmatic.com
:scheme
https
:path
/AdServer/js/user_sync.html?kdntuid=1&p=158127
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.oann.com/sen-johnson-says-covid-19-peaked-before-vaccine-rollout-resurged-after-mass-vaccinations/
accept-encoding
gzip, deflate, br
cookie
KTPCACOOKIE=YES; SyncRTB3=1634256000%3A220; ipc=156872^https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D156872%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Frouter.infolinks.com%252Fdyn%252Fpbm-usync%253Fuid%253D%2523PMUID^1^0; KADUSERCOOKIE=94A8FEED-3C24-4429-940E-599AF60A8C6A; chkChromeAb67Sec=2
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.oann.com/sen-johnson-says-covid-19-peaked-before-vaccine-rollout-resurged-after-mass-vaccinations/

Response headers

last-modified
Tue, 15 Jun 2021 06:08:03 GMT
etag
"1300708-3945-5c4c7cc02bd56"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
5054
content-type
text/html; charset=UTF-8
cache-control
max-age=122506
expires
Sun, 03 Oct 2021 02:29:24 GMT
date
Fri, 01 Oct 2021 16:27:38 GMT
vary
Accept-Encoding
/
onetag-sys.com/usync/ Frame A8EF 		2 KB
823 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=59a18369e249bfb
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip253.ip-51-89-9.eu
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

:method
GET
:authority
onetag-sys.com
:scheme
https
:path
/usync/?pubId=59a18369e249bfb
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.oann.com/sen-johnson-says-covid-19-peaked-before-vaccine-rollout-resurged-after-mass-vaccinations/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.oann.com/sen-johnson-says-covid-19-peaked-before-vaccine-rollout-resurged-after-mass-vaccinations/

Response headers

content-type
text/html
cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
strict-transport-security
max-age=15552000
beacon
ap.lijit.com/ Frame 1722 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/beacon?informer=13480300
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.48 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
nginx / raptor
Resource Hash

Request headers

Host
ap.lijit.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.oann.com/sen-johnson-says-covid-19-peaked-before-vaccine-rollout-resurged-after-mass-vaccinations/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.oann.com/sen-johnson-says-covid-19-peaked-before-vaccine-rollout-resurged-after-mass-vaccinations/

Response headers

Server
nginx
Date
Fri, 01 Oct 2021 16:27:37 GMT
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Pragma
no-cache
Expires
Fri, 20 Mar 2009 00:00:00 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
X-Powered-By
raptor
X-Sovrn-Pod
ad_ap5ams1
csync
sync.adtelligent.com/ Frame 7274
Redirect Chain
  • https://csync.loopme.me/?redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D319130%26extuid%3D%7Bdevice_id%7D
  • https://sync.adtelligent.com/csync?t=a&ep=319130&extuid=a11f3cd2-aa51-4d80-8e5e-7b26bc56383c
0
0
prbds2s
rtb.gumgum.com/usync/ Frame 65F1 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usync/prbds2s?gdpr={gdpr}&gdpr_consent={gdpr_consent}&us_privacy={us_privacy}&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D289657%26extuid%3D
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.77.47.243 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-77-47-243.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e31ae17f9bb7238005c413104acb964ccb6a9fa661898b2aee0d560d710423c0

Request headers

:method
GET
:authority
rtb.gumgum.com
:scheme
https
:path
/usync/prbds2s?gdpr={gdpr}&gdpr_consent={gdpr_consent}&us_privacy={us_privacy}&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D289657%26extuid%3D
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.oann.com/sen-johnson-says-covid-19-peaked-before-vaccine-rollout-resurged-after-mass-vaccinations/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.oann.com/sen-johnson-says-covid-19-peaked-before-vaccine-rollout-resurged-after-mass-vaccinations/

Response headers

date
Fri, 01 Oct 2021 16:27:38 GMT
content-type
text/html;charset=utf-8
content-length
1133
server
nginx
p3p
CP="This is not a P3P policy"
content-language
en
usersync.html
ad-cdn.technoratimedia.com/html/ Frame C3E6 		17 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad-cdn.technoratimedia.com/html/usersync.html?src=prebid_prebid_5.9.0-pre
Requested by
Host: cdn.pixfuture.com
URL: https://cdn.pixfuture.com/pbix.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.22.191 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frd/E2F8) /
Resource Hash
62f3a786e694b5c0ea068b3267e019ec7de62fb98fbebffdfbd425f1cd99a86e

Request headers

:method
GET
:authority
ad-cdn.technoratimedia.com
:scheme
https
:path
/html/usersync.html?src=prebid_prebid_5.9.0-pre
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.oann.com/sen-johnson-says-covid-19-peaked-before-vaccine-rollout-resurged-after-mass-vaccinations/
accept-encoding
gzip, deflate, br
cookie
tads_uid=GDPR
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.oann.com/sen-johnson-says-covid-19-peaked-before-vaccine-rollout-resurged-after-mass-vaccinations/

Response headers

content-encoding
gzip
accept-ranges
bytes
access-control-allow-origin
*
age
126
cache-control
max-age=900
content-type
text/html; charset=UTF-8
date
Fri, 01 Oct 2021 16:27:38 GMT
etag
"450f-5c7a90520f640"
expires
Fri, 01 Oct 2021 16:42:38 GMT
last-modified
Wed, 21 Jul 2021 21:40:33 GMT
p3p
CP="ALL DSP COR TAIa PSAa PSDa IVAa IVDa CONi OUR IND UNI"
server
ECAcc (frd/E2F8)
vary
Accept-Encoding
via
1.1 varnish
x-cache
HIT
x-varnish
272506163
content-length
5566
csync
sync.adtelligent.com/
Redirect Chain
  • https://rtb.openx.net/sync/prebid?gdpr={gdpr}&gdpr_consent={gdpr_consent}&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D309255%26extuid%3D%24%7BUID%7D
  • https://sync.adtelligent.com/csync?t=a&ep=309255&extuid=a05dac23-db56-4909-b2c5-d3499480ebde
0
0
csync
sync.adtelligent.com/
Redirect Chain
  • https://ad.360yield.com/server_match?gdpr={gdpr}&gdpr_consent={gdpr_consent}&us_privacy={us_privacy}&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D289656%26extuid%3D%7BPUB_USER_ID%7D
  • https://ad.360yield.com/ul_cb/server_match?gdpr=%7Bgdpr%7D&gdpr_consent=%7Bgdpr_consent%7D&us_privacy=%7Bus_privacy%7D&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D289656%26extuid%3D...
  • https://sync.adtelligent.com/csync?t=a&ep=289656&extuid=8bbb3c3b-709d-4908-9575-e5cf2556304b
0
0
csync
sync.adtelligent.com/
Redirect Chain
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D310570%26extuid%3D%24UID
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D310570%26extuid%3D%24UID&sovrn_retry=true
  • https://sync.adtelligent.com/csync?t=a&ep=310570&extuid=ef52bbd9d008f9d4581e3908
0
0
csync
sync.adtelligent.com/ 		0
0
csync
sync.adtelligent.com/
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D297253%26extuid%3D%24UID
  • https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=634636179186247923
0
0
sd
eu-u.openx.net/w/1.0/ Frame 6F43
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D
  • https://eu-u.openx.net/w/1.0/sd?id=536872786&val=714d6157-36fa-4300-b14d-a18edead5062
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=714d6157-36fa-4300-b14d-a18edead5062
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=9d434638-ce6f-418d-ac16-6301775de208&gdpr=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.216.4 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Oct 2021 16:27:38 GMT
via
1.1 google
server
OXGW/16.216.4
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date
Fri, 01 Oct 2021 16:27:38 GMT
Server
MT3 3984 0e3af3b master cdg-pixel-x31 config:1.0.0
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=714d6157-36fa-4300-b14d-a18edead5062
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Fri, 01 Oct 2021 16:27:37 GMT
sd
us-u.openx.net/w/1.0/ Frame 6F43
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=1
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=rYsvu6iMfO22inm-otg36vnceL-2jHzpqoiJTTBI
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=rYsvu6iMfO22inm-otg36vnceL-2jHzpqoiJTTBI
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=9d434638-ce6f-418d-ac16-6301775de208&gdpr=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.216.4 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Oct 2021 16:27:38 GMT
via
1.1 google
server
OXGW/16.216.4
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 01 Oct 2021 16:27:38 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=rYsvu6iMfO22inm-otg36vnceL-2jHzpqoiJTTBI
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
sd
eu-u.openx.net/w/1.0/ Frame 6F43
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=22
  • https://c1.adform.net/serving/cookie/match?CC=1&party=22
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=6142303374695120563
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=6142303374695120563
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=9d434638-ce6f-418d-ac16-6301775de208&gdpr=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.216.4 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Oct 2021 16:27:38 GMT
via
1.1 google
server
OXGW/16.216.4
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 01 Oct 2021 16:27:38 GMT
server
nginx
location
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=6142303374695120563
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
openx
match.adsrvr.org/track/cmf/ Frame 6F43 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/openx?oxid=998323ec-62c9-7ae0-d949-135c15db2953&gdpr=1
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=9d434638-ce6f-418d-ac16-6301775de208&gdpr=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.131 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a97adde81b00f2ca4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Oct 2021 16:27:38 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame 6F43 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=YjVlY2YwMjYtYWJiZS0yNDQ0LWNjYTktNDllNWRmMzllNzMz
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=9d434638-ce6f-418d-ac16-6301775de208&gdpr=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Oct 2021 16:27:38 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 6F43
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEKZxJ0rKv_JUPEkny7_GQuQ&google_cver=1
43 B
114 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEKZxJ0rKv_JUPEkny7_GQuQ&google_cver=1
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=9d434638-ce6f-418d-ac16-6301775de208&gdpr=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.216.4 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Oct 2021 16:27:38 GMT
via
1.1 google
server
OXGW/16.216.4
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 01 Oct 2021 16:27:38 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEKZxJ0rKv_JUPEkny7_GQuQ&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usync.js
eus.rubiconproject.com/ Frame 3CCF 		31 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-42-132.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
273282a153ded9e3bf56932b20e17408048ddd0d3edf359ebc52e1312a927c4e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Fri, 01 Oct 2021 16:27:38 GMT
Content-Encoding
gzip
Last-Modified
Thu, 30 Sep 2021 18:24:26 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=23845
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9275
Expires
Fri, 01 Oct 2021 23:05:03 GMT
async_usersync
ib.adnxs.com/ Frame 6527 		0
730 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 01 Oct 2021 16:27:38 GMT
X-Proxy-Origin
194.36.108.21; 194.36.108.21; 868.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
5c2240dd-91ed-42a9-8519-4fa325b333d8
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
um
u-ams02.e-planning.net/ Frame 155A
Redirect Chain
  • https://pixel.sitescout.com/dmp/pixelSync?network=EPLANNING&rurl=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fuid%3D%7BUSER_ID%7D%26dc%3D0abbcb4eba840e59%26fi%3D77699cccf08a309c
  • https://u-ams02.e-planning.net/um?uid=no-consent&dc=0abbcb4eba840e59&fi=77699cccf08a309c
42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-ams02.e-planning.net/um?uid=no-consent&dc=0abbcb4eba840e59&fi=77699cccf08a309c
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.178.65.245 Woerden, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 16:27:38 GMT
server
openresty
content-type
image/gif

Redirect headers

pragma
no-cache
date
Fri, 01 Oct 2021 16:27:37 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://u-ams02.e-planning.net/um?uid=no-consent&dc=0abbcb4eba840e59&fi=77699cccf08a309c
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
dataxpand_28122020.js
s.e-planning.net/esb/4/1/3fb8/8a4272ba9ae263fe/ Frame 155A 		39 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.e-planning.net/esb/4/1/3fb8/8a4272ba9ae263fe/dataxpand_28122020.js
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.178.65.253 Woerden, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
i.e-planning.net
Software
openresty /
Resource Hash
792e8d90eda8320b9bad0aa1aa9b98cb609ac3a72a642e6d370f40131c88ebe4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 16:27:37 GMT
content-encoding
gzip
last-modified
Mon, 28 Dec 2020 16:45:03 GMT
server
openresty
etag
W/"5fea0b8f-9a72"
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=157680000
expires
Wed, 30 Sep 2026 16:27:37 GMT
retargetly_030920.js
s.e-planning.net/esb/4/1/3fb8/7bb4893a30d21aef/ Frame 155A 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.e-planning.net/esb/4/1/3fb8/7bb4893a30d21aef/retargetly_030920.js
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.178.65.253 Woerden, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
i.e-planning.net
Software
openresty /
Resource Hash
18cbfcb608af5885f7916274b60578d32006c90e8fce3d98dbcc89a646707608

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 16:27:37 GMT
content-encoding
gzip
last-modified
Thu, 03 Sep 2020 18:45:03 GMT
server
openresty
etag
W/"5f5139af-857"
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=157680000
expires
Wed, 30 Sep 2026 16:27:37 GMT
t3m.js
tags.t.tailtarget.com/ Frame 155A 		26 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.t.tailtarget.com/t3m.js?i=TT-10759-0/CT-1261
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.123.184 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
184.123.201.35.bc.googleusercontent.com
Software
nginx/1.8.1 /
Resource Hash
0dbd6403c5a3cd65b34063741db8d791fd9eb988159a990c75169b2c7f36f4ff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 15:41:56 GMT
content-encoding
gzip
age
2742
x-guploader-uploadid
ADPycdswXVdYXxsYHCBZma7WiQQEsiX13yuta98YheOH5er1Ny8eDzswV_D6r9i0gNzts8EORG8bJEWnnWYZfsIShDgqIDizpA
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
clear
content-length
8646
last-modified
Thu, 16 Sep 2021 18:47:23 GMT
server
nginx/1.8.1
etag
"7a0d51fa0e81c614d214772858a1315c"
vary
Accept-Encoding
x-goog-hash
md5=eg1R+g6BxhTSFHcoWKExXA==
x-goog-generation
1631818043241112
via
1.1 google
cache-control
max-age=7200,public
x-goog-stored-content-length
8646
accept-ranges
bytes
content-type
application/javascript
expires
Fri, 01 Oct 2021 17:41:56 GMT
um
u-ams02.e-planning.net/ Frame 155A
Redirect Chain
  • https://rtb.openx.net/sync/prebid?r=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Dff96d1aa62deeebd%26fi%3D77699cccf08a309c%26uid%3D%24%7BUID%7D
  • https://u-ams02.e-planning.net/um?dc=ff96d1aa62deeebd&fi=77699cccf08a309c&uid=a05dac23-db56-4909-b2c5-d3499480ebde
42 B
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-ams02.e-planning.net/um?dc=ff96d1aa62deeebd&fi=77699cccf08a309c&uid=a05dac23-db56-4909-b2c5-d3499480ebde
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.178.65.245 Woerden, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 16:27:38 GMT
server
openresty
content-type
image/gif

Redirect headers

pragma
no-cache
date
Fri, 01 Oct 2021 16:27:37 GMT
via
1.1 google
server
Cowboy
access-control-allow-origin
null
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://u-ams02.e-planning.net/um?dc=ff96d1aa62deeebd&fi=77699cccf08a309c&uid=a05dac23-db56-4909-b2c5-d3499480ebde
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
alt-svc
clear
content-length
0
x-request-id
u7iupdrqolh6qcu3sait91s54usoh2t0
ptag
a.audrte.com/ Frame 155A 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.audrte.com/ptag?p=M1353665098
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.215.193.43 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-215-193-43.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
fd2f43dab3326dad7364404c0e69c552ccb6ab0d9aa883afa268065734ace1f1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Fri, 01 Oct 2021 16:27:38 GMT
Content-Encoding
gzip
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
text/plain;charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-transform, public, max-age=3600
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1682
lotame.js
s.e-planning.net/esb/4/1/3fb8/69b1486c74a3b7dc/ Frame 155A 		266 B
415 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s.e-planning.net/esb/4/1/3fb8/69b1486c74a3b7dc/lotame.js
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.178.65.253 Woerden, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
i.e-planning.net
Software
openresty /
Resource Hash
76d1da9e9902ccf3d2983b706151d7c4f1a910c86b757fae4302ccf989c630a7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 16:27:37 GMT
content-encoding
gzip
last-modified
Thu, 19 Nov 2020 16:18:03 GMT
server
openresty
etag
W/"5fb69abb-10a"
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=157680000
expires
Wed, 30 Sep 2026 16:27:37 GMT
current
prebid-match.dotomi.com/match/bounce/ Frame 155A 		0
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid-match.dotomi.com/match/bounce/current?networkId=72582&version=1&rurl=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Dfbb23d0ef33aad5d%26fi%3D77699cccf08a309c%26uid%3D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:16::1370 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Oct 2021 16:27:38 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
/
sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/ Frame 155A
Redirect Chain
  • https://sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/?p=25BiP9IMgN&r=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fuid%3D[PDID]%26dc%3Dfabfd6762b833237%26fi%3D77699cccf08a309c
  • https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fads.us.e-planning.net%2F
95 B
222 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fads.us.e-planning.net%2F
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
162.55.236.225 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.225.236.55.162.clients.your-server.de
Software
nginx/1.14.2 /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 16:27:38 GMT
server
nginx/1.14.2
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-type
image/png

Redirect headers

location
https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fads.us.e-planning.net%2F
date
Fri, 01 Oct 2021 16:27:38 GMT
server
nginx/1.14.2
content-type
text/html; charset=UTF-8
um
u-ams02.e-planning.net/ Frame 155A
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D8103fa85295fbe60%26fi%3D77699cccf08a309c%26uid%3D%24UID
  • https://u-ams02.e-planning.net/um?dc=8103fa85295fbe60&fi=77699cccf08a309c&uid=634636179186247923
42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-ams02.e-planning.net/um?dc=8103fa85295fbe60&fi=77699cccf08a309c&uid=634636179186247923
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.178.65.245 Woerden, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 16:27:38 GMT
server
openresty
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Fri, 01 Oct 2021 16:27:38 GMT
X-Proxy-Origin
194.36.108.21; 194.36.108.21; 868.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
0bd01571-79de-4eb2-948e-2675663889b6
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://u-ams02.e-planning.net/um?dc=8103fa85295fbe60&fi=77699cccf08a309c&uid=634636179186247923
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
us
sync.go.sonobi.com/ Frame 155A 		0
411 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us?loc=%0A%0Ahttps%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3De52415579699e09f%26fi%3D77699cccf08a309c%26uid%3D%5BUID%5D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
72.34.250.75 North Hollywood, United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 01 Oct 2021 16:27:38 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
go-lax-1-5-30
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Type
text/plain; charset=utf8
Content-Length
0
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
um
sync.e-planning.net/ Frame 155A
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58414/occ
  • https://sync.e-planning.net/um?dc=d5ef3eaea371187e&iss=1&uid=y-mTXOWBpE2uHL.P4UjCAh6thOLF9faVQge.mK5is-~A
42 B
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.e-planning.net/um?dc=d5ef3eaea371187e&iss=1&uid=y-mTXOWBpE2uHL.P4UjCAh6thOLF9faVQge.mK5is-~A
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.249.52.248 , Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 16:27:38 GMT
server
openresty
content-type
image/gif

Redirect headers

Date
Fri, 01 Oct 2021 16:27:38 GMT
Server
ATS/7.1.2.138
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://sync.e-planning.net/um?dc=d5ef3eaea371187e&iss=1&uid=y-mTXOWBpE2uHL.P4UjCAh6thOLF9faVQge.mK5is-~A
Connection
keep-alive
Content-Length
0
um
u-ams02.e-planning.net/ Frame 155A
Redirect Chain
  • https://cs.admanmedia.com/sync/eplanning?redir=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D227acb3d18564968%26fi%3D77699cccf08a309c%26uid%3D%7B%24UID%7D
  • https://u-ams02.e-planning.net/um?dc=227acb3d18564968&fi=77699cccf08a309c&uid=c00944b7336de56682eaf6b93403ee305869d87d
42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-ams02.e-planning.net/um?dc=227acb3d18564968&fi=77699cccf08a309c&uid=c00944b7336de56682eaf6b93403ee305869d87d
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.178.65.245 Woerden, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 16:27:38 GMT
server
openresty
content-type
image/gif

Redirect headers

Location
https://u-ams02.e-planning.net/um?dc=227acb3d18564968&fi=77699cccf08a309c&uid=c00944b7336de56682eaf6b93403ee305869d87d
Date
Fri, 01 Oct 2021 16:27:38 GMT
Transfer-Encoding
chunked
Server
nginx
Connection
keep-alive
X-Frame-Options
DENY
Strict-Transport-Security
max-age=63072000; includeSubdomains; preload
usync.html
eus.rubiconproject.com/ Frame 3715
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?&p=12186&endpoint=eu
  • https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-42-132.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Host
eus.rubiconproject.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.us.e-planning.net/
Accept-Encoding
gzip, deflate, br
Cookie
khaos=KU8KXX7B-1T-OVE; rsid=1|AIfsdBUO++vuGxiryvY4NyLgsLINffPD0nJRTZPyMmB0r4WWOQTuL9+eZLvlgeCkRh3C4GjGYWrGRQSWDHOtFAT+ngdWyQZYykB4JZyHexlK9j7tYKExPQ==; audit=1|hLZGFuTafB38Wygj3GuT20ZeVCuLeoYaJAQRvrb7NaaVL7v9nbH7lg7eXlkMNyatTSCe5WDhxwxymPvo8pleP2KLLa4BRoMRcV9NAwqhSw8=; pux=2249%3D103000%262307%3D103000%262974%3D103000%263778%3D103000%26idl%3D103000%262249-DV360-Hosted%3D103000%26brx%3D103000%26goog%3D103000%26
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Thu, 30 Sep 2021 18:24:26 GMT
ETag
"403b8-119-5cd3a8e7e6a80"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Fri, 01 Oct 2021 16:27:38 GMT
Connection
keep-alive
Vary
Accept-Encoding

Redirect headers

Server
AkamaiGHost
Content-Length
0
Location
https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Date
Fri, 01 Oct 2021 16:27:38 GMT
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame CC75 		14 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D77699cccf08a309c%26uid%3D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba

Request headers

:method
GET
:authority
ads.pubmatic.com
:scheme
https
:path
/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D77699cccf08a309c%26uid%3D
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.us.e-planning.net/
accept-encoding
gzip, deflate, br
cookie
KTPCACOOKIE=YES; SyncRTB3=1634256000%3A220; ipc=156872^https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D156872%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Frouter.infolinks.com%252Fdyn%252Fpbm-usync%253Fuid%253D%2523PMUID^1^0; KADUSERCOOKIE=94A8FEED-3C24-4429-940E-599AF60A8C6A; chkChromeAb67Sec=2
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/

Response headers

last-modified
Tue, 15 Jun 2021 06:08:03 GMT
etag
"1300708-3945-5c4c7cc02bd56"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
5054
content-type
text/html; charset=UTF-8
cache-control
max-age=122506
expires
Sun, 03 Oct 2021 02:29:24 GMT
date
Fri, 01 Oct 2021 16:27:38 GMT
vary
Accept-Encoding
PugMaster
image6.pubmatic.com/AdServer/ Frame BE72 		5 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=12949018&p=158127&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158127
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.115 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
616f3d654ec7e18cc148962158d6828aea3594f6f6e65a5e86c7899dd5e20b3c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 16:27:37 GMT
content-type
text/html; charset=UTF-8
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
usync.js
eus.rubiconproject.com/ Frame 3715 		31 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-42-132.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
273282a153ded9e3bf56932b20e17408048ddd0d3edf359ebc52e1312a927c4e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Fri, 01 Oct 2021 16:27:38 GMT
Content-Encoding
gzip
Last-Modified
Thu, 30 Sep 2021 18:24:26 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=23845
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9275
Expires
Fri, 01 Oct 2021 23:05:03 GMT
match
c1.adform.net/serving/cookie/ Frame 8359 		35 B
468 B 		Document
General
Check archive.org
Download Go to
Full URL
https://c1.adform.net/serving/cookie/match?party=14&cid=94A8FEED-3C24-4429-940E-599AF60A8C6A
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158127
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.41 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

:method
GET
:authority
c1.adform.net
:scheme
https
:path
/serving/cookie/match?party=14&cid=94A8FEED-3C24-4429-940E-599AF60A8C6A
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
cookie
C=1; uid=6142303374695120563
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Fri, 01 Oct 2021 16:27:38 GMT
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate, no-transform
pragma
no-cache
expires
-1
set-cookie
uid=6142303374695120563; expires=Tue, 30 Nov 2021 16:27:38 GMT; domain=adform.net; path=/; secure; samesite=none
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
strict-transport-security
max-age=31536000; includeSubDomains
Pug
image2.pubmatic.com/AdServer/ Frame C635
Redirect Chain
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=6090178948821815727
42 B
228 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=6090178948821815727
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158127
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

:method
GET
:authority
image2.pubmatic.com
:scheme
https
:path
/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=6090178948821815727
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
cookie
KADUSERCOOKIE=94A8FEED-3C24-4429-940E-599AF60A8C6A; DPSync3=1634256000%3A201_197_219%7C1633132800%3A174; SyncRTB3=1633910400%3A63%7C1633651200%3A15_2_223%7C1634256000%3A220_161_3_81_88_165_176_7_166_13_56_99_189_21_8_71_230_231_22_234_204_54_55_222_57%7C1634342400%3A35%7C1635638400%3A203; KRTBCOOKIE_57=22776-634636179186247923; PUBMDCID=3; KRTBCOOKIE_153=19420-r4vzpKqMoPK0iqWhoNjr9fvcpKC0jKD2qIjqsxBB&KRTB&22979-r4vzpKqMoPK0iqWhoNjr9fvcpKC0jKD2qIjqsxBB; KRTBCOOKIE_80=22987-CAESELziic0k1NqFrBcNBV2PS7w&KRTB&16514-CAESELziic0k1NqFrBcNBV2PS7w&KRTB&23025-CAESELziic0k1NqFrBcNBV2PS7w; KRTBCOOKIE_409=22966-QJTrkX5HMx3AM8MQjJDaXky7; KRTBCOOKIE_391=22924-6142303374695120563&KRTB&23263-6142303374695120563; PugT=1633105658; KRTBCOOKIE_1101=23040-7014135392026556563; KRTBCOOKIE_377=6810-23a9f547-69cd-444a-8891-728ca5b966b6&KRTB&22918-23a9f547-69cd-444a-8891-728ca5b966b6&KRTB&23031-23a9f547-69cd-444a-8891-728ca5b966b6; chkChromeAb67Sec=4; KRTBCOOKIE_27=16735-uid:714d6157-36fa-4300-b14d-a18edead5062&KRTB&16736-uid:714d6157-36fa-4300-b14d-a18edead5062&KRTB&23019-uid:714d6157-36fa-4300-b14d-a18edead5062&KRTB&23114-uid:714d6157-36fa-4300-b14d-a18edead5062; SPugT=1633105657
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Fri, 01 Oct 2021 16:27:37 GMT
content-type
image/gif; charset=utf-8
content-length
42
set-cookie
KRTBCOOKIE_336=5844-6090178948821815727; domain=pubmatic.com; SameSite=None; secure; expires=Sun, 31-Oct-2021 16:27:37 GMT; path=/ PugT=1633105657; domain=pubmatic.com; SameSite=None; secure; expires=Sun, 31-Oct-2021 16:27:37 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Thu, 30-Dec-2021 16:27:37 GMT; path=/
x-lat
amspug001:0:412
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=6090178948821815727
content-length
0
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
usersync.aspx
dis.criteo.com/dis/ Frame E04B 		43 B
334 B 		Document
General
Check archive.org
Download Go to
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158127
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.163 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

:method
GET
:authority
dis.criteo.com
:scheme
https
:path
/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

date
Fri, 01 Oct 2021 16:27:37 GMT
content-type
image/gif
server
Kestrel
cache-control
no-cache
pragma
no-cache
expires
Fri, 01 Oct 2021 00:00:00 GMT
x-errorlevel
0
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
320581
pbm-usync
router.infolinks.com/dyn/ Frame 0EC9
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7014135392026556563
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?p=156872&pmc=1&pr=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fpbm-usync%3Fuid%3D94A8FEED-3C24-4429-940E-599AF60A8C6A
  • https://router.infolinks.com/dyn/pbm-usync?uid=94A8FEED-3C24-4429-940E-599AF60A8C6A
0
40 B 		Document
General
Check archive.org
Download Go to
Full URL
https://router.infolinks.com/dyn/pbm-usync?uid=94A8FEED-3C24-4429-940E-599AF60A8C6A
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158127
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method
GET
:authority
router.infolinks.com
:scheme
https
:path
/dyn/pbm-usync?uid=94A8FEED-3C24-4429-940E-599AF60A8C6A
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
cookie
ANUSERCOOKIE=5625641726557375293; OXUSERCOOKIE=b214017d-711d-4d6c-9886-24aeed7c8cc6; OUTHUSERCOOKIE=y-tgeACKhE2uGzPyY2hNS3QtU_iNXvPGvI~A~UP7c1d2a32-22d4-11ec-b5b8-06584a1aed54; VRUSERCOOKIE=y-mTXOWBpE2uHL.P4UjCAh6thOLF9faVQge.mK5is-~A
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

date
Fri, 01 Oct 2021 16:27:38 GMT
content-type
text/html;charset=UTF-8
content-length
0
cache-control
no-store, no-cache, private
set-cookie
PUBMUSERCOOKIE=94A8FEED-3C24-4429-940E-599AF60A8C6A; Domain=infolinks.com; Expires=Sat, 02-Oct-2021 16:27:38 GMT; Path=/; SameSite=None; Secure; SameSite=None; Secure
pragma
no-cache
expires
Thu, 01 Oct 2020 16:27:38 GMT
p3p
CP="NON DSP NID OUR COR"
via
1.1 google
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
69770f3c1a144007-CDG

Redirect headers

server
nginx
date
Fri, 01 Oct 2021 16:27:37 GMT
set-cookie
SPugT=1633105657; domain=pubmatic.com; SameSite=None; secure; expires=Sun, 31-Oct-2021 16:27:37 GMT; path=/
location
https://router.infolinks.com/dyn/pbm-usync?uid=94A8FEED-3C24-4429-940E-599AF60A8C6A
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private
redir
rtb-csync.smartadserver.com/ Frame 1275
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=?_bee_ppp=1
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFCSFZVN0NybTRBQUJVNlR5SEktQQ&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sy...
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
  • https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AABHVU7Crm4AABU6TyHI-A&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dsas%252Cpm%26bee_sync_current_partner%3Dpp%2...
  • https://match.prod.bidr.io/cookie-sync?bee_sync_partners=sas%2Cpm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=2&ev=AABHVU7Crm4AABU6TyHI-A&pid=558502&do=add
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AABHVU7Crm4AABU6TyHI-A&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpm%26bee_sync_current_part...
43 B
163 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AABHVU7Crm4AABU6TyHI-A&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3%26userid%3DSMART_USER_ID
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158127
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.139.89 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Host
rtb-csync.smartadserver.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

date
Fri, 01 Oct 2021 16:27:37 GMT
content-type
image/gif
transfer-encoding
chunked

Redirect headers

Date
Fri, 01 Oct 2021 16:27:38 GMT
location
https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AABHVU7Crm4AABU6TyHI-A&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3%26userid%3DSMART_USER_ID
Server
nginx
strict-transport-security
max-age=2592000; includeSubDomains
Content-Length
0
Connection
keep-alive
Pug
simage2.pubmatic.com/AdServer/ Frame E781
Redirect Chain
  • https://csync.loopme.me/?redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={device_id}&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0
0
243 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158127
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method
GET
:authority
simage2.pubmatic.com
:scheme
https
:path
/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
cookie
ipc=156872^https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D156872%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Frouter.infolinks.com%252Fdyn%252Fpbm-usync%253Fuid%253D%2523PMUID^1^0; KADUSERCOOKIE=94A8FEED-3C24-4429-940E-599AF60A8C6A; chkChromeAb67Sec=3; DPSync3=1634256000%3A201_197_219%7C1633132800%3A174; SyncRTB3=1633910400%3A63%7C1633651200%3A15_2_223%7C1634256000%3A220_161_3_81_88_165_176_7_166_13_56_99_189_21_8_71_230_231_22_234_204_54_55_222_57%7C1634342400%3A35%7C1635638400%3A203
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Fri, 01 Oct 2021 16:27:38 GMT
content-type
text/html; charset=utf-8
x-lat
lhrpug017:2:184
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private
content-encoding
gzip

Redirect headers

set-cookie
viewer_token=71b4029b-3221-42c0-a272-f952a9cee9be; path=/; domain=csync.loopme.me; Expires=Mon, 01-Nov-2021 16:27:38 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0
content-length
0
date
Fri, 01 Oct 2021 16:27:38 GMT
server
_
Pug
simage2.pubmatic.com/AdServer/ Frame 624F
Redirect Chain
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/sync?ssp=adconductor&user_id=RX-8429784b-6615-44da-bd38-2e8cbd66d778-003&rndcb=837588987
  • https://x.bidswitch.net/ul_cb/sync?ssp=adconductor&user_id=RX-8429784b-6615-44da-bd38-2e8cbd66d778-003&rndcb=837588987
  • https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=adconductor&bsw_param=680c3cbc-9414-4cc3-aac9-b2fdeafbe98c&google_hm=NjgwYzNjYmMtOTQxNC00Y2MzLWFhYzktYjJmZGVhZmJl...
  • https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESELyz8I4ACzYl4DOByQZ9pOM&google_cver=1&ssp=adconductor&bsw_param=680c3cbc-9414-4cc3-aac9-b2fdeafbe98c
  • https://sync.1rx.io/usersync/bidswitch/680c3cbc-9414-4cc3-aac9-b2fdeafbe98c?gdpr=&gdpr_consent=
  • https://sync.targeting.unrulymedia.com/csync/RX-8429784b-6615-44da-bd38-2e8cbd66d778-003?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-8429784b-6615-44da-bd38-2e8cbd66d778-003
42 B
271 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-8429784b-6615-44da-bd38-2e8cbd66d778-003
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158127
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

:method
GET
:authority
simage2.pubmatic.com
:scheme
https
:path
/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-8429784b-6615-44da-bd38-2e8cbd66d778-003
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
cookie
KADUSERCOOKIE=94A8FEED-3C24-4429-940E-599AF60A8C6A; DPSync3=1634256000%3A201_197_219%7C1633132800%3A174; SyncRTB3=1633910400%3A63%7C1633651200%3A15_2_223%7C1634256000%3A220_161_3_81_88_165_176_7_166_13_56_99_189_21_8_71_230_231_22_234_204_54_55_222_57%7C1634342400%3A35%7C1635638400%3A203; KRTBCOOKIE_57=22776-634636179186247923; PUBMDCID=3; KRTBCOOKIE_153=19420-r4vzpKqMoPK0iqWhoNjr9fvcpKC0jKD2qIjqsxBB&KRTB&22979-r4vzpKqMoPK0iqWhoNjr9fvcpKC0jKD2qIjqsxBB; KRTBCOOKIE_80=22987-CAESELziic0k1NqFrBcNBV2PS7w&KRTB&16514-CAESELziic0k1NqFrBcNBV2PS7w&KRTB&23025-CAESELziic0k1NqFrBcNBV2PS7w; KRTBCOOKIE_409=22966-QJTrkX5HMx3AM8MQjJDaXky7; KRTBCOOKIE_391=22924-6142303374695120563&KRTB&23263-6142303374695120563; KRTBCOOKIE_1101=23040-7014135392026556563; KRTBCOOKIE_377=6810-23a9f547-69cd-444a-8891-728ca5b966b6&KRTB&22918-23a9f547-69cd-444a-8891-728ca5b966b6&KRTB&23031-23a9f547-69cd-444a-8891-728ca5b966b6; chkChromeAb67Sec=4; KRTBCOOKIE_27=16735-uid:714d6157-36fa-4300-b14d-a18edead5062&KRTB&16736-uid:714d6157-36fa-4300-b14d-a18edead5062&KRTB&23019-uid:714d6157-36fa-4300-b14d-a18edead5062&KRTB&23114-uid:714d6157-36fa-4300-b14d-a18edead5062; SPugT=1633105657; KRTBCOOKIE_336=5844-6090178948821815727; PugT=1633105657
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Fri, 01 Oct 2021 16:27:38 GMT
content-type
image/gif; charset=utf-8
content-length
42
set-cookie
KRTBCOOKIE_594=17105-RX-8429784b-6615-44da-bd38-2e8cbd66d778-003&KRTB&17107-RX-8429784b-6615-44da-bd38-2e8cbd66d778-003; domain=pubmatic.com; SameSite=None; secure; expires=Thu, 30-Dec-2021 16:27:38 GMT; path=/ PugT=1633105658; domain=pubmatic.com; SameSite=None; secure; expires=Sun, 31-Oct-2021 16:27:38 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Thu, 30-Dec-2021 16:27:38 GMT; path=/
x-lat
lhrpug020:0:403
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

server
Tengine
date
Fri, 01 Oct 2021 16:27:38 GMT
content-type
text/html
set-cookie
_rxuuid=%7B%22rx_uuid%22%3A%22RX-8429784b-6615-44da-bd38-2e8cbd66d778-003%22%7D; path=/; expires=Sat, 01 Oct 2022 16:27:38 GMT; domain=.targeting.unrulymedia.com; samesite=none; secure; httponly
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-8429784b-6615-44da-bd38-2e8cbd66d778-003
etag
RX8429784b661544dabd382e8cbd66d778003
dpe
ad4m.at/ad/ Frame D30A 		42 B
974 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/ad/dpe?b=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjkmdGw9MTI5NjAw&piggybackCookie=$UID
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158127
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint; report-uri https://as.ad4m.at/ad/rcv; upgrade-insecure-requests; sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox

Request headers

:method
GET
:authority
ad4m.at
:scheme
https
:path
/ad/dpe?b=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjkmdGw9MTI5NjAw&piggybackCookie=$UID
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

date
Fri, 01 Oct 2021 16:27:38 GMT
content-type
image/gif
content-length
42
report-to
{"endpoints":[{"url":"https://as.ad4m.at/ad/vre"}],"group":"report-endpoint","max_age":86400}
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0"}
expires
0
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
content-security-policy
block-all-mixed-content; report-to report-endpoint; report-uri https://as.ad4m.at/ad/rcv; upgrade-insecure-requests; sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
referrer-policy
same-origin
pragma
no-cache
surrogate-control
no-store
x-fastcgi-cache
BYPASS
x-backend-server
adsrv-7b12
via
1.1 google
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
69770f3b98412bdd-FRA
pbm-usync
router.infolinks.com/dyn/ Frame E09B
Redirect Chain
  • https://green.erne.co/pubmatic/cm?
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=QJTrkX5HMx3AM8MQjJDaXky7
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?p=156872&pmc=1&pr=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fpbm-usync%3Fuid%3D94A8FEED-3C24-4429-940E-599AF60A8C6A
  • https://router.infolinks.com/dyn/pbm-usync?uid=94A8FEED-3C24-4429-940E-599AF60A8C6A
0
213 B 		Document
General
Check archive.org
Download Go to
Full URL
https://router.infolinks.com/dyn/pbm-usync?uid=94A8FEED-3C24-4429-940E-599AF60A8C6A
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158127
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method
GET
:authority
router.infolinks.com
:scheme
https
:path
/dyn/pbm-usync?uid=94A8FEED-3C24-4429-940E-599AF60A8C6A
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
cookie
ANUSERCOOKIE=5625641726557375293; OXUSERCOOKIE=b214017d-711d-4d6c-9886-24aeed7c8cc6; OUTHUSERCOOKIE=y-tgeACKhE2uGzPyY2hNS3QtU_iNXvPGvI~A~UP7c1d2a32-22d4-11ec-b5b8-06584a1aed54; VRUSERCOOKIE=y-mTXOWBpE2uHL.P4UjCAh6thOLF9faVQge.mK5is-~A
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

date
Fri, 01 Oct 2021 16:27:38 GMT
content-type
text/html;charset=UTF-8
content-length
0
cache-control
no-store, no-cache, private
set-cookie
PUBMUSERCOOKIE=94A8FEED-3C24-4429-940E-599AF60A8C6A; Domain=infolinks.com; Expires=Sat, 02-Oct-2021 16:27:38 GMT; Path=/; SameSite=None; Secure; SameSite=None; Secure
pragma
no-cache
expires
Thu, 01 Oct 2020 16:27:38 GMT
p3p
CP="NON DSP NID OUR COR"
via
1.1 google
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
69770f3c0a004007-CDG

Redirect headers

server
nginx
date
Fri, 01 Oct 2021 16:27:36 GMT
set-cookie
SPugT=1633105656; domain=pubmatic.com; SameSite=None; secure; expires=Sun, 31-Oct-2021 16:27:36 GMT; path=/
location
https://router.infolinks.com/dyn/pbm-usync?uid=94A8FEED-3C24-4429-940E-599AF60A8C6A
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private
bridge
cm.adgrx.com/ Frame DBE8 		43 B
408 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158127
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
173.231.180.197 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
Cowboy /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Host
cm.adgrx.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

Date
Fri, 01 Oct 2021 16:27:38 GMT
Content-Type
image/gif
Content-Length
43
Connection
keep-alive
server
Cowboy
X-RealServer-NX
ams-delivery-1
Cache-Control
no-cache, no-store, must-revalidate, proxy-revalidate
Pragma
no-cache
Expires
Thu, 23 Sep 2004 17:42:04 GMT
P3P
CP="NOI OTC OTP OUR NOR"
Access-Control-Allow-Origin
*
i.match
s.tribalfusion.com/z/ Frame AE4F
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATI...
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMA...
43 B
413 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158127
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:c05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0

Request headers

:method
GET
:authority
s.tribalfusion.com
:scheme
https
:path
/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
cookie
ANON_ID=aJnoeUp26Ur8e4OEcRMbRYCbjwTcPSXSt4TxA8Dv
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

date
Fri, 01 Oct 2021 16:27:38 GMT
content-type
image/gif; charset=utf-8
content-length
43
p3p
CP="NOI DEVo TAIa OUR BUS"
x-function
302
cache-control
no-cache private
expires
Thu, 01 Jan 1970 00:00:00 GMT
pragma
no-cache
set-cookie
ANON_ID=aNnseFyg6AarA7u8QGkn6jFyTFnU4XvQl0XFy0hUo3ZbnQF1HYPLGCKtM0i84AopAw2yRQn5lat4BTCUtZdWZcu; path=/; domain=.tribalfusion.com; expires=Thu, 30-Dec-2021 16:27:38 GMT; SameSite=None; Secure; ANON_ID_old=aNnseFyg6AarA7u8QGkn6jFyTFnU4XvQl0XFy0hUo3ZbnQF1HYPLGCKtM0i84AopAw2yRQn5lat4BTCUtZdWZcu; path=/; domain=.tribalfusion.com; expires=Thu, 30-Dec-2021 16:27:38 GMT;
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
69770f3cca195be9-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

date
Fri, 01 Oct 2021 16:27:38 GMT
content-type
text/html
p3p
CP="NOI DEVo TAIa OUR BUS"
x-function
206
x-reuse-index
127
cache-control
no-cache private
expires
Thu, 01 Jan 1970 00:00:00 GMT
pragma
no-cache
set-cookie
ANON_ID=aJnoeUp26Ur8e4OEcRMbRYCbjwTcPSXSt4TxA8Dv; path=/; domain=.tribalfusion.com; expires=Thu, 30-Dec-2021 16:27:38 GMT; SameSite=None; Secure; ANON_ID_old=aJnoeUp26Ur8e4OEcRMbRYCbjwTcPSXSt4TxA8Dv; path=/; domain=.tribalfusion.com; expires=Thu, 30-Dec-2021 16:27:38 GMT;
location
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
69770f3b9f7a5be9-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
141
match.deepintent.com/usersync/ Frame E622 		0
44 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158127
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
169.197.150.7 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
g.deepintent.com
Software
b /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method
GET
:authority
match.deepintent.com
:scheme
https
:path
/usersync/141?gdpr=0&gdpr_consent=
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

content-length
0
date
Fri, 01 Oct 2021 16:27:37 GMT
server
b
rtb-h
match.taboola.com/sg/pubmatic-ssp-network/1/ Frame 59EC
Redirect Chain
  • https://trc.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=uid:$UID
  • https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=f4522dd7-ac4b-481a-a93d-0009919078c9-tuct850bc7a&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdSe...
0
147 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=f4522dd7-ac4b-481a-a93d-0009919078c9-tuct850bc7a&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158127
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method
GET
:authority
match.taboola.com
:scheme
https
:path
/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=f4522dd7-ac4b-481a-a93d-0009919078c9-tuct850bc7a&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
cookie
t_gid=f4522dd7-ac4b-481a-a93d-0009919078c9-tuct850bc7a
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
accept-ranges
bytes
date
Fri, 01 Oct 2021 16:27:38 GMT
via
1.1 varnish
x-served-by
cache-hhn4043-HHN
x-cache
MISS
x-cache-hits
0
x-timer
S1633105658.257223,VS0,VE9
content-length
0

Redirect headers

server
nginx
set-cookie
t_gid=f4522dd7-ac4b-481a-a93d-0009919078c9-tuct850bc7a;Version=1;Path=/;Domain=.taboola.com;Expires=Sat, 01-Oct-2022 16:27:38 GMT;Max-Age=31536000;Secure;SameSite=None
location
https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=f4522dd7-ac4b-481a-a93d-0009919078c9-tuct850bc7a&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
accept-ranges
bytes
date
Fri, 01 Oct 2021 16:27:38 GMT
via
1.1 varnish
x-served-by
cache-mxp6950-MXP
x-cache
MISS
x-cache-hits
0
x-timer
S1633105658.192726,VS0,VE20
x-vcl-time-ms
20
content-length
0
usersync
match.bnmla.com/ Frame C953 		0
114 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.bnmla.com/usersync?sspid=10738&redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3NzUmdGw9MTI5NjAw%26piggybackCookie%3D%5BUUID%5D
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158127
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
38.27.122.101 Chestertown, United States, ASN174 (COGENT-174, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Host
match.bnmla.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

Server
nginx
Date
Fri, 01 Oct 2021 16:27:38 GMT
Content-Length
0
Connection
keep-alive
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame BE72
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=lKj-7TwkRCmUDlma9gqMag%3D%3D
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158127
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 16:27:38 GMT
content-encoding
gzip
last-modified
Tue, 15 Jun 2021 06:08:03 GMT
server
Apache/2.2.15 (CentOS)
etag
"1300708-3945-5c4c7cc02bd56"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=122506
accept-ranges
bytes
content-type
text/html; charset=UTF-8
content-length
5054
expires
Sun, 03 Oct 2021 02:29:24 GMT

Redirect headers

pragma
no-cache
date
Fri, 01 Oct 2021 16:27:38 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
272
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
SPug
image4.pubmatic.com/AdServer/ Frame BE72
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=714d6157-36fa-4300-b14d-a18edead5062
0
128 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=714d6157-36fa-4300-b14d-a18edead5062
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158127
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.114 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 16:27:38 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Fri, 01 Oct 2021 16:27:38 GMT
Server
MT3 3984 0e3af3b master cdg-pixel-x30 config:1.0.0
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=714d6157-36fa-4300-b14d-a18edead5062
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Fri, 01 Oct 2021 16:27:37 GMT
/
spl.zeotap.com/ Frame BE72
Redirect Chain
  • https://pixel.onaudience.com/?partner=214&mapped=94A8FEED-3C24-4429-940E-599AF60A8C6A
  • https://spl.zeotap.com/?zdid=1332&zcluid=2f1b0a2414f63232
95 B
557 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://spl.zeotap.com/?zdid=1332&zcluid=2f1b0a2414f63232
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158127
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 16:27:38 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://ads.pubmatic.com
access-control-allow-credentials
true
cf-ray
69770f3d48d3698b-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

location
https://spl.zeotap.com?zdid=1332&zcluid=2f1b0a2414f63232
content-length
0
pbm-usync
router.infolinks.com/dyn/ Frame BE72
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESELziic0k1NqFrBcNBV2PS7w&google_cver=1
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?p=156872&pmc=1&pr=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fpbm-usync%3Fuid%3D94A8FEED-3C24-4429-940E-599AF60A8C6A
  • https://router.infolinks.com/dyn/pbm-usync?uid=94A8FEED-3C24-4429-940E-599AF60A8C6A
0
40 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://router.infolinks.com/dyn/pbm-usync?uid=94A8FEED-3C24-4429-940E-599AF60A8C6A
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158127
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Oct 2021 16:27:38 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NON DSP NID OUR COR"
content-type
text/html;charset=UTF-8
cache-control
no-store, no-cache, private
cf-ray
69770f3c5a644007-CDG
content-length
0
expires
Thu, 01 Oct 2020 16:27:38 GMT

Redirect headers

location
https://router.infolinks.com/dyn/pbm-usync?uid=94A8FEED-3C24-4429-940E-599AF60A8C6A
date
Fri, 01 Oct 2021 16:27:37 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
pubmatic
um.simpli.fi/ Frame BE72 		43 B
610 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158127
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
159.253.128.188 Amsterdam, Netherlands, ASN36351 (SOFTLAYER, US),
Reverse DNS
bc.80.fd9f.ip4.static.sl-reverse.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 16:27:38 GMT
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Thu, 30 Sep 2021 16:27:38 GMT
ImgSync
image8.pubmatic.com/AdServer/ Frame BE72
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:714d6157-36fa-4300-b14d-a18edead5062&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
0
39 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158127
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.216 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 16:27:37 GMT
content-length
0

Redirect headers

location
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
date
Fri, 01 Oct 2021 16:27:38 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug003:0:800
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
ImgSync
image8.pubmatic.com/AdServer/ Frame BE72
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=6142303374695120563
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
0
39 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158127
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.216 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 16:27:37 GMT
content-length
0

Redirect headers

location
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
date
Fri, 01 Oct 2021 16:27:38 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug005:0:529
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
ImgSync
image8.pubmatic.com/AdServer/ Frame BE72
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=23a9f547-69cd-444a-8891-728ca5b966b6
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
0
39 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158127
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.216 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 16:27:37 GMT
content-length
0

Redirect headers

location
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
date
Fri, 01 Oct 2021 16:27:38 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug004:0:609
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
pbm-usync
router.infolinks.com/dyn/ Frame BE72
Redirect Chain
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=634636179186247923&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?p=156872&pmc=1&pr=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fpbm-usync%3Fuid%3D94A8FEED-3C24-4429-940E-599AF60A8C6A
  • https://router.infolinks.com/dyn/pbm-usync?uid=94A8FEED-3C24-4429-940E-599AF60A8C6A
0
40 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://router.infolinks.com/dyn/pbm-usync?uid=94A8FEED-3C24-4429-940E-599AF60A8C6A
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158127
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Oct 2021 16:27:38 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NON DSP NID OUR COR"
content-type
text/html;charset=UTF-8
cache-control
no-store, no-cache, private
cf-ray
69770f3c6a724007-CDG
content-length
0
expires
Thu, 01 Oct 2020 16:27:38 GMT

Redirect headers

location
https://router.infolinks.com/dyn/pbm-usync?uid=94A8FEED-3C24-4429-940E-599AF60A8C6A
date
Fri, 01 Oct 2021 16:27:36 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
pbm-usync
router.infolinks.com/dyn/ Frame BE72
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=r4vzpKqMoPK0iqWhoNjr9fvcpKC0jKD2qIjqsxBB
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?p=156872&pmc=1&pr=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fpbm-usync%3Fuid%3D94A8FEED-3C24-4429-940E-599AF60A8C6A
  • https://router.infolinks.com/dyn/pbm-usync?uid=94A8FEED-3C24-4429-940E-599AF60A8C6A
0
40 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://router.infolinks.com/dyn/pbm-usync?uid=94A8FEED-3C24-4429-940E-599AF60A8C6A
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158127
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Oct 2021 16:27:38 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NON DSP NID OUR COR"
content-type
text/html;charset=UTF-8
cache-control
no-store, no-cache, private
cf-ray
69770f3c6a734007-CDG
content-length
0
expires
Thu, 01 Oct 2020 16:27:38 GMT

Redirect headers

location
https://router.infolinks.com/dyn/pbm-usync?uid=94A8FEED-3C24-4429-940E-599AF60A8C6A
date
Fri, 01 Oct 2021 16:27:37 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
SPug
image4.pubmatic.com/AdServer/ Frame BE72
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=94A8FEED-3C24-4429-940E-599AF60A8C6A&redir=true&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-J5MgTgxE2uX_qkd4LytRJ70FFd_CYcs-~A&gdpr=0&gdpr_consent=
0
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-J5MgTgxE2uX_qkd4LytRJ70FFd_CYcs-~A&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158127
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.114 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 16:27:37 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Fri, 01 Oct 2021 16:27:38 GMT
Server
ATS/7.1.2.138
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-J5MgTgxE2uX_qkd4LytRJ70FFd_CYcs-~A&gdpr=0&gdpr_consent=
Connection
keep-alive
Content-Length
0
94A8FEED-3C24-4429-940E-599AF60A8C6A
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame BE72 		43 B
923 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/94A8FEED-3C24-4429-940E-599AF60A8C6A?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158127
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1288:110:c305::8000 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 16:27:38 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame BE72
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://ads.avct.cloud/getuid?url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dpubmatic
  • https://ads.avct.cloud/getuid?bounce=true&url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dpubmatic
  • https://x.bidswitch.net/sync?dsp_id=59&user_id=ce889fc3-6233-4a3a-a2df-c3756a2b9266&ssp=pubmatic
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=680c3cbc-9414-4cc3-aac9-b2fdeafbe98c&gdpr=&gdpr_consent=&gdpr_pd=
1 B
181 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=680c3cbc-9414-4cc3-aac9-b2fdeafbe98c&gdpr=&gdpr_consent=&gdpr_pd=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158127
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 16:27:38 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug019:0:565
server
nginx
content-type
text/html; charset=utf-8
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
//simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=680c3cbc-9414-4cc3-aac9-b2fdeafbe98c&gdpr=&gdpr_consent=&gdpr_pd=
date
Fri, 01 Oct 2021 16:27:38 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
current
pubmatic-match.dotomi.com/match/bounce/ Frame BE72 		0
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=94A8FEED-3C24-4429-940E-599AF60A8C6A&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158127
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:16::1370 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Oct 2021 16:27:38 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
Pug
simage2.pubmatic.com/AdServer/ Frame BE72
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%...
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YVc2_gAAAlCrpAA6&gdpr=0&gdpr_consent=&_test=YVc2_gAAAlCrpAA6
1 B
233 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YVc2_gAAAlCrpAA6&gdpr=0&gdpr_consent=&_test=YVc2_gAAAlCrpAA6
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158127
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 16:27:38 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug016:0:626
server
nginx
content-type
text/html; charset=utf-8
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Fri, 01 Oct 2021 16:27:38 GMT
via
1.1 varnish
server
Varnish
x-timer
S1633105658.288636,VS0,VE0
x-served-by
cache-hhn4075-HHN
x-cache
HIT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YVc2_gAAAlCrpAA6&gdpr=0&gdpr_consent=&_test=YVc2_gAAAlCrpAA6
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
Pug
simage2.pubmatic.com/AdServer/ Frame BE72
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2355061870237820537&gdpr=0&gdpr_consent=&us_privacy=
1 B
168 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2355061870237820537&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158127
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 16:27:38 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug015:0:433
server
nginx
content-type
text/html; charset=utf-8
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2355061870237820537&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Fri, 01 Oct 2021 16:27:38 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
Pug
image2.pubmatic.com/AdServer/ Frame BE72
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=no-consent&gdpr=1&gdpr_consent=
42 B
459 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=no-consent&gdpr=1&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158127
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 16:27:36 GMT
cache-control
no-store, no-cache, private
x-lat
amspug009:0:451
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Fri, 01 Oct 2021 16:27:37 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=no-consent&gdpr=1&gdpr_consent=
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame BE72
Redirect Chain
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:9eefde78-b001-477b-a198-857af31bb00d&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
42 B
129 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:9eefde78-b001-477b-a198-857af31bb00d&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158127
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 16:27:38 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug013:0:377
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:9eefde78-b001-477b-a198-857af31bb00d&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Date
Fri, 01 Oct 2021 16:27:38 GMT
Server
Apache/2.4.41 (Ubuntu)
Connection
Keep-Alive
Keep-Alive
timeout=5, max=3000
Content-Length
0
P3P
policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"
Pug
simage2.pubmatic.com/AdServer/ Frame BE72
Redirect Chain
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=634636179186247923
42 B
111 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=634636179186247923
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158127
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 16:27:38 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug007:0:336
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Pragma
no-cache
Date
Fri, 01 Oct 2021 16:27:38 GMT
X-Proxy-Origin
194.36.108.21; 194.36.108.21; 693.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
817cc9d9-4ef4-422f-bb8d-bafd13c45827
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=634636179186247923
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
d1ba4609
rtb.gumgum.com/getuid/ Frame BE72 		35 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/getuid/d1ba4609?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw%26piggybackCookie%3D
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158127
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.77.47.243 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-77-47-243.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Oct 2021 16:27:38 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0
709414.gif
id.rlcdn.com/ Frame 3CCF 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.rlcdn.com/709414.gif
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers
btu4jd3a
sync-tm.everesttech.net/ct/upi/pid/ Frame 3CCF
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D
  • https://sync-tm.everesttech.net/ct/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D&_test=YVc2_gAAAFeeZgAT
85 B
164 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-tm.everesttech.net/ct/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D&_test=YVc2_gAAAFeeZgAT
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Jetty(9.4.35.v20201120) /
Resource Hash
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Oct 2021 16:27:38 GMT
via
1.1 varnish
server
Jetty(9.4.35.v20201120)
age
37
x-served-by
cache-hhn4075-HHN
x-cache
HIT
content-type
image/png
cache-control
no-cache
accept-ranges
bytes
x-timer
S1633105658.287345,VS0,VE0
content-length
85
x-cache-hits
276

Redirect headers

pragma
no-cache
date
Fri, 01 Oct 2021 16:27:38 GMT
via
1.1 varnish
server
Jetty(9.4.35.v20201120)
x-timer
S1633105658.162280,VS0,VE89
x-served-by
cache-hhn4075-HHN
x-cache
MISS
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
location
https://sync-tm.everesttech.net/ct/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D&_test=YVc2_gAAAFeeZgAT
cache-control
no-cache
accept-ranges
bytes
access-control-allow-origin
*
content-length
0
x-cache-hits
0
pixel
cm.g.doubleclick.net/ Frame 3CCF
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YmUyYWM4M2M2ODUzYjcxM2FkYjM3MzQ0YWZiYjliN2NjNzFiNzBmYw
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YmUyYWM4M2M2ODUzYjcxM2FkYjM3MzQ0YWZiYjliN2NjNzFiNzBmYw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Oct 2021 16:27:38 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YmUyYWM4M2M2ODUzYjcxM2FkYjM3MzQ0YWZiYjliN2NjNzFiNzBmYw
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
704c1e4d3fcc922a3031d436b584678b
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 3CCF
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESENAw25ZYkpWpsB7Y_YJRSZ8&google_cver=1
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESENAw25ZYkpWpsB7Y_YJRSZ8&google_cver=1
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
66ef90d06496cfd000aab8206f2b6221
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Fri, 01 Oct 2021 16:27:38 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESENAw25ZYkpWpsB7Y_YJRSZ8&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
v1
ads.yahoo.com/cms/ Frame 3CCF
Redirect Chain
  • https://token.rubiconproject.com/token?pid=26594
  • https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KU8KXX7B-1T-OVE&sigv=1&esig=2~9003e5b88665ca02cac1e2cb5d84763ff5ea28e4
0
612 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KU8KXX7B-1T-OVE&sigv=1&esig=2~9003e5b88665ca02cac1e2cb5d84763ff5ea28e4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1288:80:800::7001 Frankfurt am Main, Germany, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software
ATS /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 16:27:38 GMT
cache-control
no-store
x-content-type-options
nosniff
server
ATS
strict-transport-security
max-age=15552000
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection
1; mode=block

Redirect headers

Location
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KU8KXX7B-1T-OVE&sigv=1&esig=2~9003e5b88665ca02cac1e2cb5d84763ff5ea28e4
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
704c1e4d3fcc922a3031d436b584678b
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame 3CCF
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1U4S1hYN0ItMVQtT1ZF
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1U4S1hYN0ItMVQtT1ZF
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Oct 2021 16:27:38 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1U4S1hYN0ItMVQtT1ZF
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
704c1e4d3fcc922a3031d436b584678b
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
rubicon
match.adsrvr.org/track/cmf/ Frame 3CCF 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/rubicon
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.131 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a97adde81b00f2ca4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Oct 2021 16:27:38 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
tap.php
pixel.rubiconproject.com/ Frame 3CCF
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/yzskfeq2DJNhdoSa7xWeWA?csrc=
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=3742114756429214828
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=3742114756429214828
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
66ef90d06496cfd000aab8206f2b6221
Content-Type
image/gif

Redirect headers

date
Fri, 01 Oct 2021 16:27:38 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=3742114756429214828
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
Cookie set usermatch
ssum.casalemedia.com/ Frame 31BC 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D77699cccf08a309c%26uid%3D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
3deded95a736770a65f77a281c09d607824972890619dda8ecb04d03b914aafb

Request headers

Host
ssum.casalemedia.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.us.e-planning.net/
Accept-Encoding
gzip, deflate, br
Cookie
CMID=YVc2988-j77K-IFFqvvWpgAA; CMPS=5222; CMPRO=1218; CMRUM3=b0615736f705a00&e6615736f72760&2d615736f705a0&08615736f705a00&0d615736f705a0&f1615736f705a0&c3615736f705a00&27615736f70b40; CMST=YVc292FXNvcA
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
73|46|206|4|88|190|39|5
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Content-Length
1569
Expires
Fri, 01 Oct 2021 16:27:38 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Fri, 01 Oct 2021 16:27:38 GMT
Connection
keep-alive
Set-Cookie
CMID=YVc2988-j77K-IFFqvvWpgAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sat, 01 Oct 2022 16:27:38 GMT CMPS=5222;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Thu, 30 Dec 2021 16:27:38 GMT CMPRO=1218;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Thu, 30 Dec 2021 16:27:38 GMT CMST=YVc292FXNvoA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sat, 02 Oct 2021 16:27:38 GMT CMRUM3=f1615736f705a0&c3615736f705a00&05615736fa05a0&08615736f705a00&0d615736f705a0&04615736fa05a0&49615736fa05a0&27615736fa0b40&58615736fa05a0&ce615736fa05a0&2e615736fa05a0&be615736fa05a0&b0615736f705a00&2d615736f705a0&e6615736f72760;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sat, 01 Oct 2022 16:27:38 GMT
loader
api.retargetly.com/ Frame 155A 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://api.retargetly.com/loader?id=1473
Requested by
Host: s.e-planning.net
URL: https://s.e-planning.net/esb/4/1/3fb8/7bb4893a30d21aef/retargetly_030920.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:8f4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d22884064f4d7b34e4a0c7ef2767d21363923c795416100088d9d910a32a63c5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 16:27:38 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
69770f3bb9bf4ee6-FRA
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
cache-control
public, max-age=604800
content-type
application/javascript
expires
Fri Oct 08 2021 16:27:38 GMT+0000 (UTC)
/
onetag-sys.com/usync/ Frame 39DF 		2 KB
823 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=5927d926323dc2c
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip253.ip-51-89-9.eu
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

:method
GET
:authority
onetag-sys.com
:scheme
https
:path
/usync/?pubId=5927d926323dc2c
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.us.e-planning.net/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/

Response headers

content-type
text/html
cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
strict-transport-security
max-age=15552000
/
spl.zeotap.com/ Frame 4657 		8 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
030b4f6079e0fcab0e61a0ab7da2e0494761966dbc0540524ba035ddb386cbca

Request headers

:method
GET
:authority
spl.zeotap.com
:scheme
https
:path
/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.us.e-planning.net/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/

Response headers

date
Fri, 01 Oct 2021 16:27:38 GMT
content-type
text/html
access-control-allow-credentials
true
access-control-allow-headers
*
access-control-allow-origin
https://ads.us.e-planning.net
set-cookie
zc=f0721f19-9a11-4603-6d77-11da737a68df; Path=/; Domain=.zeotap.com; Max-Age=31536000; SameSite=None; Secure zsc=%17%81%86%B25X%80%EED%3C%3B+%D1%BC%B7z66%C5%02A%DE%12%B8%5D9%10%5C%D1%0D%03%E6%0E%3D3%ABr%0C%83V%22%B3%BEh%A5%2C%DD%192M%C5%F9%5D-%3E%80%AC%5D%B0%A3%EE%96J%C5%CD%28IB%F6%AD%19%3E%AE%0E%B5%1Dj%AF%D0%10%88j%8B%BC%B7%83z%89%26%F1%F7%94%D5%0D%A0%147%E9%2F%3E%97%9F%8D6%DE%C90%C4%2F%CFP%15%1D~rT%1E-%16G%05%F6%9F-%BB%BE%D6%E65%29U%A60%C3%C9%40O%87%EDA%FD%BD%A2%EEJ%C4%E5%80%D6%1B%A1%9A%80%E2n%9B%F9%B6%06qqyY%80%05%CC%FFQ; Path=/; Domain=.zeotap.com; Max-Age=86400; SameSite=None; Secure
vary
Origin
via
1.1 google
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
69770f3bbd32698b-FRA
content-encoding
br
sync.php
pixel-eu.rubiconproject.com/exchange/ Frame 3715 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-eu.rubiconproject.com/exchange/sync.php?p=12186
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
66ef90d06496cfd000aab8206f2b6221
Content-Type
image/gif
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 0EA8 		14 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=651796
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba

Request headers

:method
GET
:authority
ads.pubmatic.com
:scheme
https
:path
/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://s.adtelligent.com/
accept-encoding
gzip, deflate, br
cookie
ipc=156872^https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D156872%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Frouter.infolinks.com%252Fdyn%252Fpbm-usync%253Fuid%253D%2523PMUID^1^0; KADUSERCOOKIE=94A8FEED-3C24-4429-940E-599AF60A8C6A; KCCH=YES; chkChromeAb67Sec=3; DPSync3=1634256000%3A201_197_219%7C1633132800%3A174; SyncRTB3=1633910400%3A63%7C1633651200%3A15_2_223%7C1634256000%3A220_161_3_81_88_165_176_7_166_13_56_99_189_21_8_71_230_231_22_234_204_54_55_222_57%7C1634342400%3A35%7C1635638400%3A203
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://s.adtelligent.com/

Response headers

last-modified
Tue, 15 Jun 2021 06:08:03 GMT
etag
"1300708-3945-5c4c7cc02bd56"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
5054
content-type
text/html; charset=UTF-8
cache-control
max-age=122506
expires
Sun, 03 Oct 2021 02:29:24 GMT
date
Fri, 01 Oct 2021 16:27:38 GMT
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame 0ED6
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=17184-d
  • https://eus.rubiconproject.com/usync.html?p=17184-d
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=17184-d
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=651796
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-42-132.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Host
eus.rubiconproject.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://s.adtelligent.com/
Accept-Encoding
gzip, deflate, br
Cookie
khaos=KU8KXX7B-1T-OVE; rsid=1|AIfsdBUO++vuGxiryvY4NyLgsLINffPD0nJRTZPyMmB0r4WWOQTuL9+eZLvlgeCkRh3C4GjGYWrGRQSWDHOtFAT+ngdWyQZYykB4JZyHexlK9j7tYKExPQ==; audit=1|hLZGFuTafB38Wygj3GuT20ZeVCuLeoYaJAQRvrb7NaaVL7v9nbH7lg7eXlkMNyatTSCe5WDhxwxymPvo8pleP2KLLa4BRoMRcV9NAwqhSw8=; pux=2249%3D103000%262307%3D103000%262974%3D103000%263778%3D103000%26idl%3D103000%262249-DV360-Hosted%3D103000%26brx%3D103000%26goog%3D103000%26
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://s.adtelligent.com/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Thu, 30 Sep 2021 18:24:26 GMT
ETag
"403b8-119-5cd3a8e7e6a80"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Fri, 01 Oct 2021 16:27:38 GMT
Connection
keep-alive
Vary
Accept-Encoding

Redirect headers

Server
AkamaiGHost
Content-Length
0
Location
https://eus.rubiconproject.com/usync.html?p=17184-d
Date
Fri, 01 Oct 2021 16:27:38 GMT
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
csync
sync.adtelligent.com/ Frame 0EF3
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=189529&cb=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D323546%26extuid%3D
  • https://sync.adtelligent.com/csync?t=a&ep=323546&extuid=YVc2988-j77K-IFFqvvWpgAA%261218
0
0
csync
sync.adtelligent.com/ Frame 0EF3 		0
0
pbsync.html
js.adscale.de/ Frame 24D5 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js.adscale.de/pbsync.html?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307565%26extuid%3D
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=609096
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:8400:f:4f64:8940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ecde72bc5d9fd5bc5150218535ae8f75ad9161924b91e64b7995c495fc90c246

Request headers

:method
GET
:authority
js.adscale.de
:scheme
https
:path
/pbsync.html?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307565%26extuid%3D
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://s.console.adtarget.com.tr/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://s.console.adtarget.com.tr/

Response headers

content-type
text/html
last-modified
Thu, 30 Sep 2021 04:33:51 GMT
x-amz-version-id
Rj1d6.bpgN5HVAtbDBc16dExnkAxU9iv
server
AmazonS3
x-edge-origin-shield-skipped
0
content-encoding
br
date
Fri, 01 Oct 2021 14:33:55 GMT
cache-control
max-age=7200
etag
W/"5550fca00caf055568d6ced373f2721f"
vary
Accept-Encoding
x-cache
Hit from cloudfront
via
1.1 2f194b62c8c43859cbf5af8e53a8d2a7.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
PPu3KQ7cNDb2SSx6Gfw_yPPKeR-_cAbcwz_EOjZ7mWQUfecc8styFw==
age
6824
csync
sync.console.adtarget.com.tr/ Frame 014E
Redirect Chain
  • https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307457%26extuid%3D%24UID
  • https://sync.console.adtarget.com.tr/csync?t=a&ep=307457&extuid=6142303374695120563
0
0
user
cdn.admatic.com.tr/ Frame 4E08 		251 B
630 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.admatic.com.tr/user
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=609096
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.187.169.47 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-89-187-169-47.cdn77.com
Software
BunnyCDN-DE1-756 /
Resource Hash
62b58b017cf4d54dc404dbc48e49b0429cbbb46678a868a95bf17664cc6340fd

Request headers

:method
GET
:authority
cdn.admatic.com.tr
:scheme
https
:path
/user
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://s.console.adtarget.com.tr/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://s.console.adtarget.com.tr/

Response headers

date
Fri, 01 Oct 2021 16:27:38 GMT
content-type
text/html
vary
Accept-Encoding
server
BunnyCDN-DE1-756
cdn-pullzone
266102
cdn-uid
bea626e5-d007-4073-8941-73ce8dd2f81c
cdn-requestcountrycode
DE
cdn-edgestorageid
756
cdn-storageserver
DE-51
cache-control
public, max-age=3600
cdn-fileserver
141
last-modified
Thu, 11 Feb 2021 13:30:42 GMT
cdn-cachedat
2021-08-10 09:24:38
cdn-requestpullsuccess
True
cdn-requestpullcode
206
cdn-requestid
5acf94b480159aa5f3e8fd653b6fb745
cdn-status
200
cdn-cache
HIT
content-encoding
gzip
sync.html
s.adtelligent.com/ Frame 9BD5 		1 KB
905 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.adtelligent.com/sync.html?aid=609724
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=609096
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c81:5095:0:225:90ff:fefa:245d London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
VertaMedia 1.0 /
Resource Hash
58b29c6a1d8d9a4a472faa82ce2ba76eba26d0c9b1263156b13fc8c904123653

Request headers

Host
s.adtelligent.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://s.console.adtarget.com.tr/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://s.console.adtarget.com.tr/

Response headers

Server
VertaMedia 1.0
Date
Fri, 01 Oct 2021 16:27:37 GMT
Content-Type
text/html; charset=UTF-8
Content-Length
612
Access-Control-Allow-Origin
https://s.console.adtarget.com.tr
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Content-Encoding
gzip
csync
sync.console.adtarget.com.tr/ Frame 93C6
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=admatic
  • https://creativecdn.com/cm-notify?pi=admatic&tc=1
  • https://sync.console.adtarget.com.tr/csync?t=a&ep=307080&extuid=C3GOyp9DMzhQygpJx0JW&pi=admatic&tc=1
0
0
/
ads.us.e-planning.net/uspd/1/ Frame 0D59 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=609096
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.249.52.248 , Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
5bcbed5a97ddb008d1c032aa0155c17fa4d2737c7e376813f6864b92b0bae030

Request headers

:method
GET
:authority
ads.us.e-planning.net
:scheme
https
:path
/uspd/1/?du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://s.console.adtarget.com.tr/
accept-encoding
gzip, deflate, br
cookie
CT=1; E=AO1x6Pc7irhc9WWn
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://s.console.adtarget.com.tr/

Response headers

server
openresty
date
Fri, 01 Oct 2021 16:27:38 GMT
content-type
text/html
cache-control
max-age=0, no-cache
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
expires
Fri, 01 Oct 2021 16:27:38 GMT
x-sid
AMS-745
content-encoding
gzip
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 9CD0 		14 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307406%26extuid%3D
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=609096
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba

Request headers

:method
GET
:authority
ads.pubmatic.com
:scheme
https
:path
/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307406%26extuid%3D
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://s.console.adtarget.com.tr/
accept-encoding
gzip, deflate, br
cookie
ipc=156872^https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D156872%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Frouter.infolinks.com%252Fdyn%252Fpbm-usync%253Fuid%253D%2523PMUID^1^0; KADUSERCOOKIE=94A8FEED-3C24-4429-940E-599AF60A8C6A; KCCH=YES; chkChromeAb67Sec=3; DPSync3=1634256000%3A201_197_219%7C1633132800%3A174; SyncRTB3=1633910400%3A63%7C1633651200%3A15_2_223%7C1634256000%3A220_161_3_81_88_165_176_7_166_13_56_99_189_21_8_71_230_231_22_234_204_54_55_222_57%7C1634342400%3A35%7C1635638400%3A203; KRTBCOOKIE_57=22776-634636179186247923; PugT=1633105657; PUBMDCID=3; KRTBCOOKIE_153=19420-r4vzpKqMoPK0iqWhoNjr9fvcpKC0jKD2qIjqsxBB&KRTB&22979-r4vzpKqMoPK0iqWhoNjr9fvcpKC0jKD2qIjqsxBB; KRTBCOOKIE_80=22987-CAESELziic0k1NqFrBcNBV2PS7w&KRTB&16514-CAESELziic0k1NqFrBcNBV2PS7w&KRTB&23025-CAESELziic0k1NqFrBcNBV2PS7w; SPugT=1633105658; KRTBCOOKIE_409=22966-QJTrkX5HMx3AM8MQjJDaXky7
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://s.console.adtarget.com.tr/

Response headers

last-modified
Tue, 15 Jun 2021 06:08:03 GMT
etag
"1300708-3945-5c4c7cc02bd56"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
5054
content-type
text/html; charset=UTF-8
cache-control
max-age=122506
expires
Sun, 03 Oct 2021 02:29:24 GMT
date
Fri, 01 Oct 2021 16:27:38 GMT
vary
Accept-Encoding
csync
sync.console.adtarget.com.tr/ Frame A891 		0
0
usync.js
eus.rubiconproject.com/ Frame 0ED6 		31 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=17184-d
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-42-132.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
273282a153ded9e3bf56932b20e17408048ddd0d3edf359ebc52e1312a927c4e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=17184-d
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Fri, 01 Oct 2021 16:27:38 GMT
Content-Encoding
gzip
Last-Modified
Thu, 30 Sep 2021 18:24:26 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=23845
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9275
Expires
Fri, 01 Oct 2021 23:05:03 GMT
getuid
ib.adnxs.com/ Frame 4657 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/getuid?https://mwzeom.zeotap.com/mw?adnxs_uid=$UID&zpartnerid=2&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f0721f19-9a11-4603-6d77-11da737a68df&reqId=c00f89ce-c871-4734-7fb3-83f9afeba165&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers
mw
mwzeom.zeotap.com/ Frame 4657
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f0721f19-9a11-4603-6d77-11da737a68df&reqId=c00f89ce-c871-4734-7f...
  • https://mwzeom.zeotap.com/mw?google_gid=CAESEIuC-u-ahzj33O7KGK_1r2k&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f0721f19-9a11-4603-6d77-11da737a68df&reqId=c00f89...
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?google_gid=CAESEIuC-u-ahzj33O7KGK_1r2k&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f0721f19-9a11-4603-6d77-11da737a68df&reqId=c00f89ce-c871-4734-7fb3-83f9afeba165&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 16:27:38 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
69770f3cbf9c698b-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Fri, 01 Oct 2021 16:27:38 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://mwzeom.zeotap.com/mw?google_gid=CAESEIuC-u-ahzj33O7KGK_1r2k&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f0721f19-9a11-4603-6d77-11da737a68df&reqId=c00f89ce-c871-4734-7fb3-83f9afeba165&zdid=1361
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
470
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
mw
mwzeom.zeotap.com/ Frame 4657
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/push?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26...
  • https://pixel.tapad.com/idsync/ex/push/check?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent...
  • https://mwzeom.zeotap.com/mw?cid=f2586434-7c50-4ab5-bc63-f51731c0a231&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f0721f19-9a11-4603-6d77-11da737a68df&reqId=c00f89ce-c871-4734...
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=f2586434-7c50-4ab5-bc63-f51731c0a231&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f0721f19-9a11-4603-6d77-11da737a68df&reqId=c00f89ce-c871-4734-7fb3-83f9afeba165&zdid=1361
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 16:27:38 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
69770f3cf81b698b-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

location
https://mwzeom.zeotap.com/mw?cid=f2586434-7c50-4ab5-bc63-f51731c0a231&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f0721f19-9a11-4603-6d77-11da737a68df&reqId=c00f89ce-c871-4734-7fb3-83f9afeba165&zdid=1361
date
Fri, 01 Oct 2021 16:27:38 GMT
via
1.1 google
alt-svc
clear
content-length
0
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
/
dmp.adform.net/serving/cookie/match/ Frame 4657 		0
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmp.adform.net/serving/cookie/match/?party=1105&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f0721f19-9a11-4603-6d77-11da737a68df&reqId=c00f89ce-c871-4734-7fb3-83f9afeba165&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.41 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Oct 2021 16:27:38 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
mw
mwzeom.zeotap.com/ Frame 4657
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=2xlgrzl&ttd_tpi=1&ttd_puid=env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Df0721f19-9a11-4603-6d77-11da737a68df%26reqId%3Dc...
  • https://mwzeom.zeotap.com/mw?cid=23a9f547-69cd-444a-8891-728ca5b966b6&zpartnerid=6&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f0721f19-9a11-4603-6d77-11da737a68df&reqId=c00f89ce-c871-4734...
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=23a9f547-69cd-444a-8891-728ca5b966b6&zpartnerid=6&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f0721f19-9a11-4603-6d77-11da737a68df&reqId=c00f89ce-c871-4734-7fb3-83f9afeba165&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 16:27:38 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
69770f3cdfe9698b-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Fri, 01 Oct 2021 16:27:38 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://mwzeom.zeotap.com/mw?cid=23a9f547-69cd-444a-8891-728ca5b966b6&zpartnerid=6&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f0721f19-9a11-4603-6d77-11da737a68df&reqId=c00f89ce-c871-4734-7fb3-83f9afeba165&zdid=1361
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
481
cm
trc.taboola.com/sg/zeotap/1/ Frame 4657 		0
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/sg/zeotap/1/cm?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f0721f19-9a11-4603-6d77-11da737a68df&reqId=c00f89ce-c871-4734-7fb3-83f9afeba165&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::300 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-vcl-time-ms
20
date
Fri, 01 Oct 2021 16:27:38 GMT
via
1.1 varnish
server
nginx
x-timer
S1633105658.327479,VS0,VE20
x-cache
MISS
x-cache-hits
0
accept-ranges
bytes
content-length
0
x-served-by
cache-mxp6950-MXP
u
dmp.v.fwmrm.net/ad/ Frame 4657 		0
411 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmp.v.fwmrm.net/ad/u?mode=echo&cr=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1368%26env%3DmWeb%26cid%3D%23%7Buser.id%7D%26gdpr%3D%24%7BGDPR_ENFORCED%7D%26gdpr_consent%3D%24%7BGDPR_CONSENT%7D
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:6593:f602:82a0:df8e:67ea:6e72 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 01 Oct 2021 16:27:38 GMT
P3P
policyref="https://www.freewheel.tv/w3c/p3p.xml",CP="ALL DSP COR NID"
Cache-Control
no-store
Connection
keep-alive
Content-Type
text/html
Keep-Alive
timeout=300
Content-Length
0
Expires
0
UCookieSetPug
image6.pubmatic.com/AdServer/ Frame 4657 		0
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image6.pubmatic.com/AdServer/UCookieSetPug?gdpr=1&gdpr_consent=&rd=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1384%26env%3DmWeb%26cid%3D%23PM_USER_ID%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Df0721f19-9a11-4603-6d77-11da737a68df%26reqId%3Dc00f89ce-c871-4734-7fb3-83f9afeba165%26zdid%3D1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.115 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 16:27:36 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
mw
mwzeom.zeotap.com/ Frame 4657
Redirect Chain
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f0721f19-9a11-4603-6d77-11da737a68df&reqId=c00f89ce-c871-4734-7fb3-83f9afeba165&zdid=1361
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f0721f19-9a11-4603-6d77-11da737a68df&reqId=c00f89ce-c871-4734-7fb3-83f9afeba165&zdid=136...
  • https://mwzeom.zeotap.com/mw?cid=a6b9f5a8-a17b-4b71-9928-48d0301a5c24&zpartnerid=317&gdpr=1&gdpr_consent=
95 B
154 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=a6b9f5a8-a17b-4b71-9928-48d0301a5c24&zpartnerid=317&gdpr=1&gdpr_consent=
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 16:27:38 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
69770f3d895f698b-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Fri, 01 Oct 2021 16:27:38 GMT
server
Apache-Coyote/1.1
location
https://mwzeom.zeotap.com/mw?cid=a6b9f5a8-a17b-4b71-9928-48d0301a5c24&zpartnerid=317&gdpr=1&gdpr_consent=
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
x-xss-protection
1; mode=block
expires
0
mw
mwzeom.zeotap.com/ Frame 4657
Redirect Chain
  • https://dpm.demdex.net/ibs:dpid=199624&dpuuid=f0721f19-9a11-4603-6d77-11da737a68df&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3D...
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=199624&dpuuid=f0721f19-9a11-4603-6d77-11da737a68df&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env...
  • https://mwzeom.zeotap.com/mw?cid=25895917415134187250073887492006020299&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f0721f19-9a11-4603-6d77-11da737a68df&reqId=c00f89ce-c871-...
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=25895917415134187250073887492006020299&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f0721f19-9a11-4603-6d77-11da737a68df&reqId=c00f89ce-c871-4734-7fb3-83f9afeba165&zdid=1361
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 16:27:38 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
69770f3d9991698b-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

DCS
dcs-prod-irl1-1-v018-0d71bd386.edge-irl1.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
XFTXi2fOQuc=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://mwzeom.zeotap.com/mw?cid=25895917415134187250073887492006020299&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f0721f19-9a11-4603-6d77-11da737a68df&reqId=c00f89ce-c871-4734-7fb3-83f9afeba165&zdid=1361
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
/
loadeu.exelator.com/load/ Frame 4657 		0
324 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://loadeu.exelator.com/load/?p=709&g=008&j=0&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f0721f19-9a11-4603-6d77-11da737a68df&reqId=c00f89ce-c871-4734-7fb3-83f9afeba165&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.198.69.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-198-69-109.eu-central-1.compute.amazonaws.com
Software
nginx / Undertow/1
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 16:27:38 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
x-powered-by
Undertow/1
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
mw
mwzeom.zeotap.com/ Frame 4657
Redirect Chain
  • https://bn01.er.bemail.it/zeotap.php?_bid=f0721f19-9a11-4603-6d77-11da737a68df&_from=Zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f0721f19-9a11-4603-6d77-11da737a68df&reqId=c00f89ce-...
  • https://mwzeom.zeotap.com/mw?cid=BE1-2021100118-84449-0.089171001633105644-cf3bd9d0e676657ef4d48816d570e159&zdid=533&env=mWeb
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=BE1-2021100118-84449-0.089171001633105644-cf3bd9d0e676657ef4d48816d570e159&zdid=533&env=mWeb
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 16:27:38 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
69770f3d48de698b-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

Location
https://mwzeom.zeotap.com/mw?cid=BE1-2021100118-84449-0.089171001633105644-cf3bd9d0e676657ef4d48816d570e159&zdid=533&env=mWeb
Date
Fri, 01 Oct 2021 16:27:24 GMT
Server
nginx/1.10.2
Connection
keep-alive
X-Powered-By
PHP/5.4.16
Transfer-Encoding
chunked
Content-Type
text/html
mw
mwzeom.zeotap.com/ Frame 4657
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%25%25COOKIE%25%25%26env%3DmWeb%26zpartnerid%3D563%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_con...
  • https://mwzeom.zeotap.com/mw?cid=7014135392026556563&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f0721f19-9a11-4603-6d77-11da737a68df&reqId=c00f89ce-c871-4734-7fb3-...
95 B
164 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=7014135392026556563&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f0721f19-9a11-4603-6d77-11da737a68df&reqId=c00f89ce-c871-4734-7fb3-83f9afeba165&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 16:27:38 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
69770f3cbf9f698b-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

Location
https://mwzeom.zeotap.com/mw?cid=7014135392026556563&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f0721f19-9a11-4603-6d77-11da737a68df&reqId=c00f89ce-c871-4734-7fb3-83f9afeba165&zdid=1361
Date
Fri, 01 Oct 2021 16:27:38 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
check
pixel.tapad.com/idsync/ex/receive/ Frame 4657
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2885&partner_device_id=f0721f19-9a11-4603-6d77-11da737a68df
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2885&partner_device_id=f0721f19-9a11-4603-6d77-11da737a68df
95 B
426 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2885&partner_device_id=f0721f19-9a11-4603-6d77-11da737a68df
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.248.159 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
159.248.227.35.bc.googleusercontent.com
Software
/
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 16:27:38 GMT
via
1.1 google
content-type
image/png
alt-svc
clear
content-length
95
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

Redirect headers

location
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2885&partner_device_id=f0721f19-9a11-4603-6d77-11da737a68df
date
Fri, 01 Oct 2021 16:27:38 GMT
via
1.1 google
alt-svc
clear
content-length
0
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
mw
mwzeom.zeotap.com/ Frame 4657
Redirect Chain
  • https://idsync.frontend.weborama.fr/ids?key=zeotap&value=f0721f19-9a11-4603-6d77-11da737a68df&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26...
  • https://idsync.frontend.weborama.fr/ids?key=zeotap&value=f0721f19-9a11-4603-6d77-11da737a68df&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26...
  • https://mwzeom.zeotap.com/mw?webouuid=/KWcLfui7U6hK.08hxWb0u&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f0721f19-9a11-4603-6d77-11da737a68df&reqId=c00f89ce-c871-47...
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?webouuid=/KWcLfui7U6hK.08hxWb0u&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f0721f19-9a11-4603-6d77-11da737a68df&reqId=c00f89ce-c871-4734-7fb3-83f9afeba165&zdid=1361
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 16:27:38 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
69770f3d1869698b-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Fri, 01 Oct 2021 16:27:38 GMT
via
1.1 google
last-modified
Fri, 01 Oct 2021 16:27:38 GMT
server
nginx/1.12.0
location
https://mwzeom.zeotap.com/mw?webouuid=/KWcLfui7U6hK.08hxWb0u&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f0721f19-9a11-4603-6d77-11da737a68df&reqId=c00f89ce-c871-4734-7fb3-83f9afeba165&zdid=1361
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc
clear
content-length
0
expires
Tue, 03 Jul 2001 06:00:00 GMT
2.gif
dmp.theadex.com/d/949/i/ Frame 4657 		36 B
378 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmp.theadex.com/d/949/i/2.gif?axd_fuid=f0721f19-9a11-4603-6d77-11da737a68df&axd_pid=175
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
89.163.159.109 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software
nginx /
Resource Hash
204265a6f1fc8529e4a64cff2c17c04709b46455f93003d24edb50bd78977223

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Oct 2021 16:27:38 GMT
server
nginx
p3p
CP="CAO PSAa PSDa IVAa IVDa OUR UNI COM NAV"
cache-control
no-store, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
content-length
36
expires
0
mw
mwzeom.zeotap.com/ Frame 4657
Redirect Chain
  • https://bcp.crwdcntrl.net/map/c=13620/tp=ZEOT/tpid=f0721f19-9a11-4603-6d77-11da737a68df?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_con...
  • https://bcp.crwdcntrl.net/map/ct=y/c=13620/tp=ZEOT/tpid=f0721f19-9a11-4603-6d77-11da737a68df?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdp...
  • https://mwzeom.zeotap.com/mw?pid=101aa7b3afa5d30f46ca46c812d1c2f1&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f0721f19-9a11-4603-6d77-11da737a68df&reqId=c00f89ce-c8...
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?pid=101aa7b3afa5d30f46ca46c812d1c2f1&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f0721f19-9a11-4603-6d77-11da737a68df&reqId=c00f89ce-c871-4734-7fb3-83f9afeba165&zdid=1361
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 16:27:38 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
69770f3db9c1698b-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Fri, 01 Oct 2021 16:27:38 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location
https://mwzeom.zeotap.com/mw?pid=101aa7b3afa5d30f46ca46c812d1c2f1&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f0721f19-9a11-4603-6d77-11da737a68df&reqId=c00f89ce-c871-4734-7fb3-83f9afeba165&zdid=1361
cache-control
no-cache
x-server
10.45.31.246
content-length
0
expires
0
mw
mwzeom.zeotap.com/ Frame 4657
Redirect Chain
  • https://cms.analytics.yahoo.com/cms?partner_id=ZTAP
  • https://mwzeom.zeotap.com/mw?cid=y-qu1efLZE2opJPbkQcDhxGA27w5Ztsm8Xww--~A&zpartnerid=570&env=mWeb
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=y-qu1efLZE2opJPbkQcDhxGA27w5Ztsm8Xww--~A&zpartnerid=570&env=mWeb
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 16:27:38 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
69770f3d8961698b-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

date
Fri, 01 Oct 2021 16:27:38 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
text/html;charset=utf-8
location
https://mwzeom.zeotap.com/mw?cid=y-qu1efLZE2opJPbkQcDhxGA27w5Ztsm8Xww--~A&zpartnerid=570&env=mWeb
x-xss-protection
1; mode=block
strict-transport-security
max-age=31536000
content-length
0
x-content-type-options
nosniff
mw
mwzeom.zeotap.com/ Frame 4657
Redirect Chain
  • https://aa.agkn.com/adscores/g.pixel?sid=9212299398&zctry=DEU&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f0721f19-9a11-4603-6d77-11da737a68df&reqId=c00f89ce-c871-4734-7fb3-83f9afeba165&zd...
  • https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1361&cid=4KrTc7jWVdGsU%2FvZB56tqpzKdkFCD3bL%2BS41iYitP1U%3D
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1361&cid=4KrTc7jWVdGsU%2FvZB56tqpzKdkFCD3bL%2BS41iYitP1U%3D
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 16:27:38 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
69770f3cbf9b698b-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Fri, 01 Oct 2021 16:27:38 GMT
server
AAWebServer
p3p
policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
location
https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1361&cid=4KrTc7jWVdGsU%2FvZB56tqpzKdkFCD3bL%2BS41iYitP1U%3D
cache-control
no-cache, no-store, must-revalidate
content-length
0
expires
0
v2
odr.mookie1.com/t/ Frame 4657 		43 B
324 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://odr.mookie1.com/t/v2?tagid=V2_746632&src.visitorId=f0721f19-9a11-4603-6d77-11da737a68df&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f0721f19-9a11-4603-6d77-11da737a68df&reqId=c00f89ce-c871-4734-7fb3-83f9afeba165&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.67.61 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
61.67.98.34.bc.googleusercontent.com
Software
Apache /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Oct 2021 16:27:38 GMT
via
1.1 google
server
Apache
p3p
CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif;charset=UTF-8
alt-svc
clear
content-length
43
x-application-context
application
expires
Thu, 01 Jan 1970 00:00:00 GMT
usermatch.gif
beacon.krxd.net/ Frame 4657 		0
339 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?partner=zeotap&partner_uid=141838&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f0721f19-9a11-4603-6d77-11da737a68df&reqId=c00f89ce-c871-4734-7fb3-83f9afeba165&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.48.23.163 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-48-23-163.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 16:27:38 GMT
cache-control
private, no-cache, no-store
x-request-time
D=44 t=1633105658
x-served-by
beacon-n007-dub-prod.krxd.net
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
/
sync.richaudience.com/1988B3F6BED450961C9D70DD91/ Frame 4657 		95 B
360 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.richaudience.com/1988B3F6BED450961C9D70DD91/?uuid=f0721f19-9a11-4603-6d77-11da737a68df&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f0721f19-9a11-4603-6d77-11da737a68df&reqId=c00f89ce-c871-4734-7fb3-83f9afeba165&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
162.55.236.225 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.225.236.55.162.clients.your-server.de
Software
nginx/1.14.2 /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 16:27:38 GMT
server
nginx/1.14.2
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-type
image/png
mw
mwzeom.zeotap.com/ Frame 4657
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_co...
  • https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=YVc2_gAAAlCrpAA6&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f0721f19-9a11-4603-6d77-11da737a68df&reqId=c00f89ce-c871-4734-7fb3-83f...
95 B
154 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=YVc2_gAAAlCrpAA6&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f0721f19-9a11-4603-6d77-11da737a68df&reqId=c00f89ce-c871-4734-7fb3-83f9afeba165&zdid=1361
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 16:27:38 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
69770f3d38b3698b-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Fri, 01 Oct 2021 16:27:38 GMT
via
1.1 varnish
server
Jetty(9.4.35.v20201120)
x-timer
S1633105658.323026,VS0,VE89
x-served-by
cache-hhn4075-HHN
x-cache
MISS
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
location
https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=YVc2_gAAAlCrpAA6&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f0721f19-9a11-4603-6d77-11da737a68df&reqId=c00f89ce-c871-4734-7fb3-83f9afeba165&zdid=1361
cache-control
no-cache
accept-ranges
bytes
access-control-allow-origin
*
content-length
0
x-cache-hits
0
mw
mwzeom.zeotap.com/ Frame 4657
Redirect Chain
  • https://pixel.mathtag.com/sync/img?mt_exid=10092&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%5BMM_UUID%5D%26env%3DmWeb%26zpartnerid%3D979%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_co...
  • https://mwzeom.zeotap.com/mw?cid=714d6157-36fa-4300-b14d-a18edead5062&env=mWeb&zpartnerid=979&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f0721f19-9a11-4603-6d77-11da737a68df&reqId=c00f89c...
95 B
154 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=714d6157-36fa-4300-b14d-a18edead5062&env=mWeb&zpartnerid=979&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f0721f19-9a11-4603-6d77-11da737a68df&reqId=c00f89ce-c871-4734-7fb3-83f9afeba165&zdid=1361
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 16:27:38 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
69770f3d9989698b-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

Date
Fri, 01 Oct 2021 16:27:38 GMT
Server
MT3 3984 0e3af3b master cdg-pixel-x26 config:1.0.0
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location
https://mwzeom.zeotap.com/mw?cid=714d6157-36fa-4300-b14d-a18edead5062&env=mWeb&zpartnerid=979&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f0721f19-9a11-4603-6d77-11da737a68df&reqId=c00f89ce-c871-4734-7fb3-83f9afeba165&zdid=1361
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
0
Expires
Fri, 01 Oct 2021 16:27:37 GMT
usermatch.gif
beacon.krxd.net/ Frame 4657
Redirect Chain
  • https://usermatch.krxd.net/um/v2?partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f0721f19-9a11-4603-6d77-11da737a68df&reqId=c00f89ce-c871-4734-7fb3-83f9afeba165&zdid=1361
  • https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f0721f19-9a11-4603-6d77-11da737a68df&reqId=c00f89ce-c871-4734-7fb3-83f9afeb...
0
338 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f0721f19-9a11-4603-6d77-11da737a68df&reqId=c00f89ce-c871-4734-7fb3-83f9afeba165&zdid=1361
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.48.23.163 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-48-23-163.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 16:27:38 GMT
cache-control
private, no-cache, no-store
x-request-time
D=43 t=1633105658
x-served-by
beacon-n017-dub-prod.krxd.net
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f0721f19-9a11-4603-6d77-11da737a68df&reqId=c00f89ce-c871-4734-7fb3-83f9afeba165&zdid=1361
date
Fri, 01 Oct 2021 16:27:38 GMT
x-cache-hits
0
x-age
0
content-length
0
x-cache
MISS
x-served-by
usermatch-a005-ash-prod.krxd.net
dcm
aax-eu.amazon-adsystem.com/s/ Frame 4657
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=f0721f19-9a11-4603-6d77-11da737a68df&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f0721f19-9a11-4603-6d7...
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=f0721f19-9a11-4603-6d77-11da737a68df&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f0721f19-9a11-4603-6d7...
43 B
645 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=f0721f19-9a11-4603-6d77-11da737a68df&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f0721f19-9a11-4603-6d77-11da737a68df&reqId=c00f89ce-c871-4734-7fb3-83f9afeba165&zdid=1361&dcc=t
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.126.160 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 01 Oct 2021 16:27:38 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
Y14MS6B2PGMEBMSDDMBY
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 01 Oct 2021 16:27:38 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
K6AMP0YHV5JACTHVTM1Z
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=f0721f19-9a11-4603-6d77-11da737a68df&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f0721f19-9a11-4603-6d77-11da737a68df&reqId=c00f89ce-c871-4734-7fb3-83f9afeba165&zdid=1361&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
mw
mwzeom.zeotap.com/ Frame 4657
Redirect Chain
  • https://tags.bluekai.com/site/87734?id=f0721f19-9a11-4603-6d77-11da737a68df&gdpr=1&gdpr_consent=&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1202%26env%3DmWeb%26cid%3D%24_BK_UUID%26BK...
  • https://mwzeom.zeotap.com/mw?zpartnerid=1202&env=mWeb&cid=$_BK_UUID&BK_SWAP_DEST=87734
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1202&env=mWeb&cid=$_BK_UUID&BK_SWAP_DEST=87734
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 16:27:38 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
69770f3eac50698b-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

Location
https://mwzeom.zeotap.com/mw?zpartnerid=1202&env=mWeb&cid=$_BK_UUID&BK_SWAP_DEST=87734
Date
Fri, 01 Oct 2021 16:27:38 GMT
Connection
keep-alive
Content-Length
0
BK-Server
f694
P3P
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
mw
mwzeom.zeotap.com/ Frame 4657
Redirect Chain
  • https://obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com/zeo?url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1395%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Df07...
  • https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f0721f19-9a11-4603-6d77-11da737a68df&reqId=c00f89ce-c871-4734-7fb3-83f9afeba165&zdid=1361
95 B
203 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f0721f19-9a11-4603-6d77-11da737a68df&reqId=c00f89ce-c871-4734-7fb3-83f9afeba165&zdid=1361
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 16:27:38 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
69770f3e1a8d698b-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

location
https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f0721f19-9a11-4603-6d77-11da737a68df&reqId=c00f89ce-c871-4734-7fb3-83f9afeba165&zdid=1361
date
Fri, 01 Oct 2021 16:27:38 GMT
cross-origin-resource-policy
cross-origin
content-length
0
cmp.min.js
spl.zeotap.com/ Frame 4657 		557 B
500 B 		Script
General
Check archive.org
Download Go to
Full URL
https://spl.zeotap.com/cmp.min.js?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f0721f19-9a11-4603-6d77-11da737a68df&reqId=c00f89ce-c871-4734-7fb3-83f9afeba165&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f998bc528ad162ef739d7ef610ae7d755b7a82bd0615d0b4ae2c7aedd2d028a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

cf-ray
69770f3c8f19698b-FRA
date
Fri, 01 Oct 2021 16:27:38 GMT
via
1.1 google
cf-cache-status
MISS
last-modified
Fri, 01 Oct 2021 16:27:38 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
content-encoding
br
access-control-allow-headers
*
csync
sync.adtelligent.com/ Frame 9BD5 		0
0
um
u-ams02.e-planning.net/ Frame 0D59
Redirect Chain
  • https://pixel.sitescout.com/dmp/pixelSync?network=EPLANNING&rurl=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fuid%3D%7BUSER_ID%7D%26dc%3D0abbcb4eba840e59%26fi%3D77699cccf08a309c
  • https://u-ams02.e-planning.net/um?uid=no-consent&dc=0abbcb4eba840e59&fi=77699cccf08a309c
42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-ams02.e-planning.net/um?uid=no-consent&dc=0abbcb4eba840e59&fi=77699cccf08a309c
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.178.65.245 Woerden, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 16:27:38 GMT
server
openresty
content-type
image/gif

Redirect headers

pragma
no-cache
date
Fri, 01 Oct 2021 16:27:37 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://u-ams02.e-planning.net/um?uid=no-consent&dc=0abbcb4eba840e59&fi=77699cccf08a309c
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
dataxpand_28122020.js
s.e-planning.net/esb/4/1/3fb8/8a4272ba9ae263fe/ Frame 0D59 		39 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.e-planning.net/esb/4/1/3fb8/8a4272ba9ae263fe/dataxpand_28122020.js
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.178.65.253 Woerden, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
i.e-planning.net
Software
openresty /
Resource Hash
792e8d90eda8320b9bad0aa1aa9b98cb609ac3a72a642e6d370f40131c88ebe4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 16:27:37 GMT
content-encoding
gzip
last-modified
Mon, 28 Dec 2020 16:45:03 GMT
server
openresty
etag
W/"5fea0b8f-9a72"
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=157680000
expires
Wed, 30 Sep 2026 16:27:37 GMT
retargetly_030920.js
s.e-planning.net/esb/4/1/3fb8/7bb4893a30d21aef/ Frame 0D59 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.e-planning.net/esb/4/1/3fb8/7bb4893a30d21aef/retargetly_030920.js
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.178.65.253 Woerden, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
i.e-planning.net
Software
openresty /
Resource Hash
18cbfcb608af5885f7916274b60578d32006c90e8fce3d98dbcc89a646707608

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 16:27:37 GMT
content-encoding
gzip
last-modified
Thu, 03 Sep 2020 18:45:03 GMT
server
openresty
etag
W/"5f5139af-857"
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=157680000
expires
Wed, 30 Sep 2026 16:27:37 GMT
t3m.js
tags.t.tailtarget.com/ Frame 0D59 		26 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.t.tailtarget.com/t3m.js?i=TT-10759-0/CT-1261
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.123.184 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
184.123.201.35.bc.googleusercontent.com
Software
nginx/1.8.1 /
Resource Hash
0dbd6403c5a3cd65b34063741db8d791fd9eb988159a990c75169b2c7f36f4ff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 15:41:56 GMT
content-encoding
gzip
age
2742
x-guploader-uploadid
ADPycdswXVdYXxsYHCBZma7WiQQEsiX13yuta98YheOH5er1Ny8eDzswV_D6r9i0gNzts8EORG8bJEWnnWYZfsIShDgqIDizpA
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
clear
content-length
8646
last-modified
Thu, 16 Sep 2021 18:47:23 GMT
server
nginx/1.8.1
etag
"7a0d51fa0e81c614d214772858a1315c"
vary
Accept-Encoding
x-goog-hash
md5=eg1R+g6BxhTSFHcoWKExXA==
x-goog-generation
1631818043241112
via
1.1 google
cache-control
max-age=7200,public
x-goog-stored-content-length
8646
accept-ranges
bytes
content-type
application/javascript
expires
Fri, 01 Oct 2021 17:41:56 GMT
um
u-ams02.e-planning.net/ Frame 0D59
Redirect Chain
  • https://rtb.openx.net/sync/prebid?r=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Dff96d1aa62deeebd%26fi%3D77699cccf08a309c%26uid%3D%24%7BUID%7D
  • https://u-ams02.e-planning.net/um?dc=ff96d1aa62deeebd&fi=77699cccf08a309c&uid=a05dac23-db56-4909-b2c5-d3499480ebde
42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-ams02.e-planning.net/um?dc=ff96d1aa62deeebd&fi=77699cccf08a309c&uid=a05dac23-db56-4909-b2c5-d3499480ebde
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.178.65.245 Woerden, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 16:27:38 GMT
server
openresty
content-type
image/gif

Redirect headers

pragma
no-cache
date
Fri, 01 Oct 2021 16:27:37 GMT
via
1.1 google
server
Cowboy
access-control-allow-origin
null
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://u-ams02.e-planning.net/um?dc=ff96d1aa62deeebd&fi=77699cccf08a309c&uid=a05dac23-db56-4909-b2c5-d3499480ebde
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
alt-svc
clear
content-length
0
x-request-id
skog9i04tkf877lh0vl6ojktpv9qdir1
ptag
a.audrte.com/ Frame 0D59 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.audrte.com/ptag?p=M1353665098
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.215.193.43 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-215-193-43.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
fd2f43dab3326dad7364404c0e69c552ccb6ab0d9aa883afa268065734ace1f1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Fri, 01 Oct 2021 16:27:38 GMT
Content-Encoding
gzip
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
text/plain;charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-transform, public, max-age=3600
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1682
lotame.js
s.e-planning.net/esb/4/1/3fb8/69b1486c74a3b7dc/ Frame 0D59 		266 B
415 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s.e-planning.net/esb/4/1/3fb8/69b1486c74a3b7dc/lotame.js
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.178.65.253 Woerden, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
i.e-planning.net
Software
openresty /
Resource Hash
76d1da9e9902ccf3d2983b706151d7c4f1a910c86b757fae4302ccf989c630a7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 16:27:37 GMT
content-encoding
gzip
last-modified
Thu, 19 Nov 2020 16:18:03 GMT
server
openresty
etag
W/"5fb69abb-10a"
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=157680000
expires
Wed, 30 Sep 2026 16:27:37 GMT
current
prebid-match.dotomi.com/match/bounce/ Frame 0D59 		0
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid-match.dotomi.com/match/bounce/current?networkId=72582&version=1&rurl=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Dfbb23d0ef33aad5d%26fi%3D77699cccf08a309c%26uid%3D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:16::1370 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Oct 2021 16:27:38 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
/
sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/ Frame 0D59
Redirect Chain
  • https://sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/?p=25BiP9IMgN&r=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fuid%3D[PDID]%26dc%3Dfabfd6762b833237%26fi%3D77699cccf08a309c
  • https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fads.us.e-planning.net%2F
95 B
222 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fads.us.e-planning.net%2F
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
162.55.236.225 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.225.236.55.162.clients.your-server.de
Software
nginx/1.14.2 /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 16:27:38 GMT
server
nginx/1.14.2
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-type
image/png

Redirect headers

location
https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fads.us.e-planning.net%2F
date
Fri, 01 Oct 2021 16:27:38 GMT
server
nginx/1.14.2
content-type
text/html; charset=UTF-8
um
u-ams02.e-planning.net/ Frame 0D59
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D8103fa85295fbe60%26fi%3D77699cccf08a309c%26uid%3D%24UID
  • https://u-ams02.e-planning.net/um?dc=8103fa85295fbe60&fi=77699cccf08a309c&uid=634636179186247923
42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-ams02.e-planning.net/um?dc=8103fa85295fbe60&fi=77699cccf08a309c&uid=634636179186247923
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.178.65.245 Woerden, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 16:27:38 GMT
server
openresty
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Fri, 01 Oct 2021 16:27:38 GMT
X-Proxy-Origin
194.36.108.21; 194.36.108.21; 868.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
953dc599-6619-4f99-81e2-b8d0085186ce
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://u-ams02.e-planning.net/um?dc=8103fa85295fbe60&fi=77699cccf08a309c&uid=634636179186247923
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
us
sync.go.sonobi.com/ Frame 0D59 		0
411 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us?loc=%0A%0Ahttps%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3De52415579699e09f%26fi%3D77699cccf08a309c%26uid%3D%5BUID%5D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
72.34.250.75 North Hollywood, United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 01 Oct 2021 16:27:38 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
go-lax-1-5-10
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Type
text/plain; charset=utf8
Content-Length
0
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
um
sync.e-planning.net/ Frame 0D59
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58414/occ
  • https://sync.e-planning.net/um?dc=d5ef3eaea371187e&iss=1&uid=y-mTXOWBpE2uHL.P4UjCAh6thOLF9faVQge.mK5is-~A
42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.e-planning.net/um?dc=d5ef3eaea371187e&iss=1&uid=y-mTXOWBpE2uHL.P4UjCAh6thOLF9faVQge.mK5is-~A
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.249.52.248 , Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 16:27:38 GMT
server
openresty
content-type
image/gif

Redirect headers

Date
Fri, 01 Oct 2021 16:27:38 GMT
Server
ATS/7.1.2.138
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://sync.e-planning.net/um?dc=d5ef3eaea371187e&iss=1&uid=y-mTXOWBpE2uHL.P4UjCAh6thOLF9faVQge.mK5is-~A
Connection
keep-alive
Content-Length
0
um
u-ams02.e-planning.net/ Frame 0D59
Redirect Chain
  • https://cs.admanmedia.com/sync/eplanning?redir=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D227acb3d18564968%26fi%3D77699cccf08a309c%26uid%3D%7B%24UID%7D
  • https://u-ams02.e-planning.net/um?dc=227acb3d18564968&fi=77699cccf08a309c&uid=c00944b7336de56682eaf6b93403ee305869d87d
42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-ams02.e-planning.net/um?dc=227acb3d18564968&fi=77699cccf08a309c&uid=c00944b7336de56682eaf6b93403ee305869d87d
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.178.65.245 Woerden, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 16:27:38 GMT
server
openresty
content-type
image/gif

Redirect headers

Location
https://u-ams02.e-planning.net/um?dc=227acb3d18564968&fi=77699cccf08a309c&uid=c00944b7336de56682eaf6b93403ee305869d87d
Date
Fri, 01 Oct 2021 16:27:38 GMT
Transfer-Encoding
chunked
Server
nginx
Connection
keep-alive
X-Frame-Options
DENY
Strict-Transport-Security
max-age=63072000; includeSubdomains; preload
usync.html
eus.rubiconproject.com/ Frame 2597
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?&p=12186&endpoint=eu
  • https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-42-132.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Host
eus.rubiconproject.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.us.e-planning.net/
Accept-Encoding
gzip, deflate, br
Cookie
khaos=KU8KXX7B-1T-OVE; rsid=1|AIfsdBUO++vuGxiryvY4NyLgsLINffPD0nJRTZPyMmB0r4WWOQTuL9+eZLvlgeCkRh3C4GjGYWrGRQSWDHOtFAT+ngdWyQZYykB4JZyHexlK9j7tYKExPQ==; audit=1|hLZGFuTafB38Wygj3GuT20ZeVCuLeoYaJAQRvrb7NaaVL7v9nbH7lg7eXlkMNyatTSCe5WDhxwxymPvo8pleP2KLLa4BRoMRcV9NAwqhSw8=; pux=2249%3D103000%262307%3D103000%262974%3D103000%263778%3D103000%26idl%3D103000%262249-DV360-Hosted%3D103000%26brx%3D103000%26goog%3D103000%26
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Thu, 30 Sep 2021 18:24:26 GMT
ETag
"403b8-119-5cd3a8e7e6a80"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Fri, 01 Oct 2021 16:27:38 GMT
Connection
keep-alive
Vary
Accept-Encoding

Redirect headers

Server
AkamaiGHost
Content-Length
0
Location
https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Date
Fri, 01 Oct 2021 16:27:38 GMT
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 44A0 		14 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D77699cccf08a309c%26uid%3D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba

Request headers

:method
GET
:authority
ads.pubmatic.com
:scheme
https
:path
/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D77699cccf08a309c%26uid%3D
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.us.e-planning.net/
accept-encoding
gzip, deflate, br
cookie
KADUSERCOOKIE=94A8FEED-3C24-4429-940E-599AF60A8C6A; KCCH=YES; DPSync3=1634256000%3A201_197_219%7C1633132800%3A174; SyncRTB3=1633910400%3A63%7C1633651200%3A15_2_223%7C1634256000%3A220_161_3_81_88_165_176_7_166_13_56_99_189_21_8_71_230_231_22_234_204_54_55_222_57%7C1634342400%3A35%7C1635638400%3A203; KRTBCOOKIE_57=22776-634636179186247923; PUBMDCID=3; KRTBCOOKIE_153=19420-r4vzpKqMoPK0iqWhoNjr9fvcpKC0jKD2qIjqsxBB&KRTB&22979-r4vzpKqMoPK0iqWhoNjr9fvcpKC0jKD2qIjqsxBB; KRTBCOOKIE_80=22987-CAESELziic0k1NqFrBcNBV2PS7w&KRTB&16514-CAESELziic0k1NqFrBcNBV2PS7w&KRTB&23025-CAESELziic0k1NqFrBcNBV2PS7w; KRTBCOOKIE_409=22966-QJTrkX5HMx3AM8MQjJDaXky7; KRTBCOOKIE_391=22924-6142303374695120563&KRTB&23263-6142303374695120563; KRTBCOOKIE_1101=23040-7014135392026556563; KRTBCOOKIE_377=6810-23a9f547-69cd-444a-8891-728ca5b966b6&KRTB&22918-23a9f547-69cd-444a-8891-728ca5b966b6&KRTB&23031-23a9f547-69cd-444a-8891-728ca5b966b6; chkChromeAb67Sec=4; KRTBCOOKIE_27=16735-uid:714d6157-36fa-4300-b14d-a18edead5062&KRTB&16736-uid:714d6157-36fa-4300-b14d-a18edead5062&KRTB&23019-uid:714d6157-36fa-4300-b14d-a18edead5062&KRTB&23114-uid:714d6157-36fa-4300-b14d-a18edead5062; SPugT=1633105657; KRTBCOOKIE_336=5844-6090178948821815727; KRTBCOOKIE_22=14911-2355061870237820537; KRTBCOOKIE_188=3189-no-consent; PugT=1633105656
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/

Response headers

last-modified
Tue, 15 Jun 2021 06:08:03 GMT
etag
"1300708-3945-5c4c7cc02bd56"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
5054
content-type
text/html; charset=UTF-8
cache-control
max-age=122506
expires
Sun, 03 Oct 2021 02:29:24 GMT
date
Fri, 01 Oct 2021 16:27:38 GMT
vary
Accept-Encoding
uu
ih.adscale.de/ Frame 24D5
Redirect Chain
  • https://ih.adscale.de/uu?cbfn=receive&t=1633105658
  • https://ih.adscale.de/uu?cbfn=receive&t=1633105658&nut&uu=5aa65adb05774b408f82c0e5cd97dce9
44 B
213 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ih.adscale.de/uu?cbfn=receive&t=1633105658&nut&uu=5aa65adb05774b408f82c0e5cd97dce9
Requested by
Host: js.adscale.de
URL: https://js.adscale.de/pbsync.html?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307565%26extuid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.93.135.255 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-93-135-255.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
4f3f6ff4c625dd80fbf39a4d867029612362e834b16e21fad2746b7390640c74

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://js.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 16:27:38 GMT
content-length
44
content-type
text/javascript;charset=ISO-8859-1

Redirect headers

location
https://ih.adscale.de/uu?cbfn=receive&t=1633105658&nut&uu=5aa65adb05774b408f82c0e5cd97dce9
date
Fri, 01 Oct 2021 16:27:38 GMT
content-length
0
bundle.js
cdn.admatic.com.tr/user/ Frame 4E08 		54 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.admatic.com.tr/user/bundle.js
Requested by
Host: cdn.admatic.com.tr
URL: https://cdn.admatic.com.tr/user
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.187.169.47 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-89-187-169-47.cdn77.com
Software
BunnyCDN-DE1-756 /
Resource Hash
8b5cbe512fbb056de7aa42963d3bac7e38adb05e32fbe6f502b4fad3cabf57fc

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cdn.admatic.com.tr/user
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 16:27:38 GMT
content-encoding
br
cdn-edgestorageid
756
cdn-fileserver
141
cdn-storageserver
DE-51
cdn-cachedat
2021-08-12 13:48:34
cdn-pullzone
266102
last-modified
Fri, 12 Mar 2021 04:24:48 GMT
server
BunnyCDN-DE1-756
cdn-requestpullcode
200
vary
Accept-Encoding
content-type
application/javascript
cdn-cache
HIT
cdn-uid
bea626e5-d007-4073-8941-73ce8dd2f81c
cache-control
public, max-age=3600
cdn-requestid
c5b968b6290d58e7d6179959e38fb5e1
cdn-requestcountrycode
DE
cdn-status
200
cdn-requestpullsuccess
True
YVc2988_j77K_IFFqvvWpgAABMIAAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 31BC 		43 B
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/YVc2988_j77K_IFFqvvWpgAABMIAAAAB?gdpr_consent=&us_privacy=&gdpr=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D77699cccf08a309c%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1288:110:c305::8000 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 16:27:38 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
getuid
secure.adnxs.com/ Frame 31BC 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID&gdpr=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D77699cccf08a309c%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.45 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers
sync
ups.analytics.yahoo.com/ups/55940/ Frame 31BC 		0
234 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=YVc2988_j77K_IFFqvvWpgAABMIAAAAB&gdpr_consent=&us_privacy=&gdpr=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D77699cccf08a309c%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
18.156.0.31 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-0-31.eu-central-1.compute.amazonaws.com
Software
ATS/7.1.2.138 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Fri, 01 Oct 2021 16:27:38 GMT
Server
ATS/7.1.2.138
Connection
keep-alive
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
rum
dsum-sec.casalemedia.com/ Frame 31BC
Redirect Chain
  • https://ad.turn.com/r/cs?pid=21&gdpr=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=2355061870237820537
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=2355061870237820537
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D77699cccf08a309c%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 01 Oct 2021 16:27:38 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 01 Oct 2021 16:27:38 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=2355061870237820537
pragma
no-cache
date
Fri, 01 Oct 2021 16:27:38 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
ZMAwryCI
sync-tm.everesttech.net/upi/pid/ Frame 31BC 		85 B
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&gdpr=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D77699cccf08a309c%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Jetty(9.4.35.v20201120) /
Resource Hash
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Oct 2021 16:27:38 GMT
via
1.1 varnish
server
Jetty(9.4.35.v20201120)
x-timer
S1633105658.342409,VS0,VE89
x-served-by
cache-hhn4075-HHN
x-cache
MISS
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin
*
cache-control
no-cache
accept-ranges
bytes
content-type
image/png
content-length
85
x-cache-hits
0
getuid
ib.adnxs.com/ Frame 31BC 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID&gdpr=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D77699cccf08a309c%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers
casale
match.adsrvr.org/track/cmf/ Frame 31BC 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale?gdpr=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D77699cccf08a309c%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.131 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a97adde81b00f2ca4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Oct 2021 16:27:38 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
ix
ad4m.at/ad/sim/ Frame 31BC 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad4m.at/ad/sim/ix?gdpr=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D77699cccf08a309c%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers
um
u-ams02.e-planning.net/ Frame 31BC 		42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-ams02.e-planning.net/um?dc=99e41df815fd80b4&fi=77699cccf08a309c&uid=YVc2988-j77K-IFFqvvWpgAA%261218
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D77699cccf08a309c%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.178.65.245 Woerden, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 16:27:38 GMT
server
openresty
content-type
image/gif
sync.php
pixel.rubiconproject.com/exchange/ Frame 0ED6 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/exchange/sync.php?p=17184-d
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=17184-d
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
66ef90d06496cfd000aab8206f2b6221
Content-Type
image/gif
T2.min.js
resources-rt.idx.lat/ Frame 155A 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://resources-rt.idx.lat/T2.min.js
Requested by
Host: api.retargetly.com
URL: https://api.retargetly.com/loader?id=1473
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:1cda , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1326c88d831faec75944c75ab8fb61c5e5c18ade4c6a3fa2de16baafdc64ec97

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 16:27:38 GMT
via
1.1 7a17e7bab97826b103c75b700dd638e2.cloudfront.net (CloudFront)
cf-cache-status
HIT
age
4571
x-cache
Hit from cloudfront
content-encoding
gzip
last-modified
Tue, 14 Sep 2021 17:49:35 GMT
server
cloudflare
etag
W/"0e27aee1b6a9fa35cb3b3bbcfd005aaf"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=86400
x-amz-cf-pop
FRA60-P2
cf-ray
69770f3d198fd6d9-FRA
x-amz-cf-id
kYESZlzmSS-n7wAcXGJgw-8Z8KD1hA-zxPh4dbSfzy9_BrZNoKd2qw==
api
api.retargetly.com/ Frame 0FC8
Redirect Chain
  • https://api.retargetly.com/api?id=1473&src=0&url=https%3A%2F%2Fwww.oann.com%2Fsen-johnson-says-covid-19-peaked-before-vaccine-rollout-resurged-after-mass-vaccinations%2F&browserUrl=https%3A%2F%2Fad...
  • https://api.retargetly.com/api?id=1473&src=0&url=https%3A%2F%2Fwww.oann.com%2Fsen-johnson-says-covid-19-peaked-before-vaccine-rollout-resurged-after-mass-vaccinations%2F&browserUrl=https%3A%2F%2Fad...
2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://api.retargetly.com/api?id=1473&src=0&url=https%3A%2F%2Fwww.oann.com%2Fsen-johnson-says-covid-19-peaked-before-vaccine-rollout-resurged-after-mass-vaccinations%2F&browserUrl=https%3A%2F%2Fads.us.e-planning.net%2Fuspd%2F1%2F%3Fct%3D1%26du%3Dhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D307971%2526extuid%253D%2524UID&ref=https%3A%2F%2Fads.us.e-planning.net%2Fuspd%2F1%2F%3Fct%3D1%26du%3Dhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D307971%2526extuid%253D%2524UID&utmz=&n=&md=&mk=&il=1&limit_drop=&userid=c2782a55-36d2-4c85-ad56-be18fe047c32&idx=&_rlid=c2782a55-36d2-4c85-ad56-be18fe047c32
Requested by
Host: api.retargetly.com
URL: https://api.retargetly.com/loader?id=1473
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:8f4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
42051dce342f24cd62271509c49d8ae7ca99df6c19a67561a278f3e8f0f83f34

Request headers

:method
GET
:authority
api.retargetly.com
:scheme
https
:path
/api?id=1473&src=0&url=https%3A%2F%2Fwww.oann.com%2Fsen-johnson-says-covid-19-peaked-before-vaccine-rollout-resurged-after-mass-vaccinations%2F&browserUrl=https%3A%2F%2Fads.us.e-planning.net%2Fuspd%2F1%2F%3Fct%3D1%26du%3Dhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D307971%2526extuid%253D%2524UID&ref=https%3A%2F%2Fads.us.e-planning.net%2Fuspd%2F1%2F%3Fct%3D1%26du%3Dhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D307971%2526extuid%253D%2524UID&utmz=&n=&md=&mk=&il=1&limit_drop=&userid=c2782a55-36d2-4c85-ad56-be18fe047c32&idx=&_rlid=c2782a55-36d2-4c85-ad56-be18fe047c32
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
accept-encoding
gzip, deflate, br
cookie
_rlid=c2782a55-36d2-4c85-ad56-be18fe047c32
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID

Response headers

date
Fri, 01 Oct 2021 16:27:38 GMT
content-type
text/html
set-cookie
_rlid=c2782a55-36d2-4c85-ad56-be18fe047c32; domain=.retargetly.com; path=/; expires=Wed, 30 Mar 2022 16:27:38 GMT; SameSite=None; Secure _rlsnc=0; domain=.retargetly.com; path=/; expires=Fri, 01 Oct 2021 16:27:38 GMT; SameSite=None; Secure _rlmp1=2||1633105659&&9||1633105659&&10||1633105659&&11||1633105659&&13||1633105659&&14||1633105659&&15||1633105659&&22||1633105659&&23||1633105659&&24||1633105659&&27||1633105659&&39||1633105659&&51||1633105659&&63||1633105659; domain=.retargetly.com; path=/; expires=Wed, 30 Mar 2022 16:27:38 GMT; SameSite=None; Secure
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
cache-control
no-cache
pragma
no-cache
expires
0
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
69770f3d9db64ee6-FRA
content-encoding
gzip

Redirect headers

date
Fri, 01 Oct 2021 16:27:38 GMT
content-type
application/javascript
set-cookie
_rlid=c2782a55-36d2-4c85-ad56-be18fe047c32; domain=.retargetly.com; path=/; expires=Wed, 30 Mar 2022 16:27:38 GMT; SameSite=None; Secure _rlsnc=0; domain=.retargetly.com; path=/; expires=Fri, 01 Oct 2021 16:27:38 GMT; SameSite=None; Secure
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
cache-control
no-cache
pragma
no-cache
expires
0
location
/api?id=1473&src=0&url=https%3A%2F%2Fwww.oann.com%2Fsen-johnson-says-covid-19-peaked-before-vaccine-rollout-resurged-after-mass-vaccinations%2F&browserUrl=https%3A%2F%2Fads.us.e-planning.net%2Fuspd%2F1%2F%3Fct%3D1%26du%3Dhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D307971%2526extuid%253D%2524UID&ref=https%3A%2F%2Fads.us.e-planning.net%2Fuspd%2F1%2F%3Fct%3D1%26du%3Dhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D307971%2526extuid%253D%2524UID&utmz=&n=&md=&mk=&il=1&limit_drop=&userid=c2782a55-36d2-4c85-ad56-be18fe047c32&idx=&_rlid=c2782a55-36d2-4c85-ad56-be18fe047c32
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
69770f3cdc1d4ee6-FRA
Cookie set usermatch
ssum.casalemedia.com/ Frame D9A5 		1 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D77699cccf08a309c%26uid%3D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
41ea122189eda656210b1d9f551e7b70e3fb8b033f4eb2b14b6a952a1a713d91

Request headers

Host
ssum.casalemedia.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.us.e-planning.net/
Accept-Encoding
gzip, deflate, br
Cookie
CMID=YVc2988-j77K-IFFqvvWpgAA; CMPS=5222; CMPRO=1218; CMST=YVc292FXNvoA; CMRUM3=f1615736f705a0&c3615736f705a00&05615736fa05a0&08615736f705a00&0d615736f705a0&04615736fa05a0&49615736fa05a0&27615736fa0b40&58615736fa05a0&ce615736fa05a0&2e615736fa05a0&be615736fa05a0&b0615736f705a00&2d615736f705a0&e6615736f72760
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
130|3|65|90|5|196|218|41
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Content-Length
1485
Expires
Fri, 01 Oct 2021 16:27:38 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Fri, 01 Oct 2021 16:27:38 GMT
Connection
keep-alive
Set-Cookie
CMID=YVc2988-j77K-IFFqvvWpgAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sat, 01 Oct 2022 16:27:38 GMT CMPS=5222;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Thu, 30 Dec 2021 16:27:38 GMT CMPRO=1218;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Thu, 30 Dec 2021 16:27:38 GMT CMRUM3=03615736fa05a0&e6615736f72760&b0615736f705a00&5a615736fa05a0&49615736fa05a0&c4615736fa05a0&41615736fa05a0&da615736fa2760&f1615736f705a0&29615736fa05a0&08615736f705a00&04615736fa05a0&be615736fa05a0&2d615736f705a0&82615736faa8c0&58615736fa05a0&ce615736fa05a0&2e615736fa05a0&27615736fa0b40&c3615736f705a00&05615736fa05a0&0d615736f705a0;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sat, 01 Oct 2022 16:27:38 GMT
/
onetag-sys.com/usync/ Frame B751 		2 KB
823 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=5927d926323dc2c
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip253.ip-51-89-9.eu
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

:method
GET
:authority
onetag-sys.com
:scheme
https
:path
/usync/?pubId=5927d926323dc2c
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.us.e-planning.net/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/

Response headers

content-type
text/html
cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
strict-transport-security
max-age=15552000
/
spl.zeotap.com/ Frame 8D48 		530 B
776 B 		Document
General
Check archive.org
Download Go to
Full URL
https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
75fe42598de63e1aac2359b4f5b2069ae9ea0e424e4ddc9fb359f2844bc56178

Request headers

:method
GET
:authority
spl.zeotap.com
:scheme
https
:path
/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.us.e-planning.net/
accept-encoding
gzip, deflate, br
cookie
zc=f0721f19-9a11-4603-6d77-11da737a68df; zsc=%17%81%86%B25X%80%EED%3C%3B+%D1%BC%B7z66%C5%02A%DE%12%B8%5D9%10%5C%D1%0D%03%E6%0E%3D3%ABr%0C%83V%22%B3%BEh%A5%2C%DD%192M%C5%F9%5D-%3E%80%AC%5D%B0%A3%EE%96J%C5%CD%28IB%F6%AD%19%3E%AE%0E%B5%1Dj%AF%D0%10%88j%8B%BC%B7%83z%89%26%F1%F7%94%D5%0D%A0%147%E9%2F%3E%97%9F%8D6%DE%C90%C4%2F%CFP%15%1D~rT%1E-%16G%05%F6%9F-%BB%BE%D6%E65%29U%A60%C3%C9%40O%87%EDA%FD%BD%A2%EEJ%C4%E5%80%D6%1B%A1%9A%80%E2n%9B%F9%B6%06qqyY%80%05%CC%FFQ
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/

Response headers

date
Fri, 01 Oct 2021 16:27:38 GMT
content-type
text/html
access-control-allow-credentials
true
access-control-allow-headers
*
access-control-allow-origin
https://ads.us.e-planning.net
set-cookie
zc=f0721f19-9a11-4603-6d77-11da737a68df; Path=/; Domain=.zeotap.com; Max-Age=31536000; SameSite=None; Secure zsc=8%EF%3E%3A%06%F8%15%A5U%7D%C9%D3%D9%5D~%F0-%E6%906%FDY%DB%2A%22%91%DD%ACf%5E%EE%1C%ABO%C0%04%83S%FDRN%F2-H%1D%85%FE%96%AE%05%06k%CF%AF+%FAO%CD%B8%9Aj%5C%F3%8A%26%E4%0E%00Hr%C4%E2%7Cn%D4%BF~%18t%F17nK%C6%90Z%B9%8C%83%0B%AD%0B1%05%F6%13%27%B4%F9%80%1D%85%E7%0B%16%09%F0bU%FB%A6%04%EB%A3%8FE%B7%D3f%1D%EF%3F%D9c%0D%7DC%EE%E4%F5%09b%2C%CD%DBZ%0F%A8%D5%81%8F%CEs%C3Zndd%D9%11%88_%C7%2C%09%F7FG%BA%A4ajA%AE+V%C9M; Path=/; Domain=.zeotap.com; Max-Age=86400; SameSite=None; Secure
vary
Origin
via
1.1 google
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
69770f3ceffe698b-FRA
content-encoding
br
cmp
spl.zeotap.com/ Frame 4657 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://spl.zeotap.com/cmp?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f0721f19-9a11-4603-6d77-11da737a68df&reqId=c00f89ce-c871-4734-7fb3-83f9afeba165&zdid=1361&cmp=0
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/cmp.min.js?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f0721f19-9a11-4603-6d77-11da737a68df&reqId=c00f89ce-c871-4734-7fb3-83f9afeba165&zdid=1361
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

:method
GET
:authority
spl.zeotap.com
:scheme
https
:path
/cmp?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f0721f19-9a11-4603-6d77-11da737a68df&reqId=c00f89ce-c871-4734-7fb3-83f9afeba165&zdid=1361&cmp=0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
accept-encoding
gzip, deflate, br
cookie
zc=f0721f19-9a11-4603-6d77-11da737a68df; zsc=%17%81%86%B25X%80%EED%3C%3B+%D1%BC%B7z66%C5%02A%DE%12%B8%5D9%10%5C%D1%0D%03%E6%0E%3D3%ABr%0C%83V%22%B3%BEh%A5%2C%DD%192M%C5%F9%5D-%3E%80%AC%5D%B0%A3%EE%96J%C5%CD%28IB%F6%AD%19%3E%AE%0E%B5%1Dj%AF%D0%10%88j%8B%BC%B7%83z%89%26%F1%F7%94%D5%0D%A0%147%E9%2F%3E%97%9F%8D6%DE%C90%C4%2F%CFP%15%1D~rT%1E-%16G%05%F6%9F-%BB%BE%D6%E65%29U%A60%C3%C9%40O%87%EDA%FD%BD%A2%EEJ%C4%E5%80%D6%1B%A1%9A%80%E2n%9B%F9%B6%06qqyY%80%05%CC%FFQ
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map

Response headers

date
Fri, 01 Oct 2021 16:27:38 GMT
access-control-allow-credentials
true
access-control-allow-headers
*
access-control-allow-origin
https://spl.zeotap.com
vary
Origin
via
1.1 google
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
69770f3cf819698b-FRA
usync.js
eus.rubiconproject.com/ Frame 2597 		31 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-42-132.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
273282a153ded9e3bf56932b20e17408048ddd0d3edf359ebc52e1312a927c4e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Fri, 01 Oct 2021 16:27:38 GMT
Content-Encoding
gzip
Last-Modified
Thu, 30 Sep 2021 18:24:26 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=23845
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9275
Expires
Fri, 01 Oct 2021 23:05:03 GMT
user
ads3.admatic.com.tr/ Frame 4E08 		75 B
443 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads3.admatic.com.tr/user
Requested by
Host: cdn.admatic.com.tr
URL: https://cdn.admatic.com.tr/user/bundle.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
188.132.147.235 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
static-235-147-132-188.sadecehosting.net
Software
AdMatic / AdMatic
Resource Hash
2fd9194926220d50c85570403a81d49e69ebb98ee590f5863e556c6eecf72421

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cdn.admatic.com.tr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 01 Oct 2021 16:27:37 GMT
content-encoding
br
server
AdMatic
x-powered-by
AdMatic
vary
Origin,Accept-Encoding
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://cdn.admatic.com.tr
cache-control
no-cache
access-control-allow-credentials
true
content-type
application/json; charset=utf-8
content-length
79
mw
mwzeom.zeotap.com/ Frame 8D48
Redirect Chain
  • https://obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com/zeo?url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1395%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Df07...
  • https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f0721f19-9a11-4603-6d77-11da737a68df&reqId=07bc0cc4-3bb5-417b-6fc7-f6c668b0725a&zdid=1361
95 B
176 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f0721f19-9a11-4603-6d77-11da737a68df&reqId=07bc0cc4-3bb5-417b-6fc7-f6c668b0725a&zdid=1361
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 16:27:38 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
69770f3e1a8f698b-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

location
https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f0721f19-9a11-4603-6d77-11da737a68df&reqId=07bc0cc4-3bb5-417b-6fc7-f6c668b0725a&zdid=1361
date
Fri, 01 Oct 2021 16:27:38 GMT
cross-origin-resource-policy
cross-origin
content-length
0
cmp.min.js
spl.zeotap.com/ Frame 8D48 		557 B
415 B 		Script
General
Check archive.org
Download Go to
Full URL
https://spl.zeotap.com/cmp.min.js?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f0721f19-9a11-4603-6d77-11da737a68df&reqId=07bc0cc4-3bb5-417b-6fc7-f6c668b0725a&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9b04eb1a1071ff451da4e3cb16c09c5011e7d0410a1d5fd89f8e20738de2e703

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

cf-ray
69770f3d690a698b-FRA
date
Fri, 01 Oct 2021 16:27:38 GMT
via
1.1 google
cf-cache-status
MISS
last-modified
Fri, 01 Oct 2021 16:27:38 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
content-encoding
br
access-control-allow-headers
*
crum
dsum-sec.casalemedia.com/ Frame D9A5
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/ie?gdpr=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AABHVU7Crm4AABU6TyHI-A&expiration=1634315258&gdpr=1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AABHVU7Crm4AABU6TyHI-A&expiration=1634315258&gdpr=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D77699cccf08a309c%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 01 Oct 2021 16:27:38 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 01 Oct 2021 16:27:38 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AABHVU7Crm4AABU6TyHI-A&expiration=1634315258&gdpr=1
Date
Fri, 01 Oct 2021 16:27:38 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
strict-transport-security
max-age=2592000; includeSubDomains
crum
dsum-sec.casalemedia.com/ Frame D9A5
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D&gdpr=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=714d6157-36fa-4300-b14d-a18edead5062&gdpr=1&gdpr_consent=
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=714d6157-36fa-4300-b14d-a18edead5062&gdpr=1&gdpr_consent=
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D77699cccf08a309c%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 01 Oct 2021 16:27:38 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 01 Oct 2021 16:27:38 GMT

Redirect headers

Date
Fri, 01 Oct 2021 16:27:38 GMT
Server
MT3 3984 0e3af3b master cdg-pixel-x14 config:1.0.0
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=714d6157-36fa-4300-b14d-a18edead5062&gdpr=1&gdpr_consent=
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Fri, 01 Oct 2021 16:27:37 GMT
rum
dsum.casalemedia.com/ Frame D9A5
Redirect Chain
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1&gdpr=1
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1633192058&gdpr=1
43 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1633192058&gdpr=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D77699cccf08a309c%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 01 Oct 2021 16:27:38 GMT
Server
Apache
Vary
Is-Traffic-Usersync
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Fri, 01 Oct 2021 16:27:38 GMT

Redirect headers

location
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1633192058&gdpr=1
pragma
no-cache
date
Fri, 01 Oct 2021 16:27:38 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
content-length
0
expires
0
no_match_opted_out
um.simpli.fi/ Frame D9A5
Redirect Chain
  • https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID&gdpr=1
  • https://um.simpli.fi/no_match_opted_out
0
272 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/no_match_opted_out
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D77699cccf08a309c%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
159.253.128.188 Amsterdam, Netherlands, ASN36351 (SOFTLAYER, US),
Reverse DNS
bc.80.fd9f.ip4.static.sl-reverse.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

access-control-allow-origin
*
date
Fri, 01 Oct 2021 16:27:38 GMT
x-content-type-options
nosniff
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS

Redirect headers

date
Fri, 01 Oct 2021 16:27:38 GMT
x-content-type-options
nosniff
server
openresty
location
/no_match_opted_out
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Thu, 30 Sep 2021 16:27:38 GMT
ix
ad4m.at/ad/sim/ Frame D9A5 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad4m.at/ad/sim/ix?gdpr=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D77699cccf08a309c%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers
crum
dsum-sec.casalemedia.com/ Frame D9A5
Redirect Chain
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&gdpr=1
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&gdpr=1&prevuid=&knw=0
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=
43 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D77699cccf08a309c%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 01 Oct 2021 16:27:38 GMT
Server
Apache
Vary
Is-Traffic-Usersync
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Fri, 01 Oct 2021 16:27:38 GMT

Redirect headers

date
Fri, 01 Oct 2021 16:27:38 GMT
server
nginx
access-control-allow-origin
*
transfer-encoding
chunked
access-control-allow-methods
POST, GET, OPTIONS
p3p
CP="NOI DEV OUR BUS UNI"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=
cache-control
no-cache
content-type
text/html; charset=UTF-8
access-control-allow-headers
Origin
keep-alive
timeout=10
ibs:dpid=23728&dpuuid=YVc2988-j77K-IFFqvvWpgAA%261218
dpm.demdex.net/ Frame D9A5 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=23728&dpuuid=YVc2988-j77K-IFFqvvWpgAA%261218?gdpr_consent=&us_privacy=&gdpr=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D77699cccf08a309c%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.208.28.104 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-208-28-104.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers
bridge
cm.adgrx.com/ Frame D9A5 		43 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.adgrx.com/bridge?AG_PID=casale&AG_SETCOOKIE&gdpr=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D77699cccf08a309c%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
173.231.180.197 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
Cowboy /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 01 Oct 2021 16:27:38 GMT
server
Cowboy
P3P
CP="NOI OTC OTP OUR NOR"
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate, proxy-revalidate
Connection
keep-alive
Content-Type
image/gif
X-RealServer-NX
ams-delivery-1
Content-Length
43
Expires
Thu, 23 Sep 2004 17:42:04 GMT
um
u-ams02.e-planning.net/ Frame D9A5 		42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-ams02.e-planning.net/um?dc=99e41df815fd80b4&fi=77699cccf08a309c&uid=YVc2988-j77K-IFFqvvWpgAA%261218
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D77699cccf08a309c%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.178.65.245 Woerden, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 16:27:38 GMT
server
openresty
content-type
image/gif
/
rt.idx.lat/idx/ Frame 155A 		890 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rt.idx.lat/idx/
Requested by
Host: resources-rt.idx.lat
URL: https://resources-rt.idx.lat/T2.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.0.134.127 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-0-134-127.compute-1.amazonaws.com
Software
awselb/2.0 /
Resource Hash
48a3351ddc97098696f99f99945ea299dafabf31bbe311d46734362b5ab8074f

Request headers

Referer
https://ads.us.e-planning.net/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 01 Oct 2021 16:27:39 GMT
server
awselb/2.0
access-control-allow-methods
OPTIONS,POST
content-type
application/json
access-control-allow-origin
https://ads.us.e-planning.net
access-control-allow-credentials
true
access-control-allow-headers
content-type
content-length
890
/
rt.idx.lat/idx/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://rt.idx.lat/idx/
Protocol
H2
Server
52.0.134.127 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-0-134-127.compute-1.amazonaws.com
Software
awselb/2.0 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://ads.us.e-planning.net
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
awselb/2.0
date
Fri, 01 Oct 2021 16:27:38 GMT
content-type
application/json
content-length
0
access-control-allow-origin
https://ads.us.e-planning.net
access-control-allow-methods
OPTIONS,POST
access-control-allow-headers
content-type
access-control-allow-credentials
true
cc.js
tags.crwdcntrl.net/c/15238/ Frame 155A 		38 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/c/15238/cc.js?ns=_cc15238
Requested by
Host: s.e-planning.net
URL: https://s.e-planning.net/esb/4/1/3fb8/69b1486c74a3b7dc/lotame.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.87.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-87-101.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1844237c138bd410bc7fcfecd38156aa58aa2968d59889386b17de5c796e3c84

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Thu, 30 Sep 2021 22:03:07 GMT
content-encoding
gzip
last-modified
Thu, 02 Jul 2020 15:35:12 GMT
server
AmazonS3
age
66272
etag
W/"2b2f816f40499d384e118ce88a266e02"
vary
Accept-Encoding
x-edge-origin-shield-skipped
0
content-type
application/json
via
1.1 182ef5a8d12abb5df1553676864737b1.cloudfront.net (CloudFront)
cache-control
max-age: 86400
x-cache
Hit from cloudfront
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
ltnrEi_b2Fbu65cuOPuxSYI535I3M_n8Qvcuq1U8kZwDU1B2PvgNhA==
sirdata_03022021.html
s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/ Frame 7FB9 		636 B
577 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/sirdata_03022021.html
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.178.65.253 Woerden, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
i.e-planning.net
Software
openresty /
Resource Hash
14d79e2cf47df339b79d25ffc6d0136e5d2e70a96b75e6782198ea6bbda3ca0a

Request headers

:method
GET
:authority
s.e-planning.net
:scheme
https
:path
/esb/4/0/1992d/bb6e7a161f794f56/sirdata_03022021.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.us.e-planning.net/
accept-encoding
gzip, deflate, br
cookie
E=AO1x6Pc7irhc9WWn
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/

Response headers

server
openresty
date
Fri, 01 Oct 2021 16:27:37 GMT
content-type
text/html
last-modified
Wed, 03 Feb 2021 21:18:20 GMT
etag
W/"601b131c-27c"
expires
Wed, 30 Sep 2026 16:27:37 GMT
cache-control
max-age=157680000
access-control-allow-origin
*
content-encoding
gzip
e-planning
sync.quantumdex.io/usersync/ Frame 09B9 		2 KB
951 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.quantumdex.io/usersync/e-planning
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:397e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1ea3816a4aa07f76c730607a939f62726786f16edebb5d510ddaa8a110789e02

Request headers

:method
GET
:authority
sync.quantumdex.io
:scheme
https
:path
/usersync/e-planning
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.us.e-planning.net/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/

Response headers

date
Fri, 01 Oct 2021 16:27:38 GMT
content-type
text/html
set-cookie
uid=fabbcb28-d316-4e7e-9868-443af1f0bb10; expires=Thu, 21 Oct 2021 16:27:38 GMT; domain=quantumdex.io; path=/; secure; SameSite=None
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
69770f3dbd160629-FRA
content-encoding
gzip
csync
sync.adtelligent.com/ Frame FF3D 		0
0
conversion.js
d.tailtarget.com/ Frame 155A 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d.tailtarget.com/conversion.js
Requested by
Host: www.oann.com
URL: https://www.oann.com/sen-johnson-says-covid-19-peaked-before-vaccine-rollout-resurged-after-mass-vaccinations/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.123.184 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
184.123.201.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
f3d70165d1438b13b94b2aebf55f853777b6f44c8ca0b3473728bfefa90b115f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 15:26:19 GMT
content-encoding
gzip
age
3679
x-guploader-uploadid
ADPycdsdXT5-mBK0OoalqkB6tIzHPrHRKCH1esLYyxG3A8Rsgen6iUenYzDMCtuGXXHIP56QpQGKDbqGYwtyGV2JrYrjgDcayg
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
clear
content-length
6114
last-modified
Thu, 23 Sep 2021 17:37:36 GMT
server
UploadServer
etag
"c011d7eff3edda011a5511fb703d925a"
x-goog-hash
crc32c=I6Sd4w==, md5=wBHX7/Pt2gEaVRH7cD2SWg==
content-language
en
x-goog-generation
1632418656103247
cache-control
public, max-age=86400,no-transform
x-goog-stored-content-length
6114
accept-ranges
bytes
content-type
application/javascript
expires
Sat, 02 Oct 2021 15:26:19 GMT
cmp
spl.zeotap.com/ Frame 8D48 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://spl.zeotap.com/cmp?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f0721f19-9a11-4603-6d77-11da737a68df&reqId=07bc0cc4-3bb5-417b-6fc7-f6c668b0725a&zdid=1361&cmp=0
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/cmp.min.js?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f0721f19-9a11-4603-6d77-11da737a68df&reqId=07bc0cc4-3bb5-417b-6fc7-f6c668b0725a&zdid=1361
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

:method
GET
:authority
spl.zeotap.com
:scheme
https
:path
/cmp?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f0721f19-9a11-4603-6d77-11da737a68df&reqId=07bc0cc4-3bb5-417b-6fc7-f6c668b0725a&zdid=1361&cmp=0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
accept-encoding
gzip, deflate, br
cookie
zc=f0721f19-9a11-4603-6d77-11da737a68df; zsc=%10%A4%FB%CC%D9%9F%27xR7%85%5E%E3m%B2%18%BE+%9D%B2%B0%0E%27%83a-%F4%EDM%7D%C9%E3e%05%8F%08%BE%F0%3C%AD%9F%C2Y%1E%DA%F0%60e%0F%F5%BC%11%BD%3C%AF%2F%00~%CBt%24%89_%9Am%8D%F5%D7%19%C8%DF%91%28%F3%03%9B7%C6%AEv%1C%AF%BC%AA%C4SL3%84%BFw%F9%AE%C7%40L%B0%D5%E2%C0%A0L%92%E1%E5%C3%85vN%EC9%F0%CD%A4%1B%E6%BB%B3p%01%21pw%F0%97%DA%C9%1D%15%F8er%2B%E7%3F%F6%266%E8%DD%04%C6%84%15%2B%A4%91%A2%FFw%12C%F7%BD%F2%C4%0E%01C%97W%C5+%A4%7Fs9%A2
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map

Response headers

date
Fri, 01 Oct 2021 16:27:38 GMT
access-control-allow-credentials
true
access-control-allow-headers
*
access-control-allow-origin
https://spl.zeotap.com
vary
Origin
via
1.1 google
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
69770f3d99a0698b-FRA
base.js
d.tailtarget.com/ Frame 155A 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d.tailtarget.com/base.js
Requested by
Host: d.tailtarget.com
URL: https://d.tailtarget.com/conversion.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.123.184 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
184.123.201.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
54930f8d5930ea73a5643b6e7cd4f3e5142609ed371fd9d1969ad38dba591ab4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 30 Sep 2021 16:32:10 GMT
content-encoding
gzip
age
86128
x-guploader-uploadid
ADPycdvNrSfRT0ygi0b03jtNjwWSHWX6_ka08r8TCQbz8jBAvkjlFN_d2JiDyjVrQWG2V9L337KvIVIodY-NCTpURMY
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
clear
content-length
8332
last-modified
Thu, 23 Sep 2021 17:37:36 GMT
server
UploadServer
etag
"3bd196ed5cd9e1a21cd3f4a34c4baf1b"
x-goog-hash
crc32c=QnHpIw==, md5=O9GW7VzZ4aIc0/SjTEuvGw==
content-language
en
x-goog-generation
1632418656026668
cache-control
public, max-age=86400,no-transform
x-goog-stored-content-length
8332
accept-ranges
bytes
content-type
application/javascript
expires
Fri, 01 Oct 2021 16:32:10 GMT
GS.d
js.cookieless-data.com/ Frame 7FB9 		0
535 B 		Script
General
Check archive.org
Download Go to
Full URL
https://js.cookieless-data.com/GS.d?pa=24492&cmp=0&si=1&u=https%3A%2F%2Fs.e-planning.net%2Fesb%2F4%2F0%2F1992d%2Fbb6e7a161f794f56%2Fsirdata_03022021.html&r=https%3A%2F%2Fads.us.e-planning.net%2F&s=&rand=1633105658516
Requested by
Host: s.e-planning.net
URL: https://s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/sirdata_03022021.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.158.28.83 Paris, France, ASN12876 (Online SAS, FR),
Reverse DNS
51-158-28-83.rev.poneytelecom.eu
Software
nginx/1.11.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains; preload
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 01 Oct 2021 16:27:38 GMT
Server
nginx/1.11.3
Strict-Transport-Security
max-age=15724800; includeSubDomains; preload
P3p
CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Content-Length
0
X-Xss-Protection
0
Expires
Tue, 01 Jan 2000 00:00:00 GMT
u
b.t.tailtarget.com/ Frame 155A 		54 B
465 B 		Script
General
Check archive.org
Download Go to
Full URL
https://b.t.tailtarget.com/u?
Requested by
Host: d.tailtarget.com
URL: https://d.tailtarget.com/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.185.99 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
99.185.102.34.bc.googleusercontent.com
Software
nginx/1.17.8 /
Resource Hash
d3cf4eeaa65e2d53154304a0c0e574e02d73e7f82dead6d7cf9c297379783116

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 16:27:38 GMT
via
1.1 google
server
nginx/1.17.8
p3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
vary
Accept-Encoding, Accept-Encoding
content-type
application/x-javascript
cache-control
private, proxy-revalidate
content-encoding
gzip
alt-svc
clear
cc.js
tags.crwdcntrl.net/c/15238/ Frame 0D59 		38 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/c/15238/cc.js?ns=_cc15238
Requested by
Host: s.e-planning.net
URL: https://s.e-planning.net/esb/4/1/3fb8/69b1486c74a3b7dc/lotame.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.87.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-87-101.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1844237c138bd410bc7fcfecd38156aa58aa2968d59889386b17de5c796e3c84

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Thu, 30 Sep 2021 22:03:07 GMT
content-encoding
gzip
last-modified
Thu, 02 Jul 2020 15:35:12 GMT
server
AmazonS3
age
66272
etag
W/"2b2f816f40499d384e118ce88a266e02"
vary
Accept-Encoding
x-edge-origin-shield-skipped
0
content-type
application/json
via
1.1 182ef5a8d12abb5df1553676864737b1.cloudfront.net (CloudFront)
cache-control
max-age: 86400
x-cache
Hit from cloudfront
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
UP8x2RTVAucedHBLswVNoqGw_GTZyn4n_I9gx56C2pZH_dtEV26g4w==
sirdata_03022021.html
s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/ Frame BC3F 		636 B
577 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/sirdata_03022021.html
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.178.65.253 Woerden, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
i.e-planning.net
Software
openresty /
Resource Hash
14d79e2cf47df339b79d25ffc6d0136e5d2e70a96b75e6782198ea6bbda3ca0a

Request headers

:method
GET
:authority
s.e-planning.net
:scheme
https
:path
/esb/4/0/1992d/bb6e7a161f794f56/sirdata_03022021.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.us.e-planning.net/
accept-encoding
gzip, deflate, br
cookie
E=AO1x6Pc7irhc9WWn
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/

Response headers

server
openresty
date
Fri, 01 Oct 2021 16:27:37 GMT
content-type
text/html
last-modified
Wed, 03 Feb 2021 21:18:20 GMT
etag
W/"601b131c-27c"
expires
Wed, 30 Sep 2026 16:27:37 GMT
cache-control
max-age=157680000
access-control-allow-origin
*
content-encoding
gzip
e-planning
sync.quantumdex.io/usersync/ Frame D180 		2 KB
814 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.quantumdex.io/usersync/e-planning
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:397e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b72bcca0f8dd35773ca5d83bd4e61ddf9e908c540a1809251bdd92416be4f31c

Request headers

:method
GET
:authority
sync.quantumdex.io
:scheme
https
:path
/usersync/e-planning
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.us.e-planning.net/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/

Response headers

date
Fri, 01 Oct 2021 16:27:38 GMT
content-type
text/html
set-cookie
uid=55997f9b-32f2-421e-9d45-9bde6f1b89cb; expires=Thu, 21 Oct 2021 16:27:38 GMT; domain=quantumdex.io; path=/; secure; SameSite=None
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
69770f3e2e2b0629-FRA
content-encoding
gzip
csync
sync.console.adtarget.com.tr/ Frame 8E27 		0
0
conversion.js
d.tailtarget.com/ Frame 0D59 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d.tailtarget.com/conversion.js
Requested by
Host: www.oann.com
URL: https://www.oann.com/sen-johnson-says-covid-19-peaked-before-vaccine-rollout-resurged-after-mass-vaccinations/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.123.184 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
184.123.201.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
f3d70165d1438b13b94b2aebf55f853777b6f44c8ca0b3473728bfefa90b115f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 15:26:19 GMT
content-encoding
gzip
age
3679
x-guploader-uploadid
ADPycdsdXT5-mBK0OoalqkB6tIzHPrHRKCH1esLYyxG3A8Rsgen6iUenYzDMCtuGXXHIP56QpQGKDbqGYwtyGV2JrYrjgDcayg
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
clear
content-length
6114
last-modified
Thu, 23 Sep 2021 17:37:36 GMT
server
UploadServer
etag
"c011d7eff3edda011a5511fb703d925a"
x-goog-hash
crc32c=I6Sd4w==, md5=wBHX7/Pt2gEaVRH7cD2SWg==
content-language
en
x-goog-generation
1632418656103247
cache-control
public, max-age=86400,no-transform
x-goog-stored-content-length
6114
accept-ranges
bytes
content-type
application/javascript
expires
Sat, 02 Oct 2021 15:26:19 GMT
base.js
d.tailtarget.com/ Frame 0D59 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d.tailtarget.com/base.js
Requested by
Host: d.tailtarget.com
URL: https://d.tailtarget.com/conversion.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.123.184 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
184.123.201.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
54930f8d5930ea73a5643b6e7cd4f3e5142609ed371fd9d1969ad38dba591ab4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 30 Sep 2021 16:32:10 GMT
content-encoding
gzip
age
86128
x-guploader-uploadid
ADPycdvNrSfRT0ygi0b03jtNjwWSHWX6_ka08r8TCQbz8jBAvkjlFN_d2JiDyjVrQWG2V9L337KvIVIodY-NCTpURMY
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
clear
content-length
8332
last-modified
Thu, 23 Sep 2021 17:37:36 GMT
server
UploadServer
etag
"3bd196ed5cd9e1a21cd3f4a34c4baf1b"
x-goog-hash
crc32c=QnHpIw==, md5=O9GW7VzZ4aIc0/SjTEuvGw==
content-language
en
x-goog-generation
1632418656026668
cache-control
public, max-age=86400,no-transform
x-goog-stored-content-length
8332
accept-ranges
bytes
content-type
application/javascript
expires
Fri, 01 Oct 2021 16:32:10 GMT
GS.d
js.cookieless-data.com/ Frame BC3F 		0
535 B 		Script
General
Check archive.org
Download Go to
Full URL
https://js.cookieless-data.com/GS.d?pa=24492&cmp=0&si=1&u=https%3A%2F%2Fs.e-planning.net%2Fesb%2F4%2F0%2F1992d%2Fbb6e7a161f794f56%2Fsirdata_03022021.html&r=https%3A%2F%2Fads.us.e-planning.net%2F&s=&rand=1633105658611
Requested by
Host: s.e-planning.net
URL: https://s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/sirdata_03022021.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.158.28.83 Paris, France, ASN12876 (Online SAS, FR),
Reverse DNS
51-158-28-83.rev.poneytelecom.eu
Software
nginx/1.11.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains; preload
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://s.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 01 Oct 2021 16:27:38 GMT
Server
nginx/1.11.3
Strict-Transport-Security
max-age=15724800; includeSubDomains; preload
P3p
CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Content-Length
0
X-Xss-Protection
0
Expires
Tue, 01 Jan 2000 00:00:00 GMT
u
b.t.tailtarget.com/ Frame 0D59 		54 B
304 B 		Script
General
Check archive.org
Download Go to
Full URL
https://b.t.tailtarget.com/u?
Requested by
Host: d.tailtarget.com
URL: https://d.tailtarget.com/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.185.99 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
99.185.102.34.bc.googleusercontent.com
Software
nginx/1.17.8 /
Resource Hash
a075bf194ac32d660e8a2da5a892a0715335669e744e4645498eee2d8a99b798

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 16:27:38 GMT
via
1.1 google
server
nginx/1.17.8
p3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
vary
Accept-Encoding, Accept-Encoding
content-type
application/x-javascript
cache-control
private, proxy-revalidate
content-encoding
gzip
alt-svc
clear
userconnect.js
js.adscale.de/ Frame 24D5 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.adscale.de/userconnect.js
Requested by
Host: js.adscale.de
URL: https://js.adscale.de/pbsync.html?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307565%26extuid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:8400:f:4f64:8940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
58ed344732766704ee535508e3dcd8d4a8ec0c9c79d16adf02293adde110926c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://js.adscale.de/pbsync.html?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307565%26extuid%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-version-id
ToOPLFKM162HMOUcUQz0sQ5isbrIFKrm
content-encoding
br
last-modified
Thu, 30 Sep 2021 04:33:51 GMT
server
AmazonS3
age
6824
etag
W/"98f37b242862929d9aef4bde91abc8ad"
vary
Accept-Encoding
x-edge-origin-shield-skipped
0
content-type
application/javascript
via
1.1 2f194b62c8c43859cbf5af8e53a8d2a7.cloudfront.net (CloudFront)
cache-control
max-age=7200
date
Fri, 01 Oct 2021 14:33:55 GMT
x-cache
Hit from cloudfront
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
yqAN3KMvcnGGy8idll1VHU85vYOQEEdB3or1ReTQ2zGAEE0uk9Kfhw==
csync
sync.console.adtarget.com.tr/ Frame 24D5 		0
0
userconnect
ih.adscale.de/ Frame 24D5 		149 B
224 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ih.adscale.de/userconnect?ssl=1&sid=0&cbfn=stroeerCoreConnect&ts=1633105658633&umd=false&gdpr=0&gdpr_version=2&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F
Requested by
Host: js.adscale.de
URL: https://js.adscale.de/userconnect.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.93.135.255 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-93-135-255.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
3516496d97f72bf509cf5d6902b5deebf53355ccb21127dc777d265cd96ca2d8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://js.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 16:27:38 GMT
content-length
149
content-type
application/javascript
map
ih.adscale.de/ Frame DA90 		3 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Requested by
Host: js.adscale.de
URL: https://js.adscale.de/userconnect.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.93.135.255 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-93-135-255.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e8f18ad3391a0dc2099ec75b363f6d862c6f572b4f7ebdfe6927009276b5d4e8

Request headers

:method
GET
:authority
ih.adscale.de
:scheme
https
:path
/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://js.adscale.de/
accept-encoding
gzip, deflate, br
cookie
uu=5aa65adb05774b408f82c0e5cd97dce9; cct=1633105658603
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://js.adscale.de/

Response headers

date
Fri, 01 Oct 2021 16:27:38 GMT
content-type
text/html;charset=ISO-8859-1
content-length
2702
set-cookie
tu=4#3038519784#48~~453640~453640~1#101~~453640~453640~1#39~~453640~453640~1#40~~453640~453640~1#42~~453640~453640~1#75~~453640~453640~1#108~~453640~453640~1#63~~453640~453640~1; Max-Age=31336000; Domain=ih.adscale.de; Path=/; Secure; SameSite=None cct=1633105658671; Max-Age=31336000; Domain=.adscale.de; Path=/; Secure; SameSite=None
sync
app.retargetly.com/ Frame 0FC8
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=retargetly_ddp&google_hm=YzI3ODJhNTUtMzZkMi00Yzg1LWFkNTYtYmUxOGZlMDQ3YzMy&google_cm
  • https://app.retargetly.com/sync?pid=11&google_gid=CAESEIsWKANsqV95WQ73JHcwsAQ&google_cver=1
68 B
679 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://app.retargetly.com/sync?pid=11&google_gid=CAESEIsWKANsqV95WQ73JHcwsAQ&google_cver=1
Requested by
Host: api.retargetly.com
URL: https://api.retargetly.com/api?id=1473&src=0&url=https%3A%2F%2Fwww.oann.com%2Fsen-johnson-says-covid-19-peaked-before-vaccine-rollout-resurged-after-mass-vaccinations%2F&browserUrl=https%3A%2F%2Fads.us.e-planning.net%2Fuspd%2F1%2F%3Fct%3D1%26du%3Dhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D307971%2526extuid%253D%2524UID&ref=https%3A%2F%2Fads.us.e-planning.net%2Fuspd%2F1%2F%3Fct%3D1%26du%3Dhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D307971%2526extuid%253D%2524UID&utmz=&n=&md=&mk=&il=1&limit_drop=&userid=c2782a55-36d2-4c85-ad56-be18fe047c32&idx=&_rlid=c2782a55-36d2-4c85-ad56-be18fe047c32
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:8f4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4443eccbe460b086b56483fdbfdaafca2c11c369a796a56c097997b15c160660

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://api.retargetly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Oct 2021 16:27:39 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
69770f3ec8004ee6-FRA
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
cache-control
no-cache
content-type
image/png
expires
0

Redirect headers

pragma
no-cache
date
Fri, 01 Oct 2021 16:27:38 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://app.retargetly.com/sync?pid=11&google_gid=CAESEIsWKANsqV95WQ73JHcwsAQ&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
296
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
js
pixel.mathtag.com/sync/ Frame 0FC8 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.mathtag.com/sync/js?mt_lim=12&sync=auto&exsync=https%3A%2F%2Fapp.retargetly.com%2Fsync%3Fsid%3D%5BMM_UUID%5D%26pid%3D10
Requested by
Host: api.retargetly.com
URL: https://api.retargetly.com/api?id=1473&src=0&url=https%3A%2F%2Fwww.oann.com%2Fsen-johnson-says-covid-19-peaked-before-vaccine-rollout-resurged-after-mass-vaccinations%2F&browserUrl=https%3A%2F%2Fads.us.e-planning.net%2Fuspd%2F1%2F%3Fct%3D1%26du%3Dhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D307971%2526extuid%253D%2524UID&ref=https%3A%2F%2Fads.us.e-planning.net%2Fuspd%2F1%2F%3Fct%3D1%26du%3Dhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D307971%2526extuid%253D%2524UID&utmz=&n=&md=&mk=&il=1&limit_drop=&userid=c2782a55-36d2-4c85-ad56-be18fe047c32&idx=&_rlid=c2782a55-36d2-4c85-ad56-be18fe047c32
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.20.207 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-20-207.deploy.static.akamaitechnologies.com
Software
MT3 3984 0e3af3b master cdg-pixel-x3 config:1.0.0 /
Resource Hash
fab3e19af5e6addb5c9460293169e60c9efd9c1a3040043da0ee47666f614b51

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://api.retargetly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Fri, 01 Oct 2021 16:27:38 GMT
Server
MT3 3984 0e3af3b master cdg-pixel-x3 config:1.0.0
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Content-Type
text/javascript
Content-Length
1486
Expires
Fri, 01 Oct 2021 16:27:37 GMT
receive
pixel.tapad.com/idsync/ex/ Frame 0FC8 		95 B
415 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=3012&partner_device_id=c2782a55-36d2-4c85-ad56-be18fe047c32&_rand=1633105658584
Requested by
Host: api.retargetly.com
URL: https://api.retargetly.com/api?id=1473&src=0&url=https%3A%2F%2Fwww.oann.com%2Fsen-johnson-says-covid-19-peaked-before-vaccine-rollout-resurged-after-mass-vaccinations%2F&browserUrl=https%3A%2F%2Fads.us.e-planning.net%2Fuspd%2F1%2F%3Fct%3D1%26du%3Dhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D307971%2526extuid%253D%2524UID&ref=https%3A%2F%2Fads.us.e-planning.net%2Fuspd%2F1%2F%3Fct%3D1%26du%3Dhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D307971%2526extuid%253D%2524UID&utmz=&n=&md=&mk=&il=1&limit_drop=&userid=c2782a55-36d2-4c85-ad56-be18fe047c32&idx=&_rlid=c2782a55-36d2-4c85-ad56-be18fe047c32
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.248.159 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
159.248.227.35.bc.googleusercontent.com
Software
/
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://api.retargetly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 16:27:38 GMT
via
1.1 google
content-type
image/png
alt-svc
clear
content-length
95
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
sync
app.retargetly.com/ Frame 0FC8
Redirect Chain
  • https://tags.bluekai.com/site/28347?limit=0&id=c2782a55-36d2-4c85-ad56-be18fe047c32&redir=https%3A%2F%2Fapp.retargetly.com%2Fsync%3Fsid%3D%24_BK_UUID%26pid%3D9
  • https://app.retargetly.com/sync?sid=$_BK_UUID&pid=9
68 B
559 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://app.retargetly.com/sync?sid=$_BK_UUID&pid=9
Requested by
Host: api.retargetly.com
URL: https://api.retargetly.com/api?id=1473&src=0&url=https%3A%2F%2Fwww.oann.com%2Fsen-johnson-says-covid-19-peaked-before-vaccine-rollout-resurged-after-mass-vaccinations%2F&browserUrl=https%3A%2F%2Fads.us.e-planning.net%2Fuspd%2F1%2F%3Fct%3D1%26du%3Dhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D307971%2526extuid%253D%2524UID&ref=https%3A%2F%2Fads.us.e-planning.net%2Fuspd%2F1%2F%3Fct%3D1%26du%3Dhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D307971%2526extuid%253D%2524UID&utmz=&n=&md=&mk=&il=1&limit_drop=&userid=c2782a55-36d2-4c85-ad56-be18fe047c32&idx=&_rlid=c2782a55-36d2-4c85-ad56-be18fe047c32
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:8f4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4443eccbe460b086b56483fdbfdaafca2c11c369a796a56c097997b15c160660

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://api.retargetly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Oct 2021 16:27:38 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
69770f3fa9b24ee6-FRA
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
cache-control
no-cache
content-type
image/png
expires
0

Redirect headers

Location
https://app.retargetly.com/sync?sid=$_BK_UUID&pid=9
Date
Fri, 01 Oct 2021 16:27:38 GMT
Connection
keep-alive
Content-Length
0
BK-Server
8f87
P3P
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
sync
api.retargetly.com/ Frame 0FC8
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=83i98y4&ttd_tpi=1
  • https://api.retargetly.com/sync?pid=13&sid=23a9f547-69cd-444a-8891-728ca5b966b6
68 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://api.retargetly.com/sync?pid=13&sid=23a9f547-69cd-444a-8891-728ca5b966b6
Requested by
Host: api.retargetly.com
URL: https://api.retargetly.com/api?id=1473&src=0&url=https%3A%2F%2Fwww.oann.com%2Fsen-johnson-says-covid-19-peaked-before-vaccine-rollout-resurged-after-mass-vaccinations%2F&browserUrl=https%3A%2F%2Fads.us.e-planning.net%2Fuspd%2F1%2F%3Fct%3D1%26du%3Dhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D307971%2526extuid%253D%2524UID&ref=https%3A%2F%2Fads.us.e-planning.net%2Fuspd%2F1%2F%3Fct%3D1%26du%3Dhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D307971%2526extuid%253D%2524UID&utmz=&n=&md=&mk=&il=1&limit_drop=&userid=c2782a55-36d2-4c85-ad56-be18fe047c32&idx=&_rlid=c2782a55-36d2-4c85-ad56-be18fe047c32
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:8f4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4443eccbe460b086b56483fdbfdaafca2c11c369a796a56c097997b15c160660

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://api.retargetly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Oct 2021 16:27:38 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
69770f3ed82d4ee6-FRA
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
cache-control
no-cache
content-type
image/png
expires
0

Redirect headers

pragma
no-cache
date
Fri, 01 Oct 2021 16:27:38 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://api.retargetly.com/sync?pid=13&sid=23a9f547-69cd-444a-8891-728ca5b966b6
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
189
usersync
pixel-sync.sitescout.com/connectors/retargetly/ Frame 0FC8 		0
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-sync.sitescout.com/connectors/retargetly/usersync?redir=https%3A%2F%2Fapp.retargetly.com%2Fsync%3Fsid%3D%7BuserId%7D%26pid%3D23
Requested by
Host: api.retargetly.com
URL: https://api.retargetly.com/api?id=1473&src=0&url=https%3A%2F%2Fwww.oann.com%2Fsen-johnson-says-covid-19-peaked-before-vaccine-rollout-resurged-after-mass-vaccinations%2F&browserUrl=https%3A%2F%2Fads.us.e-planning.net%2Fuspd%2F1%2F%3Fct%3D1%26du%3Dhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D307971%2526extuid%253D%2524UID&ref=https%3A%2F%2Fads.us.e-planning.net%2Fuspd%2F1%2F%3Fct%3D1%26du%3Dhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D307971%2526extuid%253D%2524UID&utmz=&n=&md=&mk=&il=1&limit_drop=&userid=c2782a55-36d2-4c85-ad56-be18fe047c32&idx=&_rlid=c2782a55-36d2-4c85-ad56-be18fe047c32
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
66.155.71.149 Portsmouth, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software
AC1.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://api.retargetly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Oct 2021 16:27:38 GMT
cache-control
max-age=0,no-cache,no-store
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
expires
Tue, 11 Oct 1977 12:34:56 GMT
cms
cms.analytics.yahoo.com/ Frame 0FC8 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms.analytics.yahoo.com/cms?partner_id=RTGLY
Requested by
Host: api.retargetly.com
URL: https://api.retargetly.com/api?id=1473&src=0&url=https%3A%2F%2Fwww.oann.com%2Fsen-johnson-says-covid-19-peaked-before-vaccine-rollout-resurged-after-mass-vaccinations%2F&browserUrl=https%3A%2F%2Fads.us.e-planning.net%2Fuspd%2F1%2F%3Fct%3D1%26du%3Dhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D307971%2526extuid%253D%2524UID&ref=https%3A%2F%2Fads.us.e-planning.net%2Fuspd%2F1%2F%3Fct%3D1%26du%3Dhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D307971%2526extuid%253D%2524UID&utmz=&n=&md=&mk=&il=1&limit_drop=&userid=c2782a55-36d2-4c85-ad56-be18fe047c32&idx=&_rlid=c2782a55-36d2-4c85-ad56-be18fe047c32
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.82.100.182 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
spcms.pbp.vip.ir2.yahoo.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://api.retargetly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers
sync
app.retargetly.com/ Frame 0FC8
Redirect Chain
  • https://secure.adnxs.com/getuid?https://app.retargetly.com/sync?sid=$UID&pid=2
  • https://app.retargetly.com/sync?sid=634636179186247923&pid=2
68 B
407 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://app.retargetly.com/sync?sid=634636179186247923&pid=2
Requested by
Host: api.retargetly.com
URL: https://api.retargetly.com/api?id=1473&src=0&url=https%3A%2F%2Fwww.oann.com%2Fsen-johnson-says-covid-19-peaked-before-vaccine-rollout-resurged-after-mass-vaccinations%2F&browserUrl=https%3A%2F%2Fads.us.e-planning.net%2Fuspd%2F1%2F%3Fct%3D1%26du%3Dhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D307971%2526extuid%253D%2524UID&ref=https%3A%2F%2Fads.us.e-planning.net%2Fuspd%2F1%2F%3Fct%3D1%26du%3Dhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D307971%2526extuid%253D%2524UID&utmz=&n=&md=&mk=&il=1&limit_drop=&userid=c2782a55-36d2-4c85-ad56-be18fe047c32&idx=&_rlid=c2782a55-36d2-4c85-ad56-be18fe047c32
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:8f4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4443eccbe460b086b56483fdbfdaafca2c11c369a796a56c097997b15c160660

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://api.retargetly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Oct 2021 16:27:38 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
69770f3ec8024ee6-FRA
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
cache-control
no-cache
content-type
image/png
expires
0

Redirect headers

Pragma
no-cache
Date
Fri, 01 Oct 2021 16:27:38 GMT
X-Proxy-Origin
194.36.108.21; 194.36.108.21; 693.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
f8e82778-79e5-485d-9108-fcab4e726097
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://app.retargetly.com/sync?sid=634636179186247923&pid=2
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
app.retargetly.com/ Frame 0FC8
Redirect Chain
  • https://trc.taboola.com/sg/retargetly/1/cm
  • https://app.retargetly.com/sync?pid=39&sid=f4522dd7-ac4b-481a-a93d-0009919078c9-tuct850bc7a
68 B
432 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://app.retargetly.com/sync?pid=39&sid=f4522dd7-ac4b-481a-a93d-0009919078c9-tuct850bc7a
Requested by
Host: api.retargetly.com
URL: https://api.retargetly.com/api?id=1473&src=0&url=https%3A%2F%2Fwww.oann.com%2Fsen-johnson-says-covid-19-peaked-before-vaccine-rollout-resurged-after-mass-vaccinations%2F&browserUrl=https%3A%2F%2Fads.us.e-planning.net%2Fuspd%2F1%2F%3Fct%3D1%26du%3Dhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D307971%2526extuid%253D%2524UID&ref=https%3A%2F%2Fads.us.e-planning.net%2Fuspd%2F1%2F%3Fct%3D1%26du%3Dhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D307971%2526extuid%253D%2524UID&utmz=&n=&md=&mk=&il=1&limit_drop=&userid=c2782a55-36d2-4c85-ad56-be18fe047c32&idx=&_rlid=c2782a55-36d2-4c85-ad56-be18fe047c32
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:8f4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4443eccbe460b086b56483fdbfdaafca2c11c369a796a56c097997b15c160660

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://api.retargetly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Oct 2021 16:27:38 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
69770f3ed82e4ee6-FRA
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
cache-control
no-cache
content-type
image/png
expires
0

Redirect headers

x-vcl-time-ms
17
date
Fri, 01 Oct 2021 16:27:38 GMT
via
1.1 varnish
server
nginx
x-timer
S1633105659.667035,VS0,VE17
x-cache
MISS
location
https://app.retargetly.com/sync?pid=39&sid=f4522dd7-ac4b-481a-a93d-0009919078c9-tuct850bc7a
x-cache-hits
0
accept-ranges
bytes
content-length
0
x-served-by
cache-mxp6950-MXP
sync
app.retargetly.com/ Frame 0FC8
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3a%2f%2fapp.retargetly.com%2fsync%3fpid%3d14%26sid%3d%23PM_USER_ID
  • https://app.retargetly.com/sync?pid=14&sid=94A8FEED-3C24-4429-940E-599AF60A8C6A
68 B
452 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://app.retargetly.com/sync?pid=14&sid=94A8FEED-3C24-4429-940E-599AF60A8C6A
Requested by
Host: api.retargetly.com
URL: https://api.retargetly.com/api?id=1473&src=0&url=https%3A%2F%2Fwww.oann.com%2Fsen-johnson-says-covid-19-peaked-before-vaccine-rollout-resurged-after-mass-vaccinations%2F&browserUrl=https%3A%2F%2Fads.us.e-planning.net%2Fuspd%2F1%2F%3Fct%3D1%26du%3Dhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D307971%2526extuid%253D%2524UID&ref=https%3A%2F%2Fads.us.e-planning.net%2Fuspd%2F1%2F%3Fct%3D1%26du%3Dhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D307971%2526extuid%253D%2524UID&utmz=&n=&md=&mk=&il=1&limit_drop=&userid=c2782a55-36d2-4c85-ad56-be18fe047c32&idx=&_rlid=c2782a55-36d2-4c85-ad56-be18fe047c32
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:8f4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4443eccbe460b086b56483fdbfdaafca2c11c369a796a56c097997b15c160660

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://api.retargetly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Oct 2021 16:27:38 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
69770f3ecffd4ee6-FRA
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
cache-control
no-cache
content-type
image/png
expires
0

Redirect headers

location
https://app.retargetly.com/sync?pid=14&sid=94A8FEED-3C24-4429-940E-599AF60A8C6A
date
Fri, 01 Oct 2021 16:27:37 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
sync
app.retargetly.com/ Frame 0FC8
Redirect Chain
  • https://sync.smartadserver.com/getuid?gdpr=0&url=https%3A%2F%2Fapp.retargetly.com%2Fsync%3Fsid%3D%5Bsas_uid%5D%26pid%3D63
  • https://sync.smartadserver.com/getuid?gdpr=0&url=https://app.retargetly.com/sync?sid=[sas_uid]&pid=63&cklb=1
  • https://app.retargetly.com/sync?sid=1428628817216158652
68 B
164 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://app.retargetly.com/sync?sid=1428628817216158652
Requested by
Host: api.retargetly.com
URL: https://api.retargetly.com/api?id=1473&src=0&url=https%3A%2F%2Fwww.oann.com%2Fsen-johnson-says-covid-19-peaked-before-vaccine-rollout-resurged-after-mass-vaccinations%2F&browserUrl=https%3A%2F%2Fads.us.e-planning.net%2Fuspd%2F1%2F%3Fct%3D1%26du%3Dhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D307971%2526extuid%253D%2524UID&ref=https%3A%2F%2Fads.us.e-planning.net%2Fuspd%2F1%2F%3Fct%3D1%26du%3Dhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D307971%2526extuid%253D%2524UID&utmz=&n=&md=&mk=&il=1&limit_drop=&userid=c2782a55-36d2-4c85-ad56-be18fe047c32&idx=&_rlid=c2782a55-36d2-4c85-ad56-be18fe047c32
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:8f4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4443eccbe460b086b56483fdbfdaafca2c11c369a796a56c097997b15c160660

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://api.retargetly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Oct 2021 16:27:38 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
69770f3f79544ee6-FRA
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
cache-control
no-cache
content-type
image/png
expires
0

Redirect headers

location
https://app.retargetly.com/sync?sid=1428628817216158652
pragma
no-cache
date
Fri, 01 Oct 2021 16:27:38 GMT
cache-control
no-cache,no-store
content-length
0
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
sync
app.retargetly.com/ Frame 0FC8
Redirect Chain
  • https://sync.teads.tv/rt/sync?vid=c2782a55-36d2-4c85-ad56-be18fe047c32&gdpr=0&us_privacy=%221-N-%22
  • https://app.retargetly.com/sync?pid=51&sid=c2782a55-36d2-4c85-ad56-be18fe047c32
68 B
711 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://app.retargetly.com/sync?pid=51&sid=c2782a55-36d2-4c85-ad56-be18fe047c32
Requested by
Host: api.retargetly.com
URL: https://api.retargetly.com/api?id=1473&src=0&url=https%3A%2F%2Fwww.oann.com%2Fsen-johnson-says-covid-19-peaked-before-vaccine-rollout-resurged-after-mass-vaccinations%2F&browserUrl=https%3A%2F%2Fads.us.e-planning.net%2Fuspd%2F1%2F%3Fct%3D1%26du%3Dhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D307971%2526extuid%253D%2524UID&ref=https%3A%2F%2Fads.us.e-planning.net%2Fuspd%2F1%2F%3Fct%3D1%26du%3Dhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D307971%2526extuid%253D%2524UID&utmz=&n=&md=&mk=&il=1&limit_drop=&userid=c2782a55-36d2-4c85-ad56-be18fe047c32&idx=&_rlid=c2782a55-36d2-4c85-ad56-be18fe047c32
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:8f4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4443eccbe460b086b56483fdbfdaafca2c11c369a796a56c097997b15c160660

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://api.retargetly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Oct 2021 16:27:38 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
69770f3f18c54ee6-FRA
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
cache-control
no-cache
content-type
image/png
expires
0

Redirect headers

pragma
no-cache
date
Fri, 01 Oct 2021 16:27:38 GMT
server
akka-http/10.2.6
content-type
text/html; charset=UTF-8
location
https://app.retargetly.com/sync?pid=51&sid=c2782a55-36d2-4c85-ad56-be18fe047c32
cache-control
max-age=0, no-cache, no-store
content-length
152
expires
Fri, 01 Oct 2021 16:27:38 GMT
tpid=c2782a55-36d2-4c85-ad56-be18fe047c32
bcp.crwdcntrl.net/map/c=11530/tp=RTRG/ Frame 0FC8 		49 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bcp.crwdcntrl.net/map/c=11530/tp=RTRG/tpid=c2782a55-36d2-4c85-ad56-be18fe047c32
Requested by
Host: api.retargetly.com
URL: https://api.retargetly.com/api?id=1473&src=0&url=https%3A%2F%2Fwww.oann.com%2Fsen-johnson-says-covid-19-peaked-before-vaccine-rollout-resurged-after-mass-vaccinations%2F&browserUrl=https%3A%2F%2Fads.us.e-planning.net%2Fuspd%2F1%2F%3Fct%3D1%26du%3Dhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D307971%2526extuid%253D%2524UID&ref=https%3A%2F%2Fads.us.e-planning.net%2Fuspd%2F1%2F%3Fct%3D1%26du%3Dhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D307971%2526extuid%253D%2524UID&utmz=&n=&md=&mk=&il=1&limit_drop=&userid=c2782a55-36d2-4c85-ad56-be18fe047c32&idx=&_rlid=c2782a55-36d2-4c85-ad56-be18fe047c32
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.253.109.165 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-253-109-165.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://api.retargetly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Oct 2021 16:27:38 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.23.98
content-type
image/gif
content-length
49
expires
0
cm.os
ads01.groovinads.com/grv/track/ Frame 0FC8 		43 B
591 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads01.groovinads.com/grv/track/cm.os?p=RT&u=c2782a55-36d2-4c85-ad56-be18fe047c32
Requested by
Host: api.retargetly.com
URL: https://api.retargetly.com/api?id=1473&src=0&url=https%3A%2F%2Fwww.oann.com%2Fsen-johnson-says-covid-19-peaked-before-vaccine-rollout-resurged-after-mass-vaccinations%2F&browserUrl=https%3A%2F%2Fads.us.e-planning.net%2Fuspd%2F1%2F%3Fct%3D1%26du%3Dhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D307971%2526extuid%253D%2524UID&ref=https%3A%2F%2Fads.us.e-planning.net%2Fuspd%2F1%2F%3Fct%3D1%26du%3Dhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D307971%2526extuid%253D%2524UID&utmz=&n=&md=&mk=&il=1&limit_drop=&userid=c2782a55-36d2-4c85-ad56-be18fe047c32&idx=&_rlid=c2782a55-36d2-4c85-ad56-be18fe047c32
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.35.177 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://api.retargetly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Oct 2021 16:27:38 GMT
cf-cache-status
DYNAMIC
x-server-origin
app09.groovinads.com
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-type
image/gif
cache-control
no-cache, must-revalidate
x-server
app12
cf-ray
69770f3efd1732b6-CDG
expires
0
1.gif
id5-sync.com/c/495/0/0/ Frame 09B9
Redirect Chain
  • https://id5-sync.com/i/495/0.gif?callback=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dinmobi%26uid%3D%7BID5UID%7D
  • https://id5-sync.com/c/495/0/0/1.gif?gdpr=1&gdpr_consent=
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id5-sync.com/c/495/0/0/1.gif?gdpr=1&gdpr_consent=
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/e-planning
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.36.109.155 , France, ASN16276 (OVH, FR),
Reverse DNS
p05.id5-sync.com
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Fri, 01 Oct 2021 16:27:38 GMT
Transfer-Encoding
chunked
Content-Type
image/gif;charset=UTF-8
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
P3P
CP="CAO PSA OUR"

Redirect headers

Location
https://id5-sync.com/c/495/0/0/1.gif?gdpr=1&gdpr_consent=
Date
Fri, 01 Oct 2021 16:27:38 GMT
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
P3P
CP="CAO PSA OUR"
setuid
sync.quantumdex.io/ Frame 09B9
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58424/occ
  • https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-mTXOWBpE2uHL.P4UjCAh6thOLF9faVQge.mK5is-~A
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-mTXOWBpE2uHL.P4UjCAh6thOLF9faVQge.mK5is-~A
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/e-planning
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:397e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 16:27:38 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
69770f3ebf8e0629-FRA
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

Date
Fri, 01 Oct 2021 16:27:38 GMT
Server
ATS/7.1.2.138
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-mTXOWBpE2uHL.P4UjCAh6thOLF9faVQge.mK5is-~A
Connection
keep-alive
Content-Length
0
setuid
sync.quantumdex.io/ Frame 09B9
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID
  • https://sync.quantumdex.io/setuid?bidder=appnexus&uid=634636179186247923
43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=634636179186247923
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/e-planning
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:397e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 16:27:38 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
69770f3eaf660629-FRA
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Fri, 01 Oct 2021 16:27:38 GMT
X-Proxy-Origin
194.36.108.21; 194.36.108.21; 868.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
14ea0d36-ad02-4c01-bdae-51d38cc1840d
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=634636179186247923
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
setuid
sync.quantumdex.io/ Frame 09B9
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danswermedia%26uid%3D%24UID
  • https://sync.quantumdex.io/setuid?bidder=answermedia&uid=634636179186247923
43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=answermedia&uid=634636179186247923
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/e-planning
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:397e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 16:27:38 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
69770f3ecfd40629-FRA
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Fri, 01 Oct 2021 16:27:38 GMT
X-Proxy-Origin
194.36.108.21; 194.36.108.21; 868.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
df6eef25-0b75-4c3e-bedb-0d6f654c749e
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://sync.quantumdex.io/setuid?bidder=answermedia&uid=634636179186247923
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
no-consent
sync.1rx.io/usersync3/centro/2064/ Frame 09B9
Redirect Chain
  • https://sync.1rx.io/usersync2/rmphb?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dunruly%26uid%3D%5BRX_UUID%5D
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=110&redir=https%3A%2F%2Fsync.1rx.io%2Fusersync3%2Fcentro%2F2064%2F%7BuserId%7D%3Fzcc%3D0%26sspret%3D1&rndcb=4567044888
  • https://sync.1rx.io/usersync3/centro/2064/no-consent?zcc=0&sspret=1&rndcb=4567044888
43 B
433 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.1rx.io/usersync3/centro/2064/no-consent?zcc=0&sspret=1&rndcb=4567044888
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/e-planning
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.44 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Tengine /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Oct 2021 16:27:38 GMT
cache-control
no-store, no-cache, must-revalidate
expires
0
server
Tengine
content-length
43
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"

Redirect headers

pragma
no-cache
date
Fri, 01 Oct 2021 16:27:38 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://sync.1rx.io/usersync3/centro/2064/no-consent?zcc=0&sspret=1&rndcb=4567044888
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
us
sync.go.sonobi.com/ Frame 09B9 		0
411 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsonobi%26uid%3D%5BUID%5D
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/e-planning
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
72.34.250.75 North Hollywood, United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 01 Oct 2021 16:27:38 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
go-lax-1-5-34
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Type
text/plain; charset=utf8
Content-Length
0
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
setuid
sync.quantumdex.io/ Frame 09B9
Redirect Chain
  • https://match.sharethrough.com/FGMrCMMc/v1?redirectUri=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsharethrough%26uid%3D%24UID
  • https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=61406616-df60-4359-accf-c4093edc120b
43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=61406616-df60-4359-accf-c4093edc120b
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/e-planning
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:397e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 16:27:38 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
69770f3ee8210629-FRA
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

location
https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=61406616-df60-4359-accf-c4093edc120b
date
Fri, 01 Oct 2021 16:27:38 GMT
content-length
0
um
sync.e-planning.net/ Frame 09B9 		42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.e-planning.net/um?dc=bcf310d1654d268f&iss=1&uid=fabbcb28-d316-4e7e-9868-443af1f0bb10
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/e-planning
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.249.52.248 , Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 16:27:38 GMT
server
openresty
content-type
image/gif
Cookie set usermatch
ssum-sec.casalemedia.com/ Frame 3849 		1 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/e-planning
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
3a62e9ac7554c45a4d80fddf3bdffdd0a23ad00c700f8726231c6cf11fb3108f

Request headers

Host
ssum-sec.casalemedia.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://sync.quantumdex.io/
Accept-Encoding
gzip, deflate, br
Cookie
CMID=YVc2988-j77K-IFFqvvWpgAA; CMPS=5222; CMPRO=1218; CMST=YVc292FXNvoA; CMRUM3=ce615736fa05a0&82615736fa2760AABHVU7Crm4AABU6TyHI-A&58615736fa05a0&2e615736fa05a0&be615736fa05a0&2d615736f705a0&c3615736f705a00&0d615736f705a0&05615736fa05a0&27615736fa0b40&b0615736f705a00&e6615736f72760&f1615736f705a0&04615736fa27602355061870237820537&08615736f705a00&49615736fa05a0
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
3|65|90|64|221|111|152|196
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Content-Length
1481
Expires
Fri, 01 Oct 2021 16:27:38 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Fri, 01 Oct 2021 16:27:38 GMT
Connection
keep-alive
Set-Cookie
CMID=YVc2988-j77K-IFFqvvWpgAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sat, 01 Oct 2022 16:27:38 GMT CMPS=5222;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Thu, 30 Dec 2021 16:27:38 GMT CMPRO=1218;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Thu, 30 Dec 2021 16:27:38 GMT CMRUM3=c4615736fa05a0&49615736fa05a0&40615736fa05a0&41615736fa05a0&f1615736f705a0&04615736fa27602355061870237820537&08615736f705a00&e6615736f72760&b0615736f705a00&03615736fa05a0&98615736fa05a00&6f615736fa05a0&5a615736fa05a0&27615736fa0b40&dd615736fa2760&c3615736f705a00&0d615736f705a0&05615736fa05a0&be615736fa05a0&2d615736f705a0&ce615736fa05a0&58615736fa05a0&82615736fa2760AABHVU7Crm4AABU6TyHI-A&2e615736fa05a0;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sat, 01 Oct 2022 16:27:38 GMT
/
onetag-sys.com/usync/ Frame BAB6 		2 KB
823 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=2bb78272a859ca6
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/e-planning
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip253.ip-51-89-9.eu
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

:method
GET
:authority
onetag-sys.com
:scheme
https
:path
/usync/?pubId=2bb78272a859ca6
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://sync.quantumdex.io/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/

Response headers

content-type
text/html
cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
strict-transport-security
max-age=15552000
uc.html
sync.go.sonobi.com/ Frame 954F 		43 B
488 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.go.sonobi.com/uc.html?pubid=4d443a3ea2
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/e-planning
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
72.34.250.75 North Hollywood, United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
bcdf010ba3dc61605c33de9b33e7e76dbc3bb4326dcec49f33970345e517fb25
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Host
sync.go.sonobi.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://sync.quantumdex.io/
Accept-Encoding
gzip, deflate, br
Cookie
HAPLB5A=s568|YVc2+
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/

Response headers

Date
Fri, 01 Oct 2021 16:27:38 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Expires
Sat, 26 Jul 1997 05:00:00 GMT
Cache-Control
no-cache, no-store, private
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Pragma
no-cache
Tcn
Choice
Vary
negotiate,Accept-Encoding
X-Go-Server
go-lax-1-5-33
X-Xss-Protection
0
Content-Encoding
gzip
Server
sonobi-go
iframe
pixel.mathtag.com/sync/ Frame 19F6 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://pixel.mathtag.com/sync/iframe?mt_uuid=714d6157-36fa-4300-b14d-a18edead5062&no_iframe=1&exsync=https%3A%2F%2Fapp.retargetly.com%2Fsync%3Fsid%3D%5BMM_UUID%5D%26pid%3D10&mt_lim=12&source=mathtag
Requested by
Host: pixel.mathtag.com
URL: https://pixel.mathtag.com/sync/js?mt_lim=12&sync=auto&exsync=https%3A%2F%2Fapp.retargetly.com%2Fsync%3Fsid%3D%5BMM_UUID%5D%26pid%3D10
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.20.207 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-20-207.deploy.static.akamaitechnologies.com
Software
MT3 3984 0e3af3b master cdg-pixel-x6 config:1.0.1 /
Resource Hash
13c5a71726697e86ac1e10503b9e21b14cc2e34522d46cde873e296ef709cfe8

Request headers

Host
pixel.mathtag.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://api.retargetly.com/
Accept-Encoding
gzip, deflate, br
Cookie
uuid=714d6157-36fa-4300-b14d-a18edead5062
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://api.retargetly.com/

Response headers

Content-Type
text/html
Server
MT3 3984 0e3af3b master cdg-pixel-x6 config:1.0.1
Cache-Control
no-cache
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Expires
Fri, 01 Oct 2021 16:27:37 GMT
Vary
Accept-Encoding
Content-Encoding
gzip
Date
Fri, 01 Oct 2021 16:27:38 GMT
Content-Length
899
Connection
keep-alive
img
pixel.mathtag.com/misc/ Frame 0FC8 		43 B
493 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.mathtag.com/misc/img?mm_bnc&bcdv=0
Requested by
Host: api.retargetly.com
URL: https://api.retargetly.com/api?id=1473&src=0&url=https%3A%2F%2Fwww.oann.com%2Fsen-johnson-says-covid-19-peaked-before-vaccine-rollout-resurged-after-mass-vaccinations%2F&browserUrl=https%3A%2F%2Fads.us.e-planning.net%2Fuspd%2F1%2F%3Fct%3D1%26du%3Dhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D307971%2526extuid%253D%2524UID&ref=https%3A%2F%2Fads.us.e-planning.net%2Fuspd%2F1%2F%3Fct%3D1%26du%3Dhttps%253A%252F%252Fsync.adtelligent.com%252Fcsync%253Ft%253Da%2526ep%253D307971%2526extuid%253D%2524UID&utmz=&n=&md=&mk=&il=1&limit_drop=&userid=c2782a55-36d2-4c85-ad56-be18fe047c32&idx=&_rlid=c2782a55-36d2-4c85-ad56-be18fe047c32
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.20.207 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-20-207.deploy.static.akamaitechnologies.com
Software
MT3 3984 0e3af3b master cdg-pixel-x30 config:1.0.0 /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://api.retargetly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Fri, 01 Oct 2021 16:27:38 GMT
Server
MT3 3984 0e3af3b master cdg-pixel-x30 config:1.0.0
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 01 Oct 2021 16:27:37 GMT
match.js
js.adscale.de/ Frame DA90 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.adscale.de/match.js
Requested by
Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:8400:f:4f64:8940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
91b4eb09154d5ebef46352e922194ec6dbb9547b63f9776ae10133fe1ca66879

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ih.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-version-id
OlAfMfwjsrog35FyyQOj8C.jdY1RCEBg
content-encoding
br
last-modified
Thu, 30 Sep 2021 04:33:51 GMT
server
AmazonS3
age
6824
etag
W/"b75124846aec28a28b7a3441813682d5"
vary
Accept-Encoding
x-edge-origin-shield-skipped
0
content-type
application/javascript
via
1.1 2f194b62c8c43859cbf5af8e53a8d2a7.cloudfront.net (CloudFront)
cache-control
max-age=7200
date
Fri, 01 Oct 2021 14:33:55 GMT
x-cache
Hit from cloudfront
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
fU9cJXC0xzKL7bPNVfphPIGqLkqXA7UT9laXfH539A2ddXF-oIq1aA==
crum
dsum-sec.casalemedia.com/ Frame 3849
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D&gdpr=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=714d6157-36fa-4300-b14d-a18edead5062&gdpr=1&gdpr_consent=
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=714d6157-36fa-4300-b14d-a18edead5062&gdpr=1&gdpr_consent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 01 Oct 2021 16:27:38 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 01 Oct 2021 16:27:38 GMT

Redirect headers

Date
Fri, 01 Oct 2021 16:27:38 GMT
Server
MT3 3984 0e3af3b master cdg-pixel-x16 config:1.0.0
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=714d6157-36fa-4300-b14d-a18edead5062&gdpr=1&gdpr_consent=
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Fri, 01 Oct 2021 16:27:37 GMT
rum
dsum.casalemedia.com/ Frame 3849
Redirect Chain
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1&gdpr=1
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1633192058&gdpr=1
43 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1633192058&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 01 Oct 2021 16:27:38 GMT
Server
Apache
Vary
Is-Traffic-Usersync
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Fri, 01 Oct 2021 16:27:38 GMT

Redirect headers

location
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1633192058&gdpr=1
pragma
no-cache
date
Fri, 01 Oct 2021 16:27:38 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
content-length
0
expires
0
no_match_opted_out
um.simpli.fi/ Frame 3849
Redirect Chain
  • https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID&gdpr=1
  • https://um.simpli.fi/no_match_opted_out
0
272 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/no_match_opted_out
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
159.253.128.188 Amsterdam, Netherlands, ASN36351 (SOFTLAYER, US),
Reverse DNS
bc.80.fd9f.ip4.static.sl-reverse.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

access-control-allow-origin
*
date
Fri, 01 Oct 2021 16:27:38 GMT
x-content-type-options
nosniff
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS

Redirect headers

date
Fri, 01 Oct 2021 16:27:38 GMT
x-content-type-options
nosniff
server
openresty
location
/no_match_opted_out
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Thu, 30 Sep 2021 16:27:38 GMT
rum
dsum-sec.casalemedia.com/ Frame 3849
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=48&gdpr=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=64&external_user_id=no-consent&expiration=1635697658
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=64&external_user_id=no-consent&expiration=1635697658
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 01 Oct 2021 16:27:38 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 01 Oct 2021 16:27:38 GMT

Redirect headers

pragma
no-cache
date
Fri, 01 Oct 2021 16:27:38 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=64&external_user_id=no-consent&expiration=1635697658
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
tpid=YVc2988-j77K-IFFqvvWpgAA%261218
bcp.crwdcntrl.net/map/c=6725/tp=INDX/ Frame 3849 		49 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bcp.crwdcntrl.net/map/c=6725/tp=INDX/tpid=YVc2988-j77K-IFFqvvWpgAA%261218?gdpr_consent=&us_privacy=&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.253.109.165 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-253-109-165.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Oct 2021 16:27:38 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.8.13
content-type
image/gif
content-length
49
expires
0
match
c1.adform.net/serving/cookie/ Frame 3849 		0
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c1.adform.net/serving/cookie/match?party=29&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.41 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Oct 2021 16:27:38 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
crum
dsum-sec.casalemedia.com/ Frame 3849
Redirect Chain
  • https://sync.extend.tv/r.gif?exchange=index
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=7d2e0559-9bac-4761-9788-67ba88ff47e9
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=7d2e0559-9bac-4761-9788-67ba88ff47e9
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 01 Oct 2021 16:27:39 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 01 Oct 2021 16:27:39 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 01 Oct 2021 16:27:39 GMT
Access-Control-Allow-Origin
*
Content-Type
text/html; charset=utf-8
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=7d2e0559-9bac-4761-9788-67ba88ff47e9
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
132
Expires
Tue, 29 May 1984 15:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 3849
Redirect Chain
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&gdpr=1
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&gdpr=1&prevuid=&knw=0
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=
43 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 01 Oct 2021 16:27:38 GMT
Server
Apache
Vary
Is-Traffic-Usersync
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Fri, 01 Oct 2021 16:27:38 GMT

Redirect headers

date
Fri, 01 Oct 2021 16:27:38 GMT
server
nginx
access-control-allow-origin
*
transfer-encoding
chunked
access-control-allow-methods
POST, GET, OPTIONS
p3p
CP="NOI DEV OUR BUS UNI"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=
cache-control
no-cache
content-type
text/html; charset=UTF-8
access-control-allow-headers
Origin
keep-alive
timeout=10
setuid
sync.quantumdex.io/ Frame 3849 		43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=ix&uid=YVc2988_j77K_IFFqvvWpgAABMIAAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:397e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 16:27:38 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
69770f3ee82f0629-FRA
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif
img
ih.adscale.de/sium/0270885f19d346e0b337d29a4c93a7cf/1633105658670/0/ Frame DA90
Redirect Chain
  • https://bbnaut.ibillboard.com/match/AdScale?partneruid=5aa65adb05774b408f82c0e5cd97dce9&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F0270885f19d346e0b337d29a4c93a7cf%2F1633105658670%2F0%2Fimg%3Ftpid%...
  • https://ih.adscale.de/sium/0270885f19d346e0b337d29a4c93a7cf/1633105658670/0/img?tpid=101&tpuid=BBID-01-03078196587711906-16408188
49 B
465 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ih.adscale.de/sium/0270885f19d346e0b337d29a4c93a7cf/1633105658670/0/img?tpid=101&tpuid=BBID-01-03078196587711906-16408188
Requested by
Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.93.135.255 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-93-135-255.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ih.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 16:27:38 GMT
p3p
CP=NOI PSA OUR
content-length
49
content-type
image/gif

Redirect headers

Date
Fri, 01 Oct 2021 16:27:38 GMT
Server
nginx
Transfer-Encoding
chunked
p3p
CP="CUR ADM DEV OUR STP PRE DSP NOI COR NID"
Location
https://ih.adscale.de/sium/0270885f19d346e0b337d29a4c93a7cf/1633105658670/0/img?tpid=101&tpuid=BBID-01-03078196587711906-16408188
Cache-Control
private, max-age=3600
Access-Control-Allow-Credentials
true
Connection
close
setuid
sync.quantumdex.io/ Frame D180
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58424/occ
  • https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-mTXOWBpE2uHL.P4UjCAh6thOLF9faVQge.mK5is-~A
43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-mTXOWBpE2uHL.P4UjCAh6thOLF9faVQge.mK5is-~A
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/e-planning
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:397e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 16:27:38 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
69770f3f28c10629-FRA
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

Date
Fri, 01 Oct 2021 16:27:38 GMT
Server
ATS/7.1.2.138
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://sync.quantumdex.io/setuid?bidder=verizon-display&uid=y-mTXOWBpE2uHL.P4UjCAh6thOLF9faVQge.mK5is-~A
Connection
keep-alive
Content-Length
0
0.gif
id5-sync.com/i/495/ Frame D180 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id5-sync.com/i/495/0.gif?callback=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dinmobi%26uid%3D%7BID5UID%7D
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/e-planning
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.36.109.155 , France, ASN16276 (OVH, FR),
Reverse DNS
p05.id5-sync.com
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Fri, 01 Oct 2021 16:27:38 GMT
Transfer-Encoding
chunked
Content-Type
image/gif;charset=UTF-8
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
P3P
CP="CAO PSA OUR"
setuid
sync.quantumdex.io/ Frame D180
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dappnexus%26uid%3D%24UID
  • https://sync.quantumdex.io/setuid?bidder=appnexus&uid=634636179186247923
43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=634636179186247923
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/e-planning
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:397e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 16:27:38 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
69770f3f28b80629-FRA
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Fri, 01 Oct 2021 16:27:38 GMT
X-Proxy-Origin
194.36.108.21; 194.36.108.21; 868.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
74ac8672-e36f-4b1c-86de-87853c42ce76
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://sync.quantumdex.io/setuid?bidder=appnexus&uid=634636179186247923
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
setuid
sync.quantumdex.io/ Frame D180
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Danswermedia%26uid%3D%24UID
  • https://sync.quantumdex.io/setuid?bidder=answermedia&uid=634636179186247923
43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=answermedia&uid=634636179186247923
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/e-planning
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:397e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 16:27:38 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
69770f3f28bc0629-FRA
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Fri, 01 Oct 2021 16:27:38 GMT
X-Proxy-Origin
194.36.108.21; 194.36.108.21; 868.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
d32aeda0-a2a5-40b9-8a51-db677356328f
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://sync.quantumdex.io/setuid?bidder=answermedia&uid=634636179186247923
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
634636179186247923
sync.1rx.io/usersync3/appnexus/2064/ Frame D180
Redirect Chain
  • https://sync.1rx.io/usersync2/rmphb?redir=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dunruly%26uid%3D%5BRX_UUID%5D
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.1rx.io%2Fusersync3%2Fappnexus%2F2064%2F%24UID%3Fzcc%3D0%26sspret%3D1&rndcb=868990976
  • https://sync.1rx.io/usersync3/appnexus/2064/634636179186247923?zcc=0&sspret=1&rndcb=868990976
43 B
433 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.1rx.io/usersync3/appnexus/2064/634636179186247923?zcc=0&sspret=1&rndcb=868990976
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/e-planning
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.44 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Tengine /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Oct 2021 16:27:38 GMT
cache-control
no-store, no-cache, must-revalidate
expires
0
server
Tengine
content-length
43
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"

Redirect headers

Pragma
no-cache
Date
Fri, 01 Oct 2021 16:27:38 GMT
X-Proxy-Origin
194.36.108.21; 194.36.108.21; 868.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
db39be82-90e8-4435-8da9-1e60e384bbf2
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://sync.1rx.io/usersync3/appnexus/2064/634636179186247923?zcc=0&sspret=1&rndcb=868990976
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
us
sync.go.sonobi.com/ Frame D180 		0
411 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsonobi%26uid%3D%5BUID%5D
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/e-planning
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
72.34.250.75 North Hollywood, United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 01 Oct 2021 16:27:38 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
go-lax-1-5-33
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Type
text/plain; charset=utf8
Content-Length
0
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
setuid
sync.quantumdex.io/ Frame D180
Redirect Chain
  • https://match.sharethrough.com/FGMrCMMc/v1?redirectUri=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dsharethrough%26uid%3D%24UID
  • https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=61406616-df60-4359-accf-c4093edc120b
43 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=61406616-df60-4359-accf-c4093edc120b
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/e-planning
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:397e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 16:27:38 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
69770f3f28bf0629-FRA
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif

Redirect headers

location
https://sync.quantumdex.io/setuid?bidder=sharethrough&uid=61406616-df60-4359-accf-c4093edc120b
date
Fri, 01 Oct 2021 16:27:38 GMT
content-length
0
um
sync.e-planning.net/ Frame D180 		42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.e-planning.net/um?dc=bcf310d1654d268f&iss=1&uid=55997f9b-32f2-421e-9d45-9bde6f1b89cb
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/e-planning
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.249.52.248 , Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 16:27:38 GMT
server
openresty
content-type
image/gif
/
onetag-sys.com/usync/ Frame CEC8 		2 KB
823 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=2bb78272a859ca6
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/e-planning
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip253.ip-51-89-9.eu
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

:method
GET
:authority
onetag-sys.com
:scheme
https
:path
/usync/?pubId=2bb78272a859ca6
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://sync.quantumdex.io/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/

Response headers

content-type
text/html
cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
strict-transport-security
max-age=15552000
Cookie set usermatch
ssum-sec.casalemedia.com/ Frame B8E4 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/e-planning
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
fbb6a05a2fdc7c4354c3d31ee0d97386568a284a28d73dca71993cba35e47947

Request headers

Host
ssum-sec.casalemedia.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://sync.quantumdex.io/
Accept-Encoding
gzip, deflate, br
Cookie
CMID=YVc2988-j77K-IFFqvvWpgAA; CMPS=5222; CMPRO=1218; CMST=YVc292FXNvoA; CMRUM3=c4615736fa05a0&49615736fa05a0&40615736fa05a0&41615736fa05a0&f1615736f705a0&04615736fa27602355061870237820537&08615736f705a00&e6615736f72760&b0615736f705a00&03615736fa05a0&98615736fa05a00&6f615736fa05a0&5a615736fa05a0&27615736fa0b40&dd615736fa2760&c3615736f705a00&0d615736f705a0&05615736fa05a0&be615736fa05a0&2d615736f705a0&ce615736fa05a0&58615736fa05a0&82615736fa2760AABHVU7Crm4AABU6TyHI-A&2e615736fa05a0
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
81|41|105|47|31|191|238|46
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Content-Length
1544
Expires
Fri, 01 Oct 2021 16:27:38 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Fri, 01 Oct 2021 16:27:38 GMT
Connection
keep-alive
Set-Cookie
CMID=YVc2988-j77K-IFFqvvWpgAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sat, 01 Oct 2022 16:27:38 GMT CMPS=5222;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Thu, 30 Dec 2021 16:27:38 GMT CMPRO=1218;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Thu, 30 Dec 2021 16:27:38 GMT CMRUM3=e6615736f72760&2f615736fa05a0&b0615736f705a00&98615736fa05a00&03615736fa05a0&6f615736fa05a0&5a615736fa05a0&40615736fa05a0&41615736fa05a0&c4615736fa05a0&49615736fa05a0&04615736fa27602355061870237820537&08615736f705a00&bf615736fa05a0&f1615736f705a0&29615736fa05a0&ee615736fa2760&69615736fa05a0&2d615736f705a0&be615736fa05a0&2e615736fa05a0&ce615736fa05a0&82615736fa2760AABHVU7Crm4AABU6TyHI-A&58615736fa05a0&27615736fa0b40&dd615736fa2760&0d615736f705a0&1f615736fa05a00&05615736fa05a0&c3615736f705a00&51615736fa05a0;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sat, 01 Oct 2022 16:27:38 GMT
uc.html
sync.go.sonobi.com/ Frame 6408 		43 B
488 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.go.sonobi.com/uc.html?pubid=4d443a3ea2
Requested by
Host: sync.quantumdex.io
URL: https://sync.quantumdex.io/usersync/e-planning
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
72.34.250.75 North Hollywood, United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
bcdf010ba3dc61605c33de9b33e7e76dbc3bb4326dcec49f33970345e517fb25
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Host
sync.go.sonobi.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://sync.quantumdex.io/
Accept-Encoding
gzip, deflate, br
Cookie
HAPLB5A=s568|YVc2+
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://sync.quantumdex.io/

Response headers

Date
Fri, 01 Oct 2021 16:27:38 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Expires
Sat, 26 Jul 1997 05:00:00 GMT
Cache-Control
no-cache, no-store, private
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Pragma
no-cache
Tcn
Choice
Vary
negotiate,Accept-Encoding
X-Go-Server
go-lax-1-5-50
X-Xss-Protection
0
Content-Encoding
gzip
Server
sonobi-go
img
pixel.mathtag.com/misc/ Frame 19F6 		43 B
485 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.mathtag.com/misc/img?mop_seq=0:1&mt_cb=996945&mop_top=
Requested by
Host: pixel.mathtag.com
URL: https://pixel.mathtag.com/sync/iframe?mt_uuid=714d6157-36fa-4300-b14d-a18edead5062&no_iframe=1&exsync=https%3A%2F%2Fapp.retargetly.com%2Fsync%3Fsid%3D%5BMM_UUID%5D%26pid%3D10&mt_lim=12&source=mathtag
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.20.207 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-20-207.deploy.static.akamaitechnologies.com
Software
MT3 3984 0e3af3b master cdg-pixel-x11 config:1.0.0 /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pixel.mathtag.com/sync/iframe?mt_uuid=714d6157-36fa-4300-b14d-a18edead5062&no_iframe=1&exsync=https%3A%2F%2Fapp.retargetly.com%2Fsync%3Fsid%3D%5BMM_UUID%5D%26pid%3D10&mt_lim=12&source=mathtag
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Fri, 01 Oct 2021 16:27:38 GMT
Server
MT3 3984 0e3af3b master cdg-pixel-x11 config:1.0.0
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 01 Oct 2021 16:27:37 GMT
b
b.t.tailtarget.com/ Frame 0D59 		109 B
567 B 		Script
General
Check archive.org
Download Go to
Full URL
https://b.t.tailtarget.com/b?tA=TT-10759-0&tY=1&tS=3&tU=0100007FFA365761C9064B1B02810233&tX=b.52&tZ=599191562
Requested by
Host: d.tailtarget.com
URL: https://d.tailtarget.com/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.185.99 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
99.185.102.34.bc.googleusercontent.com
Software
nginx/1.17.8 /
Resource Hash
9152b87a0d3b0828143fc544123055d141bf6b69f5342275bf10510a732881c6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 16:27:38 GMT
via
1.1 google
server
nginx/1.17.8
p3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
cache-control
no-cache, private, proxy-revalidate
content-encoding
gzip
alt-svc
clear
img
pixel.mathtag.com/misc/ Frame 19F6 		43 B
493 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.mathtag.com/misc/img?mm_bnc&bcdv=0
Requested by
Host: pixel.mathtag.com
URL: https://pixel.mathtag.com/sync/iframe?mt_uuid=714d6157-36fa-4300-b14d-a18edead5062&no_iframe=1&exsync=https%3A%2F%2Fapp.retargetly.com%2Fsync%3Fsid%3D%5BMM_UUID%5D%26pid%3D10&mt_lim=12&source=mathtag
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.20.207 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-20-207.deploy.static.akamaitechnologies.com
Software
MT3 3984 0e3af3b master zrh-pixel-x14 config:1.0.0 /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pixel.mathtag.com/sync/iframe?mt_uuid=714d6157-36fa-4300-b14d-a18edead5062&no_iframe=1&exsync=https%3A%2F%2Fapp.retargetly.com%2Fsync%3Fsid%3D%5BMM_UUID%5D%26pid%3D10&mt_lim=12&source=mathtag
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Fri, 01 Oct 2021 16:27:38 GMT
Server
MT3 3984 0e3af3b master zrh-pixel-x14 config:1.0.0
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 01 Oct 2021 16:27:37 GMT
b
b.t.tailtarget.com/ Frame 155A 		109 B
543 B 		Script
General
Check archive.org
Download Go to
Full URL
https://b.t.tailtarget.com/b?tA=TT-10759-0&tY=1&tS=3&tU=0100007FFA365761DF066D3D02EDE015&tX=b.52&tZ=469235207
Requested by
Host: d.tailtarget.com
URL: https://d.tailtarget.com/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.185.99 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
99.185.102.34.bc.googleusercontent.com
Software
nginx/1.17.8 /
Resource Hash
ff40f9b06e0379e753e072a8b97a41fec42d48ba9470622e645d07ec6bb99603

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 16:27:38 GMT
via
1.1 google
server
nginx/1.17.8
p3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
cache-control
no-cache, private, proxy-revalidate
content-encoding
gzip
alt-svc
clear
rum
dsum-sec.casalemedia.com/ Frame B8E4
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0&gdpr=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=1&external_user_id=J4F3UCKGJAY8gCFVKNJvAXPWIFQ8hiQCIIKNKI70
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=1&external_user_id=J4F3UCKGJAY8gCFVKNJvAXPWIFQ8hiQCIIKNKI70
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 01 Oct 2021 16:27:38 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 01 Oct 2021 16:27:38 GMT

Redirect headers

pragma
no-cache
date
Fri, 01 Oct 2021 16:27:38 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=1&external_user_id=J4F3UCKGJAY8gCFVKNJvAXPWIFQ8hiQCIIKNKI70
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
bridge
cm.adgrx.com/ Frame B8E4 		43 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.adgrx.com/bridge?AG_PID=casale&AG_SETCOOKIE&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
173.231.180.197 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
Cowboy /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 01 Oct 2021 16:27:38 GMT
server
Cowboy
P3P
CP="NOI OTC OTP OUR NOR"
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate, proxy-revalidate
Connection
keep-alive
Content-Type
image/gif
X-RealServer-NX
ams-delivery-1
Content-Length
43
Expires
Thu, 23 Sep 2004 17:42:04 GMT
crum
dsum-sec.casalemedia.com/ Frame B8E4
Redirect Chain
  • https://d.adroll.com/cm/index/ssp?gdpr=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 01 Oct 2021 16:27:38 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 01 Oct 2021 16:27:38 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0
date
Fri, 01 Oct 2021 16:27:38 GMT
server
nginx/1.20.0
content-length
76
crum
dsum-sec.casalemedia.com/ Frame B8E4
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_&gdpr=1
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_&gdpr=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=odogLR3z1MwlnQ5&gdpr=1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=odogLR3z1MwlnQ5&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 01 Oct 2021 16:27:38 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 01 Oct 2021 16:27:38 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 01 Oct 2021 16:27:38 GMT
Server
PingMatch/8a430fa#rel-ec2-master i-036989daef33ebbfa@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Strict-Transport-Security
max-age=2592000; includeSubDomains
P3P
policyref="https://cts.w55c.net/ct/p3p_policy_ref.xml", CP="UNI PUR COM INT STA OTC STP OUR CUR TAIo COR DSP NOI"
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=odogLR3z1MwlnQ5&gdpr=1
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
noop
px.owneriq.net/ Frame B8E4
Redirect Chain
  • https://px.owneriq.net/eucm/p/cc?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D31%26external_user_id%3D(OIQ_UUID)
  • https://px.owneriq.net/ecc?redir=https%3a%2f%2fdsum-sec.casalemedia.com%2fcrum%3fcm_dsp_id%3d31%26external_user_id%3dQ6863920581470284846&uid=Q6863920581470284846&ref=%2Feucm%2Fp%2Fcc
  • https://px.owneriq.net/noop?ct=image%2Fgif
0
287 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.owneriq.net/noop?ct=image%2Fgif
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.242.53 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-242-53.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Fri, 01 Oct 2021 16:27:38 GMT
Server
Apache/2.2.15 (CentOS)
Connection
keep-alive
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
X-Powered-By
PHP/5.3.3
Content-Length
0
Content-Type
image/gif

Redirect headers

Location
https://px.owneriq.net/noop?ct=image%2Fgif
Date
Fri, 01 Oct 2021 16:27:38 GMT
Server
AkamaiGHost
Connection
keep-alive
Content-Length
0
index
dmp.brand-display.com/cm/api/ Frame B8E4 		43 B
253 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3CIndex_user_id%3E&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.241.40.233 -, , ASN (),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Oct 2021 16:27:47 GMT
via
1.1 google
last-modified
Fri, 01 Oct 2021 16:27:47 GMT
server
nginx/1.20.1
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
alt-svc
clear
content-length
43
expires
Fri, 01 Oct 2021 16:27:48 GMT
461886.gif
idsync.rlcdn.com/ Frame B8E4 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/461886.gif?partner_uid=YVc2988-j77K-IFFqvvWpgAA%261218&&gdpr_consent=&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers
getuid
secure.adnxs.com/ Frame B8E4 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.45 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers
setuid
sync.quantumdex.io/ Frame B8E4 		43 B
118 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.quantumdex.io/setuid?bidder=ix&uid=YVc2988_j77K_IFFqvvWpgAABMIAAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192922&cb=https%3A%2F%2Fsync.quantumdex.io%2Fsetuid%3Fbidder%3Dix%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:397e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 16:27:39 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
69770f3f69550629-FRA
content-length
43
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif
img
ih.adscale.de/sium/429371437437189942/1437437190794/0/ Frame DA90
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=26&redir=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D108%26tpuid%3D%5BMM_UUID%5D&uid=a3679d52f51aa1971177c6f...
  • https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=108&tpuid=714d6157-36fa-4300-b14d-a18edead5062&gdpr=0&gdpr_consent=
49 B
561 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=108&tpuid=714d6157-36fa-4300-b14d-a18edead5062&gdpr=0&gdpr_consent=
Requested by
Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.93.135.255 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-93-135-255.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ih.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 16:27:38 GMT
p3p
CP=NOI PSA OUR
content-length
49
content-type
image/gif

Redirect headers

Date
Fri, 01 Oct 2021 16:27:38 GMT
Server
MT3 3984 0e3af3b master cdg-pixel-x3 config:1.0.0
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=108&tpuid=714d6157-36fa-4300-b14d-a18edead5062&gdpr=0&gdpr_consent=
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Fri, 01 Oct 2021 16:27:37 GMT
img
ih.adscale.de/sium/0270885f19d346e0b337d29a4c93a7cf/1633105658670/0/ Frame DA90
Redirect Chain
  • https://adscale-emea.adnxs.com/getuid?https%3A%2F%2Fih.adscale.de%2Fsium%2F0270885f19d346e0b337d29a4c93a7cf%2F1633105658670%2F0%2Fimg%3Ftpid%3D75%26tpuid%3D%24UID&gdpr=0
  • https://ih.adscale.de/sium/0270885f19d346e0b337d29a4c93a7cf/1633105658670/0/img?tpid=75&tpuid=634636179186247923&gdpr=0
49 B
571 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ih.adscale.de/sium/0270885f19d346e0b337d29a4c93a7cf/1633105658670/0/img?tpid=75&tpuid=634636179186247923&gdpr=0
Requested by
Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.93.135.255 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-93-135-255.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ih.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 16:27:38 GMT
p3p
CP=NOI PSA OUR
content-length
49
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Fri, 01 Oct 2021 16:27:38 GMT
X-Proxy-Origin
194.36.108.21; 194.36.108.21; 815.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
98fd27c4-6886-44a8-87e9-43f4b070b092
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://ih.adscale.de/sium/0270885f19d346e0b337d29a4c93a7cf/1633105658670/0/img?tpid=75&tpuid=634636179186247923&gdpr=0
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
ca
tt-10759-0.seg.t.tailtarget.com/ Frame 0D59 		61 B
324 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tt-10759-0.seg.t.tailtarget.com/ca?tZ=181900312
Requested by
Host: d.tailtarget.com
URL: https://d.tailtarget.com/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.185.99 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
99.185.102.34.bc.googleusercontent.com
Software
nginx/1.17.8 /
Resource Hash
c39013f627a7401863549d5dd8b2629ee2b569413675063a90c3415944ef7383

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 16:27:38 GMT
via
1.1 google
server
nginx/1.17.8
p3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
cache-control
no-cache, private, proxy-revalidate
content-encoding
gzip
alt-svc
clear
new
ads3.admatic.com.tr/user/ Frame 4E08 		169 B
311 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads3.admatic.com.tr/user/new
Requested by
Host: cdn.admatic.com.tr
URL: https://cdn.admatic.com.tr/user/bundle.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
188.132.147.235 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
static-235-147-132-188.sadecehosting.net
Software
AdMatic / AdMatic
Resource Hash
2ebdc2ee9e356cc8669ef9e010e7f3063831b62d9d09b8156affef9d040bae7f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cdn.admatic.com.tr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 01 Oct 2021 16:27:37 GMT
content-encoding
br
etag
cdeiPTGbjg57QURNhBTb12lf-aVoaPILhIsCE_gkirO60abVGWrOU9URlWa7AiCyifEYZfG-C10230HLNCo3Gw
last-modified
Fri, 01 Oct 2021 17:27:37 GMT
server
AdMatic
x-powered-by
AdMatic
vary
Origin,Accept-Encoding
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://cdn.admatic.com.tr
cache-control
no-cache
access-control-allow-credentials
true
content-type
application/json; charset=utf-8
content-length
173
ca
tt-10759-0.seg.t.tailtarget.com/ Frame 155A 		61 B
324 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tt-10759-0.seg.t.tailtarget.com/ca?tZ=398786237
Requested by
Host: d.tailtarget.com
URL: https://d.tailtarget.com/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.185.99 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
99.185.102.34.bc.googleusercontent.com
Software
nginx/1.17.8 /
Resource Hash
c39013f627a7401863549d5dd8b2629ee2b569413675063a90c3415944ef7383

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 16:27:38 GMT
via
1.1 google
server
nginx/1.17.8
p3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
cache-control
no-cache, private, proxy-revalidate
content-encoding
gzip
alt-svc
clear
csync
sync.console.adtarget.com.tr/ Frame 4E08 		0
0
img
ih.adscale.de/sium/429371437437189942/1437437190794/0/ Frame DA90
Redirect Chain
  • https://ssum.casalemedia.com/usermatchredir?s=183592&cb=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D63%26tpuid%3D__UID__&uid=70b99bd78c82242f9b54d015c...
  • https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?gdpr=0&tpid=63&tpuid=YVc2988-j77K-IFFqvvWpgAA%261218
49 B
589 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?gdpr=0&tpid=63&tpuid=YVc2988-j77K-IFFqvvWpgAA%261218
Requested by
Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.93.135.255 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-93-135-255.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ih.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 16:27:39 GMT
p3p
CP=NOI PSA OUR
content-length
49
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Fri, 01 Oct 2021 16:27:38 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?gdpr=0&tpid=63&tpuid=YVc2988-j77K-IFFqvvWpgAA%261218
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
310
Expires
Fri, 01 Oct 2021 16:27:38 GMT
img
ih.adscale.de/sium/0270885f19d346e0b337d29a4c93a7cf/1633105658670/0/ Frame DA90
Redirect Chain
  • https://track.adform.net/serving/cookie/match/?party=9&uid=6fb7416cee729a96f6e766a4037d1390e43cc847b02375a05882fd65abd52b0a&tpid=42&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F0270885f19d346e0b337d2...
  • https://ih.adscale.de/sium/0270885f19d346e0b337d29a4c93a7cf/1633105658670/0/img?tpid=42&gdpr=0&tpuid=6142303374695120563
49 B
599 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ih.adscale.de/sium/0270885f19d346e0b337d29a4c93a7cf/1633105658670/0/img?tpid=42&gdpr=0&tpuid=6142303374695120563
Requested by
Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.93.135.255 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-93-135-255.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ih.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 16:27:39 GMT
p3p
CP=NOI PSA OUR
content-length
49
content-type
image/gif

Redirect headers

pragma
no-cache
date
Fri, 01 Oct 2021 16:27:39 GMT
server
nginx
location
https://ih.adscale.de/sium/0270885f19d346e0b337d29a4c93a7cf/1633105658670/0/img?tpid=42&gdpr=0&tpuid=6142303374695120563
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
__tt.gif
t.tailtarget.com/ Frame 155A 		43 B
299 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.tailtarget.com/__tt.gif?tA=TT-10759-0&tE=0&tF=&tI=_berlin_land%20berlin_de_1633105658826_3257166869&tJ=&tU=0100007FFA365761DF066D3D02EDE015&tX=b.52&tY=1&tZ=806007959
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.185.99 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
99.185.102.34.bc.googleusercontent.com
Software
nginx/1.17.8 /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 16:27:39 GMT
via
1.1 google
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
nginx/1.17.8
p3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, private, proxy-revalidate
content-type
image/gif
alt-svc
clear
content-length
43
expires
Thu, 01 Jan 1970 00:00:01 GMT
async_usersync
ib.adnxs.com/ Frame 6527 		0
730 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 01 Oct 2021 16:27:39 GMT
X-Proxy-Origin
194.36.108.21; 194.36.108.21; 868.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
69174cc5-db4c-4897-807b-c849230b2082
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
img
ih.adscale.de/sium/429371437437189942/1437437190794/0/ Frame DA90
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=17&p=32&cp=adscale&url=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D40%26tpuid%3D%40%40CRITEO_USERID%40%40&u...
  • https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=40&tpuid=8f0de17b-dcc6-4f2e-a1fb-540214255d99&gdpr=0
49 B
619 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=40&tpuid=8f0de17b-dcc6-4f2e-a1fb-540214255d99&gdpr=0
Requested by
Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.93.135.255 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-93-135-255.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ih.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 16:27:39 GMT
p3p
CP=NOI PSA OUR
content-length
49
content-type
image/gif

Redirect headers

pragma
no-cache
date
Fri, 01 Oct 2021 16:27:38 GMT
server
Kestrel
x-errorlevel
0
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=40&tpuid=8f0de17b-dcc6-4f2e-a1fb-540214255d99&gdpr=0
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1733189
content-length
0
expires
Fri, 01 Oct 2021 00:00:00 GMT
img
ih.adscale.de/sium/429371437437189942/1437437190794/0/ Frame DA90
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=26&redir=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D39%26tpuid%3D%5BMM_UUID%5D&uid=0cef94c27974234f0f4b65a0...
  • https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=39&tpuid=714d6157-36fa-4300-b14d-a18edead5062&gdpr=0&gdpr_consent=
49 B
642 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=39&tpuid=714d6157-36fa-4300-b14d-a18edead5062&gdpr=0&gdpr_consent=
Requested by
Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.93.135.255 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-93-135-255.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ih.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 16:27:39 GMT
p3p
CP=NOI PSA OUR
content-length
49
content-type
image/gif

Redirect headers

Date
Fri, 01 Oct 2021 16:27:39 GMT
Server
MT3 3984 0e3af3b master cdg-pixel-x30 config:1.0.0
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=39&tpuid=714d6157-36fa-4300-b14d-a18edead5062&gdpr=0&gdpr_consent=
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Fri, 01 Oct 2021 16:27:38 GMT
__tt.gif
t.tailtarget.com/ Frame 0D59 		43 B
242 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.tailtarget.com/__tt.gif?tA=TT-10759-0&tE=0&tF=&tI=_berlin_land%20berlin_de_1633105658789_3257166869&tJ=&tU=0100007FFA365761C9064B1B02810233&tX=b.52&tY=1&tZ=511846447
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.185.99 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
99.185.102.34.bc.googleusercontent.com
Software
nginx/1.17.8 /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 16:27:39 GMT
via
1.1 google
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
nginx/1.17.8
p3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, private, proxy-revalidate
content-type
image/gif
alt-svc
clear
content-length
43
expires
Thu, 01 Jan 1970 00:00:01 GMT
js
ih.adscale.de/sium/0270885f19d346e0b337d29a4c93a7cf/1633105658670/0/ Frame DA90
Redirect Chain
  • https://tracking.m6r.eu/sync/adscaleRedirect?gdprFallback=true&uid=27165c8b6312122d7b8462d8a2b7a397b616c9ac093fb5ff80feb369ccfbeba9&tpid=48&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F0270885f19d346...
  • https://tracking.m6r.eu/sync/adscaleRedirect?gdprFallback=true&uid=27165c8b6312122d7b8462d8a2b7a397b616c9ac093fb5ff80feb369ccfbeba9&tpid=48&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F0270885f19d346...
  • https://ih.adscale.de/sium/0270885f19d346e0b337d29a4c93a7cf/1633105658670/0/js?tpid=48&tpuid=d4207fbca845d5fa4bd808ebade7bbc6
44 B
587 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ih.adscale.de/sium/0270885f19d346e0b337d29a4c93a7cf/1633105658670/0/js?tpid=48&tpuid=d4207fbca845d5fa4bd808ebade7bbc6
Requested by
Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.93.135.255 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-93-135-255.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
2a60287325c0f455d0ec288533191c03d685d8412c37415ee970bc719c6e7771

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ih.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 16:27:39 GMT
p3p
CP=NOI PSA OUR
content-length
44
content-type
text/javascript

Redirect headers

Date
Fri, 01 Oct 2021 16:27:39 GMT
Server
nginx
Vary
Accept
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://ih.adscale.de/sium/0270885f19d346e0b337d29a4c93a7cf/1633105658670/0/js?tpid=48&tpuid=d4207fbca845d5fa4bd808ebade7bbc6
Connection
close
Content-Type
text/plain; charset=utf-8
Content-Length
147
sium
ih.adscale.de/ Frame DA90 		0
190 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ih.adscale.de/sium
Requested by
Host: js.adscale.de
URL: https://js.adscale.de/match.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.93.135.255 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-93-135-255.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://ih.adscale.de
date
Fri, 01 Oct 2021 16:27:39 GMT
access-control-allow-credentials
true
access-control-allow-headers
x-openrtb-version
content-length
0
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
sync
app.retargetly.com/ Frame 19F6 		68 B
514 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://app.retargetly.com/sync?sid=714d6157-36fa-4300-b14d-a18edead5062&pid=10
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:8f4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4443eccbe460b086b56483fdbfdaafca2c11c369a796a56c097997b15c160660

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pixel.mathtag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Oct 2021 16:27:39 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
69770f455b1e4ee6-FRA
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
cache-control
no-cache
content-type
image/png
expires
0
img
pixel.mathtag.com/misc/ Frame 19F6 		43 B
485 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.mathtag.com/misc/img?mop_seq=1:1&mt_cb=987452&check=714d6157-36fa-4300-b14d-a18edead5062&mop_top=
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.20.207 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-20-207.deploy.static.akamaitechnologies.com
Software
MT3 3984 0e3af3b master cdg-pixel-x11 config:1.0.0 /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pixel.mathtag.com/sync/iframe?mt_uuid=714d6157-36fa-4300-b14d-a18edead5062&no_iframe=1&exsync=https%3A%2F%2Fapp.retargetly.com%2Fsync%3Fsid%3D%5BMM_UUID%5D%26pid%3D10&mt_lim=12&source=mathtag
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Fri, 01 Oct 2021 16:27:39 GMT
Server
MT3 3984 0e3af3b master cdg-pixel-x11 config:1.0.0
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 01 Oct 2021 16:27:38 GMT
user
ads3.admatic.com.tr/ Frame 4E08
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=admatic
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=bidswitch&ttd_tpi=1&ttd_puid=admatic&gdpr=&gdpr_consent=
  • https://x.bidswitch.net/sync?dsp_id=93&user_id=23a9f547-69cd-444a-8891-728ca5b966b6&expires=30&ssp=admatic&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT_21}
  • https://ads4.admatic.com.tr/showad/px/ums/sync/bsw?bsw_uuid=680c3cbc-9414-4cc3-aac9-b2fdeafbe98c&dsp_uuid=&dsp_id=
  • https://ads3.admatic.com.tr/user?bsw_uuid=680c3cbc-9414-4cc3-aac9-b2fdeafbe98c&dsp_uuid=&dsp_id=
35 B
82 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads3.admatic.com.tr/user?bsw_uuid=680c3cbc-9414-4cc3-aac9-b2fdeafbe98c&dsp_uuid=&dsp_id=
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=609096
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
188.132.147.235 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
static-235-147-132-188.sadecehosting.net
Software
AdMatic / AdMatic
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cdn.admatic.com.tr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 16:27:38 GMT
server
AdMatic
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
x-powered-by
AdMatic
content-type
image/gif
cache-control
no-cache
timing-allow-origin
*
content-length
35

Redirect headers

timing-allow-origin
*
date
Fri, 01 Oct 2021 16:27:38 GMT
location
https://ads3.admatic.com.tr/user?bsw_uuid=680c3cbc-9414-4cc3-aac9-b2fdeafbe98c&dsp_uuid=&dsp_id=
x-powered-by
AdMatic
access-control-max-age
86400
access-control-allow-methods
GET, POST
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://cdn.admatic.com.tr
cache-control
no-cache
access-control-allow-credentials
true
content-type
text/html; charset=utf-8
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
content-length
221
SPug
simage4.pubmatic.com/AdServer/ Frame BE72 		0
260 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=158127&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158127
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.81 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 16:27:39 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
user
ads3.admatic.com.tr/ Frame 4E08
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=admatic
  • https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=admatic&bsw_custom_parameter=680c3cbc-9414-4cc3-aac9-b2fdeafbe98c
  • https://ads.creative-serving.com/ul_cb/bsw_sync?bidswitch_ssp_id=admatic&bsw_custom_parameter=680c3cbc-9414-4cc3-aac9-b2fdeafbe98c
  • https://x.bidswitch.net/sync?dsp_id=4&user_id=3768f4b2-d992-45c4-aa5e-26d3cf12e45b&ssp=admatic&expires=30&user_group=5&bsw_param=680c3cbc-9414-4cc3-aac9-b2fdeafbe98c
  • https://ads4.admatic.com.tr/showad/px/ums/sync/bsw?bsw_uuid=680c3cbc-9414-4cc3-aac9-b2fdeafbe98c&dsp_uuid=&dsp_id=
  • https://ads3.admatic.com.tr/user?bsw_uuid=680c3cbc-9414-4cc3-aac9-b2fdeafbe98c&dsp_uuid=&dsp_id=
35 B
71 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads3.admatic.com.tr/user?bsw_uuid=680c3cbc-9414-4cc3-aac9-b2fdeafbe98c&dsp_uuid=&dsp_id=
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=609096
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
188.132.147.235 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
static-235-147-132-188.sadecehosting.net
Software
AdMatic / AdMatic
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cdn.admatic.com.tr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 16:27:43 GMT
server
AdMatic
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
x-powered-by
AdMatic
content-type
image/gif
cache-control
no-cache
timing-allow-origin
*
content-length
35

Redirect headers

timing-allow-origin
*
date
Fri, 01 Oct 2021 16:27:43 GMT
location
https://ads3.admatic.com.tr/user?bsw_uuid=680c3cbc-9414-4cc3-aac9-b2fdeafbe98c&dsp_uuid=&dsp_id=
x-powered-by
AdMatic
access-control-max-age
86400
access-control-allow-methods
GET, POST
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://cdn.admatic.com.tr
cache-control
no-cache
access-control-allow-credentials
true
content-type
text/html; charset=utf-8
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
content-length
221
img
pixel.mathtag.com/misc/ Frame 0FC8 		43 B
502 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.mathtag.com/misc/img?mm_bnc&bcdv=1
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.20.207 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-20-207.deploy.static.akamaitechnologies.com
Software
MT3 3984 0e3af3b master cdg-pixel-x24 config:1.0.0 /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://api.retargetly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Fri, 01 Oct 2021 16:27:48 GMT
Server
MT3 3984 0e3af3b master cdg-pixel-x24 config:1.0.0
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 01 Oct 2021 16:27:47 GMT
img
pixel.mathtag.com/misc/ Frame 19F6 		43 B
502 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.mathtag.com/misc/img?mm_bnc&bcdv=1
Requested by
Host: pixel.mathtag.com
URL: https://pixel.mathtag.com/sync/iframe?mt_uuid=714d6157-36fa-4300-b14d-a18edead5062&no_iframe=1&exsync=https%3A%2F%2Fapp.retargetly.com%2Fsync%3Fsid%3D%5BMM_UUID%5D%26pid%3D10&mt_lim=12&source=mathtag
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.20.207 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-20-207.deploy.static.akamaitechnologies.com
Software
MT3 3984 0e3af3b master cdg-pixel-x30 config:1.0.0 /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pixel.mathtag.com/sync/iframe?mt_uuid=714d6157-36fa-4300-b14d-a18edead5062&no_iframe=1&exsync=https%3A%2F%2Fapp.retargetly.com%2Fsync%3Fsid%3D%5BMM_UUID%5D%26pid%3D10&mt_lim=12&source=mathtag
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Fri, 01 Oct 2021 16:27:48 GMT
Server
MT3 3984 0e3af3b master cdg-pixel-x30 config:1.0.0
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 01 Oct 2021 16:27:47 GMT
img
pixel.mathtag.com/misc/ Frame 19F6 		43 B
484 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.mathtag.com/misc/img?mop_seq=1:1&mt_cb=987452&check=714d6157-36fa-4300-b14d-a18edead5062&mop_top=&final&timings=0:20|0:17|10000:107|&errors=
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.20.207 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-20-207.deploy.static.akamaitechnologies.com
Software
MT3 3984 0e3af3b master cdg-pixel-x4 config:1.0.0 /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pixel.mathtag.com/sync/iframe?mt_uuid=714d6157-36fa-4300-b14d-a18edead5062&no_iframe=1&exsync=https%3A%2F%2Fapp.retargetly.com%2Fsync%3Fsid%3D%5BMM_UUID%5D%26pid%3D10&mt_lim=12&source=mathtag
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Fri, 01 Oct 2021 16:27:48 GMT
Server
MT3 3984 0e3af3b master cdg-pixel-x4 config:1.0.0
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 01 Oct 2021 16:27:47 GMT
user
ads3.admatic.com.tr/ Frame 4E08
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=admatic
  • https://green.erne.co/bidswitch/cm?bidswitch_ssp_id=admatic&gdpr=&gdpr_consent=
  • https://x.bidswitch.net/sync?dsp_id=270&expires=10&user_id=QJTrkX5HMx3AM8MQjJDaXky7&ssp=admatic
  • https://ads4.admatic.com.tr/showad/px/ums/sync/bsw?bsw_uuid=680c3cbc-9414-4cc3-aac9-b2fdeafbe98c&dsp_uuid=&dsp_id=
  • https://ads3.admatic.com.tr/user?bsw_uuid=680c3cbc-9414-4cc3-aac9-b2fdeafbe98c&dsp_uuid=&dsp_id=
35 B
71 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads3.admatic.com.tr/user?bsw_uuid=680c3cbc-9414-4cc3-aac9-b2fdeafbe98c&dsp_uuid=&dsp_id=
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=609096
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
188.132.147.235 , Turkey, ASN42910 (PREMIERDC-VERI-MERKEZI-ANONIM-SIRKETI PREMIERDC - SH, TR),
Reverse DNS
static-235-147-132-188.sadecehosting.net
Software
AdMatic / AdMatic
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cdn.admatic.com.tr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 16:27:48 GMT
server
AdMatic
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
x-powered-by
AdMatic
content-type
image/gif
cache-control
no-cache
timing-allow-origin
*
content-length
35

Redirect headers

timing-allow-origin
*
date
Fri, 01 Oct 2021 16:27:48 GMT
location
https://ads3.admatic.com.tr/user?bsw_uuid=680c3cbc-9414-4cc3-aac9-b2fdeafbe98c&dsp_uuid=&dsp_id=
x-powered-by
AdMatic
access-control-max-age
86400
access-control-allow-methods
GET, POST
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://cdn.admatic.com.tr
cache-control
no-cache
access-control-allow-credentials
true
content-type
text/html; charset=utf-8
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
content-length
221

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
lockerdome.com
URL
https://lockerdome.com/lad/13804039184004198?pubid=ld-13804039184004198&pubo=https%3A%2F%2Fwww.oann.com&rid=&width=374
Domain
lockerdome.com
URL
https://lockerdome.com/lad/13247072555993446?pubid=ld-13247072555993446&pubo=https%3A%2F%2Fwww.oann.com&rid=&width=777
Domain
lockerdome.com
URL
https://lockerdome.com/lad/13247071683578214?pubid=ld-13247071683578214&pubo=https%3A%2F%2Fwww.oann.com&rid=&width=777
Domain
disqus.com
URL
https://disqus.com/embed/comments/?base=default&f=oann&t_i=2536903%20https%3A%2F%2Fwww.oann.com%2F%3Fp%3D2536903&t_u=https%3A%2F%2Fwww.oann.com%2Fsen-johnson-says-covid-19-peaked-before-vaccine-rollout-resurged-after-mass-vaccinations%2F&t_e=Sen.%20Johnson%20says%20COVID-19%20peaked%20before%20vaccine%20rollout%2C%20resurged%20after%20mass%20vaccinations&t_d=Sen.%20Johnson%20says%20COVID-19%20peaked%20before%20vaccine%20rollout%2C%20resurged%20after%20mass%20vaccinations&t_t=Sen.%20Johnson%20says%20COVID-19%20peaked%20before%20vaccine%20rollout%2C%20resurged%20after%20mass%20vaccinations&s_o=default
Domain
de.tynt.com
URL
https://de.tynt.com/deb/?m=xch&rt=html&sid=0010b00002CpYhEAAV
Domain
image2.pubmatic.com
URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Domain
router.infolinks.com
URL
https://router.infolinks.com/dyn/VR-usync?uid=y-mTXOWBpE2uHL.P4UjCAh6thOLF9faVQge.mK5is-~A
Domain
sync.targeting.unrulymedia.com
URL
https://sync.targeting.unrulymedia.com/csync/RX-8429784b-6615-44da-bd38-2e8cbd66d778-003?redir=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fr1-usync%3Fuid%3DRX-8429784b-6615-44da-bd38-2e8cbd66d778-003
Domain
b1sync.zemanta.com
URL
https://b1sync.zemanta.com/usersync/infolinks/?cb=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fzmn-usync%3Fuid%3D__ZUID__
Domain
sync.go.sonobi.com
URL
https://sync.go.sonobi.com/us?loc=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fsonobi-usync%3Fuid%3D%5BUID%5D
Domain
dsp.adkernel.com
URL
https://dsp.adkernel.com/sync?exchange=202&r=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fearn-usync%3Fuid%3D%7BUID%7D
Domain
match.bnmla.com
URL
https://match.bnmla.com/usersync?sspid=1000361&redir=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fenbd-usync%3Fuid%3D%5BUUID%5D
Domain
ap.lijit.com
URL
https://ap.lijit.com/pixel?redir=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fsovrn-usync%3Fuid%3D%24UID
Domain
image4.pubmatic.com
URL
https://image4.pubmatic.com/AdServer/SPug?p=60809&pmc=1&pr=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2Fusersync%3Fpmuservalue%3D94A8FEED-3C24-4429-940E-599AF60A8C6A
Domain
router.infolinks.com
URL
https://router.infolinks.com/dyn/iq-usync
Domain
p.rfihub.com
URL
https://p.rfihub.com/cm?pub=43153&in=1
Domain
ssc-cms.33across.com
URL
https://ssc-cms.33across.com/ps/?ri=0010b00002CpYhEAAV&ru=https%3A%2F%2Frouter.infolinks.com%2Fdyn%2F33a-usync%3Fuid%3D33XUSERID33X
Domain
lockerdome.com
URL
https://lockerdome.com/lad/14262018928489574?pubid=ld-14262018928489574&pubo=https%3A%2F%2Fwww.oann.com&rid=&width=1560
Domain
www.facebook.com
URL
https://www.facebook.com/v3.2/plugins/like_box.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3a5881e33b69c8%26domain%3Dwww.oann.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.oann.com%252Ff39fc12b9c17948%26relation%3Dparent.parent&container_width=374&header=false&height=430&href=https%3A%2F%2Fwww.facebook.com%2FOneAmericaNewsNetwork&locale=en_US&sdk=joey&show_border=false&show_faces=true&stream=false&width=374
Domain
match.adsrvr.org
URL
https://match.adsrvr.org/track/cmf/casale?gdpr=1
Domain
dsum-sec.casalemedia.com
URL
https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1
Domain
ssum-sec.casalemedia.com
URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEKwiGG_uD85_d0VPjmYwlAM&google_cver=1
Domain
s.amazon-adsystem.com
URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YVc2988_j77K_IFFqvvWpgAABMIAAAAB
Domain
nep.advangelists.com
URL
https://nep.advangelists.com/xp/user-sync?acctid=405&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D195%26external_user_id%3D%7BPARTNER_VISITOR_ID%7D%0A
Domain
sync.adotmob.com
URL
https://sync.adotmob.com/cookie/indexexchange?r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7bamob_user_id%7d%26expiration%3D%5bEXPIRATION%5d&gdpr=1
Domain
beacon.lynx.cognitivlabs.com
URL
https://beacon.lynx.cognitivlabs.com/ix.gif
Domain
match.deepintent.com
URL
https://match.deepintent.com/usersync/113
Domain
router.infolinks.com
URL
https://router.infolinks.com/dyn/ix-usync?uid=YVc2988-j77K-IFFqvvWpgAA%261218
Domain
syndication.twitter.com
URL
https://syndication.twitter.com/settings?session_id=1c5ff3f45e21c519b7bcefa3fb38c6b1399efcd6
Domain
2719c13eafd44c117c21cca9347f6566.safeframe.googlesyndication.com
URL
https://2719c13eafd44c117c21cca9347f6566.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Domain
api.rlcdn.com
URL
https://api.rlcdn.com/api/identity/envelope?pid=c2d18b01-4905-4aba-a83e-e41eac932694
Domain
sync.adtelligent.com
URL
https://sync.adtelligent.com/csync?t=a&ep=319130&extuid=a11f3cd2-aa51-4d80-8e5e-7b26bc56383c
Domain
sync.adtelligent.com
URL
https://sync.adtelligent.com/csync?t=a&ep=309255&extuid=a05dac23-db56-4909-b2c5-d3499480ebde
Domain
sync.adtelligent.com
URL
https://sync.adtelligent.com/csync?t=a&ep=289656&extuid=8bbb3c3b-709d-4908-9575-e5cf2556304b
Domain
sync.adtelligent.com
URL
https://sync.adtelligent.com/csync?t=a&ep=310570&extuid=ef52bbd9d008f9d4581e3908
Domain
sync.adtelligent.com
URL
https://sync.adtelligent.com/csync?&redir=https%3A%2F%2Ft.trafmag.com%2Fimages%2Fimages%2F1px-matching-adtelligent.gif%3Fid%3D%7Buid%7D
Domain
sync.adtelligent.com
URL
https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=634636179186247923
Domain
sync.adtelligent.com
URL
https://sync.adtelligent.com/csync?t=a&ep=323546&extuid=YVc2988-j77K-IFFqvvWpgAA%261218
Domain
sync.adtelligent.com
URL
https://sync.adtelligent.com/csync?redir=
Domain
sync.console.adtarget.com.tr
URL
https://sync.console.adtarget.com.tr/csync?t=a&ep=307457&extuid=6142303374695120563
Domain
sync.console.adtarget.com.tr
URL
https://sync.console.adtarget.com.tr/csync?t=a&ep=307080&extuid=C3GOyp9DMzhQygpJx0JW&pi=admatic&tc=1
Domain
sync.console.adtarget.com.tr
URL
https://sync.console.adtarget.com.tr/csync?redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D318342%26extuid%3D%7Buid%7D
Domain
sync.adtelligent.com
URL
https://sync.adtelligent.com/csync?redir=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D322988%26extuid%3D%7Buid%7D
Domain
sync.adtelligent.com
URL
https://sync.adtelligent.com/csync?t=a&ep=307971&extuid=AO1x6Pc7irhc9WWn
Domain
sync.console.adtarget.com.tr
URL
https://sync.console.adtarget.com.tr/csync?t=a&ep=307442&extuid=AO1x6Pc7irhc9WWn
Domain
sync.console.adtarget.com.tr
URL
https://sync.console.adtarget.com.tr/csync?t=a&ep=307565&extuid=5aa65adb05774b408f82c0e5cd97dce9
Domain
sync.console.adtarget.com.tr
URL
https://sync.console.adtarget.com.tr/csync?t=a&ep=314221&extuid=PTwx0lbbsSoUs1HsmLh7f64MRLINqbJd59q0gFbq6guLsFBniPVEues7D9wLYZWqOtxLGOKylh5cRvCx1flF8g

Verdicts & Comments Add Verdict or Comment

158 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| onbeforexrselect boolean| originAgentCluster string| gtm4wp_datalayer_name object| dataLayer string| em_version boolean| em_track_user string| em_no_track_reason object| disableStrs function| __gtagTrackerIsOptedOut undefined| index function| __gtagTrackerOptout function| gaOptout function| __gtagDataLayer function| __gtagTracker object| ExactMetricsDualTracker function| gtag function| __gaTracker object| exactmetrics_frontend function| ExactMetrics object| ExactMetricsObject undefined| $ function| jQuery object| html5 object| Modernizr function| yepnope object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| googletag object| dataLayer_content function| documentInitOneSignal function| OneSignal string| QP object| qp object| FB number| infolinks_pid number| infolinks_wsid object| gaplugins object| gaGlobal object| gaData object| ggeac object| google_js_reporting_queue object| countVars string| disqus_shortname object| embedVars string| disqus_url string| disqus_identifier string| disqus_container_id string| disqus_title undefined| disqus_config_custom function| disqus_config object| wparest object| addComment object| wpa object| _ldStickyConfig object| ldAdInit object| wp object| cookieconsent object| headEl object| styleEl string| styleOverload function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter boolean| google_measure_js_timing object| googleToken object| googleIMState function| processGoogleToken number| __google_ad_urls_id number| google_unique_id object| $iceboot object| INFOLINKS number| google_srt object| google_logging_queue object| google_ad_modifications object| google_reactive_ads_global_state boolean| _gfp_a_ object| adsbygoogle object| google_sa_queue object| google_sl_win function| google_process_slots string| google_user_agent_client_hint object| __twttrll object| twttr object| __twttr object| DISQUSWIDGETS undefined| disqus_domain boolean| _ldStickyRendered object| _ldAdIdMap object| DISQUS function| disqus_recommendations_config function| _typeof object| $ice object| $infolinks function| hb_iceChunk object| hb_ice object| _pbjsGlobals object| $ICE_HB object| DISQUS_RECOMMENDATIONS number| __oneSignalSdkLoadCount object| _oneSignalInitOptions function| __jp0 function| getCookie object| ad_data object| ua_result object| revcontent function| dspCriteoRTUSCallback function| renderRCWidget object| data boolean| inDapIF boolean| inGptIF object| dicnf object| viewReq function| vu object| __google_ad_urls boolean| google_osd_loaded boolean| google_onload_fired object| ampInaboxIframes object| ampInaboxPendingMessages function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb number| __google_lidar_ function| osdlfm number| __google_lidar_adblocks_count_ function| __google_lidar_radf_ object| displayPlacement_PF_script boolean| pixfuture_environment_started function| init_____display____pixfuture boolean| isPending string| prebid_file function| findCMP_PixFuture function| pbjs_pixChunk object| pbjs_pix object| mnet object| GoogleGcLKhOms object| google_image_requests

165 Cookies

Domain/Path Name / Value
www.oann.com/sen-johnson-says-covid-19-peaked-before-vaccine-rollout-resurged-after-mass-vaccinations Name: logglytrackingsession
Value: 19eb0b13-7399-41d8-8bb4-965bc117eaf9
www.oann.com/ Name: AWSALBTG
Value: +olUmdoj4NhdgSIA++EMhRQeXY5wewjlzfipz8pNyYs90/3IjBeaOoRIqVUkpyM5zOhsrz2NGJ5Drv7lo+3yBu1l03mA3akWEdCM16H3kcJQrGwPVTYVPX5iGsLy/hgUGJriD2nzBHC8NHUIyVuO5UV9SYnsJiBdQlWBZRrRD9ZV1VpCvFI=
www.oann.com/ Name: AWSALBTGCORS
Value: +olUmdoj4NhdgSIA++EMhRQeXY5wewjlzfipz8pNyYs90/3IjBeaOoRIqVUkpyM5zOhsrz2NGJ5Drv7lo+3yBu1l03mA3akWEdCM16H3kcJQrGwPVTYVPX5iGsLy/hgUGJriD2nzBHC8NHUIyVuO5UV9SYnsJiBdQlWBZRrRD9ZV1VpCvFI=
www.oann.com/ Name: AWSALB
Value: p1oyEBxMcqp4AGuwwgh5d7OcAE/824F47BX2Jira+drNEav6XprL80tbdPrUnpFOUtT2gX61SM6ZuokGAnLRiEX9h1aFhoqctfMa2z2iLlNLVDRylc+nfuGDCRrh
www.oann.com/ Name: AWSALBCORS
Value: p1oyEBxMcqp4AGuwwgh5d7OcAE/824F47BX2Jira+drNEav6XprL80tbdPrUnpFOUtT2gX61SM6ZuokGAnLRiEX9h1aFhoqctfMa2z2iLlNLVDRylc+nfuGDCRrh
.oann.com/ Name: _ga
Value: GA1.2.761376765.1633105655
.oann.com/ Name: _gid
Value: GA1.2.1349894832.1633105655
.oann.com/ Name: _gat_gtag_UA_98105905_1
Value: 1
.openx.net/ Name: i
Value: 4a2f1cb5-cb4e-4517-839f-dbb471fc1aae|1633105655
.advertising.com/ Name: APID
Value: UP7c1d2a32-22d4-11ec-b5b8-06584a1aed54
.adnxs.com/ Name: uuid2
Value: 634636179186247923
.yahoo.com/ Name: A3
Value: d=AQABBPc2V2ECEOsIrqS0zmefIKYIZX_JkSUFEgEBAQGIWGFhYQAAAAAA_eMAAA&S=AQAAAvVl9sGtv4wFA0DS5LFpuQk
.yahoo.com/ Name: APID
Value: UP7c1d2a32-22d4-11ec-b5b8-06584a1aed54
.yahoo.com/ Name: APIDTS
Value: 1633105655
.casalemedia.com/ Name: CMID
Value: YVc2988-j77K-IFFqvvWpgAA
.casalemedia.com/ Name: CMPS
Value: 5222
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 94A8FEED-3C24-4429-940E-599AF60A8C6A
.casalemedia.com/ Name: CMPRO
Value: 1218
.adsrvr.org/ Name: TDID
Value: 23a9f547-69cd-444a-8891-728ca5b966b6
.infolinks.com/ Name: ANUSERCOOKIE
Value: 5625641726557375293
.infolinks.com/ Name: OXUSERCOOKIE
Value: b214017d-711d-4d6c-9886-24aeed7c8cc6
.cpx.to/ Name: cpSess
Value: 5ea3e05728d32fa9
.cpx.to/ Name: dsp_app_nexus
Value: 634636179186247923#1633105655362
.infolinks.com/ Name: OUTHUSERCOOKIE
Value: y-tgeACKhE2uGzPyY2hNS3QtU_iNXvPGvI~A~UP7c1d2a32-22d4-11ec-b5b8-06584a1aed54
.doubleclick.net/ Name: IDE
Value: AHWqTUmo9CdiAsutDpO5Xej4xAcV0xT9-Yi6tMbbC3STt2kSEBNmd_Z-j9eS4UJGQkU
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.oann.com/ Name: __gads
Value: ID=e2a3d46798e374cc-2274f98de3ca009d:T=1633105654:S=ALNI_Mbm_43iF4UKVT6ru_3Gp2IK_6_YjA
.infolinks.com/ Name: VRUSERCOOKIE
Value: y-mTXOWBpE2uHL.P4UjCAh6thOLF9faVQge.mK5is-~A
www.oann.com/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
www.oann.com/ Name: _lr_retry_request
Value: true
www.oann.com/ Name: _lr_env_src_ats
Value: false
www.oann.com/ Name: pbjs-unifiedid
Value: %7B%22TDID%22%3A%2223a9f547-69cd-444a-8891-728ca5b966b6%22%2C%22TDID_LOOKUP%22%3A%22TRUE%22%2C%22TDID_CREATED_AT%22%3A%222021-09-01T16%3A27%3A36%22%7D
.adnxs.com/ Name: anj
Value: dTM7k!M4/8CxrEQF']wIg2In2u@O]#!]tbP6j2F-XstGt!@DmC$q7R%
.go.sonobi.com/ Name: HAPLB5A
Value: s568|YVc2+
.adnxs.com/ Name: icu
Value: ChgI3sJXEAoYASABKAEw-O3cigY4AUABSAEQ-O3cigYYAA..
.rubiconproject.com/ Name: khaos
Value: KU8KXX7B-1T-OVE
.rubiconproject.com/ Name: rsid
Value: 1|AIfsdBUO++vuGxiryvY4NyLgsLINffPD0nJRTZPyMmB0r4WWOQTuL9+eZLvlgeCkRh3C4GjGYWrGRQSWDHOtFAT+ngdWyQZYykB4JZyHexlK9j7tYKExPQ==
.rubiconproject.com/ Name: audit
Value: 1|hLZGFuTafB38Wygj3GuT20ZeVCuLeoYaJAQRvrb7NaaVL7v9nbH7lg7eXlkMNyatTSCe5WDhxwxymPvo8pleP2KLLa4BRoMRcV9NAwqhSw8=
www.oann.com/ Name: cto_bidid
Value: G8M0gl9QZFJyNFJNeDlidmtJZ1Bsc2FDQk14bkVURVZNTEF6OWR4YXZReUNrc3k5ckhtNEVGQ1NsM0VvdG1MdUdCYnN5NU5hRTFTTGNGU1Bha1c0VTBTaHNHZyUzRCUzRA
www.oann.com/ Name: cto_bundle
Value: l43akV9wSkdPeEY1bG5QTUI1dSUyQks1NyUyRnpoQk43RHhrUkFTWlF0JTJGcVc2dGtiUmJGd2QwaSUyRmpWd29jT3ZFcTdQQjZ6RVY3dEVTTG5uUXlyVjdTS2NBUnIlMkZtS0x3YTVNNTY4VXhUNDZhT0NsZFhtS3VCYjljSWIlMkZaZFI4ZTQ4SWZiZ3lDbg
.technoratimedia.com/ Name: tads_uid
Value: GDPR
.lijit.com/ Name: ljt_reader
Value: ef52bbd9d008f9d4581e3908
.openx.net/ Name: pd
Value: v2|1633105657|gekin0vNiygu
ads.us.e-planning.net/ Name: CT
Value: 1
.360yield.com/ Name: tuuid
Value: 8bbb3c3b-709d-4908-9575-e5cf2556304b
.360yield.com/ Name: tuuid_lu
Value: 1633105658
eus.rubiconproject.com/ Name: pux
Value: 2249%3D103000%262307%3D103000%262974%3D103000%263778%3D103000%26idl%3D103000%262249-DV360-Hosted%3D103000%26brx%3D103000%26goog%3D103000%26
.e-planning.net/ Name: E
Value: AO1x6Pc7irhc9WWn
.media.net/ Name: gdpr_status
Value: 1
.quantserve.com/ Name: mc
Value: 615736fa-0c29b-fbfb3-6fe12
.adform.net/ Name: C
Value: 1
.mathtag.com/ Name: uuid
Value: 714d6157-36fa-4300-b14d-a18edead5062
.adform.net/ Name: uid
Value: 6142303374695120563
.pubmatic.com/ Name: DPSync3
Value: 1634256000%3A201_197_219%7C1633132800%3A174
.pubmatic.com/ Name: SyncRTB3
Value: 1633910400%3A63%7C1633651200%3A15_2_223%7C1634256000%3A220_161_3_81_88_165_176_7_166_13_56_99_189_21_8_71_230_231_22_234_204_54_55_222_57%7C1634342400%3A35%7C1635638400%3A203
.adfarm1.adition.com/ Name: UserID1
Value: 7014135392026556563
.bidswitch.net/ Name: c
Value: 1633105658
.bidswitch.net/ Name: tuuid_lu
Value: 1633105658
.bidswitch.net/ Name: tuuid
Value: 680c3cbc-9414-4cc3-aac9-b2fdeafbe98c
.pubmatic.com/ Name: KRTBCOOKIE_57
Value: 22776-634636179186247923
.pubmatic.com/ Name: PUBMDCID
Value: 3
.pubmatic.com/ Name: KRTBCOOKIE_153
Value: 19420-r4vzpKqMoPK0iqWhoNjr9fvcpKC0jKD2qIjqsxBB&KRTB&22979-r4vzpKqMoPK0iqWhoNjr9fvcpKC0jKD2qIjqsxBB
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 22987-CAESELziic0k1NqFrBcNBV2PS7w&KRTB&16514-CAESELziic0k1NqFrBcNBV2PS7w&KRTB&23025-CAESELziic0k1NqFrBcNBV2PS7w
.erne.co/ Name: u
Value: QJTrkX5HMx3AM8MQjJDaXky7
.pubmatic.com/ Name: KRTBCOOKIE_409
Value: 22966-QJTrkX5HMx3AM8MQjJDaXky7
.zeotap.com/ Name: zc
Value: f0721f19-9a11-4603-6d77-11da737a68df
.pubmatic.com/ Name: KRTBCOOKIE_391
Value: 22924-6142303374695120563&KRTB&23263-6142303374695120563
.pubmatic.com/ Name: KRTBCOOKIE_1101
Value: 23040-7014135392026556563
.pubmatic.com/ Name: KRTBCOOKIE_377
Value: 6810-23a9f547-69cd-444a-8891-728ca5b966b6&KRTB&22918-23a9f547-69cd-444a-8891-728ca5b966b6&KRTB&23031-23a9f547-69cd-444a-8891-728ca5b966b6
.taboola.com/ Name: t_gid
Value: f4522dd7-ac4b-481a-a93d-0009919078c9-tuct850bc7a
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 4
.de17a.com/ Name: guid2
Value: 1.6090178948821815727
.pubmatic.com/ Name: KRTBCOOKIE_27
Value: 16735-uid:714d6157-36fa-4300-b14d-a18edead5062&KRTB&16736-uid:714d6157-36fa-4300-b14d-a18edead5062&KRTB&23019-uid:714d6157-36fa-4300-b14d-a18edead5062&KRTB&23114-uid:714d6157-36fa-4300-b14d-a18edead5062
.creativecdn.com/ Name: u
Value: C3GOyp9DMzhQygpJx0JW
.creativecdn.com/ Name: ts
Value: 1633105658
.simpli.fi/ Name: suid
Value: 5AA538212E0C4882A367AF1BDFA4E627
.adsby.bidtheatre.com/ Name: __kuid
Value: 9eefde78-b001-477b-a198-857af31bb00d.402319658
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~YVc2_gAAAlCrpAA6
.pubmatic.com/ Name: SPugT
Value: 1633105657
.turn.com/ Name: uid
Value: 2355061870237820537
.pubmatic.com/ Name: KRTBCOOKIE_336
Value: 5844-6090178948821815727
.bidr.io/ Name: bito
Value: AABHVU7Crm4AABU6TyHI-A
.bidr.io/ Name: bitoIsSecure
Value: ok
ads.playground.xyz/ Name: connect.sid
Value: s%3Ap6si2-0EFnEvRTesjSHOAjldncpmyAjk.nrWnXgPnSG4sgKqvkx6SdSRQ4fBCY5W17yJoYg3W9Is
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-8429784b-6615-44da-bd38-2e8cbd66d778-003%22%7D
.pubmatic.com/ Name: KRTBCOOKIE_22
Value: 14911-2355061870237820537
.pubmatic.com/ Name: KRTBCOOKIE_188
Value: 3189-no-consent
.agkn.com/ Name: ab
Value: 0001%3ApZAcYbOatzkgjHs0fBHNmSQyUfMts5VK
.pubmatic.com/ Name: KRTBCOOKIE_594
Value: 17105-RX-8429784b-6615-44da-bd38-2e8cbd66d778-003&KRTB&17107-RX-8429784b-6615-44da-bd38-2e8cbd66d778-003
.pubmatic.com/ Name: PugT
Value: 1633105658
.pubmatic.com/ Name: KRTBCOOKIE_218
Value: 22978-YVc2_gAAAlCrpAA6&KRTB&23194-YVc2_gAAAlCrpAA6&KRTB&23209-YVc2_gAAAlCrpAA6&KRTB&23244-YVc2_gAAAlCrpAA6
.richaudience.com/ Name: avcid-zeo-uid
Value: f0721f19-9a11-4603-6d77-11da737a68df
ads.avct.cloud/ Name: uuid
Value: ce889fc3-6233-4a3a-a2df-c3756a2b9266
.tapad.com/ Name: TapAd_TS
Value: 1633105658337
.tapad.com/ Name: TapAd_DID
Value: f2586434-7c50-4ab5-bc63-f51731c0a231
.infolinks.com/ Name: PUBMUSERCOOKIE
Value: 94A8FEED-3C24-4429-940E-599AF60A8C6A
.weborama.fr/ Name: AFFICHE_W
Value: D@6@1qKEV5YP74
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value:
.admanmedia.com/ Name: admtr
Value: c00944b7336de56682eaf6b93403ee305869d87d
.theadex.com/ Name: axd
Value: 4273282818556087254
.theadex.com/ Name: tis
Value: EP175%3A2945
.onaudience.com/ Name: cookie
Value: 2f1b0a2414f63232
.onaudience.com/ Name: done_redirects219
Value: 1
.tidaltv.com/ Name: tidal_ttid
Value: a6b9f5a8-a17b-4b71-9928-48d0301a5c24
.demdex.net/ Name: demdex
Value: 25895917415134187250073887492006020299
.pubmatic.com/ Name: KRTBCOOKIE_466
Value: 16530-680c3cbc-9414-4cc3-aac9-b2fdeafbe98c
.zeotap.com/ Name: zsc
Value: %10%A4%FB%CC%D9%9F%27xR7%85%5E%E3m%B2%18%BE+%9D%B2%B0%0E%27%83a-%F4%EDM%7D%C9%E3e%05%8F%08%BE%F0%3C%AD%9F%C2Y%1E%DA%F0%60e%0F%F5%BC%11%BD%3C%AF%2F%00~%CBt%24%89_%9Am%8D%F5%D7%19%C8%DF%91%28%F3%03%9B7%C6%AEv%1C%AF%BC%AA%C4SL3%84%BFw%F9%AE%C7%40L%B0%D5%E2%C0%A0L%92%E1%E5%C3%85vN%EC9%F0%CD%A4%1B%E6%BB%B3p%01%21pw%F0%97%DA%C9%1D%15%F8er%2B%E7%3F%F6%266%E8%DD%04%C6%84%15%2B%A4%91%A2%FFw%12C%F7%BD%F2%C4%0E%01C%97W%C5+%A4%7Fs9%A2
.tidaltv.com/ Name: sync-his
Value: "H4sIAAAAAAAAADM0srA0sjK0MAIAkLjEHgkAAAA="
.dpm.demdex.net/ Name: dpm
Value: 25895917415134187250073887492006020299
.retargetly.com/ Name: _rlid
Value: c2782a55-36d2-4c85-ad56-be18fe047c32
.krxd.net/ Name: _kuid_
Value: OZSjybZ8
.crwdcntrl.net/ Name: _cc_dc
Value: 1
.crwdcntrl.net/ Name: _cc_id
Value: 101aa7b3afa5d30f46ca46c812d1c2f1
.crwdcntrl.net/ Name: _cc_cc
Value: "ACZ4XmNQMDQwTEw0TzJOTEs0TTE2SDMxS04EYgtDoxTDZKM0QwYgSAw3%2BwWioQAAYBwLCg%3D%3D"
.crwdcntrl.net/ Name: _cc_aud
Value: "ABR4XmNgYGBIDDf7BaSgAAAXEQHp"
.tribalfusion.com/ Name: ANON_ID
Value: aNnseFyg6AarA7u8QGkn6jFyTFnU4XvQl0XFy0hUo3ZbnQF1HYPLGCKtM0i84AopAw2yRQn5lat4BTCUtZdWZcu
.adscale.de/ Name: uu
Value: 5aa65adb05774b408f82c0e5cd97dce9
.t.tailtarget.com/ Name: _ssc
Value: y
.id5-sync.com/ Name: cf
Value:
.id5-sync.com/ Name: cip
Value:
.id5-sync.com/ Name: cnac
Value:
.id5-sync.com/ Name: car
Value:
.id5-sync.com/ Name: gdpr
Value:
.analytics.yahoo.com/ Name: IDSYNC
Value: "192u~20ps:192m~20ps:18z8~20ps:192w~20ps"
.id5-sync.com/ Name: 3pi
Value:
.id5-sync.com/ Name: callback
Value:
bh.contextweb.com/ Name: INGRESSCOOKIE
Value: f2d228179efdd443
.sharethrough.com/ Name: stx_user_id
Value: 61406616-df60-4359-accf-c4093edc120b
.quantumdex.io/ Name: uid
Value: 55997f9b-32f2-421e-9d45-9bde6f1b89cb
.t.tailtarget.com/ Name: u
Value: fwAAAWFXNvobSwbJMwKBAgB=
.mathtag.com/ Name: mt_misc
Value: mt_bt:1
.id5-sync.com/ Name: id5
Value: 1f9b63d0-b264-4ffe-abec-3559b80e52e5#1633105658662#3
.fwmrm.net/ Name: _uid
Value: "e5655_7014135392023261118"
.mathtag.com/ Name: mt_mop
Value:
.smartadserver.com/ Name: TestIfCookieP
Value: ok
.smartadserver.com/ Name: pbw
Value: %24b%3d16930%3b%24o%3d11100
.ibillboard.com/ Name: ibbid
Value: BBID-01-03078196587711906-16408188
.smartadserver.com/ Name: pid
Value: 1428628817216158652
.smartadserver.com/ Name: pdomid
Value: 27
.quantserve.com/ Name: d
Value: EI0BGAGwJPijCJiTCuu4EA
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-8429784b-6615-44da-bd38-2e8cbd66d778-003%22%7D
.w55c.net/ Name: wfivefivec
Value: odogLR3z1MwlnQ5
.w55c.net/ Name: matchcasale
Value: 5
.t.tailtarget.com/ Name: ttc
Value: 1
.t.tailtarget.com/ Name: ttnprf
Value:
.ads3.admatic.com.tr/ Name: ARRAffinity
Value: 5cd954eb54859a62355d68180fae9f1a594237dad0b93ebb7a83a9787ee34388
.owneriq.net/ Name: si
Value: Q6863920581470284846
.owneriq.net/ Name: p2
Value: cc
.t.tailtarget.com/ Name: ttbprf
Value: _berlin_land berlin_de_1633105658826_3257166869
.groovinads.com/ Name: GRV_IDU
Value: 1633105661436172
.groovinads.com/ Name: GRV_RT
Value: c2782a55-36d2-4c85-ad56-be18fe047c32
.tt-10759-0.seg.t.tailtarget.com/ Name: ttca
Value: _1633105658
.criteo.com/ Name: uid
Value: 8f0de17b-dcc6-4f2e-a1fb-540214255d99
.t.tailtarget.com/ Name: n
Value: 1633105659
.adscale.de/ Name: cct
Value: 1633105659121
.casalemedia.com/ Name: CMRUM3
Value: 08615736f705a00&bf615736fa05a0&04615736fa27602355061870237820537&29615736fa05a0&f1615736f705a0&41615736fa05a0&40615736fa05a0&49615736fa05a0&c4615736fa05a0&6f615736fa05a0&5a615736fa05a0&98615736fb27607d2e0559-9bac-4761-9788-67ba88ff47e9&03615736fa05a0&e6615736f72760&b0615736f705a00&2f615736fa2760odogLR3z1MwlnQ5&05615736fa05a0&1f615736fa05a00&0d615736f705a0&51615736fa05a0&c3615736f705a00&dd615736fa2760&27615736fa0b40&2e615736fa05a0&58615736fa05a0&82615736fa2760AABHVU7Crm4AABU6TyHI-A&ce615736fa05a0&69615736fa05a00&ee615736fa2760&2d615736f705a0&be615736fa05a0
.casalemedia.com/ Name: CMST
Value: YVc292FXNvsA
rt.idx.lat/ Name: _idx3p
Value: {"ridx":"b0ff1f7ef773952263a2b83f089a44e731bc78e1e5caa32dfd00bbb41f6c0c1c"}
.m6r.eu/ Name: test
Value: true
.m6r.eu/ Name: cct
Value: 1633105659244
.m6r.eu/ Name: id
Value: d4207fbca845d5fa4bd808ebade7bbc6
.ih.adscale.de/ Name: tu
Value: 4#1305796225#48~d4207fbca845d5fa4bd808ebade7bbc6~453640~0~0#101~BBID-01-03078196587711906-16408188~453640~0~0#39~714d6157-36fa-4300-b14d-a18edead5062~453640~0~0#40~8f0de17b-dcc6-4f2e-a1fb-540214255d99~453640~0~0#42~6142303374695120563~453640~0~0#75~634636179186247923~453640~0~0#108~714d6157-36fa-4300-b14d-a18edead5062~453640~0~0#63~YVc2988-j77K-IFFqvvWpgAA&1218~453640~0~0
.retargetly.com/ Name: _rlmp1
Value: 2|634636179186247923|1633105659&&9|$_BK_UUID|1633105659&&10|714d6157-36fa-4300-b14d-a18edead5062|1633105659&&11|CAESEIsWKANsqV95WQ73JHcwsAQ|1633105659&&13|23a9f547-69cd-444a-8891-728ca5b966b6|1633105659&&14||1633105659&&15||1633105659&&22||1633105659&&23||1633105659&&24||1633105659&&27||1633105659&&39||1633105659&&51|c2782a55-36d2-4c85-ad56-be18fe047c32|1633105659&&63||1633105659
.adsrvr.org/ Name: TDCPM
Value: CAESFwoIcHVibWF0aWMSCwiWsMilzcCCOhAFEhgKCWJpZHN3aXRjaBILCMLbirbNwII6EAUYASABKAIyCwjC043j48CCOhAFOAFaCWJpZHN3aXRjaGAC
.ads4.admatic.com.tr/ Name: ARRAffinity
Value: 924054ab073178b36f762fbfe5f015b9bb65ad662424aac7b4c0ebbb113bfe31

16 Console Messages

Source Level URL
Text
network error URL: https://content.jwplatform.com/players/qfycdXMQ-fQdxgz20.js
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://content.jwplatform.com/players/qfycdXMQ-fQdxgz20.js
Message:
Failed to load resource: the server responded with a status of 404 ()
javascript warning URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021092101.js?31062995(Line 10)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021092101.js?31062995(Line 10)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network error URL: https://aa.agkn.com/adscores/r.js?sid=9112309848
Message:
Failed to load resource: the server responded with a status of 400 ()
javascript error URL: https://www.oann.com/sen-johnson-says-covid-19-peaked-before-vaccine-rollout-resurged-after-mass-vaccinations/
Message:
Access to XMLHttpRequest at 'https://api.rlcdn.com/api/identity/envelope?pid=c2d18b01-4905-4aba-a83e-e41eac932694' from origin 'https://www.oann.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://api.rlcdn.com/api/identity/envelope?pid=c2d18b01-4905-4aba-a83e-e41eac932694
Message:
Failed to load resource: net::ERR_FAILED
network error URL: https://rtb.gumgum.com/usync/prbds2s?gdpr={gdpr}&gdpr_consent={gdpr_consent}&us_privacy={us_privacy}&r=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D289657%26extuid%3D
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://id.rlcdn.com/709414.gif
Message:
Failed to load resource: the server responded with a status of 451 ()
network error URL: https://ib.adnxs.com/getuid?https://mwzeom.zeotap.com/mw?adnxs_uid=$UID&zpartnerid=2&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f0721f19-9a11-4603-6d77-11da737a68df&reqId=c00f89ce-c871-4734-7fb3-83f9afeba165&zdid=1361
Message:
Failed to load resource: the server responded with a status of 400 (Request failed due to privacy signals)
network error URL: https://dmp.adform.net/serving/cookie/match/?party=1105&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f0721f19-9a11-4603-6d77-11da737a68df&reqId=c00f89ce-c871-4734-7fb3-83f9afeba165&zdid=1361
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID&gdpr=1
Message:
Failed to load resource: the server responded with a status of 400 (Request failed due to privacy signals)
network error URL: https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID&gdpr=1
Message:
Failed to load resource: the server responded with a status of 400 (Request failed due to privacy signals)
network error URL: https://c1.adform.net/serving/cookie/match?party=29&gdpr=1
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID&gdpr=1
Message:
Failed to load resource: the server responded with a status of 400 (Request failed due to privacy signals)
network error URL: https://idsync.rlcdn.com/461886.gif?partner_uid=YVc2988-j77K-IFFqvvWpgAA%261218&&gdpr_consent=&gdpr=1
Message:
Failed to load resource: the server responded with a status of 400 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

2719c13eafd44c117c21cca9347f6566.safeframe.googlesyndication.com
a.audrte.com
a.tribalfusion.com
aa.agkn.com
aax-eu.amazon-adsystem.com
acdn.adnxs.com
ad-cdn.technoratimedia.com
ad.turn.com
ad4m.at
ads.avct.cloud
ads.creative-serving.com
ads.playground.xyz
ads.pubmatic.com
ads.us.e-planning.net
ads.yahoo.com
ads01.groovinads.com
ads3.admatic.com.tr
ads4.admatic.com.tr
adscale-emea.adnxs.com
adservice.google.com
adservice.google.de
ap.lijit.com
apex.go.sonobi.com
api.retargetly.com
api.rlcdn.com
app.retargetly.com
assets.revcontent.com
b.t.tailtarget.com
b1sync.zemanta.com
bbnaut.ibillboard.com
bcp.crwdcntrl.net
beacon.krxd.net
beacon.lynx.cognitivlabs.com
bh.contextweb.com
biddr.brealtime.com
bn01.er.bemail.it
btlr.sharethrough.com
c.disquscdn.com
c1.adform.net
casale-match.dotomi.com
cdn.admatic.com.tr
cdn.districtm.io
cdn.onesignal.com
cdn.pixfuture.com
cdn.revcontent.com
cdn1.lockerdomecdn.com
cdn2.lockerdomecdn.com
cm.adgrx.com
cm.g.doubleclick.net
cms.analytics.yahoo.com
connect.facebook.net
content.jwplatform.com
contextual.media.net
cs.admanmedia.com
csync.loopme.me
d.adroll.com
d.tailtarget.com
d2pggiv3o55wnc.cloudfront.net
d5p.de17a.com
de.tynt.com
dis.criteo.com
disqus.com
dmp.adform.net
dmp.brand-display.com
dmp.theadex.com
dmp.v.fwmrm.net
dmx.districtm.io
dpm.demdex.net
dsp.adfarm1.adition.com
dsp.adkernel.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
dzm0ugdauank9.cloudfront.net
eu-u.openx.net
eus.rubiconproject.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
ghb.adtelligent.com
googleads.g.doubleclick.net
green.erne.co
gu.dyntrk.com
gum.criteo.com
hb.emxdgt.com
hbopenbid.pubmatic.com
hnwebcontent.s3-us-west-1.amazonaws.com
ib.adnxs.com
ic.tynt.com
id.rlcdn.com
id5-sync.com
idsync.frontend.weborama.fr
idsync.rlcdn.com
ih.adscale.de
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
image8.pubmatic.com
images.revcontent.com
img.revcontent.com
js.adscale.de
js.cookieless-data.com
loadeu.exelator.com
lockerdome.com
match.adsby.bidtheatre.com
match.adsrvr.org
match.bnmla.com
match.deepintent.com
match.prod.bidr.io
match.sharethrough.com
match.taboola.com
maxcdn.bootstrapcdn.com
mug.criteo.com
mwzeom.zeotap.com
nep.advangelists.com
oann-push.s3-us-west-2.amazonaws.com
oann.disqus.com
obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com
odr.mookie1.com
onesignal.com
onetag-sys.com
p.rfihub.com
pagead2.googlesyndication.com
pixel-eu.rubiconproject.com
pixel-sync.sitescout.com
pixel.advertising.com
pixel.mathtag.com
pixel.onaudience.com
pixel.quantserve.com
pixel.rubiconproject.com
pixel.sitescout.com
pixel.tapad.com
pixfuture.technoratimedia.com
pixfuture2-d.openx.net
platform.twitter.com
pm.w55c.net
pr-bh.ybp.yahoo.com
prebid-match.dotomi.com
prebid.media.net
prg.smartadserver.com
pubmatic-match.dotomi.com
px.owneriq.net
referrer.disqus.com
resources-rt.idx.lat
resources.infolinks.com
router.infolinks.com
rt.idx.lat
rtb-csync.smartadserver.com
rtb.gumgum.com
rtb.openx.net
s.adtelligent.com
s.adx.opera.com
s.amazon-adsystem.com
s.console.adtarget.com.tr
s.cpx.to
s.e-planning.net
s.tribalfusion.com
scripts.poll-maker.com
secure-assets.rubiconproject.com
secure.adnxs.com
securepubads.g.doubleclick.net
served-by.pixfuture.com
simage2.pubmatic.com
simage4.pubmatic.com
spl.zeotap.com
ssc-cms.33across.com
ssc.33across.com
ssum-sec.casalemedia.com
ssum.casalemedia.com
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.1rx.io
sync.adotmob.com
sync.adtelligent.com
sync.console.adtarget.com.tr
sync.e-planning.net
sync.extend.tv
sync.go.sonobi.com
sync.mathtag.com
sync.quantumdex.io
sync.richaudience.com
sync.smartadserver.com
sync.targeting.unrulymedia.com
sync.teads.tv
sync.tidaltv.com
syndication.twitter.com
t.tailtarget.com
tag.1rx.io
tags.bluekai.com
tags.crwdcntrl.net
tags.t.tailtarget.com
tempest.services.disqus.com
token.rubiconproject.com
tpc.googlesyndication.com
track.adform.net
tracking.m6r.eu
trc.taboola.com
trends.revcontent.com
tt-10759-0.seg.t.tailtarget.com
u-ams02.e-planning.net
u.openx.net
um.simpli.fi
ups.analytics.yahoo.com
us-u.openx.net
usermatch.krxd.net
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.oann.com
www.privacypolicies.com
x.bidswitch.net
2719c13eafd44c117c21cca9347f6566.safeframe.googlesyndication.com
ap.lijit.com
api.rlcdn.com
b1sync.zemanta.com
beacon.lynx.cognitivlabs.com
de.tynt.com
disqus.com
dsp.adkernel.com
dsum-sec.casalemedia.com
image2.pubmatic.com
image4.pubmatic.com
lockerdome.com
match.adsrvr.org
match.bnmla.com
match.deepintent.com
nep.advangelists.com
p.rfihub.com
router.infolinks.com
s.amazon-adsystem.com
ssc-cms.33across.com
ssum-sec.casalemedia.com
sync.adotmob.com
sync.adtelligent.com
sync.console.adtarget.com.tr
sync.go.sonobi.com
sync.targeting.unrulymedia.com
syndication.twitter.com
www.facebook.com
104.111.242.53
104.154.142.214
104.16.68.69
104.17.120.107
104.22.35.177
13.225.84.116
13.225.87.101
135.125.160.160
142.250.184.226
142.250.186.130
150.136.26.45
151.1.205.165
151.101.0.134
151.101.129.44
151.101.2.49
151.101.65.108
151.139.128.11
151.139.241.28
151.139.242.29
152.199.22.191
159.253.128.188
162.55.236.225
162.55.6.212
169.197.150.7
172.66.42.247
173.231.180.197
178.162.133.150
178.250.0.157
178.250.0.163
178.62.202.251
18.156.0.31
18.158.92.16
18.184.35.118
18.184.93.79
18.196.230.57
18.198.69.109
18.215.193.43
184.30.20.207
184.31.88.106
185.29.134.244
185.33.223.175
185.64.189.110
185.64.189.112
185.64.189.114
185.64.189.115
185.64.189.216
185.64.190.80
185.64.190.81
185.86.138.121
185.86.139.114
185.86.139.89
188.132.147.235
194.213.62.37
198.148.27.139
199.232.192.64
199.232.196.134
2.18.233.180
2.18.234.21
2.18.235.93
2001:678:cb4:bbbb::11
208.100.17.178
212.82.100.182
213.155.156.185
213.19.147.42
213.19.147.44
216.52.2.48
23.37.42.132
2600:1f18:6593:f602:82a0:df8e:67ea:6e72
2600:1f1c:adc:8702:9939:31da:b0b6:c3c3
2600:9000:20eb:1800:9:da2a:f240:21
2600:9000:21f3:8400:f:4f64:8940:93a1
2600:9000:21f3:a200:6:8656:f5c0:93a1
2600:9000:21f3:ca00:1:a3fa:7cc0:93a1
2602:803:c004:200::143
2606:2800:234:59:254c:406:2366:268c
2606:4700:10::6816:1857
2606:4700:10::6816:397e
2606:4700:10::ac43:1cda
2606:4700:10::ac43:8f4
2606:4700:20::681a:154
2606:4700:20::681a:b9c
2606:4700:20::ac43:49dc
2606:4700:20::ac43:4a81
2606:4700::6812:bcf
2606:4700::6812:c05
2606:4700::6812:e234
2620:116:800d:21:5a23:9c4e:e774:96c1
2a00:1288:110:c305::8000
2a00:1288:80:800::7001
2a00:1450:4001:800::2003
2a00:1450:4001:80e::2001
2a00:1450:4001:80e::2004
2a00:1450:4001:80e::2008
2a00:1450:4001:810::2002
2a00:1450:4001:813::2002
2a00:1450:4001:828::2002
2a00:1450:4001:829::2002
2a00:1450:4001:82a::200e
2a00:1450:4001:831::2001
2a00:1450:4001:831::2003
2a00:1450:4001:831::200a
2a00:1450:400c:c06::9b
2a02:2638::1c
2a02:fa8:8806:16::1370
2a03:2880:f02d:12:face:b00c:0:3
2a04:4e42:200::300
2a05:d018:24:b001:6cd5:9d52:6dd6:6c58
2a0c:5c81:5095:0:225:90ff:fefa:245d
2a0c:5c81:5139::2
2a0c:5c81:5142::2
3.120.83.159
3.126.175.244
3.226.4.120
34.102.185.99
34.107.148.139
34.149.20.76
34.253.109.165
34.255.141.19
34.98.107.212
34.98.67.61
35.157.23.185
35.201.123.184
35.201.81.244
35.227.248.159
35.227.252.103
35.241.40.233
35.244.159.8
35.244.174.68
37.157.2.237
37.157.4.41
37.252.172.123
37.252.172.45
38.27.122.101
46.249.52.248
5.178.65.245
5.178.65.253
51.158.28.83
51.79.83.225
51.89.9.253
52.0.134.127
52.16.229.21
52.208.28.104
52.218.217.33
52.219.112.169
52.48.23.163
52.59.77.57
52.95.126.160
54.154.121.199
54.205.198.81
54.217.194.158
54.36.109.155
54.77.47.243
54.93.135.255
63.33.204.129
66.155.71.149
66.155.71.150
67.202.105.32
68.183.31.14
69.173.144.139
69.173.144.165
72.246.100.56
72.251.244.141
72.34.250.75
76.223.111.131
82.145.213.8
85.114.159.93
87.98.128.108
88.214.206.142
89.163.159.109
89.187.169.47
99.80.188.163
0260dfd9a71c817954b58243bfc5190c85476fb0d4b4ae55662627230641ae72
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
030b4f6079e0fcab0e61a0ab7da2e0494761966dbc0540524ba035ddb386cbca
038591f3363a100018191937e5320f59a8184d96ad1ed5922b7e5ded26a580e2
038a45acddcad81c3766a9110ca62f49e93db36e7e396f886bd9c188da25fee0
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0dbd6403c5a3cd65b34063741db8d791fd9eb988159a990c75169b2c7f36f4ff
0ec88001969168d59388e45c39e5cfc59eba6ad8cf7501d40e50ce0f24650404
0f2e6ecd74d9b08b503c5131e0241a09f4997a3e59dfd59eab7dcc1062c7ecdb
12a2477ddcc5a8e47efe6f1ba6ef3b43f9d1296790e643a0c20a7bbfe0083852
1326c88d831faec75944c75ab8fb61c5e5c18ade4c6a3fa2de16baafdc64ec97
13c5a71726697e86ac1e10503b9e21b14cc2e34522d46cde873e296ef709cfe8
143ce443c390db3b8598f951de20bd04623859a581a15b8cde43ebfa1f8ec103
14d79e2cf47df339b79d25ffc6d0136e5d2e70a96b75e6782198ea6bbda3ca0a
16957a3bb9422d4ba380be3b630db7a310e87e65f224e2be865dd64dd0b5664d
17c017479dd90e883c66518bc09e8e77eb17fd4186fc172b5565e2014ad8e2e9
1844237c138bd410bc7fcfecd38156aa58aa2968d59889386b17de5c796e3c84
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
18cbfcb608af5885f7916274b60578d32006c90e8fce3d98dbcc89a646707608
1bbb0716e19530fa27a841b40f64a8011245b6337afad89eddedb374c5e9eeba
1ea3816a4aa07f76c730607a939f62726786f16edebb5d510ddaa8a110789e02
1ef4968512ccd040e47009b27e7759b29389922fefb9d952aef49769d19c99d8
204265a6f1fc8529e4a64cff2c17c04709b46455f93003d24edb50bd78977223
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba
231bd98642687563dc171a7e474a91e4a55005faa23baf62a4ba899a117903f3
267fae96246b0ae55f6fd892ff784ee1d62782c8cbc120bc3f4cf92633990e00
273282a153ded9e3bf56932b20e17408048ddd0d3edf359ebc52e1312a927c4e
279165340fde9c5e5ace9ac2edd77824664af98da8f6e0f55c6b4a7cdea822df
27b7f9a56027075cbb8170f636ac61977fe920ae5320b2384f79ec7b5f0c0966
282891b3961bb82bfa9850b4b003d09b309c4ac8250ee56592172c165047373a
29eea8cab274ca49259eb2351309225a995844b5a88e72ee37bc0dcec68602ae
2a60287325c0f455d0ec288533191c03d685d8412c37415ee970bc719c6e7771
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2ebdc2ee9e356cc8669ef9e010e7f3063831b62d9d09b8156affef9d040bae7f
2f325ae6eba35146be280cb1b42f68dda3d172bc2e0213ac9c35c4452dad1317
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
2fd9194926220d50c85570403a81d49e69ebb98ee590f5863e556c6eecf72421
30ad7518daae9ffbd368abe59ea5ee79784e4ef502c36d0db941d4d2a246d5bc
3487ef2baf0c08ba660a8a143cdeb8ebeec961eea04bccd7c49096b4eb26b875
3516496d97f72bf509cf5d6902b5deebf53355ccb21127dc777d265cd96ca2d8
37430d4d05c7f8cdfa516b082653629ddac7d0361b9af9fc72a0c6c46f368670
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
38dfac74df11512b29ed7fc2dbc518c935784ffbbde4f270cad34aa73f7366ca
3a62e9ac7554c45a4d80fddf3bdffdd0a23ad00c700f8726231c6cf11fb3108f
3be0a5a4f4980d0f231ca381f2ff37a91b9adcb061efe6d814cdb1c5a4f7f724
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3deded95a736770a65f77a281c09d607824972890619dda8ecb04d03b914aafb
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
411cf73437ceb503df8414fe6abe2c9b575004ead0d0e8799ff2179c942cfcf8
41ea122189eda656210b1d9f551e7b70e3fb8b033f4eb2b14b6a952a1a713d91
42051dce342f24cd62271509c49d8ae7ca99df6c19a67561a278f3e8f0f83f34
4443eccbe460b086b56483fdbfdaafca2c11c369a796a56c097997b15c160660
45df10c585e01c07a3602ed16c1c6842d2572d6b15bceff9cb1f58256d330e31
48a3351ddc97098696f99f99945ea299dafabf31bbe311d46734362b5ab8074f
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4c14c984c41c97195a5a7eb06fe3456f08f4a4bfe6dd56f16c0b6ae63c08d011
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e2ff4dda6510591e0123ec9153d0dd7f35a566566df7095694625e6c654e527
4f3f6ff4c625dd80fbf39a4d867029612362e834b16e21fad2746b7390640c74
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0
4f998bc528ad162ef739d7ef610ae7d755b7a82bd0615d0b4ae2c7aedd2d028a
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
4faf6d9d8e93c3d2dacfdc8381a071ec2f37e4e6be8e74a56f7f1a5fe08d79a3
50c6c8fc80bf8b2be4e6a4853646df3717eeec7689614912c794a79cba96dc6b
521bfaef9d8db07362d322f775abb899adf53cdab9fd752cd6fd87b9e84d4705
528674035413ceec12e2be6253fcd0328a25d31c04c77674c3c2da4a4f3daea8
536386f4e5a08dcde004ad0d24c4ea816a2054ba53f5da25ebb12fa4493f693f
541ac58217a8ade1a5e292a65a0661dc9db7a49ae13654943817a4fbc6761afd
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54930f8d5930ea73a5643b6e7cd4f3e5142609ed371fd9d1969ad38dba591ab4
556172885a172763c715eace05597d5575ee4d4f2df6b61d723f4666b0a730a9
588f897c100382b2f619d53a089eef063305383d525bdbb995b0e0477c6cfd17
58b29c6a1d8d9a4a472faa82ce2ba76eba26d0c9b1263156b13fc8c904123653
58ed344732766704ee535508e3dcd8d4a8ec0c9c79d16adf02293adde110926c
5937250307e54f41efc516d6fd591d94ca56db829f5f2f35376178b286305950
5bcbed5a97ddb008d1c032aa0155c17fa4d2737c7e376813f6864b92b0bae030
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
5eb9030b91e8628d931a2262532c85d7f8cff2eda2f35f672a17a1d0df160a7b
5f574e279c22cd42addc9788e80e6f0becb98f5dbd39cef396b0551854a49f32
603163219032226a42439270ebb0c5ea3ea6f0d80715de393fbdf344e14ee238
616f3d654ec7e18cc148962158d6828aea3594f6f6e65a5e86c7899dd5e20b3c
62b58b017cf4d54dc404dbc48e49b0429cbbb46678a868a95bf17664cc6340fd
62f3a786e694b5c0ea068b3267e019ec7de62fb98fbebffdfbd425f1cd99a86e
65500e31dcb74da5d1bea4999eab9e6eae960a68b5be358403a1e0ca09569242
65f128358082182b4e73184a93da15ea4bbbd0cf773c0ac8b1550a28cfafd762
6645eb342334489c8f246aaf10a4fa1a4cc639ad87500875b0b9ea491af6b889
66e0312cb1c8f068831abec6de6c5c6e8e7b6134881cc245c3fd99744619aec1
67c9e4930a98c185b95b886eeb9fc73d1f3641efd72b89fc556fc22fb228359f
68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6c5ef5c0f76ca96caba5c40cbe16d97577450ce7d4194011ab334a3220c008b6
6e65c663913ab0ce19c82af3ed5f7d792e052063b1e53812f50acc0382868244
6f89b7d01b93e358ad90b5f0d3f8e03b691467f1bc1055f3db5bfb8179233dd1
745c6d482ce31e61364197404efc13f221c98be409582b5d4bc6a2bf95cf29c5
75fe42598de63e1aac2359b4f5b2069ae9ea0e424e4ddc9fb359f2844bc56178
76ad5f8e17afd508bbce1d69b469d00e983b15889711fd96f504282a90f3ec95
76d1da9e9902ccf3d2983b706151d7c4f1a910c86b757fae4302ccf989c630a7
792e8d90eda8320b9bad0aa1aa9b98cb609ac3a72a642e6d370f40131c88ebe4
80e3eee7e7c83a1117ee99d89d6c0f5adb65d0d4164f636b958d77caf2a45df1
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
868a78df4f3d0a21f89c48ccc709df44d3875f5fb33e22bf51ca8b5c28be4202
86ae7f67ca295fae5f0c19d290680b8a6d1025e2b173d6527f3b1c336efe6fa5
8806d9eaf9e8ca89fa2404e8cb66a9fa115e0a0f687ad0dcd91cabce4c2179c6
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8b4b43fd2629a9ae29c5220a852bbc8ff169c571cdf77798633efec65c934df7
8b5cbe512fbb056de7aa42963d3bac7e38adb05e32fbe6f502b4fad3cabf57fc
8c6fd8717d86c8dfe9a40fdc7b86770c0581553efebc75894fa8cf9f2bc501d6
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e72afcd1a38e3ab0bb322104a9238e75dda48df9c455e5471bbaaece5207d83
9110fc122dda3067c424d9b8ff7747e2030b0bd9298f69a3683d399ad3373a6a
91195428cd9efd75eaa98937bd92a5684b20d3c7c2a9a3d79a1e3f1db7f51696
9152b87a0d3b0828143fc544123055d141bf6b69f5342275bf10510a732881c6
91b4eb09154d5ebef46352e922194ec6dbb9547b63f9776ae10133fe1ca66879
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
95efc6a1b0e18636b608c1280049e1e31e5dac2f28c111ae489cea912f8b927b
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068
9b04eb1a1071ff451da4e3cb16c09c5011e7d0410a1d5fd89f8e20738de2e703
9cddc4e1c7049c1e45ebb678a8a47bb3b67dfa86009c877de6a9e6da0cfae474
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a075bf194ac32d660e8a2da5a892a0715335669e744e4645498eee2d8a99b798
a1eb18ae633f51f7d29c4824f20f7e5d5a5c64a0b19d88224fe8b4141ba48b43
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a7e35e777af2e0a0f266124a79c171b4e58e69dbe6db8cbbfc02d0a18563f940
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
aadc3580d2b64ff5a7e6f1425587db4e8b033efcbf8f5c332ca52a5ed580c87c
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a
aea163da4219117e288da03eeb745e9269ac3795629c974e7538fafdcefa524a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b301995ea6cfc1e520a7fdf267e26b60dfa9eaf40c313b236d7db34126027075
b63fe792eca92d7cb67c652ddc4e76692c7f7f0899316ada620039b6438b8961
b6cb35af8160fdccef229d7fdf1852a60bea8320a9f8f0e73dfb1d62425ebf42
b72bcca0f8dd35773ca5d83bd4e61ddf9e908c540a1809251bdd92416be4f31c
b8449b516d1b81bd783fba83660fbdfe92bb15d8ca9f6eab488314f43cdaadb7
b86f73d212769f38acc9cc88280343234725334eccc93c426c50a06a69578166
b97e05411def19f898ee5b52a8241d47780894133d4176dbafd074fbc9f90af6
bae0b6cbc6f070c5e7422511065ecb1afe95c4bb3bdda660101d1a031f8b53e1
bcdf010ba3dc61605c33de9b33e7e76dbc3bb4326dcec49f33970345e517fb25
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
bde02ae501da9b3a9d23abd317e2d6730aa840c244fb7bb25b9a6774528ede44
bf27786b4381176350787d768bf5f7c5310ba640aa48ee98a3d2c310ddd971ab
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c225fd985ca2ebd5f97e2f81d24ba0b4219def9c054f9cf44739c7d108d193bf
c3072c382f769330b572fbc29dac6c72b6d81b99d017e70cb8020c04b9c3d90a
c39013f627a7401863549d5dd8b2629ee2b569413675063a90c3415944ef7383
c6d03b7a5561687268e57b13d9d4a6a4c71ee570ea74718040ce9227676e3e5e
c72976d3b4c427a85952b5cea1ad2efafcc4b2dc6fdd9ef5a505e5e582e62928
c823ca97d2f90ed6364e37ce7ab978adb1f80419a9b665f8ac13aeed67177e78
c842ab9a59af3f3d62511fdb5488ad527d2193c3371b5561ade4a2a19a8e7062
c87273285a7f89697937eac81b667834a441ce92498bb7140fd898939930a2cc
cb075fa27e70474142a19eabb082529569f5eb549be48370fa4c9ce1132e02fa
cb34d27bca125b742bee85f479c0bb789630c9f12410df9f4913de21d474a256
cbf1a9489083789521cb679dc2a8aa50b5e385e320455234f497e90f83bc1f48
cc8562872dc541ccfe9ab57d0d85581b33b22924c126651f11d1dc3456ad7961
cea0a05c5af6e21a409875328ed2e3dba79131b7c41f8ea07d0e0e02c7b7b59e
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cfd3099998b0c37ace8024cbd802160585ba9be1c0047fefc172035184f074df
d22884064f4d7b34e4a0c7ef2767d21363923c795416100088d9d910a32a63c5
d287da709652059aee8af366398fb5597fa3bf2e9cbe53b7c8ffe3da44f19ff8
d3cf4eeaa65e2d53154304a0c0e574e02d73e7f82dead6d7cf9c297379783116
d490f2efc64637640a21c5282a89dd22344e58974641bc7bbbfa4c7e4dc8648e
d82efa509f154d1fdc5cb2e1c357964aca8cd3cba871ed300aef074bfe955115
d837a8bd2d9d0030c7dc50304ecc5f7c83ca5d0992cf58eecd61079d35f83dba
d9c895d200224618020ba6c844060d7edf258372a85b9140b36aa4177b895590
dab4e8e5049584bfe935b784b24f987bb12df253a775384fd355cf733b2d53d0
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
dfbdff6c9f2de2d75edb5ae49d26a9c0af81801b17de08739e32b738ef23058e
e31ae17f9bb7238005c413104acb964ccb6a9fa661898b2aee0d560d710423c0
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e548abcd8734bfcf8b4ebbbca1af98f9e8ae1e0ff884c0971f29498a4fc108f4
e8b7fb908d956404cecbbbfb6fc55b75067b33312af3db2c14662d9767fbf26e
e8f18ad3391a0dc2099ec75b363f6d862c6f572b4f7ebdfe6927009276b5d4e8
e98fe68918e568093cd41f1eba2d1be09184150201f54c3c46df76ebfce6f852
eb2f63939c45c47279a9f9dd558b32a51e08e787b1013588375145020c947e8e
eb35e2fc6b44a1ba314358847a3ecffb044ac056ff0b374ec17856062cc75ee3
eb53600f2d48e974798ca3a0415ebd6ddd0b24485b4feedb89a9c0fe2c285ba7
ecde72bc5d9fd5bc5150218535ae8f75ad9161924b91e64b7995c495fc90c246
ed748eabea3237e3fa0cac6fb04d0b8e64f937cf5a717105ed3dc1f3c6e0e20d
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef391572f9fbb7bab7fef6ce2c4fc92ad68a8c148889a79cb9f9b1452d851fab
f2c2b65c77725fe19667e4b727c1785d4d3c90d150029030cfc0e923ec9d6bd3
f3d70165d1438b13b94b2aebf55f853777b6f44c8ca0b3473728bfefa90b115f
f4ca196c86f0e1ad0fbaa6723936f6ab8ddf077941e05037f33b2f17baaa193b
f965d9119183d5554d0fc800865f04af240ab1fe28a968fc970cf53580ad8cd7
fab3e19af5e6addb5c9460293169e60c9efd9c1a3040043da0ee47666f614b51
fbb6a05a2fdc7c4354c3d31ee0d97386568a284a28d73dca71993cba35e47947
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
fd2f43dab3326dad7364404c0e69c552ccb6ab0d9aa883afa268065734ace1f1
ff40f9b06e0379e753e072a8b97a41fec42d48ba9470622e645d07ec6bb99603