itsallinanutshell.com Open in urlscan Pro
2600:1f10:4c55:e23f:afb4:7f32:3aa4:fbc  Public Scan

Submitted URL: https://cdn-0.itsallinanutshell.com/
Effective URL: https://itsallinanutshell.com/
Submission: On August 18 via api from US — Scanned from US

Summary

This website contacted 136 IPs in 13 countries across 155 domains to perform 851 HTTP transactions. The main IP is 2600:1f10:4c55:e23f:afb4:7f32:3aa4:fbc, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is itsallinanutshell.com.
TLS certificate: Issued by R3 on August 11th 2023. Valid for: 3 months.
This is the only time itsallinanutshell.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 2606:4700:303... 13335 (CLOUDFLAR...)
63 2600:1f10:4c5... 14618 (AMAZON-AES)
8 2606:4700:303... 13335 (CLOUDFLAR...)
20 2607:f8b0:400... 15169 (GOOGLE)
8 2606:4700:e2:... 13335 (CLOUDFLAR...)
3 2607:f8b0:400... 15169 (GOOGLE)
3 2607:f8b0:400... 15169 (GOOGLE)
2 2600:1f10:4c5... 14618 (AMAZON-AES)
15 2606:4700:10:... 13335 (CLOUDFLAR...)
3 151.101.66.133 54113 (FASTLY)
17 2606:4700::68... 13335 (CLOUDFLAR...)
2 4 2620:116:800b... 14618 (AMAZON-AES)
4 2607:f8b0:400... 15169 (GOOGLE)
1 1 192.229.210.155 15133 (EDGECAST)
1 2600:9000:21d... 16509 (AMAZON-02)
3 2607:f8b0:400... 15169 (GOOGLE)
12 2.22.40.190 1299 (TWELVE99 ...)
23 2607:f8b0:400... 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
92 2607:f8b0:400... 15169 (GOOGLE)
1 2a04:4e42:600... 54113 (FASTLY)
9 104.36.115.123 62713 (AS-PUBMATIC)
3 3 34.233.30.236 14618 (AMAZON-AES)
19 22 68.67.161.182 29990 (ASN-APPNEX)
1 15 51.222.39.185 16276 (OVH)
1 3 2.22.40.22 1299 (TWELVE99 ...)
1 8.28.7.92 62713 (AS-PUBMATIC)
1 12 2607:f8b0:400... 15169 (GOOGLE)
17 2607:f8b0:400... 15169 (GOOGLE)
4 4 34.170.123.2 396982 (GOOGLE-CL...)
21 47 142.250.176.194 15169 (GOOGLE)
20 20 35.71.131.137 16509 (AMAZON-02)
5 5 185.167.164.37 198622 (ADFORM)
3 3 63.251.114.136 32475 (SINGLEHOP...)
1 6 54.173.48.72 14618 (AMAZON-AES)
4 4 23.105.12.159 30633 (LEASEWEB-...)
1 1 130.35.192.4 31898 (ORACLE-BM...)
1 19 172.98.26.245 399668 (E-PLANNING-)
2 2 207.198.113.205 13768 (COGECO-PEER1)
2 13 34.238.96.3 14618 (AMAZON-AES)
6 12 34.111.113.62 396982 (GOOGLE-CL...)
5 5 198.148.27.131 19189 (PULSEPOINT)
1 1 8.2.110.24 46636 (NATCOWEB)
2 172.98.26.241 399668 (E-PLANNING-)
3 4 35.186.253.211 15169 (GOOGLE)
14 14 2606:ae80:145... 25751 (VALUECLICK)
3 4 168.119.72.236 24940 (HETZNER-AS)
3 18 69.166.1.34 27630 (AS-XFERNET)
1 1 52.6.59.36 14618 (AMAZON-AES)
1 5 52.201.146.33 14618 (AMAZON-AES)
1 1 8.2.110.134 46636 (NATCOWEB)
1 1 3.223.58.25 14618 (AMAZON-AES)
7 23 72.247.65.83 16625 (AKAMAI-AS)
4 23 192.40.39.223 27381 (CASALE-MEDIA)
1 205.234.175.175 23352 (SERVERCEN...)
1 12 2606:4700:10:... 13335 (CLOUDFLAR...)
3 108.138.128.124 16509 (AMAZON-02)
2 44.193.215.220 14618 (AMAZON-AES)
7 20 52.223.22.214 16509 (AMAZON-02)
2 7 8.28.7.81 62713 (AS-PUBMATIC)
8 9 8.43.72.98 26667 (RUBICONPR...)
3 9 52.46.155.104 16509 (AMAZON-02)
13 15 34.200.65.202 14618 (AMAZON-AES)
4 10 2600:1f18:4e9... 14618 (AMAZON-AES)
2 184.72.156.158 14618 (AMAZON-AES)
1 1 34.96.71.22 396982 (GOOGLE-CL...)
7 7 207.198.113.88 13768 (COGECO-PEER1)
9 9 52.204.75.117 14618 (AMAZON-AES)
2 19 2603:c020:400... 31898 (ORACLE-BM...)
1 1 23.105.12.136 30633 (LEASEWEB-...)
2 26 162.248.18.37 62713 (AS-PUBMATIC)
2 2 173.231.178.83 32475 (SINGLEHOP...)
5 7 151.101.130.49 54113 (FASTLY)
2 4 38.91.45.7 398989 (DEEPINTENT)
3 5 74.119.119.150 19750 (AS-CRITEO)
6 8 54.211.218.86 14618 (AMAZON-AES)
5 5 52.23.88.72 14618 (AMAZON-AES)
5 5 199.38.167.131 54312 (ROCKETFUEL)
1 2 44.196.72.67 14618 (AMAZON-AES)
1 1 34.102.163.6 396982 (GOOGLE-CL...)
1 1 69.90.254.78 13768 (COGECO-PEER1)
1 3 2606:4700::68... 13335 (CLOUDFLAR...)
2 2 35.214.144.9 15169 (GOOGLE)
1 40.76.134.238 8075 (MICROSOFT...)
3 162.248.18.34 62713 (AS-PUBMATIC)
8 9 2620:112:f002... 6336 (TURN-US-ASN)
4 4 52.207.126.75 14618 (AMAZON-AES)
22 26 35.211.178.172 19527 (GOOGLE-2)
2 2 52.44.3.194 14618 (AMAZON-AES)
1 2 38.98.69.175 174 (COGENT-174)
2 32 3.214.33.241 14618 (AMAZON-AES)
7 10 64.202.112.127 22075 (AS-OUTBRAIN)
5 5 54.209.93.224 14618 (AMAZON-AES)
5 5 185.184.8.90 204995 (RTB-HOUSE...)
9 29 35.244.159.8 15169 (GOOGLE)
9 9 64.74.236.159 22075 (AS-OUTBRAIN)
5 8 104.107.25.203 16625 (AKAMAI-AS)
2 2 124.146.215.46 2514 (INFOSPHER...)
1 1 80.77.87.163 46636 (NATCOWEB)
3 2620:1ec:21::14 8068 (MICROSOFT...)
1 2620:1ec:c11:... 8068 (MICROSOFT...)
1 13.226.36.207 16509 (AMAZON-02)
1 67.220.228.203 16509 (AMAZON-02)
5 8 8.43.72.97 26667 (RUBICONPR...)
1 54.156.138.112 14618 (AMAZON-AES)
2 3 2606:4700:1::... 13335 (CLOUDFLAR...)
2 2 76.13.32.147 26101 (YAHOO-BF1)
4 72.247.69.164 16625 (AKAMAI-AS)
3 4 216.22.16.8 30633 (LEASEWEB-...)
1 2 2600:1901:0:8... 15169 (GOOGLE)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
12 34.237.83.209 14618 (AMAZON-AES)
2 3 195.244.31.10 63140 (IGUANA-WO...)
1 2620:100:a001... 19750 (AS-CRITEO)
1 2606:4700::68... 13335 (CLOUDFLAR...)
29 52.23.11.45 14618 (AMAZON-AES)
1 63.251.28.233 26558 (FREEWHEEL)
8 2607:f8b0:400... 15169 (GOOGLE)
2 192.0.77.38 2635 (AUTOMATTIC)
10 2607:f8b0:400... 15169 (GOOGLE)
23 23 67.202.105.23 32748 (STEADFAST)
1 4 67.202.105.34 32748 (STEADFAST)
1 2606:2800:21f... 15133 (EDGECAST)
2 2 20.127.253.7 8075 (MICROSOFT...)
2 5 162.19.138.117 16276 (OVH)
5 5 2600:9000:251... 16509 (AMAZON-02)
1 1 8.2.111.52 46636 (NATCOWEB)
1 151.101.193.108 54113 (FASTLY)
2 15 23.52.158.180 16625 (AKAMAI-AS)
4 4 35.210.53.219 15169 (GOOGLE)
1 1 18.116.16.40 16509 (AMAZON-02)
1 1 159.89.246.130 14061 (DIGITALOC...)
1 2 50.57.31.206 19994 (RACKSPACE)
1 174.137.133.32 27257 (WEBAIR-IN...)
5 10 35.190.60.146 15169 (GOOGLE)
1 1 107.178.254.65 396982 (GOOGLE-CL...)
1 1 50.19.227.133 14618 (AMAZON-AES)
2 3 44.226.139.197 16509 (AMAZON-02)
4 4 35.207.24.140 15169 (GOOGLE)
1 192.0.76.3 2635 (AUTOMATTIC)
2 2 54.174.203.135 14618 (AMAZON-AES)
19 34.117.239.71 396982 (GOOGLE-CL...)
15 16 199.127.204.171 26120 (RHYTHMONE)
1 3.135.132.32 16509 (AMAZON-02)
2 2 2600:1901:0:8... 15169 (GOOGLE)
1 1 2600:9000:251... 16509 (AMAZON-02)
1 18.164.116.64 16509 (AMAZON-02)
5 2001:4860:480... 15169 (GOOGLE)
1 1 82.145.213.8 39832 (NO-OPERA)
1 35.186.193.173 15169 (GOOGLE)
1 1 172.104.105.5 63949 (AKAMAI-LI...)
1 1 20.85.134.6 8075 (MICROSOFT...)
1 195.5.165.20 44968 (IPROM-AS)
1 23.88.86.2 24940 (HETZNER-AS)
1 2 54.81.4.21 14618 (AMAZON-AES)
1 3.233.248.22 14618 (AMAZON-AES)
1 44.212.232.9 14618 (AMAZON-AES)
3 5 2620:100:a001::c 19750 (AS-CRITEO)
1 1 192.96.203.13 30633 (LEASEWEB-...)
1 141.226.224.48 200478 (TABOOLA-AS)
2 2620:100:a001... 19750 (AS-CRITEO)
1 2606:4700::68... 13335 (CLOUDFLAR...)
16 2620:100:a001::4 19750 (AS-CRITEO)
2 34.246.241.162 16509 (AMAZON-02)
1 1 2606:4700::68... 13335 (CLOUDFLAR...)
1 1 52.200.202.57 14618 (AMAZON-AES)
2 44.216.72.86 14618 (AMAZON-AES)
4 4 54.175.73.148 14618 (AMAZON-AES)
1 1 23.21.221.118 14618 (AMAZON-AES)
1 2 54.156.29.217 14618 (AMAZON-AES)
2 74.119.119.147 19750 (AS-CRITEO)
1 202.233.84.1 131957 (MICROAD M...)
2 3 2a02:6b8::90 208722 (GLOBAL_DC)
1 1 35.190.90.30 15169 (GOOGLE)
1 2600:1f18:ed:... 14618 (AMAZON-AES)
1 108.138.128.21 16509 (AMAZON-02)
1 34.96.105.8 396982 (GOOGLE-CL...)
1 1 54.82.254.5 14618 (AMAZON-AES)
1 1 31.220.27.134 39572 (ADVANCEDH...)
1 1 52.45.175.185 14618 (AMAZON-AES)
4 2620:100:a001... 19750 (AS-CRITEO)
1 34.107.148.139 396982 (GOOGLE-CL...)
1 34.236.83.94 14618 (AMAZON-AES)
3 74.119.119.139 19750 (AS-CRITEO)
1 1 52.7.24.177 14618 (AMAZON-AES)
1 2606:4700:303... 13335 (CLOUDFLAR...)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
5 2607:f8b0:400... 15169 (GOOGLE)
1 34.120.23.223 396982 (GOOGLE-CL...)
2 2 216.200.232.253 30419 (MEDIAMATH...)
1 141.95.98.64 16276 (OVH)
7 2607:f8b0:400... 15169 (GOOGLE)
1 192.0.72.25 2635 (AUTOMATTIC)
2 2620:100:a001::3 19750 (AS-CRITEO)
1 2607:f8b0:400... 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
851 136
Apex Domain
Subdomains
Transfer
112 googlesyndication.com
f9aff9bef49e1270a22b691c950b742a.safeframe.googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 125
tpc.googlesyndication.com — Cisco Umbrella Rank: 163
185 KB
84 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 228
cm.g.doubleclick.net — Cisco Umbrella Rank: 261
pubads.g.doubleclick.net — Cisco Umbrella Rank: 402
googleads.g.doubleclick.net — Cisco Umbrella Rank: 55
292 KB
64 itsallinanutshell.com
cdn-0.itsallinanutshell.com
itsallinanutshell.com
1 MB
58 pubmatic.com
ads.pubmatic.com — Cisco Umbrella Rank: 651
ow.pubmatic.com — Cisco Umbrella Rank: 2503
t.pubmatic.com — Cisco Umbrella Rank: 3133
image6.pubmatic.com — Cisco Umbrella Rank: 989
image2.pubmatic.com — Cisco Umbrella Rank: 1137
simage2.pubmatic.com — Cisco Umbrella Rank: 982
image4.pubmatic.com — Cisco Umbrella Rank: 1409
simage4.pubmatic.com — Cisco Umbrella Rank: 1434
259 KB
44 33across.com
lexicon.33across.com — Cisco Umbrella Rank: 2124
ssc-cms.33across.com — Cisco Umbrella Rank: 1272
events-ssc.33across.com — Cisco Umbrella Rank: 2672
pixel.33across.com — Cisco Umbrella Rank: 4686
cms-xch-chicago.33across.com — Cisco Umbrella Rank: 6756
16 KB
40 rubiconproject.com
secure-assets.rubiconproject.com — Cisco Umbrella Rank: 1248
eus.rubiconproject.com — Cisco Umbrella Rank: 737
token.rubiconproject.com — Cisco Umbrella Rank: 748
pixel-us-east.rubiconproject.com — Cisco Umbrella Rank: 1308
pixel.rubiconproject.com — Cisco Umbrella Rank: 388
96 KB
34 gumgum.com
rtb.gumgum.com — Cisco Umbrella Rank: 1791
usersync.gumgum.com — Cisco Umbrella Rank: 2073
10 KB
33 openx.net
rtb.openx.net — Cisco Umbrella Rank: 990
us-u.openx.net — Cisco Umbrella Rank: 605
u.openx.net — Cisco Umbrella Rank: 935
eu-u.openx.net — Cisco Umbrella Rank: 2874
automattic-d.openx.net — Cisco Umbrella Rank: 119724
5 KB
31 pubmine.com
s.pubmine.com — Cisco Umbrella Rank: 15908
c0.pubmine.com — Cisco Umbrella Rank: 41272
209 KB
28 yahoo.com
ups.analytics.yahoo.com — Cisco Umbrella Rank: 356
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 545
cms.analytics.yahoo.com — Cisco Umbrella Rank: 1650
c2shb.ssp.yahoo.com — Cisco Umbrella Rank: 2136
12 KB
26 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 372
11 KB
23 casalemedia.com
ssum.casalemedia.com — Cisco Umbrella Rank: 1560
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 564
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 760
r.casalemedia.com — Cisco Umbrella Rank: 1756
dsum.casalemedia.com — Cisco Umbrella Rank: 1784
20 KB
23 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 275
secure.adnxs.com — Cisco Umbrella Rank: 542
acdn.adnxs.com — Cisco Umbrella Rank: 703
18 KB
22 e-planning.net
ads.us.e-planning.net — Cisco Umbrella Rank: 2684
u-iad04.e-planning.net — Cisco Umbrella Rank: 7718
s.e-planning.net — Cisco Umbrella Rank: 6738
sync.e-planning.net — Cisco Umbrella Rank: 5313
i.e-planning.net — Cisco Umbrella Rank: 5827
6 KB
22 gstatic.com
www.gstatic.com
fonts.gstatic.com
csi.gstatic.com
1 MB
20 criteo.net
static.criteo.net — Cisco Umbrella Rank: 710
csm.us.criteo.net — Cisco Umbrella Rank: 2981
205 KB
20 criteo.com
dis.criteo.com — Cisco Umbrella Rank: 745
bidder.criteo.com — Cisco Umbrella Rank: 885
gum.criteo.com — Cisco Umbrella Rank: 442
ads.us.criteo.com — Cisco Umbrella Rank: 2887
cat.va.us.criteo.com — Cisco Umbrella Rank: 2999
mug.criteo.com — Cisco Umbrella Rank: 2338
rtb.va.us.criteo.com — Cisco Umbrella Rank: 6243
52 KB
20 technoratimedia.com
sync.technoratimedia.com — Cisco Umbrella Rank: 1555
ad-cdn.technoratimedia.com — Cisco Umbrella Rank: 6759
uat-net.technoratimedia.com — Cisco Umbrella Rank: 3998
32 KB
20 3lift.com
eb2.3lift.com — Cisco Umbrella Rank: 437
10 KB
20 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 396
9 KB
20 google.com
www.google.com — Cisco Umbrella Rank: 3
adservice.google.com — Cisco Umbrella Rank: 126
67 KB
19 media.net
hbx.media.net — Cisco Umbrella Rank: 1405
contextual.media.net — Cisco Umbrella Rank: 764
cs.media.net — Cisco Umbrella Rank: 1735
prebid.media.net — Cisco Umbrella Rank: 1481
20 KB
18 sonobi.com
sync.go.sonobi.com — Cisco Umbrella Rank: 1195
14 KB
17 sharethrough.com
match.sharethrough.com — Cisco Umbrella Rank: 673
btlr.sharethrough.com — Cisco Umbrella Rank: 1352
7 KB
17 mailerlite.com
fonts.mailerlite.com — Cisco Umbrella Rank: 24527
assets.mailerlite.com — Cisco Umbrella Rank: 39487
groot.mailerlite.com — Cisco Umbrella Rank: 57712
220 KB
16 crwdcntrl.net
sync.crwdcntrl.net — Cisco Umbrella Rank: 1028
tags.crwdcntrl.net — Cisco Umbrella Rank: 1073
bcp.crwdcntrl.net — Cisco Umbrella Rank: 1036
id.crwdcntrl.net — Cisco Umbrella Rank: 2875
26 KB
15 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 984
8 KB
15 mlcdn.com
assets.mlcdn.com — Cisco Umbrella Rank: 24037
storage.mlcdn.com — Cisco Umbrella Rank: 59498
2 MB
14 dotomi.com
prebid-match.dotomi.com — Cisco Umbrella Rank: 2754
pubmatic-match.dotomi.com — Cisco Umbrella Rank: 4377
retargetly-match.dotomi.com — Cisco Umbrella Rank: 15894
33across-match.dotomi.com — Cisco Umbrella Rank: 4514
medianet-match.dotomi.com — Cisco Umbrella Rank: 13120
synacor-match.dotomi.com — Cisco Umbrella Rank: 7106
5 KB
13 retargetly.com
api.retargetly.com — Cisco Umbrella Rank: 5976
pdp-service.prd-00.retargetly.com — Cisco Umbrella Rank: 12181
app.retargetly.com — Cisco Umbrella Rank: 14180
9 KB
12 tapad.com
pixel.tapad.com — Cisco Umbrella Rank: 615
3 KB
11 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 702
8 KB
10 rlcdn.com
idsync.rlcdn.com — Cisco Umbrella Rank: 462
id.rlcdn.com — Cisco Umbrella Rank: 1004
1 KB
10 outbrain.com
sync.outbrain.com — Cisco Umbrella Rank: 928
3 KB
10 amazon-adsystem.com
s.amazon-adsystem.com — Cisco Umbrella Rank: 349
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 1142
7 KB
9 zemanta.com
b1sync.zemanta.com — Cisco Umbrella Rank: 667
6 KB
9 turn.com
ad.turn.com — Cisco Umbrella Rank: 1080
r.turn.com — Cisco Umbrella Rank: 4432
4 KB
9 bidr.io
match.prod.bidr.io — Cisco Umbrella Rank: 727
5 KB
9 sitescout.com
pixel.sitescout.com — Cisco Umbrella Rank: 4020
pixel-sync.sitescout.com — Cisco Umbrella Rank: 948
6 KB
9 smartadserver.com
ssbsync.smartadserver.com — Cisco Umbrella Rank: 1027
rtb-csync.smartadserver.com — Cisco Umbrella Rank: 817
sync.smartadserver.com — Cisco Umbrella Rank: 1577
ssbsync-global.smartadserver.com — Cisco Umbrella Rank: 1958
3 KB
8 bluekai.com
stags.bluekai.com — Cisco Umbrella Rank: 716
tags.bluekai.com — Cisco Umbrella Rank: 776
4 KB
8 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 976
4 KB
8 ezodn.com
go.ezodn.com — Cisco Umbrella Rank: 10379
g.ezodn.com — Cisco Umbrella Rank: 12604
bshr.ezodn.com — Cisco Umbrella Rank: 10946
207 KB
8 ezojs.com
www.ezojs.com — Cisco Umbrella Rank: 32791
332 KB
7 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 964
2 KB
6 w55c.net
pm.w55c.net — Cisco Umbrella Rank: 1136
i.w55c.net — Cisco Umbrella Rank: 2610
4 KB
6 yieldmo.com
ads.yieldmo.com — Cisco Umbrella Rank: 808
11 KB
6 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 73
imasdk.googleapis.com — Cisco Umbrella Rank: 600
356 KB
5 ampproject.org
cdn.ampproject.org — Cisco Umbrella Rank: 387
110 KB
5 liadm.com
i.liadm.com — Cisco Umbrella Rank: 770
i6.liadm.com — Cisco Umbrella Rank: 2424
3 KB
5 unrulymedia.com
sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1497
3 KB
5 smaato.net
s.ad.smaato.net — Cisco Umbrella Rank: 938
3 KB
5 id5-sync.com
id5-sync.com — Cisco Umbrella Rank: 440
6 KB
5 creativecdn.com
creativecdn.com — Cisco Umbrella Rank: 674
2 KB
5 360yield.com
ice.360yield.com — Cisco Umbrella Rank: 2600
ad.360yield.com — Cisco Umbrella Rank: 802
1 KB
5 rfihub.com
p.rfihub.com — Cisco Umbrella Rank: 1051
4 KB
5 contextweb.com
bh.contextweb.com — Cisco Umbrella Rank: 678
4 KB
5 adform.net
c1.adform.net — Cisco Umbrella Rank: 720
3 KB
4 mfadsrvr.com
rtb.mfadsrvr.com — Cisco Umbrella Rank: 1249
2 KB
4 admedo.com
pool.admedo.com — Cisco Umbrella Rank: 6360
1 KB
4 tynt.com
de.tynt.com — Cisco Umbrella Rank: 1898
ic.tynt.com — Cisco Umbrella Rank: 6713
9 KB
4 teads.tv
sync.teads.tv — Cisco Umbrella Rank: 1550
a.teads.tv — Cisco Umbrella Rank: 1640
at.teads.tv — Cisco Umbrella Rank: 4903
4 KB
4 ipredictive.com
sync.ipredictive.com — Cisco Umbrella Rank: 1183
2 KB
4 deepintent.com
match.deepintent.com — Cisco Umbrella Rank: 1219
1008 B
4 richaudience.com
sync.richaudience.com — Cisco Umbrella Rank: 2142
1 KB
4 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 1009
2 KB
4 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 62
21 KB
4 quantserve.com
secure.quantserve.com — Cisco Umbrella Rank: 1412
pixel.quantserve.com — Cisco Umbrella Rank: 1151
cms.quantserve.com — Cisco Umbrella Rank: 1015
10 KB
3 yandex.ru
an.yandex.ru — Cisco Umbrella Rank: 5264
977 B
3 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 240
3 KB
3 inmobi.com
sync.inmobi.com — Cisco Umbrella Rank: 1549
mweb.ck.inmobi.com — Cisco Umbrella Rank: 4816
2 KB
3 omnitagjs.com
hb-api.omnitagjs.com — Cisco Umbrella Rank: 4263
visitor.omnitagjs.com — Cisco Umbrella Rank: 1092
2 KB
3 mgid.com
cm.mgid.com — Cisco Umbrella Rank: 1491
864 B
3 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 421
1023 B
3 tribalfusion.com
a.tribalfusion.com — Cisco Umbrella Rank: 1025
s.tribalfusion.com — Cisco Umbrella Rank: 2306
1 KB
3 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 864
2 KB
3 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 225
169 KB
3 servenobid.com
ads.servenobid.com — Cisco Umbrella Rank: 2753
1 KB
3 paypalobjects.com
www.paypalobjects.com — Cisco Umbrella Rank: 2541
4 KB
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 76
216 KB
2 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 1279
1 KB
2 narrative.io
io.narrative.io — Cisco Umbrella Rank: 5282
643 B
2 rtactivate.com
bpi.rtactivate.com — Cisco Umbrella Rank: 1878
217 B
2 adswizz.com
synchroscript.deliveryengine.adswizz.com — Cisco Umbrella Rank: 3210
794 B
2 thrtle.com
thrtle.com — Cisco Umbrella Rank: 1501
683 B
2 intentiq.com
sync.intentiq.com — Cisco Umbrella Rank: 1270
sync1.intentiq.com — Cisco Umbrella Rank: 3216
2 KB
2 pro-market.net
fei.pro-market.net — Cisco Umbrella Rank: 2783
873 B
2 pswec.com
t.pswec.com — Cisco Umbrella Rank: 4572
1 KB
2 semasio.net
uipglob.semasio.net — Cisco Umbrella Rank: 1400
1 KB
2 4dex.io
script.4dex.io — Cisco Umbrella Rank: 1731
26 KB
2 socdm.com
tg.socdm.com — Cisco Umbrella Rank: 1218
2 KB
2 mxptint.net
pmp.mxptint.net — Cisco Umbrella Rank: 6718
967 B
2 creative-serving.com
ads.creative-serving.com — Cisco Umbrella Rank: 5515
1 KB
2 loopme.me
csync.loopme.me — Cisco Umbrella Rank: 1140
517 B
2 cognitivlabs.com
beacon.lynx.cognitivlabs.com — Cisco Umbrella Rank: 1880
841 B
2 adgrx.com
cm.adgrx.com — Cisco Umbrella Rank: 1649
1011 B
2 adentifi.com
rtb.adentifi.com — Cisco Umbrella Rank: 1495
69 B
2 admanmedia.com
sync.admanmedia.com — Cisco Umbrella Rank: 3539
cs.admanmedia.com — Cisco Umbrella Rank: 1168
1 KB
2 ezoic.net
g.ezoic.net — Cisco Umbrella Rank: 14952
43 KB
1 youtube.com
www.youtube.com — Cisco Umbrella Rank: 87
1 googlevideo.com
rr4---sn-ab5l6ndr.googlevideo.com — Cisco Umbrella Rank: 32386
1 wordpress.com
wordadsmediafiles.files.wordpress.com — Cisco Umbrella Rank: 66575
46 KB
1 eu-1-id5-sync.com
lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 1189
408 B
1 theweathernetwork.com
engagefront.theweathernetwork.com — Cisco Umbrella Rank: 3852
314 B
1 ad.gt
id.hadron.ad.gt — Cisco Umbrella Rank: 2320
315 B
1 a-mx.com
id.a-mx.com — Cisco Umbrella Rank: 2564
532 B
1 bluevoox.com
im.bluevoox.com — Cisco Umbrella Rank: 15670
517 B
1 uuidksinc.net
s.uuidksinc.net — Cisco Umbrella Rank: 11813
289 B
1 fksnk.com
fksnk.com — Cisco Umbrella Rank: 5105
610 B
1 blismedia.com
tr.blismedia.com — Cisco Umbrella Rank: 2445
174 B
1 agkn.com
aa.agkn.com — Cisco Umbrella Rank: 649
658 B
1 mookie1.com
odr.mookie1.com — Cisco Umbrella Rank: 1496
636 B
1 microad.jp
aid.send.microad.jp — Cisco Umbrella Rank: 7664
641 B
1 rkdms.com
mid.rkdms.com — Cisco Umbrella Rank: 2058
551 B
1 clickagy.com
aorta.clickagy.com — Cisco Umbrella Rank: 2484
652 B
1 media6degrees.com
idpix.media6degrees.com — Cisco Umbrella Rank: 2093
558 B
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 277
7 KB
1 taboola.com
sync.taboola.com — Cisco Umbrella Rank: 1173
230 B
1 aralego.com
sync.aralego.com — Cisco Umbrella Rank: 3451
426 B
1 bfmio.com
sync.bfmio.com — Cisco Umbrella Rank: 2009
425 B
1 kargo.com
crb.kargo.com — Cisco Umbrella Rank: 1866
359 B
1 truffle.bid
matching.truffle.bid — Cisco Umbrella Rank: 8584
1 iprom.net
core.iprom.net — Cisco Umbrella Rank: 7279
276 B
1 appier.net
gocm.c.appier.net — Cisco Umbrella Rank: 2822
434 B
1 ctnsnet.com
ipac.ctnsnet.com — Cisco Umbrella Rank: 6848
368 B
1 opera.com
t.adx.opera.com — Cisco Umbrella Rank: 1719
554 B
1 mobtrakk.com
sync-dmp.mobtrakk.com — Cisco Umbrella Rank: 2422
1 wp.com
pixel.wp.com — Cisco Umbrella Rank: 2793
126 B
1 advangelists.com
nep.advangelists.com — Cisco Umbrella Rank: 3583
184 B
1 pippio.com
pippio.com — Cisco Umbrella Rank: 1005
632 B
1 adkernel.com
sync.adkernel.com — Cisco Umbrella Rank: 1914
1 serverbid.com
e.serverbid.com — Cisco Umbrella Rank: 3665
375 B
1 videobyte.com
x.videobyte.com — Cisco Umbrella Rank: 4947
231 B
1 videowalldirect.com
cs.videowalldirect.com — Cisco Umbrella Rank: 10246
778 B
1 stickyadstv.com
ads.stickyadstv.com — Cisco Umbrella Rank: 677
609 B
1 script.ac
cadmus.script.ac — Cisco Umbrella Rank: 1928
435 B
1 cloudfront.net
d2skc0orvsqfj9.cloudfront.net
10 KB
1 bing.com
c.bing.com — Cisco Umbrella Rank: 279
688 B
1 antigena.com
us01.z.antigena.com — Cisco Umbrella Rank: 5912
1 acuityplatform.com
ums.acuityplatform.com — Cisco Umbrella Rank: 1490
674 B
1 mrtnsvr.com
ad.mrtnsvr.com — Cisco Umbrella Rank: 3654
308 B
1 company-target.com
s.company-target.com — Cisco Umbrella Rank: 1969
422 B
1 nextmillmedia.com
cookies.nextmillmedia.com — Cisco Umbrella Rank: 4053
189 B
1 krushmedia.com
cs.krushmedia.com — Cisco Umbrella Rank: 4681
599 B
1 disqus.com
ssp.disqus.com — Cisco Umbrella Rank: 1602
299 B
1 pangle-ads.com
analytics.pangle-ads.com — Cisco Umbrella Rank: 14427
859 B
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 374
1 KB
1 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 352
17 KB
1 quantcount.com
rules.quantcount.com — Cisco Umbrella Rank: 1302
634 B
1 paypal.com
www.paypal.com — Cisco Umbrella Rank: 2799
895 B
0 owneriq.net Failed
px.owneriq.net Failed
0 bnmla.com Failed
match.bnmla.com Failed
0 smrtb.com Failed
ssl-market-east.smrtb.com Failed
0 a-mo.net Failed
prebid.a-mo.net — Cisco Umbrella Rank: 1121 Failed
0 Failed
function sub() { [native code] }. Failed
851 155
Domain Requested by
89 pagead2.googlesyndication.com imasdk.googleapis.com
itsallinanutshell.com
securepubads.g.doubleclick.net
f9aff9bef49e1270a22b691c950b742a.safeframe.googlesyndication.com
tpc.googlesyndication.com
www.googletagservices.com
63 itsallinanutshell.com itsallinanutshell.com
www.ezojs.com
47 cm.g.doubleclick.net 21 redirects f9aff9bef49e1270a22b691c950b742a.safeframe.googlesyndication.com
rtb.gumgum.com
eb2.3lift.com
eus.rubiconproject.com
u.openx.net
ads.yieldmo.com
bcp.crwdcntrl.net
32 usersync.gumgum.com 2 redirects rtb.gumgum.com
eus.rubiconproject.com
ads.pubmatic.com
29 s.pubmine.com itsallinanutshell.com
c0.pubmine.com
ssum-sec.casalemedia.com
rtb.gumgum.com
de.tynt.com
ads.pubmatic.com
26 x.bidswitch.net 22 redirects eb2.3lift.com
c0.pubmine.com
ads.us.e-planning.net
25 us-u.openx.net 8 redirects u.openx.net
ads.pubmatic.com
ad-cdn.technoratimedia.com
us-u.openx.net
de.tynt.com
22 ssc-cms.33across.com 22 redirects
20 eb2.3lift.com 7 redirects ads.us.e-planning.net
ads.pubmatic.com
eb2.3lift.com
ad-cdn.technoratimedia.com
20 match.adsrvr.org 20 redirects
20 securepubads.g.doubleclick.net itsallinanutshell.com
securepubads.g.doubleclick.net
19 tpc.googlesyndication.com itsallinanutshell.com
f9aff9bef49e1270a22b691c950b742a.safeframe.googlesyndication.com
securepubads.g.doubleclick.net
tpc.googlesyndication.com
imasdk.googleapis.com
18 events-ssc.33across.com de.tynt.com
eus.rubiconproject.com
us-u.openx.net
ads.pubmatic.com
18 sync.go.sonobi.com 3 redirects c0.pubmine.com
sync.go.sonobi.com
16 static.criteo.net go.ezodn.com
ads.us.criteo.com
static.criteo.net
16 simage2.pubmatic.com 2 redirects ads.pubmatic.com
16 sync.technoratimedia.com 2 redirects contextual.media.net
us-u.openx.net
eb2.3lift.com
de.tynt.com
ads.pubmatic.com
16 eus.rubiconproject.com ads.us.e-planning.net
eus.rubiconproject.com
rtb.gumgum.com
c0.pubmine.com
de.tynt.com
contextual.media.net
ad-cdn.technoratimedia.com
15 contextual.media.net 2 redirects c0.pubmine.com
contextual.media.net
ads.pubmatic.com
eus.rubiconproject.com
15 ups.analytics.yahoo.com 13 redirects us-u.openx.net
go.ezodn.com
15 www.gstatic.com itsallinanutshell.com
f9aff9bef49e1270a22b691c950b742a.safeframe.googlesyndication.com
www.google.com
www.gstatic.com
15 onetag-sys.com 1 redirects ads.pubmatic.com
ads.us.e-planning.net
go.ezodn.com
ad-cdn.technoratimedia.com
13 dsum-sec.casalemedia.com 1 redirects ssum.casalemedia.com
ssum-sec.casalemedia.com
13 u-iad04.e-planning.net ads.us.e-planning.net
ssum.casalemedia.com
ads.pubmatic.com
13 ib.adnxs.com 11 redirects eb2.3lift.com
13 assets.mlcdn.com itsallinanutshell.com
assets.mailerlite.com
groot.mailerlite.com
12 btlr.sharethrough.com go.ezodn.com
12 pixel.tapad.com 6 redirects ads.pubmatic.com
api.retargetly.com
rtb.gumgum.com
us-u.openx.net
ads.yieldmo.com
12 www.google.com 1 redirects itsallinanutshell.com
www.gstatic.com
www.google.com
tpc.googlesyndication.com
f9aff9bef49e1270a22b691c950b742a.safeframe.googlesyndication.com
assets.mailerlite.com
12 ads.pubmatic.com itsallinanutshell.com
ads.us.e-planning.net
ads.pubmatic.com
rtb.gumgum.com
c0.pubmine.com
de.tynt.com
ad-cdn.technoratimedia.com
11 sync.1rx.io 11 redirects
10 pubads.g.doubleclick.net imasdk.googleapis.com
10 sync.outbrain.com 7 redirects rtb.gumgum.com
c0.pubmine.com
10 image2.pubmatic.com ads.pubmatic.com
10 pr-bh.ybp.yahoo.com 4 redirects ssum.casalemedia.com
ads.pubmatic.com
ssum-sec.casalemedia.com
u.openx.net
10 fonts.mailerlite.com assets.mlcdn.com
fonts.mailerlite.com
9 b1sync.zemanta.com 9 redirects
9 secure.adnxs.com 8 redirects acdn.adnxs.com
9 match.prod.bidr.io 9 redirects
9 s.amazon-adsystem.com 3 redirects ssum.casalemedia.com
ads.pubmatic.com
eus.rubiconproject.com
ssum-sec.casalemedia.com
u.openx.net
eb2.3lift.com
9 ow.pubmatic.com ads.pubmatic.com
ads.us.e-planning.net
onetag-sys.com
ssum-sec.casalemedia.com
8 adservice.google.com imasdk.googleapis.com
8 app.retargetly.com api.retargetly.com
8 pixel.rubiconproject.com 5 redirects eus.rubiconproject.com
8 ad.turn.com 8 redirects
8 sync.srv.stackadapt.com 6 redirects eb2.3lift.com
8 www.ezojs.com itsallinanutshell.com
www.ezojs.com
7 googleads.g.doubleclick.net itsallinanutshell.com
7 idsync.rlcdn.com 4 redirects rtb.gumgum.com
ads.us.e-planning.net
us-u.openx.net
7 sync-tm.everesttech.net 5 redirects ads.pubmatic.com
rtb.gumgum.com
7 pixel-sync.sitescout.com 7 redirects
7 image6.pubmatic.com 2 redirects ads.pubmatic.com
7 secure-assets.rubiconproject.com 7 redirects
7 sync.crwdcntrl.net 2 redirects ads.us.e-planning.net
bcp.crwdcntrl.net
6 assets.mailerlite.com itsallinanutshell.com
assets.mailerlite.com
www.ezojs.com
6 ads.yieldmo.com 1 redirects go.ezodn.com
ads.yieldmo.com
5 cdn.ampproject.org securepubads.g.doubleclick.net
5 gum.criteo.com 3 redirects static.criteo.net
5 csi.gstatic.com imasdk.googleapis.com
5 sync.targeting.unrulymedia.com 4 redirects
5 s.ad.smaato.net 5 redirects
5 id5-sync.com 2 redirects f9aff9bef49e1270a22b691c950b742a.safeframe.googlesyndication.com
go.ezodn.com
5 bcp.crwdcntrl.net api.retargetly.com
rtb.gumgum.com
ads.pubmatic.com
tags.crwdcntrl.net
5 stags.bluekai.com 4 redirects us-u.openx.net
5 creativecdn.com 5 redirects
5 p.rfihub.com 5 redirects
5 pm.w55c.net 5 redirects
5 dis.criteo.com 3 redirects ads.pubmatic.com
eb2.3lift.com
5 ssum-sec.casalemedia.com 2 redirects ssum.casalemedia.com
ads.pubmatic.com
c0.pubmine.com
5 token.rubiconproject.com 4 redirects eus.rubiconproject.com
5 match.sharethrough.com 1 redirects
5 bh.contextweb.com 5 redirects
5 c1.adform.net 5 redirects
5 go.ezodn.com itsallinanutshell.com
www.ezojs.com
4 csm.us.criteo.net ads.us.criteo.com
4 i.liadm.com 4 redirects
4 33across-match.dotomi.com 4 redirects
4 rtb.mfadsrvr.com 4 redirects
4 pool.admedo.com 4 redirects
4 sync.smartadserver.com 3 redirects api.retargetly.com
4 pixel-us-east.rubiconproject.com 4 redirects
4 ad.360yield.com 4 redirects
4 sync.ipredictive.com 4 redirects
4 match.deepintent.com 2 redirects ads.pubmatic.com
rtb.gumgum.com
4 api.retargetly.com 1 redirects s.e-planning.net
api.retargetly.com
4 sync.e-planning.net ads.us.e-planning.net
rtb.gumgum.com
eus.rubiconproject.com
eb2.3lift.com
4 sync.richaudience.com 3 redirects ads.us.e-planning.net
4 rtb.openx.net 3 redirects us-u.openx.net
4 um.simpli.fi 4 redirects
4 f9aff9bef49e1270a22b691c950b742a.safeframe.googlesyndication.com securepubads.g.doubleclick.net
4 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
3 mug.criteo.com
3 an.yandex.ru 2 redirects f9aff9bef49e1270a22b691c950b742a.safeframe.googlesyndication.com
3 uat-net.technoratimedia.com eus.rubiconproject.com
3 id.rlcdn.com 1 redirects contextual.media.net
us-u.openx.net
3 dpm.demdex.net 2 redirects sync.go.sonobi.com
3 de.tynt.com c0.pubmine.com
ad-cdn.technoratimedia.com
3 tags.bluekai.com 1 redirects sync.go.sonobi.com
bcp.crwdcntrl.net
3 cm.mgid.com 2 redirects api.retargetly.com
3 px.ads.linkedin.com eb2.3lift.com
eus.rubiconproject.com
sync.go.sonobi.com
3 tags.crwdcntrl.net s.e-planning.net
tags.crwdcntrl.net
3 ssbsync.smartadserver.com 3 redirects
3 ap.lijit.com 3 redirects
3 www.googletagservices.com itsallinanutshell.com
f9aff9bef49e1270a22b691c950b742a.safeframe.googlesyndication.com
3 ads.servenobid.com 3 redirects
3 imasdk.googleapis.com itsallinanutshell.com
imasdk.googleapis.com
3 www.paypalobjects.com itsallinanutshell.com
3 www.googletagmanager.com itsallinanutshell.com
www.googletagmanager.com
3 fonts.googleapis.com itsallinanutshell.com
f9aff9bef49e1270a22b691c950b742a.safeframe.googlesyndication.com
2 rtb.va.us.criteo.com
2 sync.mathtag.com 2 redirects
2 cat.va.us.criteo.com ads.us.criteo.com
2 io.narrative.io 1 redirects ads.us.e-planning.net
2 bpi.rtactivate.com ads.us.e-planning.net
us-u.openx.net
2 synchroscript.deliveryengine.adswizz.com rtb.gumgum.com
ads.pubmatic.com
2 storage.mlcdn.com assets.mailerlite.com
2 ads.us.criteo.com f9aff9bef49e1270a22b691c950b742a.safeframe.googlesyndication.com
2 synacor-match.dotomi.com 2 redirects
2 thrtle.com 1 redirects ads.pubmatic.com
2 fonts.gstatic.com www.google.com
2 fei.pro-market.net 2 redirects
2 cs.media.net contextual.media.net
2 medianet-match.dotomi.com 2 redirects
2 t.pswec.com 2 redirects
2 uipglob.semasio.net 1 redirects sync.go.sonobi.com
2 u.openx.net 1 redirects c0.pubmine.com
2 sync.inmobi.com 2 redirects
2 visitor.omnitagjs.com 2 redirects
2 c0.pubmine.com itsallinanutshell.com
c0.pubmine.com
2 simage4.pubmatic.com ads.pubmatic.com
2 dsum.casalemedia.com ssum-sec.casalemedia.com
2 script.4dex.io go.ezodn.com
www.ezojs.com
2 lexicon.33across.com 1 redirects
2 retargetly-match.dotomi.com 2 redirects
2 sync.teads.tv api.retargetly.com
c0.pubmine.com
2 cms.analytics.yahoo.com 2 redirects
2 tg.socdm.com 2 redirects
2 pmp.mxptint.net 1 redirects ads.pubmatic.com
2 ads.creative-serving.com 2 redirects
2 pubmatic-match.dotomi.com 2 redirects
2 csync.loopme.me 2 redirects
2 a.tribalfusion.com 1 redirects f9aff9bef49e1270a22b691c950b742a.safeframe.googlesyndication.com
2 beacon.lynx.cognitivlabs.com 1 redirects ads.pubmatic.com
2 cms.quantserve.com 2 redirects
2 cm.adgrx.com 2 redirects
2 rtb.adentifi.com ssum.casalemedia.com
ads.pubmatic.com
2 rtb.gumgum.com ads.us.e-planning.net
c0.pubmine.com
2 ssum.casalemedia.com 1 redirects ads.us.e-planning.net
2 prebid-match.dotomi.com 2 redirects
2 s.e-planning.net ads.us.e-planning.net
2 pixel.sitescout.com 2 redirects
2 ads.us.e-planning.net 1 redirects ads.pubmatic.com
2 bshr.ezodn.com www.ezojs.com
2 g.ezoic.net itsallinanutshell.com
1 www.youtube.com
1 rr4---sn-ab5l6ndr.googlevideo.com
1 wordadsmediafiles.files.wordpress.com itsallinanutshell.com
1 lb.eu-1-id5-sync.com go.ezodn.com
1 engagefront.theweathernetwork.com
1 id.crwdcntrl.net go.ezodn.com
1 id.hadron.ad.gt go.ezodn.com
1 id.a-mx.com go.ezodn.com
1 i.w55c.net 1 redirects
1 automattic-d.openx.net c0.pubmine.com
1 c2shb.ssp.yahoo.com c0.pubmine.com
1 prebid.media.net c0.pubmine.com
1 im.bluevoox.com 1 redirects
1 s.uuidksinc.net 1 redirects
1 fksnk.com 1 redirects
1 tr.blismedia.com f9aff9bef49e1270a22b691c950b742a.safeframe.googlesyndication.com
1 aa.agkn.com us-u.openx.net
1 i6.liadm.com us-u.openx.net
1 odr.mookie1.com 1 redirects
1 eu-u.openx.net us-u.openx.net
1 aid.send.microad.jp f9aff9bef49e1270a22b691c950b742a.safeframe.googlesyndication.com
1 r.turn.com f9aff9bef49e1270a22b691c950b742a.safeframe.googlesyndication.com
1 cms-xch-chicago.33across.com de.tynt.com
1 mid.rkdms.com 1 redirects
1 aorta.clickagy.com 1 redirects
1 idpix.media6degrees.com 1 redirects
1 groot.mailerlite.com assets.mailerlite.com
1 cdnjs.cloudflare.com assets.mailerlite.com
1 sync.taboola.com
1 sync.aralego.com 1 redirects
1 pixel.33across.com 1 redirects
1 at.teads.tv www.ezojs.com
1 sync.bfmio.com ads.pubmatic.com
1 crb.kargo.com ads.pubmatic.com
1 matching.truffle.bid ads.pubmatic.com
1 core.iprom.net ads.pubmatic.com
1 mweb.ck.inmobi.com 1 redirects
1 gocm.c.appier.net 1 redirects
1 ipac.ctnsnet.com ads.pubmatic.com
1 t.adx.opera.com 1 redirects
1 sync1.intentiq.com contextual.media.net
1 sync.intentiq.com 1 redirects
1 sync-dmp.mobtrakk.com contextual.media.net
1 pixel.wp.com
1 nep.advangelists.com 1 redirects
1 pippio.com 1 redirects
1 sync.adkernel.com sync.go.sonobi.com
1 e.serverbid.com 1 redirects
1 x.videobyte.com 1 redirects
1 acdn.adnxs.com c0.pubmine.com
1 cs.videowalldirect.com 1 redirects
1 ic.tynt.com 1 redirects
1 ad-cdn.technoratimedia.com c0.pubmine.com
1 ssbsync-global.smartadserver.com 1 redirects
1 a.teads.tv c0.pubmine.com
1 ads.stickyadstv.com ssum-sec.casalemedia.com
1 cadmus.script.ac script.4dex.io
1 bidder.criteo.com go.ezodn.com
1 hb-api.omnitagjs.com go.ezodn.com
1 pdp-service.prd-00.retargetly.com d2skc0orvsqfj9.cloudfront.net
1 aax-eu.amazon-adsystem.com eus.rubiconproject.com
1 d2skc0orvsqfj9.cloudfront.net api.retargetly.com
1 c.bing.com eb2.3lift.com
1 cs.admanmedia.com 1 redirects
1 ice.360yield.com 1 redirects
1 image4.pubmatic.com ads.pubmatic.com
1 us01.z.antigena.com ads.pubmatic.com
1 s.tribalfusion.com ads.pubmatic.com
1 ums.acuityplatform.com 1 redirects
1 ad.mrtnsvr.com 1 redirects
1 rtb-csync.smartadserver.com 1 redirects
1 r.casalemedia.com ssum.casalemedia.com
1 s.company-target.com 1 redirects
1 i.e-planning.net ads.us.e-planning.net
1 cookies.nextmillmedia.com 1 redirects
1 cs.krushmedia.com 1 redirects
1 ssp.disqus.com 1 redirects
1 sync.admanmedia.com 1 redirects
1 analytics.pangle-ads.com 1 redirects
1 t.pubmatic.com ads.pubmatic.com
1 hbx.media.net 1 redirects
1 cdn.jsdelivr.net ads.pubmatic.com
1 s0.2mdn.net imasdk.googleapis.com
1 pixel.quantserve.com itsallinanutshell.com
1 rules.quantcount.com secure.quantserve.com
1 www.paypal.com 1 redirects
1 secure.quantserve.com www.ezojs.com
1 g.ezodn.com itsallinanutshell.com
1 cdn-0.itsallinanutshell.com 1 redirects
0 px.owneriq.net Failed ads.pubmatic.com
0 match.bnmla.com Failed sync.go.sonobi.com
0 ssl-market-east.smrtb.com Failed sync.go.sonobi.com
0 prebid.a-mo.net Failed
0 Failed itsallinanutshell.com
851 248
Subject Issuer Validity Valid
itsallinanutshell.com
R3
2023-08-11 -
2023-11-09
3 months crt.sh
www.ezojs.com
GTS CA 1P5
2023-07-13 -
2023-10-11
3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3
2023-07-31 -
2023-10-23
3 months crt.sh
ezodn.com
E1
2023-07-02 -
2023-09-30
3 months crt.sh
upload.video.google.com
GTS CA 1C3
2023-07-31 -
2023-10-23
3 months crt.sh
*.google-analytics.com
GTS CA 1C3
2023-07-31 -
2023-10-23
3 months crt.sh
ezoic.net
R3
2023-07-19 -
2023-10-17
3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2023-04-30 -
2024-04-29
a year crt.sh
www.paypalobjects.com
DigiCert SHA2 Extended Validation Server CA
2022-10-13 -
2023-11-13
a year crt.sh
mailerlite.com
Cloudflare Inc ECC CA-3
2023-05-30 -
2024-05-29
a year crt.sh
*.quantserve.com
DigiCert TLS RSA SHA256 2020 CA1
2022-08-09 -
2023-09-09
a year crt.sh
quantserve.com
R3
2023-08-12 -
2023-11-10
3 months crt.sh
*.pubmatic.com
DigiCert TLS RSA SHA256 2020 CA1
2023-01-25 -
2024-01-24
a year crt.sh
*.doubleclick.net
GTS CA 1C3
2023-07-31 -
2023-10-23
3 months crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2022 Q4
2022-12-23 -
2024-01-24
a year crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2022-12-28 -
2024-01-28
a year crt.sh
www.google.com
GTS CA 1C3
2023-07-31 -
2023-10-23
3 months crt.sh
*.gstatic.com
GTS CA 1C3
2023-07-31 -
2023-10-23
3 months crt.sh
ads.us.e-planning.net
R3
2023-07-14 -
2023-10-12
3 months crt.sh
*.e-planning.net
R3
2023-07-14 -
2023-10-12
3 months crt.sh
*.rubiconproject.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2023-03-07 -
2024-04-03
a year crt.sh
casalemedia.com
Go Daddy Secure Certificate Authority - G2
2022-12-13 -
2024-01-13
a year crt.sh
i.e-planning.net
Sectigo RSA Domain Validation Secure Server CA
2023-01-09 -
2024-02-09
a year crt.sh
*.retargetly.com
Sectigo RSA Domain Validation Secure Server CA
2022-11-30 -
2023-12-23
a year crt.sh
*.crwdcntrl.net
Amazon RSA 2048 M01
2022-11-07 -
2023-12-06
a year crt.sh
gumgum.com
Amazon RSA 2048 M02
2023-06-07 -
2024-07-06
a year crt.sh
*.3lift.com
Amazon RSA 2048 M02
2023-04-13 -
2024-05-11
a year crt.sh
adentifi.com
Amazon RSA 2048 M01
2023-07-06 -
2024-08-03
a year crt.sh
s.amazon-adsystem.com
Amazon RSA 2048 M01
2023-03-03 -
2024-02-19
a year crt.sh
*.everesttech.net
GlobalSign Atlas R3 DV TLS CA 2023 Q3
2023-08-11 -
2024-09-11
a year crt.sh
*.deepintent.com
Go Daddy Secure Certificate Authority - G2
2022-11-30 -
2024-01-01
a year crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-07-19 -
2023-10-18
3 months crt.sh
beacon.lynx.cognitivlabs.com
Amazon RSA 2048 M02
2023-03-31 -
2024-04-28
a year crt.sh
*.z.antigena.com
Sectigo ECC Domain Validation Secure Server CA
2023-04-03 -
2024-04-02
a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA
2023-04-04 -
2023-09-27
6 months crt.sh
*.ad-server.k8s.ggops.com
Amazon RSA 2048 M01
2023-02-28 -
2024-02-09
a year crt.sh
www.linkedin.com
DigiCert SHA2 Secure Server CA
2023-06-02 -
2023-12-02
6 months crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA
2023-03-23 -
2024-03-23
a year crt.sh
www.bing.com
Microsoft Azure TLS Issuing CA 05
2023-07-26 -
2024-01-22
6 months crt.sh
*.cloudfront.net
Amazon RSA 2048 M01
2022-12-08 -
2023-12-07
a year crt.sh
aax-eu.amazon-adsystem.com
Amazon RSA 2048 M01
2023-06-21 -
2024-03-02
8 months crt.sh
*.prd-00.retargetly.com
Amazon RSA 2048 M02
2022-11-25 -
2023-12-24
a year crt.sh
teads.tv
R3
2023-06-26 -
2023-09-24
3 months crt.sh
script.4dex.io
Cloudflare Inc ECC CA-3
2022-11-23 -
2023-11-22
a year crt.sh
*.sharethrough.com
DigiCert Global G3 TLS ECC SHA384 2020 CA1
2023-08-02 -
2024-08-13
a year crt.sh
omnitagjs.com
Sectigo RSA Domain Validation Secure Server CA
2023-06-23 -
2024-07-22
a year crt.sh
*.yieldmo.com
Amazon RSA 2048 M01
2023-08-14 -
2024-09-12
a year crt.sh
script.ac
E1
2023-07-05 -
2023-10-03
3 months crt.sh
s.pubmine.com
Sectigo RSA Domain Validation Secure Server CA
2022-10-06 -
2023-10-06
a year crt.sh
*.ads.stickyadstv.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-04-19 -
2024-05-19
a year crt.sh
*.google.com
GTS CA 1C3
2023-07-31 -
2023-10-23
3 months crt.sh
c0.pubmine.com
Sectigo RSA Domain Validation Secure Server CA
2023-04-04 -
2024-05-04
a year crt.sh
*.go.sonobi.com
Go Daddy Secure Certificate Authority - G2
2022-12-06 -
2024-01-07
a year crt.sh
*.tynt.com
Sectigo RSA Domain Validation Secure Server CA
2022-09-07 -
2023-09-30
a year crt.sh
*.technoratimedia.com
DigiCert TLS RSA SHA256 2020 CA1
2022-09-15 -
2023-09-15
a year crt.sh
*.outbrain.com
Thawte RSA CA 2018
2022-11-06 -
2023-11-28
a year crt.sh
cdn.adnxs.com
GeoTrust TLS RSA CA G1
2023-03-27 -
2024-04-26
a year crt.sh
*.media.net
DigiCert TLS RSA SHA256 2020 CA1
2023-02-10 -
2024-02-18
a year crt.sh
*.openx.net
GeoTrust RSA CA 2018
2022-07-21 -
2023-08-21
a year crt.sh
*.adkernel.com
AlphaSSL CA - SHA256 - G4
2023-01-03 -
2024-02-04
a year crt.sh
odc-pixel-prod-01.oracle.com
DigiCert TLS RSA SHA256 2020 CA1
2023-02-07 -
2024-02-08
a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018
2023-02-13 -
2024-03-15
a year crt.sh
*.wp.com
Sectigo ECC Domain Validation Secure Server CA
2022-11-14 -
2023-12-15
a year crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA
2023-02-02 -
2024-03-03
a year crt.sh
*.ctnsnet.com
DigiCert TLS RSA SHA256 2020 CA1
2023-01-04 -
2023-11-06
10 months crt.sh
*.iprom.net
R3
2023-08-16 -
2023-11-14
3 months crt.sh
truffle.bid
R3
2023-08-10 -
2023-11-08
3 months crt.sh
*.prod.use1.green.ops.kargo.com
Amazon RSA 2048 M01
2022-11-10 -
2023-12-09
a year crt.sh
*.bfmio.com
Amazon RSA 2048 M02
2023-03-17 -
2024-04-14
a year crt.sh
*.taboola.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2022-12-08 -
2023-12-31
a year crt.sh
*.us.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-06-27 -
2023-09-23
3 months crt.sh
*.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-08-05 -
2023-10-31
3 months crt.sh
*.deliveryengine.adswizz.com
Amazon RSA 2048 M02
2023-02-09 -
2024-02-13
a year crt.sh
*.tapad.com
DigiCert TLS RSA SHA256 2020 CA1
2022-09-14 -
2023-10-15
a year crt.sh
ups.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA
2023-08-03 -
2024-01-24
6 months crt.sh
*.srv.stackadapt.com
Amazon RSA 2048 M02
2023-02-27 -
2023-11-07
8 months crt.sh
rtactivate.com
Amazon RSA 2048 M01
2023-03-14 -
2024-04-11
a year crt.sh
*.va.us.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-07-11 -
2023-10-13
3 months crt.sh
*.send.microad.jp
GlobalSign RSA OV SSL CA 2018
2022-10-05 -
2023-11-06
a year crt.sh
events-ssc.33across.com
GTS CA 1D4
2023-07-02 -
2023-09-30
3 months crt.sh
*.agkn.com
RapidSSL Global TLS RSA4096 SHA256 2022 CA1
2022-09-06 -
2023-09-21
a year crt.sh
tr.blismedia.com
GTS CA 1D4
2023-08-07 -
2023-11-05
3 months crt.sh
*.us.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-08-09 -
2023-11-07
3 months crt.sh
prebid.media.net
GTS CA 1D4
2023-07-05 -
2023-10-03
3 months crt.sh
web.ssp.yahoo.com
DigiCert SHA2 High Assurance Server CA
2023-05-23 -
2023-11-15
6 months crt.sh
a-mx.com
E1
2023-06-29 -
2023-09-27
3 months crt.sh
*.id5-sync.com
R3
2023-07-04 -
2023-10-02
3 months crt.sh
misc-sni.google.com
GTS CA 1C3
2023-07-31 -
2023-10-23
3 months crt.sh
engagefront.theweathernetwork.com
GTS CA 1D4
2023-06-23 -
2023-09-21
3 months crt.sh
*.eu-1-id5-sync.com
R3
2023-07-04 -
2023-10-02
3 months crt.sh
*.files.wordpress.com
Sectigo ECC Domain Validation Secure Server CA
2022-11-23 -
2023-12-24
a year crt.sh
*.c.docs.google.com
GTS CA 1C3
2023-08-01 -
2023-10-10
2 months crt.sh

This page contains 136 frames:

Primary Page: https://itsallinanutshell.com/
Frame ID: 91A611D47E2A4D90D4E2E92A0B5707D6
Requests: 219 HTTP requests in this frame

Frame: https://f9aff9bef49e1270a22b691c950b742a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: E0E81CB75B8B8775643CEC60D95722A0
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.585.0_en.html
Frame ID: DAC56F22D2ED99E212939904281AA528
Requests: 99 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 888AC3B2945897A48911520821BE4F5A
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1692318416625
Frame ID: 5B5C826A97BDA61F1F372C766C7A98C3
Requests: 1 HTTP requests in this frame

Frame: https://f9aff9bef49e1270a22b691c950b742a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 9772F744935DB7958DFBD07F9FB00167
Requests: 5 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500%7CGoogle%20Sans%20Display%3A400
Frame ID: 6F271BCB01C66FD0FE25D2E6F6198EF8
Requests: 8 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 0DC33F5616BA47ABAB18BB30D98E42E2
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/-jd_BcJ2_muHebna6aM-t4BwAJqN83NnF3hDm83RPZ4.js
Frame ID: 08BED26BBA53553A0651D311BABBC0B6
Requests: 1 HTTP requests in this frame

Frame: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fow.pubmatic.com%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID
Frame ID: 53E10D95F61267A4F8E704EB831623C7
Requests: 21 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&p=eplanning_east&endpoint=us-east
Frame ID: A0BE13204719A567B36DE1843C830FAE
Requests: 12 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D2dc5d7ef17b42550%26uid%3D
Frame ID: EC99D59B7C28DD1E8A528CE27D36DA98
Requests: 26 HTTP requests in this frame

Frame: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D2dc5d7ef17b42550%26uid%3D&s=190243&C=1
Frame ID: 111C7110A80D189000909F2529E78410
Requests: 10 HTTP requests in this frame

Frame: https://i.e-planning.net/esb/4/1/3fb8/2c3914c3ca0f7642/navegg_2022_01_br.html
Frame ID: 106A20EAC59E8DFA26EA3EA31512AFE2
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=5927d926323dc2c
Frame ID: 173467015936B9CC2E4C697BBBA64BE5
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D2dc5d7ef17b42550%26uid%3D
Frame ID: 8F09654CA5692B70902D532A282850C8
Requests: 14 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?redir=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fuid%3D%24UID%26dc%3D4d76b6ce34af74c9%26iss%3D1&ld=1
Frame ID: 6409A496C1D1456B6D4E90E5C48A10CD
Requests: 12 HTTP requests in this frame

Frame: https://ow.pubmatic.com/setuid?bidder=eplanning&gdpr=&gdpr_consent=&gpp=&gpp_sid=&f=b&uid=ADnf5OZ4iiILhfdK
Frame ID: 3AF0698EBF390CB649700E7F51BFC1BE
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/dcm?pid=3b882453-6770-4785-baf8-a598533c054a&id=2A9490F3-08AC-45EE-95C7-6A357A3D2EFD&redir=true&gdpr=0&gdpr_consent=&dcc=t
Frame ID: 28EA8B853808ED90DF5D1E0BE42015B2
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AABOFk7JvXYAACqoHL5WIg&gdpr=0&gdpr_consent=
Frame ID: 1B6D1267103D13E420330890B5700F84
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4664318827337647392&gdpr=0&gdpr_consent=
Frame ID: 71CF8088318B43B9F71AF82ACDCB3298
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=f1351930-3d5d-11ee-8703-719c24424d7a
Frame ID: 536E228E47D1D20F0279793394A8C9B4
Requests: 1 HTTP requests in this frame

Frame: https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZN660gAJaLisYgAb
Frame ID: A512D7D5C8CF41A9960084AA6D73AD8D
Requests: 1 HTTP requests in this frame

Frame: https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent=
Frame ID: 94C78ADD99043FD58AD68BC320C78B7B
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=gIxBK9TZRiibjkEshNwIf4SIQyybiUZ5hN6vObuc
Frame ID: 93F87EE25406615C389B6B84985D3B96
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: 6C000084F6FEAF4D34EF61C578A5E573
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=9Son5ZY7UStD4HYH8estYmAJ-SY&gdpr=0&gdpr_consent=
Frame ID: 4EA1C4BF0A009A9CC53560DB8907DF59
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:ISyfZg9D1QwNkm5&gdpr=0&gdpr_consent=
Frame ID: ED3C2754E458B255E13AAAA4F6CEFEF3
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=970033166257797130
Frame ID: 3517853DEA5991E1CFB0FAD0DC5FDDE8
Requests: 1 HTTP requests in this frame

Frame: https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=2A9490F3-08AC-45EE-95C7-6A357A3D2EFD
Frame ID: 66F5796C35F88D60E7CB32DBBEF6F863
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw&piggybackCookie=2A9490F3-08AC-45EE-95C7-6A357A3D2EFD&gdpr=0&gdpr_consent=
Frame ID: A918E42116C547AE399129088BB986AD
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=815211786820
Frame ID: CA7F1381B8C7D3FC759AAF3AD2AA56BD
Requests: 1 HTTP requests in this frame

Frame: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: 99FDBF0C74A6C4FF00F6903803E59BB1
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Frame ID: A45E5781B576DFD633C725796A4493CB
Requests: 1 HTTP requests in this frame

Frame: https://u-iad04.e-planning.net/um?dc=a208d9366469aa64&fi=2dc5d7ef17b42550&uid=2A9490F3-08AC-45EE-95C7-6A357A3D2EFD
Frame ID: 6FF788A5DE8B48A629ED3EFCD0E330C8
Requests: 1 HTTP requests in this frame

Frame: https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=&gdpr_consent=&_test=ZN660gAJWnP6lQAN
Frame ID: 81392D26810071C391B6D8EE95AAB38B
Requests: 1 HTTP requests in this frame

Frame: https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=dV84ODk1NThkNC03Y2Y4LTQzOTAtYjI1Ni05MjI1NDBhNGExYjg=&gdpr=&gdpr_consent=&google_redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dgdv
Frame ID: 93DAEE6C4990B1AF6292E11344396637
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Frame ID: 2CE988327B42C123DE86DECBDEDB705E
Requests: 6 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=ttd&i=0487fdef-dbcb-4472-91ea-091af86a64fb
Frame ID: 284BDECF6670EA4BEC2A7A870D694C9D
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=sus&i=ZN660sCo8X8AAGhoHEoAAAAA
Frame ID: C1DC0207A95432FE39F9CFA085AE45F9
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=aad&i=611477f1-2266-4456-bda3-55c0a8b20fc4
Frame ID: B2EFD834891F13F6F2846897D8CB9A70
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=rth&i=IQenns9db6STUgZpbm9c&pi=gumgum&tc=1
Frame ID: 59F475051DAB1E2B48C29FB891C0860B
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=gumgum
Frame ID: 00DC9658EB4927BB70A40483525E8CDE
Requests: 3 HTTP requests in this frame

Frame: https://api.retargetly.com/api?id=1473&src=0&url=https%3A%2F%2Fitsallinanutshell.com%2F&browserUrl=https%3A%2F%2Fads.us.e-planning.net%2Fuspd%2F1%2F%3Fct%3D1%26du%3Dhttps%253A%252F%252Fow.pubmatic.com%252Fsetuid%253Fbidder%253Deplanning%2526gdpr%253D%2526gdpr_consent%253D%2526gpp%253D%2526gpp_sid%253D%2526f%253Db%2526uid%253D%2524UID&ref=https%3A%2F%2Fads.us.e-planning.net%2Fuspd%2F1%2F%3Fct%3D1%26du%3Dhttps%253A%252F%252Fow.pubmatic.com%252Fsetuid%253Fbidder%253Deplanning%2526gdpr%253D%2526gdpr_consent%253D%2526gpp%253D%2526gpp_sid%253D%2526f%253Db%2526uid%253D%2524UID&utmz=&n=&md=&mk=&il=1&limit_drop=&userid=78336b01-a437-4a0a-bf26-d4ba6496aee6&fullVersionList=&platform=&_rlid=78336b01-a437-4a0a-bf26-d4ba6496aee6
Frame ID: 9D1DBCF6D3947B4F2B504CB27BD36C32
Requests: 15 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fow.pubmatic.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D
Frame ID: DFCD4C1D88DB20E52C596B23FFBAE27E
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?redir=https%3A%2F%2Fow.pubmatic.com%2Fsetuid%3Fbidder%3Donetag%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24%7BUSER_TOKEN%7D&gdpr=&gdpr_consent=&us_privacy=
Frame ID: 992DAE42E05BE9C5B030652B7C550C7F
Requests: 2 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?s=184674&gdpr=&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fow.pubmatic.com%2Fsetuid%3Fbidder%3Dix%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D
Frame ID: A862B704BD247BB729308FD25AFFA8B7
Requests: 10 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lf1KHQUAAAAAFNKEX1hdSWCS3mRMv4FlFaNslaD&co=aHR0cHM6Ly9pdHNhbGxpbmFudXRzaGVsbC5jb206NDQz&hl=en&v=3kTz7WGoZLQTivI-amNftGZO&size=normal&cb=5opp0zebz3
Frame ID: A585050565DCAA6DCC62FAD7AE0EB4A2
Requests: 8 HTTP requests in this frame

Frame: https://s.pubmine.com/match?bidder_id=13&external_user_id=2504e206-099c-4dfa-a5b0-f8c2c91d13ac&ssp_data=de349555-d0ff-4738-bf5a-71b2f3727eaa&rid=&us_privacy=&gdpr=0&gdpr_consent=
Frame ID: 99EA5C78BF76156C5FEB41BF76D36010
Requests: 1 HTTP requests in this frame

Frame: https://sync.go.sonobi.com/uc.html
Frame ID: C57D781B5DD344866D89EBBC2568080B
Requests: 22 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fs.pubmine.com%2Fmatch%3Fbidder_id%3D11%26ssp_data%3Dde349555-d0ff-4738-bf5a-71b2f3727eaa%26rid%3D%26us_privacy%3D%26gdpr%3D0%26gdpr_consent%3D%26external_user_id%3D
Frame ID: 1B9366F4EE0F93C7CA60DA9F03846D4C
Requests: 7 HTTP requests in this frame

Frame: https://s.pubmine.com/match?bidder_id=27&ssp_data=de349555-d0ff-4738-bf5a-71b2f3727eaa&external_user_id=y-.ErJdDtE2uH7svRzPOcQHA5F0cXGAfukULHRiSs-~A&gdpr=0
Frame ID: 1054119BEAAF5E051FBBDF45390D82B1
Requests: 1 HTTP requests in this frame

Frame: https://s.pubmine.com/match?bidder_id=23&ssp_data=de349555-d0ff-4738-bf5a-71b2f3727eaa&rid=&us_privacy=&gdpr=0&gdpr_consent=&external_user_id=8367935734482287302
Frame ID: 9B0BD546E8260AAC28F576C115AEA78B
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?s=197465&gdpr=0&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fs.pubmine.com%2Fmatch%3Fbidder_id%3D21%26ssp_data%3Dde349555-d0ff-4738-bf5a-71b2f3727eaa%26rid%3D%26us_privacy%3D%26gdpr%3D0%26gdpr_consent%3D%26external_user_id%3D
Frame ID: D5495716656F6EEC7F1F02BB18944C97
Requests: 10 HTTP requests in this frame

Frame: https://de.tynt.com/deb/?m=xch&rt=html&id=0010b00002CphGRAAZ&gdpr_consent=&ru=https%3A%2F%2Fs.pubmine.com%2Fmatch%3Fbidder_id%3D6%26external_user_id%3D33XUSERID33X%26ssp_data%3Dde349555-d0ff-4738-bf5a-71b2f3727eaa%26rid%3D%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D
Frame ID: FE038538EA5B7D3B52E162FD7A8E7F5B
Requests: 6 HTTP requests in this frame

Frame: https://ad-cdn.technoratimedia.com/html/usersync.html?cb=https%3A%2F%2Fs.pubmine.com%2Fmatch%3Fbidder_id%3D30%26ssp_data%3Dde349555-d0ff-4738-bf5a-71b2f3727eaa%26rid%3D%26us_privacy%3D%26gdpr%3D0%26gdpr_consent%3D%26external_user_id%3D%5BUSER_ID%5D
Frame ID: 73A641808AE7DE6400AE0D824C7BA96E
Requests: 15 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fs.pubmine.com%2Fmatch%3Fbidder_id%3D26%26ssp_data%3Dde349555-d0ff-4738-bf5a-71b2f3727eaa%26rid%3D%26us_privacy%3D%26gdpr%3D0%26gdpr_consent%3D%26external_user_id%3D
Frame ID: 1A760E3603CAF7F9936ED6A7B5A3A303
Requests: 1 HTTP requests in this frame

Frame: https://de.tynt.com/deb/?m=xch&rt=html&gdpr=0&gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fs.pubmine.com%2Fmatch%3Fbidder_id%3D24%26ssp_data%3Dde349555-d0ff-4738-bf5a-71b2f3727eaa%26rid%3D%26us_privacy%3D%26gdpr%3D0%26gdpr_consent%3D%26external_user_id%3D33XUSERID33X&id=zzz000000000002zzz
Frame ID: 95297CEE8DBB5830E8043AEE06ADBF3C
Requests: 6 HTTP requests in this frame

Frame: https://s.pubmine.com/match?bidder_id=22&ssp_data=de349555-d0ff-4738-bf5a-71b2f3727eaa&rid=&us_privacy=&gdpr=0&gdpr_consent=&external_user_id=c8d4ebd0d55f2f573486a807347b7e78
Frame ID: D6D00E0538EE1AD3F2C6435FF2CEC4AA
Requests: 1 HTTP requests in this frame

Frame: https://s.pubmine.com/match?bidder_id=20&ssp_data=de349555-d0ff-4738-bf5a-71b2f3727eaa&rid=&us_privacy=&gdpr=0&gdpr_consent=&external_user_id=ID5-e9d6zwcfQs6vtYtluw4wwRilNJYB_IBe8aTRkhw_Qg
Frame ID: CE334E791E46913B3B5CC0DC21568E89
Requests: 1 HTTP requests in this frame

Frame: https://s.pubmine.com/match?bidder_id=18&external_user_id=99a3228b-b5ec-4ed0-ab3b-c41988f8f0a6&ssp_data=de349555-d0ff-4738-bf5a-71b2f3727eaa&rid=&us_privacy=&gdpr=0&gdpr_consent=
Frame ID: D6811E82C0C98124AF8141F9C99D028E
Requests: 1 HTTP requests in this frame

Frame: https://sync.outbrain.com/cookie-sync?p=smaato&uid=bc5bc3dc17&gdpr=0&gdpr_consent=
Frame ID: 45194EC44DD3B1AEDD24A27ACC37E79F
Requests: 1 HTTP requests in this frame

Frame: https://s.pubmine.com/match?bidder_id=15&external_user_id=y-SYC.iEhE2uH.zN9Z1Vtb70Am3KGf9n9wU7kJkBg-~A&ssp_data=de349555-d0ff-4738-bf5a-71b2f3727eaa
Frame ID: CC1F264273EA4248F019A9B33FA52831
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usync/prbds2s?gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fs.pubmine.com%2Fmatch%3Fbidder_id%3D25%26ssp_data%3Dde349555-d0ff-4738-bf5a-71b2f3727eaa%26rid%3D%26us_privacy%3D%26gdpr%3D0%26gdpr_consent%3D%26external_user_id%3D
Frame ID: A4E9D1C086F418D4710663A97454EBB0
Requests: 11 HTTP requests in this frame

Frame: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Frame ID: A900CD661D3354CA72233B3E550B82EC
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156204&gdpr=0&gdpr_consent=
Frame ID: 431F1C1F71E3C81515EC630CABE49702
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 3821F779610423839E8AA2ECA5D56200
Requests: 2 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?cid=8CU8HDVRS&cs=13
Frame ID: C60CF1D96E43EB5D993200E3D404ACC8
Requests: 16 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd
Frame ID: 123CC5D9644028D726034491B00D556E
Requests: 7 HTTP requests in this frame

Frame: https://sync.teads.tv/iframe
Frame ID: 07640921F7AFDF8A00D86127C9094F1E
Requests: 1 HTTP requests in this frame

Frame: https://x.bidswitch.net/sync?dsp_id=119&user_id=970033166257797130&expires=30&ssp=themediagrid
Frame ID: F4C5932BE51BDA1EC806F98328665DF2
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=atm&i=ZN660gAJaLisYgAb&gdpr=0&gdpr_consent=
Frame ID: 49B7BEEA9D8E34CC7CAE08FA9833795D
Requests: 1 HTTP requests in this frame

Frame: https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=dV84ODk1NThkNC03Y2Y4LTQzOTAtYjI1Ni05MjI1NDBhNGExYjg=&gdpr=0&gdpr_consent=&google_redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dgdv
Frame ID: E69FEAFA212D6562324F1BDD8C443A47
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Frame ID: 5BDDA70273C4D7CC0BD9549AB60D6DE4
Requests: 6 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=ttd&i=0487fdef-dbcb-4472-91ea-091af86a64fb
Frame ID: F87C9FDBBC84F728AA213D81849D13CC
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=rth&i=IQenns9db6STUgZpbm9c&pi=gumgum
Frame ID: 0AD59F5204B7D3581D964ED7FB01C93C
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=gumgum
Frame ID: 05026A70339728C33EAD090AE13F97DB
Requests: 2 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
Frame ID: 30024681ADBA26BD3ABC4E4EB9041D0E
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?&p=156423&us_privacy=&predirect=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D25%26external_user_id%3D
Frame ID: 4D12365CF5A7D7F7CA7FC8C9175C3188
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=medianet
Frame ID: 89911361C6180559F20D3DFF59CB48C1
Requests: 3 HTTP requests in this frame

Frame: https://contextual.media.net/cksync.html?cs=13&vsid=3353200176634272000V10&type=rkt&refUrl=&vid=23184209383353200176634272000V10&ovsid=970033166257797130
Frame ID: AC6374F3410E3C3E5835F2C568BB072D
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
Frame ID: 0F22B3387C04158FE0E8D680D8A1DCCF
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?&p=156423&us_privacy=&predirect=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D25%26external_user_id%3D
Frame ID: 036E19FA613470AA61BD28E734B85196
Requests: 1 HTTP requests in this frame

Frame: https://assets.mailerlite.com/jsonp/450750/forms/r2AANV/content?v=1692317900
Frame ID: 11BE4344A50102069D6BA3252B608558
Requests: 22 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?piggybackCookie=OPU87e67693242d4262bc1cef6d7740e2c8&vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA%3D
Frame ID: D804BBC94F3EDF0FCCF2280ACADE06A7
Requests: 1 HTTP requests in this frame

Frame: https://contextual.media.net/cksync.php?cs=13&vsid=3353200176634272000V10&type=r1&refUrl=&vid=23184209383353200176634272000V10&ovsid=RX-0ec53a30-df5a-48f0-bcf0-e0134c0f42b3-005
Frame ID: 40DDE04BE2282EE3A455DC3FBB880636
Requests: 1 HTTP requests in this frame

Frame: https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Frame ID: CE0CA33357D38B604CD79D27FA9AEC96
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=x15wm7xKCpm-rhyn1breZA
Frame ID: 01BB494DF4AF00ABC1AF0A53B30300C3
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQzNSZ0bD00MzIwMA==&piggybackCookie=a0630e9e-019c-45a7-bfab-a4edc6e1e75b
Frame ID: 8368A3A515F6D519DABEE6DC4AF8B1C3
Requests: 1 HTTP requests in this frame

Frame: https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Frame ID: 95DF1A0D907FD72EF127CED4222B0908
Requests: 1 HTTP requests in this frame

Frame: https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID
Frame ID: 857BE38946EC22ACEA17A8D804B78EE5
Requests: 1 HTTP requests in this frame

Frame: https://px.owneriq.net/ecc?redir=https%3a%2f%2fsimage2.pubmatic.com%2fAdServer%2fPug%3fvcode%3dbz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw%26piggybackCookie%3dQ7456048311862328828&uid=Q7456048311862328828&ref=%2Fepm
Frame ID: 7571BEE1B332226F1C8C409FF38B1E6E
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:7ECD5403DF2A44CEA68AD742A23A3A42&gdpr=0&gdpr_consent=
Frame ID: C5CE6B1B393F11D4A568D1373C05A3C1
Requests: 1 HTTP requests in this frame

Frame: https://s.pubmine.com/match?bidder_id=11&ssp_data=de349555-d0ff-4738-bf5a-71b2f3727eaa&rid=&us_privacy=&gdpr=0&gdpr_consent=&external_user_id=2A9490F3-08AC-45EE-95C7-6A357A3D2EFD
Frame ID: 4B99D846126057E0444C20B8060C66C4
Requests: 1 HTTP requests in this frame

Frame: https://f9aff9bef49e1270a22b691c950b742a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: A9551AEAD5CC66916C05B60CC5E87679
Requests: 10 HTTP requests in this frame

Frame: https://f9aff9bef49e1270a22b691c950b742a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 0491587A5D1C3C2647FDC88D548108B1
Requests: 10 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=synacor_xapi&endpoint=us-east
Frame ID: 0DB5A0BCC77434012316FF2828A61296
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156344&userIdMacro=%24UID%24&predirect=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D45%26uid%3D%24UID%24
Frame ID: 7261629CAD2A18C07FD117F210888104
Requests: 1 HTTP requests in this frame

Frame: https://us-u.openx.net/w/1.0/cm?id=8da2f9dd-77de-4961-a71d-959c5609fdb1&ph=9c552f28-6766-4d68-8e0e-995276acc8c6&r=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D50%26uid%3D%7BOPENX_ID%7D
Frame ID: 4A1C71F6EF802F930A5BDD672EA8C7B8
Requests: 12 HTTP requests in this frame

Frame: https://de.tynt.com/deb/?m=xch&rt=html&id=0014000001aXjnGAAS&ru=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D61%26uid%3D33XUSERID33X
Frame ID: 832905E29D95674D90907F947E064DA8
Requests: 7 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=572a470226457b8
Frame ID: 7E37411F4F160897021B3460ADFB0E04
Requests: 1 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?redir=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D88%26uid%3D%24UID
Frame ID: D9D29E250A488E6E0BDFD4B628138077
Requests: 12 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 44CF23295D4B5957531E6863A0899264
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 1CB35C25F91DAC12A0BF50D5B08B9CE7
Requests: 2 HTTP requests in this frame

Frame: https://ads.us.criteo.com/delivery/r/afr.php?z=ZN661AAM2KMKcQcGAA7PGOjH8m904Lmu7T3c5g&u=%7CkJTEXR2E7n6H2vMt%2FbpcigZmNUYqrqcweD2ddrMHON4%3D%7C&c1=rrpYFVpNqCuoMy_CN5j4rxwPFZaGZeBOQ-EedF60xEliq5YP9z1apJap4arQkRalnRQaPAWFzRiIk9kJCWZFKyCGRd_c0B-JXhFAU475GBt8De_gNLdI-YTn0vdIVKRDv5cIbvKIbf1lTLWajec_wXooZ_1e1TlPu1p4zkZ0dHzwcJkJp4wt24E-SoASPe8085DwZGrHLKx7FjRrMhvgma9rqwJBriX7baTe39vKvj8cfT0m_5Jc2R7cvLvgew6g7TA3kr2d3-QlNsbirD9LLwpNYYabYSsIlvfywNviSR0ucUfdLV6I83ZFHfXj5Lti82N4kCza9icTTZQ-zsQS4N_wK2KVtv97vq5H9NMWkz8iVdPo4vv97F_3TuSbIMCQaZ978nLFSVu4Xt_Sxni7uKf_QP82ar-JBLC_IlKnqdFHTP5mq5_q0nhLEN1WEgYRg86kuI_FTEGit_-a1SMhpHJINjOPIB70_mWrd7UCqQNsamMpKH8FM9uFTWj6g8RQpmf2AsCXuj1G-QCSLQecAG1QdwdSdkr7hM-iiRCf9NUcM_vcjAF2IyCVpSGEJ_361UCMOVmk64sfH8rc9W0swyw0Jak29FTQ3im26v5m-45iG_-9YpkhxSsm_eJiQcjqfwxliU6cggFZoYOPmt8yL0z9pMfygojHxB1yfWdP1_4&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC-2Kb1LreZKOxM4aOxAOYnruoApyB77BcosqnqnTAjbcBEAEgAGDJ7o6LwKSMEIIBF2NhLXB1Yi01OTAyMDgzMjg1MzAyNzc5yAEJ4AIAqAMByAMCqgSXAk_QCvkI55bdIAMMppe0X3GLegMEx20iUszlOqNOOQSZBNSvm3CY4nnBz6hOoaBChzIJBU7uw2mT5pmhW1iJRDoxGICQlYM_AatcjbVWcCMVfFHnujKHr5TG6fAb-smBtAgMcKs0rYLX04f_Ud72MGZj2chAZxWQ1M6zVfH40L_K7oqIg8ReiESWTJzt13aPrRKF0sUi75t88oEPqQUR3EP5bg1yB2e47wWGf1uwUlqSk3XBzGVh2Hdp2G5NOQsebVsVs6QSTrBr72PrPPjCjO5pfX1FAphdTZ13Plxgpt68nY_p6-zmHe1IrE7x0Bya7YKT6kG76gCd_OiJNWGIlURpVVzsS20WBkRCUleuJQfPo9Iozy467uAEAYAGw9Szoo-Xu5jwAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBIIgGEQATICigI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3pfle1HgnHpw_VxIs4WptOZPnRdQ%26client%3Dca-pub-5902083285302779%26adurl%3D
Frame ID: 3B8641EA961C753444B6BDA0AD255E82
Requests: 11 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 0F8E0B3084494062F249C4D36C07500C
Requests: 9 HTTP requests in this frame

Frame: https://ads.us.criteo.com/delivery/r/afr.php?z=ZN661AAMluUIaAIQAAVVH3AX_h0Jm9RmMgBCJQ&u=%7CkJTEXR2E7n5Sm4KdTlExw3yuuKHAPgFlh07vpQYOmec%3D%7C&c1=TUPLs6ok1IhDgnvJmJgq2b8G6XvEBIvqi4VSciU_LzelNdNdJTtEK_lEZrcR-2V6vqRGFL537dByUwzXjpSA5Ow3obWN48gwzc8YHWzylIlVQ1fL1DisA3RLP01PKoZalfF8iieAiuL9Ti0zHMK4IE5WL2_AmODQ-JwWZ7ZgOkjq-055CZvSb-buq4UmwKu4lpb8IEjtBSpKDOxsb5bogUrIpkINSRZ1cfsEadBIfxyDMu-oW9hVlt4YG4LcRsWqoqVEWjh-66sgrS8W93gj_7v0mYTFb2m4XWu-_nBBI7NQ_g4P-lksRyLGB_8PpydolVXUE5uHi4jexAqXi96UKZQ6A4TYaPi4tZ6wYA3ICrp7u0QoUArNyjR1ya-o7AFULfMwUHXwSEVJCNRUprca2G6RBdGYLLx9IwHrrxB0GWEKWm2KkhghloL9oFxUdWLMfhA64RBYBqzF1EwCQdtxfkaNWl0Jz8-GLQCefP4yvd5x1K6cnpy0ORk-gPzzoWwSm3QcXihQ-jm-zw7lD-nukOYzsosOQ-ngsWYOr6HdL3TRs_DezygmschQmuZmp3JZlfYNRBVSR4Wn_wQx91ZLALfTrI9Rx9dOELpAV29GXFuNAOQkzW1t33r798h3iw0tbG-bMK_3tI5crDr1bX9nry6A9WrhG5cL&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCf6Ma1LreZOWtMpCEoPMPn6qVqAycge-wXKLKp6p0wI23ARABIABgye6Oi8CkjBCCARdjYS1wdWItNTkwMjA4MzI4NTMwMjc3OcgBCeACAKgDAcgDAqoElwJP0N13jtU72H5cWz_68Pgaq7lwxpUFxGL_V2de2YKmBcAUmrePw_Hd6NX7wv2qVhb33muZO85PPCHVcPB3s248zYvMydjS2iKHVvQ5RCSpredJvMDW-zVf6nOnV1FIhTrn8bTEqFxZt5sdn9horo01vWxGaJQfvrlzUQQ3udRCfbKWrP0D1oEYM5QttOK9TPLcVq7byaHk9s9HX7pTL36stnhUJwx4hzELSZEavrPRutFwa5_JsFNtDcZsJzAr9CuC1Mwn1JxTa1XTDewKPd_8ms1DQFjsppuAWNqVD2eZpWuHyrIdl28-EJMAH1L-nGkhDgaKk1gRGD-Kei0GYSUVaMh5-_2jY0pe9Cvh_mZUaOw46WuHJG_gBAGABsPUs6KPl7uY8AGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggSCIBhEAEyAooCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3_OvBywo0wtcx3fjCvCyGoXNzZbg%26client%3Dca-pub-5902083285302779%26adurl%3D
Frame ID: 560A91F8B812C25A4A1C0682228546E3
Requests: 11 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 1A63881B2B8A4625D047CEB8BFE921FF
Requests: 9 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=pbm&i=2A9490F3-08AC-45EE-95C7-6A357A3D2EFD
Frame ID: 4A9C59898C4DC82442C5AD630C28A932
Requests: 1 HTTP requests in this frame

Frame: https://u-iad04.e-planning.net/um?dc=a208d9366469aa64&fi=2dc5d7ef17b42550&uid=2A9490F3-08AC-45EE-95C7-6A357A3D2EFD
Frame ID: 386F7D0821E141F48D6ED7BFF0B97B8B
Requests: 1 HTTP requests in this frame

Frame: https://ow.pubmatic.com/setuid?bidder=pubmatic&gdpr=&gdpr_consent=&gpp=&gpp_sid=&f=b&uid=2A9490F3-08AC-45EE-95C7-6A357A3D2EFD
Frame ID: 553F23B84D95BB59299966EE1DE50D7D
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=pbm&i=2A9490F3-08AC-45EE-95C7-6A357A3D2EFD
Frame ID: 9936A0A762AD5002C194F9E7F48D3143
Requests: 1 HTTP requests in this frame

Frame: https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
Frame ID: B8788DCB54B5E7341AA70AB8792EBBFE
Requests: 12 HTTP requests in this frame

Frame: https://ow.pubmatic.com/setuid?bidder=pubmatic&gdpr=&gdpr_consent=&gpp=&gpp_sid=&f=b&uid=2A9490F3-08AC-45EE-95C7-6A357A3D2EFD
Frame ID: B7CFE0050B9BCC00DC26839BD09E483A
Requests: 1 HTTP requests in this frame

Frame: https://sync.technoratimedia.com/services?srv=cs&pid=45&uid=$UID$
Frame ID: C5358DF16BF2D946922CAC2BC22B9FA3
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=en&v=3kTz7WGoZLQTivI-amNftGZO&k=6Lf1KHQUAAAAAFNKEX1hdSWCS3mRMv4FlFaNslaD
Frame ID: 5350C72887FEC734F7FBDB1352B88FB3
Requests: 3 HTTP requests in this frame

Frame: https://sync.technoratimedia.com/services?srv=cs&pid=45&uid=$UID$
Frame ID: B2D30B2118C82C0E63DA6F587E855E0D
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=itsallinanutshell.com&us_privacy=1---
Frame ID: 65BF99389C74CF6167911D6735A023AE
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lf1KHQUAAAAAFNKEX1hdSWCS3mRMv4FlFaNslaD&co=aHR0cHM6Ly9hc3NldHMubWFpbGVybGl0ZS5jb206NDQz&hl=en&v=3kTz7WGoZLQTivI-amNftGZO&size=normal&cb=fd88mpdnxnew
Frame ID: BDEAD66DBA4FE50B7E9987D8957E5D4D
Requests: 8 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012307272333000/amp4ads-v0.mjs
Frame ID: 2C7C9A34E98C6D49CD1312FE6F012D74
Requests: 13 HTTP requests in this frame

Frame: https://ads.yieldmo.com/pbcas?us_privacy=1---&gdpr=0&gdpr_consent=&type=iframe
Frame ID: 52F588D7250446339E95DE874F4CD60E
Requests: 6 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1692318419727&us_privacy=1---
Frame ID: 05E4D93C993E7917603356F62CEB75EC
Requests: 1 HTTP requests in this frame

Frame: https://wordadsmediafiles.files.wordpress.com/2023/08/houseads-wpcom-20230801-googledomainstransfer-1x-728x90-upload.png
Frame ID: 1EDC81C25BC760BCCA4E2B19613158F7
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=en&v=3kTz7WGoZLQTivI-amNftGZO&k=6Lf1KHQUAAAAAFNKEX1hdSWCS3mRMv4FlFaNslaD
Frame ID: 3CE23F028BB0080F186E1406E3652C4D
Requests: 3 HTTP requests in this frame

Frame: https://s.pubmine.com/match?bidder_id=26&ssp_data=de349555-d0ff-4738-bf5a-71b2f3727eaa&rid=&us_privacy=&gdpr=0&gdpr_consent=&external_user_id=2A9490F3-08AC-45EE-95C7-6A357A3D2EFD
Frame ID: E308B4C085F923DF2CEAD87D90B34ABC
Requests: 1 HTTP requests in this frame

Frame: https://s.pubmine.com/match?bidder_id=11&ssp_data=de349555-d0ff-4738-bf5a-71b2f3727eaa&rid=&us_privacy=&gdpr=0&gdpr_consent=&external_user_id=2A9490F3-08AC-45EE-95C7-6A357A3D2EFD
Frame ID: E8936C08968F2F5800AEA33F9A9C6005
Requests: 1 HTTP requests in this frame

Frame: https://s.pubmine.com/match?bidder_id=26&ssp_data=de349555-d0ff-4738-bf5a-71b2f3727eaa&rid=&us_privacy=&gdpr=0&gdpr_consent=&external_user_id=2A9490F3-08AC-45EE-95C7-6A357A3D2EFD
Frame ID: 9BBE9A4F189F5764D6E0D97C7E82761E
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=pbm&i=2A9490F3-08AC-45EE-95C7-6A357A3D2EFD
Frame ID: 1B3ACBFB75A5D5F10289A5D2997CC093
Requests: 1 HTTP requests in this frame

Frame: https://events-ssc.33across.com/match?liv=h&us_privacy=&bidder_id=25&external_user_id=2A9490F3-08AC-45EE-95C7-6A357A3D2EFD
Frame ID: BA70C364E1CBE3126D3AACAC343E1E3E
Requests: 1 HTTP requests in this frame

Frame: https://events-ssc.33across.com/match?liv=h&us_privacy=&bidder_id=25&external_user_id=2A9490F3-08AC-45EE-95C7-6A357A3D2EFD
Frame ID: 6826A5AB93BBAF296CCE4AB8DAB4F995
Requests: 1 HTTP requests in this frame

Frame: https://events-ssc.33across.com/match?liv=h&us_privacy=&bidder_id=25&external_user_id=2A9490F3-08AC-45EE-95C7-6A357A3D2EFD
Frame ID: 4CD768D2B4280B190C6FCF37C06C58CC
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=pbm&i=2A9490F3-08AC-45EE-95C7-6A357A3D2EFD
Frame ID: 92433CBF012E4EB5F86EC82726576EFF
Requests: 1 HTTP requests in this frame

Frame: https://events-ssc.33across.com/match?liv=h&us_privacy=&bidder_id=25&external_user_id=2A9490F3-08AC-45EE-95C7-6A357A3D2EFD
Frame ID: D89251A410CF0582B37EAD94D667237D
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/hhrtBw21.html
Frame ID: 97CFEA62B7E62DF0FFE9DFF9FB7982E5
Requests: 3 HTTP requests in this frame

Frame: https://tags.crwdcntrl.net/lt/shared/2/lt.iframe.html?c=15238
Frame ID: 14F628E593A6DC40774BBECF8FEB3432
Requests: 1 HTTP requests in this frame

Frame: https://bcp.crwdcntrl.net/pixels?s=41%2C12%2C54%2C7%2C2%2C116&c=15238&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Frame ID: 05AD85AF066EB3293CE1755BF3951B67
Requests: 7 HTTP requests in this frame

Screenshot

Page Title

It's all in a Nutshell Crochet – love – live – crochet

Page URL History Show full URLs

  1. https://cdn-0.itsallinanutshell.com/ HTTP 301
    https://itsallinanutshell.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]+s\d+\.wp\.com
  • /wp-(?:content|includes)/

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • paypalobjects\.com

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)

Overall confidence: 100%
Detected patterns
  • tpc\.googlesyndication\.com/safeframe

Overall confidence: 100%
Detected patterns
  • 2mdn\.net

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • [^a-z]mtc.*\.js

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net

Overall confidence: 100%
Detected patterns
  • /popper\.js/([0-9.]+)

Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com

Overall confidence: 100%
Detected patterns
  • \.quantserve\.com/quant\.js

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com

Overall confidence: 100%
Detected patterns
  • tracker\.js

Overall confidence: 100%
Detected patterns
  • https?://an\.yandex\.ru/

Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

851
Requests

73 %
HTTPS

28 %
IPv6

155
Domains

248
Subdomains

136
IPs

13
Countries

7515 kB
Transfer

19614 kB
Size

353
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://cdn-0.itsallinanutshell.com/ HTTP 301
    https://itsallinanutshell.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 44
  • https://www.paypal.com/en_NL/i/scr/pixel.gif HTTP 301
  • https://www.paypalobjects.com/en_NL/i/scr/pixel.gif
Request Chain 81
  • https://ads.servenobid.com/getsync?tek=pbs&ver=1&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fow.pubmatic.com%2Fsetuid%3Fbidder%3Dnobid%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Di%26uid%3D%24UID HTTP 302
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D312%26uid%3D%24UID%26redirect%3Dhttps%253A%252F%252Fads.servenobid.com%252Fgetsync%253Fjp%253D0%2526redirect%253Dhttps%25253A%25252F%25252Fow.pubmatic.com%25252Fsetuid%25253Fbidder%25253Dnobid%252526gdpr%25253D%252526gdpr_consent%25253D%252526gpp%25253D%252526gpp_sid%25253D%252526f%25253Di%252526uid%25253D%252524UID HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fads.servenobid.com%252Fsync%253Fpid%253D312%2526uid%253D%2524UID%2526redirect%253Dhttps%25253A%25252F%25252Fads.servenobid.com%25252Fgetsync%25253Fjp%25253D0%252526redirect%25253Dhttps%2525253A%2525252F%2525252Fow.pubmatic.com%2525252Fsetuid%2525253Fbidder%2525253Dnobid%25252526gdpr%2525253D%25252526gdpr_consent%2525253D%25252526gpp%2525253D%25252526gpp_sid%2525253D%25252526f%2525253Di%25252526uid%2525253D%25252524UID HTTP 302
  • https://ads.servenobid.com/sync?pid=312&uid=4664318827337647392&redirect=https%3A%2F%2Fads.servenobid.com%2Fgetsync%3Fjp%3D0%26redirect%3Dhttps%253A%252F%252Fow.pubmatic.com%252Fsetuid%253Fbidder%253Dnobid%2526gdpr%253D%2526gdpr_consent%253D%2526gpp%253D%2526gpp_sid%253D%2526f%253Di%2526uid%253D%2524UID HTTP 302
  • https://ads.servenobid.com/getsync?jp=0&redirect=https%3A%2F%2Fow.pubmatic.com%2Fsetuid%3Fbidder%3Dnobid%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Di%26uid%3D%24UID HTTP 302
  • https://ow.pubmatic.com/setuid?bidder=nobid&gdpr=&gdpr_consent=&gpp=&gpp_sid=&f=i&uid=MzEyOjQ2!jQzMTg4MjczMzc2!*czOTI~
Request Chain 83
  • https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&bidder=medianet&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fow.pubmatic.com%2Fsetuid%3Fbidder%3Dmedianet%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Di%26uid%3D%3Cvsid%3E HTTP 302
  • https://ow.pubmatic.com/setuid?bidder=medianet&gdpr=&gdpr_consent=&gpp=&gpp_sid=&f=i&uid=3353200176634272000V10
Request Chain 106
  • https://um.simpli.fi/gp_match?google_gid=CAESENxkHIfEoS_fdexpac5amr4&google_cver=1&google_push=AXcoOmR2p9qnDJts64Qahd-DLZ0bmeaArku6g_28W-nCzBhuj6aL_EOv5n2orOZwg2VUREHNUy3U4A1f3jvCy7g_ILneGOEn8go HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=7ECD5403DF2A44CEA68AD742A23A3A42&google_push=AXcoOmR2p9qnDJts64Qahd-DLZ0bmeaArku6g_28W-nCzBhuj6aL_EOv5n2orOZwg2VUREHNUy3U4A1f3jvCy7g_ILneGOEn8go
Request Chain 107
  • https://match.adsrvr.org/track/cmf/google?google_gid=CAESEE6E8wAsadvpgwNM3s2s1kk&google_cver=1&google_push=AXcoOmTZJW3Ukaa7JbaH7pzXSdCSMkQvJy5Gcd4zHJhMz8ZCcjqf1UtvOhwvEK8s0AYosWZtblJwni5Lmy44CKEtd1CjENdKp2w HTTP 302
  • https://match.adsrvr.org/track/cmb/google?google_gid=CAESEE6E8wAsadvpgwNM3s2s1kk&google_cver=1&google_push=AXcoOmTZJW3Ukaa7JbaH7pzXSdCSMkQvJy5Gcd4zHJhMz8ZCcjqf1UtvOhwvEK8s0AYosWZtblJwni5Lmy44CKEtd1CjENdKp2w HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=MDQ4N2ZkZWYtZGJjYi00NDcyLTkxZWEtMDkxYWY4NmE2NGZi&google_push&gdpr=0&gdpr_consent=&ttd_tdid=0487fdef-dbcb-4472-91ea-091af86a64fb
Request Chain 108
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEEGd3nOxVeU95mQ_jL3wce4&google_cver=1&google_push=AXcoOmTUdj0onLGqcumMB1PaShdHIs-_xSQlOM3aAAvpLvdiDFN-2lg0I58jY-B6mDzQ6QubOxNTd_JJAxVewH3RUaT7GMqjSg HTTP 302
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEEGd3nOxVeU95mQ_jL3wce4&google_cver=1&google_push=AXcoOmTUdj0onLGqcumMB1PaShdHIs-_xSQlOM3aAAvpLvdiDFN-2lg0I58jY-B6mDzQ6QubOxNTd_JJAxVewH3RUaT7GMqjSg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjY4NDYzMTcyMTYzMTQ2NDM2MA&google_push=AXcoOmTUdj0onLGqcumMB1PaShdHIs-_xSQlOM3aAAvpLvdiDFN-2lg0I58jY-B6mDzQ6QubOxNTd_JJAxVewH3RUaT7GMqjSg
Request Chain 109
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEN947d0LNroU49Eub44ucjw&google_cver=1&google_push=AXcoOmTPlvjg-URFu2Rm0tP30HMHr2M675V9_wYGb74EMp3MIUIjafF-kwiQDIXj35Z-xHPeFEDz-_r7K3U0AGHTOn6QK5FqdMw HTTP 307
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEN947d0LNroU49Eub44ucjw&google_cver=1&google_push=AXcoOmTPlvjg-URFu2Rm0tP30HMHr2M675V9_wYGb74EMp3MIUIjafF-kwiQDIXj35Z-xHPeFEDz-_r7K3U0AGHTOn6QK5FqdMw&sovrn_retry=true HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmTPlvjg-URFu2Rm0tP30HMHr2M675V9_wYGb74EMp3MIUIjafF-kwiQDIXj35Z-xHPeFEDz-_r7K3U0AGHTOn6QK5FqdMw&google_hm=HKy6dGZHUq-Qsjh8SEqEABZ8
Request Chain 110
  • https://ads.yieldmo.com/exptsync?google_gid=CAESEDTAZEMORpJxa7xF6tmI0wI&google_cver=1&google_push=AXcoOmRNPXZbdXWk9sdh8NzDCabywnXQwq8CMdcQrjpeLyfX99on9514hsRMi6DucHFlykODkDJ-ApmlcWRCfNWcAsT-jEA6ENw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AXcoOmRNPXZbdXWk9sdh8NzDCabywnXQwq8CMdcQrjpeLyfX99on9514hsRMi6DucHFlykODkDJ-ApmlcWRCfNWcAsT-jEA6ENw&google_hm=M203REx5eUdHRHl5SWZsam9uUGY=
Request Chain 111
  • https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEAgNGKfyxxHzjZnBFProlJk&google_cver=1&google_push=AXcoOmQ6zTb4KDo39UZfzLFssy0cSeDI-wZtsVdvSW3HyE5GI8UT3_hsub1KkQauhHuW0I7Ck1aVETUR3DiVe0ZEzH_MXhyR-mg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AXcoOmQ6zTb4KDo39UZfzLFssy0cSeDI-wZtsVdvSW3HyE5GI8UT3_hsub1KkQauhHuW0I7Ck1aVETUR3DiVe0ZEzH_MXhyR-mg&google_hm=ODM2NzkzNTczNDQ4MjI4NzMwMg%3D%3D
Request Chain 112
  • https://analytics.pangle-ads.com/api/ad/union/gg_cookie_matching?google_gid=CAESEKierwTxWK1oLOeZCWlCFLY&google_cver=1&google_push=AXcoOmSQcnr7sBMMOjzJQyAxMUUvPturDOZpZoN1la8XCc9EPU8hhueXFYliSE7b7woUWghp8vrNEK3wukOXF0NxJx_-p8buoHo HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=toutiao_usd&google_push=AXcoOmSQcnr7sBMMOjzJQyAxMUUvPturDOZpZoN1la8XCc9EPU8hhueXFYliSE7b7woUWghp8vrNEK3wukOXF0NxJx_-p8buoHo
Request Chain 115
  • https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fow.pubmatic.com%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID HTTP 302
  • https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fow.pubmatic.com%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID
Request Chain 116
  • https://pixel.sitescout.com/dmp/pixelSync?network=EPLANNING&rurl=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fuid%3D%7BUSER_ID%7D%26dc%3D0abbcb4eba840e59%26fi%3D2dc5d7ef17b42550 HTTP 302
  • https://pixel.sitescout.com/dmp/pixelSync?cookieQ=1&network=EPLANNING&rurl=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fuid%3D%7BUSER_ID%7D%26dc%3D0abbcb4eba840e59%26fi%3D2dc5d7ef17b42550 HTTP 302
  • https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=07e245da-4f06-492e-b7a4-be6d629de3b9-64debad1-5553&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%26partner_device_id%3D07e245da-4f06-492e-b7a4-be6d629de3b9-64debad1-5553%26partner_url%3Dhttps%253A%252F%252Fu-iad04.e-planning.net%252Fum%253Fuid%253D07e245da-4f06-492e-b7a4-be6d629de3b9-64debad1-5553%2526dc%253D0abbcb4eba840e59%2526fi%253D2dc5d7ef17b42550 HTTP 302
  • https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=07e245da-4f06-492e-b7a4-be6d629de3b9-64debad1-5553&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%26partner_device_id%3D07e245da-4f06-492e-b7a4-be6d629de3b9-64debad1-5553%26partner_url%3Dhttps%253A%252F%252Fu-iad04.e-planning.net%252Fum%253Fuid%253D07e245da-4f06-492e-b7a4-be6d629de3b9-64debad1-5553%2526dc%253D0abbcb4eba840e59%2526fi%253D2dc5d7ef17b42550&ct=y HTTP 302
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=07e245da-4f06-492e-b7a4-be6d629de3b9-64debad1-5553&partner_url=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fuid%3D07e245da-4f06-492e-b7a4-be6d629de3b9-64debad1-5553%26dc%3D0abbcb4eba840e59%26fi%3D2dc5d7ef17b42550 HTTP 302
  • https://pixel.tapad.com/idsync/ex/push/check?partner_id=2499&partner_device_id=07e245da-4f06-492e-b7a4-be6d629de3b9-64debad1-5553&partner_url=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fuid%3D07e245da-4f06-492e-b7a4-be6d629de3b9-64debad1-5553%26dc%3D0abbcb4eba840e59%26fi%3D2dc5d7ef17b42550 HTTP 302
  • https://u-iad04.e-planning.net/um?uid=07e245da-4f06-492e-b7a4-be6d629de3b9-64debad1-5553&dc=0abbcb4eba840e59&fi=2dc5d7ef17b42550
Request Chain 117
  • https://bh.contextweb.com/bh/rtset?pid=562965&ev=1&us_privacy=${us_privacy}&rurl=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fuid%3D%%VGUID%%%26dc%3D66b7ef4184d94c10%26fi%3D2dc5d7ef17b42550 HTTP 302
  • https://u-iad04.e-planning.net/um?uid=LRorNYzj3RZ1&dc=66b7ef4184d94c10&fi=2dc5d7ef17b42550&ev=1&us_privacy=${us_privacy}&pid=562965
Request Chain 118
  • https://sync.admanmedia.com/pbs.gif?redir=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3D9937b3fd6e9a979a%26fi%3D2dc5d7ef17b42550%26uid%3D%5BUID%5D HTTP 302
  • https://u-iad04.e-planning.net/um?dc=9937b3fd6e9a979a&fi=2dc5d7ef17b42550&uid=6b01332b-0967-46b8-b07e-3abf9949e4b4
Request Chain 120
  • https://rtb.openx.net/sync/prebid?r=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3Dff96d1aa62deeebd%26fi%3D2dc5d7ef17b42550%26uid%3D%24%7BUID%7D HTTP 302
  • https://rtb.openx.net/sync/prebid?r=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3Dff96d1aa62deeebd%26fi%3D2dc5d7ef17b42550%26uid%3D%24%7BUID%7D&ox_sc=1 HTTP 302
  • https://u-iad04.e-planning.net/um?dc=ff96d1aa62deeebd&fi=2dc5d7ef17b42550&uid=a97a27be-bd5a-4dce-907f-5a11da083494
Request Chain 122
  • https://prebid-match.dotomi.com/match/bounce/current?networkId=72582&version=1&rurl=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3Dfbb23d0ef33aad5d%26fi%3D2dc5d7ef17b42550%26uid%3D HTTP 302
  • https://prebid-match.dotomi.com/match/bounce/current?DotomiTest=4f281d4f787e1493&is_secure=true&networkId=72582&version=1&rurl=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3Dfbb23d0ef33aad5d%26fi%3D2dc5d7ef17b42550%26uid%3D HTTP 302
  • https://u-iad04.e-planning.net/um?dc=fbb23d0ef33aad5d&fi=2dc5d7ef17b42550&uid=AAAIuZ3ZnldwIgMf_D_OAAAAAAA&expiration=1692404818
Request Chain 123
  • https://sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/?p=25BiP9IMgN&r=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fuid%3D[PDID]%26dc%3Dfabfd6762b833237%26fi%3D2dc5d7ef17b42550 HTTP 302
  • https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fads.us.e-planning.net%2F HTTP 302
  • https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fads.us.e-planning.net%2F&rd=1 HTTP 303
  • https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsync.richaudience.com%2Fa566db6afba33978322ef47fa16ca6fe%2F%3Fuid%3D$UID HTTP 307
  • https://sync.richaudience.com/a566db6afba33978322ef47fa16ca6fe/?uid=HKy6dGZHUq-Qsjh8SEqEABZ8
Request Chain 124
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3D8103fa85295fbe60%26fi%3D2dc5d7ef17b42550%26uid%3D%24UID HTTP 302
  • https://u-iad04.e-planning.net/um?dc=8103fa85295fbe60&fi=2dc5d7ef17b42550&uid=4664318827337647392
Request Chain 125
  • https://sync.go.sonobi.com/us?loc=%0A%0Ahttps%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3De52415579699e09f%26fi%3D2dc5d7ef17b42550%26uid%3D%5BUID%5D HTTP 302
  • https://u-iad04.e-planning.net/um?dc=e52415579699e09f&fi=2dc5d7ef17b42550&uid=2504e206-099c-4dfa-a5b0-f8c2c91d13ac
Request Chain 126
  • https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3De64f73568d2b3c34%26fi%3D2dc5d7ef17b42550%26uid%3D%24UID&partner=eplanning HTTP 302
  • https://u-iad04.e-planning.net/um?dc=e64f73568d2b3c34&fi=2dc5d7ef17b42550&uid=ua-a442413b-e95a-3372-b6b5-271a25820d15
Request Chain 127
  • https://match.sharethrough.com/universal/v1?supply_id=H7IJBRjH HTTP 302
  • https://sync.e-planning.net/um?uid=bb326391-c238-40fd-9eb1-5876b565d721&dc=769fefa8321c94fb&iss=1
Request Chain 128
  • https://cs.krushmedia.com/ec2cf90fdaaf74e7d94341d9392b3202.gif?redir=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3Df343cd610dc2b771%26fi%3D2dc5d7ef17b42550%26uid%3D%5BUID%5D HTTP 302
  • https://u-iad04.e-planning.net/um?dc=f343cd610dc2b771&fi=2dc5d7ef17b42550&uid=ca5955d1-d3ca-45a8-829a-c8784ff51cde
Request Chain 129
  • https://cookies.nextmillmedia.com/sync?type=image&gdpr={{.GDPR}}&gdpr_consent={{.GDPRConsent}}&us_privacy={{.USPrivacy}}&redirect=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fuid%3D%5BNMUID%5D%26dc%3Db337141cfdc8cf59%26fi%3D2dc5d7ef17b42550 HTTP 302
  • https://u-iad04.e-planning.net/um?uid=&dc=b337141cfdc8cf59&fi=2dc5d7ef17b42550
Request Chain 130
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?&p=eplanning_east&endpoint=us-east HTTP 301
  • https://eus.rubiconproject.com/usync.html?&p=eplanning_east&endpoint=us-east
Request Chain 132
  • https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D2dc5d7ef17b42550%26uid%3D HTTP 302
  • https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D2dc5d7ef17b42550%26uid%3D&s=190243&C=1
Request Chain 139
  • https://eb2.3lift.com/sync?redir=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fuid%3D%24UID%26dc%3D4d76b6ce34af74c9%26iss%3D1 HTTP 302
  • https://eb2.3lift.com/sync?redir=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fuid%3D%24UID%26dc%3D4d76b6ce34af74c9%26iss%3D1&ld=1
Request Chain 144
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZN660gpfgXVAgUl4ibXoLAAABVMAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEFWijFB_Y3bHtQIs4dplRTg&google_cver=1
Request Chain 145
  • https://match.adsrvr.org/track/cmf/casale HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=0487fdef-dbcb-4472-91ea-091af86a64fb&expiration=1694910418&gdpr=0&gdpr_consent=
Request Chain 146
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZN660gpfgXVAgUl4ibXoLAAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESELWZ2H1cSvIe4c_2VB8MgkQ&google_cver=1
Request Chain 147
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZN660gpfgXVAgUl4ibXoLAAABVMAAAIB&gpp=&gpp_sid= HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZN660gpfgXVAgUl4ibXoLAAABVMAAAIB&gpp=&gpp_sid=&dcc=t
Request Chain 148
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=ZN660gpfgXVAgUl4ibXoLAAABVMAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=ZN660gpfgXVAgUl4ibXoLAAABVMAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=&verify=true HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/casale/ZN660gpfgXVAgUl4ibXoLAAABVMAAAIB
Request Chain 150
  • https://s.company-target.com/s/ix?cm_dsp_id=18&us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid= HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1708216018&external_user_id=e2deee73-398c-465f-aa2c-fae5ed15877b
Request Chain 151
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=48 HTTP 302
  • https://r.casalemedia.com/rum?cm_dsp_id=64&external_user_id=07e245da-4f06-492e-b7a4-be6d629de3b9-64debad1-5553&gdpr=0&gdpr_consent=
Request Chain 153
  • https://s.amazon-adsystem.com/dcm?pid=3b882453-6770-4785-baf8-a598533c054a&id=2A9490F3-08AC-45EE-95C7-6A357A3D2EFD&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=3b882453-6770-4785-baf8-a598533c054a&id=2A9490F3-08AC-45EE-95C7-6A357A3D2EFD&redir=true&gdpr=0&gdpr_consent=&dcc=t
Request Chain 154
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent= HTTP 303
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=&_bee_ppp=1 HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFCT0ZrN0p2WFlBQUNxb0hMNVdJZw&gdpr=0&gdpr_consent=&bee_sync_partners=pp%2Csyn%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=pp%2Csyn%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 303
  • https://bh.contextweb.com/bh/rtset?ev=AABOFk7JvXYAACqoHL5WIg&do=add&pid=558502&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dsyn%252Csas%252Cpm%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2&gdpr=0 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=syn%2Csas%2Cpm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=2&ev=AABOFk7JvXYAACqoHL5WIg&pid=558502&do=add&gdpr=0 HTTP 303
  • https://sync.technoratimedia.com/services?uid=AABOFk7JvXYAACqoHL5WIg&srv=cs&pid=73&cb=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26gdpr%3D0%26bee_sync_partners%3Dsas%252Cpm%26bee_sync_current_partner%3Dsyn%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3&gdpr=0 HTTP 307
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&gdpr=0&bee_sync_partners=sas%2Cpm&bee_sync_current_partner=syn&bee_sync_initiator=adx&bee_sync_hop_count=3 HTTP 303
  • https://rtb-csync.smartadserver.com/redir?partneruserid=AABOFk7JvXYAACqoHL5WIg&partnerid=127&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26gdpr%3D0%26bee_sync_partners%3Dpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D4%26userid%3DSMART_USER_ID&gdpr=0 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&gdpr=0&bee_sync_partners=pm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=4&userid=8367935734482287302&gdpr=0&gdpr_consent= HTTP 303
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AABOFk7JvXYAACqoHL5WIg&gdpr=0&gdpr_consent=
Request Chain 155
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4664318827337647392&gdpr=0&gdpr_consent=
Request Chain 156
  • https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.adgrx.com/bridge.gif?AG_PID=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=f1351930-3d5d-11ee-8703-719c24424d7a
Request Chain 157
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent= HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZN660gAJaLisYgAb
Request Chain 159
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=gIxBK9TZRiibjkEshNwIf4SIQyybiUZ5hN6vObuc
Request Chain 161
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=9Son5ZY7UStD4HYH8estYmAJ-SY&gdpr=0&gdpr_consent=
Request Chain 162
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:ISyfZg9D1QwNkm5&gdpr=0&gdpr_consent=
Request Chain 163
  • https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=970033166257797130
Request Chain 164
  • https://beacon.lynx.cognitivlabs.com/pbmtc.gif?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0xJnR5cGU9MSZjb2RlPTM0MzkmdGw9MTI5NjAw&piggybackCookie=$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0xJnR5cGU9MSZjb2RlPTM0MzkmdGw9MTI5NjAw&piggybackCookie=cf403ff7-c356-4a56-869f-6d0a3a0a9d8c&r=https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=${PUBMATIC_UID} HTTP 302
  • https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=2A9490F3-08AC-45EE-95C7-6A357A3D2EFD
Request Chain 165
  • https://ad.mrtnsvr.com/sync/pubmatic?gdpr=0&gdpr_consent= HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw%26piggybackCookie%3D%23PM_USER_ID%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw&piggybackCookie=2A9490F3-08AC-45EE-95C7-6A357A3D2EFD&gdpr=0&gdpr_consent=
Request Chain 166
  • https://ums.acuityplatform.com/tum?umid=6 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=815211786820
Request Chain 167
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID} HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Request Chain 168
  • https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token} HTTP 307
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Request Chain 170
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=KpSQ8wisRe6Vx2o1ej0u_Q%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Request Chain 171
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3371&partner_device_id=2A9490F3-08AC-45EE-95C7-6A357A3D2EFD HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3371&partner_device_id=2A9490F3-08AC-45EE-95C7-6A357A3D2EFD HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=ab9d17c0-c81c-44b4-a9b0-0faebcbda11d%252C%252C&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=0487fdef-dbcb-4472-91ea-091af86a64fb&ttd_puid=ab9d17c0-c81c-44b4-a9b0-0faebcbda11d%2C%2C
Request Chain 174
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MkE5NDkwRjMtMDhBQy00NUVFLTk1QzctNkEzNTdBM0QyRUZE&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 175
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESELjFEQdiVWzBeaSqyv7wAb8&google_cver=1
Request Chain 176
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:7ECD5403DF2A44CEA68AD742A23A3A42
Request Chain 177
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=0487fdef-dbcb-4472-91ea-091af86a64fb&gdpr=0&gdpr_consent=
Request Chain 179
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=2A9490F3-08AC-45EE-95C7-6A357A3D2EFD&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=2A9490F3-08AC-45EE-95C7-6A357A3D2EFD&redir=true&gdpr=0&gdpr_consent=&verify=true HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-xA5YrAJE2uWExMkcRP4rrY1R.gEmzxU-~A&gdpr=0
Request Chain 180
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2700558205676423679&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 181
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=2A9490F3-08AC-45EE-95C7-6A357A3D2EFD&gdpr=0&gdpr_consent= HTTP 302
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=57d9f24b19e51493&is_secure=true&networkId=17100&version=1&nuid=2A9490F3-08AC-45EE-95C7-6A357A3D2EFD&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAFnL4wPr7wQAMyfGjqAAAAAAA&expiration=1692404818&nuid=2A9490F3-08AC-45EE-95C7-6A357A3D2EFD&is_secure=true&gdpr_consent=&gdpr=0
Request Chain 182
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=0b7fda1c-fda1-41ac-b91d-d0575c6881ca&gdpr=0&gdpr_consent=
Request Chain 183
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=pubmatic&bsw_custom_parameter=99a3228b-b5ec-4ed0-ab3b-c41988f8f0a6&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.creative-serving.com/ul_cb/bsw_sync?bidswitch_ssp_id=pubmatic&bsw_custom_parameter=99a3228b-b5ec-4ed0-ab3b-c41988f8f0a6&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=4&user_id=ba79f4b0-2c67-44c6-a073-33e99fa5210b&ssp=pubmatic&expires=30&user_group=5&bsw_param=99a3228b-b5ec-4ed0-ab3b-c41988f8f0a6 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=99a3228b-b5ec-4ed0-ab3b-c41988f8f0a6&gdpr=&gdpr_consent=&gdpr_pd=
Request Chain 185
  • https://pmp.mxptint.net/sn.ashx?&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjc0NCZ0bD0xNTc2ODAw&piggybackCookie=R33647_107939190_FD337958&r=https://pmp.mxptint.net/sn.ashx?ak=1 HTTP 302
  • https://pmp.mxptint.net/sn.ashx?ak=1
Request Chain 186
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=07e245da-4f06-492e-b7a4-be6d629de3b9-64debad1-5553&gdpr=0&gdpr_consent=
Request Chain 187
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=6684631721631464360
Request Chain 188
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID HTTP 302
  • https://usersync.gumgum.com/usersync?b=apn&i=4664318827337647392
Request Chain 189
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=u_889558d4-7cf8-4390-b256-922540a4a1b8&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=gumgum2&user_id=u_889558d4-7cf8-4390-b256-922540a4a1b8&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://c1.adform.net/serving/cookie/match/?party=24&bidswitch_ssp_id=gumgum2 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=70&user_id=6684631721631464360&ssp=gumgum2 HTTP 302
  • https://usersync.gumgum.com/usersync?b=bsw&i=99a3228b-b5ec-4ed0-ab3b-c41988f8f0a6&gdpr=&gdpr_consent=&us_privacy=
Request Chain 190
  • https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=&gdprConsent=&platformRdUrl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRdUrl%7D HTTP 302
  • https://usersync.gumgum.com/usersync?b=obn&i=ENC%28_jUAIpdXDsgbmIPKapa1lgNlarj9q4fI4VXDvTpbdL3UwiS4ScOZuZEC-WgxpMJW%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%26platformUid%3D%7Bplatform_uid%7D%26obuid%3DENC%28_jUAIpdXDsgbmIPKapa1lgNlarj9q4fI4VXDvTpbdL3UwiS4ScOZuZEC-WgxpMJW%29 HTTP 302
  • https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=u_889558d4-7cf8-4390-b256-922540a4a1b8&obuid=ENC(_jUAIpdXDsgbmIPKapa1lgNlarj9q4fI4VXDvTpbdL3UwiS4ScOZuZEC-WgxpMJW) HTTP 302
  • https://sync.outbrain.com/syncPlatform?platformId=GUMGU18H7EL9NI653I7DPEH51 HTTP 302
  • https://ice.360yield.com/server_match?partner_id=1863&r=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dimprove_digital%26uid%3D%7BPUB_USER_ID%7D%26obUid%3D_jUAIpdXDsgbmIPKapa1lgNlarj9q4fI4VXDvTpbdL3UwiS4ScOZuZEC-WgxpMJW%26gdpr%3D%24GDPR_APPLIES%26gdpr_consent%3D%24CONSNT_STRING%26us_privacy%3D%24CCPA%26initiator%3Dplatform HTTP 302
  • https://sync.outbrain.com/cookie-sync?p=improve_digital&uid=6e611e0d-248a-42aa-aae5-d95b1b85c6a2&obUid=_jUAIpdXDsgbmIPKapa1lgNlarj9q4fI4VXDvTpbdL3UwiS4ScOZuZEC-WgxpMJW&gdpr=$GDPR_APPLIES&gdpr_consent=$CONSNT_STRING&us_privacy=$CCPA&initiator=platform HTTP 302
  • https://creativecdn.com/cm-notify?pi=outbrain&obUid=_jUAIpdXDsgbmIPKapa1lgNlarj9q4fI4VXDvTpbdL3UwiS4ScOZuZEC-WgxpMJW&gdpr=%24GDPR_APPLIES&gdpr_consent=%24CONSNT_STRING&us_privacy=%24CCPA&initiator=platform HTTP 302
  • https://sync.outbrain.com/cookie-sync?p=rtbhouse&uid=IQenns9db6STUgZpbm9c&pi=outbrain&obUid=_jUAIpdXDsgbmIPKapa1lgNlarj9q4fI4VXDvTpbdL3UwiS4ScOZuZEC-WgxpMJW&gdpr=%24GDPR_APPLIES&gdpr_consent=%24CONSNT_STRING&us_privacy=%24CCPA&initiator=platform
Request Chain 191
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D HTTP 302
  • https://us-u.openx.net/w/1.0/cm?cc=1&_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=opx&i=263db34f-8daa-411c-94e5-cda64ffe75fd
Request Chain 192
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=sta&i=0-f52a27e5-963b-512b-43e0-7607f1eb2d62$ip$96.9.249.38
Request Chain 193
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=oth&i=y-l0zEqZ9E2pcWxKnEaBoZsYCAxHNWngT_LPdV~A
Request Chain 194
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dvnt%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=vnt&i=155c8ce4-fcf7-4cee-8d64-d2c9a4d62452
Request Chain 196
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=u_889558d4-7cf8-4390-b256-922540a4a1b8&gdpr=&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__ HTTP 302
  • https://stags.bluekai.com/site/23178?id=XCrfLrjrE8jfTLEMuA7H&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTJHVMEG4TGJRZGU4SFHBVGMVCMIVGXKQJXJA HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTJHVMEG4TGJRZGU4SFHBVGMVCMIVGXKQJXJA HTTP 302
  • https://usersync.gumgum.com/usersync?b=zem&i=XCrfLrjrE8jfTLEMuA7H
Request Chain 197
  • https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D HTTP 302
  • https://ad.360yield.com/ul_cb/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D HTTP 302
  • https://usersync.gumgum.com/usersync?b=idi&i=6e611e0d-248a-42aa-aae5-d95b1b85c6a2
Request Chain 198
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25 HTTP 302
  • https://usersync.gumgum.com/usersync?b=pln&i=LRorNYzj3RZ1&ev=1&pid=558355
Request Chain 199
  • https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=sad&i=8367935734482287302
Request Chain 201
  • https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=&gdpr_consent= HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=&gdpr_consent=&_test=ZN660gAJWnP6lQAN
Request Chain 204
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=ttd&i=0487fdef-dbcb-4472-91ea-091af86a64fb
Request Chain 205
  • https://tg.socdm.com/aux/idsync?proto=gumgum HTTP 302
  • https://usersync.gumgum.com/usersync?b=sus&i=ZN660sCo8X8AAGhoHEoAAAAA
Request Chain 206
  • https://cs.admanmedia.com/sync/gumgum?puid=u_889558d4-7cf8-4390-b256-922540a4a1b8&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Daad%26i%3D%5BDSP_USER_ID%5D&gdpr=&gdpr_consent=&ccpa= HTTP 302
  • https://usersync.gumgum.com/usersync?b=aad&i=611477f1-2266-4456-bda3-55c0a8b20fc4
Request Chain 207
  • https://creativecdn.com/cm-notify?pi=gumgum HTTP 302
  • https://creativecdn.com/cm-notify?pi=gumgum&tc=1 HTTP 302
  • https://usersync.gumgum.com/usersync?b=rth&i=IQenns9db6STUgZpbm9c&pi=gumgum&tc=1
Request Chain 208
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=gumgum
Request Chain 209
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=eplanning_east&khaos=LLFUOWMM-1P-IU2L HTTP 302
  • https://sync.e-planning.net/um?uid=LLFUOWMM-1P-IU2L&dc=9bcc91305985f0db&iss=1
Request Chain 210
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=3658&xuid=0487fdef-dbcb-4472-91ea-091af86a64fb&dongle=0cfd&gdpr=0&gdpr_consent=
Request Chain 211
  • https://eb2.3lift.com/ebda?sync=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=NDA4MDc2Mjc3NDE0OTc1NjAwNTI0MA%3D%3D HTTP 302
  • https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
Request Chain 212
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEHbtLuOqKq7QtTQ08BwDDLo&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
Request Chain 213
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=NDA4MDc2Mjc3NDE0OTc1NjAwNTI0MA%3D%3D
Request Chain 216
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/4080762774149756005240?gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-Z4zuy21E2oRF8UrHT037QbjKR.jtiCl49qVwQeVZYA--~A&dongle=0883
Request Chain 219
  • https://ib.adnxs.com/getuid?https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3335%26xuid%3D%24UID%26dongle%3D4d58%26gdpr=0%26gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=3335&xuid=4664318827337647392&dongle=4d58&gdpr=0&gdpr_consent=
Request Chain 223
  • https://api.retargetly.com/api?id=1473&src=0&url=https%3A%2F%2Fitsallinanutshell.com%2F&browserUrl=https%3A%2F%2Fads.us.e-planning.net%2Fuspd%2F1%2F%3Fct%3D1%26du%3Dhttps%253A%252F%252Fow.pubmatic.com%252Fsetuid%253Fbidder%253Deplanning%2526gdpr%253D%2526gdpr_consent%253D%2526gpp%253D%2526gpp_sid%253D%2526f%253Db%2526uid%253D%2524UID&ref=https%3A%2F%2Fads.us.e-planning.net%2Fuspd%2F1%2F%3Fct%3D1%26du%3Dhttps%253A%252F%252Fow.pubmatic.com%252Fsetuid%253Fbidder%253Deplanning%2526gdpr%253D%2526gdpr_consent%253D%2526gpp%253D%2526gpp_sid%253D%2526f%253Db%2526uid%253D%2524UID&utmz=&n=&md=&mk=&il=1&limit_drop=&userid=78336b01-a437-4a0a-bf26-d4ba6496aee6&fullVersionList=&platform= HTTP 302
  • https://api.retargetly.com/api?id=1473&src=0&url=https%3A%2F%2Fitsallinanutshell.com%2F&browserUrl=https%3A%2F%2Fads.us.e-planning.net%2Fuspd%2F1%2F%3Fct%3D1%26du%3Dhttps%253A%252F%252Fow.pubmatic.com%252Fsetuid%253Fbidder%253Deplanning%2526gdpr%253D%2526gdpr_consent%253D%2526gpp%253D%2526gpp_sid%253D%2526f%253Db%2526uid%253D%2524UID&ref=https%3A%2F%2Fads.us.e-planning.net%2Fuspd%2F1%2F%3Fct%3D1%26du%3Dhttps%253A%252F%252Fow.pubmatic.com%252Fsetuid%253Fbidder%253Deplanning%2526gdpr%253D%2526gdpr_consent%253D%2526gpp%253D%2526gpp_sid%253D%2526f%253Db%2526uid%253D%2524UID&utmz=&n=&md=&mk=&il=1&limit_drop=&userid=78336b01-a437-4a0a-bf26-d4ba6496aee6&fullVersionList=&platform=&_rlid=78336b01-a437-4a0a-bf26-d4ba6496aee6
Request Chain 225
  • https://match.adsrvr.org/track/cmf/rubicon HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=0487fdef-dbcb-4472-91ea-091af86a64fb&gdpr=0&gdpr_consent=&expires=30
Request Chain 226
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=ypXZgVTATF-kFar6hwZ1Ng&rk=usync-na HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=ypXZgVTATF-kFar6hwZ1Ng
Request Chain 227
  • https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NmQ4YzQxNjE3NThjYTFkM2QwMzA5ZmJjZjczNDYwNzFhNTI4OTNkMA
Request Chain 228
  • https://token.rubiconproject.com/token?pid=36584 HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LLFUOWMM-1P-IU2L
Request Chain 229
  • https://token.rubiconproject.com/token?pid=25470 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TExGVU9XTU0tMVAtSVUyTA== HTTP 302
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEOx_nnGzULU9QkTXCLs7FX0&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TExGVU9XTU0tMVAtSVUyTA==&google_push=
Request Chain 230
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/rzrmNWSnyv84_QQVB_Ayecn5EUdSAgOZEtemQ7w0kco?csrc= HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-aCeMPCdE2oIyI7VcG5_lDl9xtYhqpFTQHfSbfQ--~A
Request Chain 231
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEHqoawjYfjYJtQyOG1-_DWA&google_cver=1
Request Chain 232
  • https://pixel.rubiconproject.com/exchange/sync.php?p=gumgum&khaos=LLFUOWMM-1P-IU2L HTTP 302
  • https://usersync.gumgum.com/usersync?b=mag&i=LLFUOWMM-1P-IU2L
Request Chain 238
  • https://cm.g.doubleclick.net/pixel?google_nid=retargetly_ddp&google_hm=NzgzMzZiMDEtYTQzNy00YTBhLWJmMjYtZDRiYTY0OTZhZWU2&google_cm HTTP 302
  • https://app.retargetly.com/sync?pid=11&google_gid=CAESEJ33vkXXC5RBr2xILC0--Zg&google_cver=1
Request Chain 239
  • https://cm.mgid.com/m?cdsp=712808&adu=https%3A%2F%2Fapp.retargetly.com%2Fsync%3Fsid%3D%7Bmuidn%7D%26pid%3D70 HTTP 307
  • https://cm.mgid.com/m?adu=https%3A%2F%2Fapp.retargetly.com%2Fsync%3Fsid%3D%7Bmuidn%7D%26pid%3D70&cdsp=712808&sct=1 HTTP 301
  • https://cm.mgid.com/https://app.retargetly.com/sync?sid=n7hWS84i56qh&pid=70
Request Chain 240
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3012&partner_device_id=78336b01-a437-4a0a-bf26-d4ba6496aee6&_rand=1692318418573 HTTP 302
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Freceive%3Fpartner_id%3DAPPNEXUS%26partner_device_id%3D%24UID%26pt%3Dab9d17c0-c81c-44b4-a9b0-0faebcbda11d%252C%252C HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=APPNEXUS&partner_device_id=4664318827337647392&pt=ab9d17c0-c81c-44b4-a9b0-0faebcbda11d%2C%2C
Request Chain 241
  • https://tags.bluekai.com/site/28347?limit=0&id=78336b01-a437-4a0a-bf26-d4ba6496aee6&redir=https%3A%2F%2Fapp.retargetly.com%2Fsync%3Fsid%3D%24_BK_UUID%26pid%3D9 HTTP 302
  • https://app.retargetly.com/sync?sid=$_BK_UUID&pid=9
Request Chain 242
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=83i98y4&ttd_tpi=1 HTTP 302
  • https://api.retargetly.com/sync?pid=13&sid=0487fdef-dbcb-4472-91ea-091af86a64fb
Request Chain 243
  • https://pixel-sync.sitescout.com/connectors/retargetly/usersync?redir=https%3A%2F%2Fapp.retargetly.com%2Fsync%3Fsid%3D%7BuserId%7D%26pid%3D23 HTTP 302
  • https://app.retargetly.com/sync?sid=07e245da-4f06-492e-b7a4-be6d629de3b9-64debad1-5553&pid=23
Request Chain 244
  • https://cms.analytics.yahoo.com/cms?partner_id=RTGLY HTTP 302
  • https://ups.analytics.yahoo.com/ups/58698/cms?partner_id=RTGLY HTTP 302
  • https://app.retargetly.com/sync?pid=22&sid=y-WcOhe2VE2oK49UY7J23mR6GdPZ06wbPG8JA-~A
Request Chain 245
  • https://secure.adnxs.com/getuid?https://app.retargetly.com/sync?sid=$UID&pid=2 HTTP 302
  • https://app.retargetly.com/sync?sid=4664318827337647392&pid=2
Request Chain 246
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3a%2f%2fapp.retargetly.com%2fsync%3fpid%3d14%26sid%3d%23PM_USER_ID HTTP 302
  • https://app.retargetly.com/sync?pid=14&sid=2A9490F3-08AC-45EE-95C7-6A357A3D2EFD
Request Chain 249
  • https://sync.smartadserver.com/getuid?gdpr=0&url=https%3A%2F%2Fapp.retargetly.com%2Fsync%3Fsid%3D%5Bsas_uid%5D%26pid%3D63 HTTP 302
  • https://sync.smartadserver.com/getuid?gdpr=0&url=https://app.retargetly.com/sync?sid=[sas_uid]&pid=63&cklb=1 HTTP 302
  • https://app.retargetly.com/sync?sid=8367935734482287302
Request Chain 250
  • https://sync.smartadserver.com/getuid?gdpr=0&url=https%3A%2F%2Fapp.retargetly.com%2Fsync%3Fpid%3D74%26sid%3D%5Bsas_uid%5D HTTP 302
  • https://sync.smartadserver.com/getuid?gdpr=0&url=https://app.retargetly.com/sync?pid=74&sid=[sas_uid]&cklb=1
Request Chain 251
  • https://retargetly-match.dotomi.com/match/bounce/current?networkId=95012&version=1&nuid=78336b01-a437-4a0a-bf26-d4ba6496aee6 HTTP 302
  • https://retargetly-match.dotomi.com/match/bounce/current?DotomiTest=39ca538047d513b5&is_secure=true&networkId=95012&version=1&nuid=78336b01-a437-4a0a-bf26-d4ba6496aee6 HTTP 302
  • https://app.retargetly.com/sync?pid=72&sid=AAAMgnEOI-_aeQMfHxq0AAAAAAA&expiration=1692404818&nuid=78336b01-a437-4a0a-bf26-d4ba6496aee6&is_secure=true
Request Chain 252
  • https://lexicon.33across.com/v1/envelope?pid=0010b00002MpnPqAAJ&gdpr=0&src=pbjs&ver=7.39.0 HTTP 307
  • https://lexicon.33across.com/v1/envelope?pid=0010b00002MpnPqAAJ&gdpr=0&src=pbjs&ver=7.39.0&b=1&g=6r4QEqcAd%2BpPXbfYRYUG6fMePU%2FE40E99828Fje%2BW64%3D
Request Chain 253
  • https://prebid.a-mo.net/cchain/0?gdpr=&us_privacy=&cb=https%3A%2F%2Fow.pubmatic.com%2Fsetuid%3Fbidder%3Damx%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Di%26uid%3D HTTP 302
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F0%2F29210%3Fgdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26us_privacy%3D%26A%3Ddeea23f1-5e51-43c2-b40a-cd2cb26ce7ab%26bidder%3Dappnexus%26cbx%3DaHR0cHM6Ly9vdy5wdWJtYXRpYy5jb20vc2V0dWlkP2JpZGRlcj1hbXgmZ2Rwcj0mZ2Rwcl9jb25zZW50PSZncHA9JmdwcF9zaWQ9JmY9aSZ1aWQ9%26uid%3D%24UID HTTP 302
  • https://prebid.a-mo.net/cchain/0/29210?gdpr=&gdpr_consent=&gpp=&gpp_sid=&us_privacy=&A=deea23f1-5e51-43c2-b40a-cd2cb26ce7ab&bidder=appnexus&cbx=aHR0cHM6Ly9vdy5wdWJtYXRpYy5jb20vc2V0dWlkP2JpZGRlcj1hbXgmZ2Rwcj0mZ2Rwcl9jb25zZW50PSZncHA9JmdwcF9zaWQ9JmY9aSZ1aWQ9&uid=4664318827337647392 HTTP 302
  • https://rtb.openx.net/sync/prebid?&gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F1%2F29210%3Fgdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26us_privacy%3D%26A%3Ddeea23f1-5e51-43c2-b40a-cd2cb26ce7ab%26bidder%3Dopenx%26cbx%3DaHR0cHM6Ly9vdy5wdWJtYXRpYy5jb20vc2V0dWlkP2JpZGRlcj1hbXgmZ2Rwcj0mZ2Rwcl9jb25zZW50PSZncHA9JmdwcF9zaWQ9JmY9aSZ1aWQ9%26uid%3D%24%7BUID%7D HTTP 302
  • https://prebid.a-mo.net/cchain/1/29210?gdpr=&gdpr_consent=&gpp=&gpp_sid=&us_privacy=&A=deea23f1-5e51-43c2-b40a-cd2cb26ce7ab&bidder=openx&cbx=aHR0cHM6Ly9vdy5wdWJtYXRpYy5jb20vc2V0dWlkP2JpZGRlcj1hbXgmZ2Rwcj0mZ2Rwcl9jb25zZW50PSZncHA9JmdwcF9zaWQ9JmY9aSZ1aWQ9&uid=e8de98f0-1c20-4aa3-9812-1d5e06f5b636 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?p=158355&gdpr=0&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D158355%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fprebid.a-mo.net%252Fcchain%252F2%252F29210%253Fgdpr%253D%2526gdpr_consent%253D%2526gpp%253D%2526gpp_sid%253D%2526us_privacy%253D%2526A%253Ddeea23f1-5e51-43c2-b40a-cd2cb26ce7ab%2526bidder%253Dpubmatic%2526cbx%253DaHR0cHM6Ly9vdy5wdWJtYXRpYy5jb20vc2V0dWlkP2JpZGRlcj1hbXgmZ2Rwcj0mZ2Rwcl9jb25zZW50PSZncHA9JmdwcF9zaWQ9JmY9aSZ1aWQ9%2526uid%253D%2523PMUID HTTP 302
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=4664318827337647392 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:e19bc275-ed28-476b-a3ee-6e4401a63d4c&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?gdpr=0&p=158355&pmc=1&pr=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F2%2F29210%3Fgdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26us_privacy%3D%26A%3Ddeea23f1-5e51-43c2-b40a-cd2cb26ce7ab%26bidder%3Dpubmatic%26cbx%3DaHR0cHM6Ly9vdy5wdWJtYXRpYy5jb20vc2V0dWlkP2JpZGRlcj1hbXgmZ2Rwcj0mZ2Rwcl9jb25zZW50PSZncHA9JmdwcF9zaWQ9JmY9aSZ1aWQ9%26uid%3D2A9490F3-08AC-45EE-95C7-6A357A3D2EFD&us_privacy=%24%7BUS_PRIVACY%7D HTTP 302
  • https://prebid.a-mo.net/cchain/2/29210?gdpr=&gdpr_consent=&gpp=&gpp_sid=&us_privacy=&A=deea23f1-5e51-43c2-b40a-cd2cb26ce7ab&bidder=pubmatic&cbx=aHR0cHM6Ly9vdy5wdWJtYXRpYy5jb20vc2V0dWlkP2JpZGRlcj1hbXgmZ2Rwcj0mZ2Rwcl9jb25zZW50PSZncHA9JmdwcF9zaWQ9JmY9aSZ1aWQ9&uid=2A9490F3-08AC-45EE-95C7-6A357A3D2EFD HTTP 302
  • https://ssum.casalemedia.com/usermatchredir?s=191503&gdpr=0&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F3%2F29210%3Fgdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26us_privacy%3D%26A%3Ddeea23f1-5e51-43c2-b40a-cd2cb26ce7ab%26bidder%3Dindex_rtb%26cbx%3DaHR0cHM6Ly9vdy5wdWJtYXRpYy5jb20vc2V0dWlkP2JpZGRlcj1hbXgmZ2Rwcj0mZ2Rwcl9jb25zZW50PSZncHA9JmdwcF9zaWQ9JmY9aSZ1aWQ9%26uid%3D HTTP 302
  • https://prebid.a-mo.net/cchain/3/29210?gdpr=&gdpr_consent=&gpp=&gpp_sid=&us_privacy=&A=deea23f1-5e51-43c2-b40a-cd2cb26ce7ab&bidder=index_rtb&cbx=aHR0cHM6Ly9vdy5wdWJtYXRpYy5jb20vc2V0dWlkP2JpZGRlcj1hbXgmZ2Rwcj0mZ2Rwcl9jb25zZW50PSZncHA9JmdwcF9zaWQ9JmY9aSZ1aWQ9&uid=ZN660gpfgXVAgUl4ibXoLAAA%261363 HTTP 302
  • https://ap.lijit.com/pixel?&gdpr=0&gdpr_consent=&us_privacy=&redir=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F6%2F29210%3Fgdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26us_privacy%3D%26A%3Ddeea23f1-5e51-43c2-b40a-cd2cb26ce7ab%26bidder%3Dsovrn%26cbx%3DaHR0cHM6Ly9vdy5wdWJtYXRpYy5jb20vc2V0dWlkP2JpZGRlcj1hbXgmZ2Rwcj0mZ2Rwcl9jb25zZW50PSZncHA9JmdwcF9zaWQ9JmY9aSZ1aWQ9%26uid%3D%24UID HTTP 307
  • https://prebid.a-mo.net/cchain/6/29210?gdpr=&gdpr_consent=&gpp=&gpp_sid=&us_privacy=&A=deea23f1-5e51-43c2-b40a-cd2cb26ce7ab&bidder=sovrn&cbx=aHR0cHM6Ly9vdy5wdWJtYXRpYy5jb20vc2V0dWlkP2JpZGRlcj1hbXgmZ2Rwcj0mZ2Rwcl9jb25zZW50PSZncHA9JmdwcF9zaWQ9JmY9aSZ1aWQ9&uid=HKy6dGZHUq-Qsjh8SEqEABZ8 HTTP 302
  • https://id.a-mx.com/u?&gdpr=0&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F7%2F29210%3Fgdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26us_privacy%3D%26A%3Ddeea23f1-5e51-43c2-b40a-cd2cb26ce7ab%26bidder%3Damx_com%26cbx%3DaHR0cHM6Ly9vdy5wdWJtYXRpYy5jb20vc2V0dWlkP2JpZGRlcj1hbXgmZ2Rwcj0mZ2Rwcl9jb25zZW50PSZncHA9JmdwcF9zaWQ9JmY9aSZ1aWQ9%26uid%3D HTTP 302
  • https://prebid.a-mo.net/cchain/7/29210?gdpr=&gdpr_consent=&gpp=&gpp_sid=&us_privacy=&A=deea23f1-5e51-43c2-b40a-cd2cb26ce7ab&bidder=amx_com&cbx=aHR0cHM6Ly9vdy5wdWJtYXRpYy5jb20vc2V0dWlkP2JpZGRlcj1hbXgmZ2Rwcj0mZ2Rwcl9jb25zZW50PSZncHA9JmdwcF9zaWQ9JmY9aSZ1aWQ9&uid=
Request Chain 280
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=4664318827337647392
Request Chain 281
  • https://ad.turn.com/r/cs?pid=21 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=2700558205676423679
Request Chain 283
  • https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_ HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=ISyfZg9D1QwNkm5
Request Chain 284
  • https://match.prod.bidr.io/cookie-sync/ie HTTP 303
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AABOFk7JvXYAACqoHL5WIg&expiration=1693528020
Request Chain 285
  • https://csync.loopme.me/?pubid=11466&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D24%26external_user_id%3D%7Bviewer_token%7D&us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid= HTTP 307
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=476719bc-fa55-432a-8561-61f6ff96f341&gpp_sid=null&gpp=null&us_privacy=null&gdpr_consent=null&gdpr=null
Request Chain 286
  • https://match.deepintent.com/usersync/113 HTTP 303
  • https://dsum.casalemedia.com/crum?cm_dsp_id=176&external_user_id=di_3589adc5c5654cff8c7f3
Request Chain 313
  • https://sync.go.sonobi.com/us.gif?loc=https%3A%2F%2Fs.pubmine.com%2Fmatch%3Fbidder_id%3D13%26external_user_id%3D%5BUID%5D%26ssp_data%3Dde349555-d0ff-4738-bf5a-71b2f3727eaa%26rid%3D%26us_privacy%3D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://s.pubmine.com/match?bidder_id=13&external_user_id=2504e206-099c-4dfa-a5b0-f8c2c91d13ac&ssp_data=de349555-d0ff-4738-bf5a-71b2f3727eaa&rid=&us_privacy=&gdpr=0&gdpr_consent=
Request Chain 316
  • https://ups.analytics.yahoo.com/ups/58666/occ?uid=de349555-d0ff-4738-bf5a-71b2f3727eaa&gdpr=0&gdpr_consent= HTTP 302
  • https://s.pubmine.com/match?bidder_id=27&ssp_data=de349555-d0ff-4738-bf5a-71b2f3727eaa&external_user_id=y-.ErJdDtE2uH7svRzPOcQHA5F0cXGAfukULHRiSs-~A&gdpr=0
Request Chain 317
  • https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=0&gdpr_consent=&US_privacy=&redirectUri=https%3A%2F%2Fs.pubmine.com%2Fmatch%3Fbidder_id%3D23%26ssp_data%3Dde349555-d0ff-4738-bf5a-71b2f3727eaa%26rid%3D%26us_privacy%3D%26gdpr%3D0%26gdpr_consent%3D%26external_user_id%3D[ssb_sync_pid] HTTP 302
  • https://s.pubmine.com/match?bidder_id=23&ssp_data=de349555-d0ff-4738-bf5a-71b2f3727eaa&rid=&us_privacy=&gdpr=0&gdpr_consent=&external_user_id=8367935734482287302
Request Chain 319
  • https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0010b00002CphGRAAZ&gdpr_consent=&ru=https%3A%2F%2Fs.pubmine.com%2Fmatch%3Fbidder_id%3D6%26external_user_id%3D33XUSERID33X%26ssp_data%3Dde349555-d0ff-4738-bf5a-71b2f3727eaa%26rid%3D%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D HTTP 302
  • https://de.tynt.com/deb/?m=xch&rt=html&id=0010b00002CphGRAAZ&gdpr_consent=&ru=https%3A%2F%2Fs.pubmine.com%2Fmatch%3Fbidder_id%3D6%26external_user_id%3D33XUSERID33X%26ssp_data%3Dde349555-d0ff-4738-bf5a-71b2f3727eaa%26rid%3D%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D
Request Chain 322
  • https://ic.tynt.com/r/d?m=xch&rt=html&gdpr=0&gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fs.pubmine.com%2Fmatch%3Fbidder_id%3D24%26ssp_data%3Dde349555-d0ff-4738-bf5a-71b2f3727eaa%26rid%3D%26us_privacy%3D%26gdpr%3D0%26gdpr_consent%3D%26external_user_id%3D33XUSERID33X&id=zzz000000000002zzz HTTP 307
  • https://de.tynt.com/deb/?m=xch&rt=html&gdpr=0&gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fs.pubmine.com%2Fmatch%3Fbidder_id%3D24%26ssp_data%3Dde349555-d0ff-4738-bf5a-71b2f3727eaa%26rid%3D%26us_privacy%3D%26gdpr%3D0%26gdpr_consent%3D%26external_user_id%3D33XUSERID33X&id=zzz000000000002zzz
Request Chain 323
  • https://visitor.omnitagjs.com/visitor/bsync?uid=19340f4f097d16f41f34fc0274981ca4&name=PrebidServer&gdpr=0&gdpr_consent=&us_privacy=&url=https%3A%2F%2Fs.pubmine.com%2Fmatch%3Fbidder_id%3D22%26ssp_data%3Dde349555-d0ff-4738-bf5a-71b2f3727eaa%26rid%3D%26us_privacy%3D%26gdpr%3D0%26gdpr_consent%3D%26external_user_id%3D[BUYER_USERID] HTTP 307
  • https://s.pubmine.com/match?bidder_id=22&ssp_data=de349555-d0ff-4738-bf5a-71b2f3727eaa&rid=&us_privacy=&gdpr=0&gdpr_consent=&external_user_id=c8d4ebd0d55f2f573486a807347b7e78
Request Chain 324
  • https://sync.inmobi.com/prebid?gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fs.pubmine.com%2Fmatch%3Fbidder_id%3D20%26ssp_data%3Dde349555-d0ff-4738-bf5a-71b2f3727eaa%26rid%3D%26us_privacy%3D%26gdpr%3D0%26gdpr_consent%3D%26external_user_id%3D%7BID5UID%7D HTTP 302
  • https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=0&us_privacy=&callback=https%3A%2F%2Fs.pubmine.com%2Fmatch%3Fbidder_id%3D20%26ssp_data%3Dde349555-d0ff-4738-bf5a-71b2f3727eaa%26rid%3D%26us_privacy%3D%26gdpr%3D0%26gdpr_consent%3D%26external_user_id%3D%7BID5UID%7D HTTP 302
  • https://id5-sync.com/c/495/0/0/1.gif?gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://s.pubmine.com/match?bidder_id=20&ssp_data=de349555-d0ff-4738-bf5a-71b2f3727eaa&rid=&us_privacy=&gdpr=0&gdpr_consent=&external_user_id=ID5-e9d6zwcfQs6vtYtluw4wwRilNJYB_IBe8aTRkhw_Qg
Request Chain 325
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fs.pubmine.com%2Fmatch%3Fbidder_id%3D18%26external_user_id%3D%24%7BBSW_UUID%7D%26ssp_data%3Dde349555-d0ff-4738-bf5a-71b2f3727eaa%26rid%3D%26us_privacy%3D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://s.pubmine.com/match?bidder_id=18&external_user_id=99a3228b-b5ec-4ed0-ab3b-c41988f8f0a6&ssp_data=de349555-d0ff-4738-bf5a-71b2f3727eaa&rid=&us_privacy=&gdpr=0&gdpr_consent=
Request Chain 326
  • https://s.ad.smaato.net/c/?adExInit=p&redir=https%3A%2F%2Fs.pubmine.com%2Fmatch%3Fbidder_id%3D29%26ssp_data%3Dde349555-d0ff-4738-bf5a-71b2f3727eaa%26rid%3D%26us_privacy%3D%26gdpr%3D0%26gdpr_consent%3D%26external_user_id%3D%24UID HTTP 302
  • https://s.ad.smaato.net/c/?adExInit=p&cookieCheck=1 HTTP 302
  • https://cs.videowalldirect.com/71af726af64461d6f0502bffcff4bc00.gif?puid=[UID]&redir=https%3A%2F%2Fs.ad.smaato.net%2Fc%2F%3FdspId%3D1002067%26dspCookie%3D%24%7BPARTNER_UID%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://s.ad.smaato.net/c/?dspId=1002067&dspCookie=${PARTNER_UID}&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.outbrain.com/cookie-sync?p=smaato&uid=bc5bc3dc17&gdpr=0&gdpr_consent=
Request Chain 327
  • https://ups.analytics.yahoo.com/ups/58366/occ?uid=de349555-d0ff-4738-bf5a-71b2f3727eaa HTTP 302
  • https://s.pubmine.com/match?bidder_id=15&external_user_id=y-SYC.iEhE2uH.zN9Z1Vtb70Am3KGf9n9wU7kJkBg-~A&ssp_data=de349555-d0ff-4738-bf5a-71b2f3727eaa
Request Chain 335
  • https://x.bidswitch.net/sync?ssp=themediagrid&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://p.rfihub.com/cm?in=1&pub=20513&ssp=themediagrid&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=119&user_id=970033166257797130&expires=30&ssp=themediagrid
Request Chain 337
  • https://pixel.rubiconproject.com/exchange/sync.php?p=18894&ssp_data=de349555-d0ff-4738-bf5a-71b2f3727eaa&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://s.pubmine.com/match?bidder_id=14&external_user_id=LLFUOWMM-1P-IU2L&ssp_data=de349555-d0ff-4738-bf5a-71b2f3727eaa&gdpr=0
Request Chain 338
  • https://eb2.3lift.com/getuid?gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fs.pubmine.com%2Fmatch%3Fbidder_id%3D12%26external_user_id%3D%24UID%26ssp_data%3Dde349555-d0ff-4738-bf5a-71b2f3727eaa%26rid%3D%26us_privacy%3D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://s.pubmine.com/match?bidder_id=12&external_user_id=4080762774149756005240&ssp_data=de349555-d0ff-4738-bf5a-71b2f3727eaa&rid=&us_privacy=&gdpr=0&gdpr_consent=
Request Chain 339
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fs.pubmine.com%2Fmatch%3Fbidder_id%3D10%26external_user_id%3D%24UID%26ssp_data%3Dde349555-d0ff-4738-bf5a-71b2f3727eaa%26rid%3D%26us_privacy%3D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://s.pubmine.com/match?bidder_id=10&external_user_id=4664318827337647392&ssp_data=de349555-d0ff-4738-bf5a-71b2f3727eaa&rid=&us_privacy=&gdpr=0&gdpr_consent=
Request Chain 340
  • https://x.bidswitch.net/sync?ssp=wordpress&ssp_data=de349555-d0ff-4738-bf5a-71b2f3727eaa&user_id=de349555-d0ff-4738-bf5a-71b2f3727eaa&gdpr=0&gdpr_consent= HTTP 302
  • https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=wordpress&bsw_custom_parameter=99a3228b-b5ec-4ed0-ab3b-c41988f8f0a6 HTTP 302
  • https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=wordpress&bsw_custom_parameter=99a3228b-b5ec-4ed0-ab3b-c41988f8f0a6 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=78c6077d-9ae0-4df2-96e9-29f094f3081c&user_group=1&ssp=wordpress&bsw_param=99a3228b-b5ec-4ed0-ab3b-c41988f8f0a6 HTTP 302
  • https://s.pubmine.com/match?bidder_id=1&external_user_id=99a3228b-b5ec-4ed0-ab3b-c41988f8f0a6&ssp_data=de349555-d0ff-4738-bf5a-71b2f3727eaa&gdpr=&gdpr_consent=
Request Chain 341
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fs.pubmine.com%2Fmatch%3Fbidder_id%3D1%26external_user_id%3D%24%7BBSW_UUID%7D%26ssp_data%3Dde349555-d0ff-4738-bf5a-71b2f3727eaa%26rid%3D%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D HTTP 302
  • https://s.pubmine.com/match?bidder_id=1&external_user_id=99a3228b-b5ec-4ed0-ab3b-c41988f8f0a6&ssp_data=de349555-d0ff-4738-bf5a-71b2f3727eaa&rid=&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 342
  • https://ssc-cms.33across.com/ps/?ri=0010b00002CphGRAAZ&ru=https%3A%2F%2Fs.pubmine.com%2Fmatch%3Fbidder_id%3D6%26external_user_id%3D33XUSERID33X%26ssp_data%3Dde349555-d0ff-4738-bf5a-71b2f3727eaa%26rid%3D%26us_privacy%3D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://s.pubmine.com/match?bidder_id=6&external_user_id=212240589554563&ssp_data=de349555-d0ff-4738-bf5a-71b2f3727eaa&rid=&us_privacy=&gdpr=0&gdpr_consent=
Request Chain 346
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=4664318827337647392
Request Chain 348
  • https://match.prod.bidr.io/cookie-sync/ie HTTP 303
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AABOFk7JvXYAACqoHL5WIg&expiration=1693528020
Request Chain 349
  • https://ad.turn.com/r/cs?pid=21 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=2700558205676423679
Request Chain 350
  • https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID HTTP 302
  • https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=4664318827337647392
Request Chain 351
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=ZN660gpfgXVAgUl4ibXoLAAABVMAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/casale/ZN660gpfgXVAgUl4ibXoLAAABVMAAAIB
Request Chain 352
  • https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_ HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=ISyfZg9D1QwNkm5
Request Chain 356
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID HTTP 302
  • https://usersync.gumgum.com/usersync?b=apn&i=4664318827337647392
Request Chain 357
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=u_889558d4-7cf8-4390-b256-922540a4a1b8&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=gumgum2&bsw_custom_parameter=99a3228b-b5ec-4ed0-ab3b-c41988f8f0a6 HTTP 302
  • https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=gumgum2&bsw_custom_parameter=99a3228b-b5ec-4ed0-ab3b-c41988f8f0a6 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=78c6077d-9ae0-4df2-96e9-29f094f3081c&user_group=1&ssp=gumgum2&bsw_param=99a3228b-b5ec-4ed0-ab3b-c41988f8f0a6 HTTP 302
  • https://usersync.gumgum.com/usersync?b=bsw&i=99a3228b-b5ec-4ed0-ab3b-c41988f8f0a6&gdpr=&gdpr_consent=&us_privacy=
Request Chain 358
  • https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=0&gdprConsent=&platformRdUrl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRdUrl%7D HTTP 302
  • https://usersync.gumgum.com/usersync?b=obn&i=ENC%28_jUAIpdXDsgbmIPKapa1lgNlarj9q4fI4VXDvTpbdL3UwiS4ScOZuZEC-WgxpMJW%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%26platformUid%3D%7Bplatform_uid%7D%26obuid%3DENC%28_jUAIpdXDsgbmIPKapa1lgNlarj9q4fI4VXDvTpbdL3UwiS4ScOZuZEC-WgxpMJW%29%26gdpr%3D0 HTTP 302
  • https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=u_889558d4-7cf8-4390-b256-922540a4a1b8&obuid=ENC(_jUAIpdXDsgbmIPKapa1lgNlarj9q4fI4VXDvTpbdL3UwiS4ScOZuZEC-WgxpMJW)&gdpr=0 HTTP 302
  • https://sync.outbrain.com/syncPlatform?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=0 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=icco6m5&ttd_tpi=1&gdpr=0&gdpr_consent=$CONSNT_STRING&us_privacy=$CCPA&initiator=platform HTTP 302
  • https://sync.outbrain.com/cookie-sync?p=ttd&uid=0487fdef-dbcb-4472-91ea-091af86a64fb&gdpr=0&gdpr_consent=
Request Chain 359
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=sta&i=0-f52a27e5-963b-512b-43e0-7607f1eb2d62$ip$96.9.249.38
Request Chain 360
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=oth&i=y-5s28TJFE2pejZ0QiFo_n9ySbXoqrOFQTcBGC~A
Request Chain 361
  • https://match.deepintent.com/usersync/142?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Ddit%26i%3D%24%7BDI_USER_ID%7D HTTP 303
  • https://usersync.gumgum.com/usersync?b=dit&i=di_3589adc5c5654cff8c7f3
Request Chain 362
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=u_889558d4-7cf8-4390-b256-922540a4a1b8&gdpr=0&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__ HTTP 302
  • https://stags.bluekai.com/site/23178?id=XCrfLrjrE8jfTLEMuA7H&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTHMRYHEPJQEZUT2WCDOJTEY4TKOJCTQ2TGKRGEKTLVIE3UQ&gdpr=0 HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTHMRYHEPJQEZUT2WCDOJTEY4TKOJCTQ2TGKRGEKTLVIE3UQ HTTP 302
  • https://usersync.gumgum.com/usersync?b=zem&gdpr=0&i=XCrfLrjrE8jfTLEMuA7H
Request Chain 363
  • https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D HTTP 302
  • https://usersync.gumgum.com/usersync?b=idi&i=6e611e0d-248a-42aa-aae5-d95b1b85c6a2
Request Chain 364
  • https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=sad&i=8367935734482287302
Request Chain 366
  • https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=atm&i=ZN660gAJaLisYgAb&gdpr=0&gdpr_consent=
Request Chain 367
  • https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537148856&val=ZN660gAJaLisYgAb
Request Chain 370
  • https://match.adsrvr.org/track/cmf/openx?oxid=d100173f-a5bf-794a-f39e-dd4b87ae74bb&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=0487fdef-dbcb-4472-91ea-091af86a64fb&ttd_puid=d100173f-a5bf-794a-f39e-dd4b87ae74bb&gdpr=0&gdpr_consent=
Request Chain 372
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEA1zd0avOu2H06z_OZ9HbZE&google_cver=1
Request Chain 375
  • https://x.bidswitch.net/sync?ssp=sonobi&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=sonobi&bsw_param=99a3228b-b5ec-4ed0-ab3b-c41988f8f0a6&google_hm=OTlhMzIyOGItYjVlYy00ZWQwLWFiM2ItYzQxOTg4ZjhmMGE2 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEGKx86Mz-cdG__macsbQCRU&google_cver=1&ssp=sonobi&bsw_param=99a3228b-b5ec-4ed0-ab3b-c41988f8f0a6 HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=bidswitch&nuid=99a3228b-b5ec-4ed0-ab3b-c41988f8f0a6
Request Chain 376
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sonobi&ttd_tpi=1&ttd_puid=&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=td&nuid=0487fdef-dbcb-4472-91ea-091af86a64fb&pubid=
Request Chain 377
  • https://p.rfihub.com/cm?pub=35683&in=1 HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=zt&nuid=970033166257797130
Request Chain 378
  • https://creativecdn.com/cm-notify?pi=sonobi HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=rh&nuid=IQenns9db6STUgZpbm9c&pi=sonobi
Request Chain 379
  • https://bh.contextweb.com/bh/rtset?do=add&pid=560606&ev=2504e206-099c-4dfa-a5b0-f8c2c91d13ac&daaqp=1&rurl=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dpp%26nuid%3D%25%25VGUID%25%25 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=contextweb&google_cm&google_sc&google_hm=OG1YMGc1UFBqdmpwdzV1ekkycU5oUQ&gdpr=&gdpr_consent= HTTP 302
  • https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=&gdpr_consent=&ev=CAESEGHUiaeyxm7VYo2ufmcsJsg&google_cver=1 HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=pp&nuid=LRorNYzj3RZ1
Request Chain 380
  • https://us-u.openx.net/w/1.0/cm?id=1be30a61-c15d-465d-b6e5-82da40df8212&r=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dopenx%26nuid%3D HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=openx&nuid=7a2dab3d-746b-4e45-88a6-d46da59835fe
Request Chain 381
  • https://x.videobyte.com/setuid?bidder=sonobi&uid=2504e206-099c-4dfa-a5b0-f8c2c91d13ac&cb=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dvb%26nuid%3D%24UID HTTP 301
  • https://sync.go.sonobi.com/us.gif?nw=vb&nuid=2faf151c-23cb-4a64-be7d-68bd2f610eb3
Request Chain 382
  • https://e.serverbid.com/udb/9969/match?redir=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dco%26nuid%3D HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=co&nuid=10d14413798e4309914413798ef309f8
Request Chain 383
  • https://uipglob.semasio.net/sonobi/1/info?sType=sync&sExtCookieId=2504e206-099c-4dfa-a5b0-f8c2c91d13ac&sInitiator=external HTTP 302
  • https://uipglob.semasio.net/sonobi/1/info2?sType=sync&sExtCookieId=2504e206-099c-4dfa-a5b0-f8c2c91d13ac&sInitiator=external
Request Chain 384
  • https://ups.analytics.yahoo.com/ups/58645/occ HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=yh&nuid=y-.ErJdDtE2uH7svRzPOcQHA5F0cXGAfukULHRiSs-~A
Request Chain 387
  • https://eb2.3lift.com/getuid?redir=%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dtl%26nuid%3D%24UID HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=tl&nuid=4080762774149756005240
Request Chain 388
  • https://idsync.rlcdn.com/711892.gif?partner_uid=2504e206-099c-4dfa-a5b0-f8c2c91d13ac HTTP 307
  • https://idsync.rlcdn.com/1000.gif?memo=CNS5KxIwCiwIARDAlQEaJDI1MDRlMjA2LTA5OWMtNGRmYS1hNWIwLWY4YzJjOTFkMTNhYxAAGg0I1PX6pgYSBQjoBxAAQgBKAA HTTP 307
  • https://pippio.com/api/sync?pid=5324&it=1&iv=ed8ccf0abe633aed0e68b264eaca619de8991d1b35c10f2bc4a573598917a0c1791426b5417dce21&_=2 HTTP 307
  • https://px.ads.linkedin.com/db_sync?pid=10339&puuid=ed8ccf0abe633aed0e68b264eaca619de8991d1b35c10f2bc4a573598917a0c1791426b5417dce21&rand=01675728
Request Chain 389
  • https://nep.advangelists.com/xp/user-sync?acctid=255&redirect=https://sync.go.sonobi.com/us.gif?nw=av&nuid=$UID HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=av
Request Chain 391
  • https://dpm.demdex.net/ibs:dpid=87880&dpuuid=2504e206-099c-4dfa-a5b0-f8c2c91d13ac HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=87880&dpuuid=2504e206-099c-4dfa-a5b0-f8c2c91d13ac
Request Chain 392
  • https://ib.adnxs.com/getuid?https://sync.go.sonobi.com/us.gif?nw=appnex&nuid=$UID HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=appnex&nuid=4664318827337647392
Request Chain 394
  • https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_cm&google_hm=MjUwNGUyMDYtMDk5Yy00ZGZhLWE1YjAtZjhjMmM5MWQxM2Fj HTTP 302
  • https://sync.go.sonobi.com/usg.gif?google_gid=CAESEB697W8mmHgjQzWfoLRY2Q8&google_cver=1
Request Chain 395
  • https://rtb.mfadsrvr.com/sync?ssp=sonobi&ssp_user_id=${userid} HTTP 302
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=sonobi&ssp_user_id=${userid} HTTP 302
  • https://sync.go.sonobi.com/us.gif?nw=f0b1844a9b&nuid=33c5860f-fea7-4a3e-9467-6dfe3d4f70be
Request Chain 396
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=ttd&i=0487fdef-dbcb-4472-91ea-091af86a64fb
Request Chain 397
  • https://creativecdn.com/cm-notify?pi=gumgum HTTP 302
  • https://usersync.gumgum.com/usersync?b=rth&i=IQenns9db6STUgZpbm9c&pi=gumgum
Request Chain 398
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=gumgum
Request Chain 407
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=33across&endpoint=us-east&us_privacy= HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
Request Chain 408
  • https://ssc-cms.33across.com/ps/?us_privacy=&ts=1692318420641.7&ri=25&ru=https%3A%2F%2Fads.pubmatic.com%2FAdServer%2Fjs%2Fuser_sync.html%3F%26p%3D156423%26us_privacy%3D%24%7BUS_PRIVACY%7D%26predirect%3Dhttps%253A%252F%252Fevents-ssc.33across.com%252Fmatch%253Fliv%253Dh%2526us_privacy%253D%24%7BUS_PRIVACY%7D%2526bidder_id%253D25%2526external_user_id%253D HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?&p=156423&us_privacy=&predirect=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D25%26external_user_id%3D
Request Chain 409
  • https://ssc-cms.33across.com/ps/?_=1692318420641.&ri=zzz000000000002zzz&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fs.pubmine.com%2Fmatch%3Fbidder_id%3D24%26ssp_data%3Dde349555-d0ff-4738-bf5a-71b2f3727eaa%26rid%3D%26us_privacy%3D%26gdpr%3D0%26gdpr_consent%3D%26external_user_id%3D33XUSERID33X HTTP 302
  • https://s.pubmine.com/match?bidder_id=24&ssp_data=de349555-d0ff-4738-bf5a-71b2f3727eaa&rid=&us_privacy=&gdpr=0&gdpr_consent=&external_user_id=212240589342896
Request Chain 410
  • https://x.bidswitch.net/sync?ssp=the33across&us_privacy= HTTP 302
  • https://t.pswec.com/bsw_sync?ssp=the33across&bsw_user_id=99a3228b-b5ec-4ed0-ab3b-c41988f8f0a6 HTTP 302
  • https://t.pswec.com/ul_cb/bsw_sync?ssp=the33across&bsw_user_id=99a3228b-b5ec-4ed0-ab3b-c41988f8f0a6 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=2&user_id=2b1fce9e-d794-48b0-be1f-8d5c813563cc&expires=3&user_group=1&ssp=the33across HTTP 302
  • https://ssc-cms.33across.com/ps/?xi=10&us_privacy=&xu=99a3228b-b5ec-4ed0-ab3b-c41988f8f0a6 HTTP 302
  • https://events-ssc.33across.com/match?bidder_id=10&external_user_id=99a3228b-b5ec-4ed0-ab3b-c41988f8f0a6&ts=1692318421&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 411
  • https://ups.analytics.yahoo.com/ups/58350/sync?redir=true HTTP 302
  • https://ssc-cms.33across.com/ps/?xi=99&us_privacy=&xu=y-gsffrihE2uHMFjRQNaWKddyrFuDs3_lU~A HTTP 302
  • https://events-ssc.33across.com/match?bidder_id=99&external_user_id=y-gsffrihE2uHMFjRQNaWKddyrFuDs3_lU%7EA&ts=1692318421&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 412
  • https://33across-match.dotomi.com/match/bounce/current?networkId=78390&version=1&us_privacy= HTTP 302
  • https://33across-match.dotomi.com/match/bounce/current?DotomiTest=1bab0579a352336&is_secure=true&networkId=78390&version=1&us_privacy= HTTP 302
  • https://ssc-cms.33across.com/ps?xi=64&xu=AAAFnL4wPr7wwgMVItMSAAAAAAA&expiration=1692404821&is_secure=true&us_privacy= HTTP 302
  • https://events-ssc.33across.com/match?bidder_id=64&external_user_id=AAAFnL4wPr7wwgMVItMSAAAAAAA&ts=1692318421&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 413
  • https://eb2.3lift.com/getuid?gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fssc-cms.33across.com%2Fps%2F%3Fus_privacy%3D%26xi%3D33%26xu%3D%24UID HTTP 302
  • https://ssc-cms.33across.com/ps/?us_privacy=&xi=33&xu=4080762774149756005240 HTTP 302
  • https://events-ssc.33across.com/match?bidder_id=33&external_user_id=4080762774149756005240&ts=1692318421&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 414
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=medianet HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=medianet
Request Chain 415
  • https://p.rfihub.com/cm?pub=19967&in=1&forward=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D13%26vsid%3D3353200176634272000V10%26type%3Drkt%26refUrl%3D%26vid%3D23184209383353200176634272000V10%26ovsid%3D%7Buserid%7D HTTP 302
  • https://contextual.media.net/cksync.html?cs=13&vsid=3353200176634272000V10&type=rkt&refUrl=&vid=23184209383353200176634272000V10&ovsid=970033166257797130
Request Chain 416
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D13%26vsid%3D3353200176634272000V10%26type%3Dapx%26refUrl%3D%26vid%3D23184209383353200176634272000V10%26ovsid%3D%24UID HTTP 302
  • https://contextual.media.net/cksync.php?cs=13&vsid=3353200176634272000V10&type=apx&refUrl=&vid=23184209383353200176634272000V10&ovsid=4664318827337647392
Request Chain 417
  • https://sync.go.sonobi.com/us?https://contextual.media.net/cksync.php?cs=13&vsid=3353200176634272000V10&type=son&refUrl=&vid=23184209383353200176634272000V10&ovsid=[UID] HTTP 302
  • https://contextual.media.net/cksync.php?cs=13&vsid=3353200176634272000V10&type=son&refUrl=&vid=23184209383353200176634272000V10&ovsid=2504e206-099c-4dfa-a5b0-f8c2c91d13ac
Request Chain 418
  • https://medianet-match.dotomi.com/match/bounce/current?version=1&networkId=57734&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D13%26vsid%3D3353200176634272000V10%26type%3Dcon%26refUrl%3D%26vid%3D23184209383353200176634272000V10%26ovsid%3D%24UID HTTP 302
  • https://medianet-match.dotomi.com/match/bounce/current?DotomiTest=17f561997e682336&is_secure=true&version=1&networkId=57734&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D13%26vsid%3D3353200176634272000V10%26type%3Dcon%26refUrl%3D%26vid%3D23184209383353200176634272000V10%26ovsid%3D%24UID HTTP 302
  • https://contextual.media.net/cksync.php?cs=13&vsid=3353200176634272000V10&type=con&refUrl=&vid=23184209383353200176634272000V10&ovsid=AAAIuZ3ZnldwrANUpSWvAAAAAAA&expiration=1692404821&is_secure=true
Request Chain 419
  • https://us-u.openx.net/w/1.0/cm?id=78e2dffc-bb89-4bb2-ae92-f592d006518b&ph=6a16560a-f6c6-4851-b7b5-0b2c0190166a&r=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D13%26vsid%3D3353200176634272000V10%26type%3Dopx%26refUrl%3D%26vid%3D23184209383353200176634272000V10%26ovsid%3D HTTP 302
  • https://contextual.media.net/cksync.html?cs=13&vsid=3353200176634272000V10&type=opx&refUrl=&vid=23184209383353200176634272000V10&ovsid=192c7ea0-0ebf-43aa-90d1-a3253541e667
Request Chain 420
  • https://sync.1rx.io/usersync2/rmp1r1?sub=medianet&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D13%26vsid%3D3353200176634272000V10%26type%3Dr1%26refUrl%3D%26vid%3D23184209383353200176634272000V10%26ovsid%3D%5BRX_UUID%5D HTTP 302
  • https://sync.1rx.io/usersync2/rmp1r1?sub=medianet&zcc=1&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D13%26vsid%3D3353200176634272000V10%26type%3Dr1%26refUrl%3D%26vid%3D23184209383353200176634272000V10%26ovsid%3D%5BRX_UUID%5D&cb=1692318421054 HTTP 302
  • https://ad.turn.com/r/cs?pid=45&rndcb=8488167878 HTTP 302
  • https://sync.1rx.io/usersync/turn/2700558205676423679?dspret=1&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-0ec53a30-df5a-48f0-bcf0-e0134c0f42b3-005?redir=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D76%26uid%3DRX-0ec53a30-df5a-48f0-bcf0-e0134c0f42b3-005 HTTP 302
  • https://sync.technoratimedia.com/services?srv=cs&pid=76&uid=RX-0ec53a30-df5a-48f0-bcf0-e0134c0f42b3-005
Request Chain 421
  • https://cm.g.doubleclick.net/pixel?cs=13&google_nid=media&google_cm=1&google_hm=MzM1MzIwMDE3NjYzNDI3MjAwMFYxMA%3D%3D&google_sc=1 HTTP 302
  • https://cs.media.net/cksync?type=g&cs=13&google_gid=CAESENhtjoQ6IHLliwQGTt2N6NM&google_cver=1
Request Chain 422
  • https://pm.w55c.net/ping_match.gif?ei=MEDIANET&rurl=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D13%26vsid%3D3353200176634272000V10%26type%3Ddxu%26refUrl%3D%26vid%3D23184209383353200176634272000V10%26ovsid%3D_wfivefivec_ HTTP 302
  • https://contextual.media.net/cksync.php?cs=13&vsid=3353200176634272000V10&type=dxu&refUrl=&vid=23184209383353200176634272000V10&ovsid=ISyfZg9D1QwNkm5
Request Chain 423
  • https://dis.criteo.com/dis/usersync.aspx?r=115&p=226&cp=medianet&cu=1&url=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D1%26type%3Dcrt%26ovsid%3D%40%40CRITEO_USERID%40%40 HTTP 302
  • https://contextual.media.net/cksync.php?cs=1&type=crt&ovsid=dc3254b7-4f75-4b8f-addd-7bd55c3f0cfa
Request Chain 424
  • https://visitor.omnitagjs.com/visitor/bsync?uid=4ed0cff4eef188d3fb2e7e9025d7855b&name=MEDIANET&url=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D13%26vsid%3D3353200176634272000V10%26type%3Dayl%26refUrl%3D%26vid%3D23184209383353200176634272000V10%26ovsid%3D%3Creplace_userID%3E HTTP 307
  • https://contextual.media.net/cksync.php?cs=13&vsid=3353200176634272000V10&type=ayl&refUrl=&vid=23184209383353200176634272000V10&ovsid=c8d4ebd0d55f2f573486a807347b7e78
Request Chain 425
  • https://x.bidswitch.net/sync?ssp=medianet&gdpr=0&gdpr_consent=&gdpr_pd=1 HTTP 302
  • https://sync-dmp.mobtrakk.com/match/bidswitch?id=${user_id}&gdpr=0&consent=&usp=&ssp=medianet&bsw=99a3228b-b5ec-4ed0-ab3b-c41988f8f0a6
Request Chain 426
  • https://b1sync.zemanta.com/usersync/medianet/?puid=${VSID}&cb=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D1%26type%3Dzem%26ovsid%3D__ZUID__https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D13%26vsid%3D3353200176634272000V10%26type%3Dzem%26refUrl%3D%26vid%3D23184209383353200176634272000V10%26ovsid%3D__ZUID__ HTTP 302
  • https://stags.bluekai.com/site/23178?id=XCrfLrjrE8jfTLEMuA7H&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6Y3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIL3DNNZXS3TDFZYGQ4B7MNZT2MJGMV4GG2DBNZTWKPLNMVSGSYLOMV2CM33WONUWIPKYINZGMTDSNJZEKODKMZKEYRKNOVATOSDIOR2HA4ZFGNASKMSGEUZEMY3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIJJSIZRWW43ZNZRS44DIOASTGRTDOMSTGRBRGMTG65TTNFSD2X27LJKUSRC7L4THEZLGKVZGYPJGOR4XAZJ5PJSW2JTUPFYGKPL2MVWSM5TJMQ6TEMZRHA2DEMBZGM4DGMZVGMZDAMBRG43DMMZUGI3TEMBQGBLDCMBGOZZWSZB5GMZTKMZSGAYDCNZWGYZTIMRXGIYDAMCWGEYA HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6Y3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIL3DNNZXS3TDFZYGQ4B7MNZT2MJGMV4GG2DBNZTWKPLNMVSGSYLOMV2CM33WONUWIPKYINZGMTDSNJZEKODKMZKEYRKNOVATOSDIOR2HA4ZFGNASKMSGEUZEMY3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIJJSIZRWW43ZNZRS44DIOASTGRTDOMSTGRBRGMTG65TTNFSD2X27LJKUSRC7L4THEZLGKVZGYPJGOR4XAZJ5PJSW2JTUPFYGKPL2MVWSM5TJMQ6TEMZRHA2DEMBZGM4DGMZVGMZDAMBRG43DMMZUGI3TEMBQGBLDCMBGOZZWSZB5GMZTKMZSGAYDCNZWGYZTIMRXGIYDAMCWGEYA HTTP 302
  • https://contextual.media.net/cksync.php?cs=1&ovsid=XCrfLrjrE8jfTLEMuA7Hhttps%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D13&ovsid=__ZUID__&refUrl=&type=zem&type=zem&vid=23184209383353200176634272000V10&vsid=3353200176634272000V10
Request Chain 427
  • https://rtb.mfadsrvr.com/sync?ssp=medianet&ssp_user_id=3353200176634272000V10 HTTP 302
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=medianet&ssp_user_id=3353200176634272000V10 HTTP 302
  • https://contextual.media.net/cksync.php?type=mf&ovsid=33c5860f-fea7-4a3e-9467-6dfe3d4f70be&cs=1
Request Chain 429
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8m33zk4&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cs.media.net/cksync?cs=1&type=ttd&ovsid=0487fdef-dbcb-4472-91ea-091af86a64fb
Request Chain 430
  • https://contextual.media.net/cksync.php?cs=1&type=dat&ovsid=setstatuscode&redirect=https%3A%2F%2Ffei.pro-market.net%2Fengine%3Fsite%3D159195%3Bsize%3D1x1%3Bmimetype%3Dimg%3Bdu%3D15%3Bcsync%3D%24%7Bmnetid%7D HTTP 302
  • https://fei.pro-market.net/engine?site=159195;size=1x1;mimetype=img;du=15;csync=3353200176634272000V10 HTTP 302
  • https://fei.pro-market.net/engine?site=159195;size=1x1;mimetype=img;du=15;csync=3353200176634272000V10;sr HTTP 302
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=3&pcid=-1158638460402905962 HTTP 302
  • https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=3&pcid=-1158638460402905962&ckls=true&ci=mIbhpPYCAR&nc=false&trid=-354128509
Request Chain 431
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=33across&endpoint=us-east&us_privacy= HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
Request Chain 432
  • https://x.bidswitch.net/sync?ssp=the33across&us_privacy= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=bidswitch&ttd_tpi=1&ttd_puid=the33across&gdpr=&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=93&user_id=0487fdef-dbcb-4472-91ea-091af86a64fb&expires=30&ssp=the33across&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT_21} HTTP 302
  • https://ssc-cms.33across.com/ps/?xi=10&us_privacy=&xu=99a3228b-b5ec-4ed0-ab3b-c41988f8f0a6 HTTP 302
  • https://events-ssc.33across.com/match?bidder_id=10&external_user_id=99a3228b-b5ec-4ed0-ab3b-c41988f8f0a6&ts=1692318421&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 433
  • https://ups.analytics.yahoo.com/ups/58350/sync?redir=true HTTP 302
  • https://ssc-cms.33across.com/ps/?xi=99&us_privacy=&xu=y-gsffrihE2uHMFjRQNaWKddyrFuDs3_lU~A HTTP 302
  • https://events-ssc.33across.com/match?bidder_id=99&external_user_id=y-gsffrihE2uHMFjRQNaWKddyrFuDs3_lU%7EA&ts=1692318421&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 434
  • https://33across-match.dotomi.com/match/bounce/current?networkId=78390&version=1&us_privacy= HTTP 302
  • https://33across-match.dotomi.com/match/bounce/current?DotomiTest=5e7695dd4fb9188f&is_secure=true&networkId=78390&version=1&us_privacy= HTTP 302
  • https://ssc-cms.33across.com/ps?xi=64&xu=AAAHAF6brCrOUQMmRwhQAAAAAAA&expiration=1692404821&is_secure=true&us_privacy= HTTP 302
  • https://events-ssc.33across.com/match?bidder_id=64&external_user_id=AAAHAF6brCrOUQMmRwhQAAAAAAA&ts=1692318421&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 435
  • https://eb2.3lift.com/getuid?gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fssc-cms.33across.com%2Fps%2F%3Fus_privacy%3D%26xi%3D33%26xu%3D%24UID HTTP 302
  • https://ssc-cms.33across.com/ps/?us_privacy=&xi=33&xu=4080762774149756005240 HTTP 302
  • https://events-ssc.33across.com/match?bidder_id=33&external_user_id=4080762774149756005240&ts=1692318421&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 436
  • https://ssc-cms.33across.com/ps/?us_privacy=&ts=1692318420658.7&ri=25&ru=https%3A%2F%2Fads.pubmatic.com%2FAdServer%2Fjs%2Fuser_sync.html%3F%26p%3D156423%26us_privacy%3D%24%7BUS_PRIVACY%7D%26predirect%3Dhttps%253A%252F%252Fevents-ssc.33across.com%252Fmatch%253Fliv%253Dh%2526us_privacy%253D%24%7BUS_PRIVACY%7D%2526bidder_id%253D25%2526external_user_id%253D HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?&p=156423&us_privacy=&predirect=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D25%26external_user_id%3D
Request Chain 437
  • https://ssc-cms.33across.com/ps/?_=1692318420658.&ri=0010b00002CphGRAAZ&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fs.pubmine.com%2Fmatch%3Fbidder_id%3D6%26external_user_id%3D33XUSERID33X%26ssp_data%3Dde349555-d0ff-4738-bf5a-71b2f3727eaa%26rid%3D%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D HTTP 302
  • https://s.pubmine.com/match?bidder_id=6&external_user_id=212240589342896&ssp_data=de349555-d0ff-4738-bf5a-71b2f3727eaa&rid=&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 439
  • https://sync.technoratimedia.com/services?cb=https%3A%2F%2Fs.pubmine.com%2Fmatch%3Fbidder_id%3D30%26ssp_data%3Dde349555-d0ff-4738-bf5a-71b2f3727eaa%26rid%3D%26us_privacy%3D%26gdpr%3D0%26gdpr_consent%3D%26external_user_id%3D%5BUSER_ID%5D&srv=cs&att=99 HTTP 307
  • https://s.pubmine.com/match?bidder_id=30&ssp_data=de349555-d0ff-4738-bf5a-71b2f3727eaa&rid=&us_privacy=&gdpr=0&gdpr_consent=&external_user_id=0ACA07A79B244833993E8B9798357D18
Request Chain 450
  • https://t.adx.opera.com/pub/sync?pubid=pub8730968190912 HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?piggybackCookie=OPU87e67693242d4262bc1cef6d7740e2c8&vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA%3D
Request Chain 451
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://ad.turn.com/r/cs?pid=45&rndcb=6350977500 HTTP 302
  • https://sync.1rx.io/usersync/turn/2700558205676423679?dspret=1&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-0ec53a30-df5a-48f0-bcf0-e0134c0f42b3-005?redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D13%26vsid%3D3353200176634272000V10%26type%3Dr1%26refUrl%3D%26vid%3D23184209383353200176634272000V10%26ovsid%3DRX-0ec53a30-df5a-48f0-bcf0-e0134c0f42b3-005 HTTP 302
  • https://contextual.media.net/cksync.php?cs=13&vsid=3353200176634272000V10&type=r1&refUrl=&vid=23184209383353200176634272000V10&ovsid=RX-0ec53a30-df5a-48f0-bcf0-e0134c0f42b3-005
Request Chain 453
  • https://gocm.c.appier.net/pubmatic HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=x15wm7xKCpm-rhyn1breZA
Request Chain 454
  • https://mweb.ck.inmobi.com/sync/15?redirect=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQzNSZ0bD00MzIwMA%3D%3D%26piggybackCookie%3D%24DSP_CKID HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQzNSZ0bD00MzIwMA==&piggybackCookie=a0630e9e-019c-45a7-bfab-a4edc6e1e75b
Request Chain 457
  • https://px.owneriq.net/epm?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=$UID HTTP 302
  • https://px.owneriq.net/ecc?redir=https%3a%2f%2fsimage2.pubmatic.com%2fAdServer%2fPug%3fvcode%3dbz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw%26piggybackCookie%3dQ7456048311862328828&uid=Q7456048311862328828&ref=%2Fepm
Request Chain 458
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:7ECD5403DF2A44CEA68AD742A23A3A42&gdpr=0&gdpr_consent=
Request Chain 460
  • https://thrtle.com/insync?vxii_pid=10067&vxii_pdid=2A9490F3-08AC-45EE-95C7-6A357A3D2EFD&gdpr=0&gdpr_consent= HTTP 302
  • https://thrtle.com/insync?gdpr=0&gdpr_consent=&vxii_pdid=2A9490F3-08AC-45EE-95C7-6A357A3D2EFD&vxii_pid=12&vxii_pid1=10067&vxii_rcid=eeb9e6ae-8ffc-406f-9efc-2062a3f068cf
Request Chain 486
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=33across&us_privacy=&khaos=LLFUOWMM-1P-IU2L HTTP 302
  • https://ssc-cms.33across.com/ps/?xi=1&xu=LLFUOWMM-1P-IU2L HTTP 302
  • https://events-ssc.33across.com/match?bidder_id=30&external_user_id=LLFUOWMM-1P-IU2L&ts=1692318421&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 488
  • https://pixel.rubiconproject.com/exchange/sync.php?p=medianet&khaos=LLFUOWMM-1P-IU2L HTTP 302
  • https://contextual.media.net/cksync.php?type=rbcn&ovsid=LLFUOWMM-1P-IU2L
Request Chain 489
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=synacor_xapi&endpoint=us-east HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=synacor_xapi&endpoint=us-east
Request Chain 492
  • https://pixel.33across.com/ps?m=xch&rt=html&id=0014000001aXjnGAAS&ru=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D61%26uid%3D33XUSERID33X HTTP 302
  • https://de.tynt.com/deb/?m=xch&rt=html&id=0014000001aXjnGAAS&ru=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D61%26uid%3D33XUSERID33X
Request Chain 495
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=technoratimedia&ttd_tpi=1 HTTP 302
  • https://uat-net.technoratimedia.com/services?srv=cs&pid=7&uid=0487fdef-dbcb-4472-91ea-091af86a64fb
Request Chain 496
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D46%26uid%3D%24UID HTTP 302
  • https://sync.technoratimedia.com/services?srv=cs&pid=46&uid=4664318827337647392
Request Chain 497
  • https://gum.criteo.com/sync?c=372&r=1&u=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D64%26uid%3D%40USERID%40 HTTP 302
  • https://sync.technoratimedia.com/services?srv=cs&pid=64&uid=cwlIkGy7grZ-wETS61NMEPK3j_UEoTgk
Request Chain 498
  • https://match.prod.bidr.io/cookie-sync/syn HTTP 303
  • https://sync.technoratimedia.com/services?uid=AABOFk7JvXYAACqoHL5WIg&srv=cs&pid=73
Request Chain 499
  • https://sync.1rx.io/usersync2/rmpssp?sub=synacor&redir=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D76%26uid%3D%5BRX_UUID%5D HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=5815294294 HTTP 302
  • https://sync.1rx.io/usersync/tradedesk/0487fdef-dbcb-4472-91ea-091af86a64fb HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-0ec53a30-df5a-48f0-bcf0-e0134c0f42b3-005
Request Chain 500
  • https://ad.360yield.com/server_match?partner_id=1669&r=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D79%26uid%3D%7BPUB_USER_ID%7D HTTP 302
  • https://sync.technoratimedia.com/services?srv=cs&pid=79&uid=6e611e0d-248a-42aa-aae5-d95b1b85c6a2
Request Chain 501
  • https://ups.analytics.yahoo.com/ups/58266/sync?redir=true HTTP 302
  • https://uat-net.technoratimedia.com/services?srv=cs&pid=80&uid=y-SPUeQ.BE2uEay9y6jnTfDrHFadYvSXQV~A
Request Chain 502
  • https://ssum-sec.casalemedia.com/usermatchredir?s=191740&cb=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D82%26uid%3D HTTP 302
  • https://sync.technoratimedia.com/services?srv=cs&pid=82&uid=ZN660gpfgXVAgUl4ibXoLAAA%261363
Request Chain 503
  • https://sync.aralego.com/idSync?ucf_nid=par-488A3E6BD8D997D0ED8B3BD34D8BA4B&ucf_user_id=0ACA07A79B244833993E8B9798357D18&redirect=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D37%26uid%3DUCFUID HTTP 302
  • https://sync.technoratimedia.com/services?srv=cs&pid=37&uid=9d143149-e6b6-3937-95a5-82158078bdc6
Request Chain 505
  • https://synacor-match.dotomi.com/match/bounce/current?networkId=63258&version=1&nuid=0ACA07A79B244833993E8B9798357D18&rurl=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D49%26uid%3D HTTP 302
  • https://synacor-match.dotomi.com/match/bounce/current?DotomiTest=1ea1693851e20fcc&is_secure=true&networkId=63258&version=1&nuid=0ACA07A79B244833993E8B9798357D18&rurl=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D49%26uid%3D HTTP 302
  • https://sync.technoratimedia.com/services?srv=cs&pid=49&uid=AAAHAF6brCrOaQMFkWA6AAAAAAA&expiration=1692404821&nuid=0ACA07A79B244833993E8B9798357D18&is_secure=true
Request Chain 506
  • https://contextual.media.net/cksync.php?cs=3&type=syn&ovsid=0ACA07A79B244833993E8B9798357D18&redir=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D62%26uid%3D%5BUSER_ID%5D HTTP 302
  • https://sync.technoratimedia.com/services?srv=cs&pid=62&uid=3353200176634272000V10
Request Chain 540
  • https://idsync.rlcdn.com/712188.gif?partner_uid=2A9490F3-08AC-45EE-95C7-6A357A3D2EFD&gdpr=0&gdpr_consent= HTTP 307
  • https://us-u.openx.net/w/1.0/cm?id=e508c905-ddce-4732-92a4-0b0f5b72a28f&r=https%3A%2F%2Fidsync.rlcdn.com%2F396846.gif%3Fserved_by%3Devergreen%26partner_uid%3D HTTP 302
  • https://idsync.rlcdn.com/396846.gif?served_by=evergreen&partner_uid=84c66859-68f8-4f2a-ace7-5db8be351563
Request Chain 544
  • https://idsync.rlcdn.com/712188.gif?partner_uid=2A9490F3-08AC-45EE-95C7-6A357A3D2EFD&gdpr=0&gdpr_consent= HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm HTTP 302
  • https://idsync.rlcdn.com/362358.gif?google_gid=CAESELFHEUiC8qKiPe29Nbr3axQ&google_cver=1
Request Chain 549
  • https://idpix.media6degrees.com/orbserv/hbpix?pixId=856286&pcv=125&ptid=23&tpuv=00&tpu=7dad82b5-bd27-5c7c-04b7-96b8a2633479 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072960&val=0wafngvrzdbj9
Request Chain 550
  • https://aorta.clickagy.com/pixel.gif?ch=4&cm=ce8e23da-f7c5-4504-850b-460a639c7a8a&redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537073026%26val%3D%7Bvisitor_id%7D HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537073026&val=ZN661n_zJlcXIZg8fIT4ycP2
Request Chain 551
  • https://rtb.openx.net/sync/dds HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_hm=DladAww5wGQV6pH8VLdOAQ==&ox_sc=1&ox_init=1 HTTP 302
  • https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
Request Chain 552
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://us-u.openx.net/w/1.0/sd?id=537073028&val=${ADELPHIC_CUID} HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537073028&val=155c8ce4-fcf7-4cee-8d64-d2c9a4d62452
Request Chain 553
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=4&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072977&val=07e245da-4f06-492e-b7a4-be6d629de3b9-64debad1-5553&gdpr=0&gdpr_consent=
Request Chain 556
  • https://us-u.openx.net/w/1.0/cm?id=e508c905-ddce-4732-92a4-0b0f5b72a28f&r=https%3A%2F%2Fid.rlcdn.com%2F464246.gif%3Fpartner_uid%3D%7BOPENX_ID%7D HTTP 302
  • https://id.rlcdn.com/464246.gif?partner_uid=84c66859-68f8-4f2a-ace7-5db8be351563 HTTP 307
  • https://us-u.openx.net/w/1.0/cm?id=e508c905-ddce-4732-92a4-0b0f5b72a28f&r=https%3A%2F%2Fidsync.rlcdn.com%2F396846.gif%3Fserved_by%3Devergreen%26partner_uid%3D HTTP 302
  • https://idsync.rlcdn.com/396846.gif?served_by=evergreen&partner_uid=84c66859-68f8-4f2a-ace7-5db8be351563
Request Chain 557
  • https://ib.adnxs.com/getuid?https://us-u.openx.net/w/1.0/sd?id=537072399&val=$UID HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072399&val=4664318827337647392
Request Chain 558
  • https://ad.turn.com/r/cs?pid=9&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537073061&val=2700558205676423679&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 562
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://eb2.3lift.com/xuid?mid=3702&xuid=${ADELPHIC_CUID}&dongle=d54f&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=3702&xuid=155c8ce4-fcf7-4cee-8d64-d2c9a4d62452&dongle=d54f&gdpr=0&gdpr_consent=
Request Chain 563
  • https://ad.turn.com/r/cs?pid=49&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=4771&xuid=2700558205676423679&dongle=d407&gdpr=0&gdpr_consent=
Request Chain 564
  • https://b1sync.zemanta.com/usersync/triplelift?gdpr=0&gdpr_consent= HTTP 302
  • https://stags.bluekai.com/site/23178?id=XCrfLrjrE8jfTLEMuA7H&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6ZLCGIXDG3DJMZ2C4Y3PNUXXQ5LJMQ7WI33OM5WGKPLEMJQTQJTFPBRWQYLOM5ST25DSNFYGYZLMNFTHIJTHMRYHEPJQEZWWSZB5GI2DMMBGPB2WSZB5LBBXEZSMOJVHERJYNJTFITCFJV2UCN2I&gdpr=0 HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6ZLCGIXDG3DJMZ2C4Y3PNUXXQ5LJMQ7WI33OM5WGKPLEMJQTQJTFPBRWQYLOM5ST25DSNFYGYZLMNFTHIJTHMRYHEPJQEZWWSZB5GI2DMMBGPB2WSZB5LBBXEZSMOJVHERJYNJTFITCFJV2UCN2I HTTP 302
  • https://eb2.3lift.com/xuid?dongle=dba8&gdpr=0&mid=2460&xuid=XCrfLrjrE8jfTLEMuA7H
Request Chain 565
  • https://sync.srv.stackadapt.com/sync?nid=13&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=2319&xuid=0-f52a27e5-963b-512b-43e0-7607f1eb2d62$ip$96.9.249.38&dongle=4430
Request Chain 568
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=83&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=3646&xuid=07e245da-4f06-492e-b7a4-be6d629de3b9-64debad1-5553&dongle=1fa5&gdpr=0&gdpr_consent=
Request Chain 578
  • https://i.liadm.com/s/75145?bidder_id=195755&bidder_uuid=2A9490F3-08AC-45EE-95C7-6A357A3D2EFD HTTP 303
  • https://i.liadm.com/s/75145?bidder_id=195755&bidder_uuid=2A9490F3-08AC-45EE-95C7-6A357A3D2EFD&_li_chk=true&previous_uuid=fc6ac6036eef4775ba05ddb069ed9ae0 HTTP 303
  • https://mid.rkdms.com/bct?pid=bcccb40a-06d2-44fe-bdd2-a91ef4a5bfd0&&puid=fc6ac603-6eef-4775-ba05-ddb069ed9ae0&liid=&_ct=im HTTP 302
  • https://i.liadm.com/s/19948?bidder_id=178256&bidder_uuid=ad0bb4dabcf23259d877e1e1d0153c20 HTTP 303
  • https://x.bidswitch.net/sync?dsp_id=42&user_id=
Request Chain 580
  • https://io.narrative.io/?companyId=673&id=pubmatic_id:2A9490F3-08AC-45EE-95C7-6A357A3D2EFD HTTP 302
  • https://io.narrative.io/?io.narrative.guid.v2=f37862b0-3d5d-11ee-9828-02e4221a2b5f&companyId=673&id=pubmatic_id:2A9490F3-08AC-45EE-95C7-6A357A3D2EFD
Request Chain 581
  • https://ssc-cms.33across.com/ps/?us_privacy=&ts=1692318421659.5&ri=70&ru=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fcm%3Fid%3Dc6a5ba0d-ce02-41bd-a1ea-842c68bd5108%26ph%3D8f5ed5d4-642c-4222-968a-d709c87ac3c8%26us_privacy%3D%24%7BUS_PRIVACY%7D%26r%3Dhttps%253A%252F%252Fevents-ssc.33across.com%252Fmatch%253Fliv%253Dh%2526us_privacy%253D%24%7BUS_PRIVACY%7D%2526bidder_id%253D70%2526external_user_id%253D HTTP 302
  • https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
Request Chain 582
  • https://ssc-cms.33across.com/ps/?_=1692318421659.&ri=0014000001aXjnGAAS&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D61%26uid%3D33XUSERID33X HTTP 302
  • https://sync.technoratimedia.com/services?srv=cs&pid=61&uid=212240589342896
Request Chain 583
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=f0v35ew&ttd_tpi=1&us_privacy= HTTP 302
  • https://ssc-cms.33across.com/ps/?ri=102&ru=https%3A%2F%2Fcms-xch-chicago.33across.com%2Fmatch%3Fbidder_id%3D102%26ttl%3D1694910421%26external_user_id%3D0487fdef-dbcb-4472-91ea-091af86a64fb HTTP 302
  • https://cms-xch-chicago.33across.com/match?bidder_id=102&ttl=1694910421&external_user_id=0487fdef-dbcb-4472-91ea-091af86a64fb
Request Chain 584
  • https://ssc-cms.33across.com/ps/?us_privacy=&ts=1692318421659.3&ri=2&ru=https%3A%2F%2Fssum-sec.casalemedia.com%2Fusermatchredir%3Fs%3D191740%26us_privacy%3D%24%7BUS_PRIVACY%7D%26cb%3Dhttps%253A%252F%252Fevents-ssc.33across.com%252Fmatch%253Fliv%253Dh%2526us_privacy%253D%24%7BUS_PRIVACY%7D%2526bidder_id%253D2%2526external_user_id%253D HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=191740&us_privacy=&cb=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D2%26external_user_id%3D HTTP 302
  • https://events-ssc.33across.com/match?liv=h&us_privacy=&bidder_id=2&external_user_id=ZN660gpfgXVAgUl4ibXoLAAA%261363
Request Chain 585
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=104&us_privacy=&redir=https%3A%2F%2Fssc-cms.33across.com%2Fps%2F%3Fus_privacy%3D%26xi%3D45%26xu%3D%7BuserId%7D HTTP 302
  • https://ssc-cms.33across.com/ps/?us_privacy=&xi=45&xu=07e245da-4f06-492e-b7a4-be6d629de3b9-64debad1-5553 HTTP 302
  • https://events-ssc.33across.com/match?bidder_id=45&external_user_id=07e245da-4f06-492e-b7a4-be6d629de3b9-64debad1-5553&ts=1692318422&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 586
  • https://sync.srv.stackadapt.com/sync?nid=33across&us_privacy= HTTP 302
  • https://ssc-cms.33across.com/ps/?xi=120&xu=9Son5ZY7UStD4HYH8estYmAJ-SY HTTP 302
  • https://events-ssc.33across.com/match?bidder_id=120&external_user_id=9Son5ZY7UStD4HYH8estYmAJ-SY&ts=1692318422&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 587
  • https://ssc-cms.33across.com/ps/?us_privacy=&ts=1692318421659.7&ri=90&ru=https%3A%2F%2Fib.adnxs.com%2Fgetuid%3Fhttps%253A%252F%252Fevents-ssc.33across.com%252Fmatch%253Fliv%253Dh%2526us_privacy%253D%24%7BUS_PRIVACY%7D%2526bidder_id%253D90%2526external_user_id%253D%2524UID HTTP 302
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D90%26external_user_id%3D%24UID HTTP 302
  • https://events-ssc.33across.com/match?liv=h&us_privacy=&bidder_id=90&external_user_id=4664318827337647392
Request Chain 603
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEEfsSNmq_kdW-Y16cfuFOug&google_cver=1&google_push=AXcoOmS2o0V2APpc8KWA4UleAiA0-eDgGgVvBhunflWkI2ZRWzEUJqoSLrYQEL9PhIAGaXy4KV9XiafqAUE3HeyIOv02mF_P3tgy HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MjcwMDU1ODIwNTY3NjQyMzY3OQ==&gdpr=0&gdpr_consent= HTTP 302
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=0&gdpr_consent=&google_gid=CAESEEfsSNmq_kdW-Y16cfuFOug&google_cver=1
Request Chain 606
  • https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmQlJMqW7caljMwcXPlxd_DmMjBcyKhrcqahhjatZTJqmmAKNH4ouYK6xrfaQY7duDN5Vzv9seUsXDv7LyRIhgapGJdMr21_&google_gid=CAESEPA8nDucDIBnUPwm2J8Yk9Y&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-pkQrQ5uicCFx8Xhx-m3qrR9J51JoM9t2WwiXTg&google_push=AXcoOmQlJMqW7caljMwcXPlxd_DmMjBcyKhrcqahhjatZTJqmmAKNH4ouYK6xrfaQY7duDN5Vzv9seUsXDv7LyRIhgapGJdMr21_
Request Chain 607
  • https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEFION3mOndIF4bT6XmEhz-U&google_cver=1&google_push=AXcoOmSZ_yl06W5QC-oQRT_I0TMrRNyj8B_Wqg7QLl_hwJts9bO3SHLEghYjp4wxu2l545lSOEsLZZ5TJoNRXu7uMyHUyN_46TEJ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=smaato&gdpr=0&gdpr_consent=&google_hm=bc5bc3dc17&google_redir=https%3A%2F%2Fs.ad.smaato.net%2Fc%2F%3FadExInit%3Dg%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://s.ad.smaato.net/c/?adExInit=g&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.inmobi.com/oRTB?redirect=https%3A%2F%2Fs.ad.smaato.net%2Fc%2F%3FdspCookie%3D%7BID5UID%7D%26dspId%3D1001980%26gdpr%3D0%26gdpr_consent%3D,&gdpr=0&gdpr_consent=, HTTP 302
  • https://id5-sync.com/i/495/0.gif?gdpr_consent=,&gdpr=1&callback=https%3A%2F%2Fs.ad.smaato.net%2Fc%2F%3FdspCookie%3D%7BID5UID%7D%26dspId%3D1001980%26gdpr%3D0%26gdpr_consent%3D%2C
Request Chain 608
  • https://tg.socdm.com/rtb/sync_before?proto=google_ebda&google_gid=CAESEAjLP-DzdLsRmU3_r0gotPw&google_cver=1&google_push=AXcoOmRsVVh-T4_H7uYQr47K7PAXv2cQtYKx84K88pLgFSn5aHCmhpUO6h_SH3KgNquQpABaXYaDWx93WQ5HdNcxhgVIcXm8Y3YS HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=ad_generation_eb&google_push=AXcoOmRsVVh-T4_H7uYQr47K7PAXv2cQtYKx84K88pLgFSn5aHCmhpUO6h_SH3KgNquQpABaXYaDWx93WQ5HdNcxhgVIcXm8Y3YS&google_hm=Wk42NjBzQ284WDhBQUdob0hFb0FBQUFB
Request Chain 609
  • https://an.yandex.ru/mapuid/google/CAESEL1m1CjFt64TUlcks-Hn3RY?ext-param=AXcoOmRWHLrBKntTC1XpZJgu6Y5YkS_asYqtHVFu5jaAY7pTKsSDKUBKveQdODydg9rSWKJr-i4JQP4p1XnIriJt_v1oXXoiLouhaA&partner-tag=yandex_ag&google_cver=1 HTTP 302
  • https://an.yandex.ru/mapuid/google/CAESEL1m1CjFt64TUlcks-Hn3RY?redir-setuniq=1&ext-param=AXcoOmRWHLrBKntTC1XpZJgu6Y5YkS_asYqtHVFu5jaAY7pTKsSDKUBKveQdODydg9rSWKJr-i4JQP4p1XnIriJt_v1oXXoiLouhaA&partner-tag=yandex_ag&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yandex_ag&google_hm=CAESEL1m1CjFt64TUlcks-Hn3RY&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif HTTP 302
  • https://an.yandex.ru/resource/spacer.gif
Request Chain 616
  • https://c1.adform.net/serving/cookie/match?party=22 HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=6684631721631464360
Request Chain 617
  • https://cms.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=tMpakuCfXZGvyFqVsJoTxrDOWJWvz13AsJhhvaIO
Request Chain 618
  • https://x.bidswitch.net/sync?ssp=openx HTTP 302
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=99a3228b-b5ec-4ed0-ab3b-c41988f8f0a6&ssp=openx&gdpr=&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=419&user_id=10594366287868868051&ssp=openx&gdpr=&gdpr_consent= HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072968&val=99a3228b-b5ec-4ed0-ab3b-c41988f8f0a6&gdpr=&gdpr_consent=&us_privacy=
Request Chain 619
  • https://p.rfihub.com/cm?pub=25&in=1 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537073062&val=970033166257797130
Request Chain 620
  • https://um.simpli.fi/ox_match HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072966&val=7ECD5403DF2A44CEA68AD742A23A3A42
Request Chain 621
  • https://i.liadm.com/s/57424?bidder_id=206088&bidder_uuid=d1b6cbbb-9265-433b-b118-214d0d38b554 HTTP 303
  • https://i6.liadm.com/s/57424?bidder_id=206088&bidder_uuid=d1b6cbbb-9265-433b-b118-214d0d38b554
Request Chain 626
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESENCpylh9ZcdLjYvvFF-Zuqs&google_cver=1&google_push=AXcoOmRYBduuOOfCeE1pwKMS73cGi6_klmB7CVVL5prWdQPvp5n1djtAm7IaUykX1dG2Gj2Gy3-m8Y3DQKN0zXA-TU8xjC-_VY8 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=Wk42NjBnQUphTGlzWWdBYg==&google_gid=CAESENCpylh9ZcdLjYvvFF-Zuqs&google_cver=1&google_push=AXcoOmRYBduuOOfCeE1pwKMS73cGi6_klmB7CVVL5prWdQPvp5n1djtAm7IaUykX1dG2Gj2Gy3-m8Y3DQKN0zXA-TU8xjC-_VY8
Request Chain 628
  • https://fksnk.com/cs/google?google_gid=CAESEOjRTQUjWx0Bvt-c35IZGK4&google_cver=1&google_push=AXcoOmTNpWXmuDQWPEZn8s_x1oXIHEhhnZF6J-GY5T8Eg4Hq6nL13htLIolQ8djIHtpjW1v2Igy7pgDMq-KtqTuLuSB1nDNyQxE HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=RUZCMTAzQ0I0Q0MzNzhCQw==
Request Chain 629
  • https://s.uuidksinc.net/match/47/?remote_uid=CAESEL5UyprqgKZpY1szZidPS04&c_param1=AXcoOmRPK8XN3QmiUNrZ57S2dWj46eHZyBHorsCzsRWYvUxOhp_CgT5XkvHbdfmWPRrZ5DmDjmw__gUOvGTBpTsRalEutT7XIA&gdpr=%%GDPR%%&addtl_consent=%%ADDTL_CONSENT%%&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=AXcoOmRPK8XN3QmiUNrZ57S2dWj46eHZyBHorsCzsRWYvUxOhp_CgT5XkvHbdfmWPRrZ5DmDjmw__gUOvGTBpTsRalEutT7XIA
Request Chain 630
  • https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEIzCc1aVgg52IZEHNjIdSkk&google_cver=1&google_push=AXcoOmT6Mxqe2rR6S5-sLs55RY1oLGrh8csCTmZEMg8rtmRyAcxMp8mPDFeWChYAoVuEvTsSFtPZn-_ISvmovFrn-KJ1WFsppw4 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmT6Mxqe2rR6S5-sLs55RY1oLGrh8csCTmZEMg8rtmRyAcxMp8mPDFeWChYAoVuEvTsSFtPZn-_ISvmovFrn-KJ1WFsppw4
Request Chain 631
  • https://im.bluevoox.com/pixel?s1=2&s2=203601&s3=m52eksbsgbowze8o&cm=1&rd=1&google_gid=CAESENcZCY3QPq3fqS69Txw_UYk&google_cver=1&google_push=AXcoOmS1V7w61Gu181pauRQ63yRk6Anz1EjEB-TtQxT2HPci3kgIlmsyxC5u_Jrz5j6uysxmc5WMmOC8NbzK7bQVJ5OkuHVHPpJt HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=do_global&google_push=AXcoOmS1V7w61Gu181pauRQ63yRk6Anz1EjEB-TtQxT2HPci3kgIlmsyxC5u_Jrz5j6uysxmc5WMmOC8NbzK7bQVJ5OkuHVHPpJt&google_hm=QlMuYjk5NS1hMzFiLTRmMWYtOWM4Mw==
Request Chain 632
  • https://b1sync.zemanta.com/usersync/googleopenbidding/?google_gid=CAESECH8rSXhF8UPtE1Yx9XIXTU&google_cver=1&google_push=AXcoOmQxT0Hp6KfySaxFc5lg3kwfx0WGoqS9QPHGfsyG4aBdf-AOz4laS8B07asxcM33Bpc_1VpWn3FK7eGPhkC9Ku-1o3Id6ZIC HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=outbrain_eb&google_push=AXcoOmQxT0Hp6KfySaxFc5lg3kwfx0WGoqS9QPHGfsyG4aBdf-AOz4laS8B07asxcM33Bpc_1VpWn3FK7eGPhkC9Ku-1o3Id6ZIC&google_hm=WENyZkxyanJFOGpmVExFTXVBN0g=
Request Chain 656
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=synacor_xapi&khaos=LLFUOWMM-1P-IU2L HTTP 302
  • https://uat-net.technoratimedia.com/services?srv=cs&pid=44&uid=LLFUOWMM-1P-IU2L
Request Chain 659
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=itsallinanutshell.com&sn=ChromeSyncframe&so=0&topUrl=itsallinanutshell.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=2U3nnnx4M0E4R1hXU3BEWmtxQ2FpNkt2OWh4R3BFckcrb0JjTmFwWmN1YUZoTStNMy9xbzY1NE8yMWRHcGtybEFDZkRLMXdLL2svNy9MWmpXMmtzZy9MU3JJbnRiQ28rajlQZ055UldEY011cVhWbzZpMWdBalE3aXd1YzRGRmp5bVNFb3ZMMkJSYW5BS0ZBMDhsWnBKdUgzaFJDMnF6ejZWWUVlNzFpanM2a1hIWlB4UW9pbXA2U2cwc1VETURjS3NHbXJDNWJXZGptNUxXM2FvMjhzclRJOEtOUEJqeWZPRitFMGxoQUl4L0hWczdhS2VnMDNqQ1pxZHRjSjUwd0t5aUdiZk9YSE5QMG9xZExENHYvSE1sRzhIOUZtZDFWQ3NKOHdrYlYzWk9zRWo4az18&cppv=2
Request Chain 665
  • https://us-u.openx.net/w/1.0/pd?plm=10&ph=f6cce7d3-7041-4bde-ab1b-da9ab8777876&gdpr=0&us_privacy=1--- HTTP 302
  • https://i.w55c.net/ping_match.gif?ei=OPENX&rurl=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_ HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072979&val=ISyfZg9D1QwNkm5
Request Chain 680
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fitsallinanutshell.com%2F&domain=itsallinanutshell.com&cw=1&pbt=1&lsw=1&us_privacy=1--- HTTP 302
  • https://mug.criteo.com/sid?cpp=-bP6gXxBTEwzcHNvREh2ME9idGlKZFByM2J4UWQwdGx6YlBxWXBsNHNzaFlxS1VJdWM2ekR1d1lZSG9ieU1qMnBhS2dPWUlCZzN4MHh4SmtiaXJEYWRRMGNPL1lxRnpvQ1ljNWlrZGtGWGdLNlpEMjkxOTkycWtqd3Fndm5zU2tXS1FqSkZMK2tPNzZ4NThmam1tczdqbTNoTWdBV1lacWdkSlM1dnlzYk9BNUl5VGU1L3NJTktvcHFJVjk2bEduTjdLdC9RLzBRSUJZYWVIYVVVYTI5VHdqb3prMXZyVVNVYy9XMDhoRTJFNlpOdXRwK2d1eW8rU1RKT0ZQOWZ4bTgwNFNHUjlFTWI3bUozeWxFTVdydmJkVllHbm1jcjdkNWI5dFBuWGpJWDlBRGtEcz18&cppv=2
Request Chain 700
  • https://u.openx.net/w/1.0/cm?gdpr=0&gdpr_consent=&id=7ead435e-a2cd-4cbf-8876-adb66822613f&ph=c6b01e12-aa62-4ae6-9e10-71346e597c31&r=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3DF2Stothm3wg5g6opTuaPadz9%26source_user_id%3D HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=F2Stothm3wg5g6opTuaPadz9&source_user_id=1f63e202-17fb-44a7-b635-fb018d65d6d3
Request Chain 702
  • https://dis.criteo.com/dis/usersync.aspx?r=41&p=244&cp=sharethrough&cu=1&gdpr=0&gdpr_consent=&url=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3D7658cb1d77a660882b48db06%26source_user_id%3D%40%40CRITEO_USERID%40%40 HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=7658cb1d77a660882b48db06&source_user_id=k-nNrTxJuicCFx8Xhx-m3qrR9J51JjqgrTlQJ6LQ&gdpr=0&gdpr_consent=
Request Chain 703
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=97&redir=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3DgBgkxrVErPj9wqivTDd2AmVY%26source_user_id%3D%7BuserId%7D&gdpr=0&gdpr_consent= HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=gBgkxrVErPj9wqivTDd2AmVY&source_user_id=07e245da-4f06-492e-b7a4-be6d629de3b9-64debad1-5553&gdpr=0&gdpr_consent=
Request Chain 704
  • https://sync.1rx.io/usersync2/sharethrough HTTP 302
  • https://sync.mathtag.com/sync/img?mt_exid=74&redir=https%3A%2F%2Fsync.1rx.io%2Fusersync3%2Fmediamathtest%2F2155%2F%5BMM_UUID%5D%3Fzcc%3D0%26sspret%3D1&rndcb=1454681157 HTTP 302
  • https://sync.1rx.io/usersync3/mediamathtest/2155/ce7f64de-bad7-4400-ba94-96f15d043fcc?zcc=0&sspret=1 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-0ec53a30-df5a-48f0-bcf0-e0134c0f42b3-005?redir=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3DrAoqYZyz6z2wirWVWwswmjws%26source_user_id%3DRX-0ec53a30-df5a-48f0-bcf0-e0134c0f42b3-005 HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=rAoqYZyz6z2wirWVWwswmjws&source_user_id=RX-0ec53a30-df5a-48f0-bcf0-e0134c0f42b3-005
Request Chain 709
  • https://sync.1rx.io/usersync2/rmpssp?sub=yieldmo&redir%3Dhttps%3A%2F%2Fads.yieldmo.com%2Fv000%2Fsync%3Fpn_id%3Dunl%26id%3D%5BRX_UUID%5D HTTP 302
  • https://sync.mathtag.com/sync/img?mt_exid=74&redir=https%3A%2F%2Fsync.1rx.io%2Fusersync3%2Fmediamathtest%2F2069.28%2F%5BMM_UUID%5D%3Fzcc%3D0%26sspret%3D1&rndcb=1188726320 HTTP 302
  • https://sync.1rx.io/usersync3/mediamathtest/2069.28/1fa464de-bad7-4f00-8928-46f723d6fea4?zcc=0&sspret=1 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-0ec53a30-df5a-48f0-bcf0-e0134c0f42b3-005?redir=https%3A%2F%2Fads.yieldmo.com%2Fv000%2Fsync%3Fpn_id%3Dunl%26id%3DRX-0ec53a30-df5a-48f0-bcf0-e0134c0f42b3-005 HTTP 302
  • https://ads.yieldmo.com/v000/sync?pn_id=unl&id=RX-0ec53a30-df5a-48f0-bcf0-e0134c0f42b3-005
Request Chain 710
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3107&partner_device_id=3m7DLyyGGDyyIfljonPf HTTP 302
  • https://dpm.demdex.net/ibs:dpid=540&dpuuid=ab9d17c0-c81c-44b4-a9b0-0faebcbda11d&redir=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Freceive%3Fpartner_id%3DADB%26partner_device_id%3D%24%7BDD_UUID%7D%26pt%3Dab9d17c0-c81c-44b4-a9b0-0faebcbda11d%252C%252C HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=ADB&partner_device_id=01191767442811976341934855132811237166&pt=ab9d17c0-c81c-44b4-a9b0-0faebcbda11d%2C%2C
Request Chain 711
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=yieldmo HTTP 302
  • https://ads.yieldmo.com/sync?pn_id=rc&id=LLFUOWMM-1P-IU2L
Request Chain 713
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=yieldmo&ttd_tpi=1&ttd_puid=3m7DLyyGGDyyIfljonPf HTTP 302
  • https://ads.yieldmo.com/v000/sync?tdid=0487fdef-dbcb-4472-91ea-091af86a64fb
Request Chain 720
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 855
  • https://cms.analytics.yahoo.com/cms?partner_id=LOTME&gdpr=0 HTTP 302
  • https://ups.analytics.yahoo.com/ups/58736/cms?partner_id=LOTME&gdpr=0 HTTP 302
  • https://sync.crwdcntrl.net/qmap?c=5437&tp=DTAX&tpidqp=tpidqa&tpidqa=y-GvrV15xE2pwyhrpBGXQ.qjVWLYsZBUsjMOs-~A&gdpr=0
Request Chain 857
  • https://sync.srv.stackadapt.com/sync?nid=lotame&gdpr=0 HTTP 302
  • https://sync.crwdcntrl.net/qmap?c=6569&tp=STKA&tpid=0-f52a27e5-963b-512b-43e0-7607f1eb2d62$ip$96.9.249.38&gdpr=0&gdpr_consent=
Request Chain 859
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D281%2Ftp%3DANXS%2Ftpid%3D%24UID%2Fgdpr%3D0%2Frand=728051018 HTTP 302
  • https://sync.crwdcntrl.net/map/c=281/tp=ANXS/tpid=4664318827337647392/gdpr=0/rand=728051018
Request Chain 860
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=lotame&ttd_tpi=1&gdpr=0 HTTP 302
  • https://sync.crwdcntrl.net/map/c=10620/tp=TRAD/tpid=0487fdef-dbcb-4472-91ea-091af86a64fb/gdpr=0/gdpr_consent=

851 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
itsallinanutshell.com/
Redirect Chain
  • https://cdn-0.itsallinanutshell.com/
  • https://itsallinanutshell.com/
262 KB
68 KB
Document
General
Full URL
https://itsallinanutshell.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1f10:4c55:e23f:afb4:7f32:3aa4:fbc Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
LiteSpeed / PHP/8.2.8, PleskLin
Resource Hash
d752621a7b032d959c9e5d8b6906075374298c19dd2ad2173dbbb4ff04cac43f

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
cache-control
private, max-age=0, must-revalidate, no-cache, no-store
content-encoding
br
content-type
text/html; charset=UTF-8
date
Fri, 18 Aug 2023 00:26:54 UTC
display
pub_site_sol
expires
Thu, 17 Aug 2023 00:26:54 GMT
link
<https://itsallinanutshell.com/wp-json/>; rel="https://api.w.org/", <https://itsallinanutshell.com/wp-json/wp/v2/pages/24469>; rel="alternate"; type="application/json", <https://wp.me/PePzF0-6mF>; rel=shortlink
pagespeed
off
response
200
server
LiteSpeed
vary
Accept-Encoding,User-Agent
x-ez-minify-html
7.88% 268646 / 291617
x-ez-proxy-out
true 2.4
x-ezoic-cdn
Hit ds;mm;91689015fc1694f7fc317cce3916fea0;2-496996-2;d223128a-c513-4367-6310-6ecef6e0ef85
x-middleton-display
pub_site_sol
x-middleton-response
200
x-origin-cache-control
x-powered-by
PHP/8.2.8, PleskLin
x-sol
pub_site

Redirect headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7f86072628794bc1-BUF
content-length
0
content-type
text/plain; charset=utf-8
date
Fri, 18 Aug 2023 00:26:53 GMT
location
https://itsallinanutshell.com/
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FL4dNVL5s%2Byj8PrFLbCwll%2FcGUBjqOiOm4PzIz%2BgXEp%2FVUZgm%2F%2BSEMDsrgCaJF0xaAxwDMMBkiGzXNBO%2Foy9QgAryb5beI%2Fu2dM4kP%2BUo3q%2Bm8Td3X1U9qeoU3%2BjWLiTKKDnMsXMU7jo4vkh9btb96I3i6%2Ff%2BZQa3IY%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-middleton-display
redirect
cropped-triptych-forest-fern-3.jpg
itsallinanutshell.com/wp-content/uploads/2022/07/
108 KB
108 KB
Image
General
Full URL
https://itsallinanutshell.com/wp-content/uploads/2022/07/cropped-triptych-forest-fern-3.jpg?ezimgfmt=ng%3Awebp%2Fngcb1%2Frs%3Adevice%2Frscb1-1
Requested by
Host: itsallinanutshell.com
URL: https://itsallinanutshell.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1f10:4c55:e23f:afb4:7f32:3aa4:fbc Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
LiteSpeed / PleskLin
Resource Hash
ff7f47054a4a8d99157388150e9a10b22aad97a81afb0b5e4f3b3bbbb0333399

Request headers

accept-language
en-US,en;q=0.9
Referer
https://itsallinanutshell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 00:26:54 UTC
content-encoding
br
display
staticcontent_sol
x-powered-by
PleskLin
x-ezoic-cdn
Hit ds;ds;c7ca13d3f2bacfd9212dd887af825cfc;2-496996-2;91c2e2cb-853f-46d3-4cfa-a3c93bb15d27
x-middleton-display
staticcontent_sol
x-middleton-response
200
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
x-ezoic-excludewebp
false
response
200
last-modified
Fri, 21 Apr 2023 12:15:36 GMT
server
LiteSpeed
x-ez-proxy-out
true 2.4
etag
"264b6-64427e68-582e523c8c4f193;;;-gzip"
x-origin-cache-control
public, max-age=604800
vary
Accept-Encoding,X-Ezoic-Excludewebp,User-Agent,Origin
content-type
image/webp
cache-control
public, max-age=31536000
fads.js
www.ezojs.com/porpoiseant/
12 KB
4 KB
Script
General
Full URL
https://www.ezojs.com/porpoiseant/fads.js?gcb=195-0&cb=26
Requested by
Host: itsallinanutshell.com
URL: https://itsallinanutshell.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:5d19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cead18a3a6354cfc90b053410447811fbcae8bf072d6171e280d28311cabf77f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://itsallinanutshell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 00:26:54 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished
origSize=11866
x-middleton-display
sol-js
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Fri, 18 Aug 2023 00:01:57 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qQTqjKX6b5J%2F1XVRisuskepWKhcjX0kpKn7Gk92a5uFQM%2Frcil1w59t0h2EQ4%2Fo7KPlnHuTr5mk5B41%2FiaJPKgSb2IIoqRKWZxkWRAp0NjJzkdV1vbCYuMiR5QhUQri7Wj8MFQK5lqzwPN9L"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=31536000
x-robots-tag
noindex
cf-ray
7f86072b5ccf4bbb-BUF
gpt.js
securepubads.g.doubleclick.net/tag/js/
97 KB
28 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: itsallinanutshell.com
URL: https://itsallinanutshell.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81f::2002 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e83fd8df64eaed67ac9920f69019c47c5482da4a9c5b328cb5f5c565ca5d1ce3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://itsallinanutshell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 00:26:54 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28535
x-xss-protection
0
server
cafe
etag
467 / 19587 / 31077123 / config-hash: 7328467961731406261
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Fri, 18 Aug 2023 00:26:54 GMT
dall.js
go.ezodn.com/hb/
657 KB
197 KB
Script
General
Full URL
https://go.ezodn.com/hb/dall.js?cb=195-0-60
Requested by
Host: itsallinanutshell.com
URL: https://itsallinanutshell.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:8817 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
70023ca0a233fa93370022f69d0537f8fcbd2fa2f4ce9d7c670e779b1421d933

Request headers

accept-language
en-US,en;q=0.9
Referer
https://itsallinanutshell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 00:26:54 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 01 Aug 2023 19:32:55 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1399967
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Tm488QWufAiXOHD3skc%2BK9qECtFNXXoVhAzfzz7OmQoW2AuYQFNX9h467qDJW9o1sG7EPWfkrMVPVS0wWE1XWvxaIvsi9qxVtAC%2BvODF6q6WJe8bXHkDuLsHRyi3DKyPJtVpuhdv4Xdtmo0%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
7f86072b4b8d4268-EWR
alt-svc
h3=":443"; ma=86400
fads.js
itsallinanutshell.com/porpoiseant/
12 KB
3 KB
Script
General
Full URL
https://itsallinanutshell.com/porpoiseant/fads.js?gcb=195-0&cb=26
Requested by
Host: itsallinanutshell.com
URL: https://itsallinanutshell.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1f10:4c55:e23f:afb4:7f32:3aa4:fbc Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache/2.4.39 (Ubuntu) /
Resource Hash
19016ba9dbcdc75c80caef1921595e7de36683131486523ce81979aae316c7d7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://itsallinanutshell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 00:26:54 GMT
content-encoding
br
server
Apache/2.4.39 (Ubuntu)
vary
Accept-Encoding
content-type
application/javascript
x-middleton-display
sol-js
cache-control
max-age=31536000, public
x-robots-tag
noindex
banger.js
www.ezojs.com/porpoiseant/
58 KB
16 KB
Script
General
Full URL
https://www.ezojs.com/porpoiseant/banger.js?cb=195-0&bv=257&v=76&PageSpeed=off
Requested by
Host: itsallinanutshell.com
URL: https://itsallinanutshell.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:5d19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cc435cbd63327b4af4eb1c90b9e72cfad085505dc85ac218167de28fd8bcb527

Request headers

accept-language
en-US,en;q=0.9
Referer
https://itsallinanutshell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 00:26:54 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1391
cf-polished
origSize=59544
x-middleton-display
sol-js
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Thu, 17 Aug 2023 21:53:40 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ce9IzNX1eZWn70KHMq3JLDP9sQ%2FxELLLnHaRl%2BQCq0TitNtGwbBaZMhH3nivmDY%2FLs7%2BmeD1EettDrEOLFD%2FIi5BJlS7xDsWmdtpaS%2FiD%2FeQQzfarKVDdRrc971xhCcI3piSacZCFk%2FLQq63"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=31536000
x-robots-tag
noindex
cf-ray
7f86072bbcd24bbb-BUF
/
itsallinanutshell.com/_static/
152 KB
31 KB
Stylesheet
General
Full URL
https://itsallinanutshell.com/_static/??-eJydUltOAzEMvBAhKkhAPxA/lTgAB6jSxF1MkziKnZa9Pd6+KNBqK35243jGHntiN8V4ygJZbImtw8y2axouoHZ20TAGu4jkVybiorraW5Y+wq1nvrFnuNH11MR0FcMI8gOkOL86/OdryIGqdU0oORH0h4xZYwAqFZh/CIKAooRtwHYL0i9sjh0x+9gCaCu2SdEOIqRBwmlQVDFUE6Fzvr9NmMfpmjuNf5B+T+lpry8gy24j5nBnJv+jwadiGSnzRT4tl+jRRZMcRqgRBQxjl00rZkk1sXXMINpIl/qNmW9zF6v+fhieUqGsCB7x+jjOcaczKOo3ZI8avNLMhdDbt6HIweToBFhGn0+i0AZSxBVckiHvapTu0lV3BWIndbTxXGexHWSoqBA+f7xa/laAEaKoQ9DOOsjt9Hx1rQ2GbvBWqJhCPOrOHz7V4MLubVzHHJD784B9Sc+Th+nk8W76dD/5AkQhq9A=&ez_used_css_s=115
Requested by
Host: itsallinanutshell.com
URL: https://itsallinanutshell.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1f10:4c55:e23f:afb4:7f32:3aa4:fbc Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
LiteSpeed / PHP/8.2.8, PleskLin
Resource Hash
cb8cc87ec13a04c749498f59622494e7c73e16b9fe542b8ceac43a71f256e343

Request headers

accept-language
en-US,en;q=0.9
Referer
https://itsallinanutshell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 00:26:54 UTC
content-encoding
br
x-sol
pub_site
display
staticcontent_sol
x-powered-by
PHP/8.2.8, PleskLin
x-ezoic-cdn
Hit ds;mm;65b63661b34cb270ff10b6a04c94de71;2-496996-2;6a5673b8-acc9-46cb-72ec-533b1f39335d
x-middleton-display
staticcontent_sol
x-middleton-response
200
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
response
200
last-modified
Fri, 11 Aug 2023 04:57:11 GMT
server
LiteSpeed
x-ez-proxy-out
true 2.4
x-page-optimize
cached
etag
"e3c35231250a16906d076111d2a9f9b6-gzip"
x-origin-cache-control
max-age=31536000
vary
Accept-Encoding,User-Agent,Origin
content-type
text/css;charset=UTF-8
cache-control
public, max-age=31536000
css
fonts.googleapis.com/
0
0
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=:400|Anton:100,100italic,200,200italic,300,300italic,400,400italic,500,500italic,600,600italic,700,700italic,800,800italic,900,900italic|Faustina:100,100italic,200,200italic,300,300italic,400,400italic,500,500italic,600,600italic,700,700italic,800,800italic,900,900italic|Lora:100,100italic,200,200italic,300,300italic,400,400italic,500,500italic,600,600italic,700,700italic,800,800italic,900,900italic|Oswald:100,100italic,200,200italic,300,300italic,400,400italic,500,500italic,600,600italic,700,700italic,800,800italic,900,900italic|Roboto:100,100italic,200,200italic,300,300italic,400,400italic,500,500italic,600,600italic,700,700italic,800,800italic,900,900italic|Source+Sans+Pro:300,300italic,400,400italic,600|Yrsa:300,400,700&display=optional
Requested by
Host: itsallinanutshell.com
URL: https://itsallinanutshell.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80b::200a Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://itsallinanutshell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

dashicons.min.css
itsallinanutshell.com/wp-includes/css/
42 KB
32 KB
Stylesheet
General
Full URL
https://itsallinanutshell.com/wp-includes/css/dashicons.min.css?ver=6.3&ez_used_css_s=115
Requested by
Host: itsallinanutshell.com
URL: https://itsallinanutshell.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1f10:4c55:e23f:afb4:7f32:3aa4:fbc Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
LiteSpeed / PleskLin
Resource Hash
0eef35992b214af5251445fa6edda217dec37eb85de291752f74a9193d04d27c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://itsallinanutshell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 00:26:54 UTC
content-encoding
br
x-sol
orig
display
staticcontent_sol, orig_site_sol
x-powered-by
PleskLin
x-ezoic-cdn
Hit ds;mm;3fb5603c87d7df636aa93916a3eea968;2-496996-2;646a1890-46d4-41e2-7730-09721aa7e3ba
x-middleton-display
staticcontent_sol, orig_site_sol
x-middleton-response
200
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
response
200
last-modified
Fri, 12 May 2023 09:25:26 GMT
server
LiteSpeed
x-ez-proxy-out
true 2.4
etag
"e688-645e0606-cbc6cdf1b9d5eb63;gz-gzip"
x-origin-cache-control
public, max-age=604800
vary
Accept-Encoding,User-Agent,Origin
content-type
text/css
cache-control
public, max-age=2592000
void(0)
/
0
0

js
www.googletagmanager.com/gtag/
177 KB
65 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-76475896-1
Requested by
Host: itsallinanutshell.com
URL: https://itsallinanutshell.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80a::2008 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
a1f44218022adba9bb1f845b2034548d1199dbc92c7821498770f5e457b9aa11
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://itsallinanutshell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 00:26:54 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66100
x-xss-protection
0
last-modified
Fri, 18 Aug 2023 00:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 18 Aug 2023 00:26:54 GMT
dashicons.ttf
itsallinanutshell.com/wp-includes/fonts/
55 KB
31 KB
Font
General
Full URL
https://itsallinanutshell.com/wp-includes/fonts/dashicons.ttf?99ac726223c749443b642ce33df8b800
Requested by
Host: itsallinanutshell.com
URL: https://itsallinanutshell.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1f10:4c55:e23f:afb4:7f32:3aa4:fbc Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
LiteSpeed / PleskLin
Resource Hash
cacd900a2587c234c53e9d0108fc51ff6c61420c4f89a1731014b673a7b9a1a8

Request headers

Referer
https://itsallinanutshell.com/
Origin
https://itsallinanutshell.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 00:26:54 UTC
content-encoding
br
display
staticcontent_sol
x-powered-by
PleskLin
x-ezoic-cdn
Hit ds;mm;43dc9c82d85be81b800d12e72c67674e;2-496996-2;ec0d977a-8bf6-417f-5e51-c48762edde2b
x-middleton-display
staticcontent_sol
x-middleton-response
200
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
response
200
last-modified
Fri, 12 May 2023 09:25:26 GMT
server
LiteSpeed
x-ez-proxy-out
true 2.4
etag
"dc48-645e0606-f1a4868f3e32db01;;;-gzip"
x-origin-cache-control
public, max-age=604800
access-control-max-age
1728000
access-control-allow-methods
POST, GET, OPTIONS
content-type
font/ttf
access-control-allow-origin
https://itsallinanutshell.com
cache-control
public, max-age=2592000
vary
Accept-Encoding,User-Agent,Origin
Genericons.ttf
itsallinanutshell.com/wp-content/plugins/jetpack/_inc/genericons/genericons/
22 KB
14 KB
Font
General
Full URL
https://itsallinanutshell.com/wp-content/plugins/jetpack/_inc/genericons/genericons/Genericons.ttf
Requested by
Host: itsallinanutshell.com
URL: https://itsallinanutshell.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1f10:4c55:e23f:afb4:7f32:3aa4:fbc Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
LiteSpeed / PleskLin
Resource Hash
7cd8dcb9820d7558bcb35bde35d9923a77c8eb9d2a274366261ad55948dfed31

Request headers

Referer
https://itsallinanutshell.com/
Origin
https://itsallinanutshell.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 00:26:54 UTC
content-encoding
br
display
staticcontent_sol
x-powered-by
PleskLin
x-ezoic-cdn
Hit ds;mm;47fb5a0a0cb19274a59704c85ef44c3a;2-496996-2;fe09963a-12a6-4728-5cf0-c66aaf37d237
x-middleton-display
staticcontent_sol
x-middleton-response
200
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
response
200
last-modified
Tue, 01 Aug 2023 21:29:34 GMT
server
LiteSpeed
x-ez-proxy-out
true 2.4
etag
"56ac-64c9793e-eb654d04008e88d4;;;-gzip"
x-origin-cache-control
public, max-age=604800
access-control-max-age
1728000
access-control-allow-methods
POST, GET, OPTIONS
content-type
font/ttf
access-control-allow-origin
https://itsallinanutshell.com
cache-control
public, max-age=2592000
vary
Accept-Encoding,User-Agent,Origin
ezvideojscss.css
g.ezoic.net/ezvideo/
44 KB
11 KB
Stylesheet
General
Full URL
https://g.ezoic.net/ezvideo/ezvideojscss.css?cb=72
Requested by
Host: itsallinanutshell.com
URL: https://itsallinanutshell.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1f10:4c55:e23d:6ffa:4113:c739:8c8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache/2.4.39 (Ubuntu) /
Resource Hash
718599a25ec212265f9627cf0cfbb19a79b41d8387e9b1305c7c4ddff5dcd2be

Request headers

accept-language
en-US,en;q=0.9
Referer
https://itsallinanutshell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 00:26:54 GMT
cache-control
private, max-age: 2628000
content-encoding
br
server
Apache/2.4.39 (Ubuntu)
vary
Accept-Encoding
content-type
text/css; charset=utf8
fonts.css
assets.mlcdn.com/
1 KB
626 B
Stylesheet
General
Full URL
https://assets.mlcdn.com/fonts.css?version=1683642
Requested by
Host: itsallinanutshell.com
URL: https://itsallinanutshell.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:6cb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b9d61e1cdaa802cdc30f619c7cf16e0a8dfb2667f6009afe27b37810d9a7ed2e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://itsallinanutshell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 00:26:54 GMT
content-encoding
gzip
server
cloudflare
vary
Origin, Accept-Encoding
access-control-allow-methods
HEAD,GET,OPTIONS
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=14400
cf-ray
7f86072c4da64bd3-BUF
btn_donateCC_LG.gif
www.paypalobjects.com/en_US/NL/i/btn/
2 KB
2 KB
Image
General
Full URL
https://www.paypalobjects.com/en_US/NL/i/btn/btn_donateCC_LG.gif
Requested by
Host: itsallinanutshell.com
URL: https://itsallinanutshell.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
df042c68320bb3f47758d907ec6f1f4a1375b9c6c17c018d901ac5ec4fff8d4f
Security Headers
Name Value
Strict-Transport-Security max-age=31557600
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://itsallinanutshell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 00:26:54 GMT
via
1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
strict-transport-security
max-age=31557600
x-cache
HIT, HIT
fastly-io-info
ifsz=1920 idim=92x47 ifmt=gif ofsz=1919 odim=92x47 ofmt=gif
paypal-debug-id
b650e39910d6c
fastly-stats
io=1
dc
ccg11-origin-www-1.paypal.com
content-length
1919
x-served-by
cache-sjc10053-SJC, cache-yyz4553-YYZ
traceparent
00-0000000000000000000b650e39910d6c-230829c491f55b16-01
x-timer
S1692318415.751274,VS0,VE2
etag
"y+s+agG5zh8AeIMzNXEozDRdTX0KZcpGu3fYGaR+lGA"
content-type
image/gif
cache-control
s-maxage=31536000, public,max-age=3600
accept-ranges
bytes
timing-allow-origin
https://www.paypal.com,https://www.sandbox.paypal.com
x-cache-hits
1316, 1
/
itsallinanutshell.com/_static/
22 KB
5 KB
Stylesheet
General
Full URL
https://itsallinanutshell.com/_static/??-eJyVjFsKgCAQAC+Ube/wIzqL2RKWL1wXrx9BHaDfGWagRKGDz+gzRMuH8QQn5qj0BS7sbJFAqxSY0AIVEzGJjf1usdZEFfzJXyE+8BxWt7STbGQ39vNwAw6jNIg=&ez_used_css_s=115
Requested by
Host: itsallinanutshell.com
URL: https://itsallinanutshell.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1f10:4c55:e23f:afb4:7f32:3aa4:fbc Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
LiteSpeed / PHP/8.2.8, PleskLin
Resource Hash
834dbc209dc11e12e2b7ff341745b7fd2f9efa7f6aaddd8684402745844aa4a1

Request headers

accept-language
en-US,en;q=0.9
Referer
https://itsallinanutshell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 00:26:54 UTC
content-encoding
br
x-sol
pub_site
display
staticcontent_sol
x-powered-by
PHP/8.2.8, PleskLin
x-ezoic-cdn
Hit ds;mm;c792165b683a6950d223c76c73b430f3;2-496996-2;1eb1733a-b338-471b-65dc-57df7524f8a3
x-middleton-display
staticcontent_sol
x-middleton-response
200
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
response
200
last-modified
Tue, 01 Aug 2023 21:29:34 GMT
server
LiteSpeed
x-ez-proxy-out
true 2.4
x-page-optimize
cached
etag
"f10c7e84a22172fd36bd0473ba2ec996-gzip"
x-origin-cache-control
max-age=31536000
vary
Accept-Encoding,User-Agent,Origin
content-type
text/css;charset=UTF-8
cache-control
public, max-age=31536000
v.js
g.ezodn.com/cmp/v2/
5 KB
2 KB
Script
General
Full URL
https://g.ezodn.com/cmp/v2/v.js?v=4
Requested by
Host: itsallinanutshell.com
URL: https://itsallinanutshell.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:8817 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2b104db680a9d1df48409a24d2f18c31e2867e67e921c44b00c72b22d9762bb8

Request headers

accept-language
en-US,en;q=0.9
Referer
https://itsallinanutshell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 00:26:54 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 22 Feb 2023 19:45:49 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
10567682
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2aPFS9%2B%2FrGuzQPFwoDbUA75EkAW37MDTB%2FEoCME%2BEothNJTHFTZm2UUJDcS6cSuDKmOzGB1ceutKUwkFBJG1xdkIf%2FXFo%2FHL02V8AeLQaAKMumoI%2BoPgoBo5AC5C6pkmHgVoLysVQFFN0w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript; charset=utf-8
cache-control
public, max-age=15780000
cf-ray
7f86072bdc544268-EWR
alt-svc
h3=":443"; ma=86400
augusta.js
itsallinanutshell.com/detroitchicago/
2 KB
1 KB
Script
General
Full URL
https://itsallinanutshell.com/detroitchicago/augusta.js?cb=43
Requested by
Host: itsallinanutshell.com
URL: https://itsallinanutshell.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1f10:4c55:e23f:afb4:7f32:3aa4:fbc Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache/2.4.39 (Ubuntu) /
Resource Hash
f933061de4a138a2deb1b78375f6beacd5e911f25301a8ef27cd4a0e04fa1688

Request headers

accept-language
en-US,en;q=0.9
Referer
https://itsallinanutshell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 00:26:54 GMT
content-encoding
br
server
Apache/2.4.39 (Ubuntu)
vary
Accept-Encoding
content-type
application/javascript
x-middleton-display
sol-js
cache-control
max-age=31536000, public
x-robots-tag
noindex
content-length
1025
cmbv2.js
www.ezojs.com/detroitchicago/
947 KB
262 KB
Script
General
Full URL
https://www.ezojs.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-17y07-2y1e-7y0b-6y0d-27y13-4y16-3y18-4y1c-5y21-4y22-1y25-2y24-5y26-3y29-72y2c-158y30-176y34-4y36-21y3a-12y3b-6y59-2y5d-22&cmbcb=178&sj=x04x02x06x07x1ex0bx0dx13x16x18x1cx21x22x25x24x26x29x2cx30x34x36x3ax3bx59x5d&abt=EdgeHostDomain
Requested by
Host: itsallinanutshell.com
URL: https://itsallinanutshell.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:5d19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c6565b2d033e2305072b2fc6c60b1ddf38937c42970add14e6a0c7425433b7d0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://itsallinanutshell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 00:26:54 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished
origSize=975099
x-middleton-display
sol-js
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Wed, 16 Aug 2023 18:54:11 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5KpIdqKjsTJN3wJSLGjxjKkEwPY0L2r4imnJm2RB3vY2GZPT7nMrW7X3w69SoQZwncm7%2BMiydV3iuU8%2FHbeaf3thwoBDCzRyusgXQRf3XCpp4B2h5IZtUDsYZ46%2BLGStSvSf%2FcekqrroHp7P"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=31536000
x-robots-tag
noindex
cf-ray
7f86072bbcd34bbb-BUF
truncated
/
73 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
606a750e74ed4ed70f86a4c243c2fc82206788fb4ca32295f804a737c038261d

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
67 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7a108193a3c54e5c07c1207c0e38b0279d9cddc0fb844fdbdcaf82629ec69eb8

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
14 KB
14 KB
Font
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1cfd32e37f8aba263101f06e8f702adfaef55a6601857cf5e2c6dd0b0388dcd6

Request headers

Referer
Origin
https://itsallinanutshell.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type
application/x-font-woff;charset=utf-8
nmash.js
www.ezojs.com/porpoiseant/
64 KB
23 KB
Script
General
Full URL
https://www.ezojs.com/porpoiseant/nmash.js?bv=257
Requested by
Host: www.ezojs.com
URL: https://www.ezojs.com/porpoiseant/banger.js?cb=195-0&bv=257&v=76&PageSpeed=off
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::6815:5d19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a157a21d0e2c0fbccfb8a7ba640337d06209687dffbaee39bf703d52c3342d70

Request headers

accept-language
en-US,en;q=0.9
Referer
https://itsallinanutshell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 00:26:54 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1391
cf-polished
origSize=65759
x-middleton-display
sol-js
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Thu, 17 Aug 2023 21:53:59 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L3pvS1U0WIK3M%2Brs2BHi5MO0kWs5ck2wi9DVhcpOCTKqTWyCqR0TKWwtcM%2BmpqHfUfDrmhHq2BEuP3qE5qxVaQdPjidlosYEOLTrUALXITW2xjDkroUBk935zyojlwkoAXW65r2xQsbMxcHZ"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=31536000
x-robots-tag
noindex
cf-ray
7f86072c4cd54bbb-BUF
/
bshr.ezodn.com/
9 KB
5 KB
XHR
General
Full URL
https://bshr.ezodn.com/?did=496996&bf=30000&dc=21732118914%7C1254144
Requested by
Host: www.ezojs.com
URL: https://www.ezojs.com/porpoiseant/banger.js?cb=195-0&bv=257&v=76&PageSpeed=off
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:8817 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
de8f5c3c12c0aa30a06ad419f70a23b6af2ebf72e3ffacaec37ab72258657a47

Request headers

Referer
https://itsallinanutshell.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
X-PINGBACK
pingpong
Content-Type
application/json

Response headers

date
Fri, 18 Aug 2023 00:26:54 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
273261
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 14 Aug 2023 20:32:33 GMT
server
cloudflare
access-control-max-age
1728000
access-control-allow-methods
GET, POST, PUT, OPTIONS
content-type
application/json; charset=utf8
access-control-allow-origin
https://itsallinanutshell.com
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MLzERaUGHE1CCxutBH%2BNT1trJ7eVsLhqgNhM7%2FA37DvM0nvb1udKOYsTktmrTKx%2Fp7RSLR4hUsJS3dqMeUsUffN44CMXOeKD5kF5zAO61E06mt5dz9UDsKMw8Vur5ZHkwVivBTKZ21tuOgMwNw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
private, max-age=1209600
access-control-allow-credentials
true
vary
Accept-Encoding,Origin,Access-Control-Request-Method,Access-Control-Request-Headers
cf-ray
7f86072d6e4f4396-EWR
access-control-allow-headers
Content-Type
/
bshr.ezodn.com/ Frame
0
0
Preflight
General
Full URL
https://bshr.ezodn.com/?did=496996&bf=30000&dc=21732118914%7C1254144
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:8817 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-pingback
Access-Control-Request-Method
GET
Origin
https://itsallinanutshell.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-pingback
access-control-allow-methods
GET, POST, PUT, OPTIONS
access-control-allow-origin
https://itsallinanutshell.com
access-control-max-age
1728000
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7f86072d0db74396-EWR
content-length
0
content-type
text/plain; charset=utf-8
date
Fri, 18 Aug 2023 00:26:54 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3BO4bYfIC4iAvlVVujy%2BhFe%2BZ%2BoFFwjOPCdtVId7NosPXeNERgKMYb16ZYb9XZnWueevRZmmMbR7dygR4pDdTQD4uKPIvDIHxlLELbrCoh%2B2DlLy9V12OU7pMM2ZrisiSBlmroeXxXRViaWqZA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding,Origin,Access-Control-Request-Method,Access-Control-Request-Headers
css
fonts.mailerlite.com/
176 KB
7 KB
Stylesheet
General
Full URL
https://fonts.mailerlite.com/css?family=Roboto:400,400i,700,700i|Merriweather:400,900i,900,700i,700,300,300i,400i|Lato:400,400i,700,700i|Montserrat:400,400i,700,700i|Montserrat+Alternates:400,400i,700,700i|Open+Sans:400,400i,700,700i|PT+Sans:400,400i,700,700i|Source+Sans+Pro:400,400i,700,700i|Roboto+Slab:400,700|Ubuntu:400,400i,700,700i|Titillium+Web:400,400i,700,700i|Nunito:400,400i,700,700i|Cabin:400,400i,700,700i|Oswald:400,700|Work+Sans:400,700|Exo:400,400i,700,700i|Comfortaa:400,700|Raleway:400,400i,700,700i|Oxygen:400,700|Poppins:400,400i,700,700i|Playfair+Display:400,400i,700,700i|Shadows+Into+Light+Two|PT+Serif:400,400italic,700,700italic|Josefin+Slab:400,400italic,700,700italic|Arvo:400,700,700italic,400italic|Vollkorn:400,400italic,700,700italic|Karla:400,400italic,700,700italic|Noto+Sans:400,400italic,700,700italic|Barlow+Condensed:400,400italic,700,700italic|Anton|Inter:400,700|Abril+Fatface|Yeseva+One|Poiret+One|Marck+Script|Pacifico|Fira+Sans|Rubik&subset=cyrillic,cyrillic-ext,latin-ext
Requested by
Host: assets.mlcdn.com
URL: https://assets.mlcdn.com/fonts.css?version=1683642
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:c45 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2919310cae24ba76feb93e198bdbcd94260bcfcbd7e87dd331585db353494e19

Request headers

accept-language
en-US,en;q=0.9
Referer
https://assets.mlcdn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 00:26:54 GMT
content-encoding
br
server
cloudflare
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
cf-ray
7f86072d49ed4bc0-BUF
imp.gif
itsallinanutshell.com/detroitchicago/
43 B
219 B
Ping
General
Full URL
https://itsallinanutshell.com/detroitchicago/imp.gif
Requested by
Host: www.ezojs.com
URL: https://www.ezojs.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-17y07-2y1e-7y0b-6y0d-27y13-4y16-3y18-4y1c-5y21-4y22-1y25-2y24-5y26-3y29-72y2c-158y30-176y34-4y36-21y3a-12y3b-6y59-2y5d-22&cmbcb=178&sj=x04x02x06x07x1ex0bx0dx13x16x18x1cx21x22x25x24x26x29x2cx30x34x36x3ax3bx59x5d&abt=EdgeHostDomain
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1f10:4c55:e23f:afb4:7f32:3aa4:fbc Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Referer
https://itsallinanutshell.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 18 Aug 2023 00:26:54 GMT
content-encoding
br
access-control-max-age
1728000
access-control-allow-methods
HEAD, PUT, POST, GET, OPTIONS
content-type
image/gif
access-control-allow-origin
https://itsallinanutshell.com
x-middleton-display
imp_sol
cache-control
private, max-age=0, must-revalidate, no-cache, no-store
vary
Accept-Encoding
access-control-allow-headers
Content-Type
content-length
47
expires
Thu, 17 Aug 2023 00:26:54 GMT
quant.js
secure.quantserve.com/
22 KB
9 KB
Script
General
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: www.ezojs.com
URL: https://www.ezojs.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-17y07-2y1e-7y0b-6y0d-27y13-4y16-3y18-4y1c-5y21-4y22-1y25-2y24-5y26-3y29-72y2c-158y30-176y34-4y36-21y3a-12y3b-6y59-2y5d-22&cmbcb=178&sj=x04x02x06x07x1ex0bx0dx13x16x18x1cx21x22x25x24x26x29x2cx30x34x36x3ax3bx59x5d&abt=EdgeHostDomain
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800b:21:f059:4f7e:28a9:1588 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e23decabee8464b650d1d0241283ba0c469806e14a2199efc5bb41771cb673c1

Request headers

accept-language
en-US,en;q=0.9
Referer
https://itsallinanutshell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 00:26:55 GMT
content-encoding
gzip
etag
"sLp6xTjO7svFVaOemhLWUQ=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
accept-ranges
bytes
expires
Fri, 25 Aug 2023 00:26:55 GMT
truncated
/
42 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c90cff659645a312a28804965f3dbc34061338f7234ff5d6ddb2c57e9eadec15

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type
image/webp
cmbdv2.js
www.ezojs.com/detroitchicago/
38 KB
11 KB
Script
General
Full URL
https://www.ezojs.com/detroitchicago/cmbdv2.js?gcb=195-0&cb=03-8y0c-6y1d-5y17-3y5e-22&cmbcb=178&sj=x03x0cx1dx17x5e&abt=EdgeHostDomain
Requested by
Host: itsallinanutshell.com
URL: https://itsallinanutshell.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:5d19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0e48cafc5be8b340f549d16fb048ac0dc93b9ff6bee1a27e158b3114a113739a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://itsallinanutshell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 00:26:54 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
118378
cf-polished
origSize=39200
x-middleton-display
sol-js
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Mon, 14 Aug 2023 18:38:27 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sHoyYZjpwksNGtsTlXcv54vw0zuGwEJ6GgNRz5QuqzX%2ByPI4OGGn9eTjFGC2vGsxQnyIlqJNXsSAU%2B8BXmQJAqZYAiouiUNCGr4TYWvgTJQp2ogsOVFT9qvW90X9jrMou2Qz1ufscEr%2FaVlZ"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=31536000
x-robots-tag
noindex
cf-ray
7f86072d0c914bc9-BUF
Dreamweaver-2.jpg
itsallinanutshell.com/wp-content/uploads/2023/06/
139 KB
140 KB
Image
General
Full URL
https://itsallinanutshell.com/wp-content/uploads/2023/06/Dreamweaver-2.jpg?ezimgfmt=rs%3Adevice%2Frscb1-1%2Fng%3Awebp%2Fngcb1
Requested by
Host: itsallinanutshell.com
URL: https://itsallinanutshell.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1f10:4c55:e23f:afb4:7f32:3aa4:fbc Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
LiteSpeed / PleskLin
Resource Hash
e00e9cdbd9366fb79b0a72bb4bd16443c88c74ef8d14a2380bb96a5be75db0d6

Request headers

accept-language
en-US,en;q=0.9
Referer
https://itsallinanutshell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 00:26:54 UTC
content-encoding
br
display
staticcontent_sol
x-powered-by
PleskLin
x-ezoic-cdn
Hit ds;ds;781d3928596685143bab3201174743af;2-496996-2;23d799fa-637f-4df5-6cee-361d12be7997
x-middleton-display
staticcontent_sol
x-middleton-response
200
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
x-ezoic-excludewebp
false
response
200
last-modified
Thu, 29 Jun 2023 17:51:07 GMT
server
LiteSpeed
x-ez-proxy-out
true 2.4
etag
"3522a-649dc48b-54835c502d952e0f;;;-gzip"
x-origin-cache-control
public, max-age=604800
vary
Accept-Encoding,X-Ezoic-Excludewebp,User-Agent,Origin
content-type
image/webp
cache-control
public, max-age=31536000
bubbling-brook-mandala-2.jpg
itsallinanutshell.com/wp-content/uploads/2023/04/
96 KB
96 KB
Image
General
Full URL
https://itsallinanutshell.com/wp-content/uploads/2023/04/bubbling-brook-mandala-2.jpg?ezimgfmt=rs%3Adevice%2Frscb1-1%2Fng%3Awebp%2Fngcb1
Requested by
Host: itsallinanutshell.com
URL: https://itsallinanutshell.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1f10:4c55:e23f:afb4:7f32:3aa4:fbc Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
LiteSpeed / PleskLin
Resource Hash
77540abcdb45da71190faa6dd3fba9ecdb84308769469778a805e41d18ad4d85

Request headers

accept-language
en-US,en;q=0.9
Referer
https://itsallinanutshell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 00:26:54 UTC
content-encoding
br
display
staticcontent_sol
x-powered-by
PleskLin
x-ezoic-cdn
Hit ds;ds;654d953cd6392c11fcf32cb8812229a2;2-496996-2;70993ed5-44b6-4f64-54b6-07caf87ab2c6
x-middleton-display
staticcontent_sol
x-middleton-response
200
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
x-ezoic-excludewebp
false
response
200
last-modified
Thu, 13 Apr 2023 08:43:17 GMT
server
LiteSpeed
x-ez-proxy-out
true 2.4
etag
"3a817-6437c0a5-e870e5dc580d16fb;;;-gzip"
x-origin-cache-control
public, max-age=604800
vary
Accept-Encoding,X-Ezoic-Excludewebp,User-Agent,Origin
content-type
image/webp
cache-control
public, max-age=31536000
js
www.googletagmanager.com/gtag/
214 KB
76 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-FMSZ48GY69&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-76475896-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80a::2008 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
2fd4aeb859f19e41cf023725c31175da6cb0cad8ed87e93cba322ee07dfbbbb3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://itsallinanutshell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 00:26:55 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
78082
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 18 Aug 2023 00:26:55 GMT
analytics.js
www.google-analytics.com/
52 KB
21 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-76475896-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:817::200e Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://itsallinanutshell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 17 Aug 2023 22:40:55 GMT
last-modified
Mon, 12 Jun 2023 18:23:07 GMT
server
Golfe2
age
6360
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Fri, 18 Aug 2023 00:40:55 GMT
js
www.googletagmanager.com/gtag/
208 KB
75 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=GT-MK9LD9J&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-76475896-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80a::2008 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
4566cc4dddb2fd6641747b8b37ecf6e30fc41fb39378b8504d2389e8a98d8e4a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://itsallinanutshell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 00:26:55 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
76185
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 18 Aug 2023 00:26:55 GMT
6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.mailerlite.com/fonts/s/sourcesanspro/v22/
15 KB
15 KB
Font
General
Full URL
https://fonts.mailerlite.com/fonts/s/sourcesanspro/v22/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
Requested by
Host: fonts.mailerlite.com
URL: https://fonts.mailerlite.com/css?family=Roboto:400,400i,700,700i|Merriweather:400,900i,900,700i,700,300,300i,400i|Lato:400,400i,700,700i|Montserrat:400,400i,700,700i|Montserrat+Alternates:400,400i,700,700i|Open+Sans:400,400i,700,700i|PT+Sans:400,400i,700,700i|Source+Sans+Pro:400,400i,700,700i|Roboto+Slab:400,700|Ubuntu:400,400i,700,700i|Titillium+Web:400,400i,700,700i|Nunito:400,400i,700,700i|Cabin:400,400i,700,700i|Oswald:400,700|Work+Sans:400,700|Exo:400,400i,700,700i|Comfortaa:400,700|Raleway:400,400i,700,700i|Oxygen:400,700|Poppins:400,400i,700,700i|Playfair+Display:400,400i,700,700i|Shadows+Into+Light+Two|PT+Serif:400,400italic,700,700italic|Josefin+Slab:400,400italic,700,700italic|Arvo:400,700,700italic,400italic|Vollkorn:400,400italic,700,700italic|Karla:400,400italic,700,700italic|Noto+Sans:400,400italic,700,700italic|Barlow+Condensed:400,400italic,700,700italic|Anton|Inter:400,700|Abril+Fatface|Yeseva+One|Poiret+One|Marck+Script|Pacifico|Fira+Sans|Rubik&subset=cyrillic,cyrillic-ext,latin-ext
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:c45 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://fonts.mailerlite.com/css?family=Roboto:400,400i,700,700i|Merriweather:400,900i,900,700i,700,300,300i,400i|Lato:400,400i,700,700i|Montserrat:400,400i,700,700i|Montserrat+Alternates:400,400i,700,700i|Open+Sans:400,400i,700,700i|PT+Sans:400,400i,700,700i|Source+Sans+Pro:400,400i,700,700i|Roboto+Slab:400,700|Ubuntu:400,400i,700,700i|Titillium+Web:400,400i,700,700i|Nunito:400,400i,700,700i|Cabin:400,400i,700,700i|Oswald:400,700|Work+Sans:400,700|Exo:400,400i,700,700i|Comfortaa:400,700|Raleway:400,400i,700,700i|Oxygen:400,700|Poppins:400,400i,700,700i|Playfair+Display:400,400i,700,700i|Shadows+Into+Light+Two|PT+Serif:400,400italic,700,700italic|Josefin+Slab:400,400italic,700,700italic|Arvo:400,700,700italic,400italic|Vollkorn:400,400italic,700,700italic|Karla:400,400italic,700,700italic|Noto+Sans:400,400italic,700,700italic|Barlow+Condensed:400,400italic,700,700italic|Anton|Inter:400,700|Abril+Fatface|Yeseva+One|Poiret+One|Marck+Script|Pacifico|Fira+Sans|Rubik&subset=cyrillic,cyrillic-ext,latin-ext
Origin
https://itsallinanutshell.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 00:26:55 GMT
x-content-type-options
nosniff
last-modified
Thu, 01 Jun 2023 22:52:56 GMT
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
7f86072eba074bc0-BUF
content-length
14892
expires
Sat, 17 Aug 2024 00:26:55 GMT
6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2
fonts.mailerlite.com/fonts/s/sourcesanspro/v22/
14 KB
14 KB
Font
General
Full URL
https://fonts.mailerlite.com/fonts/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2
Requested by
Host: fonts.mailerlite.com
URL: https://fonts.mailerlite.com/css?family=Roboto:400,400i,700,700i|Merriweather:400,900i,900,700i,700,300,300i,400i|Lato:400,400i,700,700i|Montserrat:400,400i,700,700i|Montserrat+Alternates:400,400i,700,700i|Open+Sans:400,400i,700,700i|PT+Sans:400,400i,700,700i|Source+Sans+Pro:400,400i,700,700i|Roboto+Slab:400,700|Ubuntu:400,400i,700,700i|Titillium+Web:400,400i,700,700i|Nunito:400,400i,700,700i|Cabin:400,400i,700,700i|Oswald:400,700|Work+Sans:400,700|Exo:400,400i,700,700i|Comfortaa:400,700|Raleway:400,400i,700,700i|Oxygen:400,700|Poppins:400,400i,700,700i|Playfair+Display:400,400i,700,700i|Shadows+Into+Light+Two|PT+Serif:400,400italic,700,700italic|Josefin+Slab:400,400italic,700,700italic|Arvo:400,700,700italic,400italic|Vollkorn:400,400italic,700,700italic|Karla:400,400italic,700,700italic|Noto+Sans:400,400italic,700,700italic|Barlow+Condensed:400,400italic,700,700italic|Anton|Inter:400,700|Abril+Fatface|Yeseva+One|Poiret+One|Marck+Script|Pacifico|Fira+Sans|Rubik&subset=cyrillic,cyrillic-ext,latin-ext
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:c45 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0d0a6262c545e8bbc895116e5afb22579c468d7abb77e378f377d6fed57c1dce
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://fonts.mailerlite.com/css?family=Roboto:400,400i,700,700i|Merriweather:400,900i,900,700i,700,300,300i,400i|Lato:400,400i,700,700i|Montserrat:400,400i,700,700i|Montserrat+Alternates:400,400i,700,700i|Open+Sans:400,400i,700,700i|PT+Sans:400,400i,700,700i|Source+Sans+Pro:400,400i,700,700i|Roboto+Slab:400,700|Ubuntu:400,400i,700,700i|Titillium+Web:400,400i,700,700i|Nunito:400,400i,700,700i|Cabin:400,400i,700,700i|Oswald:400,700|Work+Sans:400,700|Exo:400,400i,700,700i|Comfortaa:400,700|Raleway:400,400i,700,700i|Oxygen:400,700|Poppins:400,400i,700,700i|Playfair+Display:400,400i,700,700i|Shadows+Into+Light+Two|PT+Serif:400,400italic,700,700italic|Josefin+Slab:400,400italic,700,700italic|Arvo:400,700,700italic,400italic|Vollkorn:400,400italic,700,700italic|Karla:400,400italic,700,700italic|Noto+Sans:400,400italic,700,700italic|Barlow+Condensed:400,400italic,700,700italic|Anton|Inter:400,700|Abril+Fatface|Yeseva+One|Poiret+One|Marck+Script|Pacifico|Fira+Sans|Rubik&subset=cyrillic,cyrillic-ext,latin-ext
Origin
https://itsallinanutshell.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 00:26:55 GMT
x-content-type-options
nosniff
last-modified
Thu, 01 Jun 2023 22:52:57 GMT
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
7f86072eba094bc0-BUF
content-length
14712
expires
Sat, 17 Aug 2024 00:26:55 GMT
nutsaboutsquares.jpg
itsallinanutshell.com/ezoimgfmt/i0.wp.com/itsallinanutshell.com/wp-content/uploads/2019/10/
86 KB
86 KB
Image
General
Full URL
https://itsallinanutshell.com/ezoimgfmt/i0.wp.com/itsallinanutshell.com/wp-content/uploads/2019/10/nutsaboutsquares.jpg?resize=1000%2C1200&is-pending-load=1
Requested by
Host: itsallinanutshell.com
URL: https://itsallinanutshell.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1f10:4c55:e23f:afb4:7f32:3aa4:fbc Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
ffa114663c8acf0573b46ef06f7b9fa19896e3186356e8522ac2ba30078a4c41
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://itsallinanutshell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 00:26:55 UTC
content-encoding
br
x-content-type-options
nosniff
display
staticcontent_sol
x-ezoic-cdn
Miss
x-middleton-display
staticcontent_sol
x-middleton-response
200
x-nc
HIT dca 1
response
200
last-modified
Tue, 15 Aug 2023 07:45:20 GMT
server
nginx
etag
"0f864ba6ce32b1f0-gzip"
x-origin-cache-control
public, max-age=63115200
vary
Accept-Encoding,Accept,X-Ezoic-Excludewebp,User-Agent,Origin
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<http://itsallinanutshell.com/wp-content/uploads/2019/10/nutsaboutsquares.jpg>; rel="canonical"
expires
Thu, 14 Aug 2025 19:45:20 GMT
trinity.jpg
itsallinanutshell.com/ezoimgfmt/i0.wp.com/itsallinanutshell.com/wp-content/uploads/2019/10/
212 KB
213 KB
Image
General
Full URL
https://itsallinanutshell.com/ezoimgfmt/i0.wp.com/itsallinanutshell.com/wp-content/uploads/2019/10/trinity.jpg?resize=1000%2C1200&is-pending-load=1
Requested by
Host: itsallinanutshell.com
URL: https://itsallinanutshell.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1f10:4c55:e23f:afb4:7f32:3aa4:fbc Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
dd468dca546b1978f0c492a6afaee28fc5e5a4223629d5fa4ef5653452330cd0
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://itsallinanutshell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 00:26:55 UTC
content-encoding
br
x-content-type-options
nosniff
display
staticcontent_sol
x-ezoic-cdn
Miss
x-middleton-display
staticcontent_sol
x-middleton-response
200
x-nc
HIT dca 1
response
200
last-modified
Tue, 15 Aug 2023 07:45:29 GMT
server
nginx
etag
"1b284c3e7a55c8f7-gzip"
x-origin-cache-control
public, max-age=63115200
vary
Accept-Encoding,Accept,X-Ezoic-Excludewebp,User-Agent,Origin
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<http://itsallinanutshell.com/wp-content/uploads/2019/10/trinity.jpg>; rel="canonical"
expires
Thu, 14 Aug 2025 19:45:29 GMT
tlc-blanket.jpg
itsallinanutshell.com/ezoimgfmt/i0.wp.com/itsallinanutshell.com/wp-content/uploads/2020/06/
143 KB
143 KB
Image
General
Full URL
https://itsallinanutshell.com/ezoimgfmt/i0.wp.com/itsallinanutshell.com/wp-content/uploads/2020/06/tlc-blanket.jpg?resize=1000%2C1200&is-pending-load=1
Requested by
Host: itsallinanutshell.com
URL: https://itsallinanutshell.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1f10:4c55:e23f:afb4:7f32:3aa4:fbc Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
0ed6a5f0f538fd39b78030a852691db1a37351c3bb5187627c6844fb135d57b8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://itsallinanutshell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 00:26:55 UTC
content-encoding
br
x-content-type-options
nosniff
display
staticcontent_sol
x-ezoic-cdn
Miss
x-middleton-display
staticcontent_sol
x-middleton-response
200
x-nc
HIT dca 4
response
200
last-modified
Tue, 15 Aug 2023 07:45:20 GMT
server
nginx
etag
"8b18938be4d8f52b-gzip"
x-origin-cache-control
public, max-age=63115200
vary
Accept-Encoding,Accept,X-Ezoic-Excludewebp,User-Agent,Origin
access-control-allow-methods
GET, HEAD
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=63115200
timing-allow-origin
*
link
<http://itsallinanutshell.com/wp-content/uploads/2020/06/tlc-blanket.jpg>; rel="canonical"
expires
Thu, 14 Aug 2025 19:45:20 GMT
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.mailerlite.com/fonts/s/opensans/v35/
47 KB
48 KB
Font
General
Full URL
https://fonts.mailerlite.com/fonts/s/opensans/v35/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.mailerlite.com
URL: https://fonts.mailerlite.com/css?family=Roboto:400,400i,700,700i|Merriweather:400,900i,900,700i,700,300,300i,400i|Lato:400,400i,700,700i|Montserrat:400,400i,700,700i|Montserrat+Alternates:400,400i,700,700i|Open+Sans:400,400i,700,700i|PT+Sans:400,400i,700,700i|Source+Sans+Pro:400,400i,700,700i|Roboto+Slab:400,700|Ubuntu:400,400i,700,700i|Titillium+Web:400,400i,700,700i|Nunito:400,400i,700,700i|Cabin:400,400i,700,700i|Oswald:400,700|Work+Sans:400,700|Exo:400,400i,700,700i|Comfortaa:400,700|Raleway:400,400i,700,700i|Oxygen:400,700|Poppins:400,400i,700,700i|Playfair+Display:400,400i,700,700i|Shadows+Into+Light+Two|PT+Serif:400,400italic,700,700italic|Josefin+Slab:400,400italic,700,700italic|Arvo:400,700,700italic,400italic|Vollkorn:400,400italic,700,700italic|Karla:400,400italic,700,700italic|Noto+Sans:400,400italic,700,700italic|Barlow+Condensed:400,400italic,700,700italic|Anton|Inter:400,700|Abril+Fatface|Yeseva+One|Poiret+One|Marck+Script|Pacifico|Fira+Sans|Rubik&subset=cyrillic,cyrillic-ext,latin-ext
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:c45 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7c7818c25a18e8a38553fcbcbc2ad0b5e964103a7d2e494f82815e3f70bf3fc5
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://fonts.mailerlite.com/css?family=Roboto:400,400i,700,700i|Merriweather:400,900i,900,700i,700,300,300i,400i|Lato:400,400i,700,700i|Montserrat:400,400i,700,700i|Montserrat+Alternates:400,400i,700,700i|Open+Sans:400,400i,700,700i|PT+Sans:400,400i,700,700i|Source+Sans+Pro:400,400i,700,700i|Roboto+Slab:400,700|Ubuntu:400,400i,700,700i|Titillium+Web:400,400i,700,700i|Nunito:400,400i,700,700i|Cabin:400,400i,700,700i|Oswald:400,700|Work+Sans:400,700|Exo:400,400i,700,700i|Comfortaa:400,700|Raleway:400,400i,700,700i|Oxygen:400,700|Poppins:400,400i,700,700i|Playfair+Display:400,400i,700,700i|Shadows+Into+Light+Two|PT+Serif:400,400italic,700,700italic|Josefin+Slab:400,400italic,700,700italic|Arvo:400,700,700italic,400italic|Vollkorn:400,400italic,700,700italic|Karla:400,400italic,700,700italic|Noto+Sans:400,400italic,700,700italic|Barlow+Condensed:400,400italic,700,700italic|Anton|Inter:400,700|Abril+Fatface|Yeseva+One|Poiret+One|Marck+Script|Pacifico|Fira+Sans|Rubik&subset=cyrillic,cyrillic-ext,latin-ext
Origin
https://itsallinanutshell.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 00:26:55 GMT
x-content-type-options
nosniff
last-modified
Tue, 02 May 2023 15:08:53 GMT
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
7f86072eba084bc0-BUF
content-length
48412
expires
Sat, 17 Aug 2024 00:26:55 GMT
memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2
fonts.mailerlite.com/fonts/s/opensans/v35/
49 KB
49 KB
Font
General
Full URL
https://fonts.mailerlite.com/fonts/s/opensans/v35/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2
Requested by
Host: fonts.mailerlite.com
URL: https://fonts.mailerlite.com/css?family=Roboto:400,400i,700,700i|Merriweather:400,900i,900,700i,700,300,300i,400i|Lato:400,400i,700,700i|Montserrat:400,400i,700,700i|Montserrat+Alternates:400,400i,700,700i|Open+Sans:400,400i,700,700i|PT+Sans:400,400i,700,700i|Source+Sans+Pro:400,400i,700,700i|Roboto+Slab:400,700|Ubuntu:400,400i,700,700i|Titillium+Web:400,400i,700,700i|Nunito:400,400i,700,700i|Cabin:400,400i,700,700i|Oswald:400,700|Work+Sans:400,700|Exo:400,400i,700,700i|Comfortaa:400,700|Raleway:400,400i,700,700i|Oxygen:400,700|Poppins:400,400i,700,700i|Playfair+Display:400,400i,700,700i|Shadows+Into+Light+Two|PT+Serif:400,400italic,700,700italic|Josefin+Slab:400,400italic,700,700italic|Arvo:400,700,700italic,400italic|Vollkorn:400,400italic,700,700italic|Karla:400,400italic,700,700italic|Noto+Sans:400,400italic,700,700italic|Barlow+Condensed:400,400italic,700,700italic|Anton|Inter:400,700|Abril+Fatface|Yeseva+One|Poiret+One|Marck+Script|Pacifico|Fira+Sans|Rubik&subset=cyrillic,cyrillic-ext,latin-ext
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:c45 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3642c7e774562f7483d7b0de93dd1759fc6928e85eebd7e62ddae72e9d46c9cb
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://fonts.mailerlite.com/css?family=Roboto:400,400i,700,700i|Merriweather:400,900i,900,700i,700,300,300i,400i|Lato:400,400i,700,700i|Montserrat:400,400i,700,700i|Montserrat+Alternates:400,400i,700,700i|Open+Sans:400,400i,700,700i|PT+Sans:400,400i,700,700i|Source+Sans+Pro:400,400i,700,700i|Roboto+Slab:400,700|Ubuntu:400,400i,700,700i|Titillium+Web:400,400i,700,700i|Nunito:400,400i,700,700i|Cabin:400,400i,700,700i|Oswald:400,700|Work+Sans:400,700|Exo:400,400i,700,700i|Comfortaa:400,700|Raleway:400,400i,700,700i|Oxygen:400,700|Poppins:400,400i,700,700i|Playfair+Display:400,400i,700,700i|Shadows+Into+Light+Two|PT+Serif:400,400italic,700,700italic|Josefin+Slab:400,400italic,700,700italic|Arvo:400,700,700italic,400italic|Vollkorn:400,400italic,700,700italic|Karla:400,400italic,700,700italic|Noto+Sans:400,400italic,700,700italic|Barlow+Condensed:400,400italic,700,700italic|Anton|Inter:400,700|Abril+Fatface|Yeseva+One|Poiret+One|Marck+Script|Pacifico|Fira+Sans|Rubik&subset=cyrillic,cyrillic-ext,latin-ext
Origin
https://itsallinanutshell.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 00:26:55 GMT
x-content-type-options
nosniff
last-modified
Tue, 02 May 2023 15:13:42 GMT
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
7f86072eba0a4bc0-BUF
content-length
50440
expires
Sat, 17 Aug 2024 00:26:55 GMT
btn_donateCC_LG.gif
www.paypalobjects.com/en_US/NL/i/btn/
2 KB
2 KB
Image
General
Full URL
https://www.paypalobjects.com/en_US/NL/i/btn/btn_donateCC_LG.gif
Requested by
Host: itsallinanutshell.com
URL: https://itsallinanutshell.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
df042c68320bb3f47758d907ec6f1f4a1375b9c6c17c018d901ac5ec4fff8d4f
Security Headers
Name Value
Strict-Transport-Security max-age=31557600
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://itsallinanutshell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 00:26:55 GMT
via
1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
strict-transport-security
max-age=31557600
x-cache
HIT, HIT
fastly-io-info
ifsz=1920 idim=92x47 ifmt=gif ofsz=1919 odim=92x47 ofmt=gif
paypal-debug-id
b650e39910d6c
fastly-stats
io=1
dc
ccg11-origin-www-1.paypal.com
content-length
1919
x-served-by
cache-sjc10053-SJC, cache-yyz4553-YYZ
traceparent
00-0000000000000000000b650e39910d6c-230829c491f55b16-01
x-timer
S1692318415.148102,VS0,VE0
etag
"y+s+agG5zh8AeIMzNXEozDRdTX0KZcpGu3fYGaR+lGA"
content-type
image/gif
cache-control
s-maxage=31536000, public,max-age=3600
accept-ranges
bytes
timing-allow-origin
https://www.paypal.com,https://www.sandbox.paypal.com
x-cache-hits
1316, 2
pixel.gif
www.paypalobjects.com/en_NL/i/scr/
Redirect Chain
  • https://www.paypal.com/en_NL/i/scr/pixel.gif
  • https://www.paypalobjects.com/en_NL/i/scr/pixel.gif
0
0
Image
General
Full URL
https://www.paypalobjects.com/en_NL/i/scr/pixel.gif
Requested by
Host: itsallinanutshell.com
URL: https://itsallinanutshell.com/
Protocol
H2
Server
151.101.66.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://itsallinanutshell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Redirect headers

date
Fri, 18 Aug 2023 00:26:55 GMT
content-encoding
gzip
strict-transport-security
max-age=63072000; includeSubDomains; preload
accept-ch
Sec-CH-UA-Full
server
ECAcc (dcd/7D21)
traceparent
00-000000000000000000005a7372ba2192-468e5d7d8e72f7e9-01
vary
Accept-Encoding
location
https://www.paypalobjects.com/en_NL/i/scr/pixel.gif
paypal-debug-id
05a7372ba2192
cache-control
max-age=0, no-cache, no-store, must-revalidate
origin-trial
AlIogV3KFtnbfVCyl9Z2NprE7FD8PYCt+TQiYdE3ppeJjJ0xJKcthYwOxXpRCNopxVWdOIENMcNSvQCGAmj0fw0AAAB2eyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlfQ==
server-timing
content-encoding;desc="", x-cdn;desc="edgecast"
dc
ccg11-origin-www-1.paypal.com
timing-allow-origin
*
content-length
20
rules-p-31iz6hfFutd16.js
rules.quantcount.com/
160 B
634 B
Script
General
Full URL
https://rules.quantcount.com/rules-p-31iz6hfFutd16.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21dd:1600:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4718dd9f68e969d1cb5e1b6172206b7150ad1d8cd5c5c1fe5812dd0e1646d426

Request headers

accept-language
en-US,en;q=0.9
Referer
https://itsallinanutshell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 23:32:13 GMT
via
1.1 2ef71b29bcfbfc8755cad5f92a3c329a.cloudfront.net (CloudFront)
x-amz-cf-pop
EWR53-C2
age
3283
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
160
last-modified
Fri, 14 Oct 2022 00:41:49 GMT
server
AmazonS3
etag
"af15ecfe46737cb2a37226fd060f23a6"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
x-amz-cf-id
TTmXJWDyckmlezfQKxFOOy0zpZwGyJrKaqv1cvu61CDJfzxFFag1Iw==
xtra.gif
itsallinanutshell.com/detroitchicago/
43 B
180 B
Ping
General
Full URL
https://itsallinanutshell.com/detroitchicago/xtra.gif
Requested by
Host: www.ezojs.com
URL: https://www.ezojs.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-17y07-2y1e-7y0b-6y0d-27y13-4y16-3y18-4y1c-5y21-4y22-1y25-2y24-5y26-3y29-72y2c-158y30-176y34-4y36-21y3a-12y3b-6y59-2y5d-22&cmbcb=178&sj=x04x02x06x07x1ex0bx0dx13x16x18x1cx21x22x25x24x26x29x2cx30x34x36x3ax3bx59x5d&abt=EdgeHostDomain
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1f10:4c55:e23f:afb4:7f32:3aa4:fbc Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Referer
https://itsallinanutshell.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 18 Aug 2023 00:26:55 GMT
content-encoding
br
access-control-max-age
1728000
access-control-allow-methods
HEAD, PUT, POST, GET, OPTIONS
content-type
image/gif
access-control-allow-origin
https://itsallinanutshell.com
x-middleton-display
imp_sol
cache-control
private, max-age=0, must-revalidate, no-cache, no-store
vary
Accept-Encoding
access-control-allow-headers
Content-Type
content-length
47
expires
Thu, 17 Aug 2023 00:26:55 GMT
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308150101/
402 KB
127 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308150101/pubads_impl.js?cb=31077123
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81f::2002 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a6eda84e469463424ebf458949c409a82ee31d042cf3c8e84978658832f634c5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://itsallinanutshell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 20:37:31 GMT
content-encoding
br
x-content-type-options
nosniff
age
13764
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
129634
x-xss-protection
0
server
cafe
etag
8962464231799197432
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Fri, 16 Aug 2024 20:37:31 GMT
collect
www.google-analytics.com/g/
0
175 B
Ping
General
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-RQ3S2J0DET&gtm=45Pe38g0&_p=1732463647&gdid=dZTNiMT&cid=1075092753.1692318415&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1692318415&sct=1&seg=0&dl=https%3A%2F%2Fitsallinanutshell.com%2F&dt=It%27s%20all%20in%20a%20Nutshell%20Crochet%20%E2%80%93%20love%20%E2%80%93%20live%20%E2%80%93%20crochet&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=GT-MK9LD9J&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:817::200e Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://itsallinanutshell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 00:26:55 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://itsallinanutshell.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/g/
0
54 B
Ping
General
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-FMSZ48GY69&gtm=45je38g0&_p=1732463647&cid=1075092753.1692318415&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EAAI&_s=1&sid=1692318415&sct=1&seg=0&dl=https%3A%2F%2Fitsallinanutshell.com%2F&dt=It%27s%20all%20in%20a%20Nutshell%20Crochet%20%E2%80%93%20love%20%E2%80%93%20live%20%E2%80%93%20crochet&en=page_view&_fv=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-FMSZ48GY69&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:817::200e Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://itsallinanutshell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 00:26:55 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://itsallinanutshell.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ima3.js
imasdk.googleapis.com/js/sdkloader/
354 KB
122 KB
Script
General
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: itsallinanutshell.com
URL: https://itsallinanutshell.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:821::200a Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9c404da90b764cc0001704aa7a3fcd9d8406cd240b874eea16e62c44fe55e33b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://itsallinanutshell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 00:26:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
124776
x-xss-protection
0
expires
Fri, 18 Aug 2023 00:26:55 GMT
collect
www.google-analytics.com/j/
1 B
21 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&aip=1&a=1732463647&t=pageview&_s=1&dl=https%3A%2F%2Fitsallinanutshell.com%2F&ul=en-us&de=UTF-8&dt=It%27s%20all%20in%20a%20Nutshell%20Crochet%20%E2%80%93%20love%20%E2%80%93%20live%20%E2%80%93%20crochet&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDACUABBAAAACAAI~&jid=947223552&gjid=1327429621&cid=1075092753.1692318415&tid=UA-76475896-1&_gid=113872474.1692318415&_r=1&gtm=457e38g0&did=dZTNiMT&gdid=dZTNiMT&jsscut=1&z=89833104
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::200e Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://itsallinanutshell.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 00:26:55 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://itsallinanutshell.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
sidebarwall.js
www.ezojs.com/detroitchicago/
9 KB
3 KB
Script
General
Full URL
https://www.ezojs.com/detroitchicago/sidebarwall.js?gcb=0&cb=19
Requested by
Host: itsallinanutshell.com
URL: https://itsallinanutshell.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:5d19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c27c396b7f4c1ff33d934d2c66f082c7f81193203971648a114f862c9143c234

Request headers

accept-language
en-US,en;q=0.9
Referer
https://itsallinanutshell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 00:26:55 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1384562
x-middleton-display
sol-js
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Tue, 01 Aug 2023 14:04:40 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Knat8KWgJ2sygDRiQhlX5IYi3Ilz05fH89DrJJ78UyUxM1T4l5V3ZXSttJnbgiVl6SpkKDsqtr508mhRHHtfRFLUp%2F7RFB9ClvxiIkr4bovjIhdjLka9Kt1tb11nCJzaoIYuLsxk%2BgJqpqg7"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=31536000
x-robots-tag
noindex
cf-ray
7f8607300ca74bc9-BUF
pwt.js
ads.pubmatic.com/AdServer/js/pwt/162833/9311/
519 KB
161 KB
Script
General
Full URL
https://ads.pubmatic.com/AdServer/js/pwt/162833/9311/pwt.js
Requested by
Host: itsallinanutshell.com
URL: https://itsallinanutshell.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.22.40.190 Liljeholmen, Sweden, ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE),
Reverse DNS
a2-22-40-190.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
c47bbdc39af7f5ac31d9f494ef999067da7cb95cf85e69a9446792ebdc67582e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://itsallinanutshell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 00:26:55 GMT
content-encoding
gzip
last-modified
Fri, 11 Aug 2023 20:34:51 GMT
server
Apache
vary
Accept-Encoding
content-type
application/javascript
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=107132
accept-ranges
bytes
content-length
164367
expires
Sat, 19 Aug 2023 06:12:27 GMT
kenai.js
www.ezojs.com/detroitchicago/
3 KB
2 KB
Script
General
Full URL
https://www.ezojs.com/detroitchicago/kenai.js?gcb=0&cb=6
Requested by
Host: itsallinanutshell.com
URL: https://itsallinanutshell.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:5d19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6923498f78595bd12b0b85b4d8fb03395bb293984a9efb4251447a9b80f459bb

Request headers

accept-language
en-US,en;q=0.9
Referer
https://itsallinanutshell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 00:26:55 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1396213
x-middleton-display
sol-js
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Fri, 23 Jun 2023 17:26:44 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nrkIQVf%2B0L57OHwHCfDlUmXJ6dZzpftblsPndVdPoYYofKZLgLCufuQidYw2G2hHZ5a%2BeDgiT2x8Xe5j7jvgL2BDuSCaK%2BQaptKjdlgjKE3HADZwT01qdqQSt0yKedPC3fa%2FX6koYDZ%2FAL7t"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=31536000
x-robots-tag
noindex
cf-ray
7f8607300ca84bc9-BUF
portland.js
www.ezojs.com/detroitchicago/
32 KB
11 KB
Script
General
Full URL
https://www.ezojs.com/detroitchicago/portland.js?gcb=0&cb=22
Requested by
Host: itsallinanutshell.com
URL: https://itsallinanutshell.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:5d19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3c1c366e13aedf7a3e721edf1e9c69dc9d955c5c83f893ad77fffaac8d7433ba

Request headers

accept-language
en-US,en;q=0.9
Referer
https://itsallinanutshell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 00:26:55 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished
origSize=32628
x-middleton-display
sol-js
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Fri, 18 Aug 2023 00:03:57 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wooatCfNd%2BDXN2qmUDdYmGaWOD0SdnHXKW1uhl5dVOjEZbtAL33BGWYl9VZviuxvFqAmmRC%2BDL3md7ANl1udokec%2BGKFdejedbBVat%2FAvx3m9xFdeGv8Ctsj3W1Mx%2FEDVSERuvQi4j9o1TJs"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=31536000
x-robots-tag
noindex
cf-ray
7f8607300ca94bc9-BUF
/
itsallinanutshell.com/_static/
64 KB
64 KB
Image
General
Full URL
https://itsallinanutshell.com/_static/??-eJydUltOAzEMvBAhKkhAPxA/lTgAB6jSxF1MkziKnZa9Pd6+KNBqK35243jGHntiN8V4ygJZbImtw8y2axouoHZ20TAGu4jkVybiorraW5Y+wq1nvrFnuNH11MR0FcMI8gOkOL86/OdryIGqdU0oORH0h4xZYwAqFZh/CIKAooRtwHYL0i9sjh0x+9gCaCu2SdEOIqRBwmlQVDFUE6Fzvr9NmMfpmjuNf5B+T+lpry8gy24j5nBnJv+jwadiGSnzRT4tl+jRRZMcRqgRBQxjl00rZkk1sXXMINpIl/qNmW9zF6v+fhieUqGsCB7x+jjOcaczKOo3ZI8avNLMhdDbt6HIweToBFhGn0+i0AZSxBVckiHvapTu0lV3BWIndbTxXGexHWSoqBA+f7xa/laAEaKoQ9DOOsjt9Hx1rQ2GbvBWqJhCPOrOHz7V4MLubVzHHJD784B9Sc+Th+nk8W76dD/5AkQhq9A=&ez_used_css_s=115
Requested by
Host: itsallinanutshell.com
URL: https://itsallinanutshell.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1f10:4c55:e23f:afb4:7f32:3aa4:fbc Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
LiteSpeed / PHP/8.2.8, PleskLin
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://itsallinanutshell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 00:26:55 UTC
content-encoding
br
x-sol
pub_site
display
staticcontent_sol
x-powered-by
PHP/8.2.8, PleskLin
x-ezoic-cdn
Hit ds;mm;65b63661b34cb270ff10b6a04c94de71;2-496996-2;6a5673b8-acc9-46cb-72ec-533b1f39335d
x-middleton-display
staticcontent_sol
x-middleton-response
200
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
response
200
last-modified
Fri, 11 Aug 2023 04:57:11 GMT
server
LiteSpeed
x-ez-proxy-out
true 2.4
x-page-optimize
cached
etag
"e3c35231250a16906d076111d2a9f9b6-gzip"
x-origin-cache-control
max-age=31536000
vary
Accept-Encoding,User-Agent,Origin
content-type
text/css;charset=UTF-8
cache-control
public, max-age=31536000
dashicons.min.css
itsallinanutshell.com/wp-includes/css/
42 KB
42 KB
Image
General
Full URL
https://itsallinanutshell.com/wp-includes/css/dashicons.min.css?ver=6.3&ez_used_css_s=115
Requested by
Host: itsallinanutshell.com
URL: https://itsallinanutshell.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1f10:4c55:e23f:afb4:7f32:3aa4:fbc Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
LiteSpeed / PleskLin
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://itsallinanutshell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 00:26:55 UTC
content-encoding
br
x-sol
orig
display
staticcontent_sol, orig_site_sol
x-powered-by
PleskLin
x-ezoic-cdn
Hit ds;mm;3fb5603c87d7df636aa93916a3eea968;2-496996-2;646a1890-46d4-41e2-7730-09721aa7e3ba
x-middleton-display
staticcontent_sol, orig_site_sol
x-middleton-response
200
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
response
200
last-modified
Fri, 12 May 2023 09:25:26 GMT
server
LiteSpeed
x-ez-proxy-out
true 2.4
etag
"e688-645e0606-cbc6cdf1b9d5eb63;gz-gzip"
x-origin-cache-control
public, max-age=604800
vary
Accept-Encoding,User-Agent,Origin
content-type
text/css
cache-control
public, max-age=2592000
ezvideojscss.css
g.ezoic.net/ezvideo/
32 KB
32 KB
Image
General
Full URL
https://g.ezoic.net/ezvideo/ezvideojscss.css?cb=72
Requested by
Host: itsallinanutshell.com
URL: https://itsallinanutshell.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1f10:4c55:e23d:6ffa:4113:c739:8c8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache/2.4.39 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://itsallinanutshell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 00:26:55 GMT
cache-control
private, max-age: 2628000
content-encoding
br
server
Apache/2.4.39 (Ubuntu)
vary
Accept-Encoding
content-type
text/css; charset=utf8
/
itsallinanutshell.com/_static/
22 KB
22 KB
Image
General
Full URL
https://itsallinanutshell.com/_static/??-eJyVjFsKgCAQAC+Ube/wIzqL2RKWL1wXrx9BHaDfGWagRKGDz+gzRMuH8QQn5qj0BS7sbJFAqxSY0AIVEzGJjf1usdZEFfzJXyE+8BxWt7STbGQ39vNwAw6jNIg=&ez_used_css_s=115
Requested by
Host: itsallinanutshell.com
URL: https://itsallinanutshell.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1f10:4c55:e23f:afb4:7f32:3aa4:fbc Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
LiteSpeed / PHP/8.2.8, PleskLin
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://itsallinanutshell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 00:26:55 UTC
content-encoding
br
x-sol
pub_site
display
staticcontent_sol
x-powered-by
PHP/8.2.8, PleskLin
x-ezoic-cdn
Hit ds;mm;c792165b683a6950d223c76c73b430f3;2-496996-2;1eb1733a-b338-471b-65dc-57df7524f8a3
x-middleton-display
staticcontent_sol
x-middleton-response
200
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
response
200
last-modified
Tue, 01 Aug 2023 21:29:34 GMT
server
LiteSpeed
x-ez-proxy-out
true 2.4
x-page-optimize
cached
etag
"f10c7e84a22172fd36bd0473ba2ec996-gzip"
x-origin-cache-control
max-age=31536000
vary
Accept-Encoding,User-Agent,Origin
content-type
text/css;charset=UTF-8
cache-control
public, max-age=31536000
pixel;r=2073199876;labels=Domain.itsallinanutshell_com%2CDomainId.496996;rf=0;a=p-31iz6hfFutd16;url=https%3A%2F%2Fitsallinanutshell.com%2F;uht=2;fpan=1;fpa=P0-1871011114-1692318415145;pbc=;ns=0;ce=...
pixel.quantserve.com/
35 B
371 B
Image
General
Full URL
https://pixel.quantserve.com/pixel;r=2073199876;labels=Domain.itsallinanutshell_com%2CDomainId.496996;rf=0;a=p-31iz6hfFutd16;url=https%3A%2F%2Fitsallinanutshell.com%2F;uht=2;fpan=1;fpa=P0-1871011114-1692318415145;pbc=;ns=0;ce=1;qjs=1;qv=c818c8ec-20230509111053;cm=;gdpr=0;ref=;d=itsallinanutshell.com;dst=0;et=1692318415414;tzo=600;ogl=type.website%2Ctitle.It's%20all%20in%20a%20Nutshell%20Crochet%2Cdescription.love%20-%20live%20-%20crochet%2Curl.https%3A%2F%2Fitsallinanutshell%252Ecom%2F%2Csite_name.It's%20all%20in%20a%20Nutshell%20Crochet%2Cimage.https%3A%2F%2Fi0%252Ewp%252Ecom%2Fitsallinanutshell%252Ecom%2Fwp-content%2Fuploads%2F2015%2F06%2Fcropped-final%2Cimage%3Awidth.512%2Cimage%3Aheight.512%2Cimage%3Aalt.%2Clocale.en_US;ses=f885c452-7b8d-4a11-b7bb-d011e834c7a5;mdl=
Requested by
Host: itsallinanutshell.com
URL: https://itsallinanutshell.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800b:21:f059:4f7e:28a9:1588 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
en-US,en;q=0.9
Referer
https://itsallinanutshell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 00:26:55 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type
image/gif
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/
741 B
390 B
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=244299579352505&correlator=2187010066321658&eid=31076398%2C31076768%2C31077123&output=ldjh&gdfp_req=1&vrg=202308150101&ptt=17&impl=fif&us_privacy=1---&iu_parts=21732118914%3A22975044942%2Citsallinanutshell_com-edge-1&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C160x600&fluid=height&ifi=1&didk=115940854&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1692318415564&lmt=1692354415&adxs=0&adys=302&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fitsallinanutshell.com%2F&vis=1&psz=160x-1&msz=160x-1&fws=516&ohw=1600&ga_vid=1075092753.1692318415&ga_sid=1692318416&ga_hid=1732463647&ga_fc=true&dlt=1692318414472&idt=949&prev_scp=a%3D%257C0%257C%26iid1%3D7999192897653727%26eid%3D7999192897653727%26t%3D134%26d%3D496996%26t1%3D134%26pvc%3D0%26ap%3D1101%26sap%3D1101%26as%3Drevenue%26plat%3D1%26bra%3Dmod13%26ic%3D1%26at%3Dmbf%26adr%3D399%26ezosn%3D1%26reft%3Dtf%26refs%3D30%26refa%3D1%26ga%3D5302779%26rid%3D99998%26pt%3D38%26al%3D1038%26compid%3D0%26tap%3Ditsallinanutshell_com-edge-1-7999192897653727%26eb_br%3D9b8b7ac6c7f250874e7a1340470af55d%26eba%3D1%26bv%3D23%26bvm%3D0%26bvr%3D3%26avc%3D113%26shp%3D2%26ftsn%3D12%26ftsng%3D12%26br1%3D120%26br2%3D60%26ezoic%3D1%26nmau%3D0%26mau%3D0%26sticky%3D1%26stl%3D63%2C14%2C28%2C4%2C51%2C0%2C88%2C0%2C71%2C30%2C0%2C31%2C901%2C902%2C903%26deal1%3D17%2C20%2C21%2C22%2C23%2C24%2C25%2C26%2C1794%2C2310%2C2339%2C2351%2C2526%2C2527%2C2610%2C2761%2C2763%2C2764%2C2765%2C3044%2C3054%2C3154%2C3430%2C3455%2C3456%2C3457%2C3458%2C3460%2C3682%2C3683%2C3684%2C4184%2C4185%2C4186%2C5747%2C7%2C8%2C9%2C10%2C11%2C12%2C13%2C14%2C15%2C16%2C915%2C874%2C835&adks=905025581&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308150101/pubads_impl.js?cb=31077123
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2002 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0a2c88a1b5166ad261aa7fff6dc7089c7288d3cad5b32c9049bfbb3a29017e2e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://itsallinanutshell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 00:26:55 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
359
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://itsallinanutshell.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
f9aff9bef49e1270a22b691c950b742a.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame E0E8
6 KB
3 KB
Document
General
Full URL
https://f9aff9bef49e1270a22b691c950b742a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308150101/pubads_impl.js?cb=31077123
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81e::2001 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://itsallinanutshell.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 18 Aug 2023 00:26:55 GMT
expires
Sat, 17 Aug 2024 00:26:55 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/
660 B
322 B
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=244299579352505&correlator=1630351796867737&eid=31076398%2C31076768%2C31077123&output=ldjh&gdfp_req=1&vrg=202308150101&ptt=17&impl=fif&us_privacy=1---&iu_parts=21732118914%3A22975044942%2Citsallinanutshell_com-medrectangle-2&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&ifi=2&didk=1504799095&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1692318415584&lmt=1692354415&adxs=436&adys=1110&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fitsallinanutshell.com%2F&vis=1&psz=728x-1&msz=728x-1&fws=516&ohw=1600&ga_vid=1075092753.1692318415&ga_sid=1692318416&ga_hid=1732463647&ga_fc=true&dlt=1692318414472&idt=949&prev_scp=a%3D%257C0%257C%26iid1%3D6561939639604062%26eid%3D6561939639604062%26t%3D134%26d%3D496996%26t1%3D134%26pvc%3D0%26ap%3D1100%26sap%3D1100%26as%3Drevenue%26plat%3D1%26bra%3Dmod13%26ic%3D1%26at%3Dmbf%26adr%3D399%26ezosn%3D3%26reft%3Dtf%26refs%3D30%26refa%3D1%26ga%3D5302779%26rid%3D99998%26pt%3D5%26al%3D1005%26compid%3D0%26tap%3Ditsallinanutshell_com-medrectangle-2-6561939639604062%26eb_br%3Dbb779436aa3533ea7e00abe462374b80%26eba%3D1%26bv%3D15%26bvm%3D0%26bvr%3D5%26avc%3D113%26shp%3D1%26ftsn%3D12%26ftsng%3D12%26br1%3D200%26br2%3D100%26ezoic%3D1%26nmau%3D0%26mau%3D0%26stl%3D63%2C14%2C28%2C4%2C51%2C0%2C88%2C0%2C71%2C30%2C0%2C31%2C901%2C902%2C903%26deal1%3D20%2C21%2C22%2C23%2C24%2C25%2C26%2C1794%2C2310%2C2339%2C2526%2C2527%2C2763%2C2764%2C2765%2C3054%2C3154%2C3430%2C3455%2C3456%2C3457%2C3458%2C3460%2C3682%2C3683%2C3684%2C4184%2C4185%2C4186%2C5747%2C9%2C10%2C11%2C12%2C13%2C14%2C15%2C16&adks=3076448883&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308150101/pubads_impl.js?cb=31077123
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2002 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
38894c4f121d9832e23ab3a8195fa6388c5135d5e87c42e6e4dd919941e23714
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://itsallinanutshell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 00:26:55 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
291
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://itsallinanutshell.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/
653 B
316 B
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=244299579352505&correlator=1137696773424398&eid=31076398%2C31076768%2C31077123&output=ldjh&gdfp_req=1&vrg=202308150101&ptt=17&impl=fif&us_privacy=1---&iu_parts=21732118914%3A22975044942%2Citsallinanutshell_com-edge-2&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C160x600&fluid=height&ifi=3&didk=115933708&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1692318415592&lmt=1692354415&adxs=1440&adys=302&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fitsallinanutshell.com%2F&vis=1&psz=160x-1&msz=160x-1&fws=516&ohw=1600&ga_vid=1075092753.1692318415&ga_sid=1692318416&ga_hid=1732463647&ga_fc=true&dlt=1692318414472&idt=949&prev_scp=a%3D%257C0%257C%26iid1%3D4931918961627086%26eid%3D4931918961627086%26t%3D134%26d%3D496996%26t1%3D134%26pvc%3D0%26ap%3D1102%26sap%3D1102%26as%3Drevenue%26plat%3D1%26bra%3Dmod13%26ic%3D1%26at%3Dmbf%26adr%3D399%26ezosn%3D0%26reft%3Dtf%26refs%3D30%26refa%3D1%26ga%3D5302779%26rid%3D99998%26pt%3D39%26al%3D1039%26compid%3D0%26tap%3Ditsallinanutshell_com-edge-2-4931918961627086%26eb_br%3D9b8b7ac6c7f250874e7a1340470af55d%26eba%3D1%26bv%3D13%26bvm%3D0%26bvr%3D3%26avc%3D113%26shp%3D2%26ftsn%3D12%26ftsng%3D12%26br1%3D120%26br2%3D60%26ezoic%3D1%26nmau%3D0%26mau%3D0%26sticky%3D1%26stl%3D63%2C14%2C28%2C4%2C51%2C0%2C88%2C0%2C71%2C30%2C0%2C31%2C901%2C902%2C903%26deal1%3D17%2C20%2C21%2C22%2C23%2C24%2C25%2C26%2C1794%2C2310%2C2339%2C2351%2C2526%2C2527%2C2610%2C2761%2C2763%2C2764%2C2765%2C3044%2C3054%2C3154%2C3430%2C3455%2C3456%2C3457%2C3458%2C3460%2C3682%2C3683%2C3684%2C4184%2C4185%2C4186%2C5747%2C7%2C8%2C9%2C10%2C11%2C12%2C13%2C14%2C15%2C16%2C915%2C874%2C835&adks=4225512732&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308150101/pubads_impl.js?cb=31077123
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2002 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e82e1b48eb2deba36d6d344a44011240896b933127b29554ebaea4ac54009c73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://itsallinanutshell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 00:26:55 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
285
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://itsallinanutshell.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
truncated
/
5 KB
5 KB
Font
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3d2f1224eafb6a9035c3b847f46493f285e48fd81b5e6e34f157a24d36e6230e

Request headers

Referer
Origin
https://itsallinanutshell.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type
application/font-woff;charset=utf-8
bridge3.585.0_en.html
imasdk.googleapis.com/js/core/ Frame DAC5
720 KB
231 KB
Document
General
Full URL
https://imasdk.googleapis.com/js/core/bridge3.585.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:821::200a Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5cb616f61628c2af47568cf14cb569dfa53d119a5404ec6fb29d1311afe5e0cd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://itsallinanutshell.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
age
189377
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
236309
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Tue, 15 Aug 2023 19:50:38 GMT
expires
Wed, 14 Aug 2024 19:50:38 GMT
last-modified
Tue, 15 Aug 2023 19:14:32 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
client.js
s0.2mdn.net/instream/video/
44 KB
17 KB
Script
General
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81f::2006 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://itsallinanutshell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 00:26:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16746
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 18 Aug 2023 00:26:55 GMT
ez-vasts
itsallinanutshell.com/
2 KB
1 KB
Fetch
General
Full URL
https://itsallinanutshell.com/ez-vasts?ads_enabled=4&autoplay=1&content_id=2063881577591930779-outstream&floating=1&pageview_id=b64fd1ed-dd3c-48e3-456e-545eae58c815&player_id=ez-o&position_id=0&ad_index=1
Requested by
Host: www.ezojs.com
URL: https://www.ezojs.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-17y07-2y1e-7y0b-6y0d-27y13-4y16-3y18-4y1c-5y21-4y22-1y25-2y24-5y26-3y29-72y2c-158y30-176y34-4y36-21y3a-12y3b-6y59-2y5d-22&cmbcb=178&sj=x04x02x06x07x1ex0bx0dx13x16x18x1cx21x22x25x24x26x29x2cx30x34x36x3ax3bx59x5d&abt=EdgeHostDomain
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1f10:4c55:e23f:afb4:7f32:3aa4:fbc Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache/2.4.39 (Ubuntu) /
Resource Hash
d3b08a5673dd490e77db3177de8b8863e5d9d40fc4c99b270a20812a49042212

Request headers

accept-language
en-US,en;q=0.9
Referer
https://itsallinanutshell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 00:26:55 GMT
content-encoding
br
server
Apache/2.4.39 (Ubuntu)
vary
Accept-Encoding
content-type
application/json; charset=utf8
cache-control
no-cache
x-robots-tag
noindex, nofollow
content-length
978
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 888A
40 KB
14 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81d::2002 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6300f448d738e70ac11f0140df0b3ce91a2de9e0da7fdf09d32d28031600ba51
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 00:16:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
627
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13893
x-xss-protection
0
last-modified
Wed, 09 Aug 2023 15:57:08 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Fri, 18 Aug 2023 01:16:28 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame DAC5
0
0
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?attrep=f&attua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F116.0.5845.96%20Safari%2F537.36&atthead=t&attinj=t&attexp=none&lid=169&sdkv=h.3.585.0&id=ima_html5&c=2463457510211319&domain=itsallinanutshell.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.585.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2002 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 00:26:56 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
greenoaks.gif
itsallinanutshell.com/detroitchicago/
0
64 B
Ping
General
Full URL
https://itsallinanutshell.com/detroitchicago/greenoaks.gif?orig=0&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiJiNjRmZDFlZC1kZDNjLTQ4ZTMtNDU2ZS01NDVlYWU1OGM4MTUiLCJkb21haW5faWQiOiI0OTY5OTYiLCJ0X2Vwb2NoIjoxNjkyMzE4NDE0LCJkYXRhIjpbeyJuYW1lIjoiZGV2aWNlX3dpZHRoIiwidmFsIjoiMTYwMCJ9LHsibmFtZSI6ImRldmljZV9oZWlnaHQiLCJ2YWwiOiIxMjAwIn1dfSx7InR5cGUiOiJwYWdldmlldyIsInBhZ2V2aWV3X2lkIjoiYjY0ZmQxZWQtZGQzYy00OGUzLTQ1NmUtNTQ1ZWFlNThjODE1IiwiZG9tYWluX2lkIjoiNDk2OTk2IiwidF9lcG9jaCI6MTY5MjMxODQxNCwiZGF0YSI6W3sibmFtZSI6InRfbG9jYWxfZGF0ZSIsInZhbCI6IjIwMjMtMDgtMTcifSx7Im5hbWUiOiJ0X2xvY2FsX2hvdXIiLCJ2YWwiOiIxNCJ9LHsibmFtZSI6InRfbG9jYWxfZGF5X29mX3dlZWsiLCJ2YWwiOiI0In0seyJuYW1lIjoidF9sb2NhbF90aW1lem9uZSIsInZhbCI6IjYwMCJ9XX0seyJ0eXBlIjoicGFnZXZpZXciLCJwYWdldmlld19pZCI6ImI2NGZkMWVkLWRkM2MtNDhlMy00NTZlLTU0NWVhZTU4YzgxNSIsImRvbWFpbl9pZCI6IjQ5Njk5NiIsInRfZXBvY2giOjE2OTIzMTg0MTQsImRhdGEiOlt7Im5hbWUiOiJsYW5ndWFnZV90YWciLCJ2YWwiOiJlbi1VUyJ9XX0seyJ0eXBlIjoicGFnZXZpZXciLCJwYWdldmlld19pZCI6ImI2NGZkMWVkLWRkM2MtNDhlMy00NTZlLTU0NWVhZTU4YzgxNSIsImRvbWFpbl9pZCI6IjQ5Njk5NiIsInRfZXBvY2giOjE2OTIzMTg0MTQsImRhdGEiOlt7Im5hbWUiOiJsYW5ndWFnZV9wcmltYXJ5X3N1YnRhZyIsInZhbCI6ImVuIn1dfSx7InR5cGUiOiJwYWdldmlldyIsInBhZ2V2aWV3X2lkIjoiYjY0ZmQxZWQtZGQzYy00OGUzLTQ1NmUtNTQ1ZWFlNThjODE1IiwiZG9tYWluX2lkIjoiNDk2OTk2IiwidF9lcG9jaCI6MTY5MjMxODQxNCwiZGF0YSI6W3sibmFtZSI6InRpbWVyX2ZpcnN0X2FkX3JlcXVlc3QiLCJ2YWwiOiIxNDgxIn1dfV0=
Requested by
Host: www.ezojs.com
URL: https://www.ezojs.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-17y07-2y1e-7y0b-6y0d-27y13-4y16-3y18-4y1c-5y21-4y22-1y25-2y24-5y26-3y29-72y2c-158y30-176y34-4y36-21y3a-12y3b-6y59-2y5d-22&cmbcb=178&sj=x04x02x06x07x1ex0bx0dx13x16x18x1cx21x22x25x24x26x29x2cx30x34x36x3ax3bx59x5d&abt=EdgeHostDomain
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1f10:4c55:e23f:afb4:7f32:3aa4:fbc Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://itsallinanutshell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

access-control-allow-origin
https://itsallinanutshell.com
x-middleton-display
ezp_sol
date
Fri, 18 Aug 2023 00:26:55 GMT
cache-control
private, max-age=0, must-revalidate, no-cache, no-store
vary
Accept-Encoding
expires
Thu, 17 Aug 2023 00:26:55 GMT
army.gif
itsallinanutshell.com/porpoiseant/
0
62 B
Ping
General
Full URL
https://itsallinanutshell.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNzk5OTE5Mjg5NzY1MzcyNyIsImRvbWFpbl9pZCI6IjQ5Njk5NiIsInVuaXQiOiJkaXYtZ3B0LWFkLWl0c2FsbGluYW51dHNoZWxsX2NvbS1lZGdlLTEtMCIsInRfZXBvY2giOjE2OTIzMTg0MTQsInJldmVudWUiOjAsImVzdF9yZXZlbnVlIjowLCJhZF9wb3NpdGlvbiI6MTEwMSwiYWRfc2l6ZSI6IiIsImJpZF9mbG9vcl9maWxsZWQiOjAsImJpZF9mbG9vcl9wcmV2IjowLCJzdGF0X3NvdXJjZV9pZCI6MCwiY291bnRyeV9jb2RlIjoiVVMiLCJwYWdldmlld19pZCI6ImI2NGZkMWVkLWRkM2MtNDhlMy00NTZlLTU0NWVhZTU4YzgxNSIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6MCwiY3JlYXRpdmVfaWQiOjAsImRhdGEiOlt7Im5hbWUiOiJhZF9sb2FkX3RpbWUiLCJ2YWwiOiIxNDgxIn1dLCJpc19vcmlnIjpmYWxzZX1d
Requested by
Host: www.ezojs.com
URL: https://www.ezojs.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-17y07-2y1e-7y0b-6y0d-27y13-4y16-3y18-4y1c-5y21-4y22-1y25-2y24-5y26-3y29-72y2c-158y30-176y34-4y36-21y3a-12y3b-6y59-2y5d-22&cmbcb=178&sj=x04x02x06x07x1ex0bx0dx13x16x18x1cx21x22x25x24x26x29x2cx30x34x36x3ax3bx59x5d&abt=EdgeHostDomain
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1f10:4c55:e23f:afb4:7f32:3aa4:fbc Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://itsallinanutshell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

access-control-allow-origin
https://itsallinanutshell.com
x-middleton-display
ezp_sol
date
Fri, 18 Aug 2023 00:26:56 GMT
cache-control
private, max-age=0, must-revalidate, no-cache, no-store
vary
Accept-Encoding
expires
Thu, 17 Aug 2023 00:26:56 GMT
army.gif
itsallinanutshell.com/porpoiseant/
0
16 B
Ping
General
Full URL
https://itsallinanutshell.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNDkzMTkxODk2MTYyNzA4NiIsImRvbWFpbl9pZCI6IjQ5Njk5NiIsInVuaXQiOiJkaXYtZ3B0LWFkLWl0c2FsbGluYW51dHNoZWxsX2NvbS1lZGdlLTItMCIsInRfZXBvY2giOjE2OTIzMTg0MTQsInJldmVudWUiOjAsImVzdF9yZXZlbnVlIjowLCJhZF9wb3NpdGlvbiI6MTEwMiwiYWRfc2l6ZSI6IiIsImJpZF9mbG9vcl9maWxsZWQiOjAsImJpZF9mbG9vcl9wcmV2IjowLCJzdGF0X3NvdXJjZV9pZCI6MCwiY291bnRyeV9jb2RlIjoiVVMiLCJwYWdldmlld19pZCI6ImI2NGZkMWVkLWRkM2MtNDhlMy00NTZlLTU0NWVhZTU4YzgxNSIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6MCwiY3JlYXRpdmVfaWQiOjAsImRhdGEiOlt7Im5hbWUiOiJhZF9sb2FkX3RpbWUiLCJ2YWwiOiIxNDg5In1dLCJpc19vcmlnIjpmYWxzZX1d
Requested by
Host: www.ezojs.com
URL: https://www.ezojs.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-17y07-2y1e-7y0b-6y0d-27y13-4y16-3y18-4y1c-5y21-4y22-1y25-2y24-5y26-3y29-72y2c-158y30-176y34-4y36-21y3a-12y3b-6y59-2y5d-22&cmbcb=178&sj=x04x02x06x07x1ex0bx0dx13x16x18x1cx21x22x25x24x26x29x2cx30x34x36x3ax3bx59x5d&abt=EdgeHostDomain
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1f10:4c55:e23f:afb4:7f32:3aa4:fbc Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://itsallinanutshell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

access-control-allow-origin
https://itsallinanutshell.com
x-middleton-display
ezp_sol
date
Fri, 18 Aug 2023 00:26:55 GMT
cache-control
private, max-age=0, must-revalidate, no-cache, no-store
vary
Accept-Encoding
expires
Thu, 17 Aug 2023 00:26:55 GMT
army.gif
itsallinanutshell.com/porpoiseant/
0
16 B
Ping
General
Full URL
https://itsallinanutshell.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNjU2MTkzOTYzOTYwNDA2MiIsImRvbWFpbl9pZCI6IjQ5Njk5NiIsInVuaXQiOiJkaXYtZ3B0LWFkLWl0c2FsbGluYW51dHNoZWxsX2NvbS1tZWRyZWN0YW5nbGUtMi0wIiwidF9lcG9jaCI6MTY5MjMxODQxNCwicmV2ZW51ZSI6MCwiZXN0X3JldmVudWUiOjAsImFkX3Bvc2l0aW9uIjoxMTAwLCJhZF9zaXplIjoiIiwiYmlkX2Zsb29yX2ZpbGxlZCI6MCwiYmlkX2Zsb29yX3ByZXYiOjAsInN0YXRfc291cmNlX2lkIjowLCJjb3VudHJ5X2NvZGUiOiJVUyIsInBhZ2V2aWV3X2lkIjoiYjY0ZmQxZWQtZGQzYy00OGUzLTQ1NmUtNTQ1ZWFlNThjODE1IiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjowLCJjcmVhdGl2ZV9pZCI6MCwiZGF0YSI6W3sibmFtZSI6ImFkX2xvYWRfdGltZSIsInZhbCI6IjE1MjYifV0sImlzX29yaWciOmZhbHNlfV0=
Requested by
Host: www.ezojs.com
URL: https://www.ezojs.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-17y07-2y1e-7y0b-6y0d-27y13-4y16-3y18-4y1c-5y21-4y22-1y25-2y24-5y26-3y29-72y2c-158y30-176y34-4y36-21y3a-12y3b-6y59-2y5d-22&cmbcb=178&sj=x04x02x06x07x1ex0bx0dx13x16x18x1cx21x22x25x24x26x29x2cx30x34x36x3ax3bx59x5d&abt=EdgeHostDomain
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1f10:4c55:e23f:afb4:7f32:3aa4:fbc Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://itsallinanutshell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

access-control-allow-origin
https://itsallinanutshell.com
x-middleton-display
ezp_sol
date
Fri, 18 Aug 2023 00:26:55 GMT
cache-control
private, max-age=0, must-revalidate, no-cache, no-store
vary
Accept-Encoding
expires
Thu, 17 Aug 2023 00:26:55 GMT
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/
2 KB
1 KB
XHR
General
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20230817
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/162833/9311/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
f7c623284d9d62c3fae552e4c6824bc2548e7e7ca693553629b4c5b6155618c8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://itsallinanutshell.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Fri, 18 Aug 2023 00:26:56 GMT
x-content-type-options
nosniff
content-encoding
br
age
30369
x-jsd-version
1.0.1785
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
775
x-served-by
cache-fra-eddf8230103-FRA, cache-ewr18120-EWR
x-jsd-version-type
version
etag
W/"63b-dTSWbFcYmn4sfMuzzQwuxMTgBzo"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
greenoaks.gif
itsallinanutshell.com/detroitchicago/
0
16 B
Ping
General
Full URL
https://itsallinanutshell.com/detroitchicago/greenoaks.gif?orig=0&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiJiNjRmZDFlZC1kZDNjLTQ4ZTMtNDU2ZS01NDVlYWU1OGM4MTUiLCJkb21haW5faWQiOiI0OTY5OTYiLCJ0X2Vwb2NoIjoxNjkyMzE4NDE0LCJkYXRhIjpbeyJuYW1lIjoiaXNfYWRfYmxvY2tlZCIsInZhbCI6ImZhbHNlIn1dfV0=
Requested by
Host: www.ezojs.com
URL: https://www.ezojs.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-17y07-2y1e-7y0b-6y0d-27y13-4y16-3y18-4y1c-5y21-4y22-1y25-2y24-5y26-3y29-72y2c-158y30-176y34-4y36-21y3a-12y3b-6y59-2y5d-22&cmbcb=178&sj=x04x02x06x07x1ex0bx0dx13x16x18x1cx21x22x25x24x26x29x2cx30x34x36x3ax3bx59x5d&abt=EdgeHostDomain
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1f10:4c55:e23f:afb4:7f32:3aa4:fbc Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://itsallinanutshell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

access-control-allow-origin
https://itsallinanutshell.com
x-middleton-display
ezp_sol
date
Fri, 18 Aug 2023 00:26:55 GMT
cache-control
private, max-age=0, must-revalidate, no-cache, no-store
vary
Accept-Encoding
expires
Thu, 17 Aug 2023 00:26:55 GMT
/
ow.pubmatic.com/cookie_sync/
2 KB
2 KB
XHR
General
Full URL
https://ow.pubmatic.com/cookie_sync/?sec=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/162833/9311/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.123 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
6479d8bb0a527c7d020f332ddd9848c4bcf19164a119095daff361cf2110bf68

Request headers

Referer
https://itsallinanutshell.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://itsallinanutshell.com
date
Fri, 18 Aug 2023 00:26:56 GMT
access-control-allow-credentials
true
content-length
2030
content-type
application/json; charset=utf-8
auction
ow.pubmatic.com/pbs/openrtb2/
380 B
468 B
XHR
General
Full URL
https://ow.pubmatic.com/pbs/openrtb2/auction
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/162833/9311/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.123 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
19121f76902524e88c824089e73449fa9202dd28139e3c152388083ea924fa3e

Request headers

Referer
https://itsallinanutshell.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://itsallinanutshell.com
date
Fri, 18 Aug 2023 00:26:56 GMT
access-control-allow-credentials
true
content-length
380
content-type
application/json
ads
securepubads.g.doubleclick.net/gampad/
243 KB
55 KB
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=244299579352505&correlator=1632372676183265&eid=31076398%2C31076768%2C31077123&output=ldjh&gdfp_req=1&vrg=202308150101&ptt=17&impl=fif&us_privacy=1---&iu_parts=21732118914%3A22975044942%2Citsallinanutshell_com-pixel1&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=4&didk=3178179951&sfv=1-0-40&ists=1&fas=8&eri=1&sc=1&cookie=ID%3D873143505799b32e%3AT%3D1692318415%3ART%3D1692318415%3AS%3DALNI_MZKdxWcwhATBS_BWyj8cEreudmDwA&gpic=UID%3D00000d8c0537ff80%3AT%3D1692318415%3ART%3D1692318415%3AS%3DALNI_MaCTkwevePLqFczOym_Lp657bBqwA&abxe=1&dt=1692318416359&lmt=1692354416&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fitsallinanutshell.com%2F&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&psts=AOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a&ga_vid=1075092753.1692318415&ga_sid=1692318416&ga_hid=1732463647&ga_fc=true&dlt=1692318414472&idt=949&prev_scp=iid1%3D4165039115593286%26bvr%3D0%26al%3D1006%26ezoic%3D1%26avc%3D100%26eb_br%3D736e4998c7cae21e6c67e08e2de4db76%26ga%3D5302779%26tap%3Ditsallinanutshell_com-pixel1-4165039115593286%26ic%3D1%26reft%3Dn%26br1%3D160%26br2%3D100%26bra%3Dmod13%26ap%3D9999%26d%3D496996&adks=3568614668&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308150101/pubads_impl.js?cb=31077123
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2002 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
cd6d90c437ad29bf686fa424c66b18222f9032bf06df985b9b18aa48d672d5ca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://itsallinanutshell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 00:26:57 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
55791
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://itsallinanutshell.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubads_impl_page_level_ads.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308150101/
37 KB
13 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308150101/pubads_impl_page_level_ads.js?cb=31077123
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308150101/pubads_impl.js?cb=31077123
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2002 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
75cabc24bf21015cd44fc8329fd6070558e9503cf50eadfa65b8d20504bb803f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://itsallinanutshell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 20:38:05 GMT
content-encoding
br
x-content-type-options
nosniff
age
13731
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13169
x-xss-protection
0
server
cafe
etag
9395162698141603618
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Fri, 16 Aug 2024 20:38:05 GMT
setuid
ow.pubmatic.com/
Redirect Chain
  • https://ads.servenobid.com/getsync?tek=pbs&ver=1&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fow.pubmatic.com%2Fsetuid%3Fbidder%3Dnobid%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%2...
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D312%26uid%3D%24UID%26redirect%3Dhttps%253A%252F%252Fads.servenobid.com%252Fgetsync%253Fjp%253D0%2526redirect%253Dhttps%25...
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fads.servenobid.com%252Fsync%253Fpid%253D312%2526uid%253D%2524UID%2526redirect%253Dhttps%25253A%25252F%25252Fads.servenobid.com%25252Fgets...
  • https://ads.servenobid.com/sync?pid=312&uid=4664318827337647392&redirect=https%3A%2F%2Fads.servenobid.com%2Fgetsync%3Fjp%3D0%26redirect%3Dhttps%253A%252F%252Fow.pubmatic.com%252Fsetuid%253Fbidder%2...
  • https://ads.servenobid.com/getsync?jp=0&redirect=https%3A%2F%2Fow.pubmatic.com%2Fsetuid%3Fbidder%3Dnobid%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Di%26uid%3D%24UID
  • https://ow.pubmatic.com/setuid?bidder=nobid&gdpr=&gdpr_consent=&gpp=&gpp_sid=&f=i&uid=MzEyOjQ2!jQzMTg4MjczMzc2!*czOTI~
86 B
337 B
Image
General
Full URL
https://ow.pubmatic.com/setuid?bidder=nobid&gdpr=&gdpr_consent=&gpp=&gpp_sid=&f=i&uid=MzEyOjQ2!jQzMTg4MjczMzc2!*czOTI~
Protocol
H2
Server
104.36.115.123 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language
en-US,en;q=0.9
Referer
https://itsallinanutshell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 00:26:57 GMT
content-length
86
content-type
image/png

Redirect headers

date
Fri, 18 Aug 2023 00:26:57 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
location
https://ow.pubmatic.com/setuid?bidder=nobid&gdpr=&gdpr_consent=&gpp=&gpp_sid=&f=i&uid=MzEyOjQ2!jQzMTg4MjczMzc2!*czOTI~
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
/
onetag-sys.com/usync/ Frame 5B5C
2 KB
815 B
Document
General
Full URL
https://onetag-sys.com/usync/?cb=1692318416625
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/162833/9311/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.222.39.185 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip185.ip-51-222-39.net
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://itsallinanutshell.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
content-type
text/html
strict-transport-security
max-age=15552000
setuid
ow.pubmatic.com/
Redirect Chain
  • https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&bidder=medianet&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fow.pubmatic.com%2Fsetuid%3Fbidder%3Dmedianet%26gdpr%3D%26gd...
  • https://ow.pubmatic.com/setuid?bidder=medianet&gdpr=&gdpr_consent=&gpp=&gpp_sid=&f=i&uid=3353200176634272000V10
86 B
425 B
Image
General
Full URL
https://ow.pubmatic.com/setuid?bidder=medianet&gdpr=&gdpr_consent=&gpp=&gpp_sid=&f=i&uid=3353200176634272000V10
Protocol
H2
Server
104.36.115.123 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language
en-US,en;q=0.9
Referer
https://itsallinanutshell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 00:26:57 GMT
content-length
86
content-type
image/png

Redirect headers

pragma
no-cache
strict-transport-security
max-age=86400 ; includeSubDomains, max-age=604800
date
Fri, 18 Aug 2023 00:26:57 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
location
https://ow.pubmatic.com/setuid?bidder=medianet&gdpr=&gdpr_consent=&gpp=&gpp_sid=&f=i&uid=3353200176634272000V10
content-type
text/html
cache-control
max-age=0, no-cache, no-store
content-length
154
x-mnet-hl2
E
expires
Fri, 18 Aug 2023 00:26:57 GMT
wl
t.pubmatic.com/
17 B
186 B
XHR
General
Full URL
https://t.pubmatic.com/wl?pubid=162833
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/162833/9311/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.92 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
0d111d61901004eafd87c672f12f6cd54b3c376513aa672bf58100506dfe76f5

Request headers

Referer
https://itsallinanutshell.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 00:26:57 GMT
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://itsallinanutshell.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
17
expires
0
container.html
f9aff9bef49e1270a22b691c950b742a.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 9772
6 KB
3 KB
Document
General
Full URL
https://f9aff9bef49e1270a22b691c950b742a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308150101/pubads_impl.js?cb=31077123
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81e::2001 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://itsallinanutshell.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
age
2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 18 Aug 2023 00:26:55 GMT
expires
Sat, 17 Aug 2024 00:26:55 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
greenoaks.gif
itsallinanutshell.com/detroitchicago/
0
62 B
Ping
General
Full URL
https://itsallinanutshell.com/detroitchicago/greenoaks.gif?orig=0&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiJiNjRmZDFlZC1kZDNjLTQ4ZTMtNDU2ZS01NDVlYWU1OGM4MTUiLCJkb21haW5faWQiOiI0OTY5OTYiLCJ0X2Vwb2NoIjoxNjkyMzE4NDE0LCJkYXRhIjpbeyJuYW1lIjoibmF2aWdhdGlvbl90eXBlIiwidmFsIjoiMCJ9LHsibmFtZSI6InJlZGlyZWN0X2NvdW50IiwidmFsIjoiMCJ9XX0seyJ0eXBlIjoicGFnZXZpZXciLCJwYWdldmlld19pZCI6ImI2NGZkMWVkLWRkM2MtNDhlMy00NTZlLTU0NWVhZTU4YzgxNSIsImRvbWFpbl9pZCI6IjQ5Njk5NiIsInRfZXBvY2giOjE2OTIzMTg0MTQsImRhdGEiOlt7Im5hbWUiOiJwZXJmX2lzX3RyYWNrZWQiLCJ2YWwiOiIxIn0seyJuYW1lIjoicGVyZl9uYXZfdG9fY29ubmVjdCIsInZhbCI6IjU3NSJ9LHsibmFtZSI6InBlcmZfY29ubmVjdF90b19yZXNwX3N0YXJ0IiwidmFsIjoiODE2In0seyJuYW1lIjoicGVyZl9yZXNwX3RpbWUiLCJ2YWwiOiI2MCJ9LHsibmFtZSI6InBlcmZfaW50ZXJhY3RpdmUiLCJ2YWwiOiI5MTkifSx7Im5hbWUiOiJwZXJmX2NvbnRlbnRsb2FkZWQiLCJ2YWwiOiI5MTkifSx7Im5hbWUiOiJwZXJmX2NvbXBsZXRlIiwidmFsIjoiMTY1NiJ9XX0seyJ0eXBlIjoicGFnZXZpZXciLCJwYWdldmlld19pZCI6ImI2NGZkMWVkLWRkM2MtNDhlMy00NTZlLTU0NWVhZTU4YzgxNSIsImRvbWFpbl9pZCI6IjQ5Njk5NiIsInRfZXBvY2giOjE2OTIzMTg0MTQsImRhdGEiOlt7Im5hbWUiOiJmaXJzdF9wYWludCIsInZhbCI6IjExMjAifV19LHsidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiJiNjRmZDFlZC1kZDNjLTQ4ZTMtNDU2ZS01NDVlYWU1OGM4MTUiLCJkb21haW5faWQiOiI0OTY5OTYiLCJ0X2Vwb2NoIjoxNjkyMzE4NDE0LCJkYXRhIjpbeyJuYW1lIjoiZmlyc3RfY29udGVudGZ1bF9wYWludCIsInZhbCI6IjExMjAifV19LHsidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiJiNjRmZDFlZC1kZDNjLTQ4ZTMtNDU2ZS01NDVlYWU1OGM4MTUiLCJkb21haW5faWQiOiI0OTY5OTYiLCJ0X2Vwb2NoIjoxNjkyMzE4NDE0LCJkYXRhIjpbeyJuYW1lIjoiY29ubmVjdGlvbl9lZmZlY3RpdmVfdHlwZSIsInZhbCI6IjRnIn1dfV0=
Requested by
Host: www.ezojs.com
URL: https://www.ezojs.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-17y07-2y1e-7y0b-6y0d-27y13-4y16-3y18-4y1c-5y21-4y22-1y25-2y24-5y26-3y29-72y2c-158y30-176y34-4y36-21y3a-12y3b-6y59-2y5d-22&cmbcb=178&sj=x04x02x06x07x1ex0bx0dx13x16x18x1cx21x22x25x24x26x29x2cx30x34x36x3ax3bx59x5d&abt=EdgeHostDomain
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1f10:4c55:e23f:afb4:7f32:3aa4:fbc Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://itsallinanutshell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

access-control-allow-origin
https://itsallinanutshell.com
x-middleton-display
ezp_sol
date
Fri, 18 Aug 2023 00:26:57 GMT
cache-control
private, max-age=0, must-revalidate, no-cache, no-store
vary
Accept-Encoding
expires
Thu, 17 Aug 2023 00:26:57 GMT
greenoaks.gif
itsallinanutshell.com/detroitchicago/
0
16 B
Ping
General
Full URL
https://itsallinanutshell.com/detroitchicago/greenoaks.gif?orig=0&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiJiNjRmZDFlZC1kZDNjLTQ4ZTMtNDU2ZS01NDVlYWU1OGM4MTUiLCJkb21haW5faWQiOiI0OTY5OTYiLCJ0X2Vwb2NoIjoxNjkyMzE4NDE0LCJkYXRhIjpbeyJuYW1lIjoiY29ubmVjdGlvbl9kb3dubGluayIsInZhbCI6IjkuMSJ9XX0seyJ0eXBlIjoicGFnZXZpZXciLCJwYWdldmlld19pZCI6ImI2NGZkMWVkLWRkM2MtNDhlMy00NTZlLTU0NWVhZTU4YzgxNSIsImRvbWFpbl9pZCI6IjQ5Njk5NiIsInRfZXBvY2giOjE2OTIzMTg0MTQsImRhdGEiOlt7Im5hbWUiOiJjb25uZWN0aW9uX3J0dCIsInZhbCI6IjAifV19LHsidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiJiNjRmZDFlZC1kZDNjLTQ4ZTMtNDU2ZS01NDVlYWU1OGM4MTUiLCJkb21haW5faWQiOiI0OTY5OTYiLCJ0X2Vwb2NoIjoxNjkyMzE4NDE0LCJkYXRhIjpbeyJuYW1lIjoidGltZXJfZmlyc3RfYWRfbG9hZCIsInZhbCI6IjI4MzcifV19XQ==
Requested by
Host: www.ezojs.com
URL: https://www.ezojs.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-17y07-2y1e-7y0b-6y0d-27y13-4y16-3y18-4y1c-5y21-4y22-1y25-2y24-5y26-3y29-72y2c-158y30-176y34-4y36-21y3a-12y3b-6y59-2y5d-22&cmbcb=178&sj=x04x02x06x07x1ex0bx0dx13x16x18x1cx21x22x25x24x26x29x2cx30x34x36x3ax3bx59x5d&abt=EdgeHostDomain
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1f10:4c55:e23f:afb4:7f32:3aa4:fbc Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://itsallinanutshell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

access-control-allow-origin
https://itsallinanutshell.com
x-middleton-display
ezp_sol
date
Fri, 18 Aug 2023 00:26:57 GMT
cache-control
private, max-age=0, must-revalidate, no-cache, no-store
vary
Accept-Encoding
expires
Thu, 17 Aug 2023 00:26:57 GMT
army.gif
itsallinanutshell.com/porpoiseant/
0
16 B
Ping
General
Full URL
https://itsallinanutshell.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNDE2NTAzOTExNTU5MzI4NiIsImRvbWFpbl9pZCI6IjQ5Njk5NiIsInVuaXQiOiJpdHNhbGxpbmFudXRzaGVsbF9jb20tcGl4ZWwxIiwidF9lcG9jaCI6MTY5MjMxODQxNCwiYWRfcG9zaXRpb24iOjk5OTksImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJVUyIsInBhZ2V2aWV3X2lkIjoiYjY0ZmQxZWQtZGQzYy00OGUzLTQ1NmUtNTQ1ZWFlNThjODE1IiwiY29tcF9pZCI6bnVsbCwibGluZV9pdGVtX2lkIjowLCJjcmVhdGl2ZV9pZCI6MCwiZGF0YSI6W3sibmFtZSI6InJlZnJlc2hfY291bnQiLCJ2YWwiOiIxIn1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiI0MTY1MDM5MTE1NTkzMjg2IiwiZG9tYWluX2lkIjoiNDk2OTk2IiwidW5pdCI6Iml0c2FsbGluYW51dHNoZWxsX2NvbS1waXhlbDEiLCJ0X2Vwb2NoIjoxNjkyMzE4NDE0LCJhZF9wb3NpdGlvbiI6OTk5OSwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IlVTIiwicGFnZXZpZXdfaWQiOiJiNjRmZDFlZC1kZDNjLTQ4ZTMtNDU2ZS01NDVlYWU1OGM4MTUiLCJjb21wX2lkIjpudWxsLCJsaW5lX2l0ZW1faWQiOjAsImNyZWF0aXZlX2lkIjowLCJkYXRhIjpbeyJuYW1lIjoiZmlsbGVkX2JpZF9oYXNoIiwidmFsIjoiNzM2ZTQ5OThjN2NhZTIxZTZjNjdlMDhlMmRlNGRiNzYifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6IjQxNjUwMzkxMTU1OTMyODYiLCJkb21haW5faWQiOiI0OTY5OTYiLCJ1bml0IjoiaXRzYWxsaW5hbnV0c2hlbGxfY29tLXBpeGVsMSIsInRfZXBvY2giOjE2OTIzMTg0MTQsInJldmVudWUiOjAsImVzdF9yZXZlbnVlIjowLjAwMTYsImFkX3Bvc2l0aW9uIjo5OTk5LCJhZF9zaXplIjoiIiwiYmlkX2Zsb29yX2ZpbGxlZCI6MC4wMDE2LCJiaWRfZmxvb3JfcHJldiI6MCwic3RhdF9zb3VyY2VfaWQiOjM1LCJjb3VudHJ5X2NvZGUiOiJVUyIsInBhZ2V2aWV3X2lkIjoiYjY0ZmQxZWQtZGQzYy00OGUzLTQ1NmUtNTQ1ZWFlNThjODE1IiwiY29tcF9pZCI6bnVsbCwibGluZV9pdGVtX2lkIjowLCJjcmVhdGl2ZV9pZCI6MCwiZGF0YSI6W3sibmFtZSI6ImxvYWRlZCIsInZhbCI6IjEifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6IjQxNjUwMzkxMTU1OTMyODYiLCJkb21haW5faWQiOiI0OTY5OTYiLCJ1bml0IjoiaXRzYWxsaW5hbnV0c2hlbGxfY29tLXBpeGVsMSIsInRfZXBvY2giOjE2OTIzMTg0MTQsImFkX3Bvc2l0aW9uIjo5OTk5LCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiVVMiLCJwYWdldmlld19pZCI6ImI2NGZkMWVkLWRkM2MtNDhlMy00NTZlLTU0NWVhZTU4YzgxNSIsImNvbXBfaWQiOm51bGwsImxpbmVfaXRlbV9pZCI6MCwiY3JlYXRpdmVfaWQiOjAsImRhdGEiOlt7Im5hbWUiOiJjcmVhdGl2ZV9pZCIsInZhbCI6IjEzODI0MTEyMzUxNyJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNDE2NTAzOTExNTU5MzI4NiIsImRvbWFpbl9pZCI6IjQ5Njk5NiIsInVuaXQiOiJpdHNhbGxpbmFudXRzaGVsbF9jb20tcGl4ZWwxIiwidF9lcG9jaCI6MTY5MjMxODQxNCwiYWRfcG9zaXRpb24iOjk5OTksImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJVUyIsInBhZ2V2aWV3X2lkIjoiYjY0ZmQxZWQtZGQzYy00OGUzLTQ1NmUtNTQ1ZWFlNThjODE1IiwiY29tcF9pZCI6bnVsbCwibGluZV9pdGVtX2lkIjowLCJjcmVhdGl2ZV9pZCI6MCwiZGF0YSI6W3sibmFtZSI6ImxpbmVpdGVtX2lkIiwidmFsIjoiNDk3NDg5MTI0NyJ9XSwiaXNfb3JpZyI6ZmFsc2V9XQ==
Requested by
Host: www.ezojs.com
URL: https://www.ezojs.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-17y07-2y1e-7y0b-6y0d-27y13-4y16-3y18-4y1c-5y21-4y22-1y25-2y24-5y26-3y29-72y2c-158y30-176y34-4y36-21y3a-12y3b-6y59-2y5d-22&cmbcb=178&sj=x04x02x06x07x1ex0bx0dx13x16x18x1cx21x22x25x24x26x29x2cx30x34x36x3ax3bx59x5d&abt=EdgeHostDomain
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1f10:4c55:e23f:afb4:7f32:3aa4:fbc Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://itsallinanutshell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

access-control-allow-origin
https://itsallinanutshell.com
x-middleton-display
ezp_sol
date
Fri, 18 Aug 2023 00:26:57 GMT
cache-control
private, max-age=0, must-revalidate, no-cache, no-store
vary
Accept-Encoding
expires
Thu, 17 Aug 2023 00:26:57 GMT
4974891247
go.ezodn.com/dac/
0
616 B
XHR
General
Full URL
https://go.ezodn.com/dac/4974891247
Requested by
Host: www.ezojs.com
URL: https://www.ezojs.com/porpoiseant/banger.js?cb=195-0&bv=257&v=76&PageSpeed=off
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:e2::ac40:8817 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://itsallinanutshell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 00:26:57 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
0
last-modified
Fri, 18 Aug 2023 00:05:58 GMT
server
cloudflare
access-control-max-age
1728000
access-control-allow-methods
GET, POST, PUT, OPTIONS
content-type
text/plain
access-control-allow-origin
https://itsallinanutshell.com
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TblBxJ%2BQpzCTrom04AmwrY%2FzZo6rok49Eq753Pd%2B%2FU%2Bky1nwnA3yJYK5rrt5aOMc1J6I2A1%2BI%2F1xDxFv6meWrDRM9fFV84jPjtQSx9F1etB2va7oRUsaiiWCcAeH23WGeUTZAqfsuCGRgig%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=14400
access-control-allow-credentials
true
vary
Accept-Encoding,Origin,Access-Control-Request-Method,Access-Control-Request-Headers
accept-ranges
bytes
cf-ray
7f86073c6b60c457-EWR
access-control-allow-headers
Content-Type
army.gif
itsallinanutshell.com/porpoiseant/
0
16 B
Ping
General
Full URL
https://itsallinanutshell.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNDE2NTAzOTExNTU5MzI4NiIsImRvbWFpbl9pZCI6IjQ5Njk5NiIsInVuaXQiOiJpdHNhbGxpbmFudXRzaGVsbF9jb20tcGl4ZWwxIiwidF9lcG9jaCI6MTY5MjMxODQxNCwiYWRfcG9zaXRpb24iOjk5OTksImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJVUyIsInBhZ2V2aWV3X2lkIjoiYjY0ZmQxZWQtZGQzYy00OGUzLTQ1NmUtNTQ1ZWFlNThjODE1IiwiY29tcF9pZCI6bnVsbCwibGluZV9pdGVtX2lkIjowLCJjcmVhdGl2ZV9pZCI6MCwiZGF0YSI6W3sibmFtZSI6InRfbG9jYWxfZGF0ZSIsInZhbCI6IjIwMjMtMDgtMTcifSx7Im5hbWUiOiJ0X2xvY2FsX2hvdXIiLCJ2YWwiOiIxNCJ9LHsibmFtZSI6InRfbG9jYWxfZGF5X29mX3dlZWsiLCJ2YWwiOiI0In0seyJuYW1lIjoidF9sb2NhbF90aW1lem9uZSIsInZhbCI6IjYwMCJ9XSwiaXNfb3JpZyI6ZmFsc2V9XQ==
Requested by
Host: www.ezojs.com
URL: https://www.ezojs.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-17y07-2y1e-7y0b-6y0d-27y13-4y16-3y18-4y1c-5y21-4y22-1y25-2y24-5y26-3y29-72y2c-158y30-176y34-4y36-21y3a-12y3b-6y59-2y5d-22&cmbcb=178&sj=x04x02x06x07x1ex0bx0dx13x16x18x1cx21x22x25x24x26x29x2cx30x34x36x3ax3bx59x5d&abt=EdgeHostDomain
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1f10:4c55:e23f:afb4:7f32:3aa4:fbc Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://itsallinanutshell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

access-control-allow-origin
https://itsallinanutshell.com
x-middleton-display
ezp_sol
date
Fri, 18 Aug 2023 00:26:57 GMT
cache-control
private, max-age=0, must-revalidate, no-cache, no-store
vary
Accept-Encoding
expires
Thu, 17 Aug 2023 00:26:57 GMT
army.gif
itsallinanutshell.com/porpoiseant/
0
16 B
Ping
General
Full URL
https://itsallinanutshell.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImF1Y3Rpb24iLCJpbXByZXNzaW9uX2lkIjoiNDE2NTAzOTExNTU5MzI4NiIsImRvbWFpbl9pZCI6IjQ5Njk5NiIsInVuaXQiOiJpdHNhbGxpbmFudXRzaGVsbF9jb20tcGl4ZWwxIiwidF9lcG9jaCI6MTY5MjMxODQxNCwiYXVjdGlvbl9lcG9jaCI6MTY5MjMxODQxNywiYWRfcG9zaXRpb24iOjk5OTksImNvdW50cnlfY29kZSI6IlVTIiwicGFnZXZpZXdfaWQiOiJiNjRmZDFlZC1kZDNjLTQ4ZTMtNDU2ZS01NDVlYWU1OGM4MTUiLCJiaWRfZmxvb3JfaW5pdGlhbCI6MTYwLCJiaWRfZmxvb3JfcHJldiI6bnVsbCwiYmlkX2Zsb29yX2ZpbGxlZCI6MTYwLCJhdWN0aW9uX2NvdW50IjoxLCJyZWZyZXNoX2FkX2NvdW50IjowLCJhdWN0aW9uX2R1cmF0aW9uIjo5NzIsIm11bHRpX2FkX3VuaXQiOm51bGwsIm11bHRpX2FkX2NvdW50IjpudWxsLCJuZXR3b3JrX2NvZGUiOjIxNzMyMTE4OTE0LCJkYXRhIjpbeyJuYW1lIjoiIiwidmFsIjoiIn1dLCJsaW5lX2l0ZW1faWQiOjQ5NzQ4OTEyNDd9XQ==
Requested by
Host: www.ezojs.com
URL: https://www.ezojs.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-17y07-2y1e-7y0b-6y0d-27y13-4y16-3y18-4y1c-5y21-4y22-1y25-2y24-5y26-3y29-72y2c-158y30-176y34-4y36-21y3a-12y3b-6y59-2y5d-22&cmbcb=178&sj=x04x02x06x07x1ex0bx0dx13x16x18x1cx21x22x25x24x26x29x2cx30x34x36x3ax3bx59x5d&abt=EdgeHostDomain
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1f10:4c55:e23f:afb4:7f32:3aa4:fbc Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://itsallinanutshell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

access-control-allow-origin
https://itsallinanutshell.com
x-middleton-display
ezp_sol
date
Fri, 18 Aug 2023 00:26:57 GMT
cache-control
private, max-age=0, must-revalidate, no-cache, no-store
vary
Accept-Encoding
expires
Thu, 17 Aug 2023 00:26:57 GMT
army.gif
itsallinanutshell.com/porpoiseant/
0
16 B
Ping
General
Full URL
https://itsallinanutshell.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNDE2NTAzOTExNTU5MzI4NiIsImRvbWFpbl9pZCI6IjQ5Njk5NiIsInVuaXQiOiJpdHNhbGxpbmFudXRzaGVsbF9jb20tcGl4ZWwxIiwidF9lcG9jaCI6MTY5MjMxODQxNCwicmV2ZW51ZSI6MCwiZXN0X3JldmVudWUiOjAsImFkX3Bvc2l0aW9uIjo5OTk5LCJhZF9zaXplIjoiIiwiYmlkX2Zsb29yX2ZpbGxlZCI6MCwiYmlkX2Zsb29yX3ByZXYiOjAsInN0YXRfc291cmNlX2lkIjowLCJjb3VudHJ5X2NvZGUiOiJVUyIsInBhZ2V2aWV3X2lkIjoiYjY0ZmQxZWQtZGQzYy00OGUzLTQ1NmUtNTQ1ZWFlNThjODE1IiwiY29tcF9pZCI6bnVsbCwibGluZV9pdGVtX2lkIjowLCJjcmVhdGl2ZV9pZCI6MCwiZGF0YSI6W3sibmFtZSI6ImFkX2xvYWRfdGltZSIsInZhbCI6IjI4NDEifV0sImlzX29yaWciOmZhbHNlfV0=
Requested by
Host: www.ezojs.com
URL: https://www.ezojs.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-17y07-2y1e-7y0b-6y0d-27y13-4y16-3y18-4y1c-5y21-4y22-1y25-2y24-5y26-3y29-72y2c-158y30-176y34-4y36-21y3a-12y3b-6y59-2y5d-22&cmbcb=178&sj=x04x02x06x07x1ex0bx0dx13x16x18x1cx21x22x25x24x26x29x2cx30x34x36x3ax3bx59x5d&abt=EdgeHostDomain
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1f10:4c55:e23f:afb4:7f32:3aa4:fbc Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://itsallinanutshell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

access-control-allow-origin
https://itsallinanutshell.com
x-middleton-display
ezp_sol
date
Fri, 18 Aug 2023 00:26:57 GMT
cache-control
private, max-age=0, must-revalidate, no-cache, no-store
vary
Accept-Encoding
expires
Thu, 17 Aug 2023 00:26:57 GMT
css2
fonts.googleapis.com/ Frame 9772
4 KB
920 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap
Requested by
Host: f9aff9bef49e1270a22b691c950b742a.safeframe.googlesyndication.com
URL: https://f9aff9bef49e1270a22b691c950b742a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80b::200a Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://f9aff9bef49e1270a22b691c950b742a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 18 Aug 2023 00:26:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 18 Aug 2023 00:11:55 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 18 Aug 2023 00:26:57 GMT
css
fonts.googleapis.com/ Frame 6F27
15 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500%7CGoogle%20Sans%20Display%3A400
Requested by
Host: itsallinanutshell.com
URL: https://itsallinanutshell.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80b::200a Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2060d29f49d996a26f3888bf75735db9e023f651d382164d295337be9dc99620
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://f9aff9bef49e1270a22b691c950b742a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 18 Aug 2023 00:26:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 18 Aug 2023 00:11:49 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 18 Aug 2023 00:26:57 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230816/r20110914/client/ Frame 6F27
2 KB
945 B
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230816/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: itsallinanutshell.com
URL: https://itsallinanutshell.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81e::2001 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://f9aff9bef49e1270a22b691c950b742a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 14:23:39 GMT
content-encoding
br
x-content-type-options
nosniff
age
36198
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
865
x-xss-protection
0
server
cafe
etag
5051423035144352294
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 31 Aug 2023 14:23:39 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230816/r20110914/ Frame 6F27
23 KB
9 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230816/r20110914/abg_lite_fy2021.js
Requested by
Host: itsallinanutshell.com
URL: https://itsallinanutshell.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81e::2001 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
821da8af52f9abd6ed4c5148caee6e2cf2188c9ca01a0008a5a1ce789ce7d99b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://f9aff9bef49e1270a22b691c950b742a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 14:23:39 GMT
content-encoding
br
x-content-type-options
nosniff
age
36198
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9092
x-xss-protection
0
server
cafe
etag
9312205082594545078
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 31 Aug 2023 14:23:39 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230816/r20110914/client/ Frame 6F27
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230816/r20110914/client/window_focus_fy2021.js
Requested by
Host: itsallinanutshell.com
URL: https://itsallinanutshell.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81e::2001 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://f9aff9bef49e1270a22b691c950b742a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 14:23:39 GMT
content-encoding
br
x-content-type-options
nosniff
age
36198
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 31 Aug 2023 14:23:39 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 0DC3
1 KB
874 B
Document
General
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: itsallinanutshell.com
URL: https://itsallinanutshell.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81d::2002 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://f9aff9bef49e1270a22b691c950b742a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
59173
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 17 Aug 2023 08:00:44 GMT
etag
48472445140208031
expires
Fri, 18 Aug 2023 08:00:44 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230816/r20110914/client/ Frame 6F27
20 KB
8 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230816/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: itsallinanutshell.com
URL: https://itsallinanutshell.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81e::2001 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://f9aff9bef49e1270a22b691c950b742a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 14:23:40 GMT
content-encoding
br
x-content-type-options
nosniff
age
36197
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8273
x-xss-protection
0
server
cafe
etag
16365778639179992903
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 31 Aug 2023 14:23:40 GMT
l
www.google.com/ads/measurement/ Frame 6F27
0
0
Image
General
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRbNxJ2r_aOr2wEuDYJW5rKW2JUsG46lHmDqyglxY4IwVkQ-9o0PJX36SmFBMJ-hu_xgYA96E62ulJ_UAwMbfKYYPTh8Q
Requested by
Host: itsallinanutshell.com
URL: https://itsallinanutshell.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:806::2004 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://f9aff9bef49e1270a22b691c950b742a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 6F27
180 KB
57 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: itsallinanutshell.com
URL: https://itsallinanutshell.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81d::2002 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
78ae55fc0ceb8ac07f56b87f7886371e91a57dafb6ee5154f317b7bb11da12a7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://f9aff9bef49e1270a22b691c950b742a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 00:26:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57620
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1692185840427238"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 18 Aug 2023 00:26:57 GMT
e822d7071992e030a786d1a51b1f59a7.js
www.gstatic.com/mysidia/ Frame 6F27
35 KB
15 KB
Script
General
Full URL
https://www.gstatic.com/mysidia/e822d7071992e030a786d1a51b1f59a7.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: itsallinanutshell.com
URL: https://itsallinanutshell.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:809::2003 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b0cbbfe7e06fd7a9274bcdf96bde690f294cdef1ba01f2f20c9a9bd09eb1502b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://f9aff9bef49e1270a22b691c950b742a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 00:20:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
173171
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14926
x-xss-protection
0
last-modified
Wed, 16 Aug 2023 00:01:10 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Tue, 14 Nov 2023 00:20:46 GMT
interstitial_ad_frame_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230816/r20110914/elements/html/ Frame 9772
20 KB
8 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230816/r20110914/elements/html/interstitial_ad_frame_fy2021.js
Requested by
Host: f9aff9bef49e1270a22b691c950b742a.safeframe.googlesyndication.com
URL: https://f9aff9bef49e1270a22b691c950b742a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81e::2001 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4539a37b37acaf787b3ccd0bb1e9a3372c9150aff547eeddd0296ad2a6d664f8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://f9aff9bef49e1270a22b691c950b742a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 14:32:15 GMT
content-encoding
br
x-content-type-options
nosniff
age
35682
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8570
x-xss-protection
0
server
cafe
etag
11167480076894372452
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 31 Aug 2023 14:32:15 GMT
feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 9772
205 B
520 B
Image
General
Full URL
https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png
Requested by
Host: f9aff9bef49e1270a22b691c950b742a.safeframe.googlesyndication.com
URL: https://f9aff9bef49e1270a22b691c950b742a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:809::2003 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://f9aff9bef49e1270a22b691c950b742a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 18:29:40 GMT
x-content-type-options
nosniff
age
107837
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
205
x-xss-protection
0
last-modified
Thu, 20 Jul 2023 22:48:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Thu, 15 Aug 2024 18:29:40 GMT
settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 9772
604 B
696 B
Image
General
Full URL
https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png
Requested by
Host: f9aff9bef49e1270a22b691c950b742a.safeframe.googlesyndication.com
URL: https://f9aff9bef49e1270a22b691c950b742a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:809::2003 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://f9aff9bef49e1270a22b691c950b742a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 18:26:02 GMT
x-content-type-options
nosniff
age
108055
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
604
x-xss-protection
0
last-modified
Thu, 20 Jul 2023 22:48:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Thu, 15 Aug 2024 18:26:02 GMT
pixel
cm.g.doubleclick.net/ Frame 0DC3
Redirect Chain
  • https://um.simpli.fi/gp_match?google_gid=CAESENxkHIfEoS_fdexpac5amr4&google_cver=1&google_push=AXcoOmR2p9qnDJts64Qahd-DLZ0bmeaArku6g_28W-nCzBhuj6aL_EOv5n2orOZwg2VUREHNUy3U4A1f3jvCy7g_ILneGOEn8go
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=7ECD5403DF2A44CEA68AD742A23A3A42&google_push=AXcoOmR2p9qnDJts64Qahd-DLZ0bmeaArku6g_28W-nCzBhuj6aL_EOv5n2orOZwg2VUREHNUy3U4A1f3jvCy7g...
170 B
232 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=7ECD5403DF2A44CEA68AD742A23A3A42&google_push=AXcoOmR2p9qnDJts64Qahd-DLZ0bmeaArku6g_28W-nCzBhuj6aL_EOv5n2orOZwg2VUREHNUy3U4A1f3jvCy7g_ILneGOEn8go
Protocol
H2
Server
142.250.176.194 Grosse Pointe, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s37-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 00:26:57 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Fri, 18 Aug 2023 00:26:57 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=7ECD5403DF2A44CEA68AD742A23A3A42&google_push=AXcoOmR2p9qnDJts64Qahd-DLZ0bmeaArku6g_28W-nCzBhuj6aL_EOv5n2orOZwg2VUREHNUy3U4A1f3jvCy7g_ILneGOEn8go
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Thu, 17 Aug 2023 00:26:57 GMT
pixel
cm.g.doubleclick.net/ Frame 0DC3
Redirect Chain
  • https://match.adsrvr.org/track/cmf/google?google_gid=CAESEE6E8wAsadvpgwNM3s2s1kk&google_cver=1&google_push=AXcoOmTZJW3Ukaa7JbaH7pzXSdCSMkQvJy5Gcd4zHJhMz8ZCcjqf1UtvOhwvEK8s0AYosWZtblJwni5Lmy44CKEtd1...
  • https://match.adsrvr.org/track/cmb/google?google_gid=CAESEE6E8wAsadvpgwNM3s2s1kk&google_cver=1&google_push=AXcoOmTZJW3Ukaa7JbaH7pzXSdCSMkQvJy5Gcd4zHJhMz8ZCcjqf1UtvOhwvEK8s0AYosWZtblJwni5Lmy44CKEtd1...
  • https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=MDQ4N2ZkZWYtZGJjYi00NDcyLTkxZWEtMDkxYWY4NmE2NGZi&google_push&gdpr=0&gdpr_consent=&ttd_tdid=0487fdef-dbcb-4472-91ea-091af86a64fb
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=MDQ4N2ZkZWYtZGJjYi00NDcyLTkxZWEtMDkxYWY4NmE2NGZi&google_push&gdpr=0&gdpr_consent=&ttd_tdid=0487fdef-dbcb-4472-91ea-091af86a64fb
Protocol
H3
Server
142.250.176.194 Grosse Pointe, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s37-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 00:26:57 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=MDQ4N2ZkZWYtZGJjYi00NDcyLTkxZWEtMDkxYWY4NmE2NGZi&google_push&gdpr=0&gdpr_consent=&ttd_tdid=0487fdef-dbcb-4472-91ea-091af86a64fb
date
Fri, 18 Aug 2023 00:26:57 GMT
server
Kestrel
content-length
423
pixel
cm.g.doubleclick.net/ Frame 0DC3
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEEGd3nOxVeU95mQ_jL3wce4&google_cver=1&google_push=AXcoOmTUdj0onLGqcumMB1PaShdHIs-_xSQlOM3aAAvpLvdiDFN-2lg0I58jY-B6mDzQ6QubOxNTd_JJ...
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEEGd3nOxVeU95mQ_jL3wce4&google_cver=1&google_push=AXcoOmTUdj0onLGqcumMB1PaShdHIs-_xSQlOM3aAAvpLvdiDFN-2lg0I58jY-B6mDzQ6QubOxN...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjY4NDYzMTcyMTYzMTQ2NDM2MA&google_push=AXcoOmTUdj0onLGqcumMB1PaShdHIs-_xSQlOM3aAAvpLvdiDFN-2lg0I58jY-B6mDzQ6QubOxNTd_...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjY4NDYzMTcyMTYzMTQ2NDM2MA&google_push=AXcoOmTUdj0onLGqcumMB1PaShdHIs-_xSQlOM3aAAvpLvdiDFN-2lg0I58jY-B6mDzQ6QubOxNTd_JJAxVewH3RUaT7GMqjSg
Protocol
H3
Server
142.250.176.194 Grosse Pointe, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s37-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 00:26:57 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 18 Aug 2023 00:26:57 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjY4NDYzMTcyMTYzMTQ2NDM2MA&google_push=AXcoOmTUdj0onLGqcumMB1PaShdHIs-_xSQlOM3aAAvpLvdiDFN-2lg0I58jY-B6mDzQ6QubOxNTd_JJAxVewH3RUaT7GMqjSg
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
pixel
cm.g.doubleclick.net/ Frame 0DC3
Redirect Chain
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEN947d0LNroU49Eub44ucjw&google_cver=1&google_push=AXcoOmTPlvjg-URFu2Rm0tP30HMHr2M675V9_wYGb74EMp3MIUIjafF-kwiQDIXj35Z-xHPeFEDz-_r7K3U0AGHTO...
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEN947d0LNroU49Eub44ucjw&google_cver=1&google_push=AXcoOmTPlvjg-URFu2Rm0tP30HMHr2M675V9_wYGb74EMp3MIUIjafF-kwiQDIXj35Z-xHPeFEDz-_r7K3U0AGHTO...
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmTPlvjg-URFu2Rm0tP30HMHr2M675V9_wYGb74EMp3MIUIjafF-kwiQDIXj35Z-xHPeFEDz-_r7K3U0AGHTOn6QK5FqdMw&google_hm=HKy6dGZHUq-Qsjh8SEqEABZ8
170 B
232 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmTPlvjg-URFu2Rm0tP30HMHr2M675V9_wYGb74EMp3MIUIjafF-kwiQDIXj35Z-xHPeFEDz-_r7K3U0AGHTOn6QK5FqdMw&google_hm=HKy6dGZHUq-Qsjh8SEqEABZ8
Protocol
H2
Server
142.250.176.194 Grosse Pointe, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s37-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 00:26:57 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Fri, 18 Aug 2023 00:26:57 GMT
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmTPlvjg-URFu2Rm0tP30HMHr2M675V9_wYGb74EMp3MIUIjafF-kwiQDIXj35Z-xHPeFEDz-_r7K3U0AGHTOn6QK5FqdMw&google_hm=HKy6dGZHUq-Qsjh8SEqEABZ8
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap5ewr1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
0
pixel
cm.g.doubleclick.net/ Frame 0DC3
Redirect Chain
  • https://ads.yieldmo.com/exptsync?google_gid=CAESEDTAZEMORpJxa7xF6tmI0wI&google_cver=1&google_push=AXcoOmRNPXZbdXWk9sdh8NzDCabywnXQwq8CMdcQrjpeLyfX99on9514hsRMi6DucHFlykODkDJ-ApmlcWRCfNWcAsT-jEA6ENw
  • https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AXcoOmRNPXZbdXWk9sdh8NzDCabywnXQwq8CMdcQrjpeLyfX99on9514hsRMi6DucHFlykODkDJ-ApmlcWRCfNWcAsT-jEA6ENw&google_hm=M203REx5eUdHRHl5SWZsa...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AXcoOmRNPXZbdXWk9sdh8NzDCabywnXQwq8CMdcQrjpeLyfX99on9514hsRMi6DucHFlykODkDJ-ApmlcWRCfNWcAsT-jEA6ENw&google_hm=M203REx5eUdHRHl5SWZsam9uUGY=
Protocol
H3
Server
142.250.176.194 Grosse Pointe, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s37-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 00:26:57 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 18 Aug 2023 00:26:57 GMT
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/json;charset=utf-8
location
https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AXcoOmRNPXZbdXWk9sdh8NzDCabywnXQwq8CMdcQrjpeLyfX99on9514hsRMi6DucHFlykODkDJ-ApmlcWRCfNWcAsT-jEA6ENw&google_hm=M203REx5eUdHRHl5SWZsam9uUGY=
access-control-allow-origin
*
access-control-allow-headers
Cache-Control, Pragma, *
content-length
0
pixel
cm.g.doubleclick.net/ Frame 0DC3
Redirect Chain
  • https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEAgNGKfyxxHzjZnBFProlJk&google_cver=1&google_push=AXcoOmQ6zTb4KDo39UZfzLFssy0cSeDI-wZtsVdvSW3HyE5GI8UT3_hsub1KkQauhHuW0I7Ck1aVET...
  • https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AXcoOmQ6zTb4KDo39UZfzLFssy0cSeDI-wZtsVdvSW3HyE5GI8UT3_hsub1KkQauhHuW0I7Ck1aVETUR3DiVe0ZEzH_MXhyR-mg&google_hm=ODM2NzkzNTc...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AXcoOmQ6zTb4KDo39UZfzLFssy0cSeDI-wZtsVdvSW3HyE5GI8UT3_hsub1KkQauhHuW0I7Ck1aVETUR3DiVe0ZEzH_MXhyR-mg&google_hm=ODM2NzkzNTczNDQ4MjI4NzMwMg%3D%3D
Protocol
H3
Server
142.250.176.194 Grosse Pointe, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s37-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 00:26:57 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AXcoOmQ6zTb4KDo39UZfzLFssy0cSeDI-wZtsVdvSW3HyE5GI8UT3_hsub1KkQauhHuW0I7Ck1aVETUR3DiVe0ZEzH_MXhyR-mg&google_hm=ODM2NzkzNTczNDQ4MjI4NzMwMg%3D%3D
date
Fri, 18 Aug 2023 00:26:57 GMT
content-length
0
pixel
cm.g.doubleclick.net/ Frame 0DC3
Redirect Chain
  • https://analytics.pangle-ads.com/api/ad/union/gg_cookie_matching?google_gid=CAESEKierwTxWK1oLOeZCWlCFLY&google_cver=1&google_push=AXcoOmSQcnr7sBMMOjzJQyAxMUUvPturDOZpZoN1la8XCc9EPU8hhueXFYliSE7b7wo...
  • https://cm.g.doubleclick.net/pixel?google_nid=toutiao_usd&google_push=AXcoOmSQcnr7sBMMOjzJQyAxMUUvPturDOZpZoN1la8XCc9EPU8hhueXFYliSE7b7woUWghp8vrNEK3wukOXF0NxJx_-p8buoHo
170 B
329 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=toutiao_usd&google_push=AXcoOmSQcnr7sBMMOjzJQyAxMUUvPturDOZpZoN1la8XCc9EPU8hhueXFYliSE7b7woUWghp8vrNEK3wukOXF0NxJx_-p8buoHo
Protocol
H2
Server
142.250.176.194 Grosse Pointe, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s37-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 00:26:57 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Fri, 18 Aug 2023 00:26:57 GMT
X-Bytefaas-Request-Id
20230818002657815CBFAC9220197ACCD4
x-tt-trace-tag
id=00;cdn-cache=miss
Connection
keep-alive
server-timing
inner; dur=6
Content-Length
0
Server
nginx
X-Tt-Logid
20230818002657815CBFAC9220197ACCD4
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
*
Location
https://cm.g.doubleclick.net/pixel?google_nid=toutiao_usd&google_push=AXcoOmSQcnr7sBMMOjzJQyAxMUUvPturDOZpZoN1la8XCc9EPU8hhueXFYliSE7b7woUWghp8vrNEK3wukOXF0NxJx_-p8buoHo
X-Bytefaas-Execution-Duration
4.84
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
x-tt-trace-host
016c6af436f49801b4ccf77e5dde985b426fe023824ef9237378f6cff4c39c7be48ac1e153488734e2e3976f36c1661160471e70206735b2bea2351de2c89a1dc454900a5cf217862164042fbb56bbc65b
Access-Control-Allow-Headers
*
attr
cm.g.doubleclick.net/pixel/ Frame 0DC3
0
130 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13K_I_Y8WR4fiUHNq8lgq583lAjAE-pqiBYZ0HQdNWGb_42HNEbzoIw-54QVgDdwboqYqLHWXQ
Requested by
Host: f9aff9bef49e1270a22b691c950b742a.safeframe.googlesyndication.com
URL: https://f9aff9bef49e1270a22b691c950b742a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.176.194 Grosse Pointe, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s37-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 00:26:57 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
-jd_BcJ2_muHebna6aM-t4BwAJqN83NnF3hDm83RPZ4.js
pagead2.googlesyndication.com/bg/ Frame 08BE
37 KB
14 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/-jd_BcJ2_muHebna6aM-t4BwAJqN83NnF3hDm83RPZ4.js
Requested by
Host: itsallinanutshell.com
URL: https://itsallinanutshell.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2002 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fa377f05c276fe6b8779b9dae9a33eb78070009a8df373671778439bcdd13d9e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://f9aff9bef49e1270a22b691c950b742a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 15 Aug 2023 21:15:35 GMT
content-encoding
br
x-content-type-options
nosniff
age
184282
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14691
x-xss-protection
0
last-modified
Mon, 14 Aug 2023 12:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 14 Aug 2024 21:15:35 GMT
/
ads.us.e-planning.net/uspd/1/ Frame 53E1
Redirect Chain
  • https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fow.pubmatic.com%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID
  • https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fow.pubmatic.com%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID
3 KB
2 KB
Document
General
Full URL
https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fow.pubmatic.com%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/162833/9311/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
172.98.26.245 Ashburn, United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
8ef8d4cdc8b22349344815ede1e936f09207938987f6cb6ff82838948d9e06bd

Request headers

Referer
https://itsallinanutshell.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
max-age=0, no-cache
content-encoding
gzip
content-type
text/html
date
Fri, 18 Aug 2023 00:26:57 GMT
expires
Fri, 18 Aug 2023 00:26:57 GMT
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
server
openresty
x-sid
IAD-1211

Redirect headers

content-type
text/html; charset=iso-8859-1
date
Fri, 18 Aug 2023 00:26:57 GMT
location
/uspd/1/?ct=1&du=https%3A%2F%2Fow.pubmatic.com%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
server
openresty
x-sid
IAD-1211
um
u-iad04.e-planning.net/ Frame 53E1
Redirect Chain
  • https://pixel.sitescout.com/dmp/pixelSync?network=EPLANNING&rurl=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fuid%3D%7BUSER_ID%7D%26dc%3D0abbcb4eba840e59%26fi%3D2dc5d7ef17b42550
  • https://pixel.sitescout.com/dmp/pixelSync?cookieQ=1&network=EPLANNING&rurl=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fuid%3D%7BUSER_ID%7D%26dc%3D0abbcb4eba840e59%26fi%3D2dc5d7ef17b42550
  • https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=07e245da-4f06-492e-b7a4-be6d629de3b9-64debad1-5553&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%...
  • https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=07e245da-4f06-492e-b7a4-be6d629de3b9-64debad1-5553&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%...
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=07e245da-4f06-492e-b7a4-be6d629de3b9-64debad1-5553&partner_url=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fuid%3D07e245da-4f...
  • https://pixel.tapad.com/idsync/ex/push/check?partner_id=2499&partner_device_id=07e245da-4f06-492e-b7a4-be6d629de3b9-64debad1-5553&partner_url=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fuid%3D07e24...
  • https://u-iad04.e-planning.net/um?uid=07e245da-4f06-492e-b7a4-be6d629de3b9-64debad1-5553&dc=0abbcb4eba840e59&fi=2dc5d7ef17b42550
42 B
103 B
Image
General
Full URL
https://u-iad04.e-planning.net/um?uid=07e245da-4f06-492e-b7a4-be6d629de3b9-64debad1-5553&dc=0abbcb4eba840e59&fi=2dc5d7ef17b42550
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fow.pubmatic.com%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID
Protocol
H2
Server
172.98.26.245 Ashburn, United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

server
openresty
date
Fri, 18 Aug 2023 00:26:58 GMT
content-type
image/gif

Redirect headers

date
Fri, 18 Aug 2023 00:26:58 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin
*
location
https://u-iad04.e-planning.net/um?uid=07e245da-4f06-492e-b7a4-be6d629de3b9-64debad1-5553&dc=0abbcb4eba840e59&fi=2dc5d7ef17b42550
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
um
u-iad04.e-planning.net/ Frame 53E1
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=562965&ev=1&us_privacy=${us_privacy}&rurl=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fuid%3D%%VGUID%%%26dc%3D66b7ef4184d94c10%26fi%3D2dc5d7ef17b42550
  • https://u-iad04.e-planning.net/um?uid=LRorNYzj3RZ1&dc=66b7ef4184d94c10&fi=2dc5d7ef17b42550&ev=1&us_privacy=${us_privacy}&pid=562965
42 B
103 B
Image
General
Full URL
https://u-iad04.e-planning.net/um?uid=LRorNYzj3RZ1&dc=66b7ef4184d94c10&fi=2dc5d7ef17b42550&ev=1&us_privacy=${us_privacy}&pid=562965
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fow.pubmatic.com%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID
Protocol
H2
Server
172.98.26.245 Ashburn, United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

server
openresty
date
Fri, 18 Aug 2023 00:26:57 GMT
content-type
image/gif

Redirect headers

strict-transport-security
max-age=15768000
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(10.0.14)
content-language
en-US
location
https://u-iad04.e-planning.net/um?uid=LRorNYzj3RZ1&dc=66b7ef4184d94c10&fi=2dc5d7ef17b42550&ev=1&us_privacy=${us_privacy}&pid=562965
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-cdb79dd64-d8gd7
expires
-1
um
u-iad04.e-planning.net/ Frame 53E1
Redirect Chain
  • https://sync.admanmedia.com/pbs.gif?redir=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3D9937b3fd6e9a979a%26fi%3D2dc5d7ef17b42550%26uid%3D%5BUID%5D
  • https://u-iad04.e-planning.net/um?dc=9937b3fd6e9a979a&fi=2dc5d7ef17b42550&uid=6b01332b-0967-46b8-b07e-3abf9949e4b4
42 B
103 B
Image
General
Full URL
https://u-iad04.e-planning.net/um?dc=9937b3fd6e9a979a&fi=2dc5d7ef17b42550&uid=6b01332b-0967-46b8-b07e-3abf9949e4b4
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fow.pubmatic.com%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID
Protocol
H2
Server
172.98.26.245 Ashburn, United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

server
openresty
date
Fri, 18 Aug 2023 00:26:58 GMT
content-type
image/gif

Redirect headers

Location
https://u-iad04.e-planning.net/um?dc=9937b3fd6e9a979a&fi=2dc5d7ef17b42550&uid=6b01332b-0967-46b8-b07e-3abf9949e4b4
Date
Fri, 18 Aug 2023 00:26:58 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
retargetly_030920.js
s.e-planning.net/esb/4/1/3fb8/7bb4893a30d21aef/ Frame 53E1
2 KB
1 KB
Script
General
Full URL
https://s.e-planning.net/esb/4/1/3fb8/7bb4893a30d21aef/retargetly_030920.js
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fow.pubmatic.com%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
172.98.26.241 Ashburn, United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
s.e-planning.net
Software
openresty /
Resource Hash
18cbfcb608af5885f7916274b60578d32006c90e8fce3d98dbcc89a646707608

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 00:26:57 GMT
content-encoding
gzip
last-modified
Thu, 03 Sep 2020 18:45:03 GMT
server
openresty
etag
W/"5f5139af-857"
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=157680000
expires
Wed, 16 Aug 2028 00:26:57 GMT
um
u-iad04.e-planning.net/ Frame 53E1
Redirect Chain
  • https://rtb.openx.net/sync/prebid?r=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3Dff96d1aa62deeebd%26fi%3D2dc5d7ef17b42550%26uid%3D%24%7BUID%7D
  • https://rtb.openx.net/sync/prebid?r=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3Dff96d1aa62deeebd%26fi%3D2dc5d7ef17b42550%26uid%3D%24%7BUID%7D&ox_sc=1
  • https://u-iad04.e-planning.net/um?dc=ff96d1aa62deeebd&fi=2dc5d7ef17b42550&uid=a97a27be-bd5a-4dce-907f-5a11da083494
42 B
103 B
Image
General
Full URL
https://u-iad04.e-planning.net/um?dc=ff96d1aa62deeebd&fi=2dc5d7ef17b42550&uid=a97a27be-bd5a-4dce-907f-5a11da083494
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fow.pubmatic.com%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID
Protocol
H2
Server
172.98.26.245 Ashburn, United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

server
openresty
date
Fri, 18 Aug 2023 00:26:57 GMT
content-type
image/gif

Redirect headers

pragma
no-cache
date
Fri, 18 Aug 2023 00:26:57 GMT
via
1.1 google
content-type
text/html; charset=utf-8
location
https://u-iad04.e-planning.net/um?dc=ff96d1aa62deeebd&fi=2dc5d7ef17b42550&uid=a97a27be-bd5a-4dce-907f-5a11da083494
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
145
lotame20220615.js
s.e-planning.net/esb/4/0/1992d/f6ee63a0c2353004/ Frame 53E1
566 B
520 B
Script
General
Full URL
https://s.e-planning.net/esb/4/0/1992d/f6ee63a0c2353004/lotame20220615.js
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fow.pubmatic.com%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
172.98.26.241 Ashburn, United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
s.e-planning.net
Software
openresty /
Resource Hash
4f618d20d85f3163d72432606f3afa3c17b6c79954f967ec3df9a710503c9df4

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 00:26:57 GMT
content-encoding
gzip
last-modified
Wed, 15 Jun 2022 16:21:31 GMT
server
openresty
etag
W/"62aa070b-236"
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=157680000
expires
Wed, 16 Aug 2028 00:26:57 GMT
um
u-iad04.e-planning.net/ Frame 53E1
Redirect Chain
  • https://prebid-match.dotomi.com/match/bounce/current?networkId=72582&version=1&rurl=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3Dfbb23d0ef33aad5d%26fi%3D2dc5d7ef17b42550%26uid%3D
  • https://prebid-match.dotomi.com/match/bounce/current?DotomiTest=4f281d4f787e1493&is_secure=true&networkId=72582&version=1&rurl=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3Dfbb23d0ef33aad5d%26fi...
  • https://u-iad04.e-planning.net/um?dc=fbb23d0ef33aad5d&fi=2dc5d7ef17b42550&uid=AAAIuZ3ZnldwIgMf_D_OAAAAAAA&expiration=1692404818
42 B
103 B
Image
General
Full URL
https://u-iad04.e-planning.net/um?dc=fbb23d0ef33aad5d&fi=2dc5d7ef17b42550&uid=AAAIuZ3ZnldwIgMf_D_OAAAAAAA&expiration=1692404818
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fow.pubmatic.com%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID
Protocol
H2
Server
172.98.26.245 Ashburn, United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

server
openresty
date
Fri, 18 Aug 2023 00:26:58 GMT
content-type
image/gif

Redirect headers

pragma
no-cache
date
Fri, 18 Aug 2023 00:26:58 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://u-iad04.e-planning.net/um?dc=fbb23d0ef33aad5d&fi=2dc5d7ef17b42550&uid=AAAIuZ3ZnldwIgMf_D_OAAAAAAA&expiration=1692404818
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
/
sync.richaudience.com/a566db6afba33978322ef47fa16ca6fe/ Frame 53E1
Redirect Chain
  • https://sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/?p=25BiP9IMgN&r=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fuid%3D[PDID]%26dc%3Dfabfd6762b833237%26fi%3D2dc5d7ef17b42550
  • https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fads.us.e-planning.net%2F
  • https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fads.us.e-planning.net%2F&rd=1
  • https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsync.richaudience.com%2Fa566db6afba33978322ef47fa16ca6fe%2F%3Fuid%3D$UID
  • https://sync.richaudience.com/a566db6afba33978322ef47fa16ca6fe/?uid=HKy6dGZHUq-Qsjh8SEqEABZ8
95 B
367 B
Image
General
Full URL
https://sync.richaudience.com/a566db6afba33978322ef47fa16ca6fe/?uid=HKy6dGZHUq-Qsjh8SEqEABZ8
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fow.pubmatic.com%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID
Protocol
H2
Server
168.119.72.236 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.236.72.119.168.clients.your-server.de
Software
nginx / PHP/8.2.5
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-type
image/png
date
Fri, 18 Aug 2023 00:27:02 GMT
server
nginx
x-powered-by
PHP/8.2.5
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

Redirect headers

Date
Fri, 18 Aug 2023 00:26:58 GMT
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://sync.richaudience.com/a566db6afba33978322ef47fa16ca6fe/?uid=HKy6dGZHUq-Qsjh8SEqEABZ8
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap5ewr1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
0
um
u-iad04.e-planning.net/ Frame 53E1
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3D8103fa85295fbe60%26fi%3D2dc5d7ef17b42550%26uid%3D%24UID
  • https://u-iad04.e-planning.net/um?dc=8103fa85295fbe60&fi=2dc5d7ef17b42550&uid=4664318827337647392
42 B
104 B
Image
General
Full URL
https://u-iad04.e-planning.net/um?dc=8103fa85295fbe60&fi=2dc5d7ef17b42550&uid=4664318827337647392
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fow.pubmatic.com%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID
Protocol
H2
Server
172.98.26.245 Ashburn, United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

server
openresty
date
Fri, 18 Aug 2023 00:26:57 GMT
content-type
image/gif

Redirect headers

pragma
no-cache
date
Fri, 18 Aug 2023 00:26:57 GMT
an-x-request-uuid
4667ac80-55d1-4451-82f5-54d02b514229
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://u-iad04.e-planning.net/um?dc=8103fa85295fbe60&fi=2dc5d7ef17b42550&uid=4664318827337647392
x-proxy-origin
96.9.249.38; 96.9.249.38; 797.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
um
u-iad04.e-planning.net/ Frame 53E1
Redirect Chain
  • https://sync.go.sonobi.com/us?loc=%0A%0Ahttps%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3De52415579699e09f%26fi%3D2dc5d7ef17b42550%26uid%3D%5BUID%5D
  • https://u-iad04.e-planning.net/um?dc=e52415579699e09f&fi=2dc5d7ef17b42550&uid=2504e206-099c-4dfa-a5b0-f8c2c91d13ac
42 B
103 B
Image
General
Full URL
https://u-iad04.e-planning.net/um?dc=e52415579699e09f&fi=2dc5d7ef17b42550&uid=2504e206-099c-4dfa-a5b0-f8c2c91d13ac
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fow.pubmatic.com%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID
Protocol
H2
Server
172.98.26.245 Ashburn, United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

server
openresty
date
Fri, 18 Aug 2023 00:26:57 GMT
content-type
image/gif

Redirect headers

pragma
no-cache
date
Fri, 18 Aug 2023 00:26:57 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-5-113
content-type
text/plain; charset=utf8
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://u-iad04.e-planning.net/um?dc=e52415579699e09f&fi=2dc5d7ef17b42550&uid=2504e206-099c-4dfa-a5b0-f8c2c91d13ac
cache-control
no-cache, no-store, private
tcn
Choice
content-length
0
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT
um
u-iad04.e-planning.net/ Frame 53E1
Redirect Chain
  • https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3De64f73568d2b3c34%26fi%3D2dc5d7ef17b42550%26uid%3D%24UID&partner=eplanning
  • https://u-iad04.e-planning.net/um?dc=e64f73568d2b3c34&fi=2dc5d7ef17b42550&uid=ua-a442413b-e95a-3372-b6b5-271a25820d15
42 B
103 B
Image
General
Full URL
https://u-iad04.e-planning.net/um?dc=e64f73568d2b3c34&fi=2dc5d7ef17b42550&uid=ua-a442413b-e95a-3372-b6b5-271a25820d15
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fow.pubmatic.com%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID
Protocol
H2
Server
172.98.26.245 Ashburn, United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

server
openresty
date
Fri, 18 Aug 2023 00:26:57 GMT
content-type
image/gif

Redirect headers

location
https://u-iad04.e-planning.net/um?dc=e64f73568d2b3c34&fi=2dc5d7ef17b42550&uid=ua-a442413b-e95a-3372-b6b5-271a25820d15
pragma
no-cache
date
Fri, 18 Aug 2023 00:26:57 GMT
cache-control
no-store
content-length
0
expires
0
um
sync.e-planning.net/ Frame 53E1
Redirect Chain
  • https://match.sharethrough.com/universal/v1?supply_id=H7IJBRjH
  • https://sync.e-planning.net/um?uid=bb326391-c238-40fd-9eb1-5876b565d721&dc=769fefa8321c94fb&iss=1
42 B
103 B
Image
General
Full URL
https://sync.e-planning.net/um?uid=bb326391-c238-40fd-9eb1-5876b565d721&dc=769fefa8321c94fb&iss=1
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fow.pubmatic.com%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID
Protocol
H2
Server
172.98.26.245 Ashburn, United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

server
openresty
date
Fri, 18 Aug 2023 00:26:58 GMT
content-type
image/gif

Redirect headers

location
https://sync.e-planning.net/um?uid=bb326391-c238-40fd-9eb1-5876b565d721&dc=769fefa8321c94fb&iss=1
date
Fri, 18 Aug 2023 00:26:58 GMT
content-length
0
um
u-iad04.e-planning.net/ Frame 53E1
Redirect Chain
  • https://cs.krushmedia.com/ec2cf90fdaaf74e7d94341d9392b3202.gif?redir=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3Df343cd610dc2b771%26fi%3D2dc5d7ef17b42550%26uid%3D%5BUID%5D
  • https://u-iad04.e-planning.net/um?dc=f343cd610dc2b771&fi=2dc5d7ef17b42550&uid=ca5955d1-d3ca-45a8-829a-c8784ff51cde
42 B
103 B
Image
General
Full URL
https://u-iad04.e-planning.net/um?dc=f343cd610dc2b771&fi=2dc5d7ef17b42550&uid=ca5955d1-d3ca-45a8-829a-c8784ff51cde
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fow.pubmatic.com%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID
Protocol
H2
Server
172.98.26.245 Ashburn, United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

server
openresty
date
Fri, 18 Aug 2023 00:26:58 GMT
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Fri, 18 Aug 2023 00:26:58 GMT
Server
nginx
Transfer-Encoding
chunked
Location
https://u-iad04.e-planning.net/um?dc=f343cd610dc2b771&fi=2dc5d7ef17b42550&uid=ca5955d1-d3ca-45a8-829a-c8784ff51cde
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Expires
0
um
u-iad04.e-planning.net/ Frame 53E1
Redirect Chain
  • https://cookies.nextmillmedia.com/sync?type=image&gdpr={{.GDPR}}&gdpr_consent={{.GDPRConsent}}&us_privacy={{.USPrivacy}}&redirect=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fuid%3D%5BNMUID%5D%26dc%...
  • https://u-iad04.e-planning.net/um?uid=&dc=b337141cfdc8cf59&fi=2dc5d7ef17b42550
0
0
Image
General
Full URL
https://u-iad04.e-planning.net/um?uid=&dc=b337141cfdc8cf59&fi=2dc5d7ef17b42550
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fow.pubmatic.com%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID
Protocol
H2
Server
172.98.26.245 Ashburn, United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Redirect headers

location
https://u-iad04.e-planning.net/um?uid=&dc=b337141cfdc8cf59&fi=2dc5d7ef17b42550
date
Fri, 18 Aug 2023 00:26:58 GMT
server
fasthttp
content-length
0
usync.html
eus.rubiconproject.com/ Frame A0BE
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?&p=eplanning_east&endpoint=us-east
  • https://eus.rubiconproject.com/usync.html?&p=eplanning_east&endpoint=us-east
281 B
401 B
Document
General
Full URL
https://eus.rubiconproject.com/usync.html?&p=eplanning_east&endpoint=us-east
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fow.pubmatic.com%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
72.247.65.83 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a72-247-65-83.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
content-encoding
gzip
content-length
233
content-type
text/html; charset=UTF-8
date
Fri, 18 Aug 2023 00:26:57 GMT
etag
"403b9-119-5ec73a0a33d00"
last-modified
Wed, 02 Nov 2022 02:30:44 GMT
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Fri, 18 Aug 2023 00:26:57 GMT
location
https://eus.rubiconproject.com/usync.html?&p=eplanning_east&endpoint=us-east
server
AkamaiGHost
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame EC99
15 KB
6 KB
Document
General
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D2dc5d7ef17b42550%26uid%3D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fow.pubmatic.com%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.22.40.190 Liljeholmen, Sweden, ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE),
Reverse DNS
a2-22-40-190.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=158044
content-encoding
gzip
content-length
5606
content-type
text/html
date
Fri, 18 Aug 2023 00:26:57 GMT
expires
Sat, 19 Aug 2023 20:21:01 GMT
last-modified
Tue, 11 Jul 2023 09:39:35 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
usermatch
ssum.casalemedia.com/ Frame 111C
Redirect Chain
  • https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D2dc5d7ef17b42550%26uid%3D
  • https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D2dc5d7ef17b42550%26uid%3D&s=190243&C=1
2 KB
2 KB
Document
General
Full URL
https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D2dc5d7ef17b42550%26uid%3D&s=190243&C=1
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fow.pubmatic.com%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
e159eae54b67eeb6bee46ca3acd7a62e28562998d9b12d77c193ab21698053f6

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
no-cache
Connection
Keep-Alive
Content-Length
1798
Content-Type
text/html
Date
Fri, 18 Aug 2023 00:26:58 GMT
Expires
0
Keep-Alive
timeout=1, max=499
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma
no-cache
Server
Apache

Redirect headers

Cache-Control
no-cache
Connection
Keep-Alive
Content-Length
0
Date
Fri, 18 Aug 2023 00:26:58 GMT
Expires
0
Keep-Alive
timeout=1, max=500
Location
/usermatch?cb=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D2dc5d7ef17b42550%26uid%3D&s=190243&C=1
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma
no-cache
Server
Apache
navegg_2022_01_br.html
i.e-planning.net/esb/4/1/3fb8/2c3914c3ca0f7642/ Frame 106A
1 KB
1000 B
Document
General
Full URL
https://i.e-planning.net/esb/4/1/3fb8/2c3914c3ca0f7642/navegg_2022_01_br.html
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fow.pubmatic.com%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.234.175.175 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
vip1.G-anycast1.cachefly.net
Software
CFS 0215 /
Resource Hash
fda04c7b27b3db6bda165e1d1324e7c475edc1f3cc06e927a78f739d74992fcb

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
max-age=157680000
cf4age
0
cf4ttl
157680000.000
content-encoding
gzip
content-length
624
content-type
text/html
date
Fri, 18 Aug 2023 00:26:57 GMT
etag
W/"61ddbb71-5f5"
expires
Tue, 18 Jul 2028 14:54:45 GMT
last-modified
Tue, 11 Jan 2022 17:16:33 GMT
server
CFS 0215
x-cf-reqid
7da4aa0aa56ee95b8db69ac7ae7bd211
x-cf-tsc
1689864885
x-cf1
29080:fB.yyz1:co:1585621119:cacheN.yyz1-01:H
x-cf2
H
x-cf3
M
x-cff
B
vpp.gif
itsallinanutshell.com/detroitchicago/
43 B
138 B
Image
General
Full URL
https://itsallinanutshell.com/detroitchicago/vpp.gif?e=%5B%7B%22url%22%3A%22https%3A%2F%2Fitsallinanutshell.com%2F%22%2C%22pageview_id%22%3A%22b64fd1ed-dd3c-48e3-456e-545eae58c815%22%2C%22template_id%22%3A134%2C%22player_name%22%3A%22ezoicvideo%22%2C%22domain_id%22%3A496996%2C%22media_src%22%3A%22%22%7D%5D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1f10:4c55:e23f:afb4:7f32:3aa4:fbc Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://itsallinanutshell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 00:26:58 GMT
content-encoding
br
vary
Accept-Encoding
content-type
image/gif
x-middleton-display
imp_sol
cache-control
private, max-age=0, must-revalidate, no-cache, no-store
content-length
47
expires
Thu, 17 Aug 2023 00:26:58 GMT
loader
api.retargetly.com/ Frame 53E1
12 KB
4 KB
Script
General
Full URL
https://api.retargetly.com/loader?id=1473
Requested by
Host: s.e-planning.net
URL: https://s.e-planning.net/esb/4/1/3fb8/7bb4893a30d21aef/retargetly_030920.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:108d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bc1780362682f417ae0ee6e2d5a4f3c1b7970cd751d0ff337310f7eaabdc30e5

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 00:26:58 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
content-type
application/javascript
access-control-allow-origin
*
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
cache-control
public, max-age=604800
cf-ray
7f8607412c6a4bcf-BUF
expires
Fri Aug 25 2023 00:26:58 GMT+0000 (Coordinated Universal Time)
/
onetag-sys.com/usync/ Frame 1734
2 KB
814 B
Document
General
Full URL
https://onetag-sys.com/usync/?pubId=5927d926323dc2c
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fow.pubmatic.com%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.222.39.185 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip185.ip-51-222-39.net
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
content-type
text/html
strict-transport-security
max-age=15552000
lt.min.js
tags.crwdcntrl.net/lt/c/15238/ Frame 53E1
58 KB
18 KB
Script
General
Full URL
https://tags.crwdcntrl.net/lt/c/15238/lt.min.js
Requested by
Host: s.e-planning.net
URL: https://s.e-planning.net/esb/4/0/1992d/f6ee63a0c2353004/lotame20220615.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.128.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-128-124.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c83ae168153d6d218a83314b17dc5a145e5860f34f1fe9a2863a4b75d7aa5e88

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 11:35:11 GMT
content-encoding
gzip
via
1.1 ee6e7a840d56ceb3b04e8ddd420dab06.cloudfront.net (CloudFront)
last-modified
Wed, 31 May 2023 20:08:40 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P4
age
46308
etag
W/"0c967603b7e4d32b78b7ca772270a5c4"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=86400
x-amz-cf-id
C8r_2P3HOp1ikE-Iy9jQQfiH4lchmcuaGgmBV2OGJP1LhuUNac7UvQ==
15581
rtb.gumgum.com/usync/ Frame 8F09
4 KB
1 KB
Document
General
Full URL
https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D2dc5d7ef17b42550%26uid%3D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fow.pubmatic.com%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.193.215.220 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-193-215-220.compute-1.amazonaws.com
Software
nginx /
Resource Hash
3f84745b37ee5be42c2bc7dbb5d28a99c40416981c378bc141f945fc19fd2e3f

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

content-encoding
gzip
content-type
text/html;charset=UTF-8
date
Fri, 18 Aug 2023 00:26:58 GMT
etag
W/"084496e04d0fb17ac464caadd684cb99e"
server
nginx
timing-allow-origin
*
sync
eb2.3lift.com/ Frame 6409
Redirect Chain
  • https://eb2.3lift.com/sync?redir=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fuid%3D%24UID%26dc%3D4d76b6ce34af74c9%26iss%3D1
  • https://eb2.3lift.com/sync?redir=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fuid%3D%24UID%26dc%3D4d76b6ce34af74c9%26iss%3D1&ld=1
1 KB
2 KB
Document
General
Full URL
https://eb2.3lift.com/sync?redir=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fuid%3D%24UID%26dc%3D4d76b6ce34af74c9%26iss%3D1&ld=1
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fow.pubmatic.com%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
1adad90acf544fdc1f70dfbdd12d6d53d8c5fba3ef7431c2ef4584a2243c3e5d

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
1322
content-type
text/html; charset=utf-8
date
Fri, 18 Aug 2023 00:26:58 GMT
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

cache-control
no-cache, no-store, must-revalidate
content-length
0
date
Fri, 18 Aug 2023 00:26:58 GMT
location
/sync?redir=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fuid%3D%24UID%26dc%3D4d76b6ce34af74c9%26iss%3D1&ld=1
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
setuid
ow.pubmatic.com/ Frame 3AF0
0
427 B
Document
General
Full URL
https://ow.pubmatic.com/setuid?bidder=eplanning&gdpr=&gdpr_consent=&gpp=&gpp_sid=&f=b&uid=ADnf5OZ4iiILhfdK
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fow.pubmatic.com%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.123 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

content-length
0
content-type
text/html
date
Fri, 18 Aug 2023 00:26:57 GMT
usync.js
eus.rubiconproject.com/ Frame A0BE
34 KB
10 KB
Script
General
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&p=eplanning_east&endpoint=us-east
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
72.247.65.83 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a72-247-65-83.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
f05698d815081e9ec8cb78b0175cd62943ef4982e9c6237a91b6c8bcf72a0ec6

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?&p=eplanning_east&endpoint=us-east
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 00:26:58 GMT
content-encoding
gzip
last-modified
Thu, 17 Aug 2023 04:13:08 GMT
server
Apache/2.2.15 (CentOS)
x-powered-by
PHP/5.3.3
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
cache-control
max-age=13569
content-length
10116
expires
Fri, 18 Aug 2023 04:13:07 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame EC99
5 KB
6 KB
Script
General
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=75216510&p=156631&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D2dc5d7ef17b42550%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.81 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
772d1c5b5b67693881f3be7b7964a80fd8e165a7effc84f145f66496be2bb388

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
date
Fri, 18 Aug 2023 00:26:56 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
khaos.jpg
token.rubiconproject.com/ Frame A0BE
284 B
934 B
Image
General
Full URL
https://token.rubiconproject.com/khaos.jpg?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&p=eplanning_east&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
8.43.72.98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type
image/jpg
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
284
X-RPHost
e1bf03b8e0c0366715a8d9abd31b9f35
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
usermatchredir
ssum-sec.casalemedia.com/ Frame 111C
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZN660gpfgXVAgUl4ibXoLAAABVMAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEFWijFB_Y3bHtQIs4dplRTg&google_cver=1
43 B
632 B
Image
General
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEFWijFB_Y3bHtQIs4dplRTg&google_cver=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D2dc5d7ef17b42550%26uid%3D&s=190243&C=1
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 18 Aug 2023 00:26:58 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Fri, 18 Aug 2023 00:26:58 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEFWijFB_Y3bHtQIs4dplRTg&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
364
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 111C
Redirect Chain
  • https://match.adsrvr.org/track/cmf/casale
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=0487fdef-dbcb-4472-91ea-091af86a64fb&expiration=1694910418&gdpr=0&gdpr_consent=
43 B
632 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=0487fdef-dbcb-4472-91ea-091af86a64fb&expiration=1694910418&gdpr=0&gdpr_consent=
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D2dc5d7ef17b42550%26uid%3D&s=190243&C=1
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 18 Aug 2023 00:26:58 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=0487fdef-dbcb-4472-91ea-091af86a64fb&expiration=1694910418&gdpr=0&gdpr_consent=
date
Fri, 18 Aug 2023 00:26:58 GMT
server
Kestrel
content-length
323
crum
dsum-sec.casalemedia.com/ Frame 111C
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZN660gpfgXVAgUl4ibXoLAAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESELWZ2H1cSvIe4c_2VB8MgkQ&google_cver=1
43 B
632 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESELWZ2H1cSvIe4c_2VB8MgkQ&google_cver=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D2dc5d7ef17b42550%26uid%3D&s=190243&C=1
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 18 Aug 2023 00:26:58 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Fri, 18 Aug 2023 00:26:58 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESELWZ2H1cSvIe4c_2VB8MgkQ&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame 111C
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZN660gpfgXVAgUl4ibXoLAAABVMAAAIB&gpp=&gpp_sid=
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZN660gpfgXVAgUl4ibXoLAAABVMAAAIB&gpp=&gpp_sid=&dcc=t
43 B
855 B
Image
General
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZN660gpfgXVAgUl4ibXoLAAABVMAAAIB&gpp=&gpp_sid=&dcc=t
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D2dc5d7ef17b42550%26uid%3D&s=190243&C=1
Protocol
HTTP/1.1
Server
52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 18 Aug 2023 00:26:58 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
A0KD1BZ3KT6580B6H7Y3
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 18 Aug 2023 00:26:58 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
VCTEGWANGSX7R3XSXJSB
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZN660gpfgXVAgUl4ibXoLAAABVMAAAIB&gpp=&gpp_sid=&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
ZN660gpfgXVAgUl4ibXoLAAABVMAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 111C
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=ZN660gpfgXVAgUl4ibXoLAAABVMAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=ZN660gpfgXVAgUl4ibXoLAAABVMAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=&verify=true
  • https://pr-bh.ybp.yahoo.com/sync/casale/ZN660gpfgXVAgUl4ibXoLAAABVMAAAIB
43 B
602 B
Image
General
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/ZN660gpfgXVAgUl4ibXoLAAABVMAAAIB
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D2dc5d7ef17b42550%26uid%3D&s=190243&C=1
Protocol
H2
Server
2600:1f18:4e9:5a01:3974:5cd2:89d:2ca0 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 00:26:58 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43

Redirect headers

location
https://pr-bh.ybp.yahoo.com/sync/casale/ZN660gpfgXVAgUl4ibXoLAAABVMAAAIB
date
Fri, 18 Aug 2023 00:26:58 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.75
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
CookieIndex
rtb.adentifi.com/ Frame 111C
0
35 B
Image
General
Full URL
https://rtb.adentifi.com/CookieIndex
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D2dc5d7ef17b42550%26uid%3D&s=190243&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
184.72.156.158 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-184-72-156-158.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 00:26:58 GMT
crum
dsum-sec.casalemedia.com/ Frame 111C
Redirect Chain
  • https://s.company-target.com/s/ix?cm_dsp_id=18&us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid=
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1708216018&external_user_id=e2deee73-398c-465f-aa2c-fae5ed15877b
43 B
632 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1708216018&external_user_id=e2deee73-398c-465f-aa2c-fae5ed15877b
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D2dc5d7ef17b42550%26uid%3D&s=190243&C=1
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 18 Aug 2023 00:26:58 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=498
Content-Length
43
Expires
0

Redirect headers

date
Fri, 18 Aug 2023 00:26:58 GMT
via
1.1 google
access-control-allow-methods
GET,OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
*.casalemedia.com
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1708216018&external_user_id=e2deee73-398c-465f-aa2c-fae5ed15877b
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
157
rum
r.casalemedia.com/ Frame 111C
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=48
  • https://r.casalemedia.com/rum?cm_dsp_id=64&external_user_id=07e245da-4f06-492e-b7a4-be6d629de3b9-64debad1-5553&gdpr=0&gdpr_consent=
43 B
632 B
Image
General
Full URL
https://r.casalemedia.com/rum?cm_dsp_id=64&external_user_id=07e245da-4f06-492e-b7a4-be6d629de3b9-64debad1-5553&gdpr=0&gdpr_consent=
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D2dc5d7ef17b42550%26uid%3D&s=190243&C=1
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 18 Aug 2023 00:26:58 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Fri, 18 Aug 2023 00:26:57 GMT
server
A
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://r.casalemedia.com/rum?cm_dsp_id=64&external_user_id=07e245da-4f06-492e-b7a4-be6d629de3b9-64debad1-5553&gdpr=0&gdpr_consent=
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
um
u-iad04.e-planning.net/ Frame 111C
42 B
103 B
Image
General
Full URL
https://u-iad04.e-planning.net/um?dc=99e41df815fd80b4&fi=2dc5d7ef17b42550&uid=ZN660gpfgXVAgUl4ibXoLAAA%261363
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3D2dc5d7ef17b42550%26uid%3D&s=190243&C=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
172.98.26.245 Ashburn, United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

server
openresty
date
Fri, 18 Aug 2023 00:26:58 GMT
content-type
image/gif
dcm
s.amazon-adsystem.com/ Frame 28EA
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=3b882453-6770-4785-baf8-a598533c054a&id=2A9490F3-08AC-45EE-95C7-6A357A3D2EFD&redir=true&gdpr=0&gdpr_consent=
  • https://s.amazon-adsystem.com/dcm?pid=3b882453-6770-4785-baf8-a598533c054a&id=2A9490F3-08AC-45EE-95C7-6A357A3D2EFD&redir=true&gdpr=0&gdpr_consent=&dcc=t
43 B
855 B
Document
General
Full URL
https://s.amazon-adsystem.com/dcm?pid=3b882453-6770-4785-baf8-a598533c054a&id=2A9490F3-08AC-45EE-95C7-6A357A3D2EFD&redir=true&gdpr=0&gdpr_consent=&dcc=t
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D2dc5d7ef17b42550%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Fri, 18 Aug 2023 00:26:58 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
6Q6774KH9YXKXKHN3X30

Redirect headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Date
Fri, 18 Aug 2023 00:26:58 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Location
https://s.amazon-adsystem.com/dcm?pid=3b882453-6770-4785-baf8-a598533c054a&id=2A9490F3-08AC-45EE-95C7-6A357A3D2EFD&redir=true&gdpr=0&gdpr_consent=&dcc=t
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
1DACMPHZ8HM1GTSDP787
Pug
image2.pubmatic.com/AdServer/ Frame 1B6D
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=&_bee_ppp=1
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFCT0ZrN0p2WFlBQUNxb0hMNVdJZw&gdpr=0&gdpr_consent=&bee_sync_partners=pp%2Csyn%2Csas%2Cpm&bee_sync_current_partner=adx&b...
  • https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=pp%2Csyn%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
  • https://bh.contextweb.com/bh/rtset?ev=AABOFk7JvXYAACqoHL5WIg&do=add&pid=558502&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dsyn%252Csas%252Cpm%26bee_sync_cur...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=syn%2Csas%2Cpm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=2&ev=AABOFk7JvXYAACqoHL5WIg&pid=558502&do=add&gd...
  • https://sync.technoratimedia.com/services?uid=AABOFk7JvXYAACqoHL5WIg&srv=cs&pid=73&cb=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26gdpr%3D0%26bee_sync_partners%3Dsas%252Cpm%26bee_syn...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&gdpr=0&bee_sync_partners=sas%2Cpm&bee_sync_current_partner=syn&bee_sync_initiator=adx&bee_sync_hop_count=3
  • https://rtb-csync.smartadserver.com/redir?partneruserid=AABOFk7JvXYAACqoHL5WIg&partnerid=127&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26gdpr%3D0%26bee_sync_partners%3Dpm%2...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&gdpr=0&bee_sync_partners=pm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=4&userid=8367935734482287302&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AABOFk7JvXYAACqoHL5WIg&gdpr=0&gdpr_consent=
42 B
200 B
Document
General
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AABOFk7JvXYAACqoHL5WIg&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D2dc5d7ef17b42550%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Fri, 18 Aug 2023 00:26:58 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Length
0
Date
Fri, 18 Aug 2023 00:26:58 GMT
Server
gunicorn
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AABOFk7JvXYAACqoHL5WIg&gdpr=0&gdpr_consent=
strict-transport-security
max-age=2592000; includeSubDomains
Pug
simage2.pubmatic.com/AdServer/ Frame 71CF
Redirect Chain
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4664318827337647392&gdpr=0&gdpr_consent=
42 B
448 B
Document
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4664318827337647392&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D2dc5d7ef17b42550%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Fri, 18 Aug 2023 00:26:58 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
access-control-allow-origin
*
an-x-request-uuid
82335e07-40df-494c-9aee-a983430b8790
cache-control
no-store, no-cache, private
content-length
0
content-type
text/html; charset=utf-8
date
Fri, 18 Aug 2023 00:26:58 GMT
expires
Sat, 15 Nov 2008 16:00:00 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4664318827337647392&gdpr=0&gdpr_consent=
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
pragma
no-cache
server
nginx/1.21.3
x-proxy-origin
96.9.249.38; 96.9.249.38; 797.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
x-xss-protection
0
Pug
simage2.pubmatic.com/AdServer/ Frame 536E
Redirect Chain
  • https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
  • https://cm.adgrx.com/bridge.gif?AG_PID=pubmatic&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=f1351930-3d5d-11ee-8703-719c24424d7a
42 B
244 B
Document
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=f1351930-3d5d-11ee-8703-719c24424d7a
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D2dc5d7ef17b42550%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Fri, 18 Aug 2023 00:26:58 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, proxy-revalidate
content-length
0
content-type
image/gif
date
Fri, 18 Aug 2023 00:26:58 GMT
expires
Thu, 23 Sep 2004 17:42:04 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=f1351930-3d5d-11ee-8703-719c24424d7a
p3p
CP="NOI OTC OTP OUR NOR"
pragma
no-cache
server
Cowboy
x-realserver-nx
lga-delivery-3
b9pj45k4
sync-tm.everesttech.net/ct/upi/pid/ Frame A512
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_con...
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_...
85 B
227 B
Document
General
Full URL
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZN660gAJaLisYgAb
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D2dc5d7ef17b42550%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Jetty(9.4.35.v20201120) /
Resource Hash
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
no-cache
content-length
85
content-type
image/png
date
Fri, 18 Aug 2023 00:26:58 GMT
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
pragma
no-cache
server
Jetty(9.4.35.v20201120)
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-yyz4533-YYZ
x-timer
S1692318418.302689,VS0,VE21

Redirect headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
no-cache
content-length
0
date
Fri, 18 Aug 2023 00:26:58 GMT
location
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZN660gAJaLisYgAb
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
pragma
no-cache
server
Jetty(9.4.35.v20201120)
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-yyz4533-YYZ
x-timer
S1692318418.246836,VS0,VE21
141
match.deepintent.com/usersync/ Frame 94C7
0
222 B
Document
General
Full URL
https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D2dc5d7ef17b42550%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
38.91.45.7 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
Software
b /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

content-length
0
content-type
image/gif
date
Fri, 18 Aug 2023 00:26:57 GMT
p3p
policyref='http://cdn.deepintent.com/p3p.xml', CP='NON CUR DEV TAI'
server
b
Pug
image2.pubmatic.com/AdServer/ Frame 93F8
Redirect Chain
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=gIxBK9TZRiibjkEshNwIf4SIQyybiUZ5hN6vObuc
42 B
341 B
Document
General
Full URL
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=gIxBK9TZRiibjkEshNwIf4SIQyybiUZ5hN6vObuc
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D2dc5d7ef17b42550%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Fri, 18 Aug 2023 00:26:58 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
date
Fri, 18 Aug 2023 00:26:58 GMT
expires
Fri, 04 Aug 1978 12:00:00 GMT
location
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=gIxBK9TZRiibjkEshNwIf4SIQyybiUZ5hN6vObuc
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
pragma
no-cache
strict-transport-security
max-age=86400
usersync.aspx
dis.criteo.com/dis/ Frame 6C00
43 B
363 B
Document
General
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D2dc5d7ef17b42550%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.150 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-cache
content-type
image/gif
cross-origin-resource-policy
cross-origin
date
Fri, 18 Aug 2023 00:26:58 GMT
expires
Fri, 18 Aug 2023 00:00:00 GMT
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
327954
strict-transport-security
max-age=31536000; preload;
x-errorlevel
0
Pug
simage2.pubmatic.com/AdServer/ Frame 4EA1
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=9Son5ZY7UStD4HYH8estYmAJ-SY&gdpr=0&gdpr_consent=
42 B
298 B
Document
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=9Son5ZY7UStD4HYH8estYmAJ-SY&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D2dc5d7ef17b42550%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Fri, 18 Aug 2023 00:26:57 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Length
188
Content-Type
text/html; charset=utf-8
Date
Fri, 18 Aug 2023 00:26:58 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=9Son5ZY7UStD4HYH8estYmAJ-SY&gdpr=0&gdpr_consent=
Pug
simage2.pubmatic.com/AdServer/ Frame ED3C
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:ISyfZg9D1QwNkm5&gdpr=0&gdpr_consent=
42 B
223 B
Document
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:ISyfZg9D1QwNkm5&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D2dc5d7ef17b42550%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Fri, 18 Aug 2023 00:26:57 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Date
Fri, 18 Aug 2023 00:26:57 GMT
Expires
Fri, 01 Jan 1990 00:00:00 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:ISyfZg9D1QwNkm5&gdpr=0&gdpr_consent=
Pragma
no-cache
Server
PingMatch/v2.0.30-788-g55788f4#dev-temp-decrease-retargeting-updates-batch i-0cf1e930eefac2861@us-east-1b@dxedge-app-us-east-1-prod-asg
Strict-Transport-Security
max-age=2592000; includeSubDomains
Pug
image2.pubmatic.com/AdServer/ Frame 3517
Redirect Chain
  • https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=970033166257797130
42 B
194 B
Document
General
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=970033166257797130
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D2dc5d7ef17b42550%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Fri, 18 Aug 2023 00:26:57 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Content-Length
0
Date
Fri, 18 Aug 2023 00:26:58 GMT
Location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=970033166257797130
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Server
Jetty(9.4.51.v20230217)
pbmtc.gif
beacon.lynx.cognitivlabs.com/ Frame 66F5
Redirect Chain
  • https://beacon.lynx.cognitivlabs.com/pbmtc.gif?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0xJnR5cGU9MSZjb2RlPTM0MzkmdGw9MTI5NjAw&piggybackCookie=$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0xJnR5cGU9MSZjb2RlPTM0MzkmdGw9MTI5NjAw&piggybackCookie=cf403ff7-c356-4a56-869f-6d0a3a0a9d8c&r=https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=$...
  • https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=2A9490F3-08AC-45EE-95C7-6A357A3D2EFD
42 B
499 B
Document
General
Full URL
https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=2A9490F3-08AC-45EE-95C7-6A357A3D2EFD
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D2dc5d7ef17b42550%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.196.72.67 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-196-72-67.compute-1.amazonaws.com
Software
Kestrel /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Connection
keep-alive
Content-Length
42
Content-Type
image/gif
Date
Fri, 18 Aug 2023 00:26:58 GMT
Server
Kestrel

Redirect headers

cache-control
no-store, no-cache, private
date
Fri, 18 Aug 2023 00:26:57 GMT
location
https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=2A9490F3-08AC-45EE-95C7-6A357A3D2EFD
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
Pug
simage2.pubmatic.com/AdServer/ Frame A918
Redirect Chain
  • https://ad.mrtnsvr.com/sync/pubmatic?gdpr=0&gdpr_consent=
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw%26piggybackCookie%3D%23PM_USER_ID%26gdpr...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw&piggybackCookie=2A9490F3-08AC-45EE-95C7-6A357A3D2EFD&gdpr=0&gdpr_consent=
42 B
324 B
Document
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw&piggybackCookie=2A9490F3-08AC-45EE-95C7-6A357A3D2EFD&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D2dc5d7ef17b42550%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Fri, 18 Aug 2023 00:26:58 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
content-type
text/html; charset=UTF-8
date
Fri, 18 Aug 2023 00:26:58 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw&piggybackCookie=2A9490F3-08AC-45EE-95C7-6A357A3D2EFD&gdpr=0&gdpr_consent=
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Pug
simage2.pubmatic.com/AdServer/ Frame CA7F
Redirect Chain
  • https://ums.acuityplatform.com/tum?umid=6
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=815211786820
42 B
208 B
Document
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=815211786820
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D2dc5d7ef17b42550%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Fri, 18 Aug 2023 00:26:58 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Access-Control-Allow-Origin
*
Content-Length
0
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=815211786820
i.match
s.tribalfusion.com/z/ Frame 99FD
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATI...
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMA...
43 B
430 B
Document
General
Full URL
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D2dc5d7ef17b42550%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache private
cf-cache-status
DYNAMIC
cf-ray
7f860743e9074bc1-BUF
content-length
43
content-type
image/gif; charset=utf-8
date
Fri, 18 Aug 2023 00:26:58 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
p3p
CP="NOI DEVo TAIa OUR BUS"
pragma
no-cache
server
cloudflare
x-function
302

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache private
cf-cache-status
DYNAMIC
cf-ray
7f860742b9024bc1-BUF
content-type
text/html
date
Fri, 18 Aug 2023 00:26:58 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
p3p
CP="NOI DEVo TAIa OUR BUS"
pragma
no-cache
server
cloudflare
x-function
206
x-reuse-index
1440
Pug
simage2.pubmatic.com/AdServer/ Frame A45E
Redirect Chain
  • https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token}
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
0
74 B
Document
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D2dc5d7ef17b42550%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Fri, 18 Aug 2023 00:26:57 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
date
Fri, 18 Aug 2023 00:26:58 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
server
_
um
u-iad04.e-planning.net/ Frame 6FF7
42 B
103 B
Document
General
Full URL
https://u-iad04.e-planning.net/um?dc=a208d9366469aa64&fi=2dc5d7ef17b42550&uid=2A9490F3-08AC-45EE-95C7-6A357A3D2EFD
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D2dc5d7ef17b42550%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
172.98.26.245 Ashburn, United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

content-type
image/gif
date
Fri, 18 Aug 2023 00:26:58 GMT
server
openresty
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame EC99
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=KpSQ8wisRe6Vx2o1ej0u_Q%3D%3D&gdpr=0&gdpr_consent=
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
15 KB
15 KB
Image
General
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D2dc5d7ef17b42550%26uid%3D
Protocol
H2
Server
2.22.40.190 Liljeholmen, Sweden, ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE),
Reverse DNS
a2-22-40-190.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 00:26:58 GMT
content-encoding
gzip
last-modified
Tue, 11 Jul 2023 09:39:35 GMT
server
Apache
vary
Accept-Encoding
content-type
text/html
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=158043
accept-ranges
bytes
content-length
5606
expires
Sat, 19 Aug 2023 20:21:01 GMT

Redirect headers

pragma
no-cache
date
Fri, 18 Aug 2023 00:26:58 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
receive
pixel.tapad.com/idsync/ex/ Frame EC99
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3371&partner_device_id=2A9490F3-08AC-45EE-95C7-6A357A3D2EFD
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3371&partner_device_id=2A9490F3-08AC-45EE-95C7-6A357A3D2EFD
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=ab9d17c0-c81c-44b4-a9b0-0faebcbda11d%252C%252C&gdpr=0&gdpr_consent=
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=0487fdef-dbcb-4472-91ea-091af86a64fb&ttd_puid=ab9d17c0-c81c-44b4-a9b0-0faebcbda11d%2C%2C
95 B
124 B
Image
General
Full URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=0487fdef-dbcb-4472-91ea-091af86a64fb&ttd_puid=ab9d17c0-c81c-44b4-a9b0-0faebcbda11d%2C%2C
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D2dc5d7ef17b42550%26uid%3D
Protocol
H3
Server
34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
62.113.111.34.bc.googleusercontent.com
Software
Jetty(11.0.13) /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 00:26:58 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
content-type
image/png
access-control-allow-origin
*
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95

Redirect headers

location
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=0487fdef-dbcb-4472-91ea-091af86a64fb&ttd_puid=ab9d17c0-c81c-44b4-a9b0-0faebcbda11d%2C%2C
date
Fri, 18 Aug 2023 00:26:58 GMT
server
Kestrel
content-length
359
FZt5psomz79DGe~O1V5PkX7S8-NVJIdw0INR-k~Duu9c36GyIDyElf4y8fa2~-9InNSq4BCadyu-8tQSiIkaVleT~Yh8GI4ocNSeo4~API4DJEsYNIMg2sPMMXvjcckTUFy53ZYw3gzv35jSAchydRkSr2XFgqe-kzzlKTlv1VT7-TlAc0PcX7nFzbKlHypwbpU3A...
us01.z.antigena.com/l/ Frame EC99
0
0
Image
General
Full URL
https://us01.z.antigena.com/l/FZt5psomz79DGe~O1V5PkX7S8-NVJIdw0INR-k~Duu9c36GyIDyElf4y8fa2~-9InNSq4BCadyu-8tQSiIkaVleT~Yh8GI4ocNSeo4~API4DJEsYNIMg2sPMMXvjcckTUFy53ZYw3gzv35jSAchydRkSr2XFgqe-kzzlKTlv1VT7-TlAc0PcX7nFzbKlHypwbpU3AWUAJgUx%202A9490F3-08AC-45EE-95C7-6A357A3D2EFD&rnd=RND
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D2dc5d7ef17b42550%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
40.76.134.238 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

xuid
eb2.3lift.com/ Frame EC99
37 B
354 B
Image
General
Full URL
https://eb2.3lift.com/xuid?mid=7976&xuid=2A9490F3-08AC-45EE-95C7-6A357A3D2EFD&dongle=u6nf&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D2dc5d7ef17b42550%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-type
image/gif
date
Fri, 18 Aug 2023 00:26:58 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
Pug
image2.pubmatic.com/AdServer/ Frame EC99
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MkE5NDkwRjMtMDhBQy00NUVFLTk1QzctNkEzNTdBM0QyRUZE&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
95 B
Image
General
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D2dc5d7ef17b42550%26uid%3D
Protocol
H2
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Fri, 18 Aug 2023 00:26:58 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Fri, 18 Aug 2023 00:26:58 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame EC99
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESELjFEQdiVWzBeaSqyv7wAb8&google_cver=1
42 B
268 B
Image
General
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESELjFEQdiVWzBeaSqyv7wAb8&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D2dc5d7ef17b42550%26uid%3D
Protocol
H2
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Fri, 18 Aug 2023 00:26:58 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Fri, 18 Aug 2023 00:26:58 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESELjFEQdiVWzBeaSqyv7wAb8&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame EC99
Redirect Chain
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:7ECD5403DF2A44CEA68AD742A23A3A42
42 B
326 B
Image
General
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:7ECD5403DF2A44CEA68AD742A23A3A42
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D2dc5d7ef17b42550%26uid%3D
Protocol
H2
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Fri, 18 Aug 2023 00:26:57 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

date
Fri, 18 Aug 2023 00:26:58 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:7ECD5403DF2A44CEA68AD742A23A3A42
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Thu, 17 Aug 2023 00:26:58 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame EC99
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=0487fdef-dbcb-4472-91ea-091af86a64fb&gdpr=0&gdpr_consent=
42 B
358 B
Image
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=0487fdef-dbcb-4472-91ea-091af86a64fb&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D2dc5d7ef17b42550%26uid%3D
Protocol
H2
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Fri, 18 Aug 2023 00:26:57 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=0487fdef-dbcb-4472-91ea-091af86a64fb&gdpr=0&gdpr_consent=
date
Fri, 18 Aug 2023 00:26:58 GMT
server
Kestrel
content-length
355
2A9490F3-08AC-45EE-95C7-6A357A3D2EFD
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame EC99
43 B
602 B
Image
General
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/2A9490F3-08AC-45EE-95C7-6A357A3D2EFD?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D2dc5d7ef17b42550%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:4e9:5a01:3974:5cd2:89d:2ca0 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 00:26:58 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
SPug
image4.pubmatic.com/AdServer/ Frame EC99
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=2A9490F3-08AC-45EE-95C7-6A357A3D2EFD&redir=true&gdpr=0&gdpr_consent=
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=2A9490F3-08AC-45EE-95C7-6A357A3D2EFD&redir=true&gdpr=0&gdpr_consent=&verify=true
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-xA5YrAJE2uWExMkcRP4rrY1R.gEmzxU-~A&gdpr=0
0
260 B
Image
General
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-xA5YrAJE2uWExMkcRP4rrY1R.gEmzxU-~A&gdpr=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D2dc5d7ef17b42550%26uid%3D
Protocol
H2
Server
162.248.18.34 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 00:26:58 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-xA5YrAJE2uWExMkcRP4rrY1R.gEmzxU-~A&gdpr=0
date
Fri, 18 Aug 2023 00:26:58 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.75
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Pug
simage2.pubmatic.com/AdServer/ Frame EC99
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2700558205676423679&gdpr=0&gdpr_consent=&us_privacy=
1 B
176 B
Image
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2700558205676423679&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D2dc5d7ef17b42550%26uid%3D
Protocol
H2
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Fri, 18 Aug 2023 00:26:58 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2700558205676423679&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Fri, 18 Aug 2023 00:26:57 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
Pug
simage2.pubmatic.com/AdServer/ Frame EC99
Redirect Chain
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=2A9490F3-08AC-45EE-95C7-6A357A3D2EFD&gdpr=0&gdpr_consent=
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=57d9f24b19e51493&is_secure=true&networkId=17100&version=1&nuid=2A9490F3-08AC-45EE-95C7-6A357A3D2EFD&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAFnL4wPr7wQAMyfGjqAAAAAAA&expiration=1692404818&nuid=2A9490F3-08AC-45EE-95C7-6A357A3D2EFD&...
42 B
266 B
Image
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAFnL4wPr7wQAMyfGjqAAAAAAA&expiration=1692404818&nuid=2A9490F3-08AC-45EE-95C7-6A357A3D2EFD&is_secure=true&gdpr_consent=&gdpr=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D2dc5d7ef17b42550%26uid%3D
Protocol
H2
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Fri, 18 Aug 2023 00:26:58 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Fri, 18 Aug 2023 00:26:58 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAFnL4wPr7wQAMyfGjqAAAAAAA&expiration=1692404818&nuid=2A9490F3-08AC-45EE-95C7-6A357A3D2EFD&is_secure=true&gdpr_consent=&gdpr=0
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
Pug
simage2.pubmatic.com/AdServer/ Frame EC99
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_cons...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=0b7fda1c-fda1-41ac-b91d-d0575c6881ca&gdpr=0&gdpr_consent=
1 B
255 B
Image
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=0b7fda1c-fda1-41ac-b91d-d0575c6881ca&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D2dc5d7ef17b42550%26uid%3D
Protocol
H2
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Fri, 18 Aug 2023 00:26:57 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=0b7fda1c-fda1-41ac-b91d-d0575c6881ca&gdpr=0&gdpr_consent=
Date
Fri, 18 Aug 2023 00:26:58 GMT
Connection
keep-alive
X-CI-RTID
76cad3c6-142a-4161-8ac4-cbf92bd55dac
Content-Length
205
Content-Type
text/html; charset=utf-8
Pug
simage2.pubmatic.com/AdServer/ Frame EC99
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=pubmatic&bsw_custom_parameter=99a3228b-b5ec-4ed0-ab3b-c41988f8f0a6&gdpr=0&gdpr_consent=
  • https://ads.creative-serving.com/ul_cb/bsw_sync?bidswitch_ssp_id=pubmatic&bsw_custom_parameter=99a3228b-b5ec-4ed0-ab3b-c41988f8f0a6&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/sync?dsp_id=4&user_id=ba79f4b0-2c67-44c6-a073-33e99fa5210b&ssp=pubmatic&expires=30&user_group=5&bsw_param=99a3228b-b5ec-4ed0-ab3b-c41988f8f0a6
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=99a3228b-b5ec-4ed0-ab3b-c41988f8f0a6&gdpr=&gdpr_consent=&gdpr_pd=
1 B
166 B
Image
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=99a3228b-b5ec-4ed0-ab3b-c41988f8f0a6&gdpr=&gdpr_consent=&gdpr_pd=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D2dc5d7ef17b42550%26uid%3D
Protocol
H2
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Fri, 18 Aug 2023 00:26:57 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
//simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=99a3228b-b5ec-4ed0-ab3b-c41988f8f0a6&gdpr=&gdpr_consent=&gdpr_pd=
Date
Fri, 18 Aug 2023 00:26:58 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
CookieSyncPubMatic&gdpr=0&gdpr_consent=
rtb.adentifi.com/ Frame EC99
0
34 B
Image
General
Full URL
https://rtb.adentifi.com/CookieSyncPubMatic&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D2dc5d7ef17b42550%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
184.72.156.158 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-184-72-156-158.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 00:26:58 GMT
sn.ashx
pmp.mxptint.net/ Frame EC99
Redirect Chain
  • https://pmp.mxptint.net/sn.ashx?&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjc0NCZ0bD0xNTc2ODAw&piggybackCookie=R33647_107939190_FD337958&r=https://pmp.mxptint.net/sn.ashx?ak=1
  • https://pmp.mxptint.net/sn.ashx?ak=1
43 B
266 B
Image
General
Full URL
https://pmp.mxptint.net/sn.ashx?ak=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D2dc5d7ef17b42550%26uid%3D
Protocol
HTTP/1.1
Server
38.98.69.175 New York, United States, ASN174 (COGENT-174, US),
Reverse DNS
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
Security Headers
Name Value
Strict-Transport-Security max-age=-375323196; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Expires
-1
Pragma
no-cache
Date
Fri, 18 Aug 2023 00:26:58 GMT
Cache-Control
no-cache
Strict-Transport-Security
max-age=-375323196; includeSubDomains
Content-Length
43
Content-Type
image/gif

Redirect headers

location
https://pmp.mxptint.net/sn.ashx?ak=1
date
Fri, 18 Aug 2023 00:26:58 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Pug
image2.pubmatic.com/AdServer/ Frame EC99
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=07e245da-4f06-492e-b7a4-be6d629de3b9-64debad1-5553&gdpr=0&gdpr_consent=
42 B
493 B
Image
General
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=07e245da-4f06-492e-b7a4-be6d629de3b9-64debad1-5553&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D2dc5d7ef17b42550%26uid%3D
Protocol
H2
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Fri, 18 Aug 2023 00:26:58 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Fri, 18 Aug 2023 00:26:57 GMT
server
A
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=07e245da-4f06-492e-b7a4-be6d629de3b9-64debad1-5553&gdpr=0&gdpr_consent=
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame EC99
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=6684631721631464360
42 B
244 B
Image
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=6684631721631464360
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D2dc5d7ef17b42550%26uid%3D
Protocol
H2
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Fri, 18 Aug 2023 00:26:58 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Fri, 18 Aug 2023 00:26:58 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=6684631721631464360
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
usersync
usersync.gumgum.com/ Frame 8F09
Redirect Chain
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID
  • https://usersync.gumgum.com/usersync?b=apn&i=4664318827337647392
35 B
250 B
Image
General
Full URL
https://usersync.gumgum.com/usersync?b=apn&i=4664318827337647392
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D2dc5d7ef17b42550%26uid%3D
Protocol
HTTP/1.1
Server
3.214.33.241 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-214-33-241.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Fri, 18 Aug 2023 00:26:58 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

pragma
no-cache
date
Fri, 18 Aug 2023 00:26:58 GMT
an-x-request-uuid
1b0771b5-62cb-4fe6-84a9-4b3cef48de77
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://usersync.gumgum.com/usersync?b=apn&i=4664318827337647392
x-proxy-origin
96.9.249.38; 96.9.249.38; 797.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
usersync
usersync.gumgum.com/ Frame 8F09
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=u_889558d4-7cf8-4390-b256-922540a4a1b8&gdpr=&gdpr_consent=&us_privacy=
  • https://x.bidswitch.net/ul_cb/sync?ssp=gumgum2&user_id=u_889558d4-7cf8-4390-b256-922540a4a1b8&gdpr=&gdpr_consent=&us_privacy=
  • https://c1.adform.net/serving/cookie/match/?party=24&bidswitch_ssp_id=gumgum2
  • https://x.bidswitch.net/sync?dsp_id=70&user_id=6684631721631464360&ssp=gumgum2
  • https://usersync.gumgum.com/usersync?b=bsw&i=99a3228b-b5ec-4ed0-ab3b-c41988f8f0a6&gdpr=&gdpr_consent=&us_privacy=
35 B
250 B
Image
General
Full URL
https://usersync.gumgum.com/usersync?b=bsw&i=99a3228b-b5ec-4ed0-ab3b-c41988f8f0a6&gdpr=&gdpr_consent=&us_privacy=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D2dc5d7ef17b42550%26uid%3D
Protocol
HTTP/1.1
Server
3.214.33.241 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-214-33-241.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Fri, 18 Aug 2023 00:26:58 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
//usersync.gumgum.com/usersync?b=bsw&i=99a3228b-b5ec-4ed0-ab3b-c41988f8f0a6&gdpr=&gdpr_consent=&us_privacy=
Date
Fri, 18 Aug 2023 00:26:58 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
cookie-sync
sync.outbrain.com/ Frame 8F09
Redirect Chain
  • https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=&gdprConsent=&platformRdUrl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRd...
  • https://usersync.gumgum.com/usersync?b=obn&i=ENC%28_jUAIpdXDsgbmIPKapa1lgNlarj9q4fI4VXDvTpbdL3UwiS4ScOZuZEC-WgxpMJW%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%...
  • https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=u_889558d4-7cf8-4390-b256-922540a4a1b8&obuid=ENC(_jUAIpdXDsgbmIPKapa1lgNlarj9q4fI4VXDvTpbdL3UwiS4ScOZuZEC-WgxpMJW)
  • https://sync.outbrain.com/syncPlatform?platformId=GUMGU18H7EL9NI653I7DPEH51
  • https://ice.360yield.com/server_match?partner_id=1863&r=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dimprove_digital%26uid%3D%7BPUB_USER_ID%7D%26obUid%3D_jUAIpdXDsgbmIPKapa1lgNlarj9q4fI4VXDv...
  • https://sync.outbrain.com/cookie-sync?p=improve_digital&uid=6e611e0d-248a-42aa-aae5-d95b1b85c6a2&obUid=_jUAIpdXDsgbmIPKapa1lgNlarj9q4fI4VXDvTpbdL3UwiS4ScOZuZEC-WgxpMJW&gdpr=$GDPR_APPLIES&gdpr_conse...
  • https://creativecdn.com/cm-notify?pi=outbrain&obUid=_jUAIpdXDsgbmIPKapa1lgNlarj9q4fI4VXDvTpbdL3UwiS4ScOZuZEC-WgxpMJW&gdpr=%24GDPR_APPLIES&gdpr_consent=%24CONSNT_STRING&us_privacy=%24CCPA&initiator=...
  • https://sync.outbrain.com/cookie-sync?p=rtbhouse&uid=IQenns9db6STUgZpbm9c&pi=outbrain&obUid=_jUAIpdXDsgbmIPKapa1lgNlarj9q4fI4VXDvTpbdL3UwiS4ScOZuZEC-WgxpMJW&gdpr=%24GDPR_APPLIES&gdpr_consent=%24CON...
0
145 B
Image
General
Full URL
https://sync.outbrain.com/cookie-sync?p=rtbhouse&uid=IQenns9db6STUgZpbm9c&pi=outbrain&obUid=_jUAIpdXDsgbmIPKapa1lgNlarj9q4fI4VXDvTpbdL3UwiS4ScOZuZEC-WgxpMJW&gdpr=%24GDPR_APPLIES&gdpr_consent=%24CONSNT_STRING&us_privacy=%24CCPA&initiator=platform
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D2dc5d7ef17b42550%26uid%3D
Protocol
HTTP/1.1
Server
64.202.112.127 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date
Fri, 18 Aug 2023 00:26:58 GMT
Cache-Control
no-cache
X-TraceId
0cfbc87ead707d37722614f52ddcdcf5
Content-Length
0

Redirect headers

location
https://sync.outbrain.com/cookie-sync?p=rtbhouse&uid=IQenns9db6STUgZpbm9c&pi=outbrain&obUid=_jUAIpdXDsgbmIPKapa1lgNlarj9q4fI4VXDvTpbdL3UwiS4ScOZuZEC-WgxpMJW&gdpr=%24GDPR_APPLIES&gdpr_consent=%24CONSNT_STRING&us_privacy=%24CCPA&initiator=platform
pragma
no-cache
date
Fri, 18 Aug 2023 00:26:58 GMT, Fri, 18 Aug 2023 00:26:58 GMT
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
usersync
usersync.gumgum.com/ Frame 8F09
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
  • https://us-u.openx.net/w/1.0/cm?cc=1&_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
  • https://usersync.gumgum.com/usersync?b=opx&i=263db34f-8daa-411c-94e5-cda64ffe75fd
35 B
250 B
Image
General
Full URL
https://usersync.gumgum.com/usersync?b=opx&i=263db34f-8daa-411c-94e5-cda64ffe75fd
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D2dc5d7ef17b42550%26uid%3D
Protocol
HTTP/1.1
Server
3.214.33.241 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-214-33-241.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Fri, 18 Aug 2023 00:26:58 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

date
Fri, 18 Aug 2023 00:26:58 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://usersync.gumgum.com/usersync?b=opx&i=263db34f-8daa-411c-94e5-cda64ffe75fd
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
usersync
usersync.gumgum.com/ Frame 8F09
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=sta&i=0-f52a27e5-963b-512b-43e0-7607f1eb2d62$ip$96.9.249.38
35 B
250 B
Image
General
Full URL
https://usersync.gumgum.com/usersync?b=sta&i=0-f52a27e5-963b-512b-43e0-7607f1eb2d62$ip$96.9.249.38
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D2dc5d7ef17b42550%26uid%3D
Protocol
HTTP/1.1
Server
3.214.33.241 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-214-33-241.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Fri, 18 Aug 2023 00:26:58 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
https://usersync.gumgum.com/usersync?b=sta&i=0-f52a27e5-963b-512b-43e0-7607f1eb2d62$ip$96.9.249.38
Date
Fri, 18 Aug 2023 00:26:58 GMT
Connection
keep-alive
Content-Length
125
Content-Type
text/html; charset=utf-8
usersync
usersync.gumgum.com/ Frame 8F09
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=oth&i=y-l0zEqZ9E2pcWxKnEaBoZsYCAxHNWngT_LPdV~A
35 B
250 B
Image
General
Full URL
https://usersync.gumgum.com/usersync?b=oth&i=y-l0zEqZ9E2pcWxKnEaBoZsYCAxHNWngT_LPdV~A
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D2dc5d7ef17b42550%26uid%3D
Protocol
HTTP/1.1
Server
3.214.33.241 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-214-33-241.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Fri, 18 Aug 2023 00:26:58 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

date
Fri, 18 Aug 2023 00:26:58 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://usersync.gumgum.com/usersync?b=oth&i=y-l0zEqZ9E2pcWxKnEaBoZsYCAxHNWngT_LPdV~A
content-length
0
usersync
usersync.gumgum.com/ Frame 8F09
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%...
  • https://usersync.gumgum.com/usersync?b=vnt&i=155c8ce4-fcf7-4cee-8d64-d2c9a4d62452
35 B
250 B
Image
General
Full URL
https://usersync.gumgum.com/usersync?b=vnt&i=155c8ce4-fcf7-4cee-8d64-d2c9a4d62452
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D2dc5d7ef17b42550%26uid%3D
Protocol
HTTP/1.1
Server
3.214.33.241 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-214-33-241.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Fri, 18 Aug 2023 00:26:58 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
https://usersync.gumgum.com/usersync?b=vnt&i=155c8ce4-fcf7-4cee-8d64-d2c9a4d62452
Date
Fri, 18 Aug 2023 00:26:58 GMT
Connection
keep-alive
X-CI-RTID
8d593226-0b7a-47e7-a0bc-4e0fdb63852e
Content-Length
108
Content-Type
text/html; charset=utf-8
142
match.deepintent.com/usersync/ Frame 8F09
0
127 B
Image
General
Full URL
https://match.deepintent.com/usersync/142?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Ddit%26i%3D%24%7BDI_USER_ID%7D
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D2dc5d7ef17b42550%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
38.91.45.7 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
Software
b /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-type
image/gif
date
Fri, 18 Aug 2023 00:26:57 GMT
server
b
content-length
0
p3p
policyref='http://cdn.deepintent.com/p3p.xml', CP='NON CUR DEV TAI'
usersync
usersync.gumgum.com/ Frame 8F09
Redirect Chain
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=u_889558d4-7cf8-4390-b256-922540a4a1b8&gdpr=&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__
  • https://stags.bluekai.com/site/23178?id=XCrfLrjrE8jfTLEMuA7H&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LO...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTJHVMEG4TGJRZGU4SFHBVGMVCMIVGXKQJXJA
  • https://usersync.gumgum.com/usersync?b=zem&i=XCrfLrjrE8jfTLEMuA7H
35 B
250 B
Image
General
Full URL
https://usersync.gumgum.com/usersync?b=zem&i=XCrfLrjrE8jfTLEMuA7H
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D2dc5d7ef17b42550%26uid%3D
Protocol
HTTP/1.1
Server
3.214.33.241 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-214-33-241.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Fri, 18 Aug 2023 00:26:58 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Pragma
no-cache
Date
Fri, 18 Aug 2023 00:26:58 GMT
Content-Type
text/html; charset=utf-8
Location
https://usersync.gumgum.com/usersync?b=zem&i=XCrfLrjrE8jfTLEMuA7H
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
92
Expires
Thu, 01 Dec 1994 16:00:00 GMT
usersync
usersync.gumgum.com/ Frame 8F09
Redirect Chain
  • https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
  • https://ad.360yield.com/ul_cb/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
  • https://usersync.gumgum.com/usersync?b=idi&i=6e611e0d-248a-42aa-aae5-d95b1b85c6a2
35 B
250 B
Image
General
Full URL
https://usersync.gumgum.com/usersync?b=idi&i=6e611e0d-248a-42aa-aae5-d95b1b85c6a2
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D2dc5d7ef17b42550%26uid%3D
Protocol
HTTP/1.1
Server
3.214.33.241 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-214-33-241.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Fri, 18 Aug 2023 00:26:58 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

location
https://usersync.gumgum.com/usersync?b=idi&i=6e611e0d-248a-42aa-aae5-d95b1b85c6a2
access-control-allow-origin
*
date
Fri, 18 Aug 2023 00:26:58 GMT
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
usersync
usersync.gumgum.com/ Frame 8F09
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25
  • https://usersync.gumgum.com/usersync?b=pln&i=LRorNYzj3RZ1&ev=1&pid=558355
35 B
250 B
Image
General
Full URL
https://usersync.gumgum.com/usersync?b=pln&i=LRorNYzj3RZ1&ev=1&pid=558355
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D2dc5d7ef17b42550%26uid%3D
Protocol
HTTP/1.1
Server
3.214.33.241 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-214-33-241.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Fri, 18 Aug 2023 00:26:58 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

strict-transport-security
max-age=15768000
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(10.0.14)
content-language
en-US
location
https://usersync.gumgum.com/usersync?b=pln&i=LRorNYzj3RZ1&ev=1&pid=558355
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-cdb79dd64-d8gd7
expires
-1
usersync
usersync.gumgum.com/ Frame 8F09
Redirect Chain
  • https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=sad&i=8367935734482287302
35 B
250 B
Image
General
Full URL
https://usersync.gumgum.com/usersync?b=sad&i=8367935734482287302
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D2dc5d7ef17b42550%26uid%3D
Protocol
HTTP/1.1
Server
3.214.33.241 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-214-33-241.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Fri, 18 Aug 2023 00:26:58 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

location
https://usersync.gumgum.com/usersync?b=sad&i=8367935734482287302
date
Fri, 18 Aug 2023 00:26:57 GMT
content-length
0
um
sync.e-planning.net/ Frame 8F09
42 B
103 B
Image
General
Full URL
https://sync.e-planning.net/um?dc=1a6b1d3b3872943b&fi=2dc5d7ef17b42550&uid=u_889558d4-7cf8-4390-b256-922540a4a1b8
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D2dc5d7ef17b42550%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
172.98.26.245 Ashburn, United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

server
openresty
date
Fri, 18 Aug 2023 00:26:58 GMT
content-type
image/gif
URnmbSKM
sync-tm.everesttech.net/ct/upi/pid/ Frame 8139
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=&gdpr_consent=
  • https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=&gdpr_consent=&_test=ZN660gAJWnP6lQAN
85 B
170 B
Document
General
Full URL
https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=&gdpr_consent=&_test=ZN660gAJWnP6lQAN
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D2dc5d7ef17b42550%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Jetty(9.4.35.v20201120) /
Resource Hash
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
age
1829
cache-control
no-cache
content-length
85
content-type
image/png
date
Fri, 18 Aug 2023 00:26:58 GMT
pragma
no-cache
server
Jetty(9.4.35.v20201120)
via
1.1 varnish
x-cache
HIT
x-cache-hits
7372
x-served-by
cache-yyz4533-YYZ
x-timer
S1692318418.302720,VS0,VE0

Redirect headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
no-cache
content-length
0
date
Fri, 18 Aug 2023 00:26:58 GMT
location
https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=&gdpr_consent=&_test=ZN660gAJWnP6lQAN
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
pragma
no-cache
server
Jetty(9.4.35.v20201120)
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-yyz4533-YYZ
x-timer
S1692318418.248064,VS0,VE21
pixel
cm.g.doubleclick.net/ Frame 93DA
170 B
188 B
Document
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=dV84ODk1NThkNC03Y2Y4LTQzOTAtYjI1Ni05MjI1NDBhNGExYjg=&gdpr=&gdpr_consent=&google_redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dgdv
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D2dc5d7ef17b42550%26uid%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.176.194 Grosse Pointe, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s37-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
170
content-type
image/png
cross-origin-resource-policy
cross-origin
date
Fri, 18 Aug 2023 00:26:58 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
server
HTTP server (unknown)
x-xss-protection
0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 2CE9
15 KB
6 KB
Document
General
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D2dc5d7ef17b42550%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.22.40.190 Liljeholmen, Sweden, ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE),
Reverse DNS
a2-22-40-190.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=158043
content-encoding
gzip
content-length
5606
content-type
text/html
date
Fri, 18 Aug 2023 00:26:58 GMT
expires
Sat, 19 Aug 2023 20:21:01 GMT
last-modified
Tue, 11 Jul 2023 09:39:35 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
usersync
usersync.gumgum.com/ Frame 284B
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=ttd&i=0487fdef-dbcb-4472-91ea-091af86a64fb
35 B
250 B
Document
General
Full URL
https://usersync.gumgum.com/usersync?b=ttd&i=0487fdef-dbcb-4472-91ea-091af86a64fb
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D2dc5d7ef17b42550%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
3.214.33.241 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-214-33-241.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Fri, 18 Aug 2023 00:26:58 GMT
Expires
0
Pragma
no-cache

Redirect headers

content-length
193
date
Fri, 18 Aug 2023 00:26:58 GMT
location
https://usersync.gumgum.com/usersync?b=ttd&i=0487fdef-dbcb-4472-91ea-091af86a64fb
server
Kestrel
usersync
usersync.gumgum.com/ Frame C1DC
Redirect Chain
  • https://tg.socdm.com/aux/idsync?proto=gumgum
  • https://usersync.gumgum.com/usersync?b=sus&i=ZN660sCo8X8AAGhoHEoAAAAA
35 B
250 B
Document
General
Full URL
https://usersync.gumgum.com/usersync?b=sus&i=ZN660sCo8X8AAGhoHEoAAAAA
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D2dc5d7ef17b42550%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
3.214.33.241 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-214-33-241.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Fri, 18 Aug 2023 00:26:58 GMT
Expires
0
Pragma
no-cache

Redirect headers

Cache-Control
private
Connection
keep-alive
Content-Length
0
Date
Fri, 18 Aug 2023 00:26:58 GMT
Location
https://usersync.gumgum.com/usersync?b=sus&i=ZN660sCo8X8AAGhoHEoAAAAA
P3P
CP="See also http://www.scaleout.jp/privacy/"
Server
nginx
X-SO-Ads-Time
1
X-SO-Cluster-ID
0
X-SO-HostName
m-ad400.dc4p.scaleout.jp
X-SO-IP
96.9.249.38
X-SO-Key
ZN660sCo8X8AAGhoHEoAAAAA
X-SO-LB-Data
{"ban":false,"clean_query":"\/aux\/idsync?proto=gumgum","cluster_id":0,"gdpr":false,"ipv4":"96.9.249.38","key":"ZN660sCo8X8AAGhoHEoAAAAA","privacy_sensitive":false,"uid":"","upstream_id":"m-ad400"}
X-SO-LB-Hostname
m-tgng27.dc4p.scaleout.jp
X-SO-Upstream-ID
m-ad400
usersync
usersync.gumgum.com/ Frame B2EF
Redirect Chain
  • https://cs.admanmedia.com/sync/gumgum?puid=u_889558d4-7cf8-4390-b256-922540a4a1b8&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Daad%26i%3D%5BDSP_USER_ID%5D&gdpr=&gdpr_consent=&ccpa=
  • https://usersync.gumgum.com/usersync?b=aad&i=611477f1-2266-4456-bda3-55c0a8b20fc4
35 B
250 B
Document
General
Full URL
https://usersync.gumgum.com/usersync?b=aad&i=611477f1-2266-4456-bda3-55c0a8b20fc4
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D2dc5d7ef17b42550%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
3.214.33.241 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-214-33-241.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Fri, 18 Aug 2023 00:27:00 GMT
Expires
0
Pragma
no-cache

Redirect headers

Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Date
Fri, 18 Aug 2023 00:27:00 GMT
Expires
0
Location
https://usersync.gumgum.com/usersync?b=aad&i=611477f1-2266-4456-bda3-55c0a8b20fc4
Pragma
no-cache
Server
nginx
Strict-Transport-Security
max-age=63072000; includeSubdomains; preload
Transfer-Encoding
chunked
usersync
usersync.gumgum.com/ Frame 59F4
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=gumgum
  • https://creativecdn.com/cm-notify?pi=gumgum&tc=1
  • https://usersync.gumgum.com/usersync?b=rth&i=IQenns9db6STUgZpbm9c&pi=gumgum&tc=1
35 B
250 B
Document
General
Full URL
https://usersync.gumgum.com/usersync?b=rth&i=IQenns9db6STUgZpbm9c&pi=gumgum&tc=1
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D2dc5d7ef17b42550%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
3.214.33.241 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-214-33-241.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Fri, 18 Aug 2023 00:26:58 GMT
Expires
0
Pragma
no-cache

Redirect headers

cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
date
Fri, 18 Aug 2023 00:26:58 GMT Fri, 18 Aug 2023 00:26:58 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://usersync.gumgum.com/usersync?b=rth&i=IQenns9db6STUgZpbm9c&pi=gumgum&tc=1
pragma
no-cache
usync.html
eus.rubiconproject.com/ Frame 00DC
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum
  • https://eus.rubiconproject.com/usync.html?p=gumgum
281 B
401 B
Document
General
Full URL
https://eus.rubiconproject.com/usync.html?p=gumgum
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3D2dc5d7ef17b42550%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
72.247.65.83 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a72-247-65-83.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
content-encoding
gzip
content-length
233
content-type
text/html; charset=UTF-8
date
Fri, 18 Aug 2023 00:26:58 GMT
etag
"403b9-119-5ec73a0a33d00"
last-modified
Wed, 02 Nov 2022 02:30:44 GMT
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Fri, 18 Aug 2023 00:26:58 GMT
location
https://eus.rubiconproject.com/usync.html?p=gumgum
server
AkamaiGHost
um
sync.e-planning.net/ Frame A0BE
Redirect Chain
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=eplanning_east&khaos=LLFUOWMM-1P-IU2L
  • https://sync.e-planning.net/um?uid=LLFUOWMM-1P-IU2L&dc=9bcc91305985f0db&iss=1
42 B
103 B
Image
General
Full URL
https://sync.e-planning.net/um?uid=LLFUOWMM-1P-IU2L&dc=9bcc91305985f0db&iss=1
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&p=eplanning_east&endpoint=us-east
Protocol
H2
Server
172.98.26.245 Ashburn, United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

server
openresty
date
Fri, 18 Aug 2023 00:26:58 GMT
content-type
image/gif

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://sync.e-planning.net/um?uid=LLFUOWMM-1P-IU2L&dc=9bcc91305985f0db&iss=1
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
8f31d5fb12ac7ec11f837ad8263e0f6c
Expires
0
xuid
eb2.3lift.com/ Frame 6409
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=3658&xuid=0487fdef-dbcb-4472-91ea-091af86a64fb&dongle=0cfd&gdpr=0&gdpr_consent=
37 B
354 B
Image
General
Full URL
https://eb2.3lift.com/xuid?mid=3658&xuid=0487fdef-dbcb-4472-91ea-091af86a64fb&dongle=0cfd&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?redir=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fuid%3D%24UID%26dc%3D4d76b6ce34af74c9%26iss%3D1&ld=1
Protocol
H2
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-type
image/gif
date
Fri, 18 Aug 2023 00:26:58 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
https://eb2.3lift.com/xuid?mid=3658&xuid=0487fdef-dbcb-4472-91ea-091af86a64fb&dongle=0cfd&gdpr=0&gdpr_consent=
date
Fri, 18 Aug 2023 00:26:58 GMT
server
Kestrel
content-length
251
ebda
eb2.3lift.com/ Frame 6409
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=NDA4MDc2Mjc3NDE0OTc1NjAwNTI0MA%3D%3D
  • https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
37 B
139 B
Image
General
Full URL
https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?redir=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fuid%3D%24UID%26dc%3D4d76b6ce34af74c9%26iss%3D1&ld=1
Protocol
H2
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 00:26:58 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif

Redirect headers

pragma
no-cache
date
Fri, 18 Aug 2023 00:26:58 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
248
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
xuid
eb2.3lift.com/ Frame 6409
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEHbtLuOqKq7QtTQ08BwDDLo&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
37 B
354 B
Image
General
Full URL
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEHbtLuOqKq7QtTQ08BwDDLo&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?redir=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fuid%3D%24UID%26dc%3D4d76b6ce34af74c9%26iss%3D1&ld=1
Protocol
H2
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-type
image/gif
date
Fri, 18 Aug 2023 00:26:58 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Fri, 18 Aug 2023 00:26:58 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEHbtLuOqKq7QtTQ08BwDDLo&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
332
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 6409
Redirect Chain
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=NDA4MDc2Mjc3NDE0OTc1NjAwNTI0MA%3D%3D
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=NDA4MDc2Mjc3NDE0OTc1NjAwNTI0MA%3D%3D
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?redir=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fuid%3D%24UID%26dc%3D4d76b6ce34af74c9%26iss%3D1&ld=1
Protocol
H3
Server
142.250.176.194 Grosse Pointe, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s37-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 00:26:58 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=NDA4MDc2Mjc3NDE0OTc1NjAwNTI0MA%3D%3D
date
Fri, 18 Aug 2023 00:26:58 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
setuid
px.ads.linkedin.com/ Frame 6409
0
630 B
Image
General
Full URL
https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=4080762774149756005240&dbredirect=true&gdpr=0&consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?redir=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fuid%3D%24UID%26dc%3D4d76b6ce34af74c9%26iss%3D1&ld=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 00:26:57 GMT
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: FD3893FFDA1D42D99A15EE870A2AA4BD Ref B: NYCEDGE1609 Ref C: 2023-08-18T00:26:58Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-ltx1
x-li-proto
http/2
content-length
0
x-li-uuid
AAYDJ5Ytz43FYSRP2CwN3g==
sync
x.bidswitch.net/ Frame 6409
43 B
235 B
Image
General
Full URL
https://x.bidswitch.net/sync?ssp=triplelift&user_id=4080762774149756005240&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?redir=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fuid%3D%24UID%26dc%3D4d76b6ce34af74c9%26iss%3D1&ld=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.211.178.172 North Charleston, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS
172.178.211.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date
Fri, 18 Aug 2023 00:26:58 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
xuid
eb2.3lift.com/ Frame 6409
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/4080762774149756005240?gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-Z4zuy21E2oRF8UrHT037QbjKR.jtiCl49qVwQeVZYA--~A&dongle=0883
37 B
354 B
Image
General
Full URL
https://eb2.3lift.com/xuid?mid=2662&xuid=y-Z4zuy21E2oRF8UrHT037QbjKR.jtiCl49qVwQeVZYA--~A&dongle=0883
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?redir=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fuid%3D%24UID%26dc%3D4d76b6ce34af74c9%26iss%3D1&ld=1
Protocol
H2
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-type
image/gif
date
Fri, 18 Aug 2023 00:26:58 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

date
Fri, 18 Aug 2023 00:26:58 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://eb2.3lift.com/xuid?mid=2662&xuid=y-Z4zuy21E2oRF8UrHT037QbjKR.jtiCl49qVwQeVZYA--~A&dongle=0883
content-length
0
c.gif
c.bing.com/ Frame 6409
42 B
688 B
Image
General
Full URL
https://c.bing.com/c.gif?xid=4080762774149756005240&Red3=TLMS_pd
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?redir=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fuid%3D%24UID%26dc%3D4d76b6ce34af74c9%26iss%3D1&ld=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 00:26:57 GMT
last-modified
Tue, 06 Jun 2023 17:31:18 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 99DB40C8E0AE4318BA099BAFE26C5200 Ref B: NYCEDGE1321 Ref C: 2023-08-18T00:26:58Z
etag
"7cd81bb49c98d91:0"
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
content-type
image/gif
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-length
42
usersync.aspx
dis.criteo.com/dis/ Frame 6409
43 B
362 B
Image
General
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=44&p=75&cp=triplelift&cu=1&url=https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D2711%26xuid%3D%40%40CRITEO_USERID%40%40%26dongle%3D013b
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?redir=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fuid%3D%24UID%26dc%3D4d76b6ce34af74c9%26iss%3D1&ld=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.150 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 00:26:57 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
410477
expires
Fri, 18 Aug 2023 00:00:00 GMT
xuid
eb2.3lift.com/ Frame 6409
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3335%26xuid%3D%24UID%26dongle%3D4d58%26gdpr=0%26gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=3335&xuid=4664318827337647392&dongle=4d58&gdpr=0&gdpr_consent=
37 B
354 B
Image
General
Full URL
https://eb2.3lift.com/xuid?mid=3335&xuid=4664318827337647392&dongle=4d58&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?redir=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fuid%3D%24UID%26dc%3D4d76b6ce34af74c9%26iss%3D1&ld=1
Protocol
H2
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-type
image/gif
date
Fri, 18 Aug 2023 00:26:58 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Fri, 18 Aug 2023 00:26:58 GMT
an-x-request-uuid
57995bd3-c919-4eca-b9e0-7ac640e72c94
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://eb2.3lift.com/xuid?mid=3335&xuid=4664318827337647392&dongle=4d58&gdpr=0&gdpr_consent=
x-proxy-origin
96.9.249.38; 96.9.249.38; 797.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
um
sync.e-planning.net/ Frame 6409
42 B
103 B
Image
General
Full URL
https://sync.e-planning.net/um?uid=4080762774149756005240&dc=4d76b6ce34af74c9&iss=1
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?redir=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fuid%3D%24UID%26dc%3D4d76b6ce34af74c9%26iss%3D1&ld=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
172.98.26.245 Ashburn, United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

server
openresty
date
Fri, 18 Aug 2023 00:26:58 GMT
content-type
image/gif
usync.js
eus.rubiconproject.com/ Frame 00DC
34 KB
10 KB
Script
General
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
72.247.65.83 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a72-247-65-83.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
f05698d815081e9ec8cb78b0175cd62943ef4982e9c6237a91b6c8bcf72a0ec6

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=gumgum
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 00:26:58 GMT
content-encoding
gzip
last-modified
Thu, 17 Aug 2023 04:13:08 GMT
server
Apache/2.2.15 (CentOS)
x-powered-by
PHP/5.3.3
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
cache-control
max-age=13569
content-length
10116
expires
Fri, 18 Aug 2023 04:13:07 GMT
t2.min.js
d2skc0orvsqfj9.cloudfront.net/ Frame 53E1
10 KB
10 KB
Script
General
Full URL
https://d2skc0orvsqfj9.cloudfront.net/t2.min.js
Requested by
Host: api.retargetly.com
URL: https://api.retargetly.com/loader?id=1473
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.36.207 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-36-207.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
fc433ae63f224fbf6d4becb40172809660fe98c6d4c8064249f45d535dedd62c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 00:26:58 GMT
x-amz-version-id
ye3HEjcsK8G_QNNVIc8_QGMR2kzfqTtC
via
1.1 c5c79ef7442267e414f3389ffcc2f0fa.cloudfront.net (CloudFront)
last-modified
Thu, 20 Jul 2023 18:44:56 GMT
server
AmazonS3
x-amz-cf-pop
EWR53-C2
x-amz-server-side-encryption
AES256
etag
"ac3bb68b77e505470c4fdcd20e4240f1"
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=14400
accept-ranges
bytes
content-length
10193
x-amz-cf-id
MnmuC9IeJfzYEQUnZm6tWI9OzmZOSjFXXevq-cDnkxGTwoDySpW-Yw==
api
api.retargetly.com/ Frame 9D1D
Redirect Chain
  • https://api.retargetly.com/api?id=1473&src=0&url=https%3A%2F%2Fitsallinanutshell.com%2F&browserUrl=https%3A%2F%2Fads.us.e-planning.net%2Fuspd%2F1%2F%3Fct%3D1%26du%3Dhttps%253A%252F%252Fow.pubmatic....
  • https://api.retargetly.com/api?id=1473&src=0&url=https%3A%2F%2Fitsallinanutshell.com%2F&browserUrl=https%3A%2F%2Fads.us.e-planning.net%2Fuspd%2F1%2F%3Fct%3D1%26du%3Dhttps%253A%252F%252Fow.pubmatic....
2 KB
1 KB
Document
General
Full URL
https://api.retargetly.com/api?id=1473&src=0&url=https%3A%2F%2Fitsallinanutshell.com%2F&browserUrl=https%3A%2F%2Fads.us.e-planning.net%2Fuspd%2F1%2F%3Fct%3D1%26du%3Dhttps%253A%252F%252Fow.pubmatic.com%252Fsetuid%253Fbidder%253Deplanning%2526gdpr%253D%2526gdpr_consent%253D%2526gpp%253D%2526gpp_sid%253D%2526f%253Db%2526uid%253D%2524UID&ref=https%3A%2F%2Fads.us.e-planning.net%2Fuspd%2F1%2F%3Fct%3D1%26du%3Dhttps%253A%252F%252Fow.pubmatic.com%252Fsetuid%253Fbidder%253Deplanning%2526gdpr%253D%2526gdpr_consent%253D%2526gpp%253D%2526gpp_sid%253D%2526f%253Db%2526uid%253D%2524UID&utmz=&n=&md=&mk=&il=1&limit_drop=&userid=78336b01-a437-4a0a-bf26-d4ba6496aee6&fullVersionList=&platform=&_rlid=78336b01-a437-4a0a-bf26-d4ba6496aee6
Requested by
Host: api.retargetly.com
URL: https://api.retargetly.com/loader?id=1473
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:108d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9a7d924759c28a80661acf0874b60dd1a9675dcc68ef7e6b2ba52d478a227bda

Request headers

Referer
https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fow.pubmatic.com%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

access-control-allow-origin
*
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
7f860743fc964bcf-BUF
content-encoding
gzip
content-type
text/html
date
Fri, 18 Aug 2023 00:26:58 GMT
expires
0
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
pragma
no-cache
server
cloudflare

Redirect headers

access-control-allow-origin
*
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
7f8607433c8c4bcf-BUF
content-type
application/javascript
date
Fri, 18 Aug 2023 00:26:58 GMT
expires
0
location
/api?id=1473&src=0&url=https%3A%2F%2Fitsallinanutshell.com%2F&browserUrl=https%3A%2F%2Fads.us.e-planning.net%2Fuspd%2F1%2F%3Fct%3D1%26du%3Dhttps%253A%252F%252Fow.pubmatic.com%252Fsetuid%253Fbidder%253Deplanning%2526gdpr%253D%2526gdpr_consent%253D%2526gpp%253D%2526gpp_sid%253D%2526f%253Db%2526uid%253D%2524UID&ref=https%3A%2F%2Fads.us.e-planning.net%2Fuspd%2F1%2F%3Fct%3D1%26du%3Dhttps%253A%252F%252Fow.pubmatic.com%252Fsetuid%253Fbidder%253Deplanning%2526gdpr%253D%2526gdpr_consent%253D%2526gpp%253D%2526gpp_sid%253D%2526f%253Db%2526uid%253D%2524UID&utmz=&n=&md=&mk=&il=1&limit_drop=&userid=78336b01-a437-4a0a-bf26-d4ba6496aee6&fullVersionList=&platform=&_rlid=78336b01-a437-4a0a-bf26-d4ba6496aee6
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
pragma
no-cache
server
cloudflare
dcm
aax-eu.amazon-adsystem.com/s/ Frame A0BE
43 B
855 B
Image
General
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&p=eplanning_east&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.220.228.203 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 18 Aug 2023 00:26:58 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
15R12BVT05YBZX9JVE2T
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame A0BE
Redirect Chain
  • https://match.adsrvr.org/track/cmf/rubicon
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=0487fdef-dbcb-4472-91ea-091af86a64fb&gdpr=0&gdpr_consent=&expires=30
42 B
691 B
Image
General
Full URL
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=0487fdef-dbcb-4472-91ea-091af86a64fb&gdpr=0&gdpr_consent=&expires=30
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&p=eplanning_east&endpoint=us-east
Protocol
HTTP/1.1
Server
8.43.72.97 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
2dd9fa24169fa04536d533da131679f8
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

location
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=0487fdef-dbcb-4472-91ea-091af86a64fb&gdpr=0&gdpr_consent=&expires=30
date
Fri, 18 Aug 2023 00:26:58 GMT
server
Kestrel
content-length
289
ecm3
s.amazon-adsystem.com/ Frame A0BE
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=ypXZgVTATF-kFar6hwZ1Ng&rk=usync-na
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=ypXZgVTATF-kFar6hwZ1Ng
43 B
479 B
Image
General
Full URL
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=ypXZgVTATF-kFar6hwZ1Ng
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&p=eplanning_east&endpoint=us-east
Protocol
HTTP/1.1
Server
52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 18 Aug 2023 00:26:58 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
15JEHMM9MFN1FMREVV4W
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=ypXZgVTATF-kFar6hwZ1Ng
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
7d24643e640b7b50906469aa87bfb2ce
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame A0BE
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NmQ4YzQxNjE3NThjYTFkM2QwMzA5ZmJjZjczNDYwNzFhNTI4OTNkMA
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NmQ4YzQxNjE3NThjYTFkM2QwMzA5ZmJjZjczNDYwNzFhNTI4OTNkMA
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&p=eplanning_east&endpoint=us-east
Protocol
H3
Server
142.250.176.194 Grosse Pointe, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s37-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 00:26:58 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NmQ4YzQxNjE3NThjYTFkM2QwMzA5ZmJjZjczNDYwNzFhNTI4OTNkMA
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
e1bf03b8e0c0366715a8d9abd31b9f35
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
setuid
px.ads.linkedin.com/ Frame A0BE
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LLFUOWMM-1P-IU2L
0
251 B
Image
General
Full URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LLFUOWMM-1P-IU2L
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&p=eplanning_east&endpoint=us-east
Protocol
H2
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 00:26:57 GMT
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: D0317683AED44D4A802C48D44E4F97CF Ref B: NYCEDGE1609 Ref C: 2023-08-18T00:26:58Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-ltx1
x-li-proto
http/2
content-length
0
x-li-uuid
AAYDJ5YvMLI9AXnKWmxd4g==

Redirect headers

Location
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LLFUOWMM-1P-IU2L
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
e1bf03b8e0c0366715a8d9abd31b9f35
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame A0BE
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TExGVU9XTU0tMVAtSVUyTA==
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEOx_nnGzULU9QkTXCLs7FX0&google_cver=1
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TExGVU9XTU0tMVAtSVUyTA==&google_push=
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TExGVU9XTU0tMVAtSVUyTA==&google_push=
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&p=eplanning_east&endpoint=us-east
Protocol
H3
Server
142.250.176.194 Grosse Pointe, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s37-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 00:26:58 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TExGVU9XTU0tMVAtSVUyTA==&google_push=
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
7d24643e640b7b50906469aa87bfb2ce
Expires
0
tap.php
pixel.rubiconproject.com/ Frame A0BE
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/rzrmNWSnyv84_QQVB_Ayecn5EUdSAgOZEtemQ7w0kco?csrc=
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-aCeMPCdE2oIyI7VcG5_lDl9xtYhqpFTQHfSbfQ--~A
42 B
691 B
Image
General
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-aCeMPCdE2oIyI7VcG5_lDl9xtYhqpFTQHfSbfQ--~A
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&p=eplanning_east&endpoint=us-east
Protocol
HTTP/1.1
Server
8.43.72.97 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
7d24643e640b7b50906469aa87bfb2ce
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date
Fri, 18 Aug 2023 00:26:58 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-aCeMPCdE2oIyI7VcG5_lDl9xtYhqpFTQHfSbfQ--~A
content-length
0
tap.php
pixel.rubiconproject.com/ Frame A0BE
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEHqoawjYfjYJtQyOG1-_DWA&google_cver=1
42 B
691 B
Image
General
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEHqoawjYfjYJtQyOG1-_DWA&google_cver=1
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&p=eplanning_east&endpoint=us-east
Protocol
HTTP/1.1
Server
8.43.72.97 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
7d24643e640b7b50906469aa87bfb2ce
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Fri, 18 Aug 2023 00:26:58 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEHqoawjYfjYJtQyOG1-_DWA&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usersync
usersync.gumgum.com/ Frame 00DC
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=gumgum&khaos=LLFUOWMM-1P-IU2L
  • https://usersync.gumgum.com/usersync?b=mag&i=LLFUOWMM-1P-IU2L
35 B
250 B
Image
General
Full URL
https://usersync.gumgum.com/usersync?b=mag&i=LLFUOWMM-1P-IU2L
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol
HTTP/1.1
Server
3.214.33.241 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-214-33-241.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Fri, 18 Aug 2023 00:26:58 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://usersync.gumgum.com/usersync?b=mag&i=LLFUOWMM-1P-IU2L
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
2dd9fa24169fa04536d533da131679f8
Expires
0
ads
securepubads.g.doubleclick.net/gampad/
397 B
178 B
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=244299579352505&correlator=1542287501098938&eid=31076398%2C31076768%2C31077123&output=ldjh&gdfp_req=1&vrg=202308150101&ptt=17&impl=fif&us_privacy=1---&iu_parts=21732118914%3A22975044942%2Citsallinanutshell_com-edge-1&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C160x600&fluid=height&ifi=5&didk=115940854&sfv=1-0-40&rcs=1&eri=1&sc=1&cookie=ID%3D873143505799b32e%3AT%3D1692318415%3ART%3D1692318415%3AS%3DALNI_MZKdxWcwhATBS_BWyj8cEreudmDwA&gpic=UID%3D00000d8c0537ff80%3AT%3D1692318415%3ART%3D1692318415%3AS%3DALNI_MaCTkwevePLqFczOym_Lp657bBqwA&abxe=1&dt=1692318418441&lmt=1692354418&adxs=0&adys=302&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fitsallinanutshell.com%2F&vis=1&psz=160x-1&msz=160x-1&fws=516&ohw=1600&psts=AOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a&ga_vid=1075092753.1692318415&ga_sid=1692318416&ga_hid=1732463647&ga_fc=true&dlt=1692318414472&idt=949&prev_scp=a%3D%257C0%257C%26iid1%3D7999192897653727%26eid%3D7999192897653727%26t%3D134%26d%3D496996%26t1%3D134%26pvc%3D0%26ap%3D1101%26sap%3D1101%26as%3Drevenue%26plat%3D1%26bra%3Dmod13%26ic%3D2%26at%3Dmbf%26adr%3D399%26ezosn%3D1%26reft%3Dtf%26refs%3D30%26refa%3D1%26ga%3D5302779%26rid%3D99998%26pt%3D38%26al%3D1038%26compid%3D0%26tap%3Ditsallinanutshell_com-edge-1-7999192897653727%26eb_br%3D5dfc84b2afe9d09bb5135bfcbbc5970f%2Cc352ba581bd3ffd8cea608cf2d55f519%26eba%3D1%26bv%3D23%26bvm%3D0%26bvr%3D3%26avc%3D113%26shp%3D2%26ftsn%3D12%26ftsng%3D12%26br1%3D60%26br2%3D60%26ezoic%3D1%26nmau%3D0%26mau%3D0%26sticky%3D1%26stl%3D63%2C14%2C28%2C4%2C51%2C0%2C88%2C0%2C71%2C30%2C0%2C31%2C901%2C902%2C903%26deal1%3D17%2C20%2C21%2C22%2C23%2C24%2C25%2C26%2C1794%2C2310%2C2339%2C2351%2C2526%2C2527%2C2610%2C2761%2C2763%2C2764%2C2765%2C3044%2C3054%2C3154%2C3430%2C3455%2C3456%2C3457%2C3458%2C3460%2C3682%2C3683%2C3684%2C4184%2C4185%2C4186%2C5747%2C7%2C8%2C9%2C10%2C11%2C12%2C13%2C14%2C15%2C16%2C915%2C874%2C835%2C19%2C2688%2C3045%2C4276%2C916%26lb%3D120%26reqt%3D1692318418431&adks=905025581&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308150101/pubads_impl.js?cb=31077123
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2002 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6072f68d19be69e39e79ffbe1848577c3eed08875d8fb9ba2f71ed481dab2892
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://itsallinanutshell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 00:26:58 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
148
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://itsallinanutshell.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/
404 B
185 B
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=244299579352505&correlator=1426921021700307&eid=31076398%2C31076768%2C31077123&output=ldjh&gdfp_req=1&vrg=202308150101&ptt=17&impl=fif&us_privacy=1---&iu_parts=21732118914%3A22975044942%2Citsallinanutshell_com-medrectangle-2&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&ifi=6&didk=1504799095&sfv=1-0-40&rcs=1&eri=1&sc=1&cookie=ID%3D873143505799b32e%3AT%3D1692318415%3ART%3D1692318415%3AS%3DALNI_MZKdxWcwhATBS_BWyj8cEreudmDwA&gpic=UID%3D00000d8c0537ff80%3AT%3D1692318415%3ART%3D1692318415%3AS%3DALNI_MaCTkwevePLqFczOym_Lp657bBqwA&abxe=1&dt=1692318418451&lmt=1692354418&adxs=436&adys=1110&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fitsallinanutshell.com%2F&vis=1&psz=728x-1&msz=728x-1&fws=516&ohw=1600&psts=AOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a&ga_vid=1075092753.1692318415&ga_sid=1692318416&ga_hid=1732463647&ga_fc=true&dlt=1692318414472&idt=949&prev_scp=a%3D%257C0%257C%26iid1%3D6561939639604062%26eid%3D6561939639604062%26t%3D134%26d%3D496996%26t1%3D134%26pvc%3D0%26ap%3D1100%26sap%3D1100%26as%3Drevenue%26plat%3D1%26bra%3Dmod13%26ic%3D2%26at%3Dmbf%26adr%3D399%26ezosn%3D3%26reft%3Dtf%26refs%3D30%26refa%3D1%26ga%3D5302779%26rid%3D99998%26pt%3D5%26al%3D1005%26compid%3D0%26tap%3Ditsallinanutshell_com-medrectangle-2-6561939639604062%26eb_br%3D2b579bd406d80336360cc9360dca858a%2Ca495ce7dbb4cefcd3e0a722048894f41%26eba%3D1%26bv%3D15%26bvm%3D0%26bvr%3D5%26avc%3D113%26shp%3D1%26ftsn%3D12%26ftsng%3D12%26br1%3D100%26br2%3D100%26ezoic%3D1%26nmau%3D0%26mau%3D0%26stl%3D63%2C14%2C28%2C4%2C51%2C0%2C88%2C0%2C71%2C30%2C0%2C31%2C901%2C902%2C903%26deal1%3D20%2C21%2C22%2C23%2C24%2C25%2C26%2C1794%2C2310%2C2339%2C2526%2C2527%2C2763%2C2764%2C2765%2C3054%2C3154%2C3430%2C3455%2C3456%2C3457%2C3458%2C3460%2C3682%2C3683%2C3684%2C4184%2C4185%2C4186%2C5747%2C9%2C10%2C11%2C12%2C13%2C14%2C15%2C16%2C17%2C2351%2C2610%2C2761%2C3044%2C7%2C8%2C915%2C874%2C835%26lb%3D200%26reqt%3D1692318418425&adks=3076448883&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308150101/pubads_impl.js?cb=31077123
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2002 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ae350a48422e36ae5444203547b8e62806b204ec555103218dedbae063f30561
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://itsallinanutshell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 00:26:59 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
155
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://itsallinanutshell.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/
397 B
179 B
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=244299579352505&correlator=1856670107492518&eid=31076398%2C31076768%2C31077123&output=ldjh&gdfp_req=1&vrg=202308150101&ptt=17&impl=fif&us_privacy=1---&iu_parts=21732118914%3A22975044942%2Citsallinanutshell_com-edge-2&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C160x600&fluid=height&ifi=7&didk=115933708&sfv=1-0-40&rcs=1&eri=1&sc=1&cookie=ID%3D873143505799b32e%3AT%3D1692318415%3ART%3D1692318415%3AS%3DALNI_MZKdxWcwhATBS_BWyj8cEreudmDwA&gpic=UID%3D00000d8c0537ff80%3AT%3D1692318415%3ART%3D1692318415%3AS%3DALNI_MaCTkwevePLqFczOym_Lp657bBqwA&abxe=1&dt=1692318418457&lmt=1692354418&adxs=1440&adys=302&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fitsallinanutshell.com%2F&vis=1&psz=160x-1&msz=160x-1&fws=516&ohw=1600&psts=AOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a&ga_vid=1075092753.1692318415&ga_sid=1692318416&ga_hid=1732463647&ga_fc=true&dlt=1692318414472&idt=949&prev_scp=a%3D%257C0%257C%26iid1%3D4931918961627086%26eid%3D4931918961627086%26t%3D134%26d%3D496996%26t1%3D134%26pvc%3D0%26ap%3D1102%26sap%3D1102%26as%3Drevenue%26plat%3D1%26bra%3Dmod13%26ic%3D2%26at%3Dmbf%26adr%3D399%26ezosn%3D0%26reft%3Dtf%26refs%3D30%26refa%3D1%26ga%3D5302779%26rid%3D99998%26pt%3D39%26al%3D1039%26compid%3D0%26tap%3Ditsallinanutshell_com-edge-2-4931918961627086%26eb_br%3D5dfc84b2afe9d09bb5135bfcbbc5970f%2Cc352ba581bd3ffd8cea608cf2d55f519%26eba%3D1%26bv%3D13%26bvm%3D0%26bvr%3D3%26avc%3D113%26shp%3D2%26ftsn%3D12%26ftsng%3D12%26br1%3D60%26br2%3D60%26ezoic%3D1%26nmau%3D0%26mau%3D0%26sticky%3D1%26stl%3D63%2C14%2C28%2C4%2C51%2C0%2C88%2C0%2C71%2C30%2C0%2C31%2C901%2C902%2C903%26deal1%3D17%2C20%2C21%2C22%2C23%2C24%2C25%2C26%2C1794%2C2310%2C2339%2C2351%2C2526%2C2527%2C2610%2C2761%2C2763%2C2764%2C2765%2C3044%2C3054%2C3154%2C3430%2C3455%2C3456%2C3457%2C3458%2C3460%2C3682%2C3683%2C3684%2C4184%2C4185%2C4186%2C5747%2C7%2C8%2C9%2C10%2C11%2C12%2C13%2C14%2C15%2C16%2C915%2C874%2C835%2C19%2C2688%2C3045%2C4276%2C916%26lb%3D120%26reqt%3D1692318418429&adks=4225512732&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308150101/pubads_impl.js?cb=31077123
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2002 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e4910abb67969431121b3a2338e8b033d1b998554dfa6855855b061546b219e9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://itsallinanutshell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 00:26:58 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
149
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://itsallinanutshell.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
event_collector
pdp-service.prd-00.retargetly.com/ Frame 53E1
0
0
Fetch
General
Full URL
https://pdp-service.prd-00.retargetly.com/event_collector
Requested by
Host: d2skc0orvsqfj9.cloudfront.net
URL: https://d2skc0orvsqfj9.cloudfront.net/t2.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.156.138.112 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-156-138-112.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Referer
https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fow.pubmatic.com%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

user_sync.html
ads.pubmatic.com/AdServer/js/ Frame DFCD
15 KB
6 KB
Document
General
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fow.pubmatic.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/162833/9311/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.22.40.190 Liljeholmen, Sweden, ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE),
Reverse DNS
a2-22-40-190.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423

Request headers

Referer
https://itsallinanutshell.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=158043
content-encoding
gzip
content-length
5606
content-type
text/html
date
Fri, 18 Aug 2023 00:26:58 GMT
expires
Sat, 19 Aug 2023 20:21:01 GMT
last-modified
Tue, 11 Jul 2023 09:39:35 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
sync
app.retargetly.com/ Frame 9D1D
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=retargetly_ddp&google_hm=NzgzMzZiMDEtYTQzNy00YTBhLWJmMjYtZDRiYTY0OTZhZWU2&google_cm
  • https://app.retargetly.com/sync?pid=11&google_gid=CAESEJ33vkXXC5RBr2xILC0--Zg&google_cver=1
0
0
Image
General
Full URL
https://app.retargetly.com/sync?pid=11&google_gid=CAESEJ33vkXXC5RBr2xILC0--Zg&google_cver=1
Requested by
Host: api.retargetly.com
URL: https://api.retargetly.com/api?id=1473&src=0&url=https%3A%2F%2Fitsallinanutshell.com%2F&browserUrl=https%3A%2F%2Fads.us.e-planning.net%2Fuspd%2F1%2F%3Fct%3D1%26du%3Dhttps%253A%252F%252Fow.pubmatic.com%252Fsetuid%253Fbidder%253Deplanning%2526gdpr%253D%2526gdpr_consent%253D%2526gpp%253D%2526gpp_sid%253D%2526f%253Db%2526uid%253D%2524UID&ref=https%3A%2F%2Fads.us.e-planning.net%2Fuspd%2F1%2F%3Fct%3D1%26du%3Dhttps%253A%252F%252Fow.pubmatic.com%252Fsetuid%253Fbidder%253Deplanning%2526gdpr%253D%2526gdpr_consent%253D%2526gpp%253D%2526gpp_sid%253D%2526f%253Db%2526uid%253D%2524UID&utmz=&n=&md=&mk=&il=1&limit_drop=&userid=78336b01-a437-4a0a-bf26-d4ba6496aee6&fullVersionList=&platform=&_rlid=78336b01-a437-4a0a-bf26-d4ba6496aee6
Protocol
H2
Server
2606:4700:10::6816:108d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://api.retargetly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Redirect headers

pragma
no-cache
date
Fri, 18 Aug 2023 00:26:58 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://app.retargetly.com/sync?pid=11&google_gid=CAESEJ33vkXXC5RBr2xILC0--Zg&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
296
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sync
cm.mgid.com/https://app.retargetly.com/ Frame 9D1D
Redirect Chain
  • https://cm.mgid.com/m?cdsp=712808&adu=https%3A%2F%2Fapp.retargetly.com%2Fsync%3Fsid%3D%7Bmuidn%7D%26pid%3D70
  • https://cm.mgid.com/m?adu=https%3A%2F%2Fapp.retargetly.com%2Fsync%3Fsid%3D%7Bmuidn%7D%26pid%3D70&cdsp=712808&sct=1
  • https://cm.mgid.com/https://app.retargetly.com/sync?sid=n7hWS84i56qh&pid=70
0
176 B
Image
General
Full URL
https://cm.mgid.com/https://app.retargetly.com/sync?sid=n7hWS84i56qh&pid=70
Requested by
Host: api.retargetly.com
URL: https://api.retargetly.com/api?id=1473&src=0&url=https%3A%2F%2Fitsallinanutshell.com%2F&browserUrl=https%3A%2F%2Fads.us.e-planning.net%2Fuspd%2F1%2F%3Fct%3D1%26du%3Dhttps%253A%252F%252Fow.pubmatic.com%252Fsetuid%253Fbidder%253Deplanning%2526gdpr%253D%2526gdpr_consent%253D%2526gpp%253D%2526gpp_sid%253D%2526f%253Db%2526uid%253D%2524UID&ref=https%3A%2F%2Fads.us.e-planning.net%2Fuspd%2F1%2F%3Fct%3D1%26du%3Dhttps%253A%252F%252Fow.pubmatic.com%252Fsetuid%253Fbidder%253Deplanning%2526gdpr%253D%2526gdpr_consent%253D%2526gpp%253D%2526gpp_sid%253D%2526f%253Db%2526uid%253D%2524UID&utmz=&n=&md=&mk=&il=1&limit_drop=&userid=78336b01-a437-4a0a-bf26-d4ba6496aee6&fullVersionList=&platform=&_rlid=78336b01-a437-4a0a-bf26-d4ba6496aee6
Protocol
H3
Server
2606:4700:1::6813:884e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://api.retargetly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 00:26:58 GMT
cf-cache-status
DYNAMIC
server
cloudflare
content-type
text/javascript
x-robots-tag
noindex, nofollow
cf-ray
7f860745cb2f4bc0-BUF
content-length
0
alt-svc
h3=":443"; ma=86400

Redirect headers

pragma
no-cache
date
Fri, 18 Aug 2023 00:26:58 GMT
cf-cache-status
DYNAMIC
server
cloudflare
content-type
image/gif
location
https:https://app.retargetly.com/sync?sid=n7hWS84i56qh&pid=70
cache-control
no-store, no-cache, must-revalidate, max-age=0
cf-ray
7f8607457cb44bcf-BUF
alt-svc
h3=":443"; ma=86400
content-length
43
receive
pixel.tapad.com/idsync/ex/ Frame 9D1D
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3012&partner_device_id=78336b01-a437-4a0a-bf26-d4ba6496aee6&_rand=1692318418573
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Freceive%3Fpartner_id%3DAPPNEXUS%26partner_device_id%3D%24UID%26pt%3Dab9d17c0-c81c-44b4-a9b0-0faebcbda11d%252C%252C
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=APPNEXUS&partner_device_id=4664318827337647392&pt=ab9d17c0-c81c-44b4-a9b0-0faebcbda11d%2C%2C
95 B
124 B
Image
General
Full URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=APPNEXUS&partner_device_id=4664318827337647392&pt=ab9d17c0-c81c-44b4-a9b0-0faebcbda11d%2C%2C
Requested by
Host: api.retargetly.com
URL: https://api.retargetly.com/api?id=1473&src=0&url=https%3A%2F%2Fitsallinanutshell.com%2F&browserUrl=https%3A%2F%2Fads.us.e-planning.net%2Fuspd%2F1%2F%3Fct%3D1%26du%3Dhttps%253A%252F%252Fow.pubmatic.com%252Fsetuid%253Fbidder%253Deplanning%2526gdpr%253D%2526gdpr_consent%253D%2526gpp%253D%2526gpp_sid%253D%2526f%253Db%2526uid%253D%2524UID&ref=https%3A%2F%2Fads.us.e-planning.net%2Fuspd%2F1%2F%3Fct%3D1%26du%3Dhttps%253A%252F%252Fow.pubmatic.com%252Fsetuid%253Fbidder%253Deplanning%2526gdpr%253D%2526gdpr_consent%253D%2526gpp%253D%2526gpp_sid%253D%2526f%253Db%2526uid%253D%2524UID&utmz=&n=&md=&mk=&il=1&limit_drop=&userid=78336b01-a437-4a0a-bf26-d4ba6496aee6&fullVersionList=&platform=&_rlid=78336b01-a437-4a0a-bf26-d4ba6496aee6
Protocol
H3
Server
34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
62.113.111.34.bc.googleusercontent.com
Software
Jetty(11.0.13) /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://api.retargetly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 00:26:58 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
content-type
image/png
access-control-allow-origin
*
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95

Redirect headers

pragma
no-cache
date
Fri, 18 Aug 2023 00:26:58 GMT
an-x-request-uuid
51229d9a-71ce-46f1-90ef-a498c5267afe
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://pixel.tapad.com/idsync/ex/receive?partner_id=APPNEXUS&partner_device_id=4664318827337647392&pt=ab9d17c0-c81c-44b4-a9b0-0faebcbda11d%2C%2C
x-proxy-origin
96.9.249.38; 96.9.249.38; 797.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
app.retargetly.com/ Frame 9D1D
Redirect Chain
  • https://tags.bluekai.com/site/28347?limit=0&id=78336b01-a437-4a0a-bf26-d4ba6496aee6&redir=https%3A%2F%2Fapp.retargetly.com%2Fsync%3Fsid%3D%24_BK_UUID%26pid%3D9
  • https://app.retargetly.com/sync?sid=$_BK_UUID&pid=9
68 B
307 B
Image
General
Full URL
https://app.retargetly.com/sync?sid=$_BK_UUID&pid=9
Requested by
Host: api.retargetly.com
URL: https://api.retargetly.com/api?id=1473&src=0&url=https%3A%2F%2Fitsallinanutshell.com%2F&browserUrl=https%3A%2F%2Fads.us.e-planning.net%2Fuspd%2F1%2F%3Fct%3D1%26du%3Dhttps%253A%252F%252Fow.pubmatic.com%252Fsetuid%253Fbidder%253Deplanning%2526gdpr%253D%2526gdpr_consent%253D%2526gpp%253D%2526gpp_sid%253D%2526f%253Db%2526uid%253D%2524UID&ref=https%3A%2F%2Fads.us.e-planning.net%2Fuspd%2F1%2F%3Fct%3D1%26du%3Dhttps%253A%252F%252Fow.pubmatic.com%252Fsetuid%253Fbidder%253Deplanning%2526gdpr%253D%2526gdpr_consent%253D%2526gpp%253D%2526gpp_sid%253D%2526f%253Db%2526uid%253D%2524UID&utmz=&n=&md=&mk=&il=1&limit_drop=&userid=78336b01-a437-4a0a-bf26-d4ba6496aee6&fullVersionList=&platform=&_rlid=78336b01-a437-4a0a-bf26-d4ba6496aee6
Protocol
H2
Server
2606:4700:10::6816:108d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4443eccbe460b086b56483fdbfdaafca2c11c369a796a56c097997b15c160660

Request headers

accept-language
en-US,en;q=0.9
Referer
https://api.retargetly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 00:26:58 GMT
cf-cache-status
DYNAMIC
server
cloudflare
content-type
image/png
access-control-allow-origin
*
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
cache-control
no-cache
cf-ray
7f8607454cb04bcf-BUF
expires
0

Redirect headers

location
https://app.retargetly.com/sync?sid=$_BK_UUID&pid=9
date
Fri, 18 Aug 2023 00:26:58 GMT
content-length
0
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
sync
api.retargetly.com/ Frame 9D1D
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=83i98y4&ttd_tpi=1
  • https://api.retargetly.com/sync?pid=13&sid=0487fdef-dbcb-4472-91ea-091af86a64fb
68 B
418 B
Image
General
Full URL
https://api.retargetly.com/sync?pid=13&sid=0487fdef-dbcb-4472-91ea-091af86a64fb
Requested by
Host: api.retargetly.com
URL: https://api.retargetly.com/api?id=1473&src=0&url=https%3A%2F%2Fitsallinanutshell.com%2F&browserUrl=https%3A%2F%2Fads.us.e-planning.net%2Fuspd%2F1%2F%3Fct%3D1%26du%3Dhttps%253A%252F%252Fow.pubmatic.com%252Fsetuid%253Fbidder%253Deplanning%2526gdpr%253D%2526gdpr_consent%253D%2526gpp%253D%2526gpp_sid%253D%2526f%253Db%2526uid%253D%2524UID&ref=https%3A%2F%2Fads.us.e-planning.net%2Fuspd%2F1%2F%3Fct%3D1%26du%3Dhttps%253A%252F%252Fow.pubmatic.com%252Fsetuid%253Fbidder%253Deplanning%2526gdpr%253D%2526gdpr_consent%253D%2526gpp%253D%2526gpp_sid%253D%2526f%253Db%2526uid%253D%2524UID&utmz=&n=&md=&mk=&il=1&limit_drop=&userid=78336b01-a437-4a0a-bf26-d4ba6496aee6&fullVersionList=&platform=&_rlid=78336b01-a437-4a0a-bf26-d4ba6496aee6
Protocol
H2
Server
2606:4700:10::6816:108d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4443eccbe460b086b56483fdbfdaafca2c11c369a796a56c097997b15c160660

Request headers

accept-language
en-US,en;q=0.9
Referer
https://api.retargetly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 00:26:58 GMT
cf-cache-status
DYNAMIC
server
cloudflare
content-type
image/png
access-control-allow-origin
*
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
cache-control
no-cache
cf-ray
7f860744cca34bcf-BUF
expires
0

Redirect headers

location
https://api.retargetly.com/sync?pid=13&sid=0487fdef-dbcb-4472-91ea-091af86a64fb
date
Fri, 18 Aug 2023 00:26:58 GMT
server
Kestrel
content-length
189
sync
app.retargetly.com/ Frame 9D1D
Redirect Chain
  • https://pixel-sync.sitescout.com/connectors/retargetly/usersync?redir=https%3A%2F%2Fapp.retargetly.com%2Fsync%3Fsid%3D%7BuserId%7D%26pid%3D23
  • https://app.retargetly.com/sync?sid=07e245da-4f06-492e-b7a4-be6d629de3b9-64debad1-5553&pid=23
68 B
544 B
Image
General
Full URL
https://app.retargetly.com/sync?sid=07e245da-4f06-492e-b7a4-be6d629de3b9-64debad1-5553&pid=23
Requested by
Host: api.retargetly.com
URL: https://api.retargetly.com/api?id=1473&src=0&url=https%3A%2F%2Fitsallinanutshell.com%2F&browserUrl=https%3A%2F%2Fads.us.e-planning.net%2Fuspd%2F1%2F%3Fct%3D1%26du%3Dhttps%253A%252F%252Fow.pubmatic.com%252Fsetuid%253Fbidder%253Deplanning%2526gdpr%253D%2526gdpr_consent%253D%2526gpp%253D%2526gpp_sid%253D%2526f%253Db%2526uid%253D%2524UID&ref=https%3A%2F%2Fads.us.e-planning.net%2Fuspd%2F1%2F%3Fct%3D1%26du%3Dhttps%253A%252F%252Fow.pubmatic.com%252Fsetuid%253Fbidder%253Deplanning%2526gdpr%253D%2526gdpr_consent%253D%2526gpp%253D%2526gpp_sid%253D%2526f%253Db%2526uid%253D%2524UID&utmz=&n=&md=&mk=&il=1&limit_drop=&userid=78336b01-a437-4a0a-bf26-d4ba6496aee6&fullVersionList=&platform=&_rlid=78336b01-a437-4a0a-bf26-d4ba6496aee6
Protocol
H2
Server
2606:4700:10::6816:108d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4443eccbe460b086b56483fdbfdaafca2c11c369a796a56c097997b15c160660

Request headers

accept-language
en-US,en;q=0.9
Referer
https://api.retargetly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 00:26:59 GMT
cf-cache-status
DYNAMIC
server
cloudflare
content-type
image/png
access-control-allow-origin
*
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
cache-control
no-cache
cf-ray
7f860744dca64bcf-BUF
expires
0

Redirect headers

pragma
no-cache
date
Fri, 18 Aug 2023 00:26:58 GMT
server
A
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://app.retargetly.com/sync?sid=07e245da-4f06-492e-b7a4-be6d629de3b9-64debad1-5553&pid=23
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
sync
app.retargetly.com/ Frame 9D1D
Redirect Chain
  • https://cms.analytics.yahoo.com/cms?partner_id=RTGLY
  • https://ups.analytics.yahoo.com/ups/58698/cms?partner_id=RTGLY
  • https://app.retargetly.com/sync?pid=22&sid=y-WcOhe2VE2oK49UY7J23mR6GdPZ06wbPG8JA-~A
68 B
490 B
Image
General
Full URL
https://app.retargetly.com/sync?pid=22&sid=y-WcOhe2VE2oK49UY7J23mR6GdPZ06wbPG8JA-~A
Requested by
Host: api.retargetly.com
URL: https://api.retargetly.com/api?id=1473&src=0&url=https%3A%2F%2Fitsallinanutshell.com%2F&browserUrl=https%3A%2F%2Fads.us.e-planning.net%2Fuspd%2F1%2F%3Fct%3D1%26du%3Dhttps%253A%252F%252Fow.pubmatic.com%252Fsetuid%253Fbidder%253Deplanning%2526gdpr%253D%2526gdpr_consent%253D%2526gpp%253D%2526gpp_sid%253D%2526f%253Db%2526uid%253D%2524UID&ref=https%3A%2F%2Fads.us.e-planning.net%2Fuspd%2F1%2F%3Fct%3D1%26du%3Dhttps%253A%252F%252Fow.pubmatic.com%252Fsetuid%253Fbidder%253Deplanning%2526gdpr%253D%2526gdpr_consent%253D%2526gpp%253D%2526gpp_sid%253D%2526f%253Db%2526uid%253D%2524UID&utmz=&n=&md=&mk=&il=1&limit_drop=&userid=78336b01-a437-4a0a-bf26-d4ba6496aee6&fullVersionList=&platform=&_rlid=78336b01-a437-4a0a-bf26-d4ba6496aee6
Protocol
H2
Server
2606:4700:10::6816:108d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4443eccbe460b086b56483fdbfdaafca2c11c369a796a56c097997b15c160660

Request headers

accept-language
en-US,en;q=0.9
Referer
https://api.retargetly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 00:26:58 GMT
cf-cache-status
DYNAMIC
server
cloudflare
content-type
image/png
access-control-allow-origin
*
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
cache-control
no-cache
cf-ray
7f8607452caf4bcf-BUF
expires
0

Redirect headers

location
https://app.retargetly.com/sync?pid=22&sid=y-WcOhe2VE2oK49UY7J23mR6GdPZ06wbPG8JA-~A
date
Fri, 18 Aug 2023 00:26:58 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.75
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
sync
app.retargetly.com/ Frame 9D1D
Redirect Chain
  • https://secure.adnxs.com/getuid?https://app.retargetly.com/sync?sid=$UID&pid=2
  • https://app.retargetly.com/sync?sid=4664318827337647392&pid=2
68 B
398 B
Image
General
Full URL
https://app.retargetly.com/sync?sid=4664318827337647392&pid=2
Requested by
Host: api.retargetly.com
URL: https://api.retargetly.com/api?id=1473&src=0&url=https%3A%2F%2Fitsallinanutshell.com%2F&browserUrl=https%3A%2F%2Fads.us.e-planning.net%2Fuspd%2F1%2F%3Fct%3D1%26du%3Dhttps%253A%252F%252Fow.pubmatic.com%252Fsetuid%253Fbidder%253Deplanning%2526gdpr%253D%2526gdpr_consent%253D%2526gpp%253D%2526gpp_sid%253D%2526f%253Db%2526uid%253D%2524UID&ref=https%3A%2F%2Fads.us.e-planning.net%2Fuspd%2F1%2F%3Fct%3D1%26du%3Dhttps%253A%252F%252Fow.pubmatic.com%252Fsetuid%253Fbidder%253Deplanning%2526gdpr%253D%2526gdpr_consent%253D%2526gpp%253D%2526gpp_sid%253D%2526f%253Db%2526uid%253D%2524UID&utmz=&n=&md=&mk=&il=1&limit_drop=&userid=78336b01-a437-4a0a-bf26-d4ba6496aee6&fullVersionList=&platform=&_rlid=78336b01-a437-4a0a-bf26-d4ba6496aee6
Protocol
H2
Server
2606:4700:10::6816:108d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4443eccbe460b086b56483fdbfdaafca2c11c369a796a56c097997b15c160660

Request headers

accept-language
en-US,en;q=0.9
Referer
https://api.retargetly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 00:26:58 GMT
cf-cache-status
DYNAMIC
server
cloudflare
content-type
image/png
access-control-allow-origin
*
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
cache-control
no-cache
cf-ray
7f860744dca74bcf-BUF
expires
0

Redirect headers

pragma
no-cache
date
Fri, 18 Aug 2023 00:26:58 GMT
an-x-request-uuid
50e1a205-4f37-4222-bb6c-c253a4ca4777
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://app.retargetly.com/sync?sid=4664318827337647392&pid=2
x-proxy-origin
96.9.249.38; 96.9.249.38; 797.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
app.retargetly.com/ Frame 9D1D
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3a%2f%2fapp.retargetly.com%2fsync%3fpid%3d14%26sid%3d%23PM_USER_ID
  • https://app.retargetly.com/sync?pid=14&sid=2A9490F3-08AC-45EE-95C7-6A357A3D2EFD
68 B
412 B
Image
General
Full URL
https://app.retargetly.com/sync?pid=14&sid=2A9490F3-08AC-45EE-95C7-6A357A3D2EFD
Requested by
Host: api.retargetly.com
URL: https://api.retargetly.com/api?id=1473&src=0&url=https%3A%2F%2Fitsallinanutshell.com%2F&browserUrl=https%3A%2F%2Fads.us.e-planning.net%2Fuspd%2F1%2F%3Fct%3D1%26du%3Dhttps%253A%252F%252Fow.pubmatic.com%252Fsetuid%253Fbidder%253Deplanning%2526gdpr%253D%2526gdpr_consent%253D%2526gpp%253D%2526gpp_sid%253D%2526f%253Db%2526uid%253D%2524UID&ref=https%3A%2F%2Fads.us.e-planning.net%2Fuspd%2F1%2F%3Fct%3D1%26du%3Dhttps%253A%252F%252Fow.pubmatic.com%252Fsetuid%253Fbidder%253Deplanning%2526gdpr%253D%2526gdpr_consent%253D%2526gpp%253D%2526gpp_sid%253D%2526f%253Db%2526uid%253D%2524UID&utmz=&n=&md=&mk=&il=1&limit_drop=&userid=78336b01-a437-4a0a-bf26-d4ba6496aee6&fullVersionList=&platform=&_rlid=78336b01-a437-4a0a-bf26-d4ba6496aee6
Protocol
H2
Server
2606:4700:10::6816:108d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4443eccbe460b086b56483fdbfdaafca2c11c369a796a56c097997b15c160660

Request headers

accept-language
en-US,en;q=0.9
Referer
https://api.retargetly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 00:26:58 GMT
cf-cache-status
DYNAMIC
server
cloudflare
content-type
image/png
access-control-allow-origin
*
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
cache-control
no-cache
cf-ray
7f860744dca84bcf-BUF
expires
0

Redirect headers

location
https://app.retargetly.com/sync?pid=14&sid=2A9490F3-08AC-45EE-95C7-6A357A3D2EFD
date
Fri, 18 Aug 2023 00:26:58 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
tpid=78336b01-a437-4a0a-bf26-d4ba6496aee6
bcp.crwdcntrl.net/map/c=11530/tp=RTRG/ Frame 9D1D
0
0
Image
General
Full URL
https://bcp.crwdcntrl.net/map/c=11530/tp=RTRG/tpid=78336b01-a437-4a0a-bf26-d4ba6496aee6
Requested by
Host: api.retargetly.com
URL: https://api.retargetly.com/api?id=1473&src=0&url=https%3A%2F%2Fitsallinanutshell.com%2F&browserUrl=https%3A%2F%2Fads.us.e-planning.net%2Fuspd%2F1%2F%3Fct%3D1%26du%3Dhttps%253A%252F%252Fow.pubmatic.com%252Fsetuid%253Fbidder%253Deplanning%2526gdpr%253D%2526gdpr_consent%253D%2526gpp%253D%2526gpp_sid%253D%2526f%253Db%2526uid%253D%2524UID&ref=https%3A%2F%2Fads.us.e-planning.net%2Fuspd%2F1%2F%3Fct%3D1%26du%3Dhttps%253A%252F%252Fow.pubmatic.com%252Fsetuid%253Fbidder%253Deplanning%2526gdpr%253D%2526gdpr_consent%253D%2526gpp%253D%2526gpp_sid%253D%2526f%253Db%2526uid%253D%2524UID&utmz=&n=&md=&mk=&il=1&limit_drop=&userid=78336b01-a437-4a0a-bf26-d4ba6496aee6&fullVersionList=&platform=&_rlid=78336b01-a437-4a0a-bf26-d4ba6496aee6
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.238.96.3 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-238-96-3.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://api.retargetly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

sync
sync.teads.tv/rt/ Frame 9D1D
2 B
153 B
Image
General
Full URL
https://sync.teads.tv/rt/sync?vid=78336b01-a437-4a0a-bf26-d4ba6496aee6&gdpr=0&us_privacy=%221-N-%22
Requested by
Host: api.retargetly.com
URL: https://api.retargetly.com/api?id=1473&src=0&url=https%3A%2F%2Fitsallinanutshell.com%2F&browserUrl=https%3A%2F%2Fads.us.e-planning.net%2Fuspd%2F1%2F%3Fct%3D1%26du%3Dhttps%253A%252F%252Fow.pubmatic.com%252Fsetuid%253Fbidder%253Deplanning%2526gdpr%253D%2526gdpr_consent%253D%2526gpp%253D%2526gpp_sid%253D%2526f%253Db%2526uid%253D%2524UID&ref=https%3A%2F%2Fads.us.e-planning.net%2Fuspd%2F1%2F%3Fct%3D1%26du%3Dhttps%253A%252F%252Fow.pubmatic.com%252Fsetuid%253Fbidder%253Deplanning%2526gdpr%253D%2526gdpr_consent%253D%2526gpp%253D%2526gpp_sid%253D%2526f%253Db%2526uid%253D%2524UID&utmz=&n=&md=&mk=&il=1&limit_drop=&userid=78336b01-a437-4a0a-bf26-d4ba6496aee6&fullVersionList=&platform=&_rlid=78336b01-a437-4a0a-bf26-d4ba6496aee6
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
72.247.69.164 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a72-247-69-164.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.10 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://api.retargetly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

expires
Fri, 18 Aug 2023 00:26:58 GMT
pragma
no-cache
date
Fri, 18 Aug 2023 00:26:58 GMT
cache-control
max-age=0, no-cache, no-store
server
akka-http/10.2.10
content-length
2
content-type
text/plain; charset=UTF-8
sync
app.retargetly.com/ Frame 9D1D
Redirect Chain
  • https://sync.smartadserver.com/getuid?gdpr=0&url=https%3A%2F%2Fapp.retargetly.com%2Fsync%3Fsid%3D%5Bsas_uid%5D%26pid%3D63
  • https://sync.smartadserver.com/getuid?gdpr=0&url=https://app.retargetly.com/sync?sid=[sas_uid]&pid=63&cklb=1
  • https://app.retargetly.com/sync?sid=8367935734482287302
68 B
124 B
Image
General
Full URL
https://app.retargetly.com/sync?sid=8367935734482287302
Requested by
Host: api.retargetly.com
URL: https://api.retargetly.com/api?id=1473&src=0&url=https%3A%2F%2Fitsallinanutshell.com%2F&browserUrl=https%3A%2F%2Fads.us.e-planning.net%2Fuspd%2F1%2F%3Fct%3D1%26du%3Dhttps%253A%252F%252Fow.pubmatic.com%252Fsetuid%253Fbidder%253Deplanning%2526gdpr%253D%2526gdpr_consent%253D%2526gpp%253D%2526gpp_sid%253D%2526f%253Db%2526uid%253D%2524UID&ref=https%3A%2F%2Fads.us.e-planning.net%2Fuspd%2F1%2F%3Fct%3D1%26du%3Dhttps%253A%252F%252Fow.pubmatic.com%252Fsetuid%253Fbidder%253Deplanning%2526gdpr%253D%2526gdpr_consent%253D%2526gpp%253D%2526gpp_sid%253D%2526f%253Db%2526uid%253D%2524UID&utmz=&n=&md=&mk=&il=1&limit_drop=&userid=78336b01-a437-4a0a-bf26-d4ba6496aee6&fullVersionList=&platform=&_rlid=78336b01-a437-4a0a-bf26-d4ba6496aee6
Protocol
H2
Server
2606:4700:10::6816:108d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4443eccbe460b086b56483fdbfdaafca2c11c369a796a56c097997b15c160660

Request headers

accept-language
en-US,en;q=0.9
Referer
https://api.retargetly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 00:26:58 GMT
cf-cache-status
DYNAMIC
server
cloudflare
content-type
image/png
access-control-allow-origin
*
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
cache-control
no-cache
cf-ray
7f860745dcbc4bcf-BUF
expires
0

Redirect headers

location
https://app.retargetly.com/sync?sid=8367935734482287302
date
Fri, 18 Aug 2023 00:26:58 GMT
content-length
0
getuid
sync.smartadserver.com/ Frame 9D1D
Redirect Chain
  • https://sync.smartadserver.com/getuid?gdpr=0&url=https%3A%2F%2Fapp.retargetly.com%2Fsync%3Fpid%3D74%26sid%3D%5Bsas_uid%5D
  • https://sync.smartadserver.com/getuid?gdpr=0&url=https://app.retargetly.com/sync?pid=74&sid=[sas_uid]&cklb=1
0
75 B
Image
General
Full URL
https://sync.smartadserver.com/getuid?gdpr=0&url=https://app.retargetly.com/sync?pid=74&sid=[sas_uid]&cklb=1
Requested by
Host: api.retargetly.com
URL: https://api.retargetly.com/api?id=1473&src=0&url=https%3A%2F%2Fitsallinanutshell.com%2F&browserUrl=https%3A%2F%2Fads.us.e-planning.net%2Fuspd%2F1%2F%3Fct%3D1%26du%3Dhttps%253A%252F%252Fow.pubmatic.com%252Fsetuid%253Fbidder%253Deplanning%2526gdpr%253D%2526gdpr_consent%253D%2526gpp%253D%2526gpp_sid%253D%2526f%253Db%2526uid%253D%2524UID&ref=https%3A%2F%2Fads.us.e-planning.net%2Fuspd%2F1%2F%3Fct%3D1%26du%3Dhttps%253A%252F%252Fow.pubmatic.com%252Fsetuid%253Fbidder%253Deplanning%2526gdpr%253D%2526gdpr_consent%253D%2526gpp%253D%2526gpp_sid%253D%2526f%253Db%2526uid%253D%2524UID&utmz=&n=&md=&mk=&il=1&limit_drop=&userid=78336b01-a437-4a0a-bf26-d4ba6496aee6&fullVersionList=&platform=&_rlid=78336b01-a437-4a0a-bf26-d4ba6496aee6
Protocol
HTTP/1.1
Server
216.22.16.8 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://api.retargetly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 00:26:58 GMT
content-length
0

Redirect headers

location
https://sync.smartadserver.com:443/getuid?gdpr=0&url=https://app.retargetly.com/sync?pid=74&sid=[sas_uid]&cklb=1
pragma
no-cache
date
Fri, 18 Aug 2023 00:26:58 GMT
cache-control
no-cache,no-store
content-length
0
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
sync
app.retargetly.com/ Frame 9D1D
Redirect Chain
  • https://retargetly-match.dotomi.com/match/bounce/current?networkId=95012&version=1&nuid=78336b01-a437-4a0a-bf26-d4ba6496aee6
  • https://retargetly-match.dotomi.com/match/bounce/current?DotomiTest=39ca538047d513b5&is_secure=true&networkId=95012&version=1&nuid=78336b01-a437-4a0a-bf26-d4ba6496aee6
  • https://app.retargetly.com/sync?pid=72&sid=AAAMgnEOI-_aeQMfHxq0AAAAAAA&expiration=1692404818&nuid=78336b01-a437-4a0a-bf26-d4ba6496aee6&is_secure=true
68 B
405 B
Image
General
Full URL
https://app.retargetly.com/sync?pid=72&sid=AAAMgnEOI-_aeQMfHxq0AAAAAAA&expiration=1692404818&nuid=78336b01-a437-4a0a-bf26-d4ba6496aee6&is_secure=true
Requested by
Host: api.retargetly.com
URL: https://api.retargetly.com/api?id=1473&src=0&url=https%3A%2F%2Fitsallinanutshell.com%2F&browserUrl=https%3A%2F%2Fads.us.e-planning.net%2Fuspd%2F1%2F%3Fct%3D1%26du%3Dhttps%253A%252F%252Fow.pubmatic.com%252Fsetuid%253Fbidder%253Deplanning%2526gdpr%253D%2526gdpr_consent%253D%2526gpp%253D%2526gpp_sid%253D%2526f%253Db%2526uid%253D%2524UID&ref=https%3A%2F%2Fads.us.e-planning.net%2Fuspd%2F1%2F%3Fct%3D1%26du%3Dhttps%253A%252F%252Fow.pubmatic.com%252Fsetuid%253Fbidder%253Deplanning%2526gdpr%253D%2526gdpr_consent%253D%2526gpp%253D%2526gpp_sid%253D%2526f%253Db%2526uid%253D%2524UID&utmz=&n=&md=&mk=&il=1&limit_drop=&userid=78336b01-a437-4a0a-bf26-d4ba6496aee6&fullVersionList=&platform=&_rlid=78336b01-a437-4a0a-bf26-d4ba6496aee6
Protocol
H2
Server
2606:4700:10::6816:108d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4443eccbe460b086b56483fdbfdaafca2c11c369a796a56c097997b15c160660

Request headers

accept-language
en-US,en;q=0.9
Referer
https://api.retargetly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 00:26:58 GMT
cf-cache-status
DYNAMIC
server
cloudflare
content-type
image/png
access-control-allow-origin
*
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
cache-control
no-cache
cf-ray
7f8607450cac4bcf-BUF
expires
0

Redirect headers

pragma
no-cache
date
Fri, 18 Aug 2023 00:26:58 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://app.retargetly.com/sync?pid=72&sid=AAAMgnEOI-_aeQMfHxq0AAAAAAA&expiration=1692404818&nuid=78336b01-a437-4a0a-bf26-d4ba6496aee6&is_secure=true
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
envelope
lexicon.33across.com/v1/
Redirect Chain
  • https://lexicon.33across.com/v1/envelope?pid=0010b00002MpnPqAAJ&gdpr=0&src=pbjs&ver=7.39.0
  • https://lexicon.33across.com/v1/envelope?pid=0010b00002MpnPqAAJ&gdpr=0&src=pbjs&ver=7.39.0&b=1&g=6r4QEqcAd%2BpPXbfYRYUG6fMePU%2FE40E99828Fje%2BW64%3D
42 B
138 B
XHR
General
Full URL
https://lexicon.33across.com/v1/envelope?pid=0010b00002MpnPqAAJ&gdpr=0&src=pbjs&ver=7.39.0&b=1&g=6r4QEqcAd%2BpPXbfYRYUG6fMePU%2FE40E99828Fje%2BW64%3D
Protocol
H2
Server
2600:1901:0:8344:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
435b1ece4a55f4f8d06866b32c1aee3cc4661eb905265894795f15a57bf1b33d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://itsallinanutshell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 00:26:58 GMT
via
1.1 google
vary
origin
content-type
application/json
access-control-allow-origin
https://itsallinanutshell.com
cache-control
private, must-revalidate, max-age=28800
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

date
Fri, 18 Aug 2023 00:26:58 GMT
via
1.1 google
referrer-policy
unsafe-url
vary
origin
access-control-allow-origin
https://itsallinanutshell.com
location
https://lexicon.33across.com/v1/envelope?pid=0010b00002MpnPqAAJ&gdpr=0&src=pbjs&ver=7.39.0&b=1&g=6r4QEqcAd%2BpPXbfYRYUG6fMePU%2FE40E99828Fje%2BW64%3D
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Sat, 26 Jul 1997 05:00:00 GMT
29210
prebid.a-mo.net/cchain/7/
Redirect Chain
  • https://prebid.a-mo.net/cchain/0?gdpr=&us_privacy=&cb=https%3A%2F%2Fow.pubmatic.com%2Fsetuid%3Fbidder%3Damx%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Di%26uid%3D
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F0%2F29210%3Fgdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26us_privacy%3D%26A%3Ddeea23f1-5e51-43c2-b40a-cd2cb26ce7ab%26bidder%...
  • https://prebid.a-mo.net/cchain/0/29210?gdpr=&gdpr_consent=&gpp=&gpp_sid=&us_privacy=&A=deea23f1-5e51-43c2-b40a-cd2cb26ce7ab&bidder=appnexus&cbx=aHR0cHM6Ly9vdy5wdWJtYXRpYy5jb20vc2V0dWlkP2JpZGRlcj1hb...
  • https://rtb.openx.net/sync/prebid?&gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F1%2F29210%3Fgdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26us_privacy%3D%26A%3Ddeea...
  • https://prebid.a-mo.net/cchain/1/29210?gdpr=&gdpr_consent=&gpp=&gpp_sid=&us_privacy=&A=deea23f1-5e51-43c2-b40a-cd2cb26ce7ab&bidder=openx&cbx=aHR0cHM6Ly9vdy5wdWJtYXRpYy5jb20vc2V0dWlkP2JpZGRlcj1hbXgm...
  • https://image8.pubmatic.com/AdServer/ImgSync?p=158355&gdpr=0&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D158355%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fprebid.a-mo....
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=4664318827337647392
  • https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:e19bc275-ed28-476b-a3ee-6e4401a63d4c&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
  • https://image4.pubmatic.com/AdServer/SPug?gdpr=0&p=158355&pmc=1&pr=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F2%2F29210%3Fgdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26us_privacy%3D%26A%3Ddeea23f...
  • https://prebid.a-mo.net/cchain/2/29210?gdpr=&gdpr_consent=&gpp=&gpp_sid=&us_privacy=&A=deea23f1-5e51-43c2-b40a-cd2cb26ce7ab&bidder=pubmatic&cbx=aHR0cHM6Ly9vdy5wdWJtYXRpYy5jb20vc2V0dWlkP2JpZGRlcj1hb...
  • https://ssum.casalemedia.com/usermatchredir?s=191503&gdpr=0&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F3%2F29210%3Fgdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26us_pr...
  • https://prebid.a-mo.net/cchain/3/29210?gdpr=&gdpr_consent=&gpp=&gpp_sid=&us_privacy=&A=deea23f1-5e51-43c2-b40a-cd2cb26ce7ab&bidder=index_rtb&cbx=aHR0cHM6Ly9vdy5wdWJtYXRpYy5jb20vc2V0dWlkP2JpZGRlcj1h...
  • https://ap.lijit.com/pixel?&gdpr=0&gdpr_consent=&us_privacy=&redir=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F6%2F29210%3Fgdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26us_privacy%3D%26A%3Ddeea23f...
  • https://prebid.a-mo.net/cchain/6/29210?gdpr=&gdpr_consent=&gpp=&gpp_sid=&us_privacy=&A=deea23f1-5e51-43c2-b40a-cd2cb26ce7ab&bidder=sovrn&cbx=aHR0cHM6Ly9vdy5wdWJtYXRpYy5jb20vc2V0dWlkP2JpZGRlcj1hbXgm...
  • https://id.a-mx.com/u?&gdpr=0&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F7%2F29210%3Fgdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26us_privacy%3D%26A%3Ddeea23f1-5e51-4...
  • https://prebid.a-mo.net/cchain/7/29210?gdpr=&gdpr_consent=&gpp=&gpp_sid=&us_privacy=&A=deea23f1-5e51-43c2-b40a-cd2cb26ce7ab&bidder=amx_com&cbx=aHR0cHM6Ly9vdy5wdWJtYXRpYy5jb20vc2V0dWlkP2JpZGRlcj1hbX...
0
0

army.gif
itsallinanutshell.com/porpoiseant/
0
62 B
Ping
General
Full URL
https://itsallinanutshell.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNDE2NTAzOTExNTU5MzI4NiIsImRvbWFpbl9pZCI6IjQ5Njk5NiIsInVuaXQiOiJpdHNhbGxpbmFudXRzaGVsbF9jb20tcGl4ZWwxIiwidF9lcG9jaCI6MTY5MjMxODQxNCwiYWRfcG9zaXRpb24iOjk5OTksImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJVUyIsInBhZ2V2aWV3X2lkIjoiYjY0ZmQxZWQtZGQzYy00OGUzLTQ1NmUtNTQ1ZWFlNThjODE1IiwiY29tcF9pZCI6bnVsbCwibGluZV9pdGVtX2lkIjowLCJjcmVhdGl2ZV9pZCI6MCwiZGF0YSI6W3sibmFtZSI6ImZpbGxlZF9zaXplIiwidmFsIjoiWzE2MDAsMTIwMF0ifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6IjQxNjUwMzkxMTU1OTMyODYiLCJkb21haW5faWQiOiI0OTY5OTYiLCJ1bml0IjoiaXRzYWxsaW5hbnV0c2hlbGxfY29tLXBpeGVsMSIsInRfZXBvY2giOjE2OTIzMTg0MTQsImFkX3Bvc2l0aW9uIjo5OTk5LCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiVVMiLCJwYWdldmlld19pZCI6ImI2NGZkMWVkLWRkM2MtNDhlMy00NTZlLTU0NWVhZTU4YzgxNSIsImNvbXBfaWQiOm51bGwsImxpbmVfaXRlbV9pZCI6MCwiY3JlYXRpdmVfaWQiOjAsImRhdGEiOlt7Im5hbWUiOiJmaWxsZWRfZmx1aWQiLCJ2YWwiOiJmYWxzZSJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNDE2NTAzOTExNTU5MzI4NiIsImRvbWFpbl9pZCI6IjQ5Njk5NiIsInVuaXQiOiJpdHNhbGxpbmFudXRzaGVsbF9jb20tcGl4ZWwxIiwidF9lcG9jaCI6MTY5MjMxODQxNCwiYWRfcG9zaXRpb24iOjk5OTksImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJVUyIsInBhZ2V2aWV3X2lkIjoiYjY0ZmQxZWQtZGQzYy00OGUzLTQ1NmUtNTQ1ZWFlNThjODE1IiwiY29tcF9pZCI6bnVsbCwibGluZV9pdGVtX2lkIjowLCJjcmVhdGl2ZV9pZCI6MCwiZGF0YSI6W3sibmFtZSI6ImRvbWFpbl9kZnBfc3R5bGVfaWQiLCJ2YWwiOiJ1bmRlZmluZWQifV0sImlzX29yaWciOmZhbHNlfV0=
Requested by
Host: www.ezojs.com
URL: https://www.ezojs.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-17y07-2y1e-7y0b-6y0d-27y13-4y16-3y18-4y1c-5y21-4y22-1y25-2y24-5y26-3y29-72y2c-158y30-176y34-4y36-21y3a-12y3b-6y59-2y5d-22&cmbcb=178&sj=x04x02x06x07x1ex0bx0dx13x16x18x1cx21x22x25x24x26x29x2cx30x34x36x3ax3bx59x5d&abt=EdgeHostDomain
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1f10:4c55:e23f:afb4:7f32:3aa4:fbc Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://itsallinanutshell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

access-control-allow-origin
https://itsallinanutshell.com
x-middleton-display
ezp_sol
date
Fri, 18 Aug 2023 00:26:59 GMT
cache-control
private, max-age=0, must-revalidate, no-cache, no-store
vary
Accept-Encoding
expires
Thu, 17 Aug 2023 00:26:59 GMT
localstore.js
script.4dex.io/
4 KB
2 KB
Script
General
Full URL
https://script.4dex.io/localstore.js
Requested by
Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?cb=195-0-60
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:8a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
19037f548c23b16f66ac2e1cede1fe5bdc253589a37bd985334ca3adedd110dc

Request headers

accept-language
en-US,en;q=0.9
Referer
https://itsallinanutshell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date
Fri, 18 Aug 2023 00:26:59 GMT
Content-Encoding
br
CF-Cache-Status
HIT
Last-Modified
Fri, 11 Aug 2023 11:58:31 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Age
563262
ETag
W/"7a2ddf8932b862ed5d75aa7b27e3f8c1"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nBXx5WRD7C104YVM5CQrt9yzgEWTl1%2Fe3ANUPL%2BsaHnDRhX9GiH9ZlptHeDL806bSF9L8LnekBm4ceIIOAOoXy1y8EP3Oc56jFgZ56aHRt2GBtTeLsC7hrkNJhfqv7EqboOURWjp9JjWKpfT"}],"group":"cf-nel","max_age":604800}
Cache-Control
public, max-age=1800
Connection
keep-alive
CF-RAY
7f86074aedb64bbb-BUF
v1
btlr.sharethrough.com/universal/
791 B
755 B
XHR
General
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?cb=195-0-60
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.237.83.209 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-237-83-209.compute-1.amazonaws.com
Software
/
Resource Hash
cd3a8b850696ce72310a597cbd004321d1d395426d0ffa14298b53ea058bb521

Request headers

Referer
https://itsallinanutshell.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 18 Aug 2023 00:26:59 GMT
content-encoding
gzip
x-openrtb-version
2.5
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://itsallinanutshell.com
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
442
v1
btlr.sharethrough.com/universal/
607 B
575 B
XHR
General
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?cb=195-0-60
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.237.83.209 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-237-83-209.compute-1.amazonaws.com
Software
/
Resource Hash
865d0fd4e9a531eeff3238f8f7f2a4f4da2e260cb1d541c686c98798e9c1eb52

Request headers

Referer
https://itsallinanutshell.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 18 Aug 2023 00:26:59 GMT
content-encoding
gzip
x-openrtb-version
2.5
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://itsallinanutshell.com
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
422
v1
btlr.sharethrough.com/universal/
541 B
525 B
XHR
General
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?cb=195-0-60
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.237.83.209 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-237-83-209.compute-1.amazonaws.com
Software
/
Resource Hash
7220842eba5770f3302f9705541e1e679bb12db1f78a561ce89fb55a095d64c1

Request headers

Referer
https://itsallinanutshell.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 18 Aug 2023 00:26:59 GMT
content-encoding
gzip
x-openrtb-version
2.5
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://itsallinanutshell.com
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
371
v1
btlr.sharethrough.com/universal/
533 B
561 B
XHR
General
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?cb=195-0-60
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.237.83.209 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-237-83-209.compute-1.amazonaws.com
Software
/
Resource Hash
29240ede0f8caf3a8ee8c2f48d1848dd98f9ecd6445c287376398e7e75b01eb4

Request headers

Referer
https://itsallinanutshell.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 18 Aug 2023 00:26:59 GMT
content-encoding
gzip
x-openrtb-version
2.5
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://itsallinanutshell.com
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
407
v1
hb-api.omnitagjs.com/hb-api/prebid/
711 B
1 KB
XHR
General
Full URL
https://hb-api.omnitagjs.com/hb-api/prebid/v1?RefererUrl=https%3A%2F%2Fitsallinanutshell.com%2F&PageUrl=https%3A%2F%2Fitsallinanutshell.com%2F&PageReferrer=https%3A%2F%2Fitsallinanutshell.com%2F&CanonicalUrl=https%3A%2F%2Fitsallinanutshell.com%2F
Requested by
Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?cb=195-0-60
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
195.244.31.10 Newark, United States, ASN63140 (IGUANA-WORLDWIDE, US),
Reverse DNS
Software
ayl-lb-usa02 /
Resource Hash
c582d92fe960964510837aec55f5e72ffb20c2bac59ffb98ea0e93f2aa900682
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://itsallinanutshell.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 18 Aug 2023 00:26:59 GMT
x-content-type-options
nosniff
p3p
CP="CAO PSA OUR"
x-envoy-upstream-service-time
51
content-length
711
pragma
no-cache
server
ayl-lb-usa02
access-control-max-age
3600
access-control-allow-methods
OPTIONS, POST
content-type
application/json; charset=utf-8
access-control-allow-origin
https://itsallinanutshell.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Accept-Encoding
access-control-allow-headers
Accept-Encoding, Content-Type
expires
0
cdb
bidder.criteo.com/
0
200 B
XHR
General
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=36&wv=7.54.0&cb=89039940078&lsavail=1
Requested by
Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?cb=195-0-60
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::18 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://itsallinanutshell.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://itsallinanutshell.com
date
Fri, 18 Aug 2023 00:26:59 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
prebid
ads.yieldmo.com/exchange/
16 KB
8 KB
XHR
General
Full URL
https://ads.yieldmo.com/exchange/prebid?pbav=7.54.0&p=%5B%7B%22placement_id%22%3A%22div-gpt-ad-itsallinanutshell_com-edge-2-0%22%2C%22callback_id%22%3A%221714153cc29c8ab%22%2C%22sizes%22%3A%5B%5B160%2C600%5D%5D%2C%22ym_placement_id%22%3A%223226420080287883314%22%2C%22gpid%22%3A%22div-gpt-ad-itsallinanutshell_com-edge-2-0%22%2C%22tid%22%3A%22dc040f35-aac4-4e05-adf3-65fb7ff3c89f%22%2C%22auctionId%22%3A%22e91119c5-5534-4490-83a8-e41a3912ce92%22%7D%2C%7B%22placement_id%22%3A%22div-gpt-ad-itsallinanutshell_com-edge-1-0%22%2C%22callback_id%22%3A%22188bed13c2c0746%22%2C%22sizes%22%3A%5B%5B160%2C600%5D%5D%2C%22ym_placement_id%22%3A%223226420080287883314%22%2C%22gpid%22%3A%22div-gpt-ad-itsallinanutshell_com-edge-1-0%22%2C%22tid%22%3A%229dab0774-be17-4380-a609-a029f71ebb25%22%2C%22auctionId%22%3A%22e91119c5-5534-4490-83a8-e41a3912ce92%22%7D%2C%7B%22placement_id%22%3A%22div-gpt-ad-itsallinanutshell_com-medrectangle-4-0%22%2C%22callback_id%22%3A%2219a824ca6fb9556%22%2C%22sizes%22%3A%5B%5B336%2C280%5D%5D%2C%22ym_placement_id%22%3A%223226420080287883314%22%2C%22gpid%22%3A%22div-gpt-ad-itsallinanutshell_com-medrectangle-4-0%22%2C%22tid%22%3A%2266e530b7-d4db-4b31-9efd-15496655eea5%22%2C%22auctionId%22%3A%22e91119c5-5534-4490-83a8-e41a3912ce92%22%7D%2C%7B%22placement_id%22%3A%22div-gpt-ad-itsallinanutshell_com-medrectangle-2-0%22%2C%22callback_id%22%3A%222084e1594e51225%22%2C%22sizes%22%3A%5B%5B728%2C90%5D%5D%2C%22ym_placement_id%22%3A%223226420080287883314%22%2C%22gpid%22%3A%22div-gpt-ad-itsallinanutshell_com-medrectangle-2-0%22%2C%22tid%22%3A%22b95d587a-7548-45ba-89a5-a2d826c6e81e%22%2C%22auctionId%22%3A%22e91119c5-5534-4490-83a8-e41a3912ce92%22%7D%5D&page_url=https%3A%2F%2Fitsallinanutshell.com%2F&bust=1692318419568&dnt=false&description=WELCOME%20TO%20IT%27S%20ALL%20IN%20A%20NUTSHELL%20BLOG%20to%20love%20is%20to%20live%20is%20to%20crochet%20-%20Esther%20MOST%20RECENT%20DESIGNS%20FEATURED%20DESIGNS&userConsent=%7B%22gdprApplies%22%3A%22%22%2C%22cmp%22%3A%22%22%2C%22gpp%22%3A%22%22%2C%22gpp_sid%22%3A%5B%5D%7D&us_privacy=1---&pr=&scrd=1&title=It%27s%20all%20in%20a%20Nutshell%20Crochet%20%E2%80%93%20love%20%E2%80%93%20live%20%E2%80%93%20crochet&w=1600&h=1200&pubcid=91aff593-0a19-498a-8163-00204e0c2efd&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22ezoic.co.uk%22%2C%22sid%22%3A%226486cc5adc6e0ec84e809879a9b6e1ac%22%2C%22domain%22%3A%22itsallinanutshell.com%22%2C%22hp%22%3A1%7D%5D%7D&eids=%5B%7B%22source%22%3A%22quantcast.com%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22P0-1871011114-1692318415145%22%2C%22atype%22%3A1%7D%5D%7D%2C%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%2291aff593-0a19-498a-8163-00204e0c2efd%22%2C%22atype%22%3A1%7D%5D%7D%5D
Requested by
Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?cb=195-0-60
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.173.48.72 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-173-48-72.compute-1.amazonaws.com
Software
/
Resource Hash
4f54bc7e9e40bc5b67e8e5f1a19c649d88b73ac555e1171231f4913a4cef7c35

Request headers

Referer
https://itsallinanutshell.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 00:26:59 GMT
content-encoding
gzip
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
vary
accept-encoding
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://itsallinanutshell.com
access-control-allow-credentials
true
access-control-request-headers
Cache-Control, Pragma
prebid-request
onetag-sys.com/
15 B
368 B
XHR
General
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?cb=195-0-60
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.222.39.185 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip185.ip-51-222-39.net
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://itsallinanutshell.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
content-type
application/json
access-control-allow-origin
https://itsallinanutshell.com
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control
no-transform, no-cache
access-control-allow-credentials
true
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
script.js
cadmus.script.ac/dahhc4ozyvjm6/
3 B
435 B
Script
General
Full URL
https://cadmus.script.ac/dahhc4ozyvjm6/script.js
Requested by
Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1791 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
101ead936a2281d53dcc064b7e2a2ab0d53b92ef3ef7b34b668673007895c860

Request headers

accept-language
en-US,en;q=0.9
Referer
https://itsallinanutshell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 00:26:59 GMT
last-modified
Thu, 17 Aug 2023 17:39:09 GMT
server
cloudflare
age
0
etag
W/"122bf353368c994af4b4828f915140a379345522"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public,max-age=600,stale-while-revalidate=3600,stale-if-error=86400
cf-ray
7f86074ccca74bd5-BUF
content-length
3
adagio.js
script.4dex.io/
75 KB
24 KB
Fetch
General
Full URL
https://script.4dex.io/adagio.js
Requested by
Host: www.ezojs.com
URL: https://www.ezojs.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-17y07-2y1e-7y0b-6y0d-27y13-4y16-3y18-4y1c-5y21-4y22-1y25-2y24-5y26-3y29-72y2c-158y30-176y34-4y36-21y3a-12y3b-6y59-2y5d-22&cmbcb=178&sj=x04x02x06x07x1ex0bx0dx13x16x18x1cx21x22x25x24x26x29x2cx30x34x36x3ax3bx59x5d&abt=EdgeHostDomain
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:8a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
773ef390c0650fce7fe2832f5427c428f943a630c21f166a316384937006720f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://itsallinanutshell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date
Fri, 18 Aug 2023 00:27:00 GMT
Content-Encoding
br
CF-Cache-Status
MISS
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Transfer-Encoding
chunked
Connection
keep-alive
Last-Modified
Fri, 11 Aug 2023 11:58:31 GMT
Server
cloudflare
ETag
W/"9d36e722f929b1726cf2a9cba00af489"
Vary
Origin, Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cV4fIfCtvdBp79u5DtOrtfGZlgsnhKQUtpF%2Fd5%2BL2qYPZVPQCq3RlnFS0U01xWH2aX2h6u6SK9diT7hcryCO2maIUs%2BTpfZfVlba8LZLAsdNTpu80n4ZHtIVNX1iPl94ln0S%2BIMeMzNdSNaa"}],"group":"cf-nel","max_age":604800}
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Cache-Control
public, max-age=1800
CF-RAY
7f86074b98974bd2-BUF
/
onetag-sys.com/usync/ Frame 992D
2 KB
870 B
Document
General
Full URL
https://onetag-sys.com/usync/?redir=https%3A%2F%2Fow.pubmatic.com%2Fsetuid%3Fbidder%3Donetag%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24%7BUSER_TOKEN%7D&gdpr=&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/162833/9311/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.222.39.185 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip185.ip-51-222-39.net
Software
/
Resource Hash
ec9fe4d0ced38987b5b20c2b8431e541cdf946f422f2130435f02487d06f8283
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://itsallinanutshell.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-transform, no-cache
content-encoding
gzip
content-length
787
content-type
text/html
strict-transport-security
max-age=15552000
setuid
ow.pubmatic.com/ Frame 992D
0
419 B
Image
General
Full URL
https://ow.pubmatic.com/setuid?bidder=onetag&gdpr=&gdpr_consent=&gpp=&gpp_sid=&f=b&uid=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?redir=https%3A%2F%2Fow.pubmatic.com%2Fsetuid%3Fbidder%3Donetag%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24%7BUSER_TOKEN%7D&gdpr=&gdpr_consent=&us_privacy=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.123 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 00:26:59 GMT
content-length
0
content-type
text/html
bluemonkey.gif
itsallinanutshell.com/detroitchicago/
43 B
250 B
XHR
General
Full URL
https://itsallinanutshell.com/detroitchicago/bluemonkey.gif?e=eyJhZHZlcnRpc2VyX2RvbWFpbnMiOiIiLCJmcm9tX2NhY2hlIjowLCJwYWdldmlld19pZCI6ImI2NGZkMWVkLWRkM2MtNDhlMy00NTZlLTU0NWVhZTU4YzgxNSIsImF1Y3Rpb25faWQiOiJlOTExMTljNS01NTM0LTQ0OTAtODNhOC1lNDFhMzkxMmNlOTIiLCJhZF91bml0X2NvZGUiOiJkaXYtZ3B0LWFkLWl0c2FsbGluYW51dHNoZWxsX2NvbS1lZGdlLTItMCIsImFkYXB0ZXJfY29kZSI6InlpZWxkbW8iLCJvcmlnaW5hbF9jcG0iOjAuMDM5NzgsImNwbSI6MC4wMzk3OCwiYWRqdXN0bWVudCI6MSwibWVkaWFfdHlwZSI6ImRpc3BsYXkiLCJ0aW1lX3RvX3Jlc3BvbmQiOjIwOSwicmVzcG9uc2Vfc2l6ZSI6IjE2MHg2MDAiLCJyZXF1ZXN0X3NpemUiOiIxNjB4NjAwIiwiZG9tYWluX2lkIjo0OTY5OTYsImZvcm1fZmFjdG9yX2lkIjoxLCJwb3NpdGlvbl90eXBlIjozOSwic3RhdF9zb3VyY2VfaWQiOjExMzE1LCJyZWZyZXNoX2NvdW50IjowLCJzb3VyY2UiOiJjbGllbnQiLCJhYl90ZXN0X2lkIjoibW9kMTMifQ==
Requested by
Host: www.ezojs.com
URL: https://www.ezojs.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-17y07-2y1e-7y0b-6y0d-27y13-4y16-3y18-4y1c-5y21-4y22-1y25-2y24-5y26-3y29-72y2c-158y30-176y34-4y36-21y3a-12y3b-6y59-2y5d-22&cmbcb=178&sj=x04x02x06x07x1ex0bx0dx13x16x18x1cx21x22x25x24x26x29x2cx30x34x36x3ax3bx59x5d&abt=EdgeHostDomain
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1f10:4c55:e23f:afb4:7f32:3aa4:fbc Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache/2.4.39 (Ubuntu) /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://itsallinanutshell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 00:26:59 GMT
content-encoding
br
server
Apache/2.4.39 (Ubuntu)
access-control-max-age
1728000
access-control-allow-methods
GET, POST, PUT, OPTIONS
content-type
image/gif
access-control-allow-origin
https://itsallinanutshell.com
x-middleton-display
imp_sol
cache-control
private, max-age=0, must-revalidate, no-cache, no-store
access-control-allow-credentials
true
vary
Accept-Encoding,Origin,Access-Control-Request-Method,Access-Control-Request-Headers
access-control-allow-headers
Content-Type
content-length
49
expires
Thu, 17 Aug 2023 00:26:59 GMT
usermatch
ssum-sec.casalemedia.com/ Frame A862
2 KB
2 KB
Document
General
Full URL
https://ssum-sec.casalemedia.com/usermatch?s=184674&gdpr=&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fow.pubmatic.com%2Fsetuid%3Fbidder%3Dix%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/162833/9311/pwt.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
247e402c1d9149f1443f3c5a92ea35c0897ae5ad6c61d8629cd5dc5b3a30597c

Request headers

Referer
https://itsallinanutshell.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
no-cache
Connection
Keep-Alive
Content-Length
1742
Content-Type
text/html
Date
Fri, 18 Aug 2023 00:27:00 GMT
Expires
0
Keep-Alive
timeout=1, max=500
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma
no-cache
Server
Apache
e-202333.js
itsallinanutshell.com/ezossp/https/stats.wp.com/
7 KB
3 KB
Script
General
Full URL
https://itsallinanutshell.com/ezossp/https/stats.wp.com/e-202333.js?screx=1&sxcb=1a
Requested by
Host: www.ezojs.com
URL: https://www.ezojs.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-17y07-2y1e-7y0b-6y0d-27y13-4y16-3y18-4y1c-5y21-4y22-1y25-2y24-5y26-3y29-72y2c-158y30-176y34-4y36-21y3a-12y3b-6y59-2y5d-22&cmbcb=178&sj=x04x02x06x07x1ex0bx0dx13x16x18x1cx21x22x25x24x26x29x2cx30x34x36x3ax3bx59x5d&abt=EdgeHostDomain
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1f10:4c55:e23f:afb4:7f32:3aa4:fbc Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
ca7752fb33cf3a98c0f29bc4eec563112025da4109a0dcc69dabf5f861751258

Request headers

accept-language
en-US,en;q=0.9
Referer
https://itsallinanutshell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-minify-cache
hit
date
Fri, 18 Aug 2023 00:26:59 UTC
content-encoding
br
x-minify
t
x-ezoic-cdn
Hit ds;mm;436230e153561456b2733cbdb1bca1c7;2-496996-2;5b59fb93-21e6-40bd-49ed-9329af3e8bc5
x-middleton-display
staticcontent_sol
x-middleton-response
200
x-nc
HIT dca
x-ez-proxy-out
true 2.4
server
nginx
etag
W/13576-1684461103136.7104
x-origin-cache-control
max-age=31536000
vary
Accept-Encoding,User-Agent,Origin
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
tracker.js
itsallinanutshell.com/wp-content/plugins/wp-statistics/assets/js/
1 KB
900 B
Script
General
Full URL
https://itsallinanutshell.com/wp-content/plugins/wp-statistics/assets/js/tracker.js?screx=1&sxcb=1a&ver=6.3
Requested by
Host: www.ezojs.com
URL: https://www.ezojs.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-17y07-2y1e-7y0b-6y0d-27y13-4y16-3y18-4y1c-5y21-4y22-1y25-2y24-5y26-3y29-72y2c-158y30-176y34-4y36-21y3a-12y3b-6y59-2y5d-22&cmbcb=178&sj=x04x02x06x07x1ex0bx0dx13x16x18x1cx21x22x25x24x26x29x2cx30x34x36x3ax3bx59x5d&abt=EdgeHostDomain
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1f10:4c55:e23f:afb4:7f32:3aa4:fbc Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
LiteSpeed / PleskLin
Resource Hash
44f9b644648bc617dc561b8bb575276387fdbe044c97d84f0fb6e80e4997120c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://itsallinanutshell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 00:26:59 UTC
content-encoding
br
display
staticcontent_sol
x-powered-by
PleskLin
x-ezoic-cdn
Hit ds;mm;0576094195bcbc626e6051273f607a12;2-496996-2;dd2ed646-3f6a-4f5b-70b9-bd02800c2fd3
x-middleton-display
staticcontent_sol
x-middleton-response
200
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
516
response
200
last-modified
Wed, 26 Jul 2023 09:30:14 GMT
server
LiteSpeed
x-ez-proxy-out
true 2.4
etag
"592-64c0e7a6-cb2e4abec0fcbb49;gz-gzip"
x-origin-cache-control
public, max-age=604800
vary
Accept-Encoding,User-Agent,Origin
content-type
application/javascript
cache-control
public, max-age=2592000
x-ez-minify-js
0.00% 1426 / 1426
v1
btlr.sharethrough.com/universal/
226 B
347 B
XHR
General
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?cb=195-0-60
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.237.83.209 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-237-83-209.compute-1.amazonaws.com
Software
/
Resource Hash
d136b57771acb729a6114335f2748d946eadf9c43e7c01062575fe807cdebb47

Request headers

Referer
https://itsallinanutshell.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 18 Aug 2023 00:26:59 GMT
content-encoding
gzip
x-openrtb-version
2.5
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://itsallinanutshell.com
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
193
prebid-request
onetag-sys.com/
15 B
368 B
XHR
General
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?cb=195-0-60
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.222.39.185 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip185.ip-51-222-39.net
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://itsallinanutshell.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
content-type
application/json
access-control-allow-origin
https://itsallinanutshell.com
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control
no-transform, no-cache
access-control-allow-credentials
true
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
4eb66004-166c-4d07-b197-3e065dc9009e
https://itsallinanutshell.com/
1 KB
0
Other
General
Full URL
blob:https://itsallinanutshell.com/4eb66004-166c-4d07-b197-3e065dc9009e
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Length
1245
Content-Type
text/javascript
hit
itsallinanutshell.com/wp-json/wp-statistics/v2/
131 B
452 B
XHR
General
Full URL
https://itsallinanutshell.com/wp-json/wp-statistics/v2/hit?wp_statistics_hit_rest=yes&track_all=1&current_page_type=home&current_page_id=24469&search_query&page_uri=Lw=&referred=&_=1692318420038
Requested by
Host: itsallinanutshell.com
URL: https://itsallinanutshell.com/wp-content/plugins/wp-statistics/assets/js/tracker.js?screx=1&sxcb=1a&ver=6.3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1f10:4c55:e23f:afb4:7f32:3aa4:fbc Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
LiteSpeed / PHP/8.2.8, PleskLin
Resource Hash
9da284a40812a6542ddbb236751d57abb25ec2d882754fe6a4b388c71604f4b2
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://itsallinanutshell.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
application/json;charset=UTF-8

Response headers

date
Fri, 18 Aug 2023 00:27:00 GMT
content-encoding
br
x-content-type-options
nosniff
x-sol
pub_site
display
staticcontent_sol
x-powered-by
PHP/8.2.8, PleskLin
x-ezoic-cdn
Miss
x-middleton-display
staticcontent_sol
x-middleton-response
200
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
97
response
200
x-ez-proxy-out
true 2.4
server
LiteSpeed
x-origin-cache-control
no-cache
allow
GET
vary
Accept-Encoding,Origin,User-Agent
content-type
application/json; charset=UTF-8
access-control-expose-headers
X-WP-Total, X-WP-TotalPages, Link
cache-control
no-cache
x-robots-tag
noindex
access-control-allow-headers
Authorization, X-WP-Nonce, Content-Disposition, Content-MD5, Content-Type
link
<https://itsallinanutshell.com/wp-json/>; rel="https://api.w.org/"
universal.js
assets.mailerlite.com/js/
46 KB
10 KB
Script
General
Full URL
https://assets.mailerlite.com/js/universal.js
Requested by
Host: itsallinanutshell.com
URL: https://itsallinanutshell.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:c45 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
32e72b11a23866376e97cfdaa82a127aaedbaaa13c2b3dbdd1197684196f0883
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://itsallinanutshell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

expires
Wed, 23 Aug 2023 00:27:00 GMT
date
Fri, 18 Aug 2023 00:27:00 GMT
strict-transport-security
max-age=15724800; includeSubDomains
via
Ingress
cf-cache-status
HIT
content-encoding
br
age
512
x-cache
HIT
last-modified
Thu, 17 Aug 2023 15:45:52 GMT
server
cloudflare
etag
W/"64de40b0-b6c4"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=432000
cf-ray
7f86074d7b704bc0-BUF
x-cache-hits
2
conf
s.pubmine.com/
6 KB
2 KB
Script
General
Full URL
https://s.pubmine.com/conf?pp.pt=0&pp.ht=2&pp.tn=dara&pp.uloggedin=0&pp.amp=false&pp.siteid=219160514&pp.consent=0&pp.ad.label.text=Advertisements&pp.ad.reportAd.text=Report%20this%20ad&rid=6926229013800&ref=https%3A%2F%2Fitsallinanutshell.com%2F&vp=1600x1200&cb=callback__llfuoy17_1
Requested by
Host: itsallinanutshell.com
URL: https://itsallinanutshell.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.23.11.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-23-11-45.compute-1.amazonaws.com
Software
nginx /
Resource Hash
11e823d3befb8f2b14b28e5d775a244f82de30c3c790291f82e8f782b07dde4b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://itsallinanutshell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date
Fri, 18 Aug 2023 00:27:00 GMT
Cache-Control
no-cache, no-store, must-revalidate
Content-Encoding
gzip
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
text/javascript; charset=utf-8
api.js
itsallinanutshell.com/ezossp/https/www.google.com/recaptcha/
1 KB
1 KB
Script
General
Full URL
https://itsallinanutshell.com/ezossp/https/www.google.com/recaptcha/api.js?screx=1&sxcb=1a
Requested by
Host: www.ezojs.com
URL: https://www.ezojs.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-17y07-2y1e-7y0b-6y0d-27y13-4y16-3y18-4y1c-5y21-4y22-1y25-2y24-5y26-3y29-72y2c-158y30-176y34-4y36-21y3a-12y3b-6y59-2y5d-22&cmbcb=178&sj=x04x02x06x07x1ex0bx0dx13x16x18x1cx21x22x25x24x26x29x2cx30x34x36x3ax3bx59x5d&abt=EdgeHostDomain
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1f10:4c55:e23f:afb4:7f32:3aa4:fbc Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
GSE /
Resource Hash
31cd7bd5f71dfcb7caebc43b16ea2ef880d2ac8da1212dacc0213e7eb0ecbb3e
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://itsallinanutshell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-security-policy
frame-ancestors 'self'
content-encoding
br
x-content-type-options
nosniff
date
Fri, 18 Aug 2023 00:27:00 GMT
x-ezoic-cdn
Miss
x-middleton-display
staticcontent_sol
cross-origin-resource-policy
cross-origin
x-middleton-response
200
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
753
x-xss-protection
1; mode=block
x-ez-proxy-out
true 2.4
server
GSE
x-origin-cache-control
private, max-age=300
vary
Accept-Encoding,User-Agent,Origin
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
expires
Fri, 18 Aug 2023 00:27:00 GMT
ZN660gpfgXVAgUl4ibXoLAAABVMAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame A862
43 B
602 B
Image
General
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/ZN660gpfgXVAgUl4ibXoLAAABVMAAAIB?gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=184674&gdpr=&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fow.pubmatic.com%2Fsetuid%3Fbidder%3Dix%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:4e9:5a01:3974:5cd2:89d:2ca0 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 00:27:00 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
crum
dsum-sec.casalemedia.com/ Frame A862
Redirect Chain
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=4664318827337647392
43 B
632 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=4664318827337647392
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=184674&gdpr=&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fow.pubmatic.com%2Fsetuid%3Fbidder%3Dix%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 18 Aug 2023 00:27:00 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Fri, 18 Aug 2023 00:27:00 GMT
an-x-request-uuid
a2c8fafc-cff2-4324-b205-99f8c81f5264
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=4664318827337647392
x-proxy-origin
96.9.249.38; 96.9.249.38; 797.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame A862
Redirect Chain
  • https://ad.turn.com/r/cs?pid=21
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=2700558205676423679
43 B
632 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=2700558205676423679
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=184674&gdpr=&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fow.pubmatic.com%2Fsetuid%3Fbidder%3Dix%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 18 Aug 2023 00:27:00 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=2700558205676423679
pragma
no-cache
date
Fri, 18 Aug 2023 00:26:59 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
user-registering
ads.stickyadstv.com/ Frame A862
43 B
609 B
Image
General
Full URL
https://ads.stickyadstv.com/user-registering?dataProviderId=1025&userId=ZN660gpfgXVAgUl4ibXoLAAABVMAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=184674&gdpr=&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fow.pubmatic.com%2Fsetuid%3Fbidder%3Dix%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
63.251.28.233 Secaucus, United States, ASN26558 (FREEWHEEL, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 18 Aug 2023 00:27:00 GMT
Server
nginx
Transfer-Encoding
chunked
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
x-sticky-vk
1692318420177060-249
crum
dsum-sec.casalemedia.com/ Frame A862
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=ISyfZg9D1QwNkm5
43 B
632 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=ISyfZg9D1QwNkm5
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=184674&gdpr=&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fow.pubmatic.com%2Fsetuid%3Fbidder%3Dix%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 18 Aug 2023 00:27:00 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

Pragma
no-cache
Date
Fri, 18 Aug 2023 00:26:59 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
PingMatch/v2.0.30-788-g55788f4#dev-temp-decrease-retargeting-updates-batch i-0a15b899c0a19be84@us-east-1d@dxedge-app-us-east-1-prod-asg
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=ISyfZg9D1QwNkm5
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame A862
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/ie
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AABOFk7JvXYAACqoHL5WIg&expiration=1693528020
43 B
632 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AABOFk7JvXYAACqoHL5WIg&expiration=1693528020
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=184674&gdpr=&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fow.pubmatic.com%2Fsetuid%3Fbidder%3Dix%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 18 Aug 2023 00:27:00 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AABOFk7JvXYAACqoHL5WIg&expiration=1693528020
Date
Fri, 18 Aug 2023 00:27:00 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
rum
dsum-sec.casalemedia.com/ Frame A862
Redirect Chain
  • https://csync.loopme.me/?pubid=11466&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D24%26external_user_id%3D%7Bviewer_token%7D&us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid=
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=476719bc-fa55-432a-8561-61f6ff96f341&gpp_sid=null&gpp=null&us_privacy=null&gdpr_consent=null&gdpr=null
43 B
632 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=476719bc-fa55-432a-8561-61f6ff96f341&gpp_sid=null&gpp=null&us_privacy=null&gdpr_consent=null&gdpr=null
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=184674&gdpr=&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fow.pubmatic.com%2Fsetuid%3Fbidder%3Dix%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 18 Aug 2023 00:27:00 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=476719bc-fa55-432a-8561-61f6ff96f341&gpp_sid=null&gpp=null&us_privacy=null&gdpr_consent=null&gdpr=null
date
Fri, 18 Aug 2023 00:27:00 GMT
server
_
content-length
0
crum
dsum.casalemedia.com/ Frame A862
Redirect Chain
  • https://match.deepintent.com/usersync/113
  • https://dsum.casalemedia.com/crum?cm_dsp_id=176&external_user_id=di_3589adc5c5654cff8c7f3
43 B
632 B
Image
General
Full URL
https://dsum.casalemedia.com/crum?cm_dsp_id=176&external_user_id=di_3589adc5c5654cff8c7f3
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=184674&gdpr=&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fow.pubmatic.com%2Fsetuid%3Fbidder%3Dix%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 18 Aug 2023 00:27:00 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

location
https://dsum.casalemedia.com/crum?cm_dsp_id=176&external_user_id=di_3589adc5c5654cff8c7f3
date
Fri, 18 Aug 2023 00:26:59 GMT
content-type
image/gif
server
b
content-length
0
p3p
policyref='http://cdn.deepintent.com/p3p.xml', CP='NON CUR DEV TAI'
setuid
ow.pubmatic.com/ Frame A862
0
520 B
Image
General
Full URL
https://ow.pubmatic.com/setuid?bidder=ix&gdpr=&gdpr_consent=&gpp=&gpp_sid=&f=b&uid=ZN660gpfgXVAgUl4ibXoLAAA%261363
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=184674&gdpr=&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fow.pubmatic.com%2Fsetuid%3Fbidder%3Dix%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.123 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 00:27:00 GMT
content-length
0
content-type
text/html
ads
securepubads.g.doubleclick.net/gampad/
397 B
178 B
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=244299579352505&correlator=2579860003143594&eid=31076398%2C31076768%2C31077123&output=ldjh&gdfp_req=1&vrg=202308150101&ptt=17&impl=fif&us_privacy=1---&iu_parts=21732118914%3A22975044942%2Citsallinanutshell_com-edge-1&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C160x600&fluid=height&ifi=8&didk=115940854&sfv=1-0-40&rcs=2&eri=1&sc=1&cookie=ID%3D873143505799b32e%3AT%3D1692318415%3ART%3D1692318415%3AS%3DALNI_MZKdxWcwhATBS_BWyj8cEreudmDwA&gpic=UID%3D00000d8c0537ff80%3AT%3D1692318415%3ART%3D1692318415%3AS%3DALNI_MaCTkwevePLqFczOym_Lp657bBqwA&abxe=1&dt=1692318420062&lmt=1692354420&adxs=0&adys=302&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fitsallinanutshell.com%2F&vis=1&psz=160x-1&msz=160x-1&fws=516&ohw=1600&psts=AOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a&ga_vid=1075092753.1692318415&ga_sid=1692318416&ga_hid=1732463647&ga_fc=true&cbidsp=ClcIARIXCgZvbmV0YWcQ2AIgAjgCUgZvbmV0YWcYAiIkNDhjNWEzZGUtMTY1ZC00ODgyLWIyNzctM2RkOTVhMGJjZGIwKgQIAyAAMgd2Ny4zOS4wQPoBSgA.&dlt=1692318414472&idt=949&prev_scp=a%3D%257C0%257C%26iid1%3D7999192897653727%26eid%3D7999192897653727%26t%3D134%26d%3D496996%26t1%3D134%26pvc%3D0%26ap%3D1101%26sap%3D1101%26as%3Drevenue%26plat%3D1%26bra%3Dmod13%26ic%3D3%26at%3Dmbf%26adr%3D399%26ezosn%3D1%26reft%3Dtf%26refs%3D30%26refa%3D1%26ga%3D5302779%26rid%3D99998%26pt%3D38%26al%3D1038%26compid%3D0%26tap%3Ditsallinanutshell_com-edge-1-7999192897653727%26eb_br%3Deeb512de4b40f938fd78cdef344a7ebd%2C1e913e99b80640fd5b86a539e5b97c94%26eba%3D1%26bv%3D23%26bvm%3D0%26bvr%3D3%26avc%3D113%26shp%3D2%26ftsn%3D12%26ftsng%3D12%26br1%3D22%26br2%3D60%26ezoic%3D1%26nmau%3D0%26mau%3D0%26sticky%3D1%26stl%3D63%2C14%2C28%2C4%2C51%2C0%2C88%2C0%2C71%2C30%2C0%2C31%2C901%2C902%2C903%26deal1%3D17%2C20%2C21%2C22%2C23%2C24%2C25%2C26%2C1794%2C2310%2C2339%2C2351%2C2526%2C2527%2C2610%2C2761%2C2763%2C2764%2C2765%2C3044%2C3054%2C3154%2C3430%2C3455%2C3456%2C3457%2C3458%2C3460%2C3682%2C3683%2C3684%2C4184%2C4185%2C4186%2C5747%2C7%2C8%2C9%2C10%2C11%2C12%2C13%2C14%2C15%2C16%2C915%2C874%2C835%2C19%2C2688%2C3045%2C4276%2C916%2C18%2C19%2C1428%2C2688%2C2693%2C3045%2C3053%2C4276%2C916%26lb%3D60%26reqt%3D1692318419017&adks=905025581&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308150101/pubads_impl.js?cb=31077123
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2002 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f07d2ed51a0c07b8c363a4afda3298b6e24cfcad881c926ca491a992d922f124
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://itsallinanutshell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 00:27:00 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
148
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://itsallinanutshell.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/
397 B
178 B
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=244299579352505&correlator=3827602508563061&eid=31076398%2C31076768%2C31077123&output=ldjh&gdfp_req=1&vrg=202308150101&ptt=17&impl=fif&us_privacy=1---&iu_parts=21732118914%3A22975044942%2Citsallinanutshell_com-edge-2&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C160x600&fluid=height&ifi=9&didk=115933708&sfv=1-0-40&rcs=2&eri=1&sc=1&cookie=ID%3D873143505799b32e%3AT%3D1692318415%3ART%3D1692318415%3AS%3DALNI_MZKdxWcwhATBS_BWyj8cEreudmDwA&gpic=UID%3D00000d8c0537ff80%3AT%3D1692318415%3ART%3D1692318415%3AS%3DALNI_MaCTkwevePLqFczOym_Lp657bBqwA&abxe=1&dt=1692318420076&lmt=1692354420&adxs=1440&adys=302&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fitsallinanutshell.com%2F&vis=1&psz=160x-1&msz=160x-1&fws=516&ohw=1600&psts=AOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a&ga_vid=1075092753.1692318415&ga_sid=1692318416&ga_hid=1732463647&ga_fc=true&cbidsp=ClcIARIXCgZvbmV0YWcQ2AIgAjgCUgZvbmV0YWcYAiIkNDZkZDg3MTMtZWEwOS00YWUxLTgxZmYtM2Y4ZDU0YzdkMzBkKgQIAyAAMgd2Ny4zOS4wQPoBSgA.&dlt=1692318414472&idt=949&prev_scp=a%3D%257C0%257C%26iid1%3D4931918961627086%26eid%3D4931918961627086%26t%3D134%26d%3D496996%26t1%3D134%26pvc%3D0%26ap%3D1102%26sap%3D1102%26as%3Drevenue%26plat%3D1%26bra%3Dmod13%26ic%3D3%26at%3Dmbf%26adr%3D399%26ezosn%3D0%26reft%3Dtf%26refs%3D30%26refa%3D1%26ga%3D5302779%26rid%3D99998%26pt%3D39%26al%3D1039%26compid%3D0%26tap%3Ditsallinanutshell_com-edge-2-4931918961627086%26eb_br%3Deeb512de4b40f938fd78cdef344a7ebd%2C1e913e99b80640fd5b86a539e5b97c94%26eba%3D1%26bv%3D13%26bvm%3D0%26bvr%3D3%26avc%3D113%26shp%3D2%26ftsn%3D12%26ftsng%3D12%26br1%3D22%26br2%3D60%26ezoic%3D1%26nmau%3D0%26mau%3D0%26sticky%3D1%26stl%3D63%2C14%2C28%2C4%2C51%2C0%2C88%2C0%2C71%2C30%2C0%2C31%2C901%2C902%2C903%26deal1%3D17%2C20%2C21%2C22%2C23%2C24%2C25%2C26%2C1794%2C2310%2C2339%2C2351%2C2526%2C2527%2C2610%2C2761%2C2763%2C2764%2C2765%2C3044%2C3054%2C3154%2C3430%2C3455%2C3456%2C3457%2C3458%2C3460%2C3682%2C3683%2C3684%2C4184%2C4185%2C4186%2C5747%2C7%2C8%2C9%2C10%2C11%2C12%2C13%2C14%2C15%2C16%2C915%2C874%2C835%2C19%2C2688%2C3045%2C4276%2C916%2C18%2C19%2C1428%2C2688%2C2693%2C3045%2C3053%2C4276%2C916%26lb%3D60%26reqt%3D1692318419055&adks=4225512732&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308150101/pubads_impl.js?cb=31077123
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2002 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1e907729e2c94d83c64b79749de49e456f0303390d4c078c37f44e498c36125a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://itsallinanutshell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 00:27:00 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
148
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://itsallinanutshell.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
universal.css
assets.mailerlite.com/css/
931 B
500 B
Stylesheet
General
Full URL
https://assets.mailerlite.com/css/universal.css
Requested by
Host: assets.mailerlite.com
URL: https://assets.mailerlite.com/js/universal.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:c45 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d8811c83300c6502143e4847aa6400bd5f25785b68a6e814757061dd2b34afde
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://itsallinanutshell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

expires
Wed, 23 Aug 2023 00:27:00 GMT
date
Fri, 18 Aug 2023 00:27:00 GMT
strict-transport-security
max-age=15724800; includeSubDomains
via
Ingress
cf-cache-status
HIT
content-encoding
br
age
512
x-cache
HIT
last-modified
Thu, 17 Aug 2023 15:45:54 GMT
server
cloudflare
etag
W/"64de40b2-3a3"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=432000
cf-ray
7f86074ddb744bc0-BUF
x-cache-hits
4
forms
assets.mailerlite.com/jsonp/450750/
68 KB
10 KB
Script
General
Full URL
https://assets.mailerlite.com/jsonp/450750/forms?callback=ml.fn.renderPopupsAndPromotions
Requested by
Host: assets.mailerlite.com
URL: https://assets.mailerlite.com/js/universal.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:c45 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7db9f20f5fa5b2464fc28e9d4e012863d447990944899a7088c35278f803f783
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://itsallinanutshell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 00:27:00 GMT
strict-transport-security
max-age=15724800; includeSubDomains
via
Ingress
cf-cache-status
MISS
x-cacheable
1
last-modified
Fri, 18 Aug 2023 00:27:00 GMT
server
cloudflare
content-encoding
br
vary
Accept-Encoding
x-cache
HIT
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
immutable, max-age=180, public, s-maxage=180
cf-ray
7f86074ddb754bc0-BUF
x-cache-hits
1
recaptcha__en.js
www.gstatic.com/recaptcha/releases/3kTz7WGoZLQTivI-amNftGZO/
438 KB
176 KB
Script
General
Full URL
https://www.gstatic.com/recaptcha/releases/3kTz7WGoZLQTivI-amNftGZO/recaptcha__en.js
Requested by
Host: itsallinanutshell.com
URL: https://itsallinanutshell.com/ezossp/https/www.google.com/recaptcha/api.js?screx=1&sxcb=1a
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:809::2003 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
973351a8332ef14670e481d690b0e7d242a6b3c949fdcac75cb767068ee5241c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://itsallinanutshell.com/
Origin
https://itsallinanutshell.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 22:33:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
93240
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
180114
x-xss-protection
0
last-modified
Sun, 06 Aug 2023 12:02:10 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 15 Aug 2024 22:33:00 GMT
webforms.min.js
itsallinanutshell.com/ezossp/https/groot.mailerlite.com/js/w/
12 KB
4 KB
Script
General
Full URL
https://itsallinanutshell.com/ezossp/https/groot.mailerlite.com/js/w/webforms.min.js?screx=1&sxcb=1a&v08a893c96141fbc55feeeeac1fda7508=
Requested by
Host: www.ezojs.com
URL: https://www.ezojs.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-17y07-2y1e-7y0b-6y0d-27y13-4y16-3y18-4y1c-5y21-4y22-1y25-2y24-5y26-3y29-72y2c-158y30-176y34-4y36-21y3a-12y3b-6y59-2y5d-22&cmbcb=178&sj=x04x02x06x07x1ex0bx0dx13x16x18x1cx21x22x25x24x26x29x2cx30x34x36x3ax3bx59x5d&abt=EdgeHostDomain
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1f10:4c55:e23f:afb4:7f32:3aa4:fbc Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7d5c101c45e81c6d68be1c9d549029e27a94d766871ac10520ac101f087d80ba
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://itsallinanutshell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 00:27:00 UTC
content-encoding
br
via
Ingress
cf-cache-status
MISS
strict-transport-security
max-age=15724800; includeSubDomains
x-ezoic-cdn
Hit ds;mm;e5624dd91691f00ceb3cd0528bfdd0f2;2-496996-2;1a3b649f-e0ee-415d-52e4-2839bb97fa05
x-middleton-display
staticcontent_sol
x-middleton-response
200
last-modified
Thu, 10 Aug 2023 07:35:35 GMT
server
cloudflare
x-ez-proxy-out
true 2.4
etag
W/"64d49347-2cbd-gzip"
x-origin-cache-control
public, max-age=432000
access-control-max-age
1728000
access-control-allow-methods
GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=432000
access-control-allow-credentials
true
vary
Accept-Encoding,User-Agent,Origin
cf-ray
7f6f884b6f3a398c-IAD
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization,X-MailerLite-Account,X-MailerLite-Token
integrator.js
adservice.google.com/adsid/
107 B
456 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=itsallinanutshell.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:809::2002 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://itsallinanutshell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 00:27:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
SPug
simage4.pubmatic.com/AdServer/ Frame EC99
0
128 B
Script
General
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=156631&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D2dc5d7ef17b42550%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.248.18.34 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 00:27:00 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
jquery.min.js
assets.mlcdn.com/ml/ajax/libs/jquery/1.8.3/
91 KB
33 KB
Script
General
Full URL
https://assets.mlcdn.com/ml/ajax/libs/jquery/1.8.3/jquery.min.js
Requested by
Host: itsallinanutshell.com
URL: https://itsallinanutshell.com/ezossp/https/groot.mailerlite.com/js/w/webforms.min.js?screx=1&sxcb=1a&v08a893c96141fbc55feeeeac1fda7508=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:6cb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
61c6caebd23921741fb5ffe6603f16634fca9840c2bf56ac8201e9264d6daccf

Request headers

accept-language
en-US,en;q=0.9
Referer
https://itsallinanutshell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 00:27:00 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 17 Aug 2023 21:05:10 GMT
server
cloudflare
age
12110
vary
Origin, Accept-Encoding
access-control-allow-methods
HEAD,GET,OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=691200
cf-ray
7f86074e2e474bd3-BUF
track-view
assets.mailerlite.com/jsonp/450750/forms/88990487947510884/
0
0
Fetch
General
Full URL
https://assets.mailerlite.com/jsonp/450750/forms/88990487947510884/track-view
Requested by
Host: www.ezojs.com
URL: https://www.ezojs.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-17y07-2y1e-7y0b-6y0d-27y13-4y16-3y18-4y1c-5y21-4y22-1y25-2y24-5y26-3y29-72y2c-158y30-176y34-4y36-21y3a-12y3b-6y59-2y5d-22&cmbcb=178&sj=x04x02x06x07x1ex0bx0dx13x16x18x1cx21x22x25x24x26x29x2cx30x34x36x3ax3bx59x5d&abt=EdgeHostDomain
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:c45 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://itsallinanutshell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 00:27:00 GMT
via
Ingress
strict-transport-security
max-age=15724800; includeSubDomains
cf-cache-status
MISS
server
cloudflare
vary
Accept-Encoding
x-cache
HIT
access-control-allow-origin
*
cache-control
no-cache, private
cf-ray
7f86074e2b784bc0-BUF
x-cache-hits
1
/
itsallinanutshell.com/_static/
39 KB
11 KB
Script
General
Full URL
https://itsallinanutshell.com/_static/??-eJylkd1OwzAMhV8IYxUk2C4Qj4K81CtuUyeK3Y7t6WnVDZDopCGuLP98xycxHjKEpM7qmOPQiBq27JlCd4lvI2udCtLgqSd3CZcOSE8NQ6gVazHHr/S+tTtcUQ5pF1PobBlvvwtAOsEu6XZ0cWXookewg2Quf187wwsLouJCUU6/dfyde55oKoRkxm6ziNIozarn9XnrJEMU7WCfwmCwl49rhm+/QKTTcTnD+XUyKRXjMPuCtDMu4/WP+ceeH4VJ/bV/qZ621fPDdvNYfQLMg+KF=&screx=1&sxcb=1a
Requested by
Host: www.ezojs.com
URL: https://www.ezojs.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-17y07-2y1e-7y0b-6y0d-27y13-4y16-3y18-4y1c-5y21-4y22-1y25-2y24-5y26-3y29-72y2c-158y30-176y34-4y36-21y3a-12y3b-6y59-2y5d-22&cmbcb=178&sj=x04x02x06x07x1ex0bx0dx13x16x18x1cx21x22x25x24x26x29x2cx30x34x36x3ax3bx59x5d&abt=EdgeHostDomain
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1f10:4c55:e23f:afb4:7f32:3aa4:fbc Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
LiteSpeed / PHP/8.2.8, PleskLin
Resource Hash
f00407e9580b7346093a4fe47ca43f274520a729d5ca34ffa7a6e1b10a7d416d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://itsallinanutshell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 00:27:00 UTC
content-encoding
br
x-sol
pub_site
display
staticcontent_sol
x-powered-by
PHP/8.2.8, PleskLin
x-ezoic-cdn
Hit ds;ms;76e2a00ff8d209e3a67a63fe5638be62;2-496996-2;cda98dfb-ca35-4978-799d-246b4dc1941a
x-middleton-display
staticcontent_sol
x-middleton-response
200
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
response
200
last-modified
Fri, 11 Aug 2023 04:57:11 GMT
server
LiteSpeed
x-ez-proxy-out
true 2.4
x-page-optimize
cached
etag
"73b0a977188d7f003c64eca31ee14ecb-gzip"
x-origin-cache-control
max-age=31536000
vary
Accept-Encoding,User-Agent,Origin
content-type
application/javascript
cache-control
public, max-age=31536000
x-ez-minify-js
3.26% 39827 / 41167
ata.js
c0.pubmine.com/2.37.11677685674593/
207 KB
54 KB
Script
General
Full URL
https://c0.pubmine.com/2.37.11677685674593/ata.js
Requested by
Host: itsallinanutshell.com
URL: https://itsallinanutshell.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.38 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
b4b0789c9d823fd2888f4f2501afd255b449971ea288d46ab65bc2408088515a
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://itsallinanutshell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-nc
HIT jfk 1
date
Fri, 18 Aug 2023 00:27:00 GMT
content-encoding
gzip
strict-transport-security
max-age=15552000
last-modified
Wed, 01 Mar 2023 15:53:00 GMT
server
nginx
x-amz-cf-pop
BUD50-C1
x-amz-server-side-encryption
AES256
vary
Accept-Encoding, Origin
content-type
application/javascript
cache-control
max-age=31536000
ml_jQuery.inputmask.bundle.min.js
assets.mlcdn.com/gr/js/w/
69 KB
21 KB
Script
General
Full URL
https://assets.mlcdn.com/gr/js/w/ml_jQuery.inputmask.bundle.min.js?v3.3.1
Requested by
Host: itsallinanutshell.com
URL: https://itsallinanutshell.com/ezossp/https/groot.mailerlite.com/js/w/webforms.min.js?screx=1&sxcb=1a&v08a893c96141fbc55feeeeac1fda7508=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:6cb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7dc240f4ac44fc99f05f51d362c54fcb4073b3e5daabf68fcec12193b333f8e6

Request headers

accept-language
en-US,en;q=0.9
Referer
https://itsallinanutshell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 00:27:00 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 17 Aug 2023 22:31:33 GMT
server
cloudflare
age
6927
vary
Origin, Accept-Encoding
access-control-allow-methods
HEAD,GET,OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=691200
cf-ray
7f86074e8e484bd3-BUF
gen_204
pagead2.googlesyndication.com/pagead/ Frame DAC5
0
0
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?mode=1&lid=41&sdkv=h.3.585.0&id=ima_html5&c=2463457510211319&domain=itsallinanutshell.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.585.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2002 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 00:27:00 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame DAC5
0
0
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?native=f&gdpr=f&tcStrValid=f&lid=165&sdkv=h.3.585.0&e=44751890%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275%2C44797735&id=ima_html5&c=2463457510211319&domain=itsallinanutshell.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.585.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2002 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 00:27:00 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame DAC5
0
0
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?delay=0&vpaidadapter=f&request_type=xfp&ctv=0&lid=6&sdkv=h.3.585.0&e=44751890%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275%2C44797735&id=ima_html5&c=2463457510211319&domain=itsallinanutshell.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.585.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2002 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 00:27:00 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame DAC5
0
0
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?step=sendingMessage&logid=0.6571525749132567&time=1692318420269&lid=43&sdkv=h.3.585.0&e=44751890%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275%2C44797735&id=ima_html5&c=2463457510211319&domain=itsallinanutshell.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.585.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2002 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 00:27:00 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
anchor
www.google.com/recaptcha/api2/ Frame A585
55 KB
31 KB
Document
General
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lf1KHQUAAAAAFNKEX1hdSWCS3mRMv4FlFaNslaD&co=aHR0cHM6Ly9pdHNhbGxpbmFudXRzaGVsbC5jb206NDQz&hl=en&v=3kTz7WGoZLQTivI-amNftGZO&size=normal&cb=5opp0zebz3
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/3kTz7WGoZLQTivI-amNftGZO/recaptcha__en.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:806::2004 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
341a8ac8f8abf74c6c8406b8b64ff7aac03d28709184f0b8937ccdf6722f2ae1
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-073NQNmfGMBdWja-Tf1iig' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://itsallinanutshell.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-length
31492
content-security-policy
script-src 'report-sample' 'nonce-073NQNmfGMBdWja-Tf1iig' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 18 Aug 2023 00:27:00 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
gen_204
pagead2.googlesyndication.com/pagead/ Frame DAC5
0
0
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?step=receivedResponse&time=1692318420362&timeout=f&logid=0.6571525749132567&timediff=93&lid=43&sdkv=h.3.585.0&e=44751890%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275%2C44797735&id=ima_html5&c=2463457510211319&domain=itsallinanutshell.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.585.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2002 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 00:27:00 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame DAC5
0
0
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?rt=xfp&lid=17&sdkv=h.3.585.0&e=44751890%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275%2C44797735&id=ima_html5&c=2463457510211319&domain=itsallinanutshell.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.585.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2002 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 00:27:00 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame DAC5
0
0
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?contentLocation=flat&lid=160&sdkv=h.3.585.0&e=44751890%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275%2C44797735&id=ima_html5&c=2463457510211319&domain=itsallinanutshell.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.585.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2002 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 00:27:00 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
pubads.g.doubleclick.net/gampad/ Frame DAC5
156 B
676 B
XHR
General
Full URL
https://pubads.g.doubleclick.net/gampad/ads?correlator=3494893632575033&description_url=https%3A%2F%2Fitsallinanutshell.com%2F&env=vp&gdfp_req=1&output=xml_vast4&sz=400x300%7C640x480%7C640x360%7C300x168&unviewed_position_start=1&url=https%3A%2F%2Fitsallinanutshell.com%2F&ad_type=outstream_video&hl=en&max_ad_duration=30000&npa=0&tfcd=0&vpmute=0&iu=%2F21732118914%2C22975044942%2Fitsallinanutshell_com-outstream-video-1&vid_t=outstream&vpa=click&cust_params=act%3D1%26ap%3D1%26d%3D496996%26eb_br%3Df30ba7de9e2a33f0f927ef82759eb3ce%26ft%3D0%26ic%3D1%26iid1%3D2513559983666239%26plat%3D1%26t%3D0%26tap%3Ditsallinanutshell_com-outstream-video-1-2513559983666239&sdkv=h.3.585.0&osd=2&frm=0&vis=1&sdr=1&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&us_privacy=1---&sdki=445&ptt=20&adk=1223778887&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.585.0&sid=7648EDD4-4E4E-40C2-991F-8B2E54FF1B1B&nel=0&eid=44751890%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275%2C44797735&top=https%3A%2F%2Fitsallinanutshell.com%2F&loc=https%3A%2F%2Fitsallinanutshell.com%2F&dlt=1692318414472&idt=1455&dt=1692318420367&cookie=ID%3D873143505799b32e%3AT%3D1692318415%3ART%3D1692318415%3AS%3DALNI_MZKdxWcwhATBS_BWyj8cEreudmDwA&gpic=UID%3D00000d8c0537ff80%3AT%3D1692318415%3ART%3D1692318415%3AS%3DALNI_MaCTkwevePLqFczOym_Lp657bBqwA&scor=1727591382531775&ged=ve4_td6_tt4_pd6_la6000_er0.0.0.0_vi0.0.1200.1600_vp0_eb16491
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.585.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80c::2002 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 00:27:00 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/
404 B
185 B
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=244299579352505&correlator=1194891982736785&eid=31076398%2C31076768%2C31077123&output=ldjh&gdfp_req=1&vrg=202308150101&ptt=17&impl=fif&us_privacy=1---&iu_parts=21732118914%3A22975044942%2Citsallinanutshell_com-medrectangle-2&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&ifi=10&didk=1504799095&sfv=1-0-40&rcs=2&eri=1&sc=1&cookie=ID%3D873143505799b32e%3AT%3D1692318415%3ART%3D1692318415%3AS%3DALNI_MZKdxWcwhATBS_BWyj8cEreudmDwA&gpic=UID%3D00000d8c0537ff80%3AT%3D1692318415%3ART%3D1692318415%3AS%3DALNI_MaCTkwevePLqFczOym_Lp657bBqwA&abxe=1&dt=1692318420383&lmt=1692354420&adxs=436&adys=1110&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fitsallinanutshell.com%2F&vis=1&psz=728x-1&msz=728x-1&fws=516&ohw=1600&psts=AOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a&ga_vid=1075092753.1692318415&ga_sid=1692318416&ga_hid=1732463647&ga_fc=true&cbidsp=ClcIARIXCgZvbmV0YWcQ2AIgAjgCUgZvbmV0YWcYAiIkMmM2M2QxMTYtMWQxNy00ZThmLThmN2UtNTU3NmIyYzFlYWQ0KgQIAyAAMgd2Ny4zOS4wQPoBSgA.&dlt=1692318414472&idt=949&prev_scp=a%3D%257C0%257C%26iid1%3D6561939639604062%26eid%3D6561939639604062%26t%3D134%26d%3D496996%26t1%3D134%26pvc%3D0%26ap%3D1100%26sap%3D1100%26as%3Drevenue%26plat%3D1%26bra%3Dmod13%26ic%3D3%26at%3Dmbf%26adr%3D399%26ezosn%3D3%26reft%3Dtf%26refs%3D30%26refa%3D1%26ga%3D5302779%26rid%3D99998%26pt%3D5%26al%3D1005%26compid%3D0%26tap%3Ditsallinanutshell_com-medrectangle-2-6561939639604062%26eb_br%3D5dfc84b2afe9d09bb5135bfcbbc5970f%2Cc352ba581bd3ffd8cea608cf2d55f519%26eba%3D1%26bv%3D15%26bvm%3D0%26bvr%3D5%26avc%3D113%26shp%3D1%26ftsn%3D12%26ftsng%3D12%26br1%3D60%26br2%3D100%26ezoic%3D1%26nmau%3D0%26mau%3D0%26stl%3D63%2C14%2C28%2C4%2C51%2C0%2C88%2C0%2C71%2C30%2C0%2C31%2C901%2C902%2C903%26deal1%3D20%2C21%2C22%2C23%2C24%2C25%2C26%2C1794%2C2310%2C2339%2C2526%2C2527%2C2763%2C2764%2C2765%2C3054%2C3154%2C3430%2C3455%2C3456%2C3457%2C3458%2C3460%2C3682%2C3683%2C3684%2C4184%2C4185%2C4186%2C5747%2C9%2C10%2C11%2C12%2C13%2C14%2C15%2C16%2C17%2C2351%2C2610%2C2761%2C3044%2C7%2C8%2C915%2C874%2C835%2C17%2C19%2C2351%2C2610%2C2688%2C2761%2C3044%2C3045%2C4276%2C7%2C8%2C916%2C915%2C874%2C835%26lb%3D100%26reqt%3D1692318419269&adks=3076448883&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308150101/pubads_impl.js?cb=31077123
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2002 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c3246dffc779d6121b77d2a6ab17184df0a3f44d691f76d1a7ccbe73bb655fb8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://itsallinanutshell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 00:27:00 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
155
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://itsallinanutshell.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
jetpack-carousel.min.js
itsallinanutshell.com/wp-content/plugins/jetpack/_inc/build/carousel/
24 KB
7 KB
Script
General
Full URL
https://itsallinanutshell.com/wp-content/plugins/jetpack/_inc/build/carousel/jetpack-carousel.min.js?m=1690925374&screx=1&sxcb=1a
Requested by
Host: www.ezojs.com
URL: https://www.ezojs.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-17y07-2y1e-7y0b-6y0d-27y13-4y16-3y18-4y1c-5y21-4y22-1y25-2y24-5y26-3y29-72y2c-158y30-176y34-4y36-21y3a-12y3b-6y59-2y5d-22&cmbcb=178&sj=x04x02x06x07x1ex0bx0dx13x16x18x1cx21x22x25x24x26x29x2cx30x34x36x3ax3bx59x5d&abt=EdgeHostDomain
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1f10:4c55:e23f:afb4:7f32:3aa4:fbc Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
LiteSpeed / PleskLin
Resource Hash
0200bc38d986631f9cc4680084d7d263ccf17fa4a3c627b26ff347e0cfcf1d47

Request headers

accept-language
en-US,en;q=0.9
Referer
https://itsallinanutshell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 00:27:00 UTC
content-encoding
br
display
staticcontent_sol
x-powered-by
PleskLin
x-ezoic-cdn
Hit ds;ms;286b3bd2bf0067622dff3389c780ed63;2-496996-2;d56dbd36-761c-4a6f-530b-ea2d23e21ce4
x-middleton-display
staticcontent_sol
x-middleton-response
200
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
response
200
last-modified
Tue, 01 Aug 2023 21:29:34 GMT
server
LiteSpeed
x-ez-proxy-out
true 2.4
etag
"5e2d-64c9793e-a791547589ecb5f;gz-gzip"
x-origin-cache-control
public, max-age=604800
vary
Accept-Encoding,User-Agent,Origin
content-type
application/javascript
cache-control
public, max-age=2592000
x-ez-minify-js
0.00% 24109 / 24109
tag.js
a.teads.tv/analytics/
11 KB
4 KB
Script
General
Full URL
https://a.teads.tv/analytics/tag.js
Requested by
Host: c0.pubmine.com
URL: https://c0.pubmine.com/2.37.11677685674593/ata.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
72.247.69.164 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a72-247-69-164.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
fb0721ad92aff052c96e6a1b2cdb18c25c76041897126c03161c969ac2844804

Request headers

accept-language
en-US,en;q=0.9
Referer
https://itsallinanutshell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-amz-version-id
q9b9clsZLLfdBtwdmheOfdbmJj61AqqK
date
Fri, 18 Aug 2023 00:27:00 GMT
content-encoding
br
last-modified
Wed, 16 Aug 2023 09:22:55 GMT
x-amz-request-id
WJEDCJAMYFX0DKBP
etag
"ee3af1e29ac1607ef3d41c515d1e05ad"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
private, max-age=3600
accept-ranges
bytes
content-length
3418
x-amz-id-2
+WLXm765EafePmzD41JmckJNSf8+rnk5LSpslcbTTBWmtplZuYOVJbefQzUQhQpof7YyjMv4MD8=
match
s.pubmine.com/ Frame 99EA
Redirect Chain
  • https://sync.go.sonobi.com/us.gif?loc=https%3A%2F%2Fs.pubmine.com%2Fmatch%3Fbidder_id%3D13%26external_user_id%3D%5BUID%5D%26ssp_data%3Dde349555-d0ff-4738-bf5a-71b2f3727eaa%26rid%3D%26us_privacy%3D%...
  • https://s.pubmine.com/match?bidder_id=13&external_user_id=2504e206-099c-4dfa-a5b0-f8c2c91d13ac&ssp_data=de349555-d0ff-4738-bf5a-71b2f3727eaa&rid=&us_privacy=&gdpr=0&gdpr_consent=
43 B
623 B
Document
General
Full URL
https://s.pubmine.com/match?bidder_id=13&external_user_id=2504e206-099c-4dfa-a5b0-f8c2c91d13ac&ssp_data=de349555-d0ff-4738-bf5a-71b2f3727eaa&rid=&us_privacy=&gdpr=0&gdpr_consent=
Requested by
Host: c0.pubmine.com
URL: https://c0.pubmine.com/2.37.11677685674593/ata.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.23.11.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-23-11-45.compute-1.amazonaws.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer
https://itsallinanutshell.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Encoding
gzip
Content-Type
image/gif
Date
Fri, 18 Aug 2023 00:27:00 GMT
Server
nginx
Transfer-Encoding
chunked

Redirect headers

cache-control
no-cache, no-store, private
content-length
0
content-type
text/plain; charset=utf8
date
Fri, 18 Aug 2023 00:27:00 GMT
expires
Sat, 26 Jul 1997 05:00:00 GMT
location
https://s.pubmine.com/match?bidder_id=13&external_user_id=2504e206-099c-4dfa-a5b0-f8c2c91d13ac&ssp_data=de349555-d0ff-4738-bf5a-71b2f3727eaa&rid=&us_privacy=&gdpr=0&gdpr_consent=
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pragma
no-cache
server
sonobi-go
tcn
Choice
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-5-113
x-xss-protection
0
uc.html
sync.go.sonobi.com/ Frame C57D
2 KB
2 KB
Document
General
Full URL
https://sync.go.sonobi.com/uc.html?
Requested by
Host: c0.pubmine.com
URL: https://c0.pubmine.com/2.37.11677685674593/ata.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.166.1.34 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
fa039a4a7b55f0396c3959e5d7a5740ba99b853c3499c141416ffd5b6da00b51
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://itsallinanutshell.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-cache, no-store, private
content-encoding
gzip
content-length
1131
content-type
text/html
date
Fri, 18 Aug 2023 00:27:00 GMT
expires
Sat, 26 Jul 1997 05:00:00 GMT
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pragma
no-cache
server
sonobi-go
tcn
Choice
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-5-113
x-xss-protection
0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 1B93
15 KB
6 KB
Document
General
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fs.pubmine.com%2Fmatch%3Fbidder_id%3D11%26ssp_data%3Dde349555-d0ff-4738-bf5a-71b2f3727eaa%26rid%3D%26us_privacy%3D%26gdpr%3D0%26gdpr_consent%3D%26external_user_id%3D
Requested by
Host: c0.pubmine.com
URL: https://c0.pubmine.com/2.37.11677685674593/ata.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.22.40.190 Liljeholmen, Sweden, ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE),
Reverse DNS
a2-22-40-190.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423

Request headers

Referer
https://itsallinanutshell.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=158041
content-encoding
gzip
content-length
5606
content-type
text/html
date
Fri, 18 Aug 2023 00:27:00 GMT
expires
Sat, 19 Aug 2023 20:21:01 GMT
last-modified
Tue, 11 Jul 2023 09:39:35 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
match
s.pubmine.com/ Frame 1054
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58666/occ?uid=de349555-d0ff-4738-bf5a-71b2f3727eaa&gdpr=0&gdpr_consent=
  • https://s.pubmine.com/match?bidder_id=27&ssp_data=de349555-d0ff-4738-bf5a-71b2f3727eaa&external_user_id=y-.ErJdDtE2uH7svRzPOcQHA5F0cXGAfukULHRiSs-~A&gdpr=0
43 B
432 B
Document
General
Full URL
https://s.pubmine.com/match?bidder_id=27&ssp_data=de349555-d0ff-4738-bf5a-71b2f3727eaa&external_user_id=y-.ErJdDtE2uH7svRzPOcQHA5F0cXGAfukULHRiSs-~A&gdpr=0
Requested by
Host: c0.pubmine.com
URL: https://c0.pubmine.com/2.37.11677685674593/ata.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.23.11.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-23-11-45.compute-1.amazonaws.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer
https://itsallinanutshell.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Encoding
gzip
Content-Type
image/gif
Date
Fri, 18 Aug 2023 00:27:00 GMT
Server
nginx
Transfer-Encoding
chunked

Redirect headers

age
0
content-length
0
date
Fri, 18 Aug 2023 00:27:00 GMT
location
https://s.pubmine.com/match?bidder_id=27&ssp_data=de349555-d0ff-4738-bf5a-71b2f3727eaa&external_user_id=y-.ErJdDtE2uH7svRzPOcQHA5F0cXGAfukULHRiSs-~A&gdpr=0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
server
ATS/9.1.10.75
strict-transport-security
max-age=31536000
match
s.pubmine.com/ Frame 9B0B
Redirect Chain
  • https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=0&gdpr_consent=&US_privacy=&redirectUri=https%3A%2F%2Fs.pubmine.com%2Fmatch%3Fbidder_id%3D23%26ssp_data%3Dde349555-d0ff-4738-bf5a-7...
  • https://s.pubmine.com/match?bidder_id=23&ssp_data=de349555-d0ff-4738-bf5a-71b2f3727eaa&rid=&us_privacy=&gdpr=0&gdpr_consent=&external_user_id=8367935734482287302
43 B
465 B
Document
General
Full URL
https://s.pubmine.com/match?bidder_id=23&ssp_data=de349555-d0ff-4738-bf5a-71b2f3727eaa&rid=&us_privacy=&gdpr=0&gdpr_consent=&external_user_id=8367935734482287302
Requested by
Host: c0.pubmine.com
URL: https://c0.pubmine.com/2.37.11677685674593/ata.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.23.11.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-23-11-45.compute-1.amazonaws.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer
https://itsallinanutshell.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Encoding
gzip
Content-Type
image/gif
Date
Fri, 18 Aug 2023 00:27:00 GMT
Server
nginx
Transfer-Encoding
chunked

Redirect headers

content-length
0
date
Fri, 18 Aug 2023 00:27:00 GMT
location
https://s.pubmine.com/match?bidder_id=23&ssp_data=de349555-d0ff-4738-bf5a-71b2f3727eaa&rid=&us_privacy=&gdpr=0&gdpr_consent=&external_user_id=8367935734482287302
usermatch
ssum-sec.casalemedia.com/ Frame D549
2 KB
2 KB
Document
General
Full URL
https://ssum-sec.casalemedia.com/usermatch?s=197465&gdpr=0&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fs.pubmine.com%2Fmatch%3Fbidder_id%3D21%26ssp_data%3Dde349555-d0ff-4738-bf5a-71b2f3727eaa%26rid%3D%26us_privacy%3D%26gdpr%3D0%26gdpr_consent%3D%26external_user_id%3D
Requested by
Host: c0.pubmine.com
URL: https://c0.pubmine.com/2.37.11677685674593/ata.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b7af825fccd2879d585f6abf113280ec6e7cef2ebd349eb532dfb11c01e34664

Request headers

Referer
https://itsallinanutshell.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
no-cache
Connection
Keep-Alive
Content-Length
1829
Content-Type
text/html
Date
Fri, 18 Aug 2023 00:27:00 GMT
Expires
0
Keep-Alive
timeout=1, max=499
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma
no-cache
Server
Apache
/
de.tynt.com/deb/ Frame FE03
Redirect Chain
  • https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0010b00002CphGRAAZ&gdpr_consent=&ru=https%3A%2F%2Fs.pubmine.com%2Fmatch%3Fbidder_id%3D6%26external_user_id%3D33XUSERID33X%26ssp_data%3Dde349555-d0f...
  • https://de.tynt.com/deb/?m=xch&rt=html&id=0010b00002CphGRAAZ&gdpr_consent=&ru=https%3A%2F%2Fs.pubmine.com%2Fmatch%3Fbidder_id%3D6%26external_user_id%3D33XUSERID33X%26ssp_data%3Dde349555-d0ff-4738-b...
2 KB
3 KB
Document
General
Full URL
https://de.tynt.com/deb/?m=xch&rt=html&id=0010b00002CphGRAAZ&gdpr_consent=&ru=https%3A%2F%2Fs.pubmine.com%2Fmatch%3Fbidder_id%3D6%26external_user_id%3D33XUSERID33X%26ssp_data%3Dde349555-d0ff-4738-bf5a-71b2f3727eaa%26rid%3D%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D
Requested by
Host: c0.pubmine.com
URL: https://c0.pubmine.com/2.37.11677685674593/ata.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.34 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip34.67-202-105.static.steadfastdns.net
Software
/
Resource Hash
efd6a2a2bbc09b56a2d53c75c35a6c0da88bd537c264b3a285b4568d17efb44c

Request headers

Referer
https://itsallinanutshell.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Model, Sec-CH-UA-Full-Version-List, Sec-CH-UA, Sec-CH-UA-Mobile
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
content-length
1712
content-type
text/html
date
Fri, 18 Aug 2023 00:26:59 GMT
expires
Sat, 26 Jul 1997 05:00:00 GMT
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
referrer-policy
unsafe-url

Redirect headers

cache-control
no-store, no-cache, must-revalidate
content-length
0
date
Fri, 18 Aug 2023 00:27:00 GMT
expires
Thu, 01-Jan-70 00:00:01 GMT
location
https://de.tynt.com/deb/?m=xch&rt=html&id=0010b00002CphGRAAZ&gdpr_consent=&ru=https%3A%2F%2Fs.pubmine.com%2Fmatch%3Fbidder_id%3D6%26external_user_id%3D33XUSERID33X%26ssp_data%3Dde349555-d0ff-4738-bf5a-71b2f3727eaa%26rid%3D%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
pragma
no-cache
referrer-policy
unsafe-url
server
33XP007
x-33x-status
8340000C
usersync.html
ad-cdn.technoratimedia.com/html/ Frame 73A6
17 KB
7 KB
Document
General
Full URL
https://ad-cdn.technoratimedia.com/html/usersync.html?cb=https%3A%2F%2Fs.pubmine.com%2Fmatch%3Fbidder_id%3D30%26ssp_data%3Dde349555-d0ff-4738-bf5a-71b2f3727eaa%26rid%3D%26us_privacy%3D%26gdpr%3D0%26gdpr_consent%3D%26external_user_id%3D%5BUSER_ID%5D
Requested by
Host: c0.pubmine.com
URL: https://c0.pubmine.com/2.37.11677685674593/ata.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:21f:2cf1:7be6:911:71d9:25f7 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nyb/1D3C) /
Resource Hash
2bd27fb4cdd30b9b0c730e44a8ec482a49dbf95eaa5c3f399c816dfef9990beb

Request headers

Referer
https://itsallinanutshell.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-expose-headers
access-control-allow-credentials,access-control-allow-methods,access-control-allow-origin,date,etag,opc-client-info,opc-request-id,x-api-id
age
368
cache-control
max-age=900
content-encoding
gzip
content-length
6048
content-md5
jpm9v92eYnJZrYEV0creyA==
content-type
text/html; charset=utf-8
date
Fri, 18 Aug 2023 00:27:00 GMT
etag
84d4a6e5-3860-4103-9387-92737002d50d
expires
Fri, 18 Aug 2023 00:42:00 GMT
last-modified
Wed, 16 Aug 2023 20:56:04 GMT
opc-request-id
iad-1:HbjMta38XUY5vO9rDCuMo3hGu8yBgH2VHYfA-XRv1knFL0PEEZu_pDEsZaLocGT4
server
ECAcc (nyb/1D3C)
storage-tier
Standard
vary
Accept-Encoding
version-id
ff6bccb1-2ffd-4aa2-bd14-9776592cc90b
x-api-id
native
x-cache
HIT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 1A76
15 KB
6 KB
Document
General
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fs.pubmine.com%2Fmatch%3Fbidder_id%3D26%26ssp_data%3Dde349555-d0ff-4738-bf5a-71b2f3727eaa%26rid%3D%26us_privacy%3D%26gdpr%3D0%26gdpr_consent%3D%26external_user_id%3D
Requested by
Host: c0.pubmine.com
URL: https://c0.pubmine.com/2.37.11677685674593/ata.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.22.40.190 Liljeholmen, Sweden, ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE),
Reverse DNS
a2-22-40-190.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423

Request headers

Referer
https://itsallinanutshell.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=158041
content-encoding
gzip
content-length
5606
content-type
text/html
date
Fri, 18 Aug 2023 00:27:00 GMT
expires
Sat, 19 Aug 2023 20:21:01 GMT
last-modified
Tue, 11 Jul 2023 09:39:35 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
/
de.tynt.com/deb/ Frame 9529
Redirect Chain
  • https://ic.tynt.com/r/d?m=xch&rt=html&gdpr=0&gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fs.pubmine.com%2Fmatch%3Fbidder_id%3D24%26ssp_data%3Dde349555-d0ff-4738-bf5a-71b2f3727eaa%26rid%3D%26us_privac...
  • https://de.tynt.com/deb/?m=xch&rt=html&gdpr=0&gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fs.pubmine.com%2Fmatch%3Fbidder_id%3D24%26ssp_data%3Dde349555-d0ff-4738-bf5a-71b2f3727eaa%26rid%3D%26us_priva...
2 KB
3 KB
Document
General
Full URL
https://de.tynt.com/deb/?m=xch&rt=html&gdpr=0&gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fs.pubmine.com%2Fmatch%3Fbidder_id%3D24%26ssp_data%3Dde349555-d0ff-4738-bf5a-71b2f3727eaa%26rid%3D%26us_privacy%3D%26gdpr%3D0%26gdpr_consent%3D%26external_user_id%3D33XUSERID33X&id=zzz000000000002zzz
Requested by
Host: c0.pubmine.com
URL: https://c0.pubmine.com/2.37.11677685674593/ata.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.34 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip34.67-202-105.static.steadfastdns.net
Software
/
Resource Hash
54a49f6ac67e83c81d4562a90d07c9a92e1de912fd231ad9db18d73959698d61

Request headers

Referer
https://itsallinanutshell.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Model, Sec-CH-UA-Full-Version-List, Sec-CH-UA, Sec-CH-UA-Mobile
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
content-length
1713
content-type
text/html
date
Fri, 18 Aug 2023 00:26:59 GMT
expires
Sat, 26 Jul 1997 05:00:00 GMT
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
referrer-policy
unsafe-url

Redirect headers

accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Model, Sec-CH-UA-Full-Version-List, Sec-CH-UA, Sec-CH-UA-Mobile
cache-control
"no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
content-length
171
content-type
text/html; charset=utf-8
date
Fri, 18 Aug 2023 00:27:00 GMT
expires
"Sat, 26 Jul 1997 05:00:00 GMT"
location
https://de.tynt.com/deb/?m=xch&rt=html&gdpr=0&gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fs.pubmine.com%2Fmatch%3Fbidder_id%3D24%26ssp_data%3Dde349555-d0ff-4738-bf5a-71b2f3727eaa%26rid%3D%26us_privacy%3D%26gdpr%3D0%26gdpr_consent%3D%26external_user_id%3D33XUSERID33X&id=zzz000000000002zzz
p3p
policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID" CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
server
nginx/1.16.1
match
s.pubmine.com/ Frame D6D0
Redirect Chain
  • https://visitor.omnitagjs.com/visitor/bsync?uid=19340f4f097d16f41f34fc0274981ca4&name=PrebidServer&gdpr=0&gdpr_consent=&us_privacy=&url=https%3A%2F%2Fs.pubmine.com%2Fmatch%3Fbidder_id%3D22%26ssp_da...
  • https://s.pubmine.com/match?bidder_id=22&ssp_data=de349555-d0ff-4738-bf5a-71b2f3727eaa&rid=&us_privacy=&gdpr=0&gdpr_consent=&external_user_id=c8d4ebd0d55f2f573486a807347b7e78
43 B
669 B
Document
General
Full URL
https://s.pubmine.com/match?bidder_id=22&ssp_data=de349555-d0ff-4738-bf5a-71b2f3727eaa&rid=&us_privacy=&gdpr=0&gdpr_consent=&external_user_id=c8d4ebd0d55f2f573486a807347b7e78
Requested by
Host: c0.pubmine.com
URL: https://c0.pubmine.com/2.37.11677685674593/ata.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.23.11.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-23-11-45.compute-1.amazonaws.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer
https://itsallinanutshell.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Encoding
gzip
Content-Type
image/gif
Date
Fri, 18 Aug 2023 00:27:00 GMT
Server
nginx
Transfer-Encoding
chunked

Redirect headers

cache-control
no-cache, no-store, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
date
Fri, 18 Aug 2023 00:27:00 GMT
expires
0
location
https://s.pubmine.com/match?bidder_id=22&ssp_data=de349555-d0ff-4738-bf5a-71b2f3727eaa&rid=&us_privacy=&gdpr=0&gdpr_consent=&external_user_id=c8d4ebd0d55f2f573486a807347b7e78
p3p
CP="CAO PSA OUR"
pragma
no-cache
server
ayl-lb-usa02
vary
Accept-Encoding
x-content-type-options
nosniff
x-envoy-upstream-service-time
45
match
s.pubmine.com/ Frame CE33
Redirect Chain
  • https://sync.inmobi.com/prebid?gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fs.pubmine.com%2Fmatch%3Fbidder_id%3D20%26ssp_data%3Dde349555-d0ff-4738-bf5a-71b2f3727eaa%26rid%3D%26us_privacy...
  • https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=0&us_privacy=&callback=https%3A%2F%2Fs.pubmine.com%2Fmatch%3Fbidder_id%3D20%26ssp_data%3Dde349555-d0ff-4738-bf5a-71b2f3727eaa%26rid%3D%26us_priva...
  • https://id5-sync.com/c/495/0/0/1.gif?gdpr=0&gdpr_consent=&us_privacy=
  • https://s.pubmine.com/match?bidder_id=20&ssp_data=de349555-d0ff-4738-bf5a-71b2f3727eaa&rid=&us_privacy=&gdpr=0&gdpr_consent=&external_user_id=ID5-e9d6zwcfQs6vtYtluw4wwRilNJYB_IBe8aTRkhw_Qg
43 B
830 B
Document
General
Full URL
https://s.pubmine.com/match?bidder_id=20&ssp_data=de349555-d0ff-4738-bf5a-71b2f3727eaa&rid=&us_privacy=&gdpr=0&gdpr_consent=&external_user_id=ID5-e9d6zwcfQs6vtYtluw4wwRilNJYB_IBe8aTRkhw_Qg
Requested by
Host: c0.pubmine.com
URL: https://c0.pubmine.com/2.37.11677685674593/ata.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.23.11.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-23-11-45.compute-1.amazonaws.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Encoding
gzip
Content-Type
image/gif
Date
Fri, 18 Aug 2023 00:27:01 GMT
Server
nginx
Transfer-Encoding
chunked

Redirect headers

date
Fri, 18 Aug 2023 00:27:00 GMT
location
https://s.pubmine.com/match?bidder_id=20&ssp_data=de349555-d0ff-4738-bf5a-71b2f3727eaa&rid=&us_privacy=&gdpr=0&gdpr_consent=&external_user_id=ID5-e9d6zwcfQs6vtYtluw4wwRilNJYB_IBe8aTRkhw_Qg
p3p
CP="CAO PSA OUR"
strict-transport-security
max-age=63072000; includeSubDomains; preload
transfer-encoding
chunked
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
match
s.pubmine.com/ Frame D681
Redirect Chain
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fs.pubmine.com%2Fmatch%3Fbidder_id%3D18%26external_user_id%3D%24%7BBSW_UUID%7D%26ssp_data%3Dde349555-d0ff-4738-bf5a-71b2f3727eaa%26rid%3D%26us_privac...
  • https://s.pubmine.com/match?bidder_id=18&external_user_id=99a3228b-b5ec-4ed0-ab3b-c41988f8f0a6&ssp_data=de349555-d0ff-4738-bf5a-71b2f3727eaa&rid=&us_privacy=&gdpr=0&gdpr_consent=
43 B
515 B
Document
General
Full URL
https://s.pubmine.com/match?bidder_id=18&external_user_id=99a3228b-b5ec-4ed0-ab3b-c41988f8f0a6&ssp_data=de349555-d0ff-4738-bf5a-71b2f3727eaa&rid=&us_privacy=&gdpr=0&gdpr_consent=
Requested by
Host: c0.pubmine.com
URL: https://c0.pubmine.com/2.37.11677685674593/ata.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.23.11.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-23-11-45.compute-1.amazonaws.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer
https://itsallinanutshell.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Encoding
gzip
Content-Type
image/gif
Date
Fri, 18 Aug 2023 00:27:00 GMT
Server
nginx
Transfer-Encoding
chunked

Redirect headers

Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
Date
Fri, 18 Aug 2023 00:27:00 GMT
Location
https://s.pubmine.com/match?bidder_id=18&external_user_id=99a3228b-b5ec-4ed0-ab3b-c41988f8f0a6&ssp_data=de349555-d0ff-4738-bf5a-71b2f3727eaa&rid=&us_privacy=&gdpr=0&gdpr_consent=
Server
nginx
cookie-sync
sync.outbrain.com/ Frame 4519
Redirect Chain
  • https://s.ad.smaato.net/c/?adExInit=p&redir=https%3A%2F%2Fs.pubmine.com%2Fmatch%3Fbidder_id%3D29%26ssp_data%3Dde349555-d0ff-4738-bf5a-71b2f3727eaa%26rid%3D%26us_privacy%3D%26gdpr%3D0%26gdpr_consent...
  • https://s.ad.smaato.net/c/?adExInit=p&cookieCheck=1
  • https://cs.videowalldirect.com/71af726af64461d6f0502bffcff4bc00.gif?puid=[UID]&redir=https%3A%2F%2Fs.ad.smaato.net%2Fc%2F%3FdspId%3D1002067%26dspCookie%3D%24%7BPARTNER_UID%7D%26gdpr%3D0%26gdpr_cons...
  • https://s.ad.smaato.net/c/?dspId=1002067&dspCookie=${PARTNER_UID}&gdpr=0&gdpr_consent=
  • https://sync.outbrain.com/cookie-sync?p=smaato&uid=bc5bc3dc17&gdpr=0&gdpr_consent=
0
145 B
Document
General
Full URL
https://sync.outbrain.com/cookie-sync?p=smaato&uid=bc5bc3dc17&gdpr=0&gdpr_consent=
Requested by
Host: c0.pubmine.com
URL: https://c0.pubmine.com/2.37.11677685674593/ata.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.202.112.127 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://itsallinanutshell.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
no-cache
Content-Length
0
Date
Fri, 18 Aug 2023 00:27:00 GMT
X-TraceId
edd51d3d31cadeeb3be95ddfbedfd1e1

Redirect headers

age
40
cache-control
no-cache, must-revalidate
content-length
0
date
Fri, 18 Aug 2023 00:26:20 GMT
location
https://sync.outbrain.com/cookie-sync?p=smaato&uid=bc5bc3dc17&gdpr=0&gdpr_consent=
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
server
CloudFront
via
1.1 6e810acc9d798bdf126180508d1b511e.cloudfront.net (CloudFront)
x-amz-cf-id
N2rjQbkAVSxklFe5JxTjmiqX1Ns1tXwwtBRfZ31hnqK8GUikd-RVLA==
x-amz-cf-pop
JFK50-P6
x-cache
Hit from cloudfront
match
s.pubmine.com/ Frame CC1F
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58366/occ?uid=de349555-d0ff-4738-bf5a-71b2f3727eaa
  • https://s.pubmine.com/match?bidder_id=15&external_user_id=y-SYC.iEhE2uH.zN9Z1Vtb70Am3KGf9n9wU7kJkBg-~A&ssp_data=de349555-d0ff-4738-bf5a-71b2f3727eaa
43 B
573 B
Document
General
Full URL
https://s.pubmine.com/match?bidder_id=15&external_user_id=y-SYC.iEhE2uH.zN9Z1Vtb70Am3KGf9n9wU7kJkBg-~A&ssp_data=de349555-d0ff-4738-bf5a-71b2f3727eaa
Requested by
Host: c0.pubmine.com
URL: https://c0.pubmine.com/2.37.11677685674593/ata.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.23.11.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-23-11-45.compute-1.amazonaws.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer
https://itsallinanutshell.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Encoding
gzip
Content-Type
image/gif
Date
Fri, 18 Aug 2023 00:27:00 GMT
Server
nginx
Transfer-Encoding
chunked

Redirect headers

age
0
content-length
0
date
Fri, 18 Aug 2023 00:27:00 GMT
location
https://s.pubmine.com/match?bidder_id=15&external_user_id=y-SYC.iEhE2uH.zN9Z1Vtb70Am3KGf9n9wU7kJkBg-~A&ssp_data=de349555-d0ff-4738-bf5a-71b2f3727eaa
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
server
ATS/9.1.10.75
strict-transport-security
max-age=31536000
prbds2s
rtb.gumgum.com/usync/ Frame A4E9
3 KB
1 KB
Document
General
Full URL
https://rtb.gumgum.com/usync/prbds2s?gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fs.pubmine.com%2Fmatch%3Fbidder_id%3D25%26ssp_data%3Dde349555-d0ff-4738-bf5a-71b2f3727eaa%26rid%3D%26us_privacy%3D%26gdpr%3D0%26gdpr_consent%3D%26external_user_id%3D
Requested by
Host: c0.pubmine.com
URL: https://c0.pubmine.com/2.37.11677685674593/ata.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.193.215.220 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-193-215-220.compute-1.amazonaws.com
Software
nginx /
Resource Hash
8955c2a881307d63cdc22494d2dd42503e99fd8788ed804b8b3750452e478578

Request headers

Referer
https://itsallinanutshell.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

content-encoding
gzip
content-type
text/html;charset=UTF-8
date
Fri, 18 Aug 2023 00:27:00 GMT
etag
W/"0c4976c4f1294311314c6489ae6fea349"
server
nginx
timing-allow-origin
*
async_usersync.html
acdn.adnxs.com/ib/static/usersync/v3/ Frame A900
995 B
1 KB
Document
General
Full URL
https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Requested by
Host: c0.pubmine.com
URL: https://c0.pubmine.com/2.37.11677685674593/ata.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
8730c26defc411dd8a51f1da47e5ae3804fab6868f7914a26b09d8e0791bbe39

Request headers

Referer
https://itsallinanutshell.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
3291832
Cache-Control
max-age=31536000
Connection
keep-alive
Content-Encoding
gzip
Content-Length
506
Content-Type
text/html
Date
Fri, 18 Aug 2023 00:27:00 GMT
ETag
W/"573e714d-3e3"
Expires
Tue, 09 Jul 2024 22:03:08 GMT
Last-Modified
Fri, 20 May 2016 02:07:09 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
6357, 10673
X-Served-By
cache-lga21923-LGA, cache-yyz4552-YYZ
X-Timer
S1692318421.537065,VS0,VE0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 431F
15 KB
6 KB
Document
General
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156204&gdpr=0&gdpr_consent=
Requested by
Host: c0.pubmine.com
URL: https://c0.pubmine.com/2.37.11677685674593/ata.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.22.40.190 Liljeholmen, Sweden, ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE),
Reverse DNS
a2-22-40-190.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423

Request headers

Referer
https://itsallinanutshell.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=158041
content-encoding
gzip
content-length
5606
content-type
text/html
date
Fri, 18 Aug 2023 00:27:00 GMT
expires
Sat, 19 Aug 2023 20:21:01 GMT
last-modified
Tue, 11 Jul 2023 09:39:35 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame 3821
281 B
401 B
Document
General
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: c0.pubmine.com
URL: https://c0.pubmine.com/2.37.11677685674593/ata.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
72.247.65.83 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a72-247-65-83.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://itsallinanutshell.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
content-encoding
gzip
content-length
233
content-type
text/html; charset=UTF-8
date
Fri, 18 Aug 2023 00:27:00 GMT
etag
"403b9-119-5ec73a0a33d00"
last-modified
Wed, 02 Nov 2022 02:30:44 GMT
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding
checksync.php
contextual.media.net/ Frame C60C
36 KB
12 KB
Document
General
Full URL
https://contextual.media.net/checksync.php?cid=8CU8HDVRS&cs=13
Requested by
Host: c0.pubmine.com
URL: https://c0.pubmine.com/2.37.11677685674593/ata.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.52.158.180 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-158-180.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
565976069e84fb18b98293a50427aaf754909ab98a694622e929ac4e02cdcd3d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://itsallinanutshell.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
max-age=172800
content-encoding
gzip
content-length
11808
content-type
text/html; charset=UTF-8
date
Fri, 18 Aug 2023 00:27:00 GMT
expires
Sun, 20 Aug 2023 00:27:00 GMT
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E
pd
u.openx.net/w/1.0/ Frame 123C
749 B
793 B
Document
General
Full URL
https://u.openx.net/w/1.0/pd
Requested by
Host: c0.pubmine.com
URL: https://c0.pubmine.com/2.37.11677685674593/ata.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
2795289b3b1f557de8416911af709a9ddf88c0277bd0b6405378a6330591296f

Request headers

Referer
https://itsallinanutshell.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
481
content-type
text/html
date
Fri, 18 Aug 2023 00:27:00 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
iframe
sync.teads.tv/ Frame 0764
153 B
305 B
Document
General
Full URL
https://sync.teads.tv/iframe
Requested by
Host: c0.pubmine.com
URL: https://c0.pubmine.com/2.37.11677685674593/ata.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
72.247.69.164 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a72-247-69-164.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.10 /
Resource Hash
716a727e47216ad28191f60fb09d59015b1bcb3df8cc32b5bb94f73d534a5732

Request headers

Referer
https://itsallinanutshell.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
max-age=0, no-cache, no-store
content-length
153
content-type
text/html; charset=UTF-8
date
Fri, 18 Aug 2023 00:27:00 GMT
expires
Fri, 18 Aug 2023 00:27:00 GMT
pragma
no-cache
server
akka-http/10.2.10
sync
x.bidswitch.net/ Frame F4C5
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=themediagrid&gdpr=0&gdpr_consent=&us_privacy=
  • https://p.rfihub.com/cm?in=1&pub=20513&ssp=themediagrid&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/sync?dsp_id=119&user_id=970033166257797130&expires=30&ssp=themediagrid
43 B
235 B
Document
General
Full URL
https://x.bidswitch.net/sync?dsp_id=119&user_id=970033166257797130&expires=30&ssp=themediagrid
Requested by
Host: c0.pubmine.com
URL: https://c0.pubmine.com/2.37.11677685674593/ata.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.211.178.172 North Charleston, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS
172.178.211.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer
https://itsallinanutshell.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Fri, 18 Aug 2023 00:27:00 GMT
Server
nginx

Redirect headers

Content-Length
0
Date
Fri, 18 Aug 2023 00:27:00 GMT
Location
https://x.bidswitch.net/sync?dsp_id=119&user_id=970033166257797130&expires=30&ssp=themediagrid
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Server
Jetty(9.4.51.v20230217)
pixel
s.pubmine.com/
43 B
286 B
Image
General
Full URL
https://s.pubmine.com/pixel?id=15&type=img
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.23.11.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-23-11-45.compute-1.amazonaws.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-US,en;q=0.9
Referer
https://itsallinanutshell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date
Fri, 18 Aug 2023 00:27:00 GMT
Cache-Control
no-cache, no-store, must-revalidate
Content-Encoding
gzip
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
image/gif
match
s.pubmine.com/
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=18894&ssp_data=de349555-d0ff-4738-bf5a-71b2f3727eaa&gdpr=0&gdpr_consent=&us_privacy=
  • https://s.pubmine.com/match?bidder_id=14&external_user_id=LLFUOWMM-1P-IU2L&ssp_data=de349555-d0ff-4738-bf5a-71b2f3727eaa&gdpr=0
43 B
791 B
Image
General
Full URL
https://s.pubmine.com/match?bidder_id=14&external_user_id=LLFUOWMM-1P-IU2L&ssp_data=de349555-d0ff-4738-bf5a-71b2f3727eaa&gdpr=0
Protocol
HTTP/1.1
Server
52.23.11.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-23-11-45.compute-1.amazonaws.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-US,en;q=0.9
Referer
https://itsallinanutshell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date
Fri, 18 Aug 2023 00:27:00 GMT
Cache-Control
no-cache, no-store, must-revalidate
Content-Encoding
gzip
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
image/gif

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://s.pubmine.com/match?bidder_id=14&external_user_id=LLFUOWMM-1P-IU2L&ssp_data=de349555-d0ff-4738-bf5a-71b2f3727eaa&gdpr=0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
7d24643e640b7b50906469aa87bfb2ce
Expires
0
match
s.pubmine.com/
Redirect Chain
  • https://eb2.3lift.com/getuid?gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fs.pubmine.com%2Fmatch%3Fbidder_id%3D12%26external_user_id%3D%24UID%26ssp_data%3Dde349555-d0ff-4738-bf5a-71b2f3727eaa%26ri...
  • https://s.pubmine.com/match?bidder_id=12&external_user_id=4080762774149756005240&ssp_data=de349555-d0ff-4738-bf5a-71b2f3727eaa&rid=&us_privacy=&gdpr=0&gdpr_consent=
43 B
827 B
Image
General
Full URL
https://s.pubmine.com/match?bidder_id=12&external_user_id=4080762774149756005240&ssp_data=de349555-d0ff-4738-bf5a-71b2f3727eaa&rid=&us_privacy=&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
52.23.11.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-23-11-45.compute-1.amazonaws.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-US,en;q=0.9
Referer
https://itsallinanutshell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date
Fri, 18 Aug 2023 00:27:00 GMT
Cache-Control
no-cache, no-store, must-revalidate
Content-Encoding
gzip
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
image/gif

Redirect headers

location
https://s.pubmine.com/match?bidder_id=12&external_user_id=4080762774149756005240&ssp_data=de349555-d0ff-4738-bf5a-71b2f3727eaa&rid=&us_privacy=&gdpr=0&gdpr_consent=
date
Fri, 18 Aug 2023 00:27:00 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
match
s.pubmine.com/
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fs.pubmine.com%2Fmatch%3Fbidder_id%3D10%26external_user_id%3D%24UID%26ssp_data%3Dde349555-d0ff-4738-bf5a-71b2f3727eaa%26rid%3D%26us_privacy%3D%26gdpr%3D0%26...
  • https://s.pubmine.com/match?bidder_id=10&external_user_id=4664318827337647392&ssp_data=de349555-d0ff-4738-bf5a-71b2f3727eaa&rid=&us_privacy=&gdpr=0&gdpr_consent=
43 B
882 B
Image
General
Full URL
https://s.pubmine.com/match?bidder_id=10&external_user_id=4664318827337647392&ssp_data=de349555-d0ff-4738-bf5a-71b2f3727eaa&rid=&us_privacy=&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
52.23.11.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-23-11-45.compute-1.amazonaws.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-US,en;q=0.9
Referer
https://itsallinanutshell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date
Fri, 18 Aug 2023 00:27:00 GMT
Cache-Control
no-cache, no-store, must-revalidate
Content-Encoding
gzip
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Fri, 18 Aug 2023 00:27:00 GMT
an-x-request-uuid
8be8447b-dcf5-4a6c-886d-20f6a97ca01d
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://s.pubmine.com/match?bidder_id=10&external_user_id=4664318827337647392&ssp_data=de349555-d0ff-4738-bf5a-71b2f3727eaa&rid=&us_privacy=&gdpr=0&gdpr_consent=
x-proxy-origin
96.9.249.38; 96.9.249.38; 797.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
match
s.pubmine.com/
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=wordpress&ssp_data=de349555-d0ff-4738-bf5a-71b2f3727eaa&user_id=de349555-d0ff-4738-bf5a-71b2f3727eaa&gdpr=0&gdpr_consent=
  • https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=wordpress&bsw_custom_parameter=99a3228b-b5ec-4ed0-ab3b-c41988f8f0a6
  • https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=wordpress&bsw_custom_parameter=99a3228b-b5ec-4ed0-ab3b-c41988f8f0a6
  • https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=78c6077d-9ae0-4df2-96e9-29f094f3081c&user_group=1&ssp=wordpress&bsw_param=99a3228b-b5ec-4ed0-ab3b-c41988f8f0a6
  • https://s.pubmine.com/match?bidder_id=1&external_user_id=99a3228b-b5ec-4ed0-ab3b-c41988f8f0a6&ssp_data=de349555-d0ff-4738-bf5a-71b2f3727eaa&gdpr=&gdpr_consent=
43 B
876 B
Image
General
Full URL
https://s.pubmine.com/match?bidder_id=1&external_user_id=99a3228b-b5ec-4ed0-ab3b-c41988f8f0a6&ssp_data=de349555-d0ff-4738-bf5a-71b2f3727eaa&gdpr=&gdpr_consent=
Protocol
HTTP/1.1
Server
52.23.11.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-23-11-45.compute-1.amazonaws.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-US,en;q=0.9
Referer
https://itsallinanutshell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date
Fri, 18 Aug 2023 00:27:01 GMT
Cache-Control
no-cache, no-store, must-revalidate
Content-Encoding
gzip
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
image/gif

Redirect headers

Location
//s.pubmine.com/match?bidder_id=1&external_user_id=99a3228b-b5ec-4ed0-ab3b-c41988f8f0a6&ssp_data=de349555-d0ff-4738-bf5a-71b2f3727eaa&gdpr=&gdpr_consent=
Date
Fri, 18 Aug 2023 00:27:01 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
match
s.pubmine.com/
Redirect Chain
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fs.pubmine.com%2Fmatch%3Fbidder_id%3D1%26external_user_id%3D%24%7BBSW_UUID%7D%26ssp_data%3Dde349555-d0ff-4738-bf5a-71b2f3727eaa%26rid%3D%26gdpr%3D0%2...
  • https://s.pubmine.com/match?bidder_id=1&external_user_id=99a3228b-b5ec-4ed0-ab3b-c41988f8f0a6&ssp_data=de349555-d0ff-4738-bf5a-71b2f3727eaa&rid=&gdpr=0&gdpr_consent=&us_privacy=
43 B
761 B
Image
General
Full URL
https://s.pubmine.com/match?bidder_id=1&external_user_id=99a3228b-b5ec-4ed0-ab3b-c41988f8f0a6&ssp_data=de349555-d0ff-4738-bf5a-71b2f3727eaa&rid=&gdpr=0&gdpr_consent=&us_privacy=
Protocol
HTTP/1.1
Server
52.23.11.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-23-11-45.compute-1.amazonaws.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-US,en;q=0.9
Referer
https://itsallinanutshell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date
Fri, 18 Aug 2023 00:27:00 GMT
Cache-Control
no-cache, no-store, must-revalidate
Content-Encoding
gzip
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
image/gif

Redirect headers

Location
https://s.pubmine.com/match?bidder_id=1&external_user_id=99a3228b-b5ec-4ed0-ab3b-c41988f8f0a6&ssp_data=de349555-d0ff-4738-bf5a-71b2f3727eaa&rid=&gdpr=0&gdpr_consent=&us_privacy=
Date
Fri, 18 Aug 2023 00:27:00 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
match
s.pubmine.com/
Redirect Chain
  • https://ssc-cms.33across.com/ps/?ri=0010b00002CphGRAAZ&ru=https%3A%2F%2Fs.pubmine.com%2Fmatch%3Fbidder_id%3D6%26external_user_id%3D33XUSERID33X%26ssp_data%3Dde349555-d0ff-4738-bf5a-71b2f3727eaa%26r...
  • https://s.pubmine.com/match?bidder_id=6&external_user_id=212240589554563&ssp_data=de349555-d0ff-4738-bf5a-71b2f3727eaa&rid=&us_privacy=&gdpr=0&gdpr_consent=
43 B
849 B
Image
General
Full URL
https://s.pubmine.com/match?bidder_id=6&external_user_id=212240589554563&ssp_data=de349555-d0ff-4738-bf5a-71b2f3727eaa&rid=&us_privacy=&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
52.23.11.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-23-11-45.compute-1.amazonaws.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-US,en;q=0.9
Referer
https://itsallinanutshell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date
Fri, 18 Aug 2023 00:27:00 GMT
Cache-Control
no-cache, no-store, must-revalidate
Content-Encoding
gzip
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Fri, 18 Aug 2023 00:26:59 GMT
referrer-policy
unsafe-url
server
33XP011
x-33x-status
100000000008200000C
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://s.pubmine.com/match?bidder_id=6&external_user_id=212240589554563&ssp_data=de349555-d0ff-4738-bf5a-71b2f3727eaa&rid=&us_privacy=&gdpr=0&gdpr_consent=
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
9d761606-1d94-4146-b70a-14c2ed516f73
https://itsallinanutshell.com/
2 KB
0
Other
General
Full URL
blob:https://itsallinanutshell.com/9d761606-1d94-4146-b70a-14c2ed516f73
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0ea6c65d8e460987a7ea8f98355f789fe6bfbe11b0afe7a1c65d6042da65ea33

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Length
1567
Content-Type
text/javascript
styles__ltr.css
www.gstatic.com/recaptcha/releases/3kTz7WGoZLQTivI-amNftGZO/ Frame A585
55 KB
24 KB
Stylesheet
General
Full URL
https://www.gstatic.com/recaptcha/releases/3kTz7WGoZLQTivI-amNftGZO/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lf1KHQUAAAAAFNKEX1hdSWCS3mRMv4FlFaNslaD&co=aHR0cHM6Ly9pdHNhbGxpbmFudXRzaGVsbC5jb206NDQz&hl=en&v=3kTz7WGoZLQTivI-amNftGZO&size=normal&cb=5opp0zebz3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:809::2003 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 15 Aug 2023 23:15:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
177102
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24605
x-xss-protection
0
last-modified
Sun, 06 Aug 2023 12:02:10 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 14 Aug 2024 23:15:18 GMT
recaptcha__en.js
www.gstatic.com/recaptcha/releases/3kTz7WGoZLQTivI-amNftGZO/ Frame A585
438 KB
176 KB
Script
General
Full URL
https://www.gstatic.com/recaptcha/releases/3kTz7WGoZLQTivI-amNftGZO/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lf1KHQUAAAAAFNKEX1hdSWCS3mRMv4FlFaNslaD&co=aHR0cHM6Ly9pdHNhbGxpbmFudXRzaGVsbC5jb206NDQz&hl=en&v=3kTz7WGoZLQTivI-amNftGZO&size=normal&cb=5opp0zebz3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:809::2003 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
973351a8332ef14670e481d690b0e7d242a6b3c949fdcac75cb767068ee5241c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 22:33:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
93240
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
180114
x-xss-protection
0
last-modified
Sun, 06 Aug 2023 12:02:10 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 15 Aug 2024 22:33:00 GMT
crum
dsum-sec.casalemedia.com/ Frame D549
Redirect Chain
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=4664318827337647392
43 B
632 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=4664318827337647392
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=197465&gdpr=0&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fs.pubmine.com%2Fmatch%3Fbidder_id%3D21%26ssp_data%3Dde349555-d0ff-4738-bf5a-71b2f3727eaa%26rid%3D%26us_privacy%3D%26gdpr%3D0%26gdpr_consent%3D%26external_user_id%3D
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 18 Aug 2023 00:27:00 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=498
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Fri, 18 Aug 2023 00:27:00 GMT
an-x-request-uuid
98592131-3139-4849-8f8c-22da69ca41b5
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=4664318827337647392
x-proxy-origin
96.9.249.38; 96.9.249.38; 797.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
ZN660gpfgXVAgUl4ibXoLAAABVMAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame D549
43 B
602 B
Image
General
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/ZN660gpfgXVAgUl4ibXoLAAABVMAAAIB?gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=197465&gdpr=0&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fs.pubmine.com%2Fmatch%3Fbidder_id%3D21%26ssp_data%3Dde349555-d0ff-4738-bf5a-71b2f3727eaa%26rid%3D%26us_privacy%3D%26gdpr%3D0%26gdpr_consent%3D%26external_user_id%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:4e9:5a01:3974:5cd2:89d:2ca0 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 00:27:00 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
crum
dsum-sec.casalemedia.com/ Frame D549
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/ie
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AABOFk7JvXYAACqoHL5WIg&expiration=1693528020
43 B
632 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AABOFk7JvXYAACqoHL5WIg&expiration=1693528020
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=197465&gdpr=0&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fs.pubmine.com%2Fmatch%3Fbidder_id%3D21%26ssp_data%3Dde349555-d0ff-4738-bf5a-71b2f3727eaa%26rid%3D%26us_privacy%3D%26gdpr%3D0%26gdpr_consent%3D%26external_user_id%3D
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 18 Aug 2023 00:27:00 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AABOFk7JvXYAACqoHL5WIg&expiration=1693528020
Date
Fri, 18 Aug 2023 00:27:00 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
rum
dsum-sec.casalemedia.com/ Frame D549
Redirect Chain
  • https://ad.turn.com/r/cs?pid=21
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=2700558205676423679
43 B
632 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=2700558205676423679
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=197465&gdpr=0&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fs.pubmine.com%2Fmatch%3Fbidder_id%3D21%26ssp_data%3Dde349555-d0ff-4738-bf5a-71b2f3727eaa%26rid%3D%26us_privacy%3D%26gdpr%3D0%26gdpr_consent%3D%26external_user_id%3D
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 18 Aug 2023 00:27:00 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=497
Content-Length
43
Expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=2700558205676423679
pragma
no-cache
date
Fri, 18 Aug 2023 00:27:00 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
crum
dsum.casalemedia.com/ Frame D549
Redirect Chain
  • https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID
  • https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=4664318827337647392
43 B
632 B
Image
General
Full URL
https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=4664318827337647392
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=197465&gdpr=0&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fs.pubmine.com%2Fmatch%3Fbidder_id%3D21%26ssp_data%3Dde349555-d0ff-4738-bf5a-71b2f3727eaa%26rid%3D%26us_privacy%3D%26gdpr%3D0%26gdpr_consent%3D%26external_user_id%3D
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 18 Aug 2023 00:27:00 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Fri, 18 Aug 2023 00:27:00 GMT
an-x-request-uuid
cac5c55a-f919-48b5-96f1-51acda83eb2b
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=4664318827337647392
x-proxy-origin
96.9.249.38; 96.9.249.38; 797.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
ZN660gpfgXVAgUl4ibXoLAAABVMAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame D549
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=ZN660gpfgXVAgUl4ibXoLAAABVMAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://pr-bh.ybp.yahoo.com/sync/casale/ZN660gpfgXVAgUl4ibXoLAAABVMAAAIB
43 B
602 B
Image
General
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/ZN660gpfgXVAgUl4ibXoLAAABVMAAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=197465&gdpr=0&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fs.pubmine.com%2Fmatch%3Fbidder_id%3D21%26ssp_data%3Dde349555-d0ff-4738-bf5a-71b2f3727eaa%26rid%3D%26us_privacy%3D%26gdpr%3D0%26gdpr_consent%3D%26external_user_id%3D
Protocol
H2
Server
2600:1f18:4e9:5a01:3974:5cd2:89d:2ca0 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 00:27:00 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43

Redirect headers

location
https://pr-bh.ybp.yahoo.com/sync/casale/ZN660gpfgXVAgUl4ibXoLAAABVMAAAIB
date
Fri, 18 Aug 2023 00:27:00 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.75
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
crum
dsum-sec.casalemedia.com/ Frame D549
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=ISyfZg9D1QwNkm5
43 B
632 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=ISyfZg9D1QwNkm5
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=197465&gdpr=0&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fs.pubmine.com%2Fmatch%3Fbidder_id%3D21%26ssp_data%3Dde349555-d0ff-4738-bf5a-71b2f3727eaa%26rid%3D%26us_privacy%3D%26gdpr%3D0%26gdpr_consent%3D%26external_user_id%3D
Protocol
HTTP/1.1
Server
192.40.39.223 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 18 Aug 2023 00:27:00 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

Pragma
no-cache
Date
Fri, 18 Aug 2023 00:27:00 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
PingMatch/v2.0.30-788-g55788f4#dev-temp-decrease-retargeting-updates-batch i-04f5649e09cbf9ea9@us-east-1e@dxedge-app-us-east-1-prod-asg
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=ISyfZg9D1QwNkm5
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame D549
43 B
855 B
Image
General
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZN660gpfgXVAgUl4ibXoLAAABVMAAAIB&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=197465&gdpr=0&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fs.pubmine.com%2Fmatch%3Fbidder_id%3D21%26ssp_data%3Dde349555-d0ff-4738-bf5a-71b2f3727eaa%26rid%3D%26us_privacy%3D%26gdpr%3D0%26gdpr_consent%3D%26external_user_id%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 18 Aug 2023 00:27:00 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
1TBCPACSM5A3KR7XZQ1P
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
match
s.pubmine.com/ Frame D549
43 B
712 B
Image
General
Full URL
https://s.pubmine.com/match?bidder_id=21&ssp_data=de349555-d0ff-4738-bf5a-71b2f3727eaa&rid=&us_privacy=&gdpr=0&gdpr_consent=&external_user_id=ZN660gpfgXVAgUl4ibXoLAAA%261363
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=197465&gdpr=0&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fs.pubmine.com%2Fmatch%3Fbidder_id%3D21%26ssp_data%3Dde349555-d0ff-4738-bf5a-71b2f3727eaa%26rid%3D%26us_privacy%3D%26gdpr%3D0%26gdpr_consent%3D%26external_user_id%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.23.11.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-23-11-45.compute-1.amazonaws.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date
Fri, 18 Aug 2023 00:27:00 GMT
Cache-Control
no-cache, no-store, must-revalidate
Content-Encoding
gzip
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
image/gif
usync.js
eus.rubiconproject.com/ Frame 3821
34 KB
10 KB
Script
General
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
72.247.65.83 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a72-247-65-83.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
f05698d815081e9ec8cb78b0175cd62943ef4982e9c6237a91b6c8bcf72a0ec6

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 00:27:00 GMT
content-encoding
gzip
last-modified
Thu, 17 Aug 2023 04:13:08 GMT
server
Apache/2.2.15 (CentOS)
x-powered-by
PHP/5.3.3
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
cache-control
max-age=13567
content-length
10116
expires
Fri, 18 Aug 2023 04:13:07 GMT
usersync
usersync.gumgum.com/ Frame A4E9
Redirect Chain
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID
  • https://usersync.gumgum.com/usersync?b=apn&i=4664318827337647392
35 B
250 B
Image
General
Full URL
https://usersync.gumgum.com/usersync?b=apn&i=4664318827337647392
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fs.pubmine.com%2Fmatch%3Fbidder_id%3D25%26ssp_data%3Dde349555-d0ff-4738-bf5a-71b2f3727eaa%26rid%3D%26us_privacy%3D%26gdpr%3D0%26gdpr_consent%3D%26external_user_id%3D
Protocol
HTTP/1.1
Server
3.214.33.241 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-214-33-241.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Fri, 18 Aug 2023 00:27:00 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

pragma
no-cache
date
Fri, 18 Aug 2023 00:27:00 GMT
an-x-request-uuid
00134a11-cd9a-451e-9619-dd861836326a
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://usersync.gumgum.com/usersync?b=apn&i=4664318827337647392
x-proxy-origin
96.9.249.38; 96.9.249.38; 797.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
usersync
usersync.gumgum.com/ Frame A4E9
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=u_889558d4-7cf8-4390-b256-922540a4a1b8&gdpr=0&gdpr_consent=&us_privacy=
  • https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=gumgum2&bsw_custom_parameter=99a3228b-b5ec-4ed0-ab3b-c41988f8f0a6
  • https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=gumgum2&bsw_custom_parameter=99a3228b-b5ec-4ed0-ab3b-c41988f8f0a6
  • https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=78c6077d-9ae0-4df2-96e9-29f094f3081c&user_group=1&ssp=gumgum2&bsw_param=99a3228b-b5ec-4ed0-ab3b-c41988f8f0a6
  • https://usersync.gumgum.com/usersync?b=bsw&i=99a3228b-b5ec-4ed0-ab3b-c41988f8f0a6&gdpr=&gdpr_consent=&us_privacy=
35 B
250 B
Image
General
Full URL
https://usersync.gumgum.com/usersync?b=bsw&i=99a3228b-b5ec-4ed0-ab3b-c41988f8f0a6&gdpr=&gdpr_consent=&us_privacy=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fs.pubmine.com%2Fmatch%3Fbidder_id%3D25%26ssp_data%3Dde349555-d0ff-4738-bf5a-71b2f3727eaa%26rid%3D%26us_privacy%3D%26gdpr%3D0%26gdpr_consent%3D%26external_user_id%3D
Protocol
HTTP/1.1
Server
3.214.33.241 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-214-33-241.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Fri, 18 Aug 2023 00:27:01 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
//usersync.gumgum.com/usersync?b=bsw&i=99a3228b-b5ec-4ed0-ab3b-c41988f8f0a6&gdpr=&gdpr_consent=&us_privacy=
Date
Fri, 18 Aug 2023 00:27:01 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
cookie-sync
sync.outbrain.com/ Frame A4E9
Redirect Chain
  • https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=0&gdprConsent=&platformRdUrl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobR...
  • https://usersync.gumgum.com/usersync?b=obn&i=ENC%28_jUAIpdXDsgbmIPKapa1lgNlarj9q4fI4VXDvTpbdL3UwiS4ScOZuZEC-WgxpMJW%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%...
  • https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=u_889558d4-7cf8-4390-b256-922540a4a1b8&obuid=ENC(_jUAIpdXDsgbmIPKapa1lgNlarj9q4fI4VXDvTpbdL3UwiS4ScOZuZEC-WgxpMJW...
  • https://sync.outbrain.com/syncPlatform?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=0
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=icco6m5&ttd_tpi=1&gdpr=0&gdpr_consent=$CONSNT_STRING&us_privacy=$CCPA&initiator=platform
  • https://sync.outbrain.com/cookie-sync?p=ttd&uid=0487fdef-dbcb-4472-91ea-091af86a64fb&gdpr=0&gdpr_consent=
0
145 B
Image
General
Full URL
https://sync.outbrain.com/cookie-sync?p=ttd&uid=0487fdef-dbcb-4472-91ea-091af86a64fb&gdpr=0&gdpr_consent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fs.pubmine.com%2Fmatch%3Fbidder_id%3D25%26ssp_data%3Dde349555-d0ff-4738-bf5a-71b2f3727eaa%26rid%3D%26us_privacy%3D%26gdpr%3D0%26gdpr_consent%3D%26external_user_id%3D
Protocol
HTTP/1.1
Server
64.202.112.127 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date
Fri, 18 Aug 2023 00:27:01 GMT
Cache-Control
no-cache
X-TraceId
a7bf4335e386ec0b4517ec08141c5311
Content-Length
0

Redirect headers

location
https://sync.outbrain.com/cookie-sync?p=ttd&uid=0487fdef-dbcb-4472-91ea-091af86a64fb&gdpr=0&gdpr_consent=
date
Fri, 18 Aug 2023 00:27:01 GMT
server
Kestrel
content-length
241
usersync
usersync.gumgum.com/ Frame A4E9
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=sta&i=0-f52a27e5-963b-512b-43e0-7607f1eb2d62$ip$96.9.249.38
35 B
250 B
Image
General
Full URL
https://usersync.gumgum.com/usersync?b=sta&i=0-f52a27e5-963b-512b-43e0-7607f1eb2d62$ip$96.9.249.38
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fs.pubmine.com%2Fmatch%3Fbidder_id%3D25%26ssp_data%3Dde349555-d0ff-4738-bf5a-71b2f3727eaa%26rid%3D%26us_privacy%3D%26gdpr%3D0%26gdpr_consent%3D%26external_user_id%3D
Protocol
HTTP/1.1
Server
3.214.33.241 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-214-33-241.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Fri, 18 Aug 2023 00:27:00 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
https://usersync.gumgum.com/usersync?b=sta&i=0-f52a27e5-963b-512b-43e0-7607f1eb2d62$ip$96.9.249.38
Date
Fri, 18 Aug 2023 00:27:00 GMT
Connection
keep-alive
Content-Length
125
Content-Type
text/html; charset=utf-8
usersync
usersync.gumgum.com/ Frame A4E9
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=oth&i=y-5s28TJFE2pejZ0QiFo_n9ySbXoqrOFQTcBGC~A
35 B
250 B
Image
General
Full URL
https://usersync.gumgum.com/usersync?b=oth&i=y-5s28TJFE2pejZ0QiFo_n9ySbXoqrOFQTcBGC~A
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fs.pubmine.com%2Fmatch%3Fbidder_id%3D25%26ssp_data%3Dde349555-d0ff-4738-bf5a-71b2f3727eaa%26rid%3D%26us_privacy%3D%26gdpr%3D0%26gdpr_consent%3D%26external_user_id%3D
Protocol
HTTP/1.1
Server
3.214.33.241 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-214-33-241.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Fri, 18 Aug 2023 00:27:00 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

date
Fri, 18 Aug 2023 00:27:00 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://usersync.gumgum.com/usersync?b=oth&i=y-5s28TJFE2pejZ0QiFo_n9ySbXoqrOFQTcBGC~A
content-length
0
usersync
usersync.gumgum.com/ Frame A4E9
Redirect Chain
  • https://match.deepintent.com/usersync/142?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Ddit%26i%3D%24%7BDI_USER_ID%7D
  • https://usersync.gumgum.com/usersync?b=dit&i=di_3589adc5c5654cff8c7f3
35 B
250 B
Image
General
Full URL
https://usersync.gumgum.com/usersync?b=dit&i=di_3589adc5c5654cff8c7f3
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fs.pubmine.com%2Fmatch%3Fbidder_id%3D25%26ssp_data%3Dde349555-d0ff-4738-bf5a-71b2f3727eaa%26rid%3D%26us_privacy%3D%26gdpr%3D0%26gdpr_consent%3D%26external_user_id%3D
Protocol
HTTP/1.1
Server
3.214.33.241 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-214-33-241.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Fri, 18 Aug 2023 00:27:00 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

location
https://usersync.gumgum.com/usersync?b=dit&i=di_3589adc5c5654cff8c7f3
date
Fri, 18 Aug 2023 00:26:59 GMT
content-type
image/gif
server
b
content-length
0
p3p
policyref='http://cdn.deepintent.com/p3p.xml', CP='NON CUR DEV TAI'
usersync
usersync.gumgum.com/ Frame A4E9
Redirect Chain
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=u_889558d4-7cf8-4390-b256-922540a4a1b8&gdpr=0&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__
  • https://stags.bluekai.com/site/23178?id=XCrfLrjrE8jfTLEMuA7H&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LO...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTHMRYHEPJQEZUT2WCDOJTEY4TKOJCTQ2TGKRGEKTLVIE3UQ
  • https://usersync.gumgum.com/usersync?b=zem&gdpr=0&i=XCrfLrjrE8jfTLEMuA7H
35 B
250 B
Image
General
Full URL
https://usersync.gumgum.com/usersync?b=zem&gdpr=0&i=XCrfLrjrE8jfTLEMuA7H
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fs.pubmine.com%2Fmatch%3Fbidder_id%3D25%26ssp_data%3Dde349555-d0ff-4738-bf5a-71b2f3727eaa%26rid%3D%26us_privacy%3D%26gdpr%3D0%26gdpr_consent%3D%26external_user_id%3D
Protocol
HTTP/1.1
Server
3.214.33.241 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-214-33-241.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Fri, 18 Aug 2023 00:27:01 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Pragma
no-cache
Date
Fri, 18 Aug 2023 00:27:00 GMT
Content-Type
text/html; charset=utf-8
Location
https://usersync.gumgum.com/usersync?b=zem&gdpr=0&i=XCrfLrjrE8jfTLEMuA7H
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
103
Expires
Thu, 01 Dec 1994 16:00:00 GMT
usersync
usersync.gumgum.com/ Frame A4E9
Redirect Chain
  • https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
  • https://usersync.gumgum.com/usersync?b=idi&i=6e611e0d-248a-42aa-aae5-d95b1b85c6a2
35 B
250 B
Image
General
Full URL
https://usersync.gumgum.com/usersync?b=idi&i=6e611e0d-248a-42aa-aae5-d95b1b85c6a2
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fs.pubmine.com%2Fmatch%3Fbidder_id%3D25%26ssp_data%3Dde349555-d0ff-4738-bf5a-71b2f3727eaa%26rid%3D%26us_privacy%3D%26gdpr%3D0%26gdpr_consent%3D%26external_user_id%3D
Protocol
HTTP/1.1
Server
3.214.33.241 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-214-33-241.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Fri, 18 Aug 2023 00:27:00 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

location
https://usersync.gumgum.com/usersync?b=idi&i=6e611e0d-248a-42aa-aae5-d95b1b85c6a2
access-control-allow-origin
*
date
Fri, 18 Aug 2023 00:27:00 GMT
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
usersync
usersync.gumgum.com/ Frame A4E9
Redirect Chain
  • https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=sad&i=8367935734482287302
35 B
250 B
Image
General
Full URL
https://usersync.gumgum.com/usersync?b=sad&i=8367935734482287302
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fs.pubmine.com%2Fmatch%3Fbidder_id%3D25%26ssp_data%3Dde349555-d0ff-4738-bf5a-71b2f3727eaa%26rid%3D%26us_privacy%3D%26gdpr%3D0%26gdpr_consent%3D%26external_user_id%3D
Protocol
HTTP/1.1
Server
3.214.33.241 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-214-33-241.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Fri, 18 Aug 2023 00:27:00 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

location
https://usersync.gumgum.com/usersync?b=sad&i=8367935734482287302
date
Fri, 18 Aug 2023 00:27:00 GMT
content-length
0
match
s.pubmine.com/ Frame A4E9
43 B
879 B
Image
General
Full URL
https://s.pubmine.com/match?bidder_id=25&ssp_data=de349555-d0ff-4738-bf5a-71b2f3727eaa&rid=&us_privacy=&gdpr=0&gdpr_consent=&external_user_id=u_889558d4-7cf8-4390-b256-922540a4a1b8
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fs.pubmine.com%2Fmatch%3Fbidder_id%3D25%26ssp_data%3Dde349555-d0ff-4738-bf5a-71b2f3727eaa%26rid%3D%26us_privacy%3D%26gdpr%3D0%26gdpr_consent%3D%26external_user_id%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.23.11.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-23-11-45.compute-1.amazonaws.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-US,en;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date
Fri, 18 Aug 2023 00:27:00 GMT
Cache-Control
no-cache, no-store, must-revalidate
Content-Encoding
gzip
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
image/gif
usersync
usersync.gumgum.com/ Frame 49B7
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=atm&i=ZN660gAJaLisYgAb&gdpr=0&gdpr_consent=
35 B
250 B
Document
General
Full URL
https://usersync.gumgum.com/usersync?b=atm&i=ZN660gAJaLisYgAb&gdpr=0&gdpr_consent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fs.pubmine.com%2Fmatch%3Fbidder_id%3D25%26ssp_data%3Dde349555-d0ff-4738-bf5a-71b2f3727eaa%26rid%3D%26us_privacy%3D%26gdpr%3D0%26gdpr_consent%3D%26external_user_id%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
3.214.33.241 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-214-33-241.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Fri, 18 Aug 2023 00:27:00 GMT
Expires
0
Pragma
no-cache

Redirect headers

accept-ranges
bytes
cache-control
no-cache
content-length
0
date
Fri, 18 Aug 2023 00:27:00 GMT
location
https://usersync.gumgum.com/usersync?b=atm&i=ZN660gAJaLisYgAb&gdpr=0&gdpr_consent=
pragma
no-cache
retry-after
0
server
Varnish
via
1.1 varnish
x-cache
HIT
x-cache-hits
0
x-served-by
cache-yyz4533-YYZ
x-timer
S1692318421.583941,VS0,VE0
sd
us-u.openx.net/w/1.0/ Frame 123C
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D
  • https://us-u.openx.net/w/1.0/sd?id=537148856&val=ZN660gAJaLisYgAb
43 B
61 B
Image
General
Full URL
https://us-u.openx.net/w/1.0/sd?id=537148856&val=ZN660gAJaLisYgAb
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 00:27:00 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

x-served-by
cache-yyz4533-YYZ
pragma
no-cache
date
Fri, 18 Aug 2023 00:27:00 GMT
via
1.1 varnish
server
Varnish
x-timer
S1692318421.584149,VS0,VE0
x-cache
HIT
location
https://us-u.openx.net/w/1.0/sd?id=537148856&val=ZN660gAJaLisYgAb
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
45c7717b-3513-eb03-c249-cbbe78f9b9f2
pr-bh.ybp.yahoo.com/sync/openx/ Frame 123C
43 B
602 B
Image
General
Full URL
https://pr-bh.ybp.yahoo.com/sync/openx/45c7717b-3513-eb03-c249-cbbe78f9b9f2?gdpr=0
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:4e9:5a01:3974:5cd2:89d:2ca0 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-US,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 00:27:00 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
dcm
s.amazon-adsystem.com/ Frame 123C
43 B
855 B
Image
General
Full URL
https://s.amazon-adsystem.com/dcm?pid=6e1b1225-4dd8-4d7d-b277-465574a27014&id=89d66b42-b915-c2b0-3390-5fdcef9dbf5b
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 18 Aug 2023 00:27:00 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
S5RV4VTJZPCC3PN3D95T
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 123C
Redirect Chain
  • https://match.adsrvr.org/track/cmf/openx?oxid=d100173f-a5bf-794a-f39e-dd4b87ae74bb&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=0487fdef-dbcb-4472-91ea-091af86a64fb&ttd_puid=d100173f-a5bf-794a-f39e-dd4b87ae74bb&gdpr=0&gdpr_consent=
43 B
62 B
Image
General
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072971&val=0487fdef-dbcb-4472-91ea-091af86a64fb&ttd_puid=d100173f-a5bf-794a-f39e-dd4b87ae74bb&gdpr=0&gdpr_consent=
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 00:27:00 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?id=537072971&val=0487fdef-dbcb-4472-91ea-091af86a64fb&ttd_puid=d100173f-a5bf-794a-f39e-dd4b87ae74bb&gdpr=0&gdpr_consent=
date
Fri, 18 Aug 2023 00:27:00 GMT
server
Kestrel
content-length
335
pixel
cm.g.doubleclick.net/ Frame 123C
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZmQ2ZmM0ZjUtNmNjOC0yN2VlLWU2N2UtODdmMjRkNGNiYWRi
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.176.194 Grosse Pointe, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s37-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 00:27:00 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 123C
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEA1zd0avOu2H06z_OZ9HbZE&google_cver=1
43 B
61 B
Image
General
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEA1zd0avOu2H06z_OZ9HbZE&google_cver=1
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 00:27:00 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 18 Aug 2023 00:27:00 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEA1zd0avOu2H06z_OZ9HbZE&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame E69F
170 B
188 B
Document
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=dV84ODk1NThkNC03Y2Y4LTQzOTAtYjI1Ni05MjI1NDBhNGExYjg=&gdpr=0&gdpr_consent=&google_redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dgdv
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fs.pubmine.com%2Fmatch%3Fbidder_id%3D25%26ssp_data%3Dde349555-d0ff-4738-bf5a-71b2f3727eaa%26rid%3D%26us_privacy%3D%26gdpr%3D0%26gdpr_consent%3D%26external_user_id%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.176.194 Grosse Pointe, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s37-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
170
content-type
image/png
cross-origin-resource-policy
cross-origin
date
Fri, 18 Aug 2023 00:27:00 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
server
HTTP server (unknown)
x-xss-protection
0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 5BDD
15 KB
6 KB
Document
General
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fs.pubmine.com%2Fmatch%3Fbidder_id%3D25%26ssp_data%3Dde349555-d0ff-4738-bf5a-71b2f3727eaa%26rid%3D%26us_privacy%3D%26gdpr%3D0%26gdpr_consent%3D%26external_user_id%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.22.40.190 Liljeholmen, Sweden, ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE),
Reverse DNS
a2-22-40-190.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=158041
content-encoding
gzip
content-length
5606
content-type
text/html
date
Fri, 18 Aug 2023 00:27:00 GMT
expires
Sat, 19 Aug 2023 20:21:01 GMT
last-modified
Tue, 11 Jul 2023 09:39:35 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
us.gif
sync.go.sonobi.com/ Frame C57D
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=sonobi&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=sonobi&bsw_param=99a3228b-b5ec-4ed0-ab3b-c41988f8f0a6&google_hm=OTlhMzIyOGItYjVlYy00ZWQwLWFiM2ItYzQxOTg4ZjhmMGE2
  • https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEGKx86Mz-cdG__macsbQCRU&google_cver=1&ssp=sonobi&bsw_param=99a3228b-b5ec-4ed0-ab3b-c41988f8f0a6
  • https://sync.go.sonobi.com/us.gif?nw=bidswitch&nuid=99a3228b-b5ec-4ed0-ab3b-c41988f8f0a6
49 B
768 B
Image
General
Full URL
https://sync.go.sonobi.com/us.gif?nw=bidswitch&nuid=99a3228b-b5ec-4ed0-ab3b-c41988f8f0a6
Requested by
Host: sync.go.sonobi.com
URL: https://sync.go.sonobi.com/uc.html?
Protocol
H2
Server
69.166.1.34 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.go.sonobi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 00:27:01 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-5-113
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store, private
tcn
Choice
content-length
49
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

Location
//sync.go.sonobi.com/us.gif?nw=bidswitch&nuid=99a3228b-b5ec-4ed0-ab3b-c41988f8f0a6
Date
Fri, 18 Aug 2023 00:27:01 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
us.gif
sync.go.sonobi.com/ Frame C57D
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sonobi&ttd_tpi=1&ttd_puid=&gdpr=0&gdpr_consent=
  • https://sync.go.sonobi.com/us.gif?nw=td&nuid=0487fdef-dbcb-4472-91ea-091af86a64fb&pubid=
49 B
768 B
Image
General
Full URL
https://sync.go.sonobi.com/us.gif?nw=td&nuid=0487fdef-dbcb-4472-91ea-091af86a64fb&pubid=
Requested by
Host: sync.go.sonobi.com
URL: https://sync.go.sonobi.com/uc.html?
Protocol
H2
Server
69.166.1.34 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.go.sonobi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 00:27:00 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-5-113
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store, private
tcn
Choice
content-length
49
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://sync.go.sonobi.com/us.gif?nw=td&nuid=0487fdef-dbcb-4472-91ea-091af86a64fb&pubid=
date
Fri, 18 Aug 2023 00:27:00 GMT
server
Kestrel
content-length
207
us.gif
sync.go.sonobi.com/ Frame C57D
Redirect Chain
  • https://p.rfihub.com/cm?pub=35683&in=1
  • https://sync.go.sonobi.com/us.gif?nw=zt&nuid=970033166257797130
49 B
749 B
Image
General
Full URL
https://sync.go.sonobi.com/us.gif?nw=zt&nuid=970033166257797130
Requested by
Host: sync.go.sonobi.com
URL: https://sync.go.sonobi.com/uc.html?
Protocol
H2
Server
69.166.1.34 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.go.sonobi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 00:27:00 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-5-113
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store, private
tcn
Choice
content-length
49
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

Location
https://sync.go.sonobi.com/us.gif?nw=zt&nuid=970033166257797130
Date
Fri, 18 Aug 2023 00:27:00 GMT
Server
Jetty(9.4.51.v20230217)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
us.gif
sync.go.sonobi.com/ Frame C57D
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=sonobi
  • https://sync.go.sonobi.com/us.gif?nw=rh&nuid=IQenns9db6STUgZpbm9c&pi=sonobi
49 B
751 B
Image
General
Full URL
https://sync.go.sonobi.com/us.gif?nw=rh&nuid=IQenns9db6STUgZpbm9c&pi=sonobi
Requested by
Host: sync.go.sonobi.com
URL: https://sync.go.sonobi.com/uc.html?
Protocol
H2
Server
69.166.1.34 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.go.sonobi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 00:27:00 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-5-113
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store, private
tcn
Choice
content-length
49
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://sync.go.sonobi.com/us.gif?nw=rh&nuid=IQenns9db6STUgZpbm9c&pi=sonobi
pragma
no-cache
date
Fri, 18 Aug 2023 00:27:00 GMT, Fri, 18 Aug 2023 00:27:00 GMT
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
us.gif
sync.go.sonobi.com/ Frame C57D
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?do=add&pid=560606&ev=2504e206-099c-4dfa-a5b0-f8c2c91d13ac&daaqp=1&rurl=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dpp%26nuid%3D%25%25VGUID%25%25
  • https://cm.g.doubleclick.net/pixel?google_nid=contextweb&google_cm&google_sc&google_hm=OG1YMGc1UFBqdmpwdzV1ekkycU5oUQ&gdpr=&gdpr_consent=
  • https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=&gdpr_consent=&ev=CAESEGHUiaeyxm7VYo2ufmcsJsg&google_cver=1
  • https://sync.go.sonobi.com/us.gif?nw=pp&nuid=LRorNYzj3RZ1
49 B
743 B
Image
General
Full URL
https://sync.go.sonobi.com/us.gif?nw=pp&nuid=LRorNYzj3RZ1
Requested by
Host: sync.go.sonobi.com
URL: https://sync.go.sonobi.com/uc.html?
Protocol
H2
Server
69.166.1.34 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.go.sonobi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 00:27:01 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-5-113
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store, private
tcn
Choice
content-length
49
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

strict-transport-security
max-age=15768000
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(10.0.14)
content-language
en-US
location
https://sync.go.sonobi.com/us.gif?nw=pp&nuid=LRorNYzj3RZ1
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-cdb79dd64-d8gd7
expires
-1
us.gif
sync.go.sonobi.com/ Frame C57D
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=1be30a61-c15d-465d-b6e5-82da40df8212&r=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dopenx%26nuid%3D
  • https://sync.go.sonobi.com/us.gif?nw=openx&nuid=7a2dab3d-746b-4e45-88a6-d46da59835fe
49 B
768 B
Image
General
Full URL
https://sync.go.sonobi.com/us.gif?nw=openx&nuid=7a2dab3d-746b-4e45-88a6-d46da59835fe
Requested by
Host: sync.go.sonobi.com
URL: https://sync.go.sonobi.com/uc.html?
Protocol
H2
Server
69.166.1.34 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.go.sonobi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 00:27:00 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-5-113
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store, private
tcn
Choice
content-length
49
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

date
Fri, 18 Aug 2023 00:27:00 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://sync.go.sonobi.com/us.gif?nw=openx&nuid=7a2dab3d-746b-4e45-88a6-d46da59835fe
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
us.gif
sync.go.sonobi.com/ Frame C57D
Redirect Chain
  • https://x.videobyte.com/setuid?bidder=sonobi&uid=2504e206-099c-4dfa-a5b0-f8c2c91d13ac&cb=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dvb%26nuid%3D%24UID
  • https://sync.go.sonobi.com/us.gif?nw=vb&nuid=2faf151c-23cb-4a64-be7d-68bd2f610eb3
49 B
768 B
Image
General
Full URL
https://sync.go.sonobi.com/us.gif?nw=vb&nuid=2faf151c-23cb-4a64-be7d-68bd2f610eb3
Requested by
Host: sync.go.sonobi.com
URL: https://sync.go.sonobi.com/uc.html?
Protocol
H2
Server
69.166.1.34 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.go.sonobi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 00:27:00 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-5-113
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store, private
tcn
Choice
content-length
49
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://sync.go.sonobi.com/us.gif?nw=vb&nuid=2faf151c-23cb-4a64-be7d-68bd2f610eb3
date
Fri, 18 Aug 2023 00:27:00 GMT
content-length
120
vary
Origin
content-type
text/html; charset=utf-8
us.gif
sync.go.sonobi.com/ Frame C57D
Redirect Chain
  • https://e.serverbid.com/udb/9969/match?redir=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dco%26nuid%3D
  • https://sync.go.sonobi.com/us.gif?nw=co&nuid=10d14413798e4309914413798ef309f8
49 B
840 B
Image
General
Full URL
https://sync.go.sonobi.com/us.gif?nw=co&nuid=10d14413798e4309914413798ef309f8
Requested by
Host: sync.go.sonobi.com
URL: https://sync.go.sonobi.com/uc.html?
Protocol
H2
Server
69.166.1.34 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.go.sonobi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 00:27:01 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-5-113
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store, private
tcn
Choice
content-length
49
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

date
Fri, 18 Aug 2023 00:27:00 GMT
access-control-max-age
10080
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://sync.go.sonobi.com
location
https://sync.go.sonobi.com/us.gif?nw=co&nuid=10d14413798e4309914413798ef309f8
access-control-allow-credentials
true
access-control-allow-headers
origin, content-type, accept
content-length
0
info2
uipglob.semasio.net/sonobi/1/ Frame C57D
Redirect Chain
  • https://uipglob.semasio.net/sonobi/1/info?sType=sync&sExtCookieId=2504e206-099c-4dfa-a5b0-f8c2c91d13ac&sInitiator=external
  • https://uipglob.semasio.net/sonobi/1/info2?sType=sync&sExtCookieId=2504e206-099c-4dfa-a5b0-f8c2c91d13ac&sInitiator=external
42 B
604 B
Image
General
Full URL
https://uipglob.semasio.net/sonobi/1/info2?sType=sync&sExtCookieId=2504e206-099c-4dfa-a5b0-f8c2c91d13ac&sInitiator=external
Requested by
Host: sync.go.sonobi.com
URL: https://sync.go.sonobi.com/uc.html?
Protocol
HTTP/1.1
Server
50.57.31.206 , United States, ASN19994 (RACKSPACE, US),
Reverse DNS
Software
/
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.go.sonobi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 18 Aug 2023 00:27:00 GMT
Frontend-ID
10
P3P
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
Content-Type
image/gif
UIP-Response-Status
Ok
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Origin
*
Content-Length
42
Routing-Server-ID
-1
Expires
Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 18 Aug 2023 00:27:00 GMT
Frontend-ID
1
P3P
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
Location
/sonobi/1/info2?sType=sync&sExtCookieId=2504e206-099c-4dfa-a5b0-f8c2c91d13ac&sInitiator=external
UIP-Response-Status
Ok
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Origin
*
Connection
Keep-Alive
Content-Length
0
Routing-Server-ID
-1
Expires
Sat, 01 Jan 2011 12:00:00 GMT
us.gif
sync.go.sonobi.com/ Frame C57D
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58645/occ
  • https://sync.go.sonobi.com/us.gif?nw=yh&nuid=y-.ErJdDtE2uH7svRzPOcQHA5F0cXGAfukULHRiSs-~A
49 B
776 B
Image
General
Full URL
https://sync.go.sonobi.com/us.gif?nw=yh&nuid=y-.ErJdDtE2uH7svRzPOcQHA5F0cXGAfukULHRiSs-~A
Requested by
Host: sync.go.sonobi.com
URL: https://sync.go.sonobi.com/uc.html?
Protocol
H2
Server
69.166.1.34 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.go.sonobi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 00:27:00 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-5-113
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store, private
tcn
Choice
content-length
49
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://sync.go.sonobi.com/us.gif?nw=yh&nuid=y-.ErJdDtE2uH7svRzPOcQHA5F0cXGAfukULHRiSs-~A
date
Fri, 18 Aug 2023 00:27:00 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.75
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
user-sync
sync.adkernel.com/ Frame C57D
0
0
Image
General
Full URL
https://sync.adkernel.com/user-sync?zone=183045&r=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dmd%26nuid%3D%7BUID%7D
Requested by
Host: sync.go.sonobi.com
URL: https://sync.go.sonobi.com/uc.html?
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
174.137.133.32 , United States, ASN27257 (WEBAIR-INTERNET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.go.sonobi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

30907
tags.bluekai.com/site/ Frame C57D
62 B
359 B
Image
General
Full URL
https://tags.bluekai.com/site/30907?id=2504e206-099c-4dfa-a5b0-f8c2c91d13ac
Requested by
Host: sync.go.sonobi.com
URL: https://sync.go.sonobi.com/uc.html?
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.107.25.203 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-107-25-203.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.go.sonobi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
date
Fri, 18 Aug 2023 00:27:00 GMT
content-length
62
content-type
image/gif
us.gif
sync.go.sonobi.com/ Frame C57D
Redirect Chain
  • https://eb2.3lift.com/getuid?redir=%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Dtl%26nuid%3D%24UID
  • https://sync.go.sonobi.com/us.gif?nw=tl&nuid=4080762774149756005240
49 B
753 B
Image
General
Full URL
https://sync.go.sonobi.com/us.gif?nw=tl&nuid=4080762774149756005240
Requested by
Host: sync.go.sonobi.com
URL: https://sync.go.sonobi.com/uc.html?
Protocol
H2
Server
69.166.1.34 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.go.sonobi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 00:27:00 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-5-113
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store, private
tcn
Choice
content-length
49
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://sync.go.sonobi.com/us.gif?nw=tl&nuid=4080762774149756005240
date
Fri, 18 Aug 2023 00:27:00 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
db_sync
px.ads.linkedin.com/ Frame C57D
Redirect Chain
  • https://idsync.rlcdn.com/711892.gif?partner_uid=2504e206-099c-4dfa-a5b0-f8c2c91d13ac
  • https://idsync.rlcdn.com/1000.gif?memo=CNS5KxIwCiwIARDAlQEaJDI1MDRlMjA2LTA5OWMtNGRmYS1hNWIwLWY4YzJjOTFkMTNhYxAAGg0I1PX6pgYSBQjoBxAAQgBKAA
  • https://pippio.com/api/sync?pid=5324&it=1&iv=ed8ccf0abe633aed0e68b264eaca619de8991d1b35c10f2bc4a573598917a0c1791426b5417dce21&_=2
  • https://px.ads.linkedin.com/db_sync?pid=10339&puuid=ed8ccf0abe633aed0e68b264eaca619de8991d1b35c10f2bc4a573598917a0c1791426b5417dce21&rand=01675728
0
142 B
Image
General
Full URL
https://px.ads.linkedin.com/db_sync?pid=10339&puuid=ed8ccf0abe633aed0e68b264eaca619de8991d1b35c10f2bc4a573598917a0c1791426b5417dce21&rand=01675728
Requested by
Host: sync.go.sonobi.com
URL: https://sync.go.sonobi.com/uc.html?
Protocol
H2
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.go.sonobi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 00:27:00 GMT
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: A704F731ECF4444EB7FCB6C5992EA7D0 Ref B: NYCEDGE1609 Ref C: 2023-08-18T00:27:01Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-ltx1
x-li-proto
http/2
content-length
0
x-li-uuid
AAYDJ5Zcd7VOeG4lYrFc3g==

Redirect headers

date
Fri, 18 Aug 2023 00:27:01 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://px.ads.linkedin.com/db_sync?pid=10339&puuid=ed8ccf0abe633aed0e68b264eaca619de8991d1b35c10f2bc4a573598917a0c1791426b5417dce21&rand=01675728
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
us.gif
sync.go.sonobi.com/ Frame C57D
Redirect Chain
  • https://nep.advangelists.com/xp/user-sync?acctid=255&redirect=https://sync.go.sonobi.com/us.gif?nw=av&nuid=$UID
  • https://sync.go.sonobi.com/us.gif?nw=av
49 B
583 B
Image
General
Full URL
https://sync.go.sonobi.com/us.gif?nw=av
Requested by
Host: sync.go.sonobi.com
URL: https://sync.go.sonobi.com/uc.html?
Protocol
H2
Server
69.166.1.34 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.go.sonobi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 00:27:08 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-5-113
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store, private
tcn
Choice
content-length
49
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://sync.go.sonobi.com/us.gif?nw=av
date
Fri, 18 Aug 2023 00:27:07 GMT
server
Apache-Coyote/1.1
content-length
0
all
ssl-market-east.smrtb.com/sync/ Frame C57D
0
0

demconf.jpg
dpm.demdex.net/ Frame C57D
Redirect Chain
  • https://dpm.demdex.net/ibs:dpid=87880&dpuuid=2504e206-099c-4dfa-a5b0-f8c2c91d13ac
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=87880&dpuuid=2504e206-099c-4dfa-a5b0-f8c2c91d13ac
42 B
942 B
Image
General
Full URL
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=87880&dpuuid=2504e206-099c-4dfa-a5b0-f8c2c91d13ac
Requested by
Host: sync.go.sonobi.com
URL: https://sync.go.sonobi.com/uc.html?
Protocol
HTTP/1.1
Server
44.226.139.197 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-226-139-197.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.go.sonobi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

DCS
dcs-prod-usw2-1-v046-01194f935.edge-usw2.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
+zmO0cN+SN8=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS
dcs-prod-usw2-1-v046-0fb4966c9.edge-usw2.demdex.com 0 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
BWGPGLmjSGU=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=87880&dpuuid=2504e206-099c-4dfa-a5b0-f8c2c91d13ac
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
us.gif
sync.go.sonobi.com/ Frame C57D
Redirect Chain
  • https://ib.adnxs.com/getuid?https://sync.go.sonobi.com/us.gif?nw=appnex&nuid=$UID
  • https://sync.go.sonobi.com/us.gif?nw=appnex&nuid=4664318827337647392
49 B
750 B
Image
General
Full URL
https://sync.go.sonobi.com/us.gif?nw=appnex&nuid=4664318827337647392
Requested by
Host: sync.go.sonobi.com
URL: https://sync.go.sonobi.com/uc.html?
Protocol
H2
Server
69.166.1.34 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.go.sonobi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 00:27:00 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-5-113
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store, private
tcn
Choice
content-length
49
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 18 Aug 2023 00:27:00 GMT
an-x-request-uuid
8fbdcfd9-78fa-42b6-b7bf-237d12e4fe14
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://sync.go.sonobi.com/us.gif?nw=appnex&nuid=4664318827337647392
x-proxy-origin
96.9.249.38; 96.9.249.38; 797.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
usersync
match.bnmla.com/ Frame C57D
0
0

usg.gif
sync.go.sonobi.com/ Frame C57D
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_cm&google_hm=MjUwNGUyMDYtMDk5Yy00ZGZhLWE1YjAtZjhjMmM5MWQxM2Fj
  • https://sync.go.sonobi.com/usg.gif?google_gid=CAESEB697W8mmHgjQzWfoLRY2Q8&google_cver=1
49 B
762 B
Image
General
Full URL
https://sync.go.sonobi.com/usg.gif?google_gid=CAESEB697W8mmHgjQzWfoLRY2Q8&google_cver=1
Requested by
Host: sync.go.sonobi.com
URL: https://sync.go.sonobi.com/uc.html?
Protocol
H2
Server
69.166.1.34 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.go.sonobi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 00:27:00 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-5-113
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store, private
tcn
Choice
content-length
49
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 18 Aug 2023 00:27:00 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://sync.go.sonobi.com/usg.gif?google_gid=CAESEB697W8mmHgjQzWfoLRY2Q8&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
288
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
us.gif
sync.go.sonobi.com/ Frame C57D
Redirect Chain
  • https://rtb.mfadsrvr.com/sync?ssp=sonobi&ssp_user_id=${userid}
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=sonobi&ssp_user_id=${userid}
  • https://sync.go.sonobi.com/us.gif?nw=f0b1844a9b&nuid=33c5860f-fea7-4a3e-9467-6dfe3d4f70be
49 B
506 B
Image
General
Full URL
https://sync.go.sonobi.com/us.gif?nw=f0b1844a9b&nuid=33c5860f-fea7-4a3e-9467-6dfe3d4f70be
Requested by
Host: sync.go.sonobi.com
URL: https://sync.go.sonobi.com/uc.html?
Protocol
H2
Server
69.166.1.34 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://sync.go.sonobi.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 00:27:01 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-5-113
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store, private
tcn
Choice
content-length
49
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
//sync.go.sonobi.com/us.gif?nw=f0b1844a9b&nuid=33c5860f-fea7-4a3e-9467-6dfe3d4f70be
date
Fri, 18 Aug 2023 00:27:01 GMT
cache-control
no-cache, no-store, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
usersync
usersync.gumgum.com/ Frame F87C
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=ttd&i=0487fdef-dbcb-4472-91ea-091af86a64fb
35 B
250 B
Document
General
Full URL
https://usersync.gumgum.com/usersync?b=ttd&i=0487fdef-dbcb-4472-91ea-091af86a64fb
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fs.pubmine.com%2Fmatch%3Fbidder_id%3D25%26ssp_data%3Dde349555-d0ff-4738-bf5a-71b2f3727eaa%26rid%3D%26us_privacy%3D%26gdpr%3D0%26gdpr_consent%3D%26external_user_id%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
3.214.33.241 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-214-33-241.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Fri, 18 Aug 2023 00:27:00 GMT
Expires
0
Pragma
no-cache

Redirect headers

content-length
193
date
Fri, 18 Aug 2023 00:27:00 GMT
location
https://usersync.gumgum.com/usersync?b=ttd&i=0487fdef-dbcb-4472-91ea-091af86a64fb
server
Kestrel
usersync
usersync.gumgum.com/ Frame 0AD5
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=gumgum
  • https://usersync.gumgum.com/usersync?b=rth&i=IQenns9db6STUgZpbm9c&pi=gumgum
35 B
250 B
Document
General
Full URL
https://usersync.gumgum.com/usersync?b=rth&i=IQenns9db6STUgZpbm9c&pi=gumgum
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fs.pubmine.com%2Fmatch%3Fbidder_id%3D25%26ssp_data%3Dde349555-d0ff-4738-bf5a-71b2f3727eaa%26rid%3D%26us_privacy%3D%26gdpr%3D0%26gdpr_consent%3D%26external_user_id%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
3.214.33.241 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-214-33-241.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Fri, 18 Aug 2023 00:27:00 GMT
Expires
0
Pragma
no-cache

Redirect headers

cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
date
Fri, 18 Aug 2023 00:27:00 GMT Fri, 18 Aug 2023 00:27:00 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://usersync.gumgum.com/usersync?b=rth&i=IQenns9db6STUgZpbm9c&pi=gumgum
pragma
no-cache
usync.html
eus.rubiconproject.com/ Frame 0502
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum
  • https://eus.rubiconproject.com/usync.html?p=gumgum
281 B
401 B
Document
General
Full URL
https://eus.rubiconproject.com/usync.html?p=gumgum
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fs.pubmine.com%2Fmatch%3Fbidder_id%3D25%26ssp_data%3Dde349555-d0ff-4738-bf5a-71b2f3727eaa%26rid%3D%26us_privacy%3D%26gdpr%3D0%26gdpr_consent%3D%26external_user_id%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
72.247.65.83 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a72-247-65-83.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
content-encoding
gzip
content-length
233
content-type
text/html; charset=UTF-8
date
Fri, 18 Aug 2023 00:27:00 GMT
etag
"403b9-119-5ec73a0a33d00"
last-modified
Wed, 02 Nov 2022 02:30:44 GMT
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Fri, 18 Aug 2023 00:27:00 GMT
location
https://eus.rubiconproject.com/usync.html?p=gumgum
server
AkamaiGHost
PugMaster
image6.pubmatic.com/AdServer/ Frame 1B93
2 KB
2 KB
Script
General
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=65850408&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fs.pubmine.com%2Fmatch%3Fbidder_id%3D11%26ssp_data%3Dde349555-d0ff-4738-bf5a-71b2f3727eaa%26rid%3D%26us_privacy%3D%26gdpr%3D0%26gdpr_consent%3D%26external_user_id%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.81 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
c9b58c48bf02a5f1c31b896ae343d20ed2fdd81deeff0b4a8c277f27f9d7db60

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Thu, 17 Aug 2023 08:49:22 GMT
content-length
1917
content-type
text/html; charset=UTF-8
async_usersync
secure.adnxs.com/ Frame A900
0
593 B
Script
General
Full URL
https://secure.adnxs.com/async_usersync?cbfn=AN_async_load
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.161.182 New York, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
797.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 00:27:00 GMT
an-x-request-uuid
7a4b3b4b-90f0-4068-858c-783c7669f810
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
96.9.249.38; 96.9.249.38; 797.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/
37 KB
15 KB
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=244299579352505&correlator=4309194616060196&eid=31076398%2C31076768%2C31077123&output=ldjh&gdfp_req=1&vrg=202308150101&ptt=17&impl=fif&us_privacy=1---&iu_parts=21732118914%3A22975044942%2Citsallinanutshell_com-edge-2&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C160x600&fluid=height&ifi=11&didk=115933708&sfv=1-0-40&rcs=3&eri=1&sc=1&cookie=ID%3D873143505799b32e%3AT%3D1692318415%3ART%3D1692318415%3AS%3DALNI_MZKdxWcwhATBS_BWyj8cEreudmDwA&gpic=UID%3D00000d8c0537ff80%3AT%3D1692318415%3ART%3D1692318415%3AS%3DALNI_MaCTkwevePLqFczOym_Lp657bBqwA&abxe=1&dt=1692318420757&lmt=1692354420&adxs=1440&adys=302&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fitsallinanutshell.com%2F&vis=1&psz=160x-1&msz=160x-1&fws=516&ohw=1600&psts=AOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a&ga_vid=1075092753.1692318415&ga_sid=1692318416&ga_hid=1732463647&ga_fc=true&dlt=1692318414472&idt=949&prev_scp=a%3D%257C0%257C%26iid1%3D4931918961627086%26eid%3D4931918961627086%26t%3D134%26d%3D496996%26t1%3D134%26pvc%3D0%26ap%3D1102%26sap%3D1102%26as%3Drevenue%26plat%3D1%26bra%3Dmod13%26ic%3D4%26at%3Dmbf%26adr%3D399%26ezosn%3D0%26reft%3Dtf%26refs%3D30%26refa%3D1%26ga%3D5302779%26rid%3D99998%26pt%3D39%26al%3D1039%26compid%3D0%26tap%3Ditsallinanutshell_com-edge-2-4931918961627086%26eb_br%3Dff65489184a8bd745b588323ab1b4e22%2Cb6c98a8bb15764f1c4ee331dcb724178%26eba%3D1%26bv%3D13%26bvm%3D0%26bvr%3D3%26avc%3D113%26shp%3D2%26ftsn%3D12%26ftsng%3D12%26br1%3D2%26br2%3D60%26ezoic%3D1%26nmau%3D0%26mau%3D0%26sticky%3D1%26stl%3D63%2C14%2C28%2C4%2C51%2C0%2C88%2C0%2C71%2C30%2C0%2C31%2C901%2C902%2C903%26deal1%3D17%2C20%2C21%2C22%2C23%2C24%2C25%2C26%2C1794%2C2310%2C2339%2C2351%2C2526%2C2527%2C2610%2C2761%2C2763%2C2764%2C2765%2C3044%2C3054%2C3154%2C3430%2C3455%2C3456%2C3457%2C3458%2C3460%2C3682%2C3683%2C3684%2C4184%2C4185%2C4186%2C5747%2C7%2C8%2C9%2C10%2C11%2C12%2C13%2C14%2C15%2C16%2C915%2C874%2C835%2C19%2C2688%2C3045%2C4276%2C916%2C18%2C19%2C1428%2C2688%2C2693%2C3045%2C3053%2C4276%2C916%2C18%2C19%2C1428%2C2688%2C2693%2C3045%2C3052%2C3053%2C3856%2C4276%2C916%26lb%3D22%26reqt%3D1692318420740%26hb_bidder%3Dyieldmo%26hb_adid%3D30643525648b89a%26hb_format%3Dbanner%26hb_ssid%3D11315%26hb_opt%3D0.03%26hb_rt%3Dclient%26nam%3D1&adks=4225512732&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308150101/pubads_impl.js?cb=31077123
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2002 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bdb99561757007471ab3a8db3515bb78cbccab04541f639ecb4a785a75ee7a88
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://itsallinanutshell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 00:27:01 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15719
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://itsallinanutshell.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/
37 KB
16 KB
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=244299579352505&correlator=1658615979238326&eid=31076398%2C31076768%2C31077123&output=ldjh&gdfp_req=1&vrg=202308150101&ptt=17&impl=fif&us_privacy=1---&iu_parts=21732118914%3A22975044942%2Citsallinanutshell_com-edge-1&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C160x600&fluid=height&ifi=12&didk=115940854&sfv=1-0-40&rcs=3&eri=1&sc=1&cookie=ID%3D873143505799b32e%3AT%3D1692318415%3ART%3D1692318415%3AS%3DALNI_MZKdxWcwhATBS_BWyj8cEreudmDwA&gpic=UID%3D00000d8c0537ff80%3AT%3D1692318415%3ART%3D1692318415%3AS%3DALNI_MaCTkwevePLqFczOym_Lp657bBqwA&abxe=1&dt=1692318420766&lmt=1692354420&adxs=0&adys=302&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fitsallinanutshell.com%2F&vis=1&psz=160x-1&msz=160x-1&fws=516&ohw=1600&psts=AOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a&ga_vid=1075092753.1692318415&ga_sid=1692318416&ga_hid=1732463647&ga_fc=true&dlt=1692318414472&idt=949&prev_scp=a%3D%257C0%257C%26iid1%3D7999192897653727%26eid%3D7999192897653727%26t%3D134%26d%3D496996%26t1%3D134%26pvc%3D0%26ap%3D1101%26sap%3D1101%26as%3Drevenue%26plat%3D1%26bra%3Dmod13%26ic%3D4%26at%3Dmbf%26adr%3D399%26ezosn%3D1%26reft%3Dtf%26refs%3D30%26refa%3D1%26ga%3D5302779%26rid%3D99998%26pt%3D38%26al%3D1038%26compid%3D0%26tap%3Ditsallinanutshell_com-edge-1-7999192897653727%26eb_br%3Dff65489184a8bd745b588323ab1b4e22%2Cb6c98a8bb15764f1c4ee331dcb724178%26eba%3D1%26bv%3D23%26bvm%3D0%26bvr%3D3%26avc%3D113%26shp%3D2%26ftsn%3D12%26ftsng%3D12%26br1%3D2%26br2%3D60%26ezoic%3D1%26nmau%3D0%26mau%3D0%26sticky%3D1%26stl%3D63%2C14%2C28%2C4%2C51%2C0%2C88%2C0%2C71%2C30%2C0%2C31%2C901%2C902%2C903%26deal1%3D17%2C20%2C21%2C22%2C23%2C24%2C25%2C26%2C1794%2C2310%2C2339%2C2351%2C2526%2C2527%2C2610%2C2761%2C2763%2C2764%2C2765%2C3044%2C3054%2C3154%2C3430%2C3455%2C3456%2C3457%2C3458%2C3460%2C3682%2C3683%2C3684%2C4184%2C4185%2C4186%2C5747%2C7%2C8%2C9%2C10%2C11%2C12%2C13%2C14%2C15%2C16%2C915%2C874%2C835%2C19%2C2688%2C3045%2C4276%2C916%2C18%2C19%2C1428%2C2688%2C2693%2C3045%2C3053%2C4276%2C916%2C18%2C19%2C1428%2C2688%2C2693%2C3045%2C3052%2C3053%2C3856%2C4276%2C916%26lb%3D22%26reqt%3D1692318420627&adks=905025581&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308150101/pubads_impl.js?cb=31077123
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2002 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9f6da0b5119f113fc4f41fa76d9b41b28ad15a572be1b06dcefe52982258e1e9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://itsallinanutshell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 00:27:01 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15998
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://itsallinanutshell.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
g.gif
pixel.wp.com/
50 B
126 B
Image
General
Full URL
https://pixel.wp.com/g.gif?v=ext&blog=219160514&post=24469&tz=2&srv=itsallinanutshell.com&j=1%3A12.4&host=itsallinanutshell.com&ref=&fcp=1120&rand=0.4035707842402012
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

accept-language
en-US,en;q=0.9
Referer
https://itsallinanutshell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

access-control-allow-origin
*
date
Fri, 18 Aug 2023 00:27:00 GMT
cache-control
no-cache
server
nginx
content-length
50
content-type
image/gif
sodar
pagead2.googlesyndication.com/getconfig/
15 KB
11 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202308150101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308150101/pubads_impl.js?cb=31077123
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2002 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
556a762cb34dbf3b17f61a68584586012a4eeb91b08477a18f163c383ba777c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://itsallinanutshell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 00:27:00 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11692
x-xss-protection
0
wp-emoji-release.min.js
itsallinanutshell.com/wp-includes/js/
18 KB
5 KB
Script
General
Full URL
https://itsallinanutshell.com/wp-includes/js/wp-emoji-release.min.js?ver=6.3
Requested by
Host: itsallinanutshell.com
URL: https://itsallinanutshell.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1f10:4c55:e23f:afb4:7f32:3aa4:fbc Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
LiteSpeed / PleskLin
Resource Hash
4f7fcb0e1aed73f7bdec63bd851e1d18232f64c592c06dc298aa991945536fdb

Request headers

accept-language
en-US,en;q=0.9
Referer
https://itsallinanutshell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 00:27:00 UTC
content-encoding
br
display
staticcontent_sol
x-powered-by
PleskLin
x-ezoic-cdn
Hit ds;mm;0e66c6222ad4783b1a9f7c4b9f23a1a4;2-496996-2;15c75d1f-2418-4a6a-4373-dddf05b51af2
x-middleton-display
staticcontent_sol
x-middleton-response
200
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
response
200
last-modified
Fri, 12 May 2023 09:25:25 GMT
server
LiteSpeed
x-ez-proxy-out
true 2.4
etag
"4904-645e0605-321ca8eb93734cc9;gz-gzip"
x-origin-cache-control
public, max-age=604800
vary
Accept-Encoding,User-Agent,Origin
content-type
application/javascript
cache-control
public, max-age=2592000
x-ez-minify-js
0.47% 18605 / 18692
usync.js
eus.rubiconproject.com/ Frame 0502
34 KB
10 KB
Script
General
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
72.247.65.83 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a72-247-65-83.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
f05698d815081e9ec8cb78b0175cd62943ef4982e9c6237a91b6c8bcf72a0ec6

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=gumgum
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 00:27:00 GMT
content-encoding
gzip
last-modified
Thu, 17 Aug 2023 04:13:08 GMT
server
Apache/2.2.15 (CentOS)
x-powered-by
PHP/5.3.3
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
cache-control
max-age=13567
content-length
10116
expires
Fri, 18 Aug 2023 04:13:07 GMT
usync.html
eus.rubiconproject.com/ Frame 3002
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=33across&endpoint=us-east&us_privacy=
  • https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
281 B
401 B
Document
General
Full URL
https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&gdpr=0&gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fs.pubmine.com%2Fmatch%3Fbidder_id%3D24%26ssp_data%3Dde349555-d0ff-4738-bf5a-71b2f3727eaa%26rid%3D%26us_privacy%3D%26gdpr%3D0%26gdpr_consent%3D%26external_user_id%3D33XUSERID33X&id=zzz000000000002zzz
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
72.247.65.83 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a72-247-65-83.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://de.tynt.com/deb/?m=xch&rt=html&gdpr=0&gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fs.pubmine.com%2Fmatch%3Fbidder_id%3D24%26ssp_data%3Dde349555-d0ff-4738-bf5a-71b2f3727eaa%26rid%3D%26us_privacy%3D%26gdpr%3D0%26gdpr_consent%3D%26external_user_id%3D33XUSERID33X&id=zzz000000000002zzz
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
content-encoding
gzip
content-length
233
content-type
text/html; charset=UTF-8
date
Fri, 18 Aug 2023 00:27:00 GMT
etag
"403b9-119-5ec73a0a33d00"
last-modified
Wed, 02 Nov 2022 02:30:44 GMT
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Fri, 18 Aug 2023 00:27:00 GMT
location
https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
server
AkamaiGHost
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 4D12
Redirect Chain
  • https://ssc-cms.33across.com/ps/?us_privacy=&ts=1692318420641.7&ri=25&ru=https%3A%2F%2Fads.pubmatic.com%2FAdServer%2Fjs%2Fuser_sync.html%3F%26p%3D156423%26us_privacy%3D%24%7BUS_PRIVACY%7D%26predire...
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?&p=156423&us_privacy=&predirect=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D25%26external_user_id%3D
15 KB
6 KB
Document
General
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?&p=156423&us_privacy=&predirect=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D25%26external_user_id%3D
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&gdpr=0&gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fs.pubmine.com%2Fmatch%3Fbidder_id%3D24%26ssp_data%3Dde349555-d0ff-4738-bf5a-71b2f3727eaa%26rid%3D%26us_privacy%3D%26gdpr%3D0%26gdpr_consent%3D%26external_user_id%3D33XUSERID33X&id=zzz000000000002zzz
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.22.40.190 Liljeholmen, Sweden, ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE),
Reverse DNS
a2-22-40-190.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423

Request headers

Referer
https://de.tynt.com/deb/?m=xch&rt=html&gdpr=0&gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fs.pubmine.com%2Fmatch%3Fbidder_id%3D24%26ssp_data%3Dde349555-d0ff-4738-bf5a-71b2f3727eaa%26rid%3D%26us_privacy%3D%26gdpr%3D0%26gdpr_consent%3D%26external_user_id%3D33XUSERID33X&id=zzz000000000002zzz
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=158041
content-encoding
gzip
content-length
5606
content-type
text/html
date
Fri, 18 Aug 2023 00:27:00 GMT
expires
Sat, 19 Aug 2023 20:21:01 GMT
last-modified
Tue, 11 Jul 2023 09:39:35 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding

Redirect headers

cache-control
no-store, no-cache, must-revalidate
content-length
0
date
Fri, 18 Aug 2023 00:27:00 GMT
expires
Thu, 01-Jan-70 00:00:01 GMT
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?&p=156423&us_privacy=&predirect=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D25%26external_user_id%3D
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
pragma
no-cache
referrer-policy
unsafe-url
server
33XP010
x-33x-status
40000000008200000A
match
s.pubmine.com/ Frame 9529
Redirect Chain
  • https://ssc-cms.33across.com/ps/?_=1692318420641.&ri=zzz000000000002zzz&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fs.pubmine.com%2Fmatch%3Fbidder_id%3D24%26ssp_data%3Dde349555-d0ff-...
  • https://s.pubmine.com/match?bidder_id=24&ssp_data=de349555-d0ff-4738-bf5a-71b2f3727eaa&rid=&us_privacy=&gdpr=0&gdpr_consent=&external_user_id=212240589342896
43 B
878 B
Image
General
Full URL
https://s.pubmine.com/match?bidder_id=24&ssp_data=de349555-d0ff-4738-bf5a-71b2f3727eaa&rid=&us_privacy=&gdpr=0&gdpr_consent=&external_user_id=212240589342896
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&gdpr=0&gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fs.pubmine.com%2Fmatch%3Fbidder_id%3D24%26ssp_data%3Dde349555-d0ff-4738-bf5a-71b2f3727eaa%26rid%3D%26us_privacy%3D%26gdpr%3D0%26gdpr_consent%3D%26external_user_id%3D33XUSERID33X&id=zzz000000000002zzz
Protocol
HTTP/1.1
Server
52.23.11.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-23-11-45.compute-1.amazonaws.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-US,en;q=0.9
Referer
https://de.tynt.com/deb/?m=xch&rt=html&gdpr=0&gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fs.pubmine.com%2Fmatch%3Fbidder_id%3D24%26ssp_data%3Dde349555-d0ff-4738-bf5a-71b2f3727eaa%26rid%3D%26us_privacy%3D%26gdpr%3D0%26gdpr_consent%3D%26external_user_id%3D33XUSERID33X&id=zzz000000000002zzz
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date
Fri, 18 Aug 2023 00:27:01 GMT
Cache-Control
no-cache, no-store, must-revalidate
Content-Encoding
gzip
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Fri, 18 Aug 2023 00:27:00 GMT
referrer-policy
unsafe-url
server
33XP015
x-33x-status
100000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://s.pubmine.com/match?bidder_id=24&ssp_data=de349555-d0ff-4738-bf5a-71b2f3727eaa&rid=&us_privacy=&gdpr=0&gdpr_consent=&external_user_id=212240589342896
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
match
events-ssc.33across.com/ Frame 9529
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=the33across&us_privacy=
  • https://t.pswec.com/bsw_sync?ssp=the33across&bsw_user_id=99a3228b-b5ec-4ed0-ab3b-c41988f8f0a6
  • https://t.pswec.com/ul_cb/bsw_sync?ssp=the33across&bsw_user_id=99a3228b-b5ec-4ed0-ab3b-c41988f8f0a6
  • https://x.bidswitch.net/sync?dsp_id=2&user_id=2b1fce9e-d794-48b0-be1f-8d5c813563cc&expires=3&user_group=1&ssp=the33across
  • https://ssc-cms.33across.com/ps/?xi=10&us_privacy=&xu=99a3228b-b5ec-4ed0-ab3b-c41988f8f0a6
  • https://events-ssc.33across.com/match?bidder_id=10&external_user_id=99a3228b-b5ec-4ed0-ab3b-c41988f8f0a6&ts=1692318421&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
68 B
82 B
Image
General
Full URL
https://events-ssc.33across.com/match?bidder_id=10&external_user_id=99a3228b-b5ec-4ed0-ab3b-c41988f8f0a6&ts=1692318421&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&gdpr=0&gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fs.pubmine.com%2Fmatch%3Fbidder_id%3D24%26ssp_data%3Dde349555-d0ff-4738-bf5a-71b2f3727eaa%26rid%3D%26us_privacy%3D%26gdpr%3D0%26gdpr_consent%3D%26external_user_id%3D33XUSERID33X&id=zzz000000000002zzz
Protocol
H3
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-US,en;q=0.9
Referer
https://de.tynt.com/deb/?m=xch&rt=html&gdpr=0&gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fs.pubmine.com%2Fmatch%3Fbidder_id%3D24%26ssp_data%3Dde349555-d0ff-4738-bf5a-71b2f3727eaa%26rid%3D%26us_privacy%3D%26gdpr%3D0%26gdpr_consent%3D%26external_user_id%3D33XUSERID33X&id=zzz000000000002zzz
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 00:27:02 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Fri, 18 Aug 2023 00:27:01 GMT
referrer-policy
unsafe-url
server
33XP007
x-33x-status
8000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://events-ssc.33across.com/match?bidder_id=10&external_user_id=99a3228b-b5ec-4ed0-ab3b-c41988f8f0a6&ts=1692318421&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
match
events-ssc.33across.com/ Frame 9529
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58350/sync?redir=true
  • https://ssc-cms.33across.com/ps/?xi=99&us_privacy=&xu=y-gsffrihE2uHMFjRQNaWKddyrFuDs3_lU~A
  • https://events-ssc.33across.com/match?bidder_id=99&external_user_id=y-gsffrihE2uHMFjRQNaWKddyrFuDs3_lU%7EA&ts=1692318421&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
68 B
225 B
Image
General
Full URL
https://events-ssc.33across.com/match?bidder_id=99&external_user_id=y-gsffrihE2uHMFjRQNaWKddyrFuDs3_lU%7EA&ts=1692318421&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&gdpr=0&gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fs.pubmine.com%2Fmatch%3Fbidder_id%3D24%26ssp_data%3Dde349555-d0ff-4738-bf5a-71b2f3727eaa%26rid%3D%26us_privacy%3D%26gdpr%3D0%26gdpr_consent%3D%26external_user_id%3D33XUSERID33X&id=zzz000000000002zzz
Protocol
H2
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-US,en;q=0.9
Referer
https://de.tynt.com/deb/?m=xch&rt=html&gdpr=0&gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fs.pubmine.com%2Fmatch%3Fbidder_id%3D24%26ssp_data%3Dde349555-d0ff-4738-bf5a-71b2f3727eaa%26rid%3D%26us_privacy%3D%26gdpr%3D0%26gdpr_consent%3D%26external_user_id%3D33XUSERID33X&id=zzz000000000002zzz
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 00:27:01 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Fri, 18 Aug 2023 00:27:00 GMT
referrer-policy
unsafe-url
server
33XP009
x-33x-status
8000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://events-ssc.33across.com/match?bidder_id=99&external_user_id=y-gsffrihE2uHMFjRQNaWKddyrFuDs3_lU%7EA&ts=1692318421&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
match
events-ssc.33across.com/ Frame 9529
Redirect Chain
  • https://33across-match.dotomi.com/match/bounce/current?networkId=78390&version=1&us_privacy=
  • https://33across-match.dotomi.com/match/bounce/current?DotomiTest=1bab0579a352336&is_secure=true&networkId=78390&version=1&us_privacy=
  • https://ssc-cms.33across.com/ps?xi=64&xu=AAAFnL4wPr7wwgMVItMSAAAAAAA&expiration=1692404821&is_secure=true&us_privacy=
  • https://events-ssc.33across.com/match?bidder_id=64&external_user_id=AAAFnL4wPr7wwgMVItMSAAAAAAA&ts=1692318421&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
68 B
82 B
Image
General
Full URL
https://events-ssc.33across.com/match?bidder_id=64&external_user_id=AAAFnL4wPr7wwgMVItMSAAAAAAA&ts=1692318421&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&gdpr=0&gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fs.pubmine.com%2Fmatch%3Fbidder_id%3D24%26ssp_data%3Dde349555-d0ff-4738-bf5a-71b2f3727eaa%26rid%3D%26us_privacy%3D%26gdpr%3D0%26gdpr_consent%3D%26external_user_id%3D33XUSERID33X&id=zzz000000000002zzz
Protocol
H3
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-US,en;q=0.9
Referer
https://de.tynt.com/deb/?m=xch&rt=html&gdpr=0&gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fs.pubmine.com%2Fmatch%3Fbidder_id%3D24%26ssp_data%3Dde349555-d0ff-4738-bf5a-71b2f3727eaa%26rid%3D%26us_privacy%3D%26gdpr%3D0%26gdpr_consent%3D%26external_user_id%3D33XUSERID33X&id=zzz000000000002zzz
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 00:27:01 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Fri, 18 Aug 2023 00:27:00 GMT
referrer-policy
unsafe-url
server
33XP009
x-33x-status
8000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://events-ssc.33across.com/match?bidder_id=64&external_user_id=AAAFnL4wPr7wwgMVItMSAAAAAAA&ts=1692318421&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
match
events-ssc.33across.com/ Frame 9529
Redirect Chain
  • https://eb2.3lift.com/getuid?gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fssc-cms.33across.com%2Fps%2F%3Fus_privacy%3D%26xi%3D33%26xu%3D%24UID
  • https://ssc-cms.33across.com/ps/?us_privacy=&xi=33&xu=4080762774149756005240
  • https://events-ssc.33across.com/match?bidder_id=33&external_user_id=4080762774149756005240&ts=1692318421&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
68 B
126 B
Image
General
Full URL
https://events-ssc.33across.com/match?bidder_id=33&external_user_id=4080762774149756005240&ts=1692318421&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&gdpr=0&gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fs.pubmine.com%2Fmatch%3Fbidder_id%3D24%26ssp_data%3Dde349555-d0ff-4738-bf5a-71b2f3727eaa%26rid%3D%26us_privacy%3D%26gdpr%3D0%26gdpr_consent%3D%26external_user_id%3D33XUSERID33X&id=zzz000000000002zzz
Protocol
H2
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-US,en;q=0.9
Referer
https://de.tynt.com/deb/?m=xch&rt=html&gdpr=0&gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fs.pubmine.com%2Fmatch%3Fbidder_id%3D24%26ssp_data%3Dde349555-d0ff-4738-bf5a-71b2f3727eaa%26rid%3D%26us_privacy%3D%26gdpr%3D0%26gdpr_consent%3D%26external_user_id%3D33XUSERID33X&id=zzz000000000002zzz
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 00:27:01 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Fri, 18 Aug 2023 00:27:00 GMT
referrer-policy
unsafe-url
server
33XP008
x-33x-status
8000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://events-ssc.33across.com/match?bidder_id=33&external_user_id=4080762774149756005240&ts=1692318421&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
usync.html
eus.rubiconproject.com/ Frame 8991
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=medianet
  • https://eus.rubiconproject.com/usync.html?p=medianet
281 B
401 B
Document
General
Full URL
https://eus.rubiconproject.com/usync.html?p=medianet
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?cid=8CU8HDVRS&cs=13
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
72.247.65.83 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a72-247-65-83.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://contextual.media.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
content-encoding
gzip
content-length
233
content-type
text/html; charset=UTF-8
date
Fri, 18 Aug 2023 00:27:00 GMT
etag
"403b9-119-5ec73a0a33d00"
last-modified
Wed, 02 Nov 2022 02:30:44 GMT
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Fri, 18 Aug 2023 00:27:00 GMT
location
https://eus.rubiconproject.com/usync.html?p=medianet
server
AkamaiGHost
cksync.html
contextual.media.net/ Frame AC63
Redirect Chain
  • https://p.rfihub.com/cm?pub=19967&in=1&forward=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D13%26vsid%3D3353200176634272000V10%26type%3Drkt%26refUrl%3D%26vid%3D23184209383353200176634272...
  • https://contextual.media.net/cksync.html?cs=13&vsid=3353200176634272000V10&type=rkt&refUrl=&vid=23184209383353200176634272000V10&ovsid=970033166257797130
235 B
659 B
Document
General
Full URL
https://contextual.media.net/cksync.html?cs=13&vsid=3353200176634272000V10&type=rkt&refUrl=&vid=23184209383353200176634272000V10&ovsid=970033166257797130
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?cid=8CU8HDVRS&cs=13
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.52.158.180 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-158-180.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7adfac299561b9d5ab03c88e9d582cf76bd31746a4c0564d7d0d428199c943df
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://contextual.media.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
max-age=0, no-cache, no-store
content-length
235
content-type
text/html;charset=UTF-8
date
Fri, 18 Aug 2023 00:27:01 GMT
expires
Fri, 18 Aug 2023 00:27:01 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA" CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
pragma
no-cache
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E

Redirect headers

Content-Length
0
Date
Fri, 18 Aug 2023 00:27:00 GMT
Location
https://contextual.media.net/cksync.html?cs=13&vsid=3353200176634272000V10&type=rkt&refUrl=&vid=23184209383353200176634272000V10&ovsid=970033166257797130
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Server
Jetty(9.4.51.v20230217)
cksync.php
contextual.media.net/ Frame C60C
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D13%26vsid%3D3353200176634272000V10%26type%3Dapx%26refUrl%3D%26vid%3D23184209383353200176634272000V10%26ovsid%3D%24UID
  • https://contextual.media.net/cksync.php?cs=13&vsid=3353200176634272000V10&type=apx&refUrl=&vid=23184209383353200176634272000V10&ovsid=4664318827337647392
61 B
460 B
Image
General
Full URL
https://contextual.media.net/cksync.php?cs=13&vsid=3353200176634272000V10&type=apx&refUrl=&vid=23184209383353200176634272000V10&ovsid=4664318827337647392
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?cid=8CU8HDVRS&cs=13
Protocol
H2
Server
23.52.158.180 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-158-180.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
cc0e716595a20cd577f4cba25c11b4b54d92311f5f4bf22b992af281cabbc0c7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Fri, 18 Aug 2023 00:27:01 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
61
x-mnet-hl2
E
expires
Fri, 18 Aug 2023 00:27:01 GMT

Redirect headers

pragma
no-cache
date
Fri, 18 Aug 2023 00:27:00 GMT
an-x-request-uuid
fddf6b67-8252-43fc-b4f8-1e6b689767bb
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://contextual.media.net/cksync.php?cs=13&vsid=3353200176634272000V10&type=apx&refUrl=&vid=23184209383353200176634272000V10&ovsid=4664318827337647392
x-proxy-origin
96.9.249.38; 96.9.249.38; 797.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
cksync.php
contextual.media.net/ Frame C60C
Redirect Chain
  • https://sync.go.sonobi.com/us?https://contextual.media.net/cksync.php?cs=13&vsid=3353200176634272000V10&type=son&refUrl=&vid=23184209383353200176634272000V10&ovsid=[UID]
  • https://contextual.media.net/cksync.php?cs=13&vsid=3353200176634272000V10&type=son&refUrl=&vid=23184209383353200176634272000V10&ovsid=2504e206-099c-4dfa-a5b0-f8c2c91d13ac
61 B
472 B
Image
General
Full URL
https://contextual.media.net/cksync.php?cs=13&vsid=3353200176634272000V10&type=son&refUrl=&vid=23184209383353200176634272000V10&ovsid=2504e206-099c-4dfa-a5b0-f8c2c91d13ac
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?cid=8CU8HDVRS&cs=13
Protocol
H2
Server
23.52.158.180 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-158-180.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
cc0e716595a20cd577f4cba25c11b4b54d92311f5f4bf22b992af281cabbc0c7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Fri, 18 Aug 2023 00:27:01 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
61
x-mnet-hl2
E
expires
Fri, 18 Aug 2023 00:27:01 GMT

Redirect headers

pragma
no-cache
date
Fri, 18 Aug 2023 00:27:00 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-5-113
content-type
text/plain; charset=utf8
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://contextual.media.net/cksync.php?cs=13&vsid=3353200176634272000V10&type=son&refUrl=&vid=23184209383353200176634272000V10&ovsid=2504e206-099c-4dfa-a5b0-f8c2c91d13ac
cache-control
no-cache, no-store, private
tcn
Choice
content-length
0
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT
cksync.php
contextual.media.net/ Frame C60C
Redirect Chain
  • https://medianet-match.dotomi.com/match/bounce/current?version=1&networkId=57734&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D13%26vsid%3D3353200176634272000V10%26type%3Dcon%26refUr...
  • https://medianet-match.dotomi.com/match/bounce/current?DotomiTest=17f561997e682336&is_secure=true&version=1&networkId=57734&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D13%26vsid%3D...
  • https://contextual.media.net/cksync.php?cs=13&vsid=3353200176634272000V10&type=con&refUrl=&vid=23184209383353200176634272000V10&ovsid=AAAIuZ3ZnldwrANUpSWvAAAAAAA&expiration=1692404821&is_secure=true
61 B
468 B
Image
General
Full URL
https://contextual.media.net/cksync.php?cs=13&vsid=3353200176634272000V10&type=con&refUrl=&vid=23184209383353200176634272000V10&ovsid=AAAIuZ3ZnldwrANUpSWvAAAAAAA&expiration=1692404821&is_secure=true
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?cid=8CU8HDVRS&cs=13
Protocol
H2
Server
23.52.158.180 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-158-180.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
cc0e716595a20cd577f4cba25c11b4b54d92311f5f4bf22b992af281cabbc0c7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Fri, 18 Aug 2023 00:27:01 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
61
x-mnet-hl2
E
expires
Fri, 18 Aug 2023 00:27:01 GMT

Redirect headers

pragma
no-cache
date
Fri, 18 Aug 2023 00:27:01 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://contextual.media.net/cksync.php?cs=13&vsid=3353200176634272000V10&type=con&refUrl=&vid=23184209383353200176634272000V10&ovsid=AAAIuZ3ZnldwrANUpSWvAAAAAAA&expiration=1692404821&is_secure=true
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
cksync.html
contextual.media.net/ Frame C60C
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=78e2dffc-bb89-4bb2-ae92-f592d006518b&ph=6a16560a-f6c6-4851-b7b5-0b2c0190166a&r=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D13%26vsid%3D335320017663427...
  • https://contextual.media.net/cksync.html?cs=13&vsid=3353200176634272000V10&type=opx&refUrl=&vid=23184209383353200176634272000V10&ovsid=192c7ea0-0ebf-43aa-90d1-a3253541e667
235 B
235 B
Image
General
Full URL
https://contextual.media.net/cksync.html?cs=13&vsid=3353200176634272000V10&type=opx&refUrl=&vid=23184209383353200176634272000V10&ovsid=192c7ea0-0ebf-43aa-90d1-a3253541e667
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?cid=8CU8HDVRS&cs=13
Protocol
H2
Server
23.52.158.180 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-158-180.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Fri, 18 Aug 2023 00:27:01 GMT
server
Apache
vary
Accept-Encoding
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
text/html;charset=UTF-8
cache-control
max-age=0, no-cache, no-store
content-length
235
x-mnet-hl2
E
expires
Fri, 18 Aug 2023 00:27:01 GMT

Redirect headers

date
Fri, 18 Aug 2023 00:27:00 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://contextual.media.net/cksync.html?cs=13&vsid=3353200176634272000V10&type=opx&refUrl=&vid=23184209383353200176634272000V10&ovsid=192c7ea0-0ebf-43aa-90d1-a3253541e667
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
services
sync.technoratimedia.com/ Frame C60C
Redirect Chain
  • https://sync.1rx.io/usersync2/rmp1r1?sub=medianet&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D13%26vsid%3D3353200176634272000V10%26type%3Dr1%26refUrl%3D%26vid%3D2318420938335320017...
  • https://sync.1rx.io/usersync2/rmp1r1?sub=medianet&zcc=1&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D13%26vsid%3D3353200176634272000V10%26type%3Dr1%26refUrl%3D%26vid%3D2318420938335...
  • https://ad.turn.com/r/cs?pid=45&rndcb=8488167878
  • https://sync.1rx.io/usersync/turn/2700558205676423679?dspret=1&gdpr=&gdpr_consent=&us_privacy=
  • https://sync.targeting.unrulymedia.com/csync/RX-0ec53a30-df5a-48f0-bcf0-e0134c0f42b3-005?redir=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D76%26uid%3DRX-0ec53a30-df5a-48f0-...
  • https://sync.technoratimedia.com/services?srv=cs&pid=76&uid=RX-0ec53a30-df5a-48f0-bcf0-e0134c0f42b3-005
0
2 KB
Image
General
Full URL
https://sync.technoratimedia.com/services?srv=cs&pid=76&uid=RX-0ec53a30-df5a-48f0-bcf0-e0134c0f42b3-005
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?cid=8CU8HDVRS&cs=13
Protocol
H2
Server
2603:c020:400d:3000:f50:982a:7877:65bd Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 00:27:02 GMT
via
1.1 varnish
server
nginx
age
0
access-control-allow-methods
POST,GET,HEAD,OPTIONS
x-varnish
89190678
access-control-allow-origin
https://contextual.media.net/
access-control-allow-credentials
true

Redirect headers

Date
Fri, 18 Aug 2023 00:27:01 GMT
Server
Tengine
ETag
RX0ec53a30df5a48f0bcf0e0134c0f42b3005
Transfer-Encoding
chunked
P3P
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
Location
https://sync.technoratimedia.com/services?srv=cs&pid=76&uid=RX-0ec53a30-df5a-48f0-bcf0-e0134c0f42b3-005
Content-Type
text/html
Connection
keep-alive
cksync
cs.media.net/ Frame C60C
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?cs=13&google_nid=media&google_cm=1&google_hm=MzM1MzIwMDE3NjYzNDI3MjAwMFYxMA%3D%3D&google_sc=1
  • https://cs.media.net/cksync?type=g&cs=13&google_gid=CAESENhtjoQ6IHLliwQGTt2N6NM&google_cver=1
61 B
453 B
Image
General
Full URL
https://cs.media.net/cksync?type=g&cs=13&google_gid=CAESENhtjoQ6IHLliwQGTt2N6NM&google_cver=1
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?cid=8CU8HDVRS&cs=13
Protocol
H2
Server
2.22.40.22 Liljeholmen, Sweden, ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE),
Reverse DNS
a2-22-40-22.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
cc0e716595a20cd577f4cba25c11b4b54d92311f5f4bf22b992af281cabbc0c7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 00:27:01 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
61
x-mnet-hl2
E
expires
Fri, 18 Aug 2023 00:27:01 GMT

Redirect headers

pragma
no-cache
date
Fri, 18 Aug 2023 00:27:00 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://cs.media.net/cksync?type=g&cs=13&google_gid=CAESENhtjoQ6IHLliwQGTt2N6NM&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
302
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cksync.php
contextual.media.net/ Frame C60C
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=MEDIANET&rurl=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D13%26vsid%3D3353200176634272000V10%26type%3Ddxu%26refUrl%3D%26vid%3D2318420938335320017663...
  • https://contextual.media.net/cksync.php?cs=13&vsid=3353200176634272000V10&type=dxu&refUrl=&vid=23184209383353200176634272000V10&ovsid=ISyfZg9D1QwNkm5
61 B
459 B
Image
General
Full URL
https://contextual.media.net/cksync.php?cs=13&vsid=3353200176634272000V10&type=dxu&refUrl=&vid=23184209383353200176634272000V10&ovsid=ISyfZg9D1QwNkm5
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?cid=8CU8HDVRS&cs=13
Protocol
H2
Server
23.52.158.180 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-158-180.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
cc0e716595a20cd577f4cba25c11b4b54d92311f5f4bf22b992af281cabbc0c7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Fri, 18 Aug 2023 00:27:01 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
61
x-mnet-hl2
E
expires
Fri, 18 Aug 2023 00:27:01 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 18 Aug 2023 00:27:00 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
PingMatch/v2.0.30-788-g55788f4#dev-temp-decrease-retargeting-updates-batch i-0674cafeac87e6731@us-east-1e@dxedge-app-us-east-1-prod-asg
Location
https://contextual.media.net/cksync.php?cs=13&vsid=3353200176634272000V10&type=dxu&refUrl=&vid=23184209383353200176634272000V10&ovsid=ISyfZg9D1QwNkm5
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
cksync.php
contextual.media.net/ Frame C60C
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=115&p=226&cp=medianet&cu=1&url=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D1%26type%3Dcrt%26ovsid%3D%40%40CRITEO_USERID%40%40
  • https://contextual.media.net/cksync.php?cs=1&type=crt&ovsid=dc3254b7-4f75-4b8f-addd-7bd55c3f0cfa
61 B
623 B
Image
General
Full URL
https://contextual.media.net/cksync.php?cs=1&type=crt&ovsid=dc3254b7-4f75-4b8f-addd-7bd55c3f0cfa
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?cid=8CU8HDVRS&cs=13
Protocol
H2
Server
23.52.158.180 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-158-180.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
cc0e716595a20cd577f4cba25c11b4b54d92311f5f4bf22b992af281cabbc0c7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Fri, 18 Aug 2023 00:27:01 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
61
x-mnet-hl2
E
expires
Fri, 18 Aug 2023 00:27:01 GMT

Redirect headers

pragma
no-cache
date
Fri, 18 Aug 2023 00:27:00 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://contextual.media.net/cksync.php?cs=1&type=crt&ovsid=dc3254b7-4f75-4b8f-addd-7bd55c3f0cfa
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
820447
content-length
0
expires
Fri, 18 Aug 2023 00:00:00 GMT
cksync.php
contextual.media.net/ Frame C60C
Redirect Chain
  • https://visitor.omnitagjs.com/visitor/bsync?uid=4ed0cff4eef188d3fb2e7e9025d7855b&name=MEDIANET&url=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D13%26vsid%3D3353200176634272000V10%26type%3...
  • https://contextual.media.net/cksync.php?cs=13&vsid=3353200176634272000V10&type=ayl&refUrl=&vid=23184209383353200176634272000V10&ovsid=c8d4ebd0d55f2f573486a807347b7e78
61 B
471 B
Image
General
Full URL
https://contextual.media.net/cksync.php?cs=13&vsid=3353200176634272000V10&type=ayl&refUrl=&vid=23184209383353200176634272000V10&ovsid=c8d4ebd0d55f2f573486a807347b7e78
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?cid=8CU8HDVRS&cs=13
Protocol
H2
Server
23.52.158.180 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-158-180.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
cc0e716595a20cd577f4cba25c11b4b54d92311f5f4bf22b992af281cabbc0c7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Fri, 18 Aug 2023 00:27:01 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
61
x-mnet-hl2
E
expires
Fri, 18 Aug 2023 00:27:01 GMT

Redirect headers

pragma
no-cache
date
Fri, 18 Aug 2023 00:27:00 GMT
x-content-type-options
nosniff
server
ayl-lb-usa02
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
location
https://contextual.media.net/cksync.php?cs=13&vsid=3353200176634272000V10&type=ayl&refUrl=&vid=23184209383353200176634272000V10&ovsid=c8d4ebd0d55f2f573486a807347b7e78
p3p
CP="CAO PSA OUR"
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
1
content-length
0
expires
0
bidswitch
sync-dmp.mobtrakk.com/match/ Frame C60C
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=medianet&gdpr=0&gdpr_consent=&gdpr_pd=1
  • https://sync-dmp.mobtrakk.com/match/bidswitch?id=${user_id}&gdpr=0&consent=&usp=&ssp=medianet&bsw=99a3228b-b5ec-4ed0-ab3b-c41988f8f0a6
0
0
Image
General
Full URL
https://sync-dmp.mobtrakk.com/match/bidswitch?id=${user_id}&gdpr=0&consent=&usp=&ssp=medianet&bsw=99a3228b-b5ec-4ed0-ab3b-c41988f8f0a6
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?cid=8CU8HDVRS&cs=13
Protocol
H2
Server
3.135.132.32 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-135-132-32.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Redirect headers

Location
//sync-dmp.mobtrakk.com/match/bidswitch?id=${user_id}&gdpr=0&consent=&usp=&ssp=medianet&bsw=99a3228b-b5ec-4ed0-ab3b-c41988f8f0a6
Date
Fri, 18 Aug 2023 00:27:00 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
cksync.php
contextual.media.net/ Frame C60C
Redirect Chain
  • https://b1sync.zemanta.com/usersync/medianet/?puid=${VSID}&cb=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D1%26type%3Dzem%26ovsid%3D__ZUID__https%3A%2F%2Fcontextual.media.net%2Fcksync.php...
  • https://stags.bluekai.com/site/23178?id=XCrfLrjrE8jfTLEMuA7H&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6Y3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIL3DNNZXS3TD...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6Y3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIL3DNNZXS3TDFZYGQ4B7MNZT2MJGMV4GG2DBNZTWKPLNMVSGSYLOMV2CM33WONUWIPKYINZGMTDSNJZEKODKMZKEYRKNOVATO...
  • https://contextual.media.net/cksync.php?cs=1&ovsid=XCrfLrjrE8jfTLEMuA7Hhttps%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D13&ovsid=__ZUID__&refUrl=&type=zem&type=zem&vid=23184209383353200176634...
60 B
298 B
Image
General
Full URL
https://contextual.media.net/cksync.php?cs=1&ovsid=XCrfLrjrE8jfTLEMuA7Hhttps%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D13&ovsid=__ZUID__&refUrl=&type=zem&type=zem&vid=23184209383353200176634272000V10&vsid=3353200176634272000V10
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?cid=8CU8HDVRS&cs=13
Protocol
H2
Server
23.52.158.180 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-158-180.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
0c34dc4de2a524e93b1315788f03ba101b99e22ff50082945e84a00368d73e16
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Fri, 18 Aug 2023 00:27:01 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
60
x-mnet-hl2
E
expires
Fri, 18 Aug 2023 00:27:01 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 18 Aug 2023 00:27:01 GMT
Content-Type
text/html; charset=utf-8
Location
https://contextual.media.net/cksync.php?cs=1&ovsid=XCrfLrjrE8jfTLEMuA7Hhttps%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D13&ovsid=__ZUID__&refUrl=&type=zem&type=zem&vid=23184209383353200176634272000V10&vsid=3353200176634272000V10
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
285
Expires
Thu, 01 Dec 1994 16:00:00 GMT
cksync.php
contextual.media.net/ Frame C60C
Redirect Chain
  • https://rtb.mfadsrvr.com/sync?ssp=medianet&ssp_user_id=3353200176634272000V10
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=medianet&ssp_user_id=3353200176634272000V10
  • https://contextual.media.net/cksync.php?type=mf&ovsid=33c5860f-fea7-4a3e-9467-6dfe3d4f70be&cs=1
61 B
472 B
Image
General
Full URL
https://contextual.media.net/cksync.php?type=mf&ovsid=33c5860f-fea7-4a3e-9467-6dfe3d4f70be&cs=1
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?cid=8CU8HDVRS&cs=13
Protocol
H2
Server
23.52.158.180 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-158-180.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
cc0e716595a20cd577f4cba25c11b4b54d92311f5f4bf22b992af281cabbc0c7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Fri, 18 Aug 2023 00:27:01 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
61
x-mnet-hl2
E
expires
Fri, 18 Aug 2023 00:27:01 GMT

Redirect headers

location
//contextual.media.net/cksync.php?type=mf&ovsid=33c5860f-fea7-4a3e-9467-6dfe3d4f70be&cs=1
date
Fri, 18 Aug 2023 00:27:01 GMT
cache-control
no-cache, no-store, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
710489.gif
id.rlcdn.com/ Frame C60C
42 B
316 B
Image
General
Full URL
https://id.rlcdn.com/710489.gif
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?cid=8CU8HDVRS&cs=13
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.60.190.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 00:27:01 GMT
via
1.1 google
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
cksync
cs.media.net/ Frame C60C
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8m33zk4&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://cs.media.net/cksync?cs=1&type=ttd&ovsid=0487fdef-dbcb-4472-91ea-091af86a64fb
61 B
457 B
Image
General
Full URL
https://cs.media.net/cksync?cs=1&type=ttd&ovsid=0487fdef-dbcb-4472-91ea-091af86a64fb
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?cid=8CU8HDVRS&cs=13
Protocol
H2
Server
2.22.40.22 Liljeholmen, Sweden, ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE),
Reverse DNS
a2-22-40-22.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
cc0e716595a20cd577f4cba25c11b4b54d92311f5f4bf22b992af281cabbc0c7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 00:27:01 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
61
x-mnet-hl2
E
expires
Fri, 18 Aug 2023 00:27:01 GMT

Redirect headers

location
https://cs.media.net/cksync?cs=1&type=ttd&ovsid=0487fdef-dbcb-4472-91ea-091af86a64fb
date
Fri, 18 Aug 2023 00:27:01 GMT
server
Kestrel
content-length
199
ProfilesEngineServlet
sync1.intentiq.com/profiles_engine/ Frame C60C
Redirect Chain
  • https://contextual.media.net/cksync.php?cs=1&type=dat&ovsid=setstatuscode&redirect=https%3A%2F%2Ffei.pro-market.net%2Fengine%3Fsite%3D159195%3Bsize%3D1x1%3Bmimetype%3Dimg%3Bdu%3D15%3Bcsync%3D%24%7B...
  • https://fei.pro-market.net/engine?site=159195;size=1x1;mimetype=img;du=15;csync=3353200176634272000V10
  • https://fei.pro-market.net/engine?site=159195;size=1x1;mimetype=img;du=15;csync=3353200176634272000V10;sr
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=3&pcid=-1158638460402905962
  • https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=3&pcid=-1158638460402905962&ckls=true&ci=mIbhpPYCAR&nc=false&trid=-354128509
43 B
1 KB
Image
General
Full URL
https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=3&pcid=-1158638460402905962&ckls=true&ci=mIbhpPYCAR&nc=false&trid=-354128509
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?cid=8CU8HDVRS&cs=13
Protocol
H2
Server
18.164.116.64 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-116-64.jfk50.r.cloudfront.net
Software
Apache-Coyote/1.1 /
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 00:27:02 GMT
via
1.1 cedbf7a51c689bd1e26af4b73768d270.cloudfront.net (CloudFront)
server
Apache-Coyote/1.1
x-amz-cf-pop
JFK50-P6
x-cache
Miss from cloudfront
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=86400
content-length
43
x-amz-cf-id
t83rnmRa5EfCJRznipHW3qKk6Ix2ahVgqdgLnwV-kQwuHVHLRfYNcQ==
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 18 Aug 2023 00:27:01 GMT
via
1.1 0252b483f7b420504a413a83f987b080.cloudfront.net (CloudFront)
server
Apache-Coyote/1.1
x-amz-cf-pop
JFK50-P6
x-cache
Miss from cloudfront
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
location
https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=3&pcid=-1158638460402905962&ckls=true&ci=mIbhpPYCAR&nc=false&trid=-354128509
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
patent
https://www.almondnet.com/ip
alt-svc
h3=":443"; ma=86400
content-length
43
x-amz-cf-id
URWK0q-Da8qaFnZXp6TBtFcwsZEnrIsh8yVjqSwCNejx4JCPNq8KEQ==
expires
Thu, 01 Jan 1970 00:00:00 GMT
usync.html
eus.rubiconproject.com/ Frame 0F22
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=33across&endpoint=us-east&us_privacy=
  • https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
281 B
401 B
Document
General
Full URL
https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&id=0010b00002CphGRAAZ&gdpr_consent=&ru=https%3A%2F%2Fs.pubmine.com%2Fmatch%3Fbidder_id%3D6%26external_user_id%3D33XUSERID33X%26ssp_data%3Dde349555-d0ff-4738-bf5a-71b2f3727eaa%26rid%3D%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
72.247.65.83 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a72-247-65-83.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://de.tynt.com/deb/?m=xch&rt=html&id=0010b00002CphGRAAZ&gdpr_consent=&ru=https%3A%2F%2Fs.pubmine.com%2Fmatch%3Fbidder_id%3D6%26external_user_id%3D33XUSERID33X%26ssp_data%3Dde349555-d0ff-4738-bf5a-71b2f3727eaa%26rid%3D%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
content-encoding
gzip
content-length
233
content-type
text/html; charset=UTF-8
date
Fri, 18 Aug 2023 00:27:01 GMT
etag
"403b9-119-5ec73a0a33d00"
last-modified
Wed, 02 Nov 2022 02:30:44 GMT
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Fri, 18 Aug 2023 00:27:00 GMT
location
https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
server
AkamaiGHost
match
events-ssc.33across.com/ Frame FE03
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=the33across&us_privacy=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=bidswitch&ttd_tpi=1&ttd_puid=the33across&gdpr=&gdpr_consent=
  • https://x.bidswitch.net/sync?dsp_id=93&user_id=0487fdef-dbcb-4472-91ea-091af86a64fb&expires=30&ssp=the33across&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT_21}
  • https://ssc-cms.33across.com/ps/?xi=10&us_privacy=&xu=99a3228b-b5ec-4ed0-ab3b-c41988f8f0a6
  • https://events-ssc.33across.com/match?bidder_id=10&external_user_id=99a3228b-b5ec-4ed0-ab3b-c41988f8f0a6&ts=1692318421&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
68 B
82 B
Image
General
Full URL
https://events-ssc.33across.com/match?bidder_id=10&external_user_id=99a3228b-b5ec-4ed0-ab3b-c41988f8f0a6&ts=1692318421&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&id=0010b00002CphGRAAZ&gdpr_consent=&ru=https%3A%2F%2Fs.pubmine.com%2Fmatch%3Fbidder_id%3D6%26external_user_id%3D33XUSERID33X%26ssp_data%3Dde349555-d0ff-4738-bf5a-71b2f3727eaa%26rid%3D%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D
Protocol
H3
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-US,en;q=0.9
Referer
https://de.tynt.com/deb/?m=xch&rt=html&id=0010b00002CphGRAAZ&gdpr_consent=&ru=https%3A%2F%2Fs.pubmine.com%2Fmatch%3Fbidder_id%3D6%26external_user_id%3D33XUSERID33X%26ssp_data%3Dde349555-d0ff-4738-bf5a-71b2f3727eaa%26rid%3D%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 00:27:01 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Fri, 18 Aug 2023 00:27:01 GMT
referrer-policy
unsafe-url
server
33XP012
x-33x-status
8000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://events-ssc.33across.com/match?bidder_id=10&external_user_id=99a3228b-b5ec-4ed0-ab3b-c41988f8f0a6&ts=1692318421&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
match
events-ssc.33across.com/ Frame FE03
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58350/sync?redir=true
  • https://ssc-cms.33across.com/ps/?xi=99&us_privacy=&xu=y-gsffrihE2uHMFjRQNaWKddyrFuDs3_lU~A
  • https://events-ssc.33across.com/match?bidder_id=99&external_user_id=y-gsffrihE2uHMFjRQNaWKddyrFuDs3_lU%7EA&ts=1692318421&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
68 B
126 B
Image
General
Full URL
https://events-ssc.33across.com/match?bidder_id=99&external_user_id=y-gsffrihE2uHMFjRQNaWKddyrFuDs3_lU%7EA&ts=1692318421&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&id=0010b00002CphGRAAZ&gdpr_consent=&ru=https%3A%2F%2Fs.pubmine.com%2Fmatch%3Fbidder_id%3D6%26external_user_id%3D33XUSERID33X%26ssp_data%3Dde349555-d0ff-4738-bf5a-71b2f3727eaa%26rid%3D%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D
Protocol
H2
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-US,en;q=0.9
Referer
https://de.tynt.com/deb/?m=xch&rt=html&id=0010b00002CphGRAAZ&gdpr_consent=&ru=https%3A%2F%2Fs.pubmine.com%2Fmatch%3Fbidder_id%3D6%26external_user_id%3D33XUSERID33X%26ssp_data%3Dde349555-d0ff-4738-bf5a-71b2f3727eaa%26rid%3D%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 00:27:01 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Fri, 18 Aug 2023 00:27:00 GMT
referrer-policy
unsafe-url
server
33XP010
x-33x-status
8000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://events-ssc.33across.com/match?bidder_id=99&external_user_id=y-gsffrihE2uHMFjRQNaWKddyrFuDs3_lU%7EA&ts=1692318421&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
match
events-ssc.33across.com/ Frame FE03
Redirect Chain
  • https://33across-match.dotomi.com/match/bounce/current?networkId=78390&version=1&us_privacy=
  • https://33across-match.dotomi.com/match/bounce/current?DotomiTest=5e7695dd4fb9188f&is_secure=true&networkId=78390&version=1&us_privacy=
  • https://ssc-cms.33across.com/ps?xi=64&xu=AAAHAF6brCrOUQMmRwhQAAAAAAA&expiration=1692404821&is_secure=true&us_privacy=
  • https://events-ssc.33across.com/match?bidder_id=64&external_user_id=AAAHAF6brCrOUQMmRwhQAAAAAAA&ts=1692318421&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
68 B
82 B
Image
General
Full URL
https://events-ssc.33across.com/match?bidder_id=64&external_user_id=AAAHAF6brCrOUQMmRwhQAAAAAAA&ts=1692318421&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&id=0010b00002CphGRAAZ&gdpr_consent=&ru=https%3A%2F%2Fs.pubmine.com%2Fmatch%3Fbidder_id%3D6%26external_user_id%3D33XUSERID33X%26ssp_data%3Dde349555-d0ff-4738-bf5a-71b2f3727eaa%26rid%3D%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D
Protocol
H3
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-US,en;q=0.9
Referer
https://de.tynt.com/deb/?m=xch&rt=html&id=0010b00002CphGRAAZ&gdpr_consent=&ru=https%3A%2F%2Fs.pubmine.com%2Fmatch%3Fbidder_id%3D6%26external_user_id%3D33XUSERID33X%26ssp_data%3Dde349555-d0ff-4738-bf5a-71b2f3727eaa%26rid%3D%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 00:27:01 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Fri, 18 Aug 2023 00:27:01 GMT
referrer-policy
unsafe-url
server
33XP003
x-33x-status
8000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://events-ssc.33across.com/match?bidder_id=64&external_user_id=AAAHAF6brCrOUQMmRwhQAAAAAAA&ts=1692318421&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
match
events-ssc.33across.com/ Frame FE03
Redirect Chain
  • https://eb2.3lift.com/getuid?gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fssc-cms.33across.com%2Fps%2F%3Fus_privacy%3D%26xi%3D33%26xu%3D%24UID
  • https://ssc-cms.33across.com/ps/?us_privacy=&xi=33&xu=4080762774149756005240
  • https://events-ssc.33across.com/match?bidder_id=33&external_user_id=4080762774149756005240&ts=1692318421&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
68 B
126 B
Image
General
Full URL
https://events-ssc.33across.com/match?bidder_id=33&external_user_id=4080762774149756005240&ts=1692318421&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&id=0010b00002CphGRAAZ&gdpr_consent=&ru=https%3A%2F%2Fs.pubmine.com%2Fmatch%3Fbidder_id%3D6%26external_user_id%3D33XUSERID33X%26ssp_data%3Dde349555-d0ff-4738-bf5a-71b2f3727eaa%26rid%3D%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D
Protocol
H2
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-US,en;q=0.9
Referer
https://de.tynt.com/deb/?m=xch&rt=html&id=0010b00002CphGRAAZ&gdpr_consent=&ru=https%3A%2F%2Fs.pubmine.com%2Fmatch%3Fbidder_id%3D6%26external_user_id%3D33XUSERID33X%26ssp_data%3Dde349555-d0ff-4738-bf5a-71b2f3727eaa%26rid%3D%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 00:27:01 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Fri, 18 Aug 2023 00:27:00 GMT
referrer-policy
unsafe-url
server
33XP013
x-33x-status
8000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://events-ssc.33across.com/match?bidder_id=33&external_user_id=4080762774149756005240&ts=1692318421&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 036E
Redirect Chain
  • https://ssc-cms.33across.com/ps/?us_privacy=&ts=1692318420658.7&ri=25&ru=https%3A%2F%2Fads.pubmatic.com%2FAdServer%2Fjs%2Fuser_sync.html%3F%26p%3D156423%26us_privacy%3D%24%7BUS_PRIVACY%7D%26predire...
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?&p=156423&us_privacy=&predirect=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D25%26external_user_id%3D
15 KB
6 KB
Document
General
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?&p=156423&us_privacy=&predirect=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D25%26external_user_id%3D
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&id=0010b00002CphGRAAZ&gdpr_consent=&ru=https%3A%2F%2Fs.pubmine.com%2Fmatch%3Fbidder_id%3D6%26external_user_id%3D33XUSERID33X%26ssp_data%3Dde349555-d0ff-4738-bf5a-71b2f3727eaa%26rid%3D%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.22.40.190 Liljeholmen, Sweden, ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE),
Reverse DNS
a2-22-40-190.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423

Request headers

Referer
https://de.tynt.com/deb/?m=xch&rt=html&id=0010b00002CphGRAAZ&gdpr_consent=&ru=https%3A%2F%2Fs.pubmine.com%2Fmatch%3Fbidder_id%3D6%26external_user_id%3D33XUSERID33X%26ssp_data%3Dde349555-d0ff-4738-bf5a-71b2f3727eaa%26rid%3D%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=158040
content-encoding
gzip
content-length
5606
content-type
text/html
date
Fri, 18 Aug 2023 00:27:01 GMT
expires
Sat, 19 Aug 2023 20:21:01 GMT
last-modified
Tue, 11 Jul 2023 09:39:35 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding

Redirect headers

cache-control
no-store, no-cache, must-revalidate
content-length
0
date
Fri, 18 Aug 2023 00:27:00 GMT
expires
Thu, 01-Jan-70 00:00:01 GMT
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?&p=156423&us_privacy=&predirect=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D25%26external_user_id%3D
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
pragma
no-cache
referrer-policy
unsafe-url
server
33XP009
x-33x-status
40000000008200000A
match
s.pubmine.com/ Frame FE03
Redirect Chain
  • https://ssc-cms.33across.com/ps/?_=1692318420658.&ri=0010b00002CphGRAAZ&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fs.pubmine.com%2Fmatch%3Fbidder_id%3D6%26external_user_id%3D33XUSER...
  • https://s.pubmine.com/match?bidder_id=6&external_user_id=212240589342896&ssp_data=de349555-d0ff-4738-bf5a-71b2f3727eaa&rid=&gdpr=0&gdpr_consent=&us_privacy=
43 B
880 B
Image
General
Full URL
https://s.pubmine.com/match?bidder_id=6&external_user_id=212240589342896&ssp_data=de349555-d0ff-4738-bf5a-71b2f3727eaa&rid=&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&id=0010b00002CphGRAAZ&gdpr_consent=&ru=https%3A%2F%2Fs.pubmine.com%2Fmatch%3Fbidder_id%3D6%26external_user_id%3D33XUSERID33X%26ssp_data%3Dde349555-d0ff-4738-bf5a-71b2f3727eaa%26rid%3D%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D
Protocol
HTTP/1.1
Server
52.23.11.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-23-11-45.compute-1.amazonaws.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-US,en;q=0.9
Referer
https://de.tynt.com/deb/?m=xch&rt=html&id=0010b00002CphGRAAZ&gdpr_consent=&ru=https%3A%2F%2Fs.pubmine.com%2Fmatch%3Fbidder_id%3D6%26external_user_id%3D33XUSERID33X%26ssp_data%3Dde349555-d0ff-4738-bf5a-71b2f3727eaa%26rid%3D%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date
Fri, 18 Aug 2023 00:27:01 GMT
Cache-Control
no-cache, no-store, must-revalidate
Content-Encoding
gzip
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Fri, 18 Aug 2023 00:27:00 GMT
referrer-policy
unsafe-url
server
33XP015
x-33x-status
100000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://s.pubmine.com/match?bidder_id=6&external_user_id=212240589342896&ssp_data=de349555-d0ff-4738-bf5a-71b2f3727eaa&rid=&gdpr=0&gdpr_consent=&us_privacy=
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
content
assets.mailerlite.com/jsonp/450750/forms/r2AANV/ Frame 11BE
64 KB
9 KB
Document
General
Full URL
https://assets.mailerlite.com/jsonp/450750/forms/r2AANV/content?v=1692317900
Requested by
Host: assets.mailerlite.com
URL: https://assets.mailerlite.com/js/universal.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:c45 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fd19ec34c5e978188c757defac1748370800c99c1fd2595a492115b709810abb
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://itsallinanutshell.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

access-control-allow-origin
*
cache-control
immutable, max-age=180, public, s-maxage=600
cf-cache-status
MISS
cf-ray
7f8607534bbd4bc0-BUF
content-encoding
br
content-type
text/html; charset=UTF-8
date
Fri, 18 Aug 2023 00:27:01 GMT
last-modified
Fri, 18 Aug 2023 00:27:01 GMT
server
cloudflare
strict-transport-security
max-age=15724800; includeSubDomains
vary
Accept-Encoding
via
Ingress
x-cache
MISS
x-cache-hits
0
x-cacheable
1
match
s.pubmine.com/ Frame 73A6
Redirect Chain
  • https://sync.technoratimedia.com/services?cb=https%3A%2F%2Fs.pubmine.com%2Fmatch%3Fbidder_id%3D30%26ssp_data%3Dde349555-d0ff-4738-bf5a-71b2f3727eaa%26rid%3D%26us_privacy%3D%26gdpr%3D0%26gdpr_consen...
  • https://s.pubmine.com/match?bidder_id=30&ssp_data=de349555-d0ff-4738-bf5a-71b2f3727eaa&rid=&us_privacy=&gdpr=0&gdpr_consent=&external_user_id=0ACA07A79B244833993E8B9798357D18
43 B
876 B
Image
General
Full URL
https://s.pubmine.com/match?bidder_id=30&ssp_data=de349555-d0ff-4738-bf5a-71b2f3727eaa&rid=&us_privacy=&gdpr=0&gdpr_consent=&external_user_id=0ACA07A79B244833993E8B9798357D18
Protocol
HTTP/1.1
Server
52.23.11.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-23-11-45.compute-1.amazonaws.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ad-cdn.technoratimedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date
Fri, 18 Aug 2023 00:27:01 GMT
Cache-Control
no-cache, no-store, must-revalidate
Content-Encoding
gzip
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
image/gif

Redirect headers

date
Fri, 18 Aug 2023 00:27:01 GMT
via
1.1 varnish
server
nginx
age
0
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
text/plain; charset=utf-8
location
https://s.pubmine.com/match?bidder_id=30&ssp_data=de349555-d0ff-4738-bf5a-71b2f3727eaa&rid=&us_privacy=&gdpr=0&gdpr_consent=&external_user_id=0ACA07A79B244833993E8B9798357D18
access-control-allow-origin
https://ad-cdn.technoratimedia.com/
x-varnish
254624859
access-control-allow-credentials
true
content-length
0
truncated
/ Frame A585
14 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0964d141519db34adc6aa127a33dbc6761cda1e56b584ea402082d99c44afb9e

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame A585
2 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
43ef4025567f7a15859b5252b6ccc1efe2ff8c7331b1aefbea7ce88eb5084d27

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type
image/png
logo_48.png
www.gstatic.com/recaptcha/api2/ Frame A585
2 KB
2 KB
Image
General
Full URL
https://www.gstatic.com/recaptcha/api2/logo_48.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/3kTz7WGoZLQTivI-amNftGZO/styles__ltr.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:809::2003 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.gstatic.com/recaptcha/releases/3kTz7WGoZLQTivI-amNftGZO/styles__ltr.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 23:30:57 GMT
x-content-type-options
nosniff
age
3364
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2228
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
expires
Thu, 24 Aug 2023 23:30:57 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame A585
15 KB
16 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lf1KHQUAAAAAFNKEX1hdSWCS3mRMv4FlFaNslaD&co=aHR0cHM6Ly9pdHNhbGxpbmFudXRzaGVsbC5jb206NDQz&hl=en&v=3kTz7WGoZLQTivI-amNftGZO&size=normal&cb=5opp0zebz3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:809::2003 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 11 Aug 2023 07:41:31 GMT
x-content-type-options
nosniff
age
578730
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 10 Aug 2024 07:41:31 GMT
sodar2.js
tpc.googlesyndication.com/sodar/
17 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308150101/pubads_impl.js?cb=31077123
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2001 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://itsallinanutshell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 00:27:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 18 Aug 2023 00:27:01 GMT
csi
csi.gstatic.com/ Frame DAC5
0
234 B
Ping
General
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~llfuouu2&c=4531014347017&slotId=2265507173508.5&eee=missing-element&bi=missing-id&faa=1&fas=1&vast_v=4.0&lima_p_ich=0&lima_p_icu=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.585.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 00:27:01 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame DAC5
0
0
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?sic=0&eic=1&lst=none&lec=1009&lid=176&sdkv=h.3.585.0&e=44751890%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275%2C44797735&id=ima_html5&c=2463457510211319&domain=itsallinanutshell.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.585.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2002 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 00:27:01 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame DAC5
0
0
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?cslots=0&dispcorr=1&streamcorr=1&isgptpresent=1&loc=https%3A%2F%2Fitsallinanutshell.com%2F&ref=https%3A%2F%2Fitsallinanutshell.com%2F&gcasclass=1&vpaidadapter=f&ifstate=0&lid=70&sdkv=h.3.585.0&e=44751890%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275%2C44797735&id=ima_html5&c=2463457510211319&domain=itsallinanutshell.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.585.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2002 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 00:27:01 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame DAC5
0
0
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?csrvinit=1&lid=151&sdkv=h.3.585.0&e=44751890%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275%2C44797735&id=ima_html5&c=2463457510211319&domain=itsallinanutshell.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.585.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2002 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 00:27:01 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usync.js
eus.rubiconproject.com/ Frame 3002
34 KB
10 KB
Script
General
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
72.247.65.83 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a72-247-65-83.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
f05698d815081e9ec8cb78b0175cd62943ef4982e9c6237a91b6c8bcf72a0ec6

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 00:27:01 GMT
content-encoding
gzip
last-modified
Thu, 17 Aug 2023 04:13:08 GMT
server
Apache/2.2.15 (CentOS)
x-powered-by
PHP/5.3.3
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
cache-control
max-age=13566
content-length
10116
expires
Fri, 18 Aug 2023 04:13:07 GMT
Pug
image2.pubmatic.com/AdServer/ Frame D804
Redirect Chain
  • https://t.adx.opera.com/pub/sync?pubid=pub8730968190912
  • https://image2.pubmatic.com/AdServer/Pug?piggybackCookie=OPU87e67693242d4262bc1cef6d7740e2c8&vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA%3D
42 B
95 B
Document
General
Full URL
https://image2.pubmatic.com/AdServer/Pug?piggybackCookie=OPU87e67693242d4262bc1cef6d7740e2c8&vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA%3D
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fs.pubmine.com%2Fmatch%3Fbidder_id%3D11%26ssp_data%3Dde349555-d0ff-4738-bf5a-71b2f3727eaa%26rid%3D%26us_privacy%3D%26gdpr%3D0%26gdpr_consent%3D%26external_user_id%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Fri, 18 Aug 2023 00:27:01 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With
access-control-allow-methods
POST, GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
content-length
168
content-type
text/html; charset=utf-8
date
Fri, 18 Aug 2023 00:27:01 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
location
https://image2.pubmatic.com/AdServer/Pug?piggybackCookie=OPU87e67693242d4262bc1cef6d7740e2c8&vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA%3D
pragma
no-cache
server
nginx
cksync.php
contextual.media.net/ Frame 40DD
Redirect Chain
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=
  • https://ad.turn.com/r/cs?pid=45&rndcb=6350977500
  • https://sync.1rx.io/usersync/turn/2700558205676423679?dspret=1&gdpr=&gdpr_consent=&us_privacy=
  • https://sync.targeting.unrulymedia.com/csync/RX-0ec53a30-df5a-48f0-bcf0-e0134c0f42b3-005?redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D13%26vsid%3D3353200176634272000V10%26type%3Dr1%...
  • https://contextual.media.net/cksync.php?cs=13&vsid=3353200176634272000V10&type=r1&refUrl=&vid=23184209383353200176634272000V10&ovsid=RX-0ec53a30-df5a-48f0-bcf0-e0134c0f42b3-005
61 B
477 B
Document
General
Full URL
https://contextual.media.net/cksync.php?cs=13&vsid=3353200176634272000V10&type=r1&refUrl=&vid=23184209383353200176634272000V10&ovsid=RX-0ec53a30-df5a-48f0-bcf0-e0134c0f42b3-005
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fs.pubmine.com%2Fmatch%3Fbidder_id%3D11%26ssp_data%3Dde349555-d0ff-4738-bf5a-71b2f3727eaa%26rid%3D%26us_privacy%3D%26gdpr%3D0%26gdpr_consent%3D%26external_user_id%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.52.158.180 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-158-180.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
cc0e716595a20cd577f4cba25c11b4b54d92311f5f4bf22b992af281cabbc0c7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
max-age=0, no-cache, no-store
content-length
61
content-type
image/gif
date
Fri, 18 Aug 2023 00:27:01 GMT
expires
Fri, 18 Aug 2023 00:27:01 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA" CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
pragma
no-cache
server
Apache
strict-transport-security
max-age=31536000
x-mnet-hl2
E

Redirect headers

Connection
keep-alive
Content-Type
text/html
Date
Fri, 18 Aug 2023 00:27:01 GMT
ETag
RX0ec53a30df5a48f0bcf0e0134c0f42b3005
Location
https://contextual.media.net/cksync.php?cs=13&vsid=3353200176634272000V10&type=r1&refUrl=&vid=23184209383353200176634272000V10&ovsid=RX-0ec53a30-df5a-48f0-bcf0-e0134c0f42b3-005
P3P
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
Server
Tengine
Transfer-Encoding
chunked
cm
ipac.ctnsnet.com/int/ Frame CE0C
43 B
368 B
Document
General
Full URL
https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fs.pubmine.com%2Fmatch%3Fbidder_id%3D11%26ssp_data%3Dde349555-d0ff-4738-bf5a-71b2f3727eaa%26rid%3D%26us_privacy%3D%26gdpr%3D0%26gdpr_consent%3D%26external_user_id%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.193.173 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
173.193.186.35.bc.googleusercontent.com
Software
Apache-Coyote/1.1 /
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
43
content-type
image/gif
date
Fri, 18 Aug 2023 00:27:01 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
CP="NOI DSP COR NID CUR OUR NOR"
pragma
no-cache
server
Apache-Coyote/1.1
via
1.1 google
Pug
image2.pubmatic.com/AdServer/ Frame 01BB
Redirect Chain
  • https://gocm.c.appier.net/pubmatic
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=x15wm7xKCpm-rhyn1breZA
42 B
278 B
Document
General
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=x15wm7xKCpm-rhyn1breZA
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fs.pubmine.com%2Fmatch%3Fbidder_id%3D11%26ssp_data%3Dde349555-d0ff-4738-bf5a-71b2f3727eaa%26rid%3D%26us_privacy%3D%26gdpr%3D0%26gdpr_consent%3D%26external_user_id%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Fri, 18 Aug 2023 00:27:01 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

accept-ch
Sec-CH-UA-Model,Sec-CH-UA-Platform-Version
cache-control
no-store
content-length
153
content-type
text/html; charset=utf-8
date
Fri, 18 Aug 2023 00:27:01 GMT
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=x15wm7xKCpm-rhyn1breZA
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
nginx
Pug
image2.pubmatic.com/AdServer/ Frame 8368
Redirect Chain
  • https://mweb.ck.inmobi.com/sync/15?redirect=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQzNSZ0bD00MzIwMA%3D%3D%26piggybackCookie%3D%24DSP_CKID
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQzNSZ0bD00MzIwMA==&piggybackCookie=a0630e9e-019c-45a7-bfab-a4edc6e1e75b
1 B
72 B
Document
General
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQzNSZ0bD00MzIwMA==&piggybackCookie=a0630e9e-019c-45a7-bfab-a4edc6e1e75b
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fs.pubmine.com%2Fmatch%3Fbidder_id%3D11%26ssp_data%3Dde349555-d0ff-4738-bf5a-71b2f3727eaa%26rid%3D%26us_privacy%3D%26gdpr%3D0%26gdpr_consent%3D%26external_user_id%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
1
content-type
text/html; charset=utf-8
date
Fri, 18 Aug 2023 00:27:01 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
date
Fri, 18 Aug 2023 00:27:01 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQzNSZ0bD00MzIwMA==&piggybackCookie=a0630e9e-019c-45a7-bfab-a4edc6e1e75b
strict-transport-security
max-age=15724800; includeSubDomains
cookiesync
core.iprom.net/ Frame 95DF
43 B
276 B
Document
General
Full URL
https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fs.pubmine.com%2Fmatch%3Fbidder_id%3D11%26ssp_data%3Dde349555-d0ff-4738-bf5a-71b2f3727eaa%26rid%3D%26us_privacy%3D%26gdpr%3D0%26gdpr_consent%3D%26external_user_id%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.5.165.20 , Slovenia, ASN44968 (IPROM-AS, SI),
Reverse DNS
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Connection
close
Content-Length
43
Content-Type
image/gif
Date
Fri, 18 Aug 2023 00:27:01 GMT
Vary
Accept-Encoding
X-adserver-worker
molok-c17a6d820f89@version_1.566
X-core-time
1ms
X-server-arch
v2
pub
matching.truffle.bid/sync/ Frame 857B
0
0
Document
General
Full URL
https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fs.pubmine.com%2Fmatch%3Fbidder_id%3D11%26ssp_data%3Dde349555-d0ff-4738-bf5a-71b2f3727eaa%26rid%3D%26us_privacy%3D%26gdpr%3D0%26gdpr_consent%3D%26external_user_id%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.88.86.2 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.2.86.88.23.clients.your-server.de
Software
nginx/1.23.1 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Connection
keep-alive
Date
Fri, 18 Aug 2023 00:27:01 GMT
Server
nginx/1.23.1
Strict-Transport-Security
max-age=15768000
ecc
px.owneriq.net/ Frame 7571
Redirect Chain
  • https://px.owneriq.net/epm?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=$UID
  • https://px.owneriq.net/ecc?redir=https%3a%2f%2fsimage2.pubmatic.com%2fAdServer%2fPug%3fvcode%3dbz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw%26piggybackCookie%3dQ7456048311862328828&uid=Q745604831186232...
0
0

Pug
simage2.pubmatic.com/AdServer/ Frame C5CE
Redirect Chain
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:7ECD5403DF2A44CEA68AD742A23A3A42&gdpr=0&gdpr_consent=
1 B
53 B
Document
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:7ECD5403DF2A44CEA68AD742A23A3A42&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fs.pubmine.com%2Fmatch%3Fbidder_id%3D11%26ssp_data%3Dde349555-d0ff-4738-bf5a-71b2f3727eaa%26rid%3D%26us_privacy%3D%26gdpr%3D0%26gdpr_consent%3D%26external_user_id%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.248.18.37 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
1
content-type
text/html; charset=utf-8
date
Fri, 18 Aug 2023 00:27:01 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
cache-control
no-cache
content-length
142
content-type
text/html
date
Fri, 18 Aug 2023 00:27:01 GMT
expires
Thu, 17 Aug 2023 00:27:01 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:7ECD5403DF2A44CEA68AD742A23A3A42&gdpr=0&gdpr_consent=
server
openresty
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
match
s.pubmine.com/ Frame 4B99
43 B
880 B
Document
General
Full URL
https://s.pubmine.com/match?bidder_id=11&ssp_data=de349555-d0ff-4738-bf5a-71b2f3727eaa&rid=&us_privacy=&gdpr=0&gdpr_consent=&external_user_id=2A9490F3-08AC-45EE-95C7-6A357A3D2EFD
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fs.pubmine.com%2Fmatch%3Fbidder_id%3D11%26ssp_data%3Dde349555-d0ff-4738-bf5a-71b2f3727eaa%26rid%3D%26us_privacy%3D%26gdpr%3D0%26gdpr_consent%3D%26external_user_id%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.23.11.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-23-11-45.compute-1.amazonaws.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Encoding
gzip
Content-Type
image/gif
Date
Fri, 18 Aug 2023 00:27:01 GMT
Server
nginx
Transfer-Encoding
chunked
insync
thrtle.com/ Frame 1B93
Redirect Chain
  • https://thrtle.com/insync?vxii_pid=10067&vxii_pdid=2A9490F3-08AC-45EE-95C7-6A357A3D2EFD&gdpr=0&gdpr_consent=
  • https://thrtle.com/insync?gdpr=0&gdpr_consent=&vxii_pdid=2A9490F3-08AC-45EE-95C7-6A357A3D2EFD&vxii_pid=12&vxii_pid1=10067&vxii_rcid=eeb9e6ae-8ffc-406f-9efc-2062a3f068cf
43 B
294 B
Image
General
Full URL
https://thrtle.com/insync?gdpr=0&gdpr_consent=&vxii_pdid=2A9490F3-08AC-45EE-95C7-6A357A3D2EFD&vxii_pid=12&vxii_pid1=10067&vxii_rcid=eeb9e6ae-8ffc-406f-9efc-2062a3f068cf
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fs.pubmine.com%2Fmatch%3Fbidder_id%3D11%26ssp_data%3Dde349555-d0ff-4738-bf5a-71b2f3727eaa%26rid%3D%26us_privacy%3D%26gdpr%3D0%26gdpr_consent%3D%26external_user_id%3D
Protocol
H2
Server
54.81.4.21 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-81-4-21.compute-1.amazonaws.com
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

p3p
CP="NOI OUR BUS UNI COM NAV"
date
Fri, 18 Aug 2023 00:27:01 GMT
content-length
43
content-type
image/gif

Redirect headers

location
https://thrtle.com/insync?gdpr=0&gdpr_consent=&vxii_pdid=2A9490F3-08AC-45EE-95C7-6A357A3D2EFD&vxii_pid=12&vxii_pid1=10067&vxii_rcid=eeb9e6ae-8ffc-406f-9efc-2062a3f068cf
date
Fri, 18 Aug 2023 00:27:01 GMT
content-type
text/html; charset=utf-8
content-length
211
p3p
CP="NOI OUR BUS UNI COM NAV"
sd
us-u.openx.net/w/1.0/ Frame 1B93
43 B
61 B
Image
General
Full URL
https://us-u.openx.net/w/1.0/sd?id=540245193&val=2A9490F3-08AC-45EE-95C7-6A357A3D2EFD&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fs.pubmine.com%2Fmatch%3Fbidder_id%3D11%26ssp_data%3Dde349555-d0ff-4738-bf5a-71b2f3727eaa%26rid%3D%26us_privacy%3D%26gdpr%3D0%26gdpr_consent%3D%26external_user_id%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 00:27:01 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT
Martin
crb.kargo.com/api/v1/dsync/ Frame 1B93
43 B
359 B
Image
General
Full URL
https://crb.kargo.com/api/v1/dsync/Martin?exid=2A9490F3-08AC-45EE-95C7-6A357A3D2EFD&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fs.pubmine.com%2Fmatch%3Fbidder_id%3D11%26ssp_data%3Dde349555-d0ff-4738-bf5a-71b2f3727eaa%26rid%3D%26us_privacy%3D%26gdpr%3D0%26gdpr_consent%3D%26external_user_id%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.233.248.22 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-233-248-22.compute-1.amazonaws.com
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 00:27:01 GMT
x-accel-expires
0
vary
Origin
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 UTC
sync
sync.bfmio.com/ Frame 1B93
0
425 B
Image
General
Full URL
https://sync.bfmio.com/sync?pid=187&uid=2A9490F3-08AC-45EE-95C7-6A357A3D2EFD&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fs.pubmine.com%2Fmatch%3Fbidder_id%3D11%26ssp_data%3Dde349555-d0ff-4738-bf5a-71b2f3727eaa%26rid%3D%26us_privacy%3D%26gdpr%3D0%26gdpr_consent%3D%26external_user_id%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.212.232.9 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-212-232-9.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Connection
keep-alive
Date
Fri, 18 Aug 2023 00:27:01 GMT
usync.js
eus.rubiconproject.com/ Frame 8991
34 KB
10 KB
Script
General
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=medianet
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
72.247.65.83 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a72-247-65-83.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
f05698d815081e9ec8cb78b0175cd62943ef4982e9c6237a91b6c8bcf72a0ec6

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=medianet
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 00:27:01 GMT
content-encoding
gzip
last-modified
Thu, 17 Aug 2023 04:13:08 GMT
server
Apache/2.2.15 (CentOS)
x-powered-by
PHP/5.3.3
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
cache-control
max-age=13566
content-length
10116
expires
Fri, 18 Aug 2023 04:13:07 GMT
fpc
at.teads.tv/
56 B
245 B
Fetch
General
Full URL
https://at.teads.tv/fpc?analytics_tag_id=PUB_6977&tfpvi=&gdpr_status=22&gdpr_reason=220&gdpr_consent=&ccpa_consent=1---&shared_ids=&sv=471b531&
Requested by
Host: www.ezojs.com
URL: https://www.ezojs.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-17y07-2y1e-7y0b-6y0d-27y13-4y16-3y18-4y1c-5y21-4y22-1y25-2y24-5y26-3y29-72y2c-158y30-176y34-4y36-21y3a-12y3b-6y59-2y5d-22&cmbcb=178&sj=x04x02x06x07x1ex0bx0dx13x16x18x1cx21x22x25x24x26x29x2cx30x34x36x3ax3bx59x5d&abt=EdgeHostDomain
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
72.247.69.164 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a72-247-69-164.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
21873b48864f2603d1c96674b2dfb83249b505f5b916a9a8b6f1543e66e44909

Request headers

accept-language
en-US,en;q=0.9
Referer
https://itsallinanutshell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 00:27:01 GMT
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://itsallinanutshell.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
56
expires
Fri, 18 Aug 2023 00:27:01 GMT
usync.js
eus.rubiconproject.com/ Frame 0F22
34 KB
10 KB
Script
General
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
72.247.65.83 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a72-247-65-83.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
f05698d815081e9ec8cb78b0175cd62943ef4982e9c6237a91b6c8bcf72a0ec6

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 00:27:01 GMT
content-encoding
gzip
last-modified
Thu, 17 Aug 2023 04:13:08 GMT
server
Apache/2.2.15 (CentOS)
x-powered-by
PHP/5.3.3
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
cache-control
max-age=13566
content-length
10116
expires
Fri, 18 Aug 2023 04:13:07 GMT
webworker.js
www.google.com/recaptcha/api2/ Frame A585
102 B
134 B
Other
General
Full URL
https://www.google.com/recaptcha/api2/webworker.js?hl=en&v=3kTz7WGoZLQTivI-amNftGZO
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lf1KHQUAAAAAFNKEX1hdSWCS3mRMv4FlFaNslaD&co=aHR0cHM6Ly9pdHNhbGxpbmFudXRzaGVsbC5jb206NDQz&hl=en&v=3kTz7WGoZLQTivI-amNftGZO&size=normal&cb=5opp0zebz3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:806::2004 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
0d62c80e8180a2c275d761c5fb681cc5b0e41fff53d32926ebed430f91f511c9
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lf1KHQUAAAAAFNKEX1hdSWCS3mRMv4FlFaNslaD&co=aHR0cHM6Ly9pdHNhbGxpbmFudXRzaGVsbC5jb206NDQz&hl=en&v=3kTz7WGoZLQTivI-amNftGZO&size=normal&cb=5opp0zebz3
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 00:27:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
cross-origin-embedder-policy
require-corp
x-frame-options
SAMEORIGIN
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
112
x-xss-protection
1; mode=block
expires
Fri, 18 Aug 2023 00:27:01 GMT
v1
btlr.sharethrough.com/universal/
474 B
471 B
XHR
General
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?cb=195-0-60
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.237.83.209 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-237-83-209.compute-1.amazonaws.com
Software
/
Resource Hash
79cd291e4c409d5e73e1aabf30003d76d283da92207588ccb7d655bdcc5d8bb9

Request headers

Referer
https://itsallinanutshell.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 18 Aug 2023 00:27:01 GMT
content-encoding
gzip
x-openrtb-version
2.5
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://itsallinanutshell.com
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
294
prebid-request
onetag-sys.com/
15 B
368 B
XHR
General
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?cb=195-0-60
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.222.39.185 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip185.ip-51-222-39.net
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://itsallinanutshell.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
content-type
application/json
access-control-allow-origin
https://itsallinanutshell.com
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control
no-transform, no-cache
access-control-allow-credentials
true
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
PugMaster
image6.pubmatic.com/AdServer/ Frame 5BDD
692 B
1 KB
Script
General
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=91201328&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.81 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e80e1f559553e009fbc37dfe6871919bdb9d68504a1086ec1e69b32196a25a4b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Fri, 18 Aug 2023 00:27:01 GMT
content-length
692
content-type
text/html; charset=UTF-8
PugMaster
image6.pubmatic.com/AdServer/ Frame EC99
692 B
1 KB
Script
General
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=85028164&p=156631&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D2dc5d7ef17b42550%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.81 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e80e1f559553e009fbc37dfe6871919bdb9d68504a1086ec1e69b32196a25a4b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Fri, 18 Aug 2023 00:27:01 GMT
content-length
692
content-type
text/html; charset=UTF-8
army.gif
itsallinanutshell.com/porpoiseant/
0
121 B
Ping
General
Full URL
https://itsallinanutshell.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNzk5OTE5Mjg5NzY1MzcyNyIsImRvbWFpbl9pZCI6IjQ5Njk5NiIsInVuaXQiOiJkaXYtZ3B0LWFkLWl0c2FsbGluYW51dHNoZWxsX2NvbS1lZGdlLTEtMCIsInRfZXBvY2giOjE2OTIzMTg0MTQsImFkX3Bvc2l0aW9uIjoxMTAxLCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiVVMiLCJwYWdldmlld19pZCI6ImI2NGZkMWVkLWRkM2MtNDhlMy00NTZlLTU0NWVhZTU4YzgxNSIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6MCwiY3JlYXRpdmVfaWQiOjAsImRhdGEiOlt7Im5hbWUiOiJ3b3Jkc19iZWZvcmUiLCJ2YWwiOiIzIn1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiI2NTYxOTM5NjM5NjA0MDYyIiwiZG9tYWluX2lkIjoiNDk2OTk2IiwidW5pdCI6ImRpdi1ncHQtYWQtaXRzYWxsaW5hbnV0c2hlbGxfY29tLW1lZHJlY3RhbmdsZS0yLTAiLCJ0X2Vwb2NoIjoxNjkyMzE4NDE0LCJhZF9wb3NpdGlvbiI6MTEwMCwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IlVTIiwicGFnZXZpZXdfaWQiOiJiNjRmZDFlZC1kZDNjLTQ4ZTMtNDU2ZS01NDVlYWU1OGM4MTUiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjAsImNyZWF0aXZlX2lkIjowLCJkYXRhIjpbeyJuYW1lIjoid29yZHNfYmVmb3JlIiwidmFsIjoiNTUifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6IjQ5MzE5MTg5NjE2MjcwODYiLCJkb21haW5faWQiOiI0OTY5OTYiLCJ1bml0IjoiZGl2LWdwdC1hZC1pdHNhbGxpbmFudXRzaGVsbF9jb20tZWRnZS0yLTAiLCJ0X2Vwb2NoIjoxNjkyMzE4NDE0LCJhZF9wb3NpdGlvbiI6MTEwMiwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IlVTIiwicGFnZXZpZXdfaWQiOiJiNjRmZDFlZC1kZDNjLTQ4ZTMtNDU2ZS01NDVlYWU1OGM4MTUiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjAsImNyZWF0aXZlX2lkIjowLCJkYXRhIjpbeyJuYW1lIjoid29yZHNfYmVmb3JlIiwidmFsIjoiMyJ9XSwiaXNfb3JpZyI6ZmFsc2V9XQ==
Requested by
Host: www.ezojs.com
URL: https://www.ezojs.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-17y07-2y1e-7y0b-6y0d-27y13-4y16-3y18-4y1c-5y21-4y22-1y25-2y24-5y26-3y29-72y2c-158y30-176y34-4y36-21y3a-12y3b-6y59-2y5d-22&cmbcb=178&sj=x04x02x06x07x1ex0bx0dx13x16x18x1cx21x22x25x24x26x29x2cx30x34x36x3ax3bx59x5d&abt=EdgeHostDomain
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1f10:4c55:e23f:afb4:7f32:3aa4:fbc Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://itsallinanutshell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

access-control-allow-origin
https://itsallinanutshell.com
x-middleton-display
ezp_sol
date
Fri, 18 Aug 2023 00:27:00 GMT
cache-control
private, max-age=0, must-revalidate, no-cache, no-store
vary
Accept-Encoding
expires
Thu, 17 Aug 2023 00:27:00 GMT
army.gif
itsallinanutshell.com/porpoiseant/
0
16 B
Ping
General
Full URL
https://itsallinanutshell.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNzk5OTE5Mjg5NzY1MzcyNyIsImRvbWFpbl9pZCI6IjQ5Njk5NiIsInVuaXQiOiJkaXYtZ3B0LWFkLWl0c2FsbGluYW51dHNoZWxsX2NvbS1lZGdlLTEtMCIsInRfZXBvY2giOjE2OTIzMTg0MTQsImFkX3Bvc2l0aW9uIjoxMTAxLCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiVVMiLCJwYWdldmlld19pZCI6ImI2NGZkMWVkLWRkM2MtNDhlMy00NTZlLTU0NWVhZTU4YzgxNSIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6MCwiY3JlYXRpdmVfaWQiOjAsImRhdGEiOlt7Im5hbWUiOiJwb3NfeCIsInZhbCI6IjAifSx7Im5hbWUiOiJwb3NfeSIsInZhbCI6IjMwMCJ9LHsibmFtZSI6ImlzX2Zsb2F0aW5nIiwidmFsIjoidHJ1ZSJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNjU2MTkzOTYzOTYwNDA2MiIsImRvbWFpbl9pZCI6IjQ5Njk5NiIsInVuaXQiOiJkaXYtZ3B0LWFkLWl0c2FsbGluYW51dHNoZWxsX2NvbS1tZWRyZWN0YW5nbGUtMi0wIiwidF9lcG9jaCI6MTY5MjMxODQxNCwiYWRfcG9zaXRpb24iOjExMDAsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJVUyIsInBhZ2V2aWV3X2lkIjoiYjY0ZmQxZWQtZGQzYy00OGUzLTQ1NmUtNTQ1ZWFlNThjODE1IiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjowLCJjcmVhdGl2ZV9pZCI6MCwiZGF0YSI6W3sibmFtZSI6InBvc194IiwidmFsIjoiMCJ9LHsibmFtZSI6InBvc195IiwidmFsIjoiMTEwNCJ9LHsibmFtZSI6ImlzX2Zsb2F0aW5nIiwidmFsIjoidHJ1ZSJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNDkzMTkxODk2MTYyNzA4NiIsImRvbWFpbl9pZCI6IjQ5Njk5NiIsInVuaXQiOiJkaXYtZ3B0LWFkLWl0c2FsbGluYW51dHNoZWxsX2NvbS1lZGdlLTItMCIsInRfZXBvY2giOjE2OTIzMTg0MTQsImFkX3Bvc2l0aW9uIjoxMTAyLCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiVVMiLCJwYWdldmlld19pZCI6ImI2NGZkMWVkLWRkM2MtNDhlMy00NTZlLTU0NWVhZTU4YzgxNSIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6MCwiY3JlYXRpdmVfaWQiOjAsImRhdGEiOlt7Im5hbWUiOiJwb3NfeCIsInZhbCI6IjE0NDAifSx7Im5hbWUiOiJwb3NfeSIsInZhbCI6IjMwMCJ9LHsibmFtZSI6ImlzX2Zsb2F0aW5nIiwidmFsIjoidHJ1ZSJ9XSwiaXNfb3JpZyI6ZmFsc2V9XQ==
Requested by
Host: www.ezojs.com
URL: https://www.ezojs.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-17y07-2y1e-7y0b-6y0d-27y13-4y16-3y18-4y1c-5y21-4y22-1y25-2y24-5y26-3y29-72y2c-158y30-176y34-4y36-21y3a-12y3b-6y59-2y5d-22&cmbcb=178&sj=x04x02x06x07x1ex0bx0dx13x16x18x1cx21x22x25x24x26x29x2cx30x34x36x3ax3bx59x5d&abt=EdgeHostDomain
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1f10:4c55:e23f:afb4:7f32:3aa4:fbc Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://itsallinanutshell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

access-control-allow-origin
https://itsallinanutshell.com
x-middleton-display
ezp_sol
date
Fri, 18 Aug 2023 00:27:00 GMT
cache-control
private, max-age=0, must-revalidate, no-cache, no-store
vary
Accept-Encoding
expires
Thu, 17 Aug 2023 00:27:00 GMT
ads
securepubads.g.doubleclick.net/gampad/
404 B
185 B
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=244299579352505&correlator=360248372284914&eid=31076398%2C31076768%2C31077123&output=ldjh&gdfp_req=1&vrg=202308150101&ptt=17&impl=fif&us_privacy=1---&iu_parts=21732118914%3A22975044942%2Citsallinanutshell_com-medrectangle-2&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&ifi=13&didk=1504799095&sfv=1-0-40&rcs=3&eri=1&sc=1&cookie=ID%3D873143505799b32e%3AT%3D1692318415%3ART%3D1692318415%3AS%3DALNI_MZKdxWcwhATBS_BWyj8cEreudmDwA&gpic=UID%3D00000d8c0537ff80%3AT%3D1692318415%3ART%3D1692318415%3AS%3DALNI_MaCTkwevePLqFczOym_Lp657bBqwA&abxe=1&dt=1692318421315&lmt=1692354421&adxs=436&adys=1110&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fitsallinanutshell.com%2F&vis=1&psz=728x-1&msz=728x-1&fws=516&ohw=1600&ga_vid=1075092753.1692318415&ga_sid=1692318416&ga_hid=1732463647&ga_fc=true&dlt=1692318414472&idt=949&prev_scp=a%3D%257C0%257C%26iid1%3D6561939639604062%26eid%3D6561939639604062%26t%3D134%26d%3D496996%26t1%3D134%26pvc%3D0%26ap%3D1100%26sap%3D1100%26as%3Drevenue%26plat%3D1%26bra%3Dmod13%26ic%3D4%26at%3Dmbf%26adr%3D399%26ezosn%3D3%26reft%3Dtf%26refs%3D30%26refa%3D1%26ga%3D5302779%26rid%3D99998%26pt%3D5%26al%3D1005%26compid%3D0%26tap%3Ditsallinanutshell_com-medrectangle-2-6561939639604062%26eb_br%3D09900f25ac768e2ab6f6a1b9b20b686a%2Cbf9a045b836005b6c23b7b0749249612%26eba%3D1%26bv%3D15%26bvm%3D0%26bvr%3D5%26avc%3D113%26shp%3D1%26ftsn%3D12%26ftsng%3D12%26br1%3D26%26br2%3D100%26ezoic%3D1%26nmau%3D0%26mau%3D0%26stl%3D63%2C14%2C28%2C4%2C51%2C0%2C88%2C0%2C71%2C30%2C0%2C31%2C901%2C902%2C903%26deal1%3D20%2C21%2C22%2C23%2C24%2C25%2C26%2C1794%2C2310%2C2339%2C2526%2C2527%2C2763%2C2764%2C2765%2C3054%2C3154%2C3430%2C3455%2C3456%2C3457%2C3458%2C3460%2C3682%2C3683%2C3684%2C4184%2C4185%2C4186%2C5747%2C9%2C10%2C11%2C12%2C13%2C14%2C15%2C16%2C17%2C2351%2C2610%2C2761%2C3044%2C7%2C8%2C915%2C874%2C835%2C17%2C19%2C2351%2C2610%2C2688%2C2761%2C3044%2C3045%2C4276%2C7%2C8%2C916%2C915%2C874%2C835%2C17%2C19%2C2351%2C2610%2C2688%2C2693%2C2761%2C3044%2C3045%2C3053%2C4276%2C7%2C8%2C916%2C915%2C874%2C835%26lb%3D60%26reqt%3D1692318421186&adks=3076448883&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308150101/pubads_impl.js?cb=31077123
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2002 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e2b441a28838ee3c705a3097624e8f3786e428aeaacdde1b781e16a1c3cd264d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://itsallinanutshell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 00:27:01 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
155
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://itsallinanutshell.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
f9aff9bef49e1270a22b691c950b742a.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame A955
6 KB
3 KB
Document
General
Full URL
https://f9aff9bef49e1270a22b691c950b742a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308150101/pubads_impl.js?cb=31077123
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2001 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://itsallinanutshell.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
age
6
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 18 Aug 2023 00:26:55 GMT
expires
Sat, 17 Aug 2024 00:26:55 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
army.gif
itsallinanutshell.com/porpoiseant/
0
62 B
Ping
General
Full URL
https://itsallinanutshell.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNzk5OTE5Mjg5NzY1MzcyNyIsImRvbWFpbl9pZCI6IjQ5Njk5NiIsInVuaXQiOiJkaXYtZ3B0LWFkLWl0c2FsbGluYW51dHNoZWxsX2NvbS1lZGdlLTEtMCIsInRfZXBvY2giOjE2OTIzMTg0MTQsImFkX3Bvc2l0aW9uIjoxMTAxLCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiVVMiLCJwYWdldmlld19pZCI6ImI2NGZkMWVkLWRkM2MtNDhlMy00NTZlLTU0NWVhZTU4YzgxNSIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6NDk3NDkwNDI3MiwiY3JlYXRpdmVfaWQiOjEzODI0MTEyMzUxNywiZGF0YSI6W3sibmFtZSI6InJlZnJlc2hfY291bnQiLCJ2YWwiOiI0In1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiI3OTk5MTkyODk3NjUzNzI3IiwiZG9tYWluX2lkIjoiNDk2OTk2IiwidW5pdCI6ImRpdi1ncHQtYWQtaXRzYWxsaW5hbnV0c2hlbGxfY29tLWVkZ2UtMS0wIiwidF9lcG9jaCI6MTY5MjMxODQxNCwiYWRfcG9zaXRpb24iOjExMDEsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJVUyIsInBhZ2V2aWV3X2lkIjoiYjY0ZmQxZWQtZGQzYy00OGUzLTQ1NmUtNTQ1ZWFlNThjODE1IiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjo0OTc0OTA0MjcyLCJjcmVhdGl2ZV9pZCI6MTM4MjQxMTIzNTE3LCJkYXRhIjpbeyJuYW1lIjoiZmlsbGVkX2JpZF9oYXNoIiwidmFsIjoiZmY2NTQ4OTE4NGE4YmQ3NDViNTg4MzIzYWIxYjRlMjIsYjZjOThhOGJiMTU3NjRmMWM0ZWUzMzFkY2I3MjQxNzgifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6Ijc5OTkxOTI4OTc2NTM3MjciLCJkb21haW5faWQiOiI0OTY5OTYiLCJ1bml0IjoiZGl2LWdwdC1hZC1pdHNhbGxpbmFudXRzaGVsbF9jb20tZWRnZS0xLTAiLCJ0X2Vwb2NoIjoxNjkyMzE4NDE0LCJyZXZlbnVlIjowLCJlc3RfcmV2ZW51ZSI6MC4wMDAwMiwiYWRfcG9zaXRpb24iOjExMDEsImFkX3NpemUiOiIiLCJiaWRfZmxvb3JfZmlsbGVkIjowLjAwMDAyLCJiaWRfZmxvb3JfcHJldiI6MC4wMDAyMiwic3RhdF9zb3VyY2VfaWQiOjM1LCJjb3VudHJ5X2NvZGUiOiJVUyIsInBhZ2V2aWV3X2lkIjoiYjY0ZmQxZWQtZGQzYy00OGUzLTQ1NmUtNTQ1ZWFlNThjODE1IiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjo0OTc0OTA0MjcyLCJjcmVhdGl2ZV9pZCI6MTM4MjQxMTIzNTE3LCJkYXRhIjpbeyJuYW1lIjoibG9hZGVkIiwidmFsIjoiMSJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNzk5OTE5Mjg5NzY1MzcyNyIsImRvbWFpbl9pZCI6IjQ5Njk5NiIsInVuaXQiOiJkaXYtZ3B0LWFkLWl0c2FsbGluYW51dHNoZWxsX2NvbS1lZGdlLTEtMCIsInRfZXBvY2giOjE2OTIzMTg0MTQsImFkX3Bvc2l0aW9uIjoxMTAxLCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiVVMiLCJwYWdldmlld19pZCI6ImI2NGZkMWVkLWRkM2MtNDhlMy00NTZlLTU0NWVhZTU4YzgxNSIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6NDk3NDkwNDI3MiwiY3JlYXRpdmVfaWQiOjEzODI0MTEyMzUxNywiZGF0YSI6W3sibmFtZSI6ImNyZWF0aXZlX2lkIiwidmFsIjoiMTM4MjQxMTIzNTE3In1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiI3OTk5MTkyODk3NjUzNzI3IiwiZG9tYWluX2lkIjoiNDk2OTk2IiwidW5pdCI6ImRpdi1ncHQtYWQtaXRzYWxsaW5hbnV0c2hlbGxfY29tLWVkZ2UtMS0wIiwidF9lcG9jaCI6MTY5MjMxODQxNCwiYWRfcG9zaXRpb24iOjExMDEsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJVUyIsInBhZ2V2aWV3X2lkIjoiYjY0ZmQxZWQtZGQzYy00OGUzLTQ1NmUtNTQ1ZWFlNThjODE1IiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjo0OTc0OTA0MjcyLCJjcmVhdGl2ZV9pZCI6MTM4MjQxMTIzNTE3LCJkYXRhIjpbeyJuYW1lIjoibGluZWl0ZW1faWQiLCJ2YWwiOiI0OTc0OTA0MjcyIn1dLCJpc19vcmlnIjpmYWxzZX1d
Requested by
Host: www.ezojs.com
URL: https://www.ezojs.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-17y07-2y1e-7y0b-6y0d-27y13-4y16-3y18-4y1c-5y21-4y22-1y25-2y24-5y26-3y29-72y2c-158y30-176y34-4y36-21y3a-12y3b-6y59-2y5d-22&cmbcb=178&sj=x04x02x06x07x1ex0bx0dx13x16x18x1cx21x22x25x24x26x29x2cx30x34x36x3ax3bx59x5d&abt=EdgeHostDomain
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1f10:4c55:e23f:afb4:7f32:3aa4:fbc Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://itsallinanutshell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

access-control-allow-origin
https://itsallinanutshell.com
x-middleton-display
ezp_sol
date
Fri, 18 Aug 2023 00:27:01 GMT
cache-control
private, max-age=0, must-revalidate, no-cache, no-store
vary
Accept-Encoding
expires
Thu, 17 Aug 2023 00:27:01 GMT
4974904272
go.ezodn.com/dac/
0
586 B
XHR
General
Full URL
https://go.ezodn.com/dac/4974904272
Requested by
Host: www.ezojs.com
URL: https://www.ezojs.com/porpoiseant/banger.js?cb=195-0&bv=257&v=76&PageSpeed=off
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:e2::ac40:8817 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://itsallinanutshell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 00:27:01 GMT
cf-cache-status
EXPIRED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
0
last-modified
Thu, 17 Aug 2023 23:03:24 GMT
server
cloudflare
access-control-max-age
1728000
access-control-allow-methods
GET, POST, PUT, OPTIONS
content-type
text/plain
access-control-allow-origin
https://itsallinanutshell.com
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gZw%2BfWApoL18urXc1tDpmyDm%2Ba0AAcqGTxS81P7zRVTZW8QK8k8Uk%2FZz6gu05Xgd%2F6BCyAFpjwtV1433dl3tZ%2BdAqe%2F3E4kLLC9sxY0ZWDvDkyZEJ8T2Ukkys0bRYlp8QN09RxqKgrqdG7Q%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=14400
access-control-allow-credentials
true
vary
Accept-Encoding,Origin,Access-Control-Request-Method,Access-Control-Request-Headers
accept-ranges
bytes
cf-ray
7f8607558ac8c457-EWR
access-control-allow-headers
Content-Type
army.gif
itsallinanutshell.com/porpoiseant/
0
16 B
Ping
General
Full URL
https://itsallinanutshell.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNzk5OTE5Mjg5NzY1MzcyNyIsImRvbWFpbl9pZCI6IjQ5Njk5NiIsInVuaXQiOiJkaXYtZ3B0LWFkLWl0c2FsbGluYW51dHNoZWxsX2NvbS1lZGdlLTEtMCIsInRfZXBvY2giOjE2OTIzMTg0MTQsImFkX3Bvc2l0aW9uIjoxMTAxLCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiVVMiLCJwYWdldmlld19pZCI6ImI2NGZkMWVkLWRkM2MtNDhlMy00NTZlLTU0NWVhZTU4YzgxNSIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6NDk3NDkwNDI3MiwiY3JlYXRpdmVfaWQiOjEzODI0MTEyMzUxNywiZGF0YSI6W3sibmFtZSI6InRfbG9jYWxfZGF0ZSIsInZhbCI6IjIwMjMtMDgtMTcifSx7Im5hbWUiOiJ0X2xvY2FsX2hvdXIiLCJ2YWwiOiIxNCJ9LHsibmFtZSI6InRfbG9jYWxfZGF5X29mX3dlZWsiLCJ2YWwiOiI0In0seyJuYW1lIjoidF9sb2NhbF90aW1lem9uZSIsInZhbCI6IjYwMCJ9XSwiaXNfb3JpZyI6ZmFsc2V9XQ==
Requested by
Host: www.ezojs.com
URL: https://www.ezojs.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-17y07-2y1e-7y0b-6y0d-27y13-4y16-3y18-4y1c-5y21-4y22-1y25-2y24-5y26-3y29-72y2c-158y30-176y34-4y36-21y3a-12y3b-6y59-2y5d-22&cmbcb=178&sj=x04x02x06x07x1ex0bx0dx13x16x18x1cx21x22x25x24x26x29x2cx30x34x36x3ax3bx59x5d&abt=EdgeHostDomain
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1f10:4c55:e23f:afb4:7f32:3aa4:fbc Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://itsallinanutshell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

access-control-allow-origin
https://itsallinanutshell.com
x-middleton-display
ezp_sol
date
Fri, 18 Aug 2023 00:27:01 GMT
cache-control
private, max-age=0, must-revalidate, no-cache, no-store
vary
Accept-Encoding
expires
Thu, 17 Aug 2023 00:27:01 GMT
army.gif
itsallinanutshell.com/porpoiseant/
0
16 B
Ping
General
Full URL
https://itsallinanutshell.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImF1Y3Rpb24iLCJpbXByZXNzaW9uX2lkIjoiNzk5OTE5Mjg5NzY1MzcyNyIsImRvbWFpbl9pZCI6IjQ5Njk5NiIsInVuaXQiOiJkaXYtZ3B0LWFkLWl0c2FsbGluYW51dHNoZWxsX2NvbS1lZGdlLTEtMCIsInRfZXBvY2giOjE2OTIzMTg0MTQsImF1Y3Rpb25fZXBvY2giOjE2OTIzMTg0MjEsImFkX3Bvc2l0aW9uIjoxMTAxLCJjb3VudHJ5X2NvZGUiOiJVUyIsInBhZ2V2aWV3X2lkIjoiYjY0ZmQxZWQtZGQzYy00OGUzLTQ1NmUtNTQ1ZWFlNThjODE1IiwiYmlkX2Zsb29yX2luaXRpYWwiOjEyMCwiYmlkX2Zsb29yX3ByZXYiOjIyLCJiaWRfZmxvb3JfZmlsbGVkIjoyLCJhdWN0aW9uX2NvdW50Ijo0LCJyZWZyZXNoX2FkX2NvdW50IjowLCJhdWN0aW9uX2R1cmF0aW9uIjo1NjMsIm11bHRpX2FkX3VuaXQiOjAsIm11bHRpX2FkX2NvdW50IjowLCJuZXR3b3JrX2NvZGUiOjIxNzMyMTE4OTE0LCJkYXRhIjpbeyJuYW1lIjoiIiwidmFsIjoiIn1dLCJsaW5lX2l0ZW1faWQiOjQ5NzQ5MDQyNzJ9XQ==
Requested by
Host: www.ezojs.com
URL: https://www.ezojs.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-17y07-2y1e-7y0b-6y0d-27y13-4y16-3y18-4y1c-5y21-4y22-1y25-2y24-5y26-3y29-72y2c-158y30-176y34-4y36-21y3a-12y3b-6y59-2y5d-22&cmbcb=178&sj=x04x02x06x07x1ex0bx0dx13x16x18x1cx21x22x25x24x26x29x2cx30x34x36x3ax3bx59x5d&abt=EdgeHostDomain
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1f10:4c55:e23f:afb4:7f32:3aa4:fbc Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://itsallinanutshell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

access-control-allow-origin
https://itsallinanutshell.com
x-middleton-display
ezp_sol
date
Fri, 18 Aug 2023 00:27:01 GMT
cache-control
private, max-age=0, must-revalidate, no-cache, no-store
vary
Accept-Encoding
expires
Thu, 17 Aug 2023 00:27:01 GMT
container.html
f9aff9bef49e1270a22b691c950b742a.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 0491
6 KB
3 KB
Document
General
Full URL
https://f9aff9bef49e1270a22b691c950b742a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308150101/pubads_impl.js?cb=31077123
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2001 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://itsallinanutshell.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
age
6
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 18 Aug 2023 00:26:55 GMT
expires
Sat, 17 Aug 2024 00:26:55 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
army.gif
itsallinanutshell.com/porpoiseant/
0
16 B
Ping
General
Full URL
https://itsallinanutshell.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNDkzMTkxODk2MTYyNzA4NiIsImRvbWFpbl9pZCI6IjQ5Njk5NiIsInVuaXQiOiJkaXYtZ3B0LWFkLWl0c2FsbGluYW51dHNoZWxsX2NvbS1lZGdlLTItMCIsInRfZXBvY2giOjE2OTIzMTg0MTQsImFkX3Bvc2l0aW9uIjoxMTAyLCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiVVMiLCJwYWdldmlld19pZCI6ImI2NGZkMWVkLWRkM2MtNDhlMy00NTZlLTU0NWVhZTU4YzgxNSIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6NDk3NTQwMjMxOSwiY3JlYXRpdmVfaWQiOjEzODI0MTEyMzUxNywiZGF0YSI6W3sibmFtZSI6InJlZnJlc2hfY291bnQiLCJ2YWwiOiI0In1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiI0OTMxOTE4OTYxNjI3MDg2IiwiZG9tYWluX2lkIjoiNDk2OTk2IiwidW5pdCI6ImRpdi1ncHQtYWQtaXRzYWxsaW5hbnV0c2hlbGxfY29tLWVkZ2UtMi0wIiwidF9lcG9jaCI6MTY5MjMxODQxNCwiYWRfcG9zaXRpb24iOjExMDIsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJVUyIsInBhZ2V2aWV3X2lkIjoiYjY0ZmQxZWQtZGQzYy00OGUzLTQ1NmUtNTQ1ZWFlNThjODE1IiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjo0OTc1NDAyMzE5LCJjcmVhdGl2ZV9pZCI6MTM4MjQxMTIzNTE3LCJkYXRhIjpbeyJuYW1lIjoiZmlsbGVkX2JpZF9oYXNoIiwidmFsIjoiZmY2NTQ4OTE4NGE4YmQ3NDViNTg4MzIzYWIxYjRlMjIsYjZjOThhOGJiMTU3NjRmMWM0ZWUzMzFkY2I3MjQxNzgifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6IjQ5MzE5MTg5NjE2MjcwODYiLCJkb21haW5faWQiOiI0OTY5OTYiLCJ1bml0IjoiZGl2LWdwdC1hZC1pdHNhbGxpbmFudXRzaGVsbF9jb20tZWRnZS0yLTAiLCJ0X2Vwb2NoIjoxNjkyMzE4NDE0LCJyZXZlbnVlIjowLCJlc3RfcmV2ZW51ZSI6MC4wMDAwMiwiYWRfcG9zaXRpb24iOjExMDIsImFkX3NpemUiOiIiLCJiaWRfZmxvb3JfZmlsbGVkIjowLjAwMDAyLCJiaWRfZmxvb3JfcHJldiI6MC4wMDAyMiwic3RhdF9zb3VyY2VfaWQiOjM1LCJjb3VudHJ5X2NvZGUiOiJVUyIsInBhZ2V2aWV3X2lkIjoiYjY0ZmQxZWQtZGQzYy00OGUzLTQ1NmUtNTQ1ZWFlNThjODE1IiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjo0OTc1NDAyMzE5LCJjcmVhdGl2ZV9pZCI6MTM4MjQxMTIzNTE3LCJkYXRhIjpbeyJuYW1lIjoibG9hZGVkIiwidmFsIjoiMSJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNDkzMTkxODk2MTYyNzA4NiIsImRvbWFpbl9pZCI6IjQ5Njk5NiIsInVuaXQiOiJkaXYtZ3B0LWFkLWl0c2FsbGluYW51dHNoZWxsX2NvbS1lZGdlLTItMCIsInRfZXBvY2giOjE2OTIzMTg0MTQsImFkX3Bvc2l0aW9uIjoxMTAyLCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiVVMiLCJwYWdldmlld19pZCI6ImI2NGZkMWVkLWRkM2MtNDhlMy00NTZlLTU0NWVhZTU4YzgxNSIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6NDk3NTQwMjMxOSwiY3JlYXRpdmVfaWQiOjEzODI0MTEyMzUxNywiZGF0YSI6W3sibmFtZSI6ImNyZWF0aXZlX2lkIiwidmFsIjoiMTM4MjQxMTIzNTE3In1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiI0OTMxOTE4OTYxNjI3MDg2IiwiZG9tYWluX2lkIjoiNDk2OTk2IiwidW5pdCI6ImRpdi1ncHQtYWQtaXRzYWxsaW5hbnV0c2hlbGxfY29tLWVkZ2UtMi0wIiwidF9lcG9jaCI6MTY5MjMxODQxNCwiYWRfcG9zaXRpb24iOjExMDIsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJVUyIsInBhZ2V2aWV3X2lkIjoiYjY0ZmQxZWQtZGQzYy00OGUzLTQ1NmUtNTQ1ZWFlNThjODE1IiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjo0OTc1NDAyMzE5LCJjcmVhdGl2ZV9pZCI6MTM4MjQxMTIzNTE3LCJkYXRhIjpbeyJuYW1lIjoibGluZWl0ZW1faWQiLCJ2YWwiOiI0OTc1NDAyMzE5In1dLCJpc19vcmlnIjpmYWxzZX1d
Requested by
Host: www.ezojs.com
URL: https://www.ezojs.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-17y07-2y1e-7y0b-6y0d-27y13-4y16-3y18-4y1c-5y21-4y22-1y25-2y24-5y26-3y29-72y2c-158y30-176y34-4y36-21y3a-12y3b-6y59-2y5d-22&cmbcb=178&sj=x04x02x06x07x1ex0bx0dx13x16x18x1cx21x22x25x24x26x29x2cx30x34x36x3ax3bx59x5d&abt=EdgeHostDomain
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1f10:4c55:e23f:afb4:7f32:3aa4:fbc Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://itsallinanutshell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

access-control-allow-origin
https://itsallinanutshell.com
x-middleton-display
ezp_sol
date
Fri, 18 Aug 2023 00:27:01 GMT
cache-control
private, max-age=0, must-revalidate, no-cache, no-store
vary
Accept-Encoding
expires
Thu, 17 Aug 2023 00:27:01 GMT
4975402319
go.ezodn.com/dac/
0
581 B
XHR
General
Full URL
https://go.ezodn.com/dac/4975402319
Requested by
Host: www.ezojs.com
URL: https://www.ezojs.com/porpoiseant/banger.js?cb=195-0&bv=257&v=76&PageSpeed=off
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:e2::ac40:8817 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://itsallinanutshell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 00:27:01 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
0
last-modified
Fri, 18 Aug 2023 00:15:35 GMT
server
cloudflare
access-control-max-age
1728000
access-control-allow-methods
GET, POST, PUT, OPTIONS
content-type
text/plain
access-control-allow-origin
https://itsallinanutshell.com
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NgwuhSqAF4adacn6LHrvRdh2y0gUMf4M5joNAmtSaPpXq4%2FT1vAMPbA%2FAGZPhNbJfo7KB%2BFlRU9OdroarYWDoqdvgEHZd%2F4JTrvYYx9FWUi8J1WJ1qKCK9wIJXtQRPikAAyQ%2F1GfOVtaSm8%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=14400
access-control-allow-credentials
true
vary
Accept-Encoding,Origin,Access-Control-Request-Method,Access-Control-Request-Headers
accept-ranges
bytes
cf-ray
7f860755fb83c457-EWR
access-control-allow-headers
Content-Type
army.gif
itsallinanutshell.com/porpoiseant/
0
16 B
Ping
General
Full URL
https://itsallinanutshell.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNDkzMTkxODk2MTYyNzA4NiIsImRvbWFpbl9pZCI6IjQ5Njk5NiIsInVuaXQiOiJkaXYtZ3B0LWFkLWl0c2FsbGluYW51dHNoZWxsX2NvbS1lZGdlLTItMCIsInRfZXBvY2giOjE2OTIzMTg0MTQsImFkX3Bvc2l0aW9uIjoxMTAyLCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiVVMiLCJwYWdldmlld19pZCI6ImI2NGZkMWVkLWRkM2MtNDhlMy00NTZlLTU0NWVhZTU4YzgxNSIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6NDk3NTQwMjMxOSwiY3JlYXRpdmVfaWQiOjEzODI0MTEyMzUxNywiZGF0YSI6W3sibmFtZSI6InRfbG9jYWxfZGF0ZSIsInZhbCI6IjIwMjMtMDgtMTcifSx7Im5hbWUiOiJ0X2xvY2FsX2hvdXIiLCJ2YWwiOiIxNCJ9LHsibmFtZSI6InRfbG9jYWxfZGF5X29mX3dlZWsiLCJ2YWwiOiI0In0seyJuYW1lIjoidF9sb2NhbF90aW1lem9uZSIsInZhbCI6IjYwMCJ9XSwiaXNfb3JpZyI6ZmFsc2V9XQ==
Requested by
Host: www.ezojs.com
URL: https://www.ezojs.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-17y07-2y1e-7y0b-6y0d-27y13-4y16-3y18-4y1c-5y21-4y22-1y25-2y24-5y26-3y29-72y2c-158y30-176y34-4y36-21y3a-12y3b-6y59-2y5d-22&cmbcb=178&sj=x04x02x06x07x1ex0bx0dx13x16x18x1cx21x22x25x24x26x29x2cx30x34x36x3ax3bx59x5d&abt=EdgeHostDomain
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1f10:4c55:e23f:afb4:7f32:3aa4:fbc Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://itsallinanutshell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

access-control-allow-origin
https://itsallinanutshell.com
x-middleton-display
ezp_sol
date
Fri, 18 Aug 2023 00:27:01 GMT
cache-control
private, max-age=0, must-revalidate, no-cache, no-store
vary
Accept-Encoding
expires
Thu, 17 Aug 2023 00:27:01 GMT
army.gif
itsallinanutshell.com/porpoiseant/
0
16 B
Ping
General
Full URL
https://itsallinanutshell.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImF1Y3Rpb24iLCJpbXByZXNzaW9uX2lkIjoiNDkzMTkxODk2MTYyNzA4NiIsImRvbWFpbl9pZCI6IjQ5Njk5NiIsInVuaXQiOiJkaXYtZ3B0LWFkLWl0c2FsbGluYW51dHNoZWxsX2NvbS1lZGdlLTItMCIsInRfZXBvY2giOjE2OTIzMTg0MTQsImF1Y3Rpb25fZXBvY2giOjE2OTIzMTg0MjEsImFkX3Bvc2l0aW9uIjoxMTAyLCJjb3VudHJ5X2NvZGUiOiJVUyIsInBhZ2V2aWV3X2lkIjoiYjY0ZmQxZWQtZGQzYy00OGUzLTQ1NmUtNTQ1ZWFlNThjODE1IiwiYmlkX2Zsb29yX2luaXRpYWwiOjEyMCwiYmlkX2Zsb29yX3ByZXYiOjIyLCJiaWRfZmxvb3JfZmlsbGVkIjoyLCJhdWN0aW9uX2NvdW50Ijo0LCJyZWZyZXNoX2FkX2NvdW50IjowLCJhdWN0aW9uX2R1cmF0aW9uIjo2NDEsIm11bHRpX2FkX3VuaXQiOjAsIm11bHRpX2FkX2NvdW50IjowLCJuZXR3b3JrX2NvZGUiOjIxNzMyMTE4OTE0LCJkYXRhIjpbeyJuYW1lIjoiIiwidmFsIjoiIn1dLCJsaW5lX2l0ZW1faWQiOjQ5NzU0MDIzMTl9XQ==
Requested by
Host: www.ezojs.com
URL: https://www.ezojs.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-17y07-2y1e-7y0b-6y0d-27y13-4y16-3y18-4y1c-5y21-4y22-1y25-2y24-5y26-3y29-72y2c-158y30-176y34-4y36-21y3a-12y3b-6y59-2y5d-22&cmbcb=178&sj=x04x02x06x07x1ex0bx0dx13x16x18x1cx21x22x25x24x26x29x2cx30x34x36x3ax3bx59x5d&abt=EdgeHostDomain
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1f10:4c55:e23f:afb4:7f32:3aa4:fbc Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://itsallinanutshell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

access-control-allow-origin
https://itsallinanutshell.com
x-middleton-display
ezp_sol
date
Fri, 18 Aug 2023 00:27:01 GMT
cache-control
private, max-age=0, must-revalidate, no-cache, no-store
vary
Accept-Encoding
expires
Thu, 17 Aug 2023 00:27:01 GMT
adconf
s.pubmine.com/
724 B
749 B
XHR
General
Full URL
https://s.pubmine.com/adconf?pvid=bfe7a08a-4e58-41fe-8b0f-ce80eb63daf9&rid=6926229013800
Requested by
Host: c0.pubmine.com
URL: https://c0.pubmine.com/2.37.11677685674593/ata.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.23.11.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-23-11-45.compute-1.amazonaws.com
Software
nginx /
Resource Hash
3918580cdace4adee5bfeafe65b12155db271301f2841dd59a121c8c0a1ca793

Request headers

Referer
https://itsallinanutshell.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-type
text/plain

Response headers

Date
Fri, 18 Aug 2023 00:27:01 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
Content-Type
text/javascript; charset=utf-8
Access-Control-Allow-Origin
https://itsallinanutshell.com
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
match
events-ssc.33across.com/ Frame 3002
Redirect Chain
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=33across&us_privacy=&khaos=LLFUOWMM-1P-IU2L
  • https://ssc-cms.33across.com/ps/?xi=1&xu=LLFUOWMM-1P-IU2L
  • https://events-ssc.33across.com/match?bidder_id=30&external_user_id=LLFUOWMM-1P-IU2L&ts=1692318421&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
68 B
82 B
Image
General
Full URL
https://events-ssc.33across.com/match?bidder_id=30&external_user_id=LLFUOWMM-1P-IU2L&ts=1692318421&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=33across&endpoint=us-east&us_privacy=
Protocol
H3
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 00:27:01 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Fri, 18 Aug 2023 00:27:01 GMT
referrer-policy
unsafe-url
server
33XP001
x-33x-status
8000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://events-ssc.33across.com/match?bidder_id=30&external_user_id=LLFUOWMM-1P-IU2L&ts=1692318421&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame 2CE9
577 B
1005 B
Script
General
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=47794766&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.81 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
86a4259f69590a5e5331dceb9310fe5b4f6a5273caf5f43e1a597e08364035b0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Fri, 18 Aug 2023 00:27:00 GMT
content-length
577
content-type
text/html; charset=UTF-8
cksync.php
contextual.media.net/ Frame 8991
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=medianet&khaos=LLFUOWMM-1P-IU2L
  • https://contextual.media.net/cksync.php?type=rbcn&ovsid=LLFUOWMM-1P-IU2L
61 B
459 B
Image
General
Full URL
https://contextual.media.net/cksync.php?type=rbcn&ovsid=LLFUOWMM-1P-IU2L
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=medianet
Protocol
H2
Server
23.52.158.180 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-158-180.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
cc0e716595a20cd577f4cba25c11b4b54d92311f5f4bf22b992af281cabbc0c7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Fri, 18 Aug 2023 00:27:01 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
61
x-mnet-hl2
E
expires
Fri, 18 Aug 2023 00:27:01 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://contextual.media.net/cksync.php?type=rbcn&ovsid=LLFUOWMM-1P-IU2L
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
7d24643e640b7b50906469aa87bfb2ce
Expires
0
usync.html
eus.rubiconproject.com/ Frame 0DB5
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=synacor_xapi&endpoint=us-east
  • https://eus.rubiconproject.com/usync.html?p=synacor_xapi&endpoint=us-east
281 B
401 B
Document
General
Full URL
https://eus.rubiconproject.com/usync.html?p=synacor_xapi&endpoint=us-east
Requested by
Host: ad-cdn.technoratimedia.com
URL: https://ad-cdn.technoratimedia.com/html/usersync.html?cb=https%3A%2F%2Fs.pubmine.com%2Fmatch%3Fbidder_id%3D30%26ssp_data%3Dde349555-d0ff-4738-bf5a-71b2f3727eaa%26rid%3D%26us_privacy%3D%26gdpr%3D0%26gdpr_consent%3D%26external_user_id%3D%5BUSER_ID%5D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
72.247.65.83 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a72-247-65-83.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://ad-cdn.technoratimedia.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
content-encoding
gzip
content-length
233
content-type
text/html; charset=UTF-8
date
Fri, 18 Aug 2023 00:27:01 GMT
etag
"403b9-119-5ec73a0a33d00"
last-modified
Wed, 02 Nov 2022 02:30:44 GMT
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Fri, 18 Aug 2023 00:27:01 GMT
location
https://eus.rubiconproject.com/usync.html?p=synacor_xapi&endpoint=us-east
server
AkamaiGHost
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 7261
15 KB
6 KB
Document
General
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156344&userIdMacro=%24UID%24&predirect=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D45%26uid%3D%24UID%24
Requested by
Host: ad-cdn.technoratimedia.com
URL: https://ad-cdn.technoratimedia.com/html/usersync.html?cb=https%3A%2F%2Fs.pubmine.com%2Fmatch%3Fbidder_id%3D30%26ssp_data%3Dde349555-d0ff-4738-bf5a-71b2f3727eaa%26rid%3D%26us_privacy%3D%26gdpr%3D0%26gdpr_consent%3D%26external_user_id%3D%5BUSER_ID%5D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.22.40.190 Liljeholmen, Sweden, ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE),
Reverse DNS
a2-22-40-190.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423

Request headers

Referer
https://ad-cdn.technoratimedia.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=158040
content-encoding
gzip
content-length
5606
content-type
text/html
date
Fri, 18 Aug 2023 00:27:01 GMT
expires
Sat, 19 Aug 2023 20:21:01 GMT
last-modified
Tue, 11 Jul 2023 09:39:35 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
cm
us-u.openx.net/w/1.0/ Frame 4A1C
1 KB
730 B
Document
General
Full URL
https://us-u.openx.net/w/1.0/cm?id=8da2f9dd-77de-4961-a71d-959c5609fdb1&ph=9c552f28-6766-4d68-8e0e-995276acc8c6&r=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D50%26uid%3D%7BOPENX_ID%7D
Requested by
Host: ad-cdn.technoratimedia.com
URL: https://ad-cdn.technoratimedia.com/html/usersync.html?cb=https%3A%2F%2Fs.pubmine.com%2Fmatch%3Fbidder_id%3D30%26ssp_data%3Dde349555-d0ff-4738-bf5a-71b2f3727eaa%26rid%3D%26us_privacy%3D%26gdpr%3D0%26gdpr_consent%3D%26external_user_id%3D%5BUSER_ID%5D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
b342d4e2fece3c3f717417b53bb8e59f1ff4f37826535b007d7d76c51f17428c

Request headers

Referer
https://ad-cdn.technoratimedia.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
711
content-type
text/html
date
Fri, 18 Aug 2023 00:27:01 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
/
de.tynt.com/deb/ Frame 8329
Redirect Chain
  • https://pixel.33across.com/ps?m=xch&rt=html&id=0014000001aXjnGAAS&ru=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D61%26uid%3D33XUSERID33X
  • https://de.tynt.com/deb/?m=xch&rt=html&id=0014000001aXjnGAAS&ru=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D61%26uid%3D33XUSERID33X
2 KB
3 KB
Document
General
Full URL
https://de.tynt.com/deb/?m=xch&rt=html&id=0014000001aXjnGAAS&ru=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D61%26uid%3D33XUSERID33X
Requested by
Host: ad-cdn.technoratimedia.com
URL: https://ad-cdn.technoratimedia.com/html/usersync.html?cb=https%3A%2F%2Fs.pubmine.com%2Fmatch%3Fbidder_id%3D30%26ssp_data%3Dde349555-d0ff-4738-bf5a-71b2f3727eaa%26rid%3D%26us_privacy%3D%26gdpr%3D0%26gdpr_consent%3D%26external_user_id%3D%5BUSER_ID%5D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.34 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip34.67-202-105.static.steadfastdns.net
Software
/
Resource Hash
a65b3283670eb5cdf03ddd685b0fdacb8ae103f4bc7501d65cdb64a43603004d

Request headers

Referer
https://ad-cdn.technoratimedia.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Model, Sec-CH-UA-Full-Version-List, Sec-CH-UA, Sec-CH-UA-Mobile
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
content-length
2111
content-type
text/html
date
Fri, 18 Aug 2023 00:27:01 GMT
expires
Sat, 26 Jul 1997 05:00:00 GMT
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
referrer-policy
unsafe-url

Redirect headers

cache-control
no-store, no-cache, must-revalidate
content-length
0
date
Fri, 18 Aug 2023 00:27:00 GMT
expires
Thu, 01-Jan-70 00:00:01 GMT
location
https://de.tynt.com/deb/?m=xch&rt=html&id=0014000001aXjnGAAS&ru=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D61%26uid%3D33XUSERID33X
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
pragma
no-cache
referrer-policy
unsafe-url
server
33XP014
x-33x-status
8340000A
/
onetag-sys.com/usync/ Frame 7E37
2 KB
814 B
Document
General
Full URL
https://onetag-sys.com/usync/?pubId=572a470226457b8
Requested by
Host: ad-cdn.technoratimedia.com
URL: https://ad-cdn.technoratimedia.com/html/usersync.html?cb=https%3A%2F%2Fs.pubmine.com%2Fmatch%3Fbidder_id%3D30%26ssp_data%3Dde349555-d0ff-4738-bf5a-71b2f3727eaa%26rid%3D%26us_privacy%3D%26gdpr%3D0%26gdpr_consent%3D%26external_user_id%3D%5BUSER_ID%5D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.222.39.185 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip185.ip-51-222-39.net
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://ad-cdn.technoratimedia.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
content-type
text/html
strict-transport-security
max-age=15552000
sync
eb2.3lift.com/ Frame D9D2
1 KB
2 KB
Document
General
Full URL
https://eb2.3lift.com/sync?redir=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D88%26uid%3D%24UID
Requested by
Host: ad-cdn.technoratimedia.com
URL: https://ad-cdn.technoratimedia.com/html/usersync.html?cb=https%3A%2F%2Fs.pubmine.com%2Fmatch%3Fbidder_id%3D30%26ssp_data%3Dde349555-d0ff-4738-bf5a-71b2f3727eaa%26rid%3D%26us_privacy%3D%26gdpr%3D0%26gdpr_consent%3D%26external_user_id%3D%5BUSER_ID%5D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
75cf2f501c8272994e358a8ca7b8ef8a438d14ea537eedaf1c4579e94dc40462

Request headers

Referer
https://ad-cdn.technoratimedia.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
1175
content-type
text/html; charset=utf-8
date
Fri, 18 Aug 2023 00:27:01 GMT
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
services
uat-net.technoratimedia.com/ Frame 73A6
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=technoratimedia&ttd_tpi=1
  • https://uat-net.technoratimedia.com/services?srv=cs&pid=7&uid=0487fdef-dbcb-4472-91ea-091af86a64fb
0
1 KB
Image
General
Full URL
https://uat-net.technoratimedia.com/services?srv=cs&pid=7&uid=0487fdef-dbcb-4472-91ea-091af86a64fb
Protocol
H2
Server
2603:c020:400d:3000:f50:982a:7877:65bd Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ad-cdn.technoratimedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 00:27:01 GMT
via
1.1 varnish
server
nginx
age
0
access-control-allow-methods
POST,GET,HEAD,OPTIONS
x-varnish
333125891
access-control-allow-origin
https://ad-cdn.technoratimedia.com/
access-control-allow-credentials
true

Redirect headers

location
https://uat-net.technoratimedia.com/services?srv=cs&pid=7&uid=0487fdef-dbcb-4472-91ea-091af86a64fb
date
Fri, 18 Aug 2023 00:27:01 GMT
server
Kestrel
content-length
227
services
sync.technoratimedia.com/ Frame 73A6
Redirect Chain
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D46%26uid%3D%24UID
  • https://sync.technoratimedia.com/services?srv=cs&pid=46&uid=4664318827337647392
0
1 KB
Image
General
Full URL
https://sync.technoratimedia.com/services?srv=cs&pid=46&uid=4664318827337647392
Protocol
H2
Server
2603:c020:400d:3000:f50:982a:7877:65bd Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ad-cdn.technoratimedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 00:27:01 GMT
via
1.1 varnish
server
nginx
age
0
access-control-allow-methods
POST,GET,HEAD,OPTIONS
x-varnish
374407941
access-control-allow-origin
https://ad-cdn.technoratimedia.com/
access-control-allow-credentials
true

Redirect headers

pragma
no-cache
date
Fri, 18 Aug 2023 00:27:01 GMT
an-x-request-uuid
63f46f37-e95d-4bf3-9a78-581b6847b353
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://sync.technoratimedia.com/services?srv=cs&pid=46&uid=4664318827337647392
x-proxy-origin
96.9.249.38; 96.9.249.38; 797.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
services
sync.technoratimedia.com/ Frame 73A6
Redirect Chain
  • https://gum.criteo.com/sync?c=372&r=1&u=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D64%26uid%3D%40USERID%40
  • https://sync.technoratimedia.com/services?srv=cs&pid=64&uid=cwlIkGy7grZ-wETS61NMEPK3j_UEoTgk
0
1 KB
Image
General
Full URL
https://sync.technoratimedia.com/services?srv=cs&pid=64&uid=cwlIkGy7grZ-wETS61NMEPK3j_UEoTgk
Protocol
H2
Server
2603:c020:400d:3000:f50:982a:7877:65bd Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ad-cdn.technoratimedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 00:27:01 GMT
via
1.1 varnish
server
nginx
age
0
access-control-allow-methods
POST,GET,HEAD,OPTIONS
x-varnish
373590649
access-control-allow-origin
https://ad-cdn.technoratimedia.com/
access-control-allow-credentials
true

Redirect headers

location
https://sync.technoratimedia.com/services?srv=cs&pid=64&uid=cwlIkGy7grZ-wETS61NMEPK3j_UEoTgk
date
Fri, 18 Aug 2023 00:27:01 GMT
cache-control
private, max-age=0, no-cache, no-store, must-revalidate
strict-transport-security
max-age=31536000; preload;
server
Kestrel
server-processing-duration-in-ticks
1279086
content-length
0
services
sync.technoratimedia.com/ Frame 73A6
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/syn
  • https://sync.technoratimedia.com/services?uid=AABOFk7JvXYAACqoHL5WIg&srv=cs&pid=73
0
788 B
Image
General
Full URL
https://sync.technoratimedia.com/services?uid=AABOFk7JvXYAACqoHL5WIg&srv=cs&pid=73
Protocol
H2
Server
2603:c020:400d:3000:f50:982a:7877:65bd Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ad-cdn.technoratimedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 00:27:01 GMT
via
1.1 varnish
server
nginx
age
0
access-control-allow-methods
POST,GET,HEAD,OPTIONS
x-varnish
314318546
access-control-allow-origin
https://ad-cdn.technoratimedia.com/
access-control-allow-credentials
true

Redirect headers

location
https://sync.technoratimedia.com/services?uid=AABOFk7JvXYAACqoHL5WIg&srv=cs&pid=73
Date
Fri, 18 Aug 2023 00:27:01 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
RX-0ec53a30-df5a-48f0-bcf0-e0134c0f42b3-005
sync.targeting.unrulymedia.com/csync/ Frame 73A6
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=synacor&redir=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D76%26uid%3D%5BRX_UUID%5D
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=5815294294
  • https://sync.1rx.io/usersync/tradedesk/0487fdef-dbcb-4472-91ea-091af86a64fb
  • https://sync.targeting.unrulymedia.com/csync/RX-0ec53a30-df5a-48f0-bcf0-e0134c0f42b3-005
43 B
452 B
Image
General
Full URL
https://sync.targeting.unrulymedia.com/csync/RX-0ec53a30-df5a-48f0-bcf0-e0134c0f42b3-005
Protocol
HTTP/1.1
Server
199.127.204.171 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
Tengine /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ad-cdn.technoratimedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date
Fri, 18 Aug 2023 00:27:02 GMT
Server
Tengine
Connection
keep-alive
Content-Length
43
P3P
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"

Redirect headers

Pragma
no-cache
Date
Fri, 18 Aug 2023 00:27:02 GMT
Server
Tengine
Transfer-Encoding
chunked
Content-Type
text/html
Location
https://sync.targeting.unrulymedia.com/csync/RX-0ec53a30-df5a-48f0-bcf0-e0134c0f42b3-005
Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Expires
0
services
sync.technoratimedia.com/ Frame 73A6
Redirect Chain
  • https://ad.360yield.com/server_match?partner_id=1669&r=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D79%26uid%3D%7BPUB_USER_ID%7D
  • https://sync.technoratimedia.com/services?srv=cs&pid=79&uid=6e611e0d-248a-42aa-aae5-d95b1b85c6a2
0
912 B
Image
General
Full URL
https://sync.technoratimedia.com/services?srv=cs&pid=79&uid=6e611e0d-248a-42aa-aae5-d95b1b85c6a2
Protocol
H2
Server
2603:c020:400d:3000:f50:982a:7877:65bd Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ad-cdn.technoratimedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 00:27:01 GMT
via
1.1 varnish
server
nginx
age
0
access-control-allow-methods
POST,GET,HEAD,OPTIONS
x-varnish
99869159
access-control-allow-origin
https://ad-cdn.technoratimedia.com/
access-control-allow-credentials
true

Redirect headers

location
https://sync.technoratimedia.com/services?srv=cs&pid=79&uid=6e611e0d-248a-42aa-aae5-d95b1b85c6a2
access-control-allow-origin
*
date
Fri, 18 Aug 2023 00:27:01 GMT
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
services
uat-net.technoratimedia.com/ Frame 73A6
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58266/sync?redir=true
  • https://uat-net.technoratimedia.com/services?srv=cs&pid=80&uid=y-SPUeQ.BE2uEay9y6jnTfDrHFadYvSXQV~A
0
1 KB
Image
General
Full URL
https://uat-net.technoratimedia.com/services?srv=cs&pid=80&uid=y-SPUeQ.BE2uEay9y6jnTfDrHFadYvSXQV~A
Protocol
H2
Server
2603:c020:400d:3000:f50:982a:7877:65bd Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ad-cdn.technoratimedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 00:27:01 GMT
via
1.1 varnish
server
nginx
age
0
access-control-allow-methods
POST,GET,HEAD,OPTIONS
x-varnish
374407943
access-control-allow-origin
https://ad-cdn.technoratimedia.com/
access-control-allow-credentials
true

Redirect headers

location
https://uat-net.technoratimedia.com/services?srv=cs&pid=80&uid=y-SPUeQ.BE2uEay9y6jnTfDrHFadYvSXQV~A
date
Fri, 18 Aug 2023 00:27:01 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.75
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
services
sync.technoratimedia.com/ Frame 73A6
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=191740&cb=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D82%26uid%3D
  • https://sync.technoratimedia.com/services?srv=cs&pid=82&uid=ZN660gpfgXVAgUl4ibXoLAAA%261363
0
1 KB
Image
General
Full URL
https://sync.technoratimedia.com/services?srv=cs&pid=82&uid=ZN660gpfgXVAgUl4ibXoLAAA%261363
Protocol
H2
Server
2603:c020:400d:3000:f50:982a:7877:65bd Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ad-cdn.technoratimedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 00:27:01 GMT
via
1.1 varnish
server
nginx
age
0
access-control-allow-methods
POST,GET,HEAD,OPTIONS
x-varnish
256130555
access-control-allow-origin
https://ad-cdn.technoratimedia.com/
access-control-allow-credentials
true

Redirect headers

Pragma
no-cache
Date
Fri, 18 Aug 2023 00:27:01 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://sync.technoratimedia.com/services?srv=cs&pid=82&uid=ZN660gpfgXVAgUl4ibXoLAAA%261363
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
0
Expires
0
services
sync.technoratimedia.com/ Frame 73A6
Redirect Chain
  • https://sync.aralego.com/idSync?ucf_nid=par-488A3E6BD8D997D0ED8B3BD34D8BA4B&ucf_user_id=0ACA07A79B244833993E8B9798357D18&redirect=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%...
  • https://sync.technoratimedia.com/services?srv=cs&pid=37&uid=9d143149-e6b6-3937-95a5-82158078bdc6
0
2 KB
Image
General
Full URL
https://sync.technoratimedia.com/services?srv=cs&pid=37&uid=9d143149-e6b6-3937-95a5-82158078bdc6
Protocol
H2
Server
2603:c020:400d:3000:f50:982a:7877:65bd Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ad-cdn.technoratimedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 00:27:01 GMT
via
1.1 varnish
server
nginx
age
0
access-control-allow-methods
POST,GET,HEAD,OPTIONS
x-varnish
373590657
access-control-allow-origin
https://ad-cdn.technoratimedia.com/
access-control-allow-credentials
true

Redirect headers

Location
https://sync.technoratimedia.com/services?srv=cs&pid=37&uid=9d143149-e6b6-3937-95a5-82158078bdc6
Date
Fri, 18 Aug 2023 00:27:01 GMT
Connection
close
Content-Length
118
Vary
Accept, Accept-Encoding
Content-Type
text/plain; charset=utf-8
sync
x.bidswitch.net/ Frame 73A6
0
213 B
Image
General
Full URL
https://x.bidswitch.net/sync?ssp=synacor&user_id=0ACA07A79B244833993E8B9798357D18
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.211.178.172 North Charleston, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS
172.178.211.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ad-cdn.technoratimedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date
Fri, 18 Aug 2023 00:27:01 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
Content-Type
text/html; charset=UTF-8
services
sync.technoratimedia.com/ Frame 73A6
Redirect Chain
  • https://synacor-match.dotomi.com/match/bounce/current?networkId=63258&version=1&nuid=0ACA07A79B244833993E8B9798357D18&rurl=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D49%26...
  • https://synacor-match.dotomi.com/match/bounce/current?DotomiTest=1ea1693851e20fcc&is_secure=true&networkId=63258&version=1&nuid=0ACA07A79B244833993E8B9798357D18&rurl=https%3A%2F%2Fsync.technoratime...
  • https://sync.technoratimedia.com/services?srv=cs&pid=49&uid=AAAHAF6brCrOaQMFkWA6AAAAAAA&expiration=1692404821&nuid=0ACA07A79B244833993E8B9798357D18&is_secure=true
0
2 KB
Image
General
Full URL
https://sync.technoratimedia.com/services?srv=cs&pid=49&uid=AAAHAF6brCrOaQMFkWA6AAAAAAA&expiration=1692404821&nuid=0ACA07A79B244833993E8B9798357D18&is_secure=true
Protocol
H2
Server
2603:c020:400d:3000:f50:982a:7877:65bd Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ad-cdn.technoratimedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 00:27:02 GMT
via
1.1 varnish
server
nginx
age
0
access-control-allow-methods
POST,GET,HEAD,OPTIONS
x-varnish
304122358
access-control-allow-origin
https://ad-cdn.technoratimedia.com/
access-control-allow-credentials
true

Redirect headers

pragma
no-cache
date
Fri, 18 Aug 2023 00:27:01 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://sync.technoratimedia.com/services?srv=cs&pid=49&uid=AAAHAF6brCrOaQMFkWA6AAAAAAA&expiration=1692404821&nuid=0ACA07A79B244833993E8B9798357D18&is_secure=true
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
services
sync.technoratimedia.com/ Frame 73A6
Redirect Chain
  • https://contextual.media.net/cksync.php?cs=3&type=syn&ovsid=0ACA07A79B244833993E8B9798357D18&redir=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D62%26uid%3D%5BUSER_ID%5D
  • https://sync.technoratimedia.com/services?srv=cs&pid=62&uid=3353200176634272000V10
0
2 KB
Image
General
Full URL
https://sync.technoratimedia.com/services?srv=cs&pid=62&uid=3353200176634272000V10
Protocol
H2
Server
2603:c020:400d:3000:f50:982a:7877:65bd Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ad-cdn.technoratimedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 00:27:02 GMT
via
1.1 varnish
server
nginx
age
0
access-control-allow-methods
POST,GET,HEAD,OPTIONS
x-varnish
374407951
access-control-allow-origin
https://ad-cdn.technoratimedia.com/
access-control-allow-credentials
true

Redirect headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Fri, 18 Aug 2023 00:27:01 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
location
https://sync.technoratimedia.com/services?srv=cs&pid=62&uid=3353200176634272000V10
content-type
text/html
cache-control
max-age=0, no-cache, no-store
content-length
154
x-mnet-hl2
E
expires
Fri, 18 Aug 2023 00:27:01 GMT
rtb-h
sync.taboola.com/sg/synacorrtb-network/1/ Frame 73A6
0
230 B
Image
General
Full URL
https://sync.taboola.com/sg/synacorrtb-network/1/rtb-h?taboola_hm=0ACA07A79B244833993E8B9798357D18
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.224.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ad-cdn.technoratimedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 00:27:01 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
33405
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 44CF
13 KB
5 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2001 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://itsallinanutshell.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
age
63890
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 17 Aug 2023 06:42:11 GMT
expires
Fri, 16 Aug 2024 06:42:11 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 1CB3
831 B
555 B
Document
General
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:806::2004 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
9513e310d8e5be6b1388347f4f48bae1490edacdbcd6bd98d6bf3bb6678d9b5a
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-2OepD1TXeGtGLbjjUdGNMw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://itsallinanutshell.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
533
content-security-policy
script-src 'report-sample' 'nonce-2OepD1TXeGtGLbjjUdGNMw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 18 Aug 2023 00:27:01 GMT
expires
Fri, 18 Aug 2023 00:27:01 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
3.js
c0.pubmine.com/2.37.11677685674593/
401 KB
133 KB
Script
General
Full URL
https://c0.pubmine.com/2.37.11677685674593/3.js
Requested by
Host: c0.pubmine.com
URL: https://c0.pubmine.com/2.37.11677685674593/ata.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.38 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
d2c8d7c78689480749ffe806a16a96c4cfff117983c8c71c4b3d8aa408f15642
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://itsallinanutshell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-nc
HIT jfk 1
date
Fri, 18 Aug 2023 00:27:01 GMT
content-encoding
gzip
strict-transport-security
max-age=15552000
last-modified
Wed, 01 Mar 2023 15:53:00 GMT
server
nginx
x-amz-cf-pop
BUD50-C1
x-amz-server-side-encryption
AES256
vary
Accept-Encoding, Origin
content-type
application/javascript
cache-control
max-age=31536000
afr.php
ads.us.criteo.com/delivery/r/ Frame 3B86
50 KB
20 KB
Document
General
Full URL
https://ads.us.criteo.com/delivery/r/afr.php?z=ZN661AAM2KMKcQcGAA7PGOjH8m904Lmu7T3c5g&u=%7CkJTEXR2E7n6H2vMt%2FbpcigZmNUYqrqcweD2ddrMHON4%3D%7C&c1=rrpYFVpNqCuoMy_CN5j4rxwPFZaGZeBOQ-EedF60xEliq5YP9z1apJap4arQkRalnRQaPAWFzRiIk9kJCWZFKyCGRd_c0B-JXhFAU475GBt8De_gNLdI-YTn0vdIVKRDv5cIbvKIbf1lTLWajec_wXooZ_1e1TlPu1p4zkZ0dHzwcJkJp4wt24E-SoASPe8085DwZGrHLKx7FjRrMhvgma9rqwJBriX7baTe39vKvj8cfT0m_5Jc2R7cvLvgew6g7TA3kr2d3-QlNsbirD9LLwpNYYabYSsIlvfywNviSR0ucUfdLV6I83ZFHfXj5Lti82N4kCza9icTTZQ-zsQS4N_wK2KVtv97vq5H9NMWkz8iVdPo4vv97F_3TuSbIMCQaZ978nLFSVu4Xt_Sxni7uKf_QP82ar-JBLC_IlKnqdFHTP5mq5_q0nhLEN1WEgYRg86kuI_FTEGit_-a1SMhpHJINjOPIB70_mWrd7UCqQNsamMpKH8FM9uFTWj6g8RQpmf2AsCXuj1G-QCSLQecAG1QdwdSdkr7hM-iiRCf9NUcM_vcjAF2IyCVpSGEJ_361UCMOVmk64sfH8rc9W0swyw0Jak29FTQ3im26v5m-45iG_-9YpkhxSsm_eJiQcjqfwxliU6cggFZoYOPmt8yL0z9pMfygojHxB1yfWdP1_4&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC-2Kb1LreZKOxM4aOxAOYnruoApyB77BcosqnqnTAjbcBEAEgAGDJ7o6LwKSMEIIBF2NhLXB1Yi01OTAyMDgzMjg1MzAyNzc5yAEJ4AIAqAMByAMCqgSXAk_QCvkI55bdIAMMppe0X3GLegMEx20iUszlOqNOOQSZBNSvm3CY4nnBz6hOoaBChzIJBU7uw2mT5pmhW1iJRDoxGICQlYM_AatcjbVWcCMVfFHnujKHr5TG6fAb-smBtAgMcKs0rYLX04f_Ud72MGZj2chAZxWQ1M6zVfH40L_K7oqIg8ReiESWTJzt13aPrRKF0sUi75t88oEPqQUR3EP5bg1yB2e47wWGf1uwUlqSk3XBzGVh2Hdp2G5NOQsebVsVs6QSTrBr72PrPPjCjO5pfX1FAphdTZ13Plxgpt68nY_p6-zmHe1IrE7x0Bya7YKT6kG76gCd_OiJNWGIlURpVVzsS20WBkRCUleuJQfPo9Iozy467uAEAYAGw9Szoo-Xu5jwAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBIIgGEQATICigI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3pfle1HgnHpw_VxIs4WptOZPnRdQ%26client%3Dca-pub-5902083285302779%26adurl%3D
Requested by
Host: f9aff9bef49e1270a22b691c950b742a.safeframe.googlesyndication.com
URL: https://f9aff9bef49e1270a22b691c950b742a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::24 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
9a204fcc6d9861548ca2cc2ea08a4db64c8f6d050b166d4e0ef87faec037b29c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://f9aff9bef49e1270a22b691c950b742a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Fri, 18 Aug 2023 00:27:01 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.us.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://csm.us.criteo.net/heavyad?cppv=3&cpp=DTgy9FzppUpv7SBAQZfuap0U4pArbCCQelfXMdICIlf7snmpgLFmLPg2N3TUnLIpG2fQoF0HP-99qIL3Sv_5KlASLInRJULHqjdpE1cPj6JoarmMLy7-2ogU4g-bmPOIMJDuXSDgBcwcyQ9xFU1zU7MLA74q3brcUWfaqLfgHR0B4J9N2A0BISJZsKBaUrryUG6M9BmJXouQVS4GbHj5ausAixlPmCEK1QIe44f9G-Gx_4VMOlDcPlB57-uQ1M27iE8Rhnrzbif1i95R"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
4225546
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230816/r20110914/client/ Frame A955
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230816/r20110914/client/window_focus_fy2021.js
Requested by
Host: f9aff9bef49e1270a22b691c950b742a.safeframe.googlesyndication.com
URL: https://f9aff9bef49e1270a22b691c950b742a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2001 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://f9aff9bef49e1270a22b691c950b742a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 14:23:39 GMT
content-encoding
br
x-content-type-options
nosniff
age
36202
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 31 Aug 2023 14:23:39 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 0F8E
1 KB
643 B
Document
General
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: f9aff9bef49e1270a22b691c950b742a.safeframe.googlesyndication.com
URL: https://f9aff9bef49e1270a22b691c950b742a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2002 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://f9aff9bef49e1270a22b691c950b742a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
59177
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 17 Aug 2023 08:00:44 GMT
etag
48472445140208031
expires
Fri, 18 Aug 2023 08:00:44 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230816/r20110914/client/ Frame A955
20 KB
8 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230816/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: f9aff9bef49e1270a22b691c950b742a.safeframe.googlesyndication.com
URL: https://f9aff9bef49e1270a22b691c950b742a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2001 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://f9aff9bef49e1270a22b691c950b742a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 14:23:40 GMT
content-encoding
br
x-content-type-options
nosniff
age
36201
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8273
x-xss-protection
0
server
cafe
etag
16365778639179992903
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 31 Aug 2023 14:23:40 GMT
l
www.google.com/ads/measurement/ Frame A955
0
0
Image
General
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaR1M78y6rI4Ydb47jA53Nkmo0q6ELYH8mncI1xtK62e4cyln2etJqmkzyTR4yoWgJBA2Xa_C83Ove0bVF_ZPE02dK42cQ
Requested by
Host: f9aff9bef49e1270a22b691c950b742a.safeframe.googlesyndication.com
URL: https://f9aff9bef49e1270a22b691c950b742a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:806::2004 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://f9aff9bef49e1270a22b691c950b742a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame A955
24 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: f9aff9bef49e1270a22b691c950b742a.safeframe.googlesyndication.com
URL: https://f9aff9bef49e1270a22b691c950b742a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2001 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://f9aff9bef49e1270a22b691c950b742a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 06:42:11 GMT
content-encoding
br
x-content-type-options
nosniff
age
63890
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 16 Aug 2024 06:42:11 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame A955
180 KB
56 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: f9aff9bef49e1270a22b691c950b742a.safeframe.googlesyndication.com
URL: https://f9aff9bef49e1270a22b691c950b742a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2002 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
78ae55fc0ceb8ac07f56b87f7886371e91a57dafb6ee5154f317b7bb11da12a7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://f9aff9bef49e1270a22b691c950b742a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 00:27:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57620
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1692185840427238"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 18 Aug 2023 00:27:03 GMT
afr.php
ads.us.criteo.com/delivery/r/ Frame 560A
52 KB
20 KB
Document
General
Full URL
https://ads.us.criteo.com/delivery/r/afr.php?z=ZN661AAMluUIaAIQAAVVH3AX_h0Jm9RmMgBCJQ&u=%7CkJTEXR2E7n5Sm4KdTlExw3yuuKHAPgFlh07vpQYOmec%3D%7C&c1=TUPLs6ok1IhDgnvJmJgq2b8G6XvEBIvqi4VSciU_LzelNdNdJTtEK_lEZrcR-2V6vqRGFL537dByUwzXjpSA5Ow3obWN48gwzc8YHWzylIlVQ1fL1DisA3RLP01PKoZalfF8iieAiuL9Ti0zHMK4IE5WL2_AmODQ-JwWZ7ZgOkjq-055CZvSb-buq4UmwKu4lpb8IEjtBSpKDOxsb5bogUrIpkINSRZ1cfsEadBIfxyDMu-oW9hVlt4YG4LcRsWqoqVEWjh-66sgrS8W93gj_7v0mYTFb2m4XWu-_nBBI7NQ_g4P-lksRyLGB_8PpydolVXUE5uHi4jexAqXi96UKZQ6A4TYaPi4tZ6wYA3ICrp7u0QoUArNyjR1ya-o7AFULfMwUHXwSEVJCNRUprca2G6RBdGYLLx9IwHrrxB0GWEKWm2KkhghloL9oFxUdWLMfhA64RBYBqzF1EwCQdtxfkaNWl0Jz8-GLQCefP4yvd5x1K6cnpy0ORk-gPzzoWwSm3QcXihQ-jm-zw7lD-nukOYzsosOQ-ngsWYOr6HdL3TRs_DezygmschQmuZmp3JZlfYNRBVSR4Wn_wQx91ZLALfTrI9Rx9dOELpAV29GXFuNAOQkzW1t33r798h3iw0tbG-bMK_3tI5crDr1bX9nry6A9WrhG5cL&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCf6Ma1LreZOWtMpCEoPMPn6qVqAycge-wXKLKp6p0wI23ARABIABgye6Oi8CkjBCCARdjYS1wdWItNTkwMjA4MzI4NTMwMjc3OcgBCeACAKgDAcgDAqoElwJP0N13jtU72H5cWz_68Pgaq7lwxpUFxGL_V2de2YKmBcAUmrePw_Hd6NX7wv2qVhb33muZO85PPCHVcPB3s248zYvMydjS2iKHVvQ5RCSpredJvMDW-zVf6nOnV1FIhTrn8bTEqFxZt5sdn9horo01vWxGaJQfvrlzUQQ3udRCfbKWrP0D1oEYM5QttOK9TPLcVq7byaHk9s9HX7pTL36stnhUJwx4hzELSZEavrPRutFwa5_JsFNtDcZsJzAr9CuC1Mwn1JxTa1XTDewKPd_8ms1DQFjsppuAWNqVD2eZpWuHyrIdl28-EJMAH1L-nGkhDgaKk1gRGD-Kei0GYSUVaMh5-_2jY0pe9Cvh_mZUaOw46WuHJG_gBAGABsPUs6KPl7uY8AGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggSCIBhEAEyAooCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3_OvBywo0wtcx3fjCvCyGoXNzZbg%26client%3Dca-pub-5902083285302779%26adurl%3D
Requested by
Host: f9aff9bef49e1270a22b691c950b742a.safeframe.googlesyndication.com
URL: https://f9aff9bef49e1270a22b691c950b742a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::24 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
a39f7912f7063c137edc0be924f7f6bba59fe831b470adbcec32cbb49ed10b93
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://f9aff9bef49e1270a22b691c950b742a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Fri, 18 Aug 2023 00:27:01 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.us.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://csm.us.criteo.net/heavyad?cppv=3&cpp=jY8nnFzppUpv7SBAwHgVgRPZaCHcnT8aLySoPYFCfYvb7cblXv7BOQjhw4NP1kRPniOF_-BplGdN2gV9cO5YrDEQW55gjmLsxuCBOEoYZ8tHH00GCzS-HtOqLX1hG0lvcTOHRQS02lLhDc5ZGx-0IW0i-U-0s9hjyk_ghYoON2hjlhJHi7ri7nVQQOHdLj_IsSVF2Ir57plCG2sy-Pg6bixxO9NVCmx2-Y7cummf7yisO9LQL6AWV3i1LOXa_1SvvlcAUZ1aZk48oioR"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
5085778
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230816/r20110914/client/ Frame 0491
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230816/r20110914/client/window_focus_fy2021.js
Requested by
Host: f9aff9bef49e1270a22b691c950b742a.safeframe.googlesyndication.com
URL: https://f9aff9bef49e1270a22b691c950b742a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2001 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://f9aff9bef49e1270a22b691c950b742a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 14:23:39 GMT
content-encoding
br
x-content-type-options
nosniff
age
36202
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 31 Aug 2023 14:23:39 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 1A63
1 KB
643 B
Document
General
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: f9aff9bef49e1270a22b691c950b742a.safeframe.googlesyndication.com
URL: https://f9aff9bef49e1270a22b691c950b742a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2002 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://f9aff9bef49e1270a22b691c950b742a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
59177
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 17 Aug 2023 08:00:44 GMT
etag
48472445140208031
expires
Fri, 18 Aug 2023 08:00:44 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230816/r20110914/client/ Frame 0491
20 KB
8 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230816/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: f9aff9bef49e1270a22b691c950b742a.safeframe.googlesyndication.com
URL: https://f9aff9bef49e1270a22b691c950b742a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2001 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://f9aff9bef49e1270a22b691c950b742a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 14:23:40 GMT
content-encoding
br
x-content-type-options
nosniff
age
36201
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8273
x-xss-protection
0
server
cafe
etag
16365778639179992903
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 31 Aug 2023 14:23:40 GMT
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 0491
24 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: f9aff9bef49e1270a22b691c950b742a.safeframe.googlesyndication.com
URL: https://f9aff9bef49e1270a22b691c950b742a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2001 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://f9aff9bef49e1270a22b691c950b742a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 06:42:11 GMT
content-encoding
br
x-content-type-options
nosniff
age
63890
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 16 Aug 2024 06:42:11 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 0491
180 KB
56 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: f9aff9bef49e1270a22b691c950b742a.safeframe.googlesyndication.com
URL: https://f9aff9bef49e1270a22b691c950b742a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2002 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
78ae55fc0ceb8ac07f56b87f7886371e91a57dafb6ee5154f317b7bb11da12a7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://f9aff9bef49e1270a22b691c950b742a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 00:27:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57620
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1692185840427238"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 18 Aug 2023 00:27:03 GMT
bootstrap-4.3.1.min.css
assets.mlcdn.com/ml/bootstrap/css/ Frame 11BE
152 KB
23 KB
Stylesheet
General
Full URL
https://assets.mlcdn.com/ml/bootstrap/css/bootstrap-4.3.1.min.css
Requested by
Host: assets.mailerlite.com
URL: https://assets.mailerlite.com/jsonp/450750/forms/r2AANV/content?v=1692317900
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:6cb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c2f351631f19a94a51c59c1d56abf5f8c29e4254bb15c2cb31d9c406cde48b11

Request headers

accept-language
en-US,en;q=0.9
Referer
https://assets.mailerlite.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 00:27:01 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 17 Aug 2023 23:58:30 GMT
server
cloudflare
age
1711
vary
Origin, Accept-Encoding
access-control-allow-methods
HEAD,GET,OPTIONS
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=691200
cf-ray
7f860757ae734bd3-BUF
jquery-3.3.1.slim.min.js
assets.mlcdn.com/ml/jquery/ Frame 11BE
68 KB
24 KB
Script
General
Full URL
https://assets.mlcdn.com/ml/jquery/jquery-3.3.1.slim.min.js
Requested by
Host: assets.mailerlite.com
URL: https://assets.mailerlite.com/jsonp/450750/forms/r2AANV/content?v=1692317900
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:6cb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a37c6f7d5a009da940943dc23de6ede50599df22dda28346aeebb4649bd9cb45

Request headers

accept-language
en-US,en;q=0.9
Referer
https://assets.mailerlite.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 00:27:01 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 17 Aug 2023 23:58:30 GMT
server
cloudflare
age
1711
vary
Origin, Accept-Encoding
access-control-allow-methods
HEAD,GET,OPTIONS
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=691200
cf-ray
7f860757ae754bd3-BUF
popper.min.js
cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.7/umd/ Frame 11BE
21 KB
7 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.7/umd/popper.min.js
Requested by
Host: assets.mailerlite.com
URL: https://assets.mailerlite.com/jsonp/450750/forms/r2AANV/content?v=1692317900
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
66f3a07e1fa9b64a686b66381e4458dbc8abf3dbbff954720c4eec07b84411c2
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://assets.mailerlite.com/
Origin
https://assets.mailerlite.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 00:27:01 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
1919178
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
6645
last-modified
Thu, 22 Jun 2023 11:16:21 GMT
server
cloudflare
cf-cdnjs-via
cfworker/r2
etag
"64942d85-19f5"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rgdkNmPjmx%2F0XJenbM8x4kcV3JvGDbZpqDMoyekUimAQnUca%2BQjDa%2BEwfttwCnAJd%2BMJmNnFcztBLPqp0yir6MJGfvsaXfgMWZMQ9oGeAJHOIPPMjtn%2BTJ0IRXyMV7TLqlmiQql9vmf%2FutSfBxaBTa9g"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7f8607581bfe4bc0-BUF
expires
Wed, 07 Aug 2024 00:27:01 GMT
bootstrap-4.3.1.min.js
assets.mlcdn.com/ml/bootstrap/js/ Frame 11BE
57 KB
15 KB
Script
General
Full URL
https://assets.mlcdn.com/ml/bootstrap/js/bootstrap-4.3.1.min.js
Requested by
Host: assets.mailerlite.com
URL: https://assets.mailerlite.com/jsonp/450750/forms/r2AANV/content?v=1692317900
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:6cb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e184f406380108ed797bf9d0eebd49b314d360f89882aee36ae771924a412e7d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://assets.mailerlite.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 00:27:01 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 17 Aug 2023 23:58:30 GMT
server
cloudflare
age
1711
vary
Origin, Accept-Encoding
access-control-allow-methods
HEAD,GET,OPTIONS
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=691200
cf-ray
7f860757ae764bd3-BUF
webforms.min.js
groot.mailerlite.com/js/w/ Frame 11BE
11 KB
4 KB
Script
General
Full URL
https://groot.mailerlite.com/js/w/webforms.min.js?v08a893c96141fbc55feeeeac1fda7508
Requested by
Host: assets.mailerlite.com
URL: https://assets.mailerlite.com/jsonp/450750/forms/r2AANV/content?v=1692317900
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:c45 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
31d4a4356e8058eaaf4e9dc93d93f7cca92d79de5c159a8c2a9ae2193953c58a
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://assets.mailerlite.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 00:27:02 GMT
strict-transport-security
max-age=15724800; includeSubDomains
via
Ingress
cf-cache-status
REVALIDATED
content-encoding
br
last-modified
Thu, 10 Aug 2023 07:35:35 GMT
server
cloudflare
etag
W/"64d49347-2cbd"
access-control-max-age
1728000
access-control-allow-methods
GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=432000
access-control-allow-credentials
true
vary
Accept-Encoding
cf-ray
7f8607580bfd4bc0-BUF
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization,X-MailerLite-Account,X-MailerLite-Token
expires
Wed, 23 Aug 2023 00:27:02 GMT
fonts.css
assets.mlcdn.com/ Frame 11BE
1 KB
530 B
Stylesheet
General
Full URL
https://assets.mlcdn.com/fonts.css?version=1683642
Requested by
Host: assets.mailerlite.com
URL: https://assets.mailerlite.com/jsonp/450750/forms/r2AANV/content?v=1692317900
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:6cb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b9d61e1cdaa802cdc30f619c7cf16e0a8dfb2667f6009afe27b37810d9a7ed2e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://assets.mailerlite.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 00:27:01 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Fri, 18 Aug 2023 00:26:54 GMT
server
cloudflare
age
7
vary
Origin, Accept-Encoding
access-control-allow-methods
HEAD,GET,OPTIONS
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=691200
cf-ray
7f860757ae744bd3-BUF
wKfMPpnNIPsuf9cQDx1Nw1AzVkhlSpc7cp40LN36.jpg
storage.mlcdn.com/account_image/450750/ Frame 11BE
164 KB
165 KB
Image
General
Full URL
https://storage.mlcdn.com/account_image/450750/wKfMPpnNIPsuf9cQDx1Nw1AzVkhlSpc7cp40LN36.jpg
Requested by
Host: assets.mailerlite.com
URL: https://assets.mailerlite.com/jsonp/450750/forms/r2AANV/content?v=1692317900
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:6cb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fb9da2eee0ed7927944de42f7555abd829bf1d5cdb44516cc43131f6bf6cb0a0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://assets.mailerlite.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 00:27:02 GMT
cf-cache-status
MISS
x-guploader-uploadid
ADPycducVShuxMXloH_Ry0Ft3hCzi26UVJNdN8RH77zeRoQg247JJaD_Lw2TwtUp-cWFgpmO_npsZ6ZlDCOEGNdhjuZNqQ
x-goog-storage-class
REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-length
168105
last-modified
Tue, 23 May 2023 16:47:03 GMT
server
cloudflare
etag
"ae4cee1b7ed5029d59af9589b7609fef"
vary
Accept-Encoding
x-goog-generation
1684860423200680
content-type
image/jpeg
x-goog-hash
crc32c=suemIA==, md5=rkzuG37VAp1Zr5WJt2Cf7w==
cache-control
public, max-age=691200
x-goog-stored-content-length
168105
accept-ranges
bytes
cf-ray
7f86075cee854bd3-BUF
expires
Fri, 18 Aug 2023 01:27:02 GMT
api.js
www.google.com/recaptcha/ Frame 11BE
850 B
577 B
Script
General
Full URL
https://www.google.com/recaptcha/api.js
Requested by
Host: assets.mailerlite.com
URL: https://assets.mailerlite.com/jsonp/450750/forms/r2AANV/content?v=1692317900
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:806::2004 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
2fbf8198ca7c1c7c388bf35472ca4824c7d20604a31af2b29c85a647abc9aeb0
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://assets.mailerlite.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 00:27:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
556
x-xss-protection
1; mode=block
expires
Fri, 18 Aug 2023 00:27:02 GMT
facebook.png
assets.mlcdn.com/ml/images/icons/default/round/black/ Frame 11BE
2 KB
2 KB
Image
General
Full URL
https://assets.mlcdn.com/ml/images/icons/default/round/black/facebook.png
Requested by
Host: assets.mailerlite.com
URL: https://assets.mailerlite.com/jsonp/450750/forms/r2AANV/content?v=1692317900
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:6cb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6572d79b2b894c2c7b28312350d3553a753675e78229b9142e2e1882baeb0d1b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://assets.mailerlite.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 00:27:02 GMT
cf-cache-status
HIT
last-modified
Thu, 17 Aug 2023 23:39:10 GMT
cf-bgj
imgq:85,h2pri
server
cloudflare
age
2872
cf-polished
status=not_needed
vary
Origin, Accept-Encoding
access-control-allow-methods
HEAD,GET,OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=691200
accept-ranges
bytes
cf-ray
7f86075dae8f4bd3-BUF
content-length
1838
instagram.png
assets.mlcdn.com/ml/images/icons/default/round/black/ Frame 11BE
3 KB
3 KB
Image
General
Full URL
https://assets.mlcdn.com/ml/images/icons/default/round/black/instagram.png
Requested by
Host: assets.mailerlite.com
URL: https://assets.mailerlite.com/jsonp/450750/forms/r2AANV/content?v=1692317900
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:6cb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
846743c227d81e77edd849d905bc8d97553265f0777fd352f4bb1ef2e2d18be5

Request headers

accept-language
en-US,en;q=0.9
Referer
https://assets.mailerlite.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 00:27:03 GMT
server
cloudflare
vary
Origin, Accept-Encoding
access-control-allow-methods
HEAD,GET,OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=14400
cf-ray
7f86075dae904bd3-BUF
content-length
2691
youtube.png
assets.mlcdn.com/ml/images/icons/default/round/black/ Frame 11BE
2 KB
2 KB
Image
General
Full URL
https://assets.mlcdn.com/ml/images/icons/default/round/black/youtube.png
Requested by
Host: assets.mailerlite.com
URL: https://assets.mailerlite.com/jsonp/450750/forms/r2AANV/content?v=1692317900
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:6cb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d8920c61bbe3d45583f0fae3443f5d36ee9073b27efdab8012df6b9f9a02025a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://assets.mailerlite.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 00:27:02 GMT
cf-cache-status
HIT
last-modified
Fri, 18 Aug 2023 00:09:21 GMT
server
cloudflare
age
1061
vary
Origin, Accept-Encoding
access-control-allow-methods
HEAD,GET,OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=691200
accept-ranges
bytes
cf-ray
7f86075dae914bd3-BUF
content-length
2425
created-with-mailerlite.png
assets.mlcdn.com/ml/logo/ Frame 11BE
3 KB
3 KB
Image
General
Full URL
https://assets.mlcdn.com/ml/logo/created-with-mailerlite.png
Requested by
Host: assets.mailerlite.com
URL: https://assets.mailerlite.com/jsonp/450750/forms/r2AANV/content?v=1692317900
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:6cb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
63966fc6b5d82ed7b606f3251cc45047f06af17d6d1b92dcac3f8369b76a7867

Request headers

accept-language
en-US,en;q=0.9
Referer
https://assets.mailerlite.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 00:27:02 GMT
cf-cache-status
HIT
last-modified
Fri, 18 Aug 2023 00:02:58 GMT
server
cloudflare
age
1444
vary
Origin, Accept-Encoding
access-control-allow-methods
HEAD,GET,OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=691200
accept-ranges
bytes
cf-ray
7f86075dae924bd3-BUF
content-length
2560
publishertag.prebid.js
static.criteo.net/js/ld/
95 KB
31 KB
Script
General
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?cb=195-0-60
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
33849beaed6f34c2defe2ea3610a424d05730d79a9af10e3cf67e070af0694e0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://itsallinanutshell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 00:27:01 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 03 Aug 2023 11:12:29 GMT
server
nginx
etag
W/"64cb8b9d-17ba9"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 19 Aug 2023 00:27:01 GMT
integrator.js
adservice.google.com/adsid/
107 B
165 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=itsallinanutshell.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:809::2002 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://itsallinanutshell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 00:27:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
usersync
usersync.gumgum.com/ Frame 4A9C
35 B
250 B
Document
General
Full URL
https://usersync.gumgum.com/usersync?b=pbm&i=2A9490F3-08AC-45EE-95C7-6A357A3D2EFD
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
3.214.33.241 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-214-33-241.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Fri, 18 Aug 2023 00:27:01 GMT
Expires
0
Pragma
no-cache
syncMe
synchroscript.deliveryengine.adswizz.com/ Frame 5BDD
0
397 B
Image
General
Full URL
https://synchroscript.deliveryengine.adswizz.com/syncMe?partnerDomain=mrtnsvr.com&idType=cookie&partnerUserId=2A9490F3-08AC-45EE-95C7-6A357A3D2EFD&gdpr=0&gdpr_consent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fs.pubmine.com%2Fmatch%3Fbidder_id%3D25%26ssp_data%3Dde349555-d0ff-4738-bf5a-71b2f3727eaa%26rid%3D%26us_privacy%3D%26gdpr%3D0%26gdpr_consent%3D%26external_user_id%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.246.241.162 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-246-241-162.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date
Fri, 18 Aug 2023 00:27:01 GMT
X-Clacks-Overhead
GNU Terry Pratchett
X-Adswizz-request-id
f383d460-3d5d-11ee-93d6-02502437a23b
Connection
keep-alive
Content-Length
0
X-Application-Context
application:production
Instance-id
i-0647e0df97d83064c
396846.gif
idsync.rlcdn.com/ Frame 5BDD
Redirect Chain
  • https://idsync.rlcdn.com/712188.gif?partner_uid=2A9490F3-08AC-45EE-95C7-6A357A3D2EFD&gdpr=0&gdpr_consent=
  • https://us-u.openx.net/w/1.0/cm?id=e508c905-ddce-4732-92a4-0b0f5b72a28f&r=https%3A%2F%2Fidsync.rlcdn.com%2F396846.gif%3Fserved_by%3Devergreen%26partner_uid%3D
  • https://idsync.rlcdn.com/396846.gif?served_by=evergreen&partner_uid=84c66859-68f8-4f2a-ace7-5db8be351563
42 B
60 B
Image
General
Full URL
https://idsync.rlcdn.com/396846.gif?served_by=evergreen&partner_uid=84c66859-68f8-4f2a-ace7-5db8be351563
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fs.pubmine.com%2Fmatch%3Fbidder_id%3D25%26ssp_data%3Dde349555-d0ff-4738-bf5a-71b2f3727eaa%26rid%3D%26us_privacy%3D%26gdpr%3D0%26gdpr_consent%3D%26external_user_id%3D
Protocol
H3
Server
35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.60.190.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 00:27:02 GMT
via
1.1 google
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

date
Fri, 18 Aug 2023 00:27:01 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://idsync.rlcdn.com/396846.gif?served_by=evergreen&partner_uid=84c66859-68f8-4f2a-ace7-5db8be351563
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
gdpr_consent=
bcp.crwdcntrl.net/map/c=14701/tp=MTAI/tpid=2A9490F3-08AC-45EE-95C7-6A357A3D2EFD/gdpr=0/ Frame 5BDD
49 B
264 B
Image
General
Full URL
https://bcp.crwdcntrl.net/map/c=14701/tp=MTAI/tpid=2A9490F3-08AC-45EE-95C7-6A357A3D2EFD/gdpr=0/gdpr_consent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fs.pubmine.com%2Fmatch%3Fbidder_id%3D25%26ssp_data%3Dde349555-d0ff-4738-bf5a-71b2f3727eaa%26rid%3D%26us_privacy%3D%26gdpr%3D0%26gdpr_consent%3D%26external_user_id%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.238.96.3 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-238-96-3.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 00:27:01 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.40.4.128
content-length
49
expires
0
receive
pixel.tapad.com/idsync/ex/ Frame 5BDD
95 B
124 B
Image
General
Full URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=3203&partner_device_id=2A9490F3-08AC-45EE-95C7-6A357A3D2EFD&gdpr=0&gdpr_consent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/prbds2s?gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fs.pubmine.com%2Fmatch%3Fbidder_id%3D25%26ssp_data%3Dde349555-d0ff-4738-bf5a-71b2f3727eaa%26rid%3D%26us_privacy%3D%26gdpr%3D0%26gdpr_consent%3D%26external_user_id%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
62.113.111.34.bc.googleusercontent.com
Software
Jetty(11.0.13) /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 00:27:01 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
content-type
image/png
access-control-allow-origin
*
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95
syncMe
synchroscript.deliveryengine.adswizz.com/ Frame EC99
0
397 B
Image
General
Full URL
https://synchroscript.deliveryengine.adswizz.com/syncMe?partnerDomain=mrtnsvr.com&idType=cookie&partnerUserId=2A9490F3-08AC-45EE-95C7-6A357A3D2EFD&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D2dc5d7ef17b42550%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.246.241.162 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-246-241-162.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date
Fri, 18 Aug 2023 00:27:01 GMT
X-Clacks-Overhead
GNU Terry Pratchett
X-Adswizz-request-id
f3842280-3d5d-11ee-8610-0a750562a0db
Connection
keep-alive
Content-Length
0
X-Application-Context
application:production
Instance-id
i-096e79116de94493d
362358.gif
idsync.rlcdn.com/ Frame EC99
Redirect Chain
  • https://idsync.rlcdn.com/712188.gif?partner_uid=2A9490F3-08AC-45EE-95C7-6A357A3D2EFD&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm
  • https://idsync.rlcdn.com/362358.gif?google_gid=CAESELFHEUiC8qKiPe29Nbr3axQ&google_cver=1
42 B
60 B
Image
General
Full URL
https://idsync.rlcdn.com/362358.gif?google_gid=CAESELFHEUiC8qKiPe29Nbr3axQ&google_cver=1
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fow.pubmatic.com%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID
Protocol
H3
Server
35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.60.190.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 00:27:02 GMT
via
1.1 google
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

pragma
no-cache
date
Fri, 18 Aug 2023 00:27:01 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://idsync.rlcdn.com/362358.gif?google_gid=CAESELFHEUiC8qKiPe29Nbr3axQ&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
289
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gdpr_consent=
bcp.crwdcntrl.net/map/c=14701/tp=MTAI/tpid=2A9490F3-08AC-45EE-95C7-6A357A3D2EFD/gdpr=0/ Frame EC99
49 B
265 B
Image
General
Full URL
https://bcp.crwdcntrl.net/map/c=14701/tp=MTAI/tpid=2A9490F3-08AC-45EE-95C7-6A357A3D2EFD/gdpr=0/gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D2dc5d7ef17b42550%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.238.96.3 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-238-96-3.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 00:27:01 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.40.41.207
content-length
49
expires
0
receive
pixel.tapad.com/idsync/ex/ Frame EC99
95 B
124 B
Image
General
Full URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=3203&partner_device_id=2A9490F3-08AC-45EE-95C7-6A357A3D2EFD&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D2dc5d7ef17b42550%26uid%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
62.113.111.34.bc.googleusercontent.com
Software
Jetty(11.0.13) /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 00:27:01 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
content-type
image/png
access-control-allow-origin
*
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95
um
u-iad04.e-planning.net/ Frame 386F
42 B
103 B
Document
General
Full URL
https://u-iad04.e-planning.net/um?dc=a208d9366469aa64&fi=2dc5d7ef17b42550&uid=2A9490F3-08AC-45EE-95C7-6A357A3D2EFD
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-iad04.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3D2dc5d7ef17b42550%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
172.98.26.245 Ashburn, United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

content-type
image/gif
date
Fri, 18 Aug 2023 00:27:01 GMT
server
openresty
services
sync.technoratimedia.com/ Frame 4A1C
0
780 B
Image
General
Full URL
https://sync.technoratimedia.com/services?srv=cs&pid=50&uid=ec6c5881-c2e8-4179-995e-c32bb34e4a5d
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=8da2f9dd-77de-4961-a71d-959c5609fdb1&ph=9c552f28-6766-4d68-8e0e-995276acc8c6&r=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D50%26uid%3D%7BOPENX_ID%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2603:c020:400d:3000:f50:982a:7877:65bd Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 00:27:01 GMT
via
1.1 varnish
server
nginx
age
0
access-control-allow-methods
POST,GET,HEAD,OPTIONS
x-varnish
190238277
access-control-allow-origin
https://us-u.openx.net/
access-control-allow-credentials
true
sd
us-u.openx.net/w/1.0/ Frame 4A1C
Redirect Chain
  • https://idpix.media6degrees.com/orbserv/hbpix?pixId=856286&pcv=125&ptid=23&tpuv=00&tpu=7dad82b5-bd27-5c7c-04b7-96b8a2633479
  • https://us-u.openx.net/w/1.0/sd?id=537072960&val=0wafngvrzdbj9
43 B
61 B
Image
General
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072960&val=0wafngvrzdbj9
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=8da2f9dd-77de-4961-a71d-959c5609fdb1&ph=9c552f28-6766-4d68-8e0e-995276acc8c6&r=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D50%26uid%3D%7BOPENX_ID%7D
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 00:27:02 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 18 Aug 2023 00:27:01 GMT
cf-cache-status
DYNAMIC
server
cloudflare
p3p
CP="COM NAV INT STA NID OUR IND NOI"
location
https://us-u.openx.net/w/1.0/sd?id=537072960&val=0wafngvrzdbj9
cache-control
no-cache
cf-ray
7f860758ef5b4bc9-BUF
content-length
0
sd
us-u.openx.net/w/1.0/ Frame 4A1C
Redirect Chain
  • https://aorta.clickagy.com/pixel.gif?ch=4&cm=ce8e23da-f7c5-4504-850b-460a639c7a8a&redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537073026%26val%3D%7Bvisitor_id%7D
  • https://us-u.openx.net/w/1.0/sd?id=537073026&val=ZN661n_zJlcXIZg8fIT4ycP2
43 B
61 B
Image
General
Full URL
https://us-u.openx.net/w/1.0/sd?id=537073026&val=ZN661n_zJlcXIZg8fIT4ycP2
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=8da2f9dd-77de-4961-a71d-959c5609fdb1&ph=9c552f28-6766-4d68-8e0e-995276acc8c6&r=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D50%26uid%3D%7BOPENX_ID%7D
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 00:27:02 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

date
Fri, 18 Aug 2023 00:27:02 GMT
server
Aorta/20230816.bd034b287
expect
0
access-control-max-age
31536000
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/plain
location
https://us-u.openx.net/w/1.0/sd?id=537073026&val=ZN661n_zJlcXIZg8fIT4ycP2
access-control-allow-origin
*
access-control-expose-headers
Set-Cookie
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-aorta-region
us-east-1
x-aorta-host
f3e723f343cf
access-control-allow-headers
Origin,cache-control,content-type,man,messagetype,soapaction
content-length
0
dds
rtb.openx.net/sync/ Frame 4A1C
Redirect Chain
  • https://rtb.openx.net/sync/dds
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_hm=DladAww5wGQV6pH8VLdOAQ==&ox_sc=1&ox_init=1
  • https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
43 B
58 B
Image
General
Full URL
https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=8da2f9dd-77de-4961-a71d-959c5609fdb1&ph=9c552f28-6766-4d68-8e0e-995276acc8c6&r=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D50%26uid%3D%7BOPENX_ID%7D
Protocol
H3
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
/
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 00:27:02 GMT
via
1.1 google
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43

Redirect headers

pragma
no-cache
date
Fri, 18 Aug 2023 00:27:02 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
249
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 4A1C
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://us-u.openx.net/w/1.0/sd?id=537073028&val=${ADELPHIC_CUID}
  • https://us-u.openx.net/w/1.0/sd?id=537073028&val=155c8ce4-fcf7-4cee-8d64-d2c9a4d62452
43 B
61 B
Image
General
Full URL
https://us-u.openx.net/w/1.0/sd?id=537073028&val=155c8ce4-fcf7-4cee-8d64-d2c9a4d62452
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=8da2f9dd-77de-4961-a71d-959c5609fdb1&ph=9c552f28-6766-4d68-8e0e-995276acc8c6&r=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D50%26uid%3D%7BOPENX_ID%7D
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 00:27:02 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Location
https://us-u.openx.net/w/1.0/sd?id=537073028&val=155c8ce4-fcf7-4cee-8d64-d2c9a4d62452
Date
Fri, 18 Aug 2023 00:27:01 GMT
Connection
keep-alive
X-CI-RTID
71bc3bc7-3852-4840-9c5f-890ab71ef867
Content-Length
112
Content-Type
text/html; charset=utf-8
sd
us-u.openx.net/w/1.0/ Frame 4A1C
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=4&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072977&val=07e245da-4f06-492e-b7a4-be6d629de3b9-64debad1-5553&gdpr=0&gdpr_consent=
43 B
61 B
Image
General
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072977&val=07e245da-4f06-492e-b7a4-be6d629de3b9-64debad1-5553&gdpr=0&gdpr_consent=
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=8da2f9dd-77de-4961-a71d-959c5609fdb1&ph=9c552f28-6766-4d68-8e0e-995276acc8c6&r=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D50%26uid%3D%7BOPENX_ID%7D
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 00:27:02 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 18 Aug 2023 00:27:01 GMT
server
A
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://us-u.openx.net/w/1.0/sd?id=537072977&val=07e245da-4f06-492e-b7a4-be6d629de3b9-64debad1-5553&gdpr=0&gdpr_consent=
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
receive
pixel.tapad.com/idsync/ex/ Frame 4A1C
95 B
124 B
Image
General
Full URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=1955&partner_device_id=d77e64c3-feb8-44cd-b97f-459db422b5b7
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=8da2f9dd-77de-4961-a71d-959c5609fdb1&ph=9c552f28-6766-4d68-8e0e-995276acc8c6&r=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D50%26uid%3D%7BOPENX_ID%7D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
62.113.111.34.bc.googleusercontent.com
Software
Jetty(11.0.13) /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 00:27:01 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
content-type
image/png
access-control-allow-origin
*
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95
sync
ups.analytics.yahoo.com/ups/58294/ Frame 4A1C
0
179 B
Image
General
Full URL
https://ups.analytics.yahoo.com/ups/58294/sync?_origin=1&uid=ffc494b6-7dd5-4303-a0b9-1c41100d80d2
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=8da2f9dd-77de-4961-a71d-959c5609fdb1&ph=9c552f28-6766-4d68-8e0e-995276acc8c6&r=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D50%26uid%3D%7BOPENX_ID%7D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.200.65.202 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-200-65-202.compute-1.amazonaws.com
Software
ATS/9.1.10.75 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 00:27:01 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.75
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
396846.gif
idsync.rlcdn.com/ Frame 4A1C
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=e508c905-ddce-4732-92a4-0b0f5b72a28f&r=https%3A%2F%2Fid.rlcdn.com%2F464246.gif%3Fpartner_uid%3D%7BOPENX_ID%7D
  • https://id.rlcdn.com/464246.gif?partner_uid=84c66859-68f8-4f2a-ace7-5db8be351563
  • https://us-u.openx.net/w/1.0/cm?id=e508c905-ddce-4732-92a4-0b0f5b72a28f&r=https%3A%2F%2Fidsync.rlcdn.com%2F396846.gif%3Fserved_by%3Devergreen%26partner_uid%3D
  • https://idsync.rlcdn.com/396846.gif?served_by=evergreen&partner_uid=84c66859-68f8-4f2a-ace7-5db8be351563
42 B
60 B
Image
General
Full URL
https://idsync.rlcdn.com/396846.gif?served_by=evergreen&partner_uid=84c66859-68f8-4f2a-ace7-5db8be351563
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=8da2f9dd-77de-4961-a71d-959c5609fdb1&ph=9c552f28-6766-4d68-8e0e-995276acc8c6&r=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D50%26uid%3D%7BOPENX_ID%7D
Protocol
H3
Server
35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.60.190.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 00:27:02 GMT
via
1.1 google
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

date
Fri, 18 Aug 2023 00:27:02 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://idsync.rlcdn.com/396846.gif?served_by=evergreen&partner_uid=84c66859-68f8-4f2a-ace7-5db8be351563
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
sd
us-u.openx.net/w/1.0/ Frame 4A1C
Redirect Chain
  • https://ib.adnxs.com/getuid?https://us-u.openx.net/w/1.0/sd?id=537072399&val=$UID
  • https://us-u.openx.net/w/1.0/sd?id=537072399&val=4664318827337647392
43 B
61 B
Image
General
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072399&val=4664318827337647392
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=8da2f9dd-77de-4961-a71d-959c5609fdb1&ph=9c552f28-6766-4d68-8e0e-995276acc8c6&r=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D50%26uid%3D%7BOPENX_ID%7D
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 00:27:02 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 18 Aug 2023 00:27:01 GMT
an-x-request-uuid
21ab897a-c84d-48ff-974f-0ff47229bc72
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://us-u.openx.net/w/1.0/sd?id=537072399&val=4664318827337647392
x-proxy-origin
96.9.249.38; 96.9.249.38; 797.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 4A1C
Redirect Chain
  • https://ad.turn.com/r/cs?pid=9&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537073061&val=2700558205676423679&gdpr=0&gdpr_consent=&us_privacy=
43 B
61 B
Image
General
Full URL
https://us-u.openx.net/w/1.0/sd?id=537073061&val=2700558205676423679&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=8da2f9dd-77de-4961-a71d-959c5609fdb1&ph=9c552f28-6766-4d68-8e0e-995276acc8c6&r=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D50%26uid%3D%7BOPENX_ID%7D
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 00:27:02 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?id=537073061&val=2700558205676423679&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Fri, 18 Aug 2023 00:27:01 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
usync.js
eus.rubiconproject.com/ Frame 0DB5
34 KB
10 KB
Script
General
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=synacor_xapi&endpoint=us-east
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
72.247.65.83 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a72-247-65-83.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
f05698d815081e9ec8cb78b0175cd62943ef4982e9c6237a91b6c8bcf72a0ec6

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=synacor_xapi&endpoint=us-east
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 00:27:02 GMT
content-encoding
gzip
last-modified
Thu, 17 Aug 2023 04:13:08 GMT
server
Apache/2.2.15 (CentOS)
x-powered-by
PHP/5.3.3
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
cache-control
max-age=13565
content-length
10116
expires
Fri, 18 Aug 2023 04:13:07 GMT
setuid
ib.adnxs.com/prebid/ Frame D9D2
43 B
1 KB
Image
General
Full URL
https://ib.adnxs.com/prebid/setuid?bidder=triplelift_native&gdpr=0&gdpr_consent=&uid=4080762774149756005240
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?redir=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D88%26uid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.161.182 New York, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
797.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 00:27:01 GMT
an-x-request-uuid
865685b1-5bc8-4405-bc17-e3fc534a7341
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
96.9.249.38; 96.9.249.38; 797.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
setuid
ib.adnxs.com/prebid/ Frame D9D2
43 B
1 KB
Image
General
Full URL
https://ib.adnxs.com/prebid/setuid?bidder=triplelift&gdpr=0&gdpr_consent=&uid=4080762774149756005240
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?redir=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D88%26uid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.161.182 New York, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
797.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 00:27:01 GMT
an-x-request-uuid
6c76d21b-9613-4454-99cd-315c92c3b679
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
96.9.249.38; 96.9.249.38; 797.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
xuid
eb2.3lift.com/ Frame D9D2
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://eb2.3lift.com/xuid?mid=3702&xuid=${ADELPHIC_CUID}&dongle=d54f&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=3702&xuid=155c8ce4-fcf7-4cee-8d64-d2c9a4d62452&dongle=d54f&gdpr=0&gdpr_consent=
37 B
354 B
Image
General
Full URL
https://eb2.3lift.com/xuid?mid=3702&xuid=155c8ce4-fcf7-4cee-8d64-d2c9a4d62452&dongle=d54f&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?redir=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D88%26uid%3D%24UID
Protocol
H2
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-type
image/gif
date
Fri, 18 Aug 2023 00:27:02 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Location
https://eb2.3lift.com/xuid?mid=3702&xuid=155c8ce4-fcf7-4cee-8d64-d2c9a4d62452&dongle=d54f&gdpr=0&gdpr_consent=
Date
Fri, 18 Aug 2023 00:27:01 GMT
Connection
keep-alive
X-CI-RTID
55fdf62f-572e-48bb-be1b-237a6d6c8a34
Content-Length
149
Content-Type
text/html; charset=utf-8
xuid
eb2.3lift.com/ Frame D9D2
Redirect Chain
  • https://ad.turn.com/r/cs?pid=49&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=4771&xuid=2700558205676423679&dongle=d407&gdpr=0&gdpr_consent=
37 B
354 B
Image
General
Full URL
https://eb2.3lift.com/xuid?mid=4771&xuid=2700558205676423679&dongle=d407&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?redir=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D88%26uid%3D%24UID
Protocol
H2
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-type
image/gif
date
Fri, 18 Aug 2023 00:27:02 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
https://eb2.3lift.com/xuid?mid=4771&xuid=2700558205676423679&dongle=d407&gdpr=0&gdpr_consent=
pragma
no-cache
date
Fri, 18 Aug 2023 00:27:01 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
xuid
eb2.3lift.com/ Frame D9D2
Redirect Chain
  • https://b1sync.zemanta.com/usersync/triplelift?gdpr=0&gdpr_consent=
  • https://stags.bluekai.com/site/23178?id=XCrfLrjrE8jfTLEMuA7H&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6ZLCGIXDG3DJMZ2C4Y3PNUXXQ5LJMQ7WI33OM5WGKPLE...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6ZLCGIXDG3DJMZ2C4Y3PNUXXQ5LJMQ7WI33OM5WGKPLEMJQTQJTFPBRWQYLOM5ST25DSNFYGYZLMNFTHIJTHMRYHEPJQEZWWSZB5GI2DMMBGPB2WSZB5LBBXEZSMOJVHE...
  • https://eb2.3lift.com/xuid?dongle=dba8&gdpr=0&mid=2460&xuid=XCrfLrjrE8jfTLEMuA7H
37 B
354 B
Image
General
Full URL
https://eb2.3lift.com/xuid?dongle=dba8&gdpr=0&mid=2460&xuid=XCrfLrjrE8jfTLEMuA7H
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?redir=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D88%26uid%3D%24UID
Protocol
H2
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-type
image/gif
date
Fri, 18 Aug 2023 00:27:02 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Pragma
no-cache
Date
Fri, 18 Aug 2023 00:27:02 GMT
Content-Type
text/html; charset=utf-8
Location
https://eb2.3lift.com/xuid?dongle=dba8&gdpr=0&mid=2460&xuid=XCrfLrjrE8jfTLEMuA7H
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
115
Expires
Thu, 01 Dec 1994 16:00:00 GMT
xuid
eb2.3lift.com/ Frame D9D2
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=13&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=2319&xuid=0-f52a27e5-963b-512b-43e0-7607f1eb2d62$ip$96.9.249.38&dongle=4430
37 B
354 B
Image
General
Full URL
https://eb2.3lift.com/xuid?mid=2319&xuid=0-f52a27e5-963b-512b-43e0-7607f1eb2d62$ip$96.9.249.38&dongle=4430
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?redir=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D88%26uid%3D%24UID
Protocol
H2
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-type
image/gif
date
Fri, 18 Aug 2023 00:27:02 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Location
https://eb2.3lift.com/xuid?mid=2319&xuid=0-f52a27e5-963b-512b-43e0-7607f1eb2d62$ip$96.9.249.38&dongle=4430
Date
Fri, 18 Aug 2023 00:27:01 GMT
Connection
keep-alive
Content-Length
137
Content-Type
text/html; charset=utf-8
sync
sync.srv.stackadapt.com/ Frame D9D2
43 B
168 B
Image
General
Full URL
https://sync.srv.stackadapt.com/sync?nid=20&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?redir=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D88%26uid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.211.218.86 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-211-218-86.compute-1.amazonaws.com
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date
Fri, 18 Aug 2023 00:27:02 GMT
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
sync
sync.srv.stackadapt.com/ Frame D9D2
43 B
168 B
Image
General
Full URL
https://sync.srv.stackadapt.com/sync?nid=114&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?redir=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D88%26uid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.211.218.86 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-211-218-86.compute-1.amazonaws.com
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date
Fri, 18 Aug 2023 00:27:02 GMT
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
xuid
eb2.3lift.com/ Frame D9D2
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=83&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=3646&xuid=07e245da-4f06-492e-b7a4-be6d629de3b9-64debad1-5553&dongle=1fa5&gdpr=0&gdpr_consent=
37 B
354 B
Image
General
Full URL
https://eb2.3lift.com/xuid?mid=3646&xuid=07e245da-4f06-492e-b7a4-be6d629de3b9-64debad1-5553&dongle=1fa5&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?redir=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D88%26uid%3D%24UID
Protocol
H2
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-type
image/gif
date
Fri, 18 Aug 2023 00:27:02 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Fri, 18 Aug 2023 00:27:01 GMT
server
A
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://eb2.3lift.com/xuid?mid=3646&xuid=07e245da-4f06-492e-b7a4-be6d629de3b9-64debad1-5553&dongle=1fa5&gdpr=0&gdpr_consent=
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
757c0557066e95cfd4c7
s.amazon-adsystem.com/x/ Frame D9D2
0
0
Image
General
Full URL
https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=0&gdpr_consent=&uid=4080762774149756005240
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?redir=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D88%26uid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

services
sync.technoratimedia.com/ Frame D9D2
0
2 KB
Image
General
Full URL
https://sync.technoratimedia.com/services?srv=cs&pid=88&uid=4080762774149756005240
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?redir=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D88%26uid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2603:c020:400d:3000:f50:982a:7877:65bd Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 00:27:01 GMT
via
1.1 varnish
server
nginx
age
0
access-control-allow-methods
POST,GET,HEAD,OPTIONS
x-varnish
375915864
access-control-allow-origin
https://eb2.3lift.com/
access-control-allow-credentials
true
gen_204
pagead2.googlesyndication.com/pagead/ Frame DAC5
0
0
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?mode=1&lid=41&sdkv=h.3.585.0&e=44751890%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275%2C44797735&id=ima_html5&c=2463457510211319&domain=itsallinanutshell.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.585.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2002 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 00:27:01 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame DAC5
0
0
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?native=f&gdpr=f&tcStrValid=f&lid=165&sdkv=h.3.585.0&e=44751890%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275%2C44797735&id=ima_html5&c=2463457510211319&domain=itsallinanutshell.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.585.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2002 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 00:27:01 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame DAC5
0
0
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?delay=0&vpaidadapter=f&request_type=xfp&ctv=0&lid=6&sdkv=h.3.585.0&e=44751890%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275%2C44797735&id=ima_html5&c=2463457510211319&domain=itsallinanutshell.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.585.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2002 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 00:27:01 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame DAC5
0
0
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?step=sendingMessage&logid=0.28259196349550475&time=1692318421849&lid=43&sdkv=h.3.585.0&e=44751890%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275%2C44797735&id=ima_html5&c=2463457510211319&domain=itsallinanutshell.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.585.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2002 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 00:27:01 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ow.pubmatic.com/ Frame 553F
0
630 B
Document
General
Full URL
https://ow.pubmatic.com/setuid?bidder=pubmatic&gdpr=&gdpr_consent=&gpp=&gpp_sid=&f=b&uid=2A9490F3-08AC-45EE-95C7-6A357A3D2EFD
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fow.pubmatic.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.123 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

content-length
0
content-type
text/html
date
Fri, 18 Aug 2023 00:27:01 GMT
usersync
usersync.gumgum.com/ Frame 9936
35 B
250 B
Document
General
Full URL
https://usersync.gumgum.com/usersync?b=pbm&i=2A9490F3-08AC-45EE-95C7-6A357A3D2EFD
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
3.214.33.241 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-214-33-241.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Fri, 18 Aug 2023 00:27:01 GMT
Expires
0
Pragma
no-cache
/
bpi.rtactivate.com/tag/ Frame 2CE9
43 B
109 B
Image
General
Full URL
https://bpi.rtactivate.com/tag/?id=20909&user_id=2A9490F3-08AC-45EE-95C7-6A357A3D2EFD&gdpr=0&gdpr_consent=
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fow.pubmatic.com%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.216.72.86 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-216-72-86.compute-1.amazonaws.com
Software
awselb/2.0 /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 00:27:02 GMT
server
awselb/2.0
content-length
43
content-type
image/gif
sync
x.bidswitch.net/ Frame 2CE9
Redirect Chain
  • https://i.liadm.com/s/75145?bidder_id=195755&bidder_uuid=2A9490F3-08AC-45EE-95C7-6A357A3D2EFD
  • https://i.liadm.com/s/75145?bidder_id=195755&bidder_uuid=2A9490F3-08AC-45EE-95C7-6A357A3D2EFD&_li_chk=true&previous_uuid=fc6ac6036eef4775ba05ddb069ed9ae0
  • https://mid.rkdms.com/bct?pid=bcccb40a-06d2-44fe-bdd2-a91ef4a5bfd0&&puid=fc6ac603-6eef-4775-ba05-ddb069ed9ae0&liid=&_ct=im
  • https://i.liadm.com/s/19948?bidder_id=178256&bidder_uuid=ad0bb4dabcf23259d877e1e1d0153c20
  • https://x.bidswitch.net/sync?dsp_id=42&user_id=
43 B
235 B
Image
General
Full URL
https://x.bidswitch.net/sync?dsp_id=42&user_id=
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fow.pubmatic.com%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID
Protocol
HTTP/1.1
Server
35.211.178.172 North Charleston, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS
172.178.211.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date
Fri, 18 Aug 2023 00:27:02 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif

Redirect headers

Location
https://x.bidswitch.net/sync?dsp_id=42&user_id=
Date
Fri, 18 Aug 2023 00:27:02 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Connection
keep-alive
Content-Length
0
Request-Time
2
qmap
sync.crwdcntrl.net/ Frame 2CE9
49 B
265 B
Image
General
Full URL
https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=2A9490F3-08AC-45EE-95C7-6A357A3D2EFD&gdpr=0&gdpr_consent=
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fow.pubmatic.com%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.238.96.3 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-238-96-3.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 00:27:01 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.40.34.119
content-length
49
expires
0
/
io.narrative.io/ Frame 2CE9
Redirect Chain
  • https://io.narrative.io/?companyId=673&id=pubmatic_id:2A9490F3-08AC-45EE-95C7-6A357A3D2EFD
  • https://io.narrative.io/?io.narrative.guid.v2=f37862b0-3d5d-11ee-9828-02e4221a2b5f&companyId=673&id=pubmatic_id:2A9490F3-08AC-45EE-95C7-6A357A3D2EFD
0
247 B
Image
General
Full URL
https://io.narrative.io/?io.narrative.guid.v2=f37862b0-3d5d-11ee-9828-02e4221a2b5f&companyId=673&id=pubmatic_id:2A9490F3-08AC-45EE-95C7-6A357A3D2EFD
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fow.pubmatic.com%2Fsetuid%3Fbidder%3Deplanning%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID
Protocol
HTTP/1.1
Server
54.156.29.217 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-156-29-217.compute-1.amazonaws.com
Software
nginx/1.22.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date
Fri, 18 Aug 2023 00:27:02 GMT
Cache-Control
no-cache
Server
nginx/1.22.1
Connection
keep-alive

Redirect headers

Location
https://io.narrative.io/?io.narrative.guid.v2=f37862b0-3d5d-11ee-9828-02e4221a2b5f&companyId=673&id=pubmatic_id:2A9490F3-08AC-45EE-95C7-6A357A3D2EFD
Date
Fri, 18 Aug 2023 00:27:02 GMT
Server
nginx/1.22.1
Connection
keep-alive
Content-Length
0
cm
us-u.openx.net/w/1.0/ Frame B878
Redirect Chain
  • https://ssc-cms.33across.com/ps/?us_privacy=&ts=1692318421659.5&ri=70&ru=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fcm%3Fid%3Dc6a5ba0d-ce02-41bd-a1ea-842c68bd5108%26ph%3D8f5ed5d4-642c-4222-968a-d709c...
  • https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D...
930 B
559 B
Document
General
Full URL
https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&id=0014000001aXjnGAAS&ru=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D61%26uid%3D33XUSERID33X
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
e886727611b35745c1dfaea0a1e49ff94355cf72cb58252c5fc2be321e60f8ba

Request headers

Referer
https://de.tynt.com/deb/?m=xch&rt=html&id=0014000001aXjnGAAS&ru=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D61%26uid%3D33XUSERID33X
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
540
content-type
text/html
date
Fri, 18 Aug 2023 00:27:02 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google

Redirect headers

cache-control
no-store, no-cache, must-revalidate
content-length
0
date
Fri, 18 Aug 2023 00:27:01 GMT
expires
Thu, 01-Jan-70 00:00:01 GMT
location
https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
pragma
no-cache
referrer-policy
unsafe-url
server
33XP019
x-33x-status
40000000008200000A
services
sync.technoratimedia.com/ Frame 8329
Redirect Chain
  • https://ssc-cms.33across.com/ps/?_=1692318421659.&ri=0014000001aXjnGAAS&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D61%26uid%3D...
  • https://sync.technoratimedia.com/services?srv=cs&pid=61&uid=212240589342896
0
2 KB
Image
General
Full URL
https://sync.technoratimedia.com/services?srv=cs&pid=61&uid=212240589342896
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&id=0014000001aXjnGAAS&ru=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D61%26uid%3D33XUSERID33X
Protocol
H2
Server
2603:c020:400d:3000:f50:982a:7877:65bd Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://de.tynt.com/deb/?m=xch&rt=html&id=0014000001aXjnGAAS&ru=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D61%26uid%3D33XUSERID33X
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 00:27:02 GMT
via
1.1 varnish
server
nginx
age
0
access-control-allow-methods
POST,GET,HEAD,OPTIONS
x-varnish
89190676
access-control-allow-origin
https://de.tynt.com/deb/?m=xch&rt=html&id=0014000001aXjnGAAS&ru=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D61%26uid%3D33XUSERID33X
access-control-allow-credentials
true

Redirect headers

pragma
no-cache
date
Fri, 18 Aug 2023 00:27:01 GMT
referrer-policy
unsafe-url
server
33XP016
x-33x-status
100000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://sync.technoratimedia.com/services?srv=cs&pid=61&uid=212240589342896
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
match
cms-xch-chicago.33across.com/ Frame 8329
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=f0v35ew&ttd_tpi=1&us_privacy=
  • https://ssc-cms.33across.com/ps/?ri=102&ru=https%3A%2F%2Fcms-xch-chicago.33across.com%2Fmatch%3Fbidder_id%3D102%26ttl%3D1694910421%26external_user_id%3D0487fdef-dbcb-4472-91ea-091af86a64fb
  • https://cms-xch-chicago.33across.com/match?bidder_id=102&ttl=1694910421&external_user_id=0487fdef-dbcb-4472-91ea-091af86a64fb
68 B
225 B
Image
General
Full URL
https://cms-xch-chicago.33across.com/match?bidder_id=102&ttl=1694910421&external_user_id=0487fdef-dbcb-4472-91ea-091af86a64fb
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&id=0014000001aXjnGAAS&ru=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D61%26uid%3D33XUSERID33X
Protocol
H2
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-US,en;q=0.9
Referer
https://de.tynt.com/deb/?m=xch&rt=html&id=0014000001aXjnGAAS&ru=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D61%26uid%3D33XUSERID33X
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 00:27:02 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Fri, 18 Aug 2023 00:27:01 GMT
referrer-policy
unsafe-url
server
33XP016
x-33x-status
40000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://cms-xch-chicago.33across.com/match?bidder_id=102&ttl=1694910421&external_user_id=0487fdef-dbcb-4472-91ea-091af86a64fb
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
match
events-ssc.33across.com/ Frame 8329
Redirect Chain
  • https://ssc-cms.33across.com/ps/?us_privacy=&ts=1692318421659.3&ri=2&ru=https%3A%2F%2Fssum-sec.casalemedia.com%2Fusermatchredir%3Fs%3D191740%26us_privacy%3D%24%7BUS_PRIVACY%7D%26cb%3Dhttps%253A%252...
  • https://ssum-sec.casalemedia.com/usermatchredir?s=191740&us_privacy=&cb=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D2%26external_user_id%3D
  • https://events-ssc.33across.com/match?liv=h&us_privacy=&bidder_id=2&external_user_id=ZN660gpfgXVAgUl4ibXoLAAA%261363
68 B
82 B
Image
General
Full URL
https://events-ssc.33across.com/match?liv=h&us_privacy=&bidder_id=2&external_user_id=ZN660gpfgXVAgUl4ibXoLAAA%261363
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&id=0014000001aXjnGAAS&ru=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D61%26uid%3D33XUSERID33X
Protocol
H3
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-US,en;q=0.9
Referer
https://de.tynt.com/deb/?m=xch&rt=html&id=0014000001aXjnGAAS&ru=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D61%26uid%3D33XUSERID33X
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 00:27:02 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

Pragma
no-cache
Date
Fri, 18 Aug 2023 00:27:02 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://events-ssc.33across.com/match?liv=h&us_privacy=&bidder_id=2&external_user_id=ZN660gpfgXVAgUl4ibXoLAAA%261363
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
0
Expires
0
match
events-ssc.33across.com/ Frame 8329
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=104&us_privacy=&redir=https%3A%2F%2Fssc-cms.33across.com%2Fps%2F%3Fus_privacy%3D%26xi%3D45%26xu%3D%7BuserId%7D
  • https://ssc-cms.33across.com/ps/?us_privacy=&xi=45&xu=07e245da-4f06-492e-b7a4-be6d629de3b9-64debad1-5553
  • https://events-ssc.33across.com/match?bidder_id=45&external_user_id=07e245da-4f06-492e-b7a4-be6d629de3b9-64debad1-5553&ts=1692318422&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
68 B
82 B
Image
General
Full URL
https://events-ssc.33across.com/match?bidder_id=45&external_user_id=07e245da-4f06-492e-b7a4-be6d629de3b9-64debad1-5553&ts=1692318422&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&id=0014000001aXjnGAAS&ru=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D61%26uid%3D33XUSERID33X
Protocol
H3
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-US,en;q=0.9
Referer
https://de.tynt.com/deb/?m=xch&rt=html&id=0014000001aXjnGAAS&ru=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D61%26uid%3D33XUSERID33X
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 00:27:02 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Fri, 18 Aug 2023 00:27:01 GMT
referrer-policy
unsafe-url
server
33XP007
x-33x-status
8000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://events-ssc.33across.com/match?bidder_id=45&external_user_id=07e245da-4f06-492e-b7a4-be6d629de3b9-64debad1-5553&ts=1692318422&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
match
events-ssc.33across.com/ Frame 8329
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=33across&us_privacy=
  • https://ssc-cms.33across.com/ps/?xi=120&xu=9Son5ZY7UStD4HYH8estYmAJ-SY
  • https://events-ssc.33across.com/match?bidder_id=120&external_user_id=9Son5ZY7UStD4HYH8estYmAJ-SY&ts=1692318422&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
68 B
82 B
Image
General
Full URL
https://events-ssc.33across.com/match?bidder_id=120&external_user_id=9Son5ZY7UStD4HYH8estYmAJ-SY&ts=1692318422&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&id=0014000001aXjnGAAS&ru=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D61%26uid%3D33XUSERID33X
Protocol
H3
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-US,en;q=0.9
Referer
https://de.tynt.com/deb/?m=xch&rt=html&id=0014000001aXjnGAAS&ru=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D61%26uid%3D33XUSERID33X
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 00:27:02 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Fri, 18 Aug 2023 00:27:01 GMT
referrer-policy
unsafe-url
server
33XP012
x-33x-status
8000000008200000A
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://events-ssc.33across.com/match?bidder_id=120&external_user_id=9Son5ZY7UStD4HYH8estYmAJ-SY&ts=1692318422&gdpr_58=&gdpr=0&gdpr_consent=&us_privacy=
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
match
events-ssc.33across.com/ Frame 8329
Redirect Chain
  • https://ssc-cms.33across.com/ps/?us_privacy=&ts=1692318421659.7&ri=90&ru=https%3A%2F%2Fib.adnxs.com%2Fgetuid%3Fhttps%253A%252F%252Fevents-ssc.33across.com%252Fmatch%253Fliv%253Dh%2526us_privacy%253...
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D90%26external_user_id%3D%24UID
  • https://events-ssc.33across.com/match?liv=h&us_privacy=&bidder_id=90&external_user_id=4664318827337647392
68 B
82 B
Image
General
Full URL
https://events-ssc.33across.com/match?liv=h&us_privacy=&bidder_id=90&external_user_id=4664318827337647392
Requested by
Host: de.tynt.com
URL: https://de.tynt.com/deb/?m=xch&rt=html&id=0014000001aXjnGAAS&ru=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D61%26uid%3D33XUSERID33X
Protocol
H3
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-US,en;q=0.9
Referer
https://de.tynt.com/deb/?m=xch&rt=html&id=0014000001aXjnGAAS&ru=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D61%26uid%3D33XUSERID33X
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 00:27:02 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Fri, 18 Aug 2023 00:27:02 GMT
an-x-request-uuid
6432804c-0919-41cf-9b0c-407cc753d5a9
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://events-ssc.33across.com/match?liv=h&us_privacy=&bidder_id=90&external_user_id=4664318827337647392
x-proxy-origin
96.9.249.38; 96.9.249.38; 797.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
privacy_small.svg
static.criteo.net/flash/icon/ Frame 3B86
2 KB
1 KB
Image
General
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZN661AAM2KMKcQcGAA7PGOjH8m904Lmu7T3c5g&u=%7CkJTEXR2E7n6H2vMt%2FbpcigZmNUYqrqcweD2ddrMHON4%3D%7C&c1=rrpYFVpNqCuoMy_CN5j4rxwPFZaGZeBOQ-EedF60xEliq5YP9z1apJap4arQkRalnRQaPAWFzRiIk9kJCWZFKyCGRd_c0B-JXhFAU475GBt8De_gNLdI-YTn0vdIVKRDv5cIbvKIbf1lTLWajec_wXooZ_1e1TlPu1p4zkZ0dHzwcJkJp4wt24E-SoASPe8085DwZGrHLKx7FjRrMhvgma9rqwJBriX7baTe39vKvj8cfT0m_5Jc2R7cvLvgew6g7TA3kr2d3-QlNsbirD9LLwpNYYabYSsIlvfywNviSR0ucUfdLV6I83ZFHfXj5Lti82N4kCza9icTTZQ-zsQS4N_wK2KVtv97vq5H9NMWkz8iVdPo4vv97F_3TuSbIMCQaZ978nLFSVu4Xt_Sxni7uKf_QP82ar-JBLC_IlKnqdFHTP5mq5_q0nhLEN1WEgYRg86kuI_FTEGit_-a1SMhpHJINjOPIB70_mWrd7UCqQNsamMpKH8FM9uFTWj6g8RQpmf2AsCXuj1G-QCSLQecAG1QdwdSdkr7hM-iiRCf9NUcM_vcjAF2IyCVpSGEJ_361UCMOVmk64sfH8rc9W0swyw0Jak29FTQ3im26v5m-45iG_-9YpkhxSsm_eJiQcjqfwxliU6cggFZoYOPmt8yL0z9pMfygojHxB1yfWdP1_4&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC-2Kb1LreZKOxM4aOxAOYnruoApyB77BcosqnqnTAjbcBEAEgAGDJ7o6LwKSMEIIBF2NhLXB1Yi01OTAyMDgzMjg1MzAyNzc5yAEJ4AIAqAMByAMCqgSXAk_QCvkI55bdIAMMppe0X3GLegMEx20iUszlOqNOOQSZBNSvm3CY4nnBz6hOoaBChzIJBU7uw2mT5pmhW1iJRDoxGICQlYM_AatcjbVWcCMVfFHnujKHr5TG6fAb-smBtAgMcKs0rYLX04f_Ud72MGZj2chAZxWQ1M6zVfH40L_K7oqIg8ReiESWTJzt13aPrRKF0sUi75t88oEPqQUR3EP5bg1yB2e47wWGf1uwUlqSk3XBzGVh2Hdp2G5NOQsebVsVs6QSTrBr72PrPPjCjO5pfX1FAphdTZ13Plxgpt68nY_p6-zmHe1IrE7x0Bya7YKT6kG76gCd_OiJNWGIlURpVVzsS20WBkRCUleuJQfPo9Iozy467uAEAYAGw9Szoo-Xu5jwAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBIIgGEQATICigI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3pfle1HgnHpw_VxIs4WptOZPnRdQ%26client%3Dca-pub-5902083285302779%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 00:27:01 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 12 Aug 2024 00:27:01 GMT
adchoices_en.svg
static.criteo.net/flash/icon/ Frame 3B86
2 KB
1 KB
Image
General
Full URL
https://static.criteo.net/flash/icon/adchoices_en.svg
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZN661AAM2KMKcQcGAA7PGOjH8m904Lmu7T3c5g&u=%7CkJTEXR2E7n6H2vMt%2FbpcigZmNUYqrqcweD2ddrMHON4%3D%7C&c1=rrpYFVpNqCuoMy_CN5j4rxwPFZaGZeBOQ-EedF60xEliq5YP9z1apJap4arQkRalnRQaPAWFzRiIk9kJCWZFKyCGRd_c0B-JXhFAU475GBt8De_gNLdI-YTn0vdIVKRDv5cIbvKIbf1lTLWajec_wXooZ_1e1TlPu1p4zkZ0dHzwcJkJp4wt24E-SoASPe8085DwZGrHLKx7FjRrMhvgma9rqwJBriX7baTe39vKvj8cfT0m_5Jc2R7cvLvgew6g7TA3kr2d3-QlNsbirD9LLwpNYYabYSsIlvfywNviSR0ucUfdLV6I83ZFHfXj5Lti82N4kCza9icTTZQ-zsQS4N_wK2KVtv97vq5H9NMWkz8iVdPo4vv97F_3TuSbIMCQaZ978nLFSVu4Xt_Sxni7uKf_QP82ar-JBLC_IlKnqdFHTP5mq5_q0nhLEN1WEgYRg86kuI_FTEGit_-a1SMhpHJINjOPIB70_mWrd7UCqQNsamMpKH8FM9uFTWj6g8RQpmf2AsCXuj1G-QCSLQecAG1QdwdSdkr7hM-iiRCf9NUcM_vcjAF2IyCVpSGEJ_361UCMOVmk64sfH8rc9W0swyw0Jak29FTQ3im26v5m-45iG_-9YpkhxSsm_eJiQcjqfwxliU6cggFZoYOPmt8yL0z9pMfygojHxB1yfWdP1_4&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC-2Kb1LreZKOxM4aOxAOYnruoApyB77BcosqnqnTAjbcBEAEgAGDJ7o6LwKSMEIIBF2NhLXB1Yi01OTAyMDgzMjg1MzAyNzc5yAEJ4AIAqAMByAMCqgSXAk_QCvkI55bdIAMMppe0X3GLegMEx20iUszlOqNOOQSZBNSvm3CY4nnBz6hOoaBChzIJBU7uw2mT5pmhW1iJRDoxGICQlYM_AatcjbVWcCMVfFHnujKHr5TG6fAb-smBtAgMcKs0rYLX04f_Ud72MGZj2chAZxWQ1M6zVfH40L_K7oqIg8ReiESWTJzt13aPrRKF0sUi75t88oEPqQUR3EP5bg1yB2e47wWGf1uwUlqSk3XBzGVh2Hdp2G5NOQsebVsVs6QSTrBr72PrPPjCjO5pfX1FAphdTZ13Plxgpt68nY_p6-zmHe1IrE7x0Bya7YKT6kG76gCd_OiJNWGIlURpVVzsS20WBkRCUleuJQfPo9Iozy467uAEAYAGw9Szoo-Xu5jwAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBIIgGEQATICigI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3pfle1HgnHpw_VxIs4WptOZPnRdQ%26client%3Dca-pub-5902083285302779%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 00:27:01 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-759"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 12 Aug 2024 00:27:01 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame 3B86
308 B
636 B
Image
General
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZN661AAM2KMKcQcGAA7PGOjH8m904Lmu7T3c5g&u=%7CkJTEXR2E7n6H2vMt%2FbpcigZmNUYqrqcweD2ddrMHON4%3D%7C&c1=rrpYFVpNqCuoMy_CN5j4rxwPFZaGZeBOQ-EedF60xEliq5YP9z1apJap4arQkRalnRQaPAWFzRiIk9kJCWZFKyCGRd_c0B-JXhFAU475GBt8De_gNLdI-YTn0vdIVKRDv5cIbvKIbf1lTLWajec_wXooZ_1e1TlPu1p4zkZ0dHzwcJkJp4wt24E-SoASPe8085DwZGrHLKx7FjRrMhvgma9rqwJBriX7baTe39vKvj8cfT0m_5Jc2R7cvLvgew6g7TA3kr2d3-QlNsbirD9LLwpNYYabYSsIlvfywNviSR0ucUfdLV6I83ZFHfXj5Lti82N4kCza9icTTZQ-zsQS4N_wK2KVtv97vq5H9NMWkz8iVdPo4vv97F_3TuSbIMCQaZ978nLFSVu4Xt_Sxni7uKf_QP82ar-JBLC_IlKnqdFHTP5mq5_q0nhLEN1WEgYRg86kuI_FTEGit_-a1SMhpHJINjOPIB70_mWrd7UCqQNsamMpKH8FM9uFTWj6g8RQpmf2AsCXuj1G-QCSLQecAG1QdwdSdkr7hM-iiRCf9NUcM_vcjAF2IyCVpSGEJ_361UCMOVmk64sfH8rc9W0swyw0Jak29FTQ3im26v5m-45iG_-9YpkhxSsm_eJiQcjqfwxliU6cggFZoYOPmt8yL0z9pMfygojHxB1yfWdP1_4&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC-2Kb1LreZKOxM4aOxAOYnruoApyB77BcosqnqnTAjbcBEAEgAGDJ7o6LwKSMEIIBF2NhLXB1Yi01OTAyMDgzMjg1MzAyNzc5yAEJ4AIAqAMByAMCqgSXAk_QCvkI55bdIAMMppe0X3GLegMEx20iUszlOqNOOQSZBNSvm3CY4nnBz6hOoaBChzIJBU7uw2mT5pmhW1iJRDoxGICQlYM_AatcjbVWcCMVfFHnujKHr5TG6fAb-smBtAgMcKs0rYLX04f_Ud72MGZj2chAZxWQ1M6zVfH40L_K7oqIg8ReiESWTJzt13aPrRKF0sUi75t88oEPqQUR3EP5bg1yB2e47wWGf1uwUlqSk3XBzGVh2Hdp2G5NOQsebVsVs6QSTrBr72PrPPjCjO5pfX1FAphdTZ13Plxgpt68nY_p6-zmHe1IrE7x0Bya7YKT6kG76gCd_OiJNWGIlURpVVzsS20WBkRCUleuJQfPo9Iozy467uAEAYAGw9Szoo-Xu5jwAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBIIgGEQATICigI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3pfle1HgnHpw_VxIs4WptOZPnRdQ%26client%3Dca-pub-5902083285302779%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 00:27:02 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Mon, 12 Aug 2024 00:27:02 GMT
back_button2.svg
static.criteo.net/flash/icon/ Frame 3B86
293 B
621 B
Image
General
Full URL
https://static.criteo.net/flash/icon/back_button2.svg
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZN661AAM2KMKcQcGAA7PGOjH8m904Lmu7T3c5g&u=%7CkJTEXR2E7n6H2vMt%2FbpcigZmNUYqrqcweD2ddrMHON4%3D%7C&c1=rrpYFVpNqCuoMy_CN5j4rxwPFZaGZeBOQ-EedF60xEliq5YP9z1apJap4arQkRalnRQaPAWFzRiIk9kJCWZFKyCGRd_c0B-JXhFAU475GBt8De_gNLdI-YTn0vdIVKRDv5cIbvKIbf1lTLWajec_wXooZ_1e1TlPu1p4zkZ0dHzwcJkJp4wt24E-SoASPe8085DwZGrHLKx7FjRrMhvgma9rqwJBriX7baTe39vKvj8cfT0m_5Jc2R7cvLvgew6g7TA3kr2d3-QlNsbirD9LLwpNYYabYSsIlvfywNviSR0ucUfdLV6I83ZFHfXj5Lti82N4kCza9icTTZQ-zsQS4N_wK2KVtv97vq5H9NMWkz8iVdPo4vv97F_3TuSbIMCQaZ978nLFSVu4Xt_Sxni7uKf_QP82ar-JBLC_IlKnqdFHTP5mq5_q0nhLEN1WEgYRg86kuI_FTEGit_-a1SMhpHJINjOPIB70_mWrd7UCqQNsamMpKH8FM9uFTWj6g8RQpmf2AsCXuj1G-QCSLQecAG1QdwdSdkr7hM-iiRCf9NUcM_vcjAF2IyCVpSGEJ_361UCMOVmk64sfH8rc9W0swyw0Jak29FTQ3im26v5m-45iG_-9YpkhxSsm_eJiQcjqfwxliU6cggFZoYOPmt8yL0z9pMfygojHxB1yfWdP1_4&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC-2Kb1LreZKOxM4aOxAOYnruoApyB77BcosqnqnTAjbcBEAEgAGDJ7o6LwKSMEIIBF2NhLXB1Yi01OTAyMDgzMjg1MzAyNzc5yAEJ4AIAqAMByAMCqgSXAk_QCvkI55bdIAMMppe0X3GLegMEx20iUszlOqNOOQSZBNSvm3CY4nnBz6hOoaBChzIJBU7uw2mT5pmhW1iJRDoxGICQlYM_AatcjbVWcCMVfFHnujKHr5TG6fAb-smBtAgMcKs0rYLX04f_Ud72MGZj2chAZxWQ1M6zVfH40L_K7oqIg8ReiESWTJzt13aPrRKF0sUi75t88oEPqQUR3EP5bg1yB2e47wWGf1uwUlqSk3XBzGVh2Hdp2G5NOQsebVsVs6QSTrBr72PrPPjCjO5pfX1FAphdTZ13Plxgpt68nY_p6-zmHe1IrE7x0Bya7YKT6kG76gCd_OiJNWGIlURpVVzsS20WBkRCUleuJQfPo9Iozy467uAEAYAGw9Szoo-Xu5jwAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBIIgGEQATICigI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3pfle1HgnHpw_VxIs4WptOZPnRdQ%26client%3Dca-pub-5902083285302779%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 00:27:02 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 28 Apr 2022 09:09:48 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"626a59dc-125"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
293
expires
Mon, 12 Aug 2024 00:27:02 GMT
lg.php
cat.va.us.criteo.com/delivery/ Frame 3B86
43 B
347 B
Image
General
Full URL
https://cat.va.us.criteo.com/delivery/lg.php?cppv=3&cpp=k4vaJP_vZgdF0JRUc-JXWaUKnFqr04gF5tI2n2bZbquVOv1Uhdp8fhVwBssb7bfKX4pxrX2bf4bVK5EVJWHViKfkodkQ73zn531pZ8dldcp5CLYLZp5X8TnOfdrtscxzPmswgrp9UeUUORwzckyP36VwOqInle_9GFZHZpPZCxi6UEjmqqVRmn3-OyK5OcyseTg8hqSRz12I6osndEgmcYErR_LeTPhGss_SSUtiWnBnNcV7XEV4Nsu71uWEZuw2vQcIMvR97ySQPWlOoTqQ1I8ewQsliJSDlsz_TMj3hBSPHrubON0fbEUcf5oUs3VClFbrIIqI-8zo9xeQpudKzxkaJumQx5fkdG-eLHBFIPJN-X3GDQ9jEni4d6snkMLwW6EBTdxzN8kFBuPvAG6mswaphTyEO5lj6MowBvYi7DPbCP1ftiBAEG7LxDZhoKdzs9qvZ9vo6S5PJRjZda6bFV77wCw
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZN661AAM2KMKcQcGAA7PGOjH8m904Lmu7T3c5g&u=%7CkJTEXR2E7n6H2vMt%2FbpcigZmNUYqrqcweD2ddrMHON4%3D%7C&c1=rrpYFVpNqCuoMy_CN5j4rxwPFZaGZeBOQ-EedF60xEliq5YP9z1apJap4arQkRalnRQaPAWFzRiIk9kJCWZFKyCGRd_c0B-JXhFAU475GBt8De_gNLdI-YTn0vdIVKRDv5cIbvKIbf1lTLWajec_wXooZ_1e1TlPu1p4zkZ0dHzwcJkJp4wt24E-SoASPe8085DwZGrHLKx7FjRrMhvgma9rqwJBriX7baTe39vKvj8cfT0m_5Jc2R7cvLvgew6g7TA3kr2d3-QlNsbirD9LLwpNYYabYSsIlvfywNviSR0ucUfdLV6I83ZFHfXj5Lti82N4kCza9icTTZQ-zsQS4N_wK2KVtv97vq5H9NMWkz8iVdPo4vv97F_3TuSbIMCQaZ978nLFSVu4Xt_Sxni7uKf_QP82ar-JBLC_IlKnqdFHTP5mq5_q0nhLEN1WEgYRg86kuI_FTEGit_-a1SMhpHJINjOPIB70_mWrd7UCqQNsamMpKH8FM9uFTWj6g8RQpmf2AsCXuj1G-QCSLQecAG1QdwdSdkr7hM-iiRCf9NUcM_vcjAF2IyCVpSGEJ_361UCMOVmk64sfH8rc9W0swyw0Jak29FTQ3im26v5m-45iG_-9YpkhxSsm_eJiQcjqfwxliU6cggFZoYOPmt8yL0z9pMfygojHxB1yfWdP1_4&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC-2Kb1LreZKOxM4aOxAOYnruoApyB77BcosqnqnTAjbcBEAEgAGDJ7o6LwKSMEIIBF2NhLXB1Yi01OTAyMDgzMjg1MzAyNzc5yAEJ4AIAqAMByAMCqgSXAk_QCvkI55bdIAMMppe0X3GLegMEx20iUszlOqNOOQSZBNSvm3CY4nnBz6hOoaBChzIJBU7uw2mT5pmhW1iJRDoxGICQlYM_AatcjbVWcCMVfFHnujKHr5TG6fAb-smBtAgMcKs0rYLX04f_Ud72MGZj2chAZxWQ1M6zVfH40L_K7oqIg8ReiESWTJzt13aPrRKF0sUi75t88oEPqQUR3EP5bg1yB2e47wWGf1uwUlqSk3XBzGVh2Hdp2G5NOQsebVsVs6QSTrBr72PrPPjCjO5pfX1FAphdTZ13Plxgpt68nY_p6-zmHe1IrE7x0Bya7YKT6kG76gCd_OiJNWGIlURpVVzsS20WBkRCUleuJQfPo9Iozy467uAEAYAGw9Szoo-Xu5jwAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBIIgGEQATICigI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3pfle1HgnHpw_VxIs4WptOZPnRdQ%26client%3Dca-pub-5902083285302779%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.147 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 00:27:02 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
4428593
expires
Mon, 26 Jul 1997 05:00:00 GMT
13dd6d6b530640f0b951762f46d7e630_untitled_design_set-160x600-px.jpg
static.criteo.net/design/dt/106851/4894082/ Frame 3B86
65 KB
65 KB
Image
General
Full URL
https://static.criteo.net/design/dt/106851/4894082/13dd6d6b530640f0b951762f46d7e630_untitled_design_set-160x600-px.jpg
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZN661AAM2KMKcQcGAA7PGOjH8m904Lmu7T3c5g&u=%7CkJTEXR2E7n6H2vMt%2FbpcigZmNUYqrqcweD2ddrMHON4%3D%7C&c1=rrpYFVpNqCuoMy_CN5j4rxwPFZaGZeBOQ-EedF60xEliq5YP9z1apJap4arQkRalnRQaPAWFzRiIk9kJCWZFKyCGRd_c0B-JXhFAU475GBt8De_gNLdI-YTn0vdIVKRDv5cIbvKIbf1lTLWajec_wXooZ_1e1TlPu1p4zkZ0dHzwcJkJp4wt24E-SoASPe8085DwZGrHLKx7FjRrMhvgma9rqwJBriX7baTe39vKvj8cfT0m_5Jc2R7cvLvgew6g7TA3kr2d3-QlNsbirD9LLwpNYYabYSsIlvfywNviSR0ucUfdLV6I83ZFHfXj5Lti82N4kCza9icTTZQ-zsQS4N_wK2KVtv97vq5H9NMWkz8iVdPo4vv97F_3TuSbIMCQaZ978nLFSVu4Xt_Sxni7uKf_QP82ar-JBLC_IlKnqdFHTP5mq5_q0nhLEN1WEgYRg86kuI_FTEGit_-a1SMhpHJINjOPIB70_mWrd7UCqQNsamMpKH8FM9uFTWj6g8RQpmf2AsCXuj1G-QCSLQecAG1QdwdSdkr7hM-iiRCf9NUcM_vcjAF2IyCVpSGEJ_361UCMOVmk64sfH8rc9W0swyw0Jak29FTQ3im26v5m-45iG_-9YpkhxSsm_eJiQcjqfwxliU6cggFZoYOPmt8yL0z9pMfygojHxB1yfWdP1_4&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC-2Kb1LreZKOxM4aOxAOYnruoApyB77BcosqnqnTAjbcBEAEgAGDJ7o6LwKSMEIIBF2NhLXB1Yi01OTAyMDgzMjg1MzAyNzc5yAEJ4AIAqAMByAMCqgSXAk_QCvkI55bdIAMMppe0X3GLegMEx20iUszlOqNOOQSZBNSvm3CY4nnBz6hOoaBChzIJBU7uw2mT5pmhW1iJRDoxGICQlYM_AatcjbVWcCMVfFHnujKHr5TG6fAb-smBtAgMcKs0rYLX04f_Ud72MGZj2chAZxWQ1M6zVfH40L_K7oqIg8ReiESWTJzt13aPrRKF0sUi75t88oEPqQUR3EP5bg1yB2e47wWGf1uwUlqSk3XBzGVh2Hdp2G5NOQsebVsVs6QSTrBr72PrPPjCjO5pfX1FAphdTZ13Plxgpt68nY_p6-zmHe1IrE7x0Bya7YKT6kG76gCd_OiJNWGIlURpVVzsS20WBkRCUleuJQfPo9Iozy467uAEAYAGw9Szoo-Xu5jwAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBIIgGEQATICigI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3pfle1HgnHpw_VxIs4WptOZPnRdQ%26client%3Dca-pub-5902083285302779%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
0daa9ae49460256e86d7f6fe89d832b19bdf139a28a9bf32aa48a7d3956529f9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 00:27:02 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 08 Aug 2023 16:28:42 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"64d26d3a-103db"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
66523
expires
Mon, 12 Aug 2024 00:27:02 GMT
setuid
ow.pubmatic.com/ Frame B7CF
0
630 B
Document
General
Full URL
https://ow.pubmatic.com/setuid?bidder=pubmatic&gdpr=&gdpr_consent=&gpp=&gpp_sid=&f=b&uid=2A9490F3-08AC-45EE-95C7-6A357A3D2EFD
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fow.pubmatic.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D%26gdpr_consent%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.123 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

content-length
0
content-type
text/html
date
Fri, 18 Aug 2023 00:27:02 GMT
services
sync.technoratimedia.com/ Frame C535
0
0
Document
General
Full URL
https://sync.technoratimedia.com/services?srv=cs&pid=45&uid=$UID$
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156344&userIdMacro=%24UID%24&predirect=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D45%26uid%3D%24UID%24
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2603:c020:400d:3000:f50:982a:7877:65bd Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-methods
POST,GET,HEAD,OPTIONS
access-control-allow-origin
https://ads.pubmatic.com/
age
0
date
Fri, 18 Aug 2023 00:27:02 GMT
server
nginx
via
1.1 varnish
x-varnish
326508092
privacy_small.svg
static.criteo.net/flash/icon/ Frame 560A
2 KB
1 KB
Image
General
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZN661AAMluUIaAIQAAVVH3AX_h0Jm9RmMgBCJQ&u=%7CkJTEXR2E7n5Sm4KdTlExw3yuuKHAPgFlh07vpQYOmec%3D%7C&c1=TUPLs6ok1IhDgnvJmJgq2b8G6XvEBIvqi4VSciU_LzelNdNdJTtEK_lEZrcR-2V6vqRGFL537dByUwzXjpSA5Ow3obWN48gwzc8YHWzylIlVQ1fL1DisA3RLP01PKoZalfF8iieAiuL9Ti0zHMK4IE5WL2_AmODQ-JwWZ7ZgOkjq-055CZvSb-buq4UmwKu4lpb8IEjtBSpKDOxsb5bogUrIpkINSRZ1cfsEadBIfxyDMu-oW9hVlt4YG4LcRsWqoqVEWjh-66sgrS8W93gj_7v0mYTFb2m4XWu-_nBBI7NQ_g4P-lksRyLGB_8PpydolVXUE5uHi4jexAqXi96UKZQ6A4TYaPi4tZ6wYA3ICrp7u0QoUArNyjR1ya-o7AFULfMwUHXwSEVJCNRUprca2G6RBdGYLLx9IwHrrxB0GWEKWm2KkhghloL9oFxUdWLMfhA64RBYBqzF1EwCQdtxfkaNWl0Jz8-GLQCefP4yvd5x1K6cnpy0ORk-gPzzoWwSm3QcXihQ-jm-zw7lD-nukOYzsosOQ-ngsWYOr6HdL3TRs_DezygmschQmuZmp3JZlfYNRBVSR4Wn_wQx91ZLALfTrI9Rx9dOELpAV29GXFuNAOQkzW1t33r798h3iw0tbG-bMK_3tI5crDr1bX9nry6A9WrhG5cL&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCf6Ma1LreZOWtMpCEoPMPn6qVqAycge-wXKLKp6p0wI23ARABIABgye6Oi8CkjBCCARdjYS1wdWItNTkwMjA4MzI4NTMwMjc3OcgBCeACAKgDAcgDAqoElwJP0N13jtU72H5cWz_68Pgaq7lwxpUFxGL_V2de2YKmBcAUmrePw_Hd6NX7wv2qVhb33muZO85PPCHVcPB3s248zYvMydjS2iKHVvQ5RCSpredJvMDW-zVf6nOnV1FIhTrn8bTEqFxZt5sdn9horo01vWxGaJQfvrlzUQQ3udRCfbKWrP0D1oEYM5QttOK9TPLcVq7byaHk9s9HX7pTL36stnhUJwx4hzELSZEavrPRutFwa5_JsFNtDcZsJzAr9CuC1Mwn1JxTa1XTDewKPd_8ms1DQFjsppuAWNqVD2eZpWuHyrIdl28-EJMAH1L-nGkhDgaKk1gRGD-Kei0GYSUVaMh5-_2jY0pe9Cvh_mZUaOw46WuHJG_gBAGABsPUs6KPl7uY8AGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggSCIBhEAEyAooCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3_OvBywo0wtcx3fjCvCyGoXNzZbg%26client%3Dca-pub-5902083285302779%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 00:27:02 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 12 Aug 2024 00:27:02 GMT
adchoices_en.svg
static.criteo.net/flash/icon/ Frame 560A
2 KB
1 KB
Image
General
Full URL
https://static.criteo.net/flash/icon/adchoices_en.svg
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZN661AAMluUIaAIQAAVVH3AX_h0Jm9RmMgBCJQ&u=%7CkJTEXR2E7n5Sm4KdTlExw3yuuKHAPgFlh07vpQYOmec%3D%7C&c1=TUPLs6ok1IhDgnvJmJgq2b8G6XvEBIvqi4VSciU_LzelNdNdJTtEK_lEZrcR-2V6vqRGFL537dByUwzXjpSA5Ow3obWN48gwzc8YHWzylIlVQ1fL1DisA3RLP01PKoZalfF8iieAiuL9Ti0zHMK4IE5WL2_AmODQ-JwWZ7ZgOkjq-055CZvSb-buq4UmwKu4lpb8IEjtBSpKDOxsb5bogUrIpkINSRZ1cfsEadBIfxyDMu-oW9hVlt4YG4LcRsWqoqVEWjh-66sgrS8W93gj_7v0mYTFb2m4XWu-_nBBI7NQ_g4P-lksRyLGB_8PpydolVXUE5uHi4jexAqXi96UKZQ6A4TYaPi4tZ6wYA3ICrp7u0QoUArNyjR1ya-o7AFULfMwUHXwSEVJCNRUprca2G6RBdGYLLx9IwHrrxB0GWEKWm2KkhghloL9oFxUdWLMfhA64RBYBqzF1EwCQdtxfkaNWl0Jz8-GLQCefP4yvd5x1K6cnpy0ORk-gPzzoWwSm3QcXihQ-jm-zw7lD-nukOYzsosOQ-ngsWYOr6HdL3TRs_DezygmschQmuZmp3JZlfYNRBVSR4Wn_wQx91ZLALfTrI9Rx9dOELpAV29GXFuNAOQkzW1t33r798h3iw0tbG-bMK_3tI5crDr1bX9nry6A9WrhG5cL&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCf6Ma1LreZOWtMpCEoPMPn6qVqAycge-wXKLKp6p0wI23ARABIABgye6Oi8CkjBCCARdjYS1wdWItNTkwMjA4MzI4NTMwMjc3OcgBCeACAKgDAcgDAqoElwJP0N13jtU72H5cWz_68Pgaq7lwxpUFxGL_V2de2YKmBcAUmrePw_Hd6NX7wv2qVhb33muZO85PPCHVcPB3s248zYvMydjS2iKHVvQ5RCSpredJvMDW-zVf6nOnV1FIhTrn8bTEqFxZt5sdn9horo01vWxGaJQfvrlzUQQ3udRCfbKWrP0D1oEYM5QttOK9TPLcVq7byaHk9s9HX7pTL36stnhUJwx4hzELSZEavrPRutFwa5_JsFNtDcZsJzAr9CuC1Mwn1JxTa1XTDewKPd_8ms1DQFjsppuAWNqVD2eZpWuHyrIdl28-EJMAH1L-nGkhDgaKk1gRGD-Kei0GYSUVaMh5-_2jY0pe9Cvh_mZUaOw46WuHJG_gBAGABsPUs6KPl7uY8AGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggSCIBhEAEyAooCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3_OvBywo0wtcx3fjCvCyGoXNzZbg%26client%3Dca-pub-5902083285302779%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 00:27:02 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-759"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 12 Aug 2024 00:27:02 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame 560A
308 B
636 B
Image
General
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZN661AAMluUIaAIQAAVVH3AX_h0Jm9RmMgBCJQ&u=%7CkJTEXR2E7n5Sm4KdTlExw3yuuKHAPgFlh07vpQYOmec%3D%7C&c1=TUPLs6ok1IhDgnvJmJgq2b8G6XvEBIvqi4VSciU_LzelNdNdJTtEK_lEZrcR-2V6vqRGFL537dByUwzXjpSA5Ow3obWN48gwzc8YHWzylIlVQ1fL1DisA3RLP01PKoZalfF8iieAiuL9Ti0zHMK4IE5WL2_AmODQ-JwWZ7ZgOkjq-055CZvSb-buq4UmwKu4lpb8IEjtBSpKDOxsb5bogUrIpkINSRZ1cfsEadBIfxyDMu-oW9hVlt4YG4LcRsWqoqVEWjh-66sgrS8W93gj_7v0mYTFb2m4XWu-_nBBI7NQ_g4P-lksRyLGB_8PpydolVXUE5uHi4jexAqXi96UKZQ6A4TYaPi4tZ6wYA3ICrp7u0QoUArNyjR1ya-o7AFULfMwUHXwSEVJCNRUprca2G6RBdGYLLx9IwHrrxB0GWEKWm2KkhghloL9oFxUdWLMfhA64RBYBqzF1EwCQdtxfkaNWl0Jz8-GLQCefP4yvd5x1K6cnpy0ORk-gPzzoWwSm3QcXihQ-jm-zw7lD-nukOYzsosOQ-ngsWYOr6HdL3TRs_DezygmschQmuZmp3JZlfYNRBVSR4Wn_wQx91ZLALfTrI9Rx9dOELpAV29GXFuNAOQkzW1t33r798h3iw0tbG-bMK_3tI5crDr1bX9nry6A9WrhG5cL&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCf6Ma1LreZOWtMpCEoPMPn6qVqAycge-wXKLKp6p0wI23ARABIABgye6Oi8CkjBCCARdjYS1wdWItNTkwMjA4MzI4NTMwMjc3OcgBCeACAKgDAcgDAqoElwJP0N13jtU72H5cWz_68Pgaq7lwxpUFxGL_V2de2YKmBcAUmrePw_Hd6NX7wv2qVhb33muZO85PPCHVcPB3s248zYvMydjS2iKHVvQ5RCSpredJvMDW-zVf6nOnV1FIhTrn8bTEqFxZt5sdn9horo01vWxGaJQfvrlzUQQ3udRCfbKWrP0D1oEYM5QttOK9TPLcVq7byaHk9s9HX7pTL36stnhUJwx4hzELSZEavrPRutFwa5_JsFNtDcZsJzAr9CuC1Mwn1JxTa1XTDewKPd_8ms1DQFjsppuAWNqVD2eZpWuHyrIdl28-EJMAH1L-nGkhDgaKk1gRGD-Kei0GYSUVaMh5-_2jY0pe9Cvh_mZUaOw46WuHJG_gBAGABsPUs6KPl7uY8AGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggSCIBhEAEyAooCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3_OvBywo0wtcx3fjCvCyGoXNzZbg%26client%3Dca-pub-5902083285302779%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 00:27:02 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Mon, 12 Aug 2024 00:27:02 GMT
back_button2.svg
static.criteo.net/flash/icon/ Frame 560A
293 B
621 B
Image
General
Full URL
https://static.criteo.net/flash/icon/back_button2.svg
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZN661AAMluUIaAIQAAVVH3AX_h0Jm9RmMgBCJQ&u=%7CkJTEXR2E7n5Sm4KdTlExw3yuuKHAPgFlh07vpQYOmec%3D%7C&c1=TUPLs6ok1IhDgnvJmJgq2b8G6XvEBIvqi4VSciU_LzelNdNdJTtEK_lEZrcR-2V6vqRGFL537dByUwzXjpSA5Ow3obWN48gwzc8YHWzylIlVQ1fL1DisA3RLP01PKoZalfF8iieAiuL9Ti0zHMK4IE5WL2_AmODQ-JwWZ7ZgOkjq-055CZvSb-buq4UmwKu4lpb8IEjtBSpKDOxsb5bogUrIpkINSRZ1cfsEadBIfxyDMu-oW9hVlt4YG4LcRsWqoqVEWjh-66sgrS8W93gj_7v0mYTFb2m4XWu-_nBBI7NQ_g4P-lksRyLGB_8PpydolVXUE5uHi4jexAqXi96UKZQ6A4TYaPi4tZ6wYA3ICrp7u0QoUArNyjR1ya-o7AFULfMwUHXwSEVJCNRUprca2G6RBdGYLLx9IwHrrxB0GWEKWm2KkhghloL9oFxUdWLMfhA64RBYBqzF1EwCQdtxfkaNWl0Jz8-GLQCefP4yvd5x1K6cnpy0ORk-gPzzoWwSm3QcXihQ-jm-zw7lD-nukOYzsosOQ-ngsWYOr6HdL3TRs_DezygmschQmuZmp3JZlfYNRBVSR4Wn_wQx91ZLALfTrI9Rx9dOELpAV29GXFuNAOQkzW1t33r798h3iw0tbG-bMK_3tI5crDr1bX9nry6A9WrhG5cL&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCf6Ma1LreZOWtMpCEoPMPn6qVqAycge-wXKLKp6p0wI23ARABIABgye6Oi8CkjBCCARdjYS1wdWItNTkwMjA4MzI4NTMwMjc3OcgBCeACAKgDAcgDAqoElwJP0N13jtU72H5cWz_68Pgaq7lwxpUFxGL_V2de2YKmBcAUmrePw_Hd6NX7wv2qVhb33muZO85PPCHVcPB3s248zYvMydjS2iKHVvQ5RCSpredJvMDW-zVf6nOnV1FIhTrn8bTEqFxZt5sdn9horo01vWxGaJQfvrlzUQQ3udRCfbKWrP0D1oEYM5QttOK9TPLcVq7byaHk9s9HX7pTL36stnhUJwx4hzELSZEavrPRutFwa5_JsFNtDcZsJzAr9CuC1Mwn1JxTa1XTDewKPd_8ms1DQFjsppuAWNqVD2eZpWuHyrIdl28-EJMAH1L-nGkhDgaKk1gRGD-Kei0GYSUVaMh5-_2jY0pe9Cvh_mZUaOw46WuHJG_gBAGABsPUs6KPl7uY8AGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggSCIBhEAEyAooCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3_OvBywo0wtcx3fjCvCyGoXNzZbg%26client%3Dca-pub-5902083285302779%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 00:27:02 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 28 Apr 2022 09:09:48 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"626a59dc-125"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
293
expires
Mon, 12 Aug 2024 00:27:02 GMT
lg.php
cat.va.us.criteo.com/delivery/ Frame 560A
43 B
348 B
Image
General
Full URL
https://cat.va.us.criteo.com/delivery/lg.php?cppv=3&cpp=Da1-Tf_vZgdF0JRUc-JXWaUKnFpobOt9ogHfZbQp6sSiVrKdd27O0EeVt0CtX5mJImW2lN-i4FG5D2UoAdpeuyEGiqJlVjBmvCgvJYIKUea3nZiTcWHZPelArtZHetb4pYkX3GqL1-J1Kiu9LrJio9YE_oJ0YyB8MGonzOkMpHtNrFSNmKW4DFIZnGVfh4HOsGy5UN3zpKxNNAt5sLOtwxpK6_YJD8bQjAQUGkO3pfSLovFps4nsHj2TbSJd0WiomPH7rm8A3VKdS9cC-BJI9zmV_Bm-ttDCheILJbt1-nhAbG-4G7DaNrTVInsQpTzevt92MdjEmg-mkJyLI_aw5-EOO83OxqH7_lNF4dCA-kzOfv83n83fsZxMZgFh4p3O19yXyplntiHMNrSzeDGrXk8A9Hr_wvNzgL7RLnWJn3Ez6pMqoK-ObXVIJsxszbcgvMn13COsoqTuCrOC6woKjMNmuUI
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZN661AAMluUIaAIQAAVVH3AX_h0Jm9RmMgBCJQ&u=%7CkJTEXR2E7n5Sm4KdTlExw3yuuKHAPgFlh07vpQYOmec%3D%7C&c1=TUPLs6ok1IhDgnvJmJgq2b8G6XvEBIvqi4VSciU_LzelNdNdJTtEK_lEZrcR-2V6vqRGFL537dByUwzXjpSA5Ow3obWN48gwzc8YHWzylIlVQ1fL1DisA3RLP01PKoZalfF8iieAiuL9Ti0zHMK4IE5WL2_AmODQ-JwWZ7ZgOkjq-055CZvSb-buq4UmwKu4lpb8IEjtBSpKDOxsb5bogUrIpkINSRZ1cfsEadBIfxyDMu-oW9hVlt4YG4LcRsWqoqVEWjh-66sgrS8W93gj_7v0mYTFb2m4XWu-_nBBI7NQ_g4P-lksRyLGB_8PpydolVXUE5uHi4jexAqXi96UKZQ6A4TYaPi4tZ6wYA3ICrp7u0QoUArNyjR1ya-o7AFULfMwUHXwSEVJCNRUprca2G6RBdGYLLx9IwHrrxB0GWEKWm2KkhghloL9oFxUdWLMfhA64RBYBqzF1EwCQdtxfkaNWl0Jz8-GLQCefP4yvd5x1K6cnpy0ORk-gPzzoWwSm3QcXihQ-jm-zw7lD-nukOYzsosOQ-ngsWYOr6HdL3TRs_DezygmschQmuZmp3JZlfYNRBVSR4Wn_wQx91ZLALfTrI9Rx9dOELpAV29GXFuNAOQkzW1t33r798h3iw0tbG-bMK_3tI5crDr1bX9nry6A9WrhG5cL&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCf6Ma1LreZOWtMpCEoPMPn6qVqAycge-wXKLKp6p0wI23ARABIABgye6Oi8CkjBCCARdjYS1wdWItNTkwMjA4MzI4NTMwMjc3OcgBCeACAKgDAcgDAqoElwJP0N13jtU72H5cWz_68Pgaq7lwxpUFxGL_V2de2YKmBcAUmrePw_Hd6NX7wv2qVhb33muZO85PPCHVcPB3s248zYvMydjS2iKHVvQ5RCSpredJvMDW-zVf6nOnV1FIhTrn8bTEqFxZt5sdn9horo01vWxGaJQfvrlzUQQ3udRCfbKWrP0D1oEYM5QttOK9TPLcVq7byaHk9s9HX7pTL36stnhUJwx4hzELSZEavrPRutFwa5_JsFNtDcZsJzAr9CuC1Mwn1JxTa1XTDewKPd_8ms1DQFjsppuAWNqVD2eZpWuHyrIdl28-EJMAH1L-nGkhDgaKk1gRGD-Kei0GYSUVaMh5-_2jY0pe9Cvh_mZUaOw46WuHJG_gBAGABsPUs6KPl7uY8AGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggSCIBhEAEyAooCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3_OvBywo0wtcx3fjCvCyGoXNzZbg%26client%3Dca-pub-5902083285302779%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.147 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 00:27:01 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
2294202
expires
Mon, 26 Jul 1997 05:00:00 GMT
13dd6d6b530640f0b951762f46d7e630_untitled_design_set-160x600-px.jpg
static.criteo.net/design/dt/106851/4894082/ Frame 560A
65 KB
65 KB
Image
General
Full URL
https://static.criteo.net/design/dt/106851/4894082/13dd6d6b530640f0b951762f46d7e630_untitled_design_set-160x600-px.jpg
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZN661AAMluUIaAIQAAVVH3AX_h0Jm9RmMgBCJQ&u=%7CkJTEXR2E7n5Sm4KdTlExw3yuuKHAPgFlh07vpQYOmec%3D%7C&c1=TUPLs6ok1IhDgnvJmJgq2b8G6XvEBIvqi4VSciU_LzelNdNdJTtEK_lEZrcR-2V6vqRGFL537dByUwzXjpSA5Ow3obWN48gwzc8YHWzylIlVQ1fL1DisA3RLP01PKoZalfF8iieAiuL9Ti0zHMK4IE5WL2_AmODQ-JwWZ7ZgOkjq-055CZvSb-buq4UmwKu4lpb8IEjtBSpKDOxsb5bogUrIpkINSRZ1cfsEadBIfxyDMu-oW9hVlt4YG4LcRsWqoqVEWjh-66sgrS8W93gj_7v0mYTFb2m4XWu-_nBBI7NQ_g4P-lksRyLGB_8PpydolVXUE5uHi4jexAqXi96UKZQ6A4TYaPi4tZ6wYA3ICrp7u0QoUArNyjR1ya-o7AFULfMwUHXwSEVJCNRUprca2G6RBdGYLLx9IwHrrxB0GWEKWm2KkhghloL9oFxUdWLMfhA64RBYBqzF1EwCQdtxfkaNWl0Jz8-GLQCefP4yvd5x1K6cnpy0ORk-gPzzoWwSm3QcXihQ-jm-zw7lD-nukOYzsosOQ-ngsWYOr6HdL3TRs_DezygmschQmuZmp3JZlfYNRBVSR4Wn_wQx91ZLALfTrI9Rx9dOELpAV29GXFuNAOQkzW1t33r798h3iw0tbG-bMK_3tI5crDr1bX9nry6A9WrhG5cL&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCf6Ma1LreZOWtMpCEoPMPn6qVqAycge-wXKLKp6p0wI23ARABIABgye6Oi8CkjBCCARdjYS1wdWItNTkwMjA4MzI4NTMwMjc3OcgBCeACAKgDAcgDAqoElwJP0N13jtU72H5cWz_68Pgaq7lwxpUFxGL_V2de2YKmBcAUmrePw_Hd6NX7wv2qVhb33muZO85PPCHVcPB3s248zYvMydjS2iKHVvQ5RCSpredJvMDW-zVf6nOnV1FIhTrn8bTEqFxZt5sdn9horo01vWxGaJQfvrlzUQQ3udRCfbKWrP0D1oEYM5QttOK9TPLcVq7byaHk9s9HX7pTL36stnhUJwx4hzELSZEavrPRutFwa5_JsFNtDcZsJzAr9CuC1Mwn1JxTa1XTDewKPd_8ms1DQFjsppuAWNqVD2eZpWuHyrIdl28-EJMAH1L-nGkhDgaKk1gRGD-Kei0GYSUVaMh5-_2jY0pe9Cvh_mZUaOw46WuHJG_gBAGABsPUs6KPl7uY8AGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggSCIBhEAEyAooCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3_OvBywo0wtcx3fjCvCyGoXNzZbg%26client%3Dca-pub-5902083285302779%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
0daa9ae49460256e86d7f6fe89d832b19bdf139a28a9bf32aa48a7d3956529f9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 00:27:02 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 08 Aug 2023 16:28:42 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"64d26d3a-103db"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
66523
expires
Mon, 12 Aug 2024 00:27:02 GMT
bframe
www.google.com/recaptcha/api2/ Frame 5350
7 KB
1 KB
Document
General
Full URL
https://www.google.com/recaptcha/api2/bframe?hl=en&v=3kTz7WGoZLQTivI-amNftGZO&k=6Lf1KHQUAAAAAFNKEX1hdSWCS3mRMv4FlFaNslaD
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/3kTz7WGoZLQTivI-amNftGZO/recaptcha__en.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:806::2004 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
ba5558c1c192a93f9bda4e05378466d5eff871b99a81e4d9eb0dd1bf4858bf77
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce--O49sCG7Tpx1ihz-Lo5Vog' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://itsallinanutshell.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-length
1158
content-security-policy
script-src 'report-sample' 'nonce--O49sCG7Tpx1ihz-Lo5Vog' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 18 Aug 2023 00:27:02 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 0F8E
Redirect Chain
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEEfsSNmq_kdW-Y16cfuFOug&google_cver=1&google_push=AXcoOmS2o0V2APpc8KWA4UleAiA0-eDgGgVvBhunflWkI2ZRWzEUJqoSLrYQEL9PhIAGaXy4KV9XiafqAUE3HeyIOv02mF_P3tgy
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MjcwMDU1ODIwNTY3NjQyMzY3OQ==&gdpr=0&gdpr_consent=
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=0&gdpr_consent=&google_gid=CAESEEfsSNmq_kdW-Y16cfuFOug&google_cver=1
43 B
398 B
Image
General
Full URL
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=0&gdpr_consent=&google_gid=CAESEEfsSNmq_kdW-Y16cfuFOug&google_cver=1
Requested by
Host: f9aff9bef49e1270a22b691c950b742a.safeframe.googlesyndication.com
URL: https://f9aff9bef49e1270a22b691c950b742a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
2620:112:f002:bbbb::21 , United States, ASN6336 (TURN-US-ASN, US),
Reverse DNS
Software
/
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Fri, 18 Aug 2023 00:27:02 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
43
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma
no-cache
date
Fri, 18 Aug 2023 00:27:02 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=0&gdpr_consent=&google_gid=CAESEEfsSNmq_kdW-Y16cfuFOug&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
330
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
i.match
a.tribalfusion.com/ Frame 0F8E
43 B
477 B
Image
General
Full URL
https://a.tribalfusion.com/i.match?p=b6&u=CAESEBu59SxitdGROYU5vtEGS0o&google_cver=1&google_push=AXcoOmQBsQdw0I8UtQhVDyyFI49ZZWd7VIbOGYhbzrsYCWQ914ErjdlN1Q8bCwlU1VhpwmPknMFSQWlLap9lSvUiq3mH5zaLn7Fv&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmQBsQdw0I8UtQhVDyyFI49ZZWd7VIbOGYhbzrsYCWQ914ErjdlN1Q8bCwlU1VhpwmPknMFSQWlLap9lSvUiq3mH5zaLn7Fv%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by
Host: f9aff9bef49e1270a22b691c950b742a.safeframe.googlesyndication.com
URL: https://f9aff9bef49e1270a22b691c950b742a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 00:27:02 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
content-type
image/gif; charset=utf-8
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
7f86075ab9754bc1-BUF
alt-svc
h3=":443"; ma=86400
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT
asr
aid.send.microad.jp/g/ Frame 0F8E
43 B
641 B
Image
General
Full URL
https://aid.send.microad.jp/g/asr?google_gid=CAESEA2rj3nBxg_QhOcZoXDU2YQ&google_cver=1&google_push=AXcoOmSDUKTBvEamtf0RDw8dCibS_kKWh_iCupJReQo9DPClkcwPYYDsEio3rL92SdqBfBBM2fb_tho01CiatNQ2DT8yRV_axYr6
Requested by
Host: f9aff9bef49e1270a22b691c950b742a.safeframe.googlesyndication.com
URL: https://f9aff9bef49e1270a22b691c950b742a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
202.233.84.1 , Japan, ASN131957 (MICROAD MicroAd, Inc., JP),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=3600

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date
Fri, 18 Aug 2023 00:27:02 GMT
Strict-Transport-Security
max-age=3600
Server
Apache
P3P
policyref="http://www.microad.jp/w3c/p3p.xml",CP="NOI DSP COR NID DEVo PSAo OUR STP STA PRE"
Access-Control-Allow-Origin
*
Content-Type
image/gif
Connection
close
Access-Control-Allow-Headers
origin, x-requested-with, If-Modified-Since, content-type, Pragma, Cache-Control
Content-Length
43
pixel
cm.g.doubleclick.net/ Frame 0F8E
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmQlJM...
  • https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-pkQrQ5uicCFx8Xhx-m3qrR9J51JoM9t2WwiXTg&google_push=AXcoOmQlJMqW7caljMwcXPlxd_DmMjBcyKhrcqahhjatZTJqmmAKNH4ouYK6xrfaQY7duDN5Vzv9seUsXDv7...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-pkQrQ5uicCFx8Xhx-m3qrR9J51JoM9t2WwiXTg&google_push=AXcoOmQlJMqW7caljMwcXPlxd_DmMjBcyKhrcqahhjatZTJqmmAKNH4ouYK6xrfaQY7duDN5Vzv9seUsXDv7LyRIhgapGJdMr21_
Requested by
Host: f9aff9bef49e1270a22b691c950b742a.safeframe.googlesyndication.com
URL: https://f9aff9bef49e1270a22b691c950b742a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.176.194 Grosse Pointe, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s37-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 00:27:02 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 18 Aug 2023 00:27:01 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-pkQrQ5uicCFx8Xhx-m3qrR9J51JoM9t2WwiXTg&google_push=AXcoOmQlJMqW7caljMwcXPlxd_DmMjBcyKhrcqahhjatZTJqmmAKNH4ouYK6xrfaQY7duDN5Vzv9seUsXDv7LyRIhgapGJdMr21_
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
767002
content-length
0
expires
Fri, 18 Aug 2023 00:00:00 GMT
0.gif
id5-sync.com/i/495/ Frame 0F8E
Redirect Chain
  • https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEFION3mOndIF4bT6XmEhz-U&google_cver=1&google_push=AXcoOmSZ_yl06W5QC-oQRT_I0TMrRNyj8B_Wqg7QLl_hwJts9bO3SHLEghYjp4wxu2l545lSOEsLZZ5TJoNRXu7u...
  • https://cm.g.doubleclick.net/pixel?google_nid=smaato&gdpr=0&gdpr_consent=&google_hm=bc5bc3dc17&google_redir=https%3A%2F%2Fs.ad.smaato.net%2Fc%2F%3FadExInit%3Dg%26gdpr%3D0%26gdpr_consent%3D
  • https://s.ad.smaato.net/c/?adExInit=g&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=
  • https://sync.inmobi.com/oRTB?redirect=https%3A%2F%2Fs.ad.smaato.net%2Fc%2F%3FdspCookie%3D%7BID5UID%7D%26dspId%3D1001980%26gdpr%3D0%26gdpr_consent%3D,&gdpr=0&gdpr_consent=,
  • https://id5-sync.com/i/495/0.gif?gdpr_consent=,&gdpr=1&callback=https%3A%2F%2Fs.ad.smaato.net%2Fc%2F%3FdspCookie%3D%7BID5UID%7D%26dspId%3D1001980%26gdpr%3D0%26gdpr_consent%3D%2C
43 B
1 KB
Image
General
Full URL
https://id5-sync.com/i/495/0.gif?gdpr_consent=,&gdpr=1&callback=https%3A%2F%2Fs.ad.smaato.net%2Fc%2F%3FdspCookie%3D%7BID5UID%7D%26dspId%3D1001980%26gdpr%3D0%26gdpr_consent%3D%2C
Requested by
Host: f9aff9bef49e1270a22b691c950b742a.safeframe.googlesyndication.com
URL: https://f9aff9bef49e1270a22b691c950b742a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Server
162.19.138.117 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533568.ip-162-19-138.eu
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-type
image/gif;charset=UTF-8
date
Fri, 18 Aug 2023 00:27:02 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
transfer-encoding
chunked
p3p
CP="CAO PSA OUR"

Redirect headers

date
Fri, 18 Aug 2023 00:27:02 GMT
content-security-policy
default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; includeSubDomains
x-permitted-cross-domain-policies
none
referrer-policy
no-referrer
expect-ct
max-age=0
x-dns-prefetch-control
off
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=utf-8
location
https://id5-sync.com/i/495/0.gif?gdpr_consent=,&gdpr=1&callback=https%3A%2F%2Fs.ad.smaato.net%2Fc%2F%3FdspCookie%3D%7BID5UID%7D%26dspId%3D1001980%26gdpr%3D0%26gdpr_consent%3D%2C
x-download-options
noopen
vary
Accept
content-length
199
x-xss-protection
0
pixel
cm.g.doubleclick.net/ Frame 0F8E
Redirect Chain
  • https://tg.socdm.com/rtb/sync_before?proto=google_ebda&google_gid=CAESEAjLP-DzdLsRmU3_r0gotPw&google_cver=1&google_push=AXcoOmRsVVh-T4_H7uYQr47K7PAXv2cQtYKx84K88pLgFSn5aHCmhpUO6h_SH3KgNquQpABaXYaDW...
  • https://cm.g.doubleclick.net/pixel?google_nid=ad_generation_eb&google_push=AXcoOmRsVVh-T4_H7uYQr47K7PAXv2cQtYKx84K88pLgFSn5aHCmhpUO6h_SH3KgNquQpABaXYaDWx93WQ5HdNcxhgVIcXm8Y3YS&google_hm=Wk42NjBzQ28...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=ad_generation_eb&google_push=AXcoOmRsVVh-T4_H7uYQr47K7PAXv2cQtYKx84K88pLgFSn5aHCmhpUO6h_SH3KgNquQpABaXYaDWx93WQ5HdNcxhgVIcXm8Y3YS&google_hm=Wk42NjBzQ284WDhBQUdob0hFb0FBQUFB
Requested by
Host: f9aff9bef49e1270a22b691c950b742a.safeframe.googlesyndication.com
URL: https://f9aff9bef49e1270a22b691c950b742a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.176.194 Grosse Pointe, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s37-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 00:27:02 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Fri, 18 Aug 2023 00:27:02 GMT
X-SO-LB-Data
{"ban":false,"clean_query":"\/rtb\/sync_before?proto=google_ebda&google_gid=CAESEAjLP-DzdLsRmU3_r0gotPw&google_cver=1&google_push=AXcoOmRsVVh-T4_H7uYQr47K7PAXv2cQtYKx84K88pLgFSn5aHCmhpUO6h_SH3KgNquQpABaXYaDWx93WQ5HdNcxhgVIcXm8Y3YS","cluster_id":0,"gdpr":false,"ipv4":"96.9.249.38","key":"ZN660sCo8X8AAGhoHEoAAAAA","privacy_sensitive":false,"uid":"ZN660sCo8X8AAGhoHEoAAAAA","upstream_id":"m-ad400"}
X-SO-Key
ZN660sCo8X8AAGhoHEoAAAAA
X-SO-Upstream-ID
m-ad400
P3P
CP="See also http://www.scaleout.jp/privacy/"
X-SO-HostName
m-ad400.dc4p.scaleout.jp
X-SO-UID
ZN660sCo8X8AAGhoHEoAAAAA
Connection
keep-alive
Content-Length
0
X-SO-IP
96.9.249.38
X-SO-Cluster-ID
0
Server
nginx
Location
https://cm.g.doubleclick.net/pixel?google_nid=ad_generation_eb&google_push=AXcoOmRsVVh-T4_H7uYQr47K7PAXv2cQtYKx84K88pLgFSn5aHCmhpUO6h_SH3KgNquQpABaXYaDWx93WQ5HdNcxhgVIcXm8Y3YS&google_hm=Wk42NjBzQ284WDhBQUdob0hFb0FBQUFB
Cache-Control
private
X-SO-Ads-Time
23
X-SO-LB-Hostname
m-tgng27.dc4p.scaleout.jp
spacer.gif
an.yandex.ru/resource/ Frame 0F8E
Redirect Chain
  • https://an.yandex.ru/mapuid/google/CAESEL1m1CjFt64TUlcks-Hn3RY?ext-param=AXcoOmRWHLrBKntTC1XpZJgu6Y5YkS_asYqtHVFu5jaAY7pTKsSDKUBKveQdODydg9rSWKJr-i4JQP4p1XnIriJt_v1oXXoiLouhaA&partner-tag=yandex_ag...
  • https://an.yandex.ru/mapuid/google/CAESEL1m1CjFt64TUlcks-Hn3RY?redir-setuniq=1&ext-param=AXcoOmRWHLrBKntTC1XpZJgu6Y5YkS_asYqtHVFu5jaAY7pTKsSDKUBKveQdODydg9rSWKJr-i4JQP4p1XnIriJt_v1oXXoiLouhaA&partn...
  • https://cm.g.doubleclick.net/pixel?google_nid=yandex_ag&google_hm=CAESEL1m1CjFt64TUlcks-Hn3RY&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif
  • https://an.yandex.ru/resource/spacer.gif
43 B
168 B
Image
General
Full URL
https://an.yandex.ru/resource/spacer.gif
Requested by
Host: f9aff9bef49e1270a22b691c950b742a.safeframe.googlesyndication.com
URL: https://f9aff9bef49e1270a22b691c950b742a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 00:27:03 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Wed, 18 Apr 2001 10:28:03 GMT
content-type
image/gif
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Fri, 02 Aug 2024 00:27:03 GMT

Redirect headers

pragma
no-cache
date
Fri, 18 Aug 2023 00:27:02 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://an.yandex.ru/resource/spacer.gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
237
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame 0F8E
0
12 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LyxkNyHVMWuX8DIgcO1-3naZDfAgVn0hKA-Pzf93mfiAyHmuqkXLvuEJ-Wc7UmbdwZ3K6L9w
Requested by
Host: f9aff9bef49e1270a22b691c950b742a.safeframe.googlesyndication.com
URL: https://f9aff9bef49e1270a22b691c950b742a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.176.194 Grosse Pointe, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s37-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 00:27:02 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
gen_204
pagead2.googlesyndication.com/pagead/ Frame DAC5
0
0
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?step=receivedResponse&time=1692318422180&timeout=f&logid=0.28259196349550475&timediff=331&lid=43&sdkv=h.3.585.0&e=44751890%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275%2C44797735&id=ima_html5&c=2463457510211319&domain=itsallinanutshell.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.585.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2002 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 00:27:02 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame DAC5
0
0
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?rt=xfp&lid=17&sdkv=h.3.585.0&e=44751890%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275%2C44797735&id=ima_html5&c=2463457510211319&domain=itsallinanutshell.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.585.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2002 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 00:27:02 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame DAC5
0
0
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?contentLocation=flat&lid=160&sdkv=h.3.585.0&e=44751890%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275%2C44797735&id=ima_html5&c=2463457510211319&domain=itsallinanutshell.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.585.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2002 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 00:27:02 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
pubads.g.doubleclick.net/gampad/ Frame DAC5
156 B
186 B
XHR
General
Full URL
https://pubads.g.doubleclick.net/gampad/ads?correlator=1137696773424398&description_url=https%3A%2F%2Fitsallinanutshell.com%2F&env=vp&gdfp_req=1&output=xml_vast4&sz=400x300%7C640x480%7C640x360%7C300x168&unviewed_position_start=1&url=https%3A%2F%2Fitsallinanutshell.com%2F&ad_type=outstream_video&hl=en&max_ad_duration=30000&npa=0&tfcd=0&vpmute=0&iu=%2F21732118914%2C22975044942%2Fitsallinanutshell_com-outstream-video-1&vid_t=outstream&vpa=click&cust_params=act%3D1%26ap%3D1%26d%3D496996%26eb_br%3D8e2d589a04d2a07b8344f6816b701b81%26ft%3D0%26ic%3D1%26iid1%3D2513559983666239%26plat%3D1%26t%3D0%26tap%3Ditsallinanutshell_com-outstream-video-1-2513559983666239&sdkv=h.3.585.0&osd=2&frm=0&vis=1&sdr=1&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&us_privacy=1---&sdki=445&ptt=20&adk=1223778887&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.585.0&sid=7648EDD4-4E4E-40C2-991F-8B2E54FF1B1B&nel=0&eid=44751890%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275%2C44797735&top=https%3A%2F%2Fitsallinanutshell.com%2F&loc=https%3A%2F%2Fitsallinanutshell.com%2F&dlt=1692318414472&idt=1455&dt=1692318422182&cookie=ID%3D873143505799b32e%3AT%3D1692318415%3ART%3D1692318415%3AS%3DALNI_MZKdxWcwhATBS_BWyj8cEreudmDwA&gpic=UID%3D00000d8c0537ff80%3AT%3D1692318415%3ART%3D1692318415%3AS%3DALNI_MaCTkwevePLqFczOym_Lp657bBqwA&scor=1727591382531775&ged=ve4_td8_tt6_pd8_la8000_er0.0.0.0_vi0.0.1200.1600_vp0_ts2_eb16491
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.585.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80c::2002 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 00:27:02 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
match
events-ssc.33across.com/ Frame B878
68 B
82 B
Image
General
Full URL
https://events-ssc.33across.com/match?liv=h&us_privacy=&bidder_id=70&external_user_id=a76b1b51-7b34-49a5-9fa9-d29b8dfae6e4
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 00:27:02 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
content-type
image/png
sd
eu-u.openx.net/w/1.0/ Frame B878
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=22
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=6684631721631464360
43 B
172 B
Image
General
Full URL
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=6684631721631464360
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
Protocol
H2
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 00:27:02 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 18 Aug 2023 00:27:02 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=6684631721631464360
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
sd
us-u.openx.net/w/1.0/ Frame B878
Redirect Chain
  • https://cms.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=tMpakuCfXZGvyFqVsJoTxrDOWJWvz13AsJhhvaIO
43 B
61 B
Image
General
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=tMpakuCfXZGvyFqVsJoTxrDOWJWvz13AsJhhvaIO
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 00:27:02 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 18 Aug 2023 00:27:02 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=tMpakuCfXZGvyFqVsJoTxrDOWJWvz13AsJhhvaIO
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame B878
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=openx
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=99a3228b-b5ec-4ed0-ab3b-c41988f8f0a6&ssp=openx&gdpr=&gdpr_consent=
  • https://x.bidswitch.net/sync?dsp_id=419&user_id=10594366287868868051&ssp=openx&gdpr=&gdpr_consent=
  • https://us-u.openx.net/w/1.0/sd?id=537072968&val=99a3228b-b5ec-4ed0-ab3b-c41988f8f0a6&gdpr=&gdpr_consent=&us_privacy=
43 B
61 B
Image
General
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072968&val=99a3228b-b5ec-4ed0-ab3b-c41988f8f0a6&gdpr=&gdpr_consent=&us_privacy=
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 00:27:02 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Location
//us-u.openx.net/w/1.0/sd?id=537072968&val=99a3228b-b5ec-4ed0-ab3b-c41988f8f0a6&gdpr=&gdpr_consent=&us_privacy=
Date
Fri, 18 Aug 2023 00:27:02 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
sd
us-u.openx.net/w/1.0/ Frame B878
Redirect Chain
  • https://p.rfihub.com/cm?pub=25&in=1
  • https://us-u.openx.net/w/1.0/sd?id=537073062&val=970033166257797130
43 B
61 B
Image
General
Full URL
https://us-u.openx.net/w/1.0/sd?id=537073062&val=970033166257797130
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 00:27:02 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Location
https://us-u.openx.net/w/1.0/sd?id=537073062&val=970033166257797130
Date
Fri, 18 Aug 2023 00:27:02 GMT
Server
Jetty(9.4.51.v20230217)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
sd
us-u.openx.net/w/1.0/ Frame B878
Redirect Chain
  • https://um.simpli.fi/ox_match
  • https://us-u.openx.net/w/1.0/sd?id=537072966&val=7ECD5403DF2A44CEA68AD742A23A3A42
43 B
61 B
Image
General
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072966&val=7ECD5403DF2A44CEA68AD742A23A3A42
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 00:27:02 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

date
Fri, 18 Aug 2023 00:27:02 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://us-u.openx.net/w/1.0/sd?id=537072966&val=7ECD5403DF2A44CEA68AD742A23A3A42
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Thu, 17 Aug 2023 00:27:02 GMT
57424
i6.liadm.com/s/ Frame B878
Redirect Chain
  • https://i.liadm.com/s/57424?bidder_id=206088&bidder_uuid=d1b6cbbb-9265-433b-b118-214d0d38b554
  • https://i6.liadm.com/s/57424?bidder_id=206088&bidder_uuid=d1b6cbbb-9265-433b-b118-214d0d38b554
43 B
548 B
Image
General
Full URL
https://i6.liadm.com/s/57424?bidder_id=206088&bidder_uuid=d1b6cbbb-9265-433b-b118-214d0d38b554
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
Protocol
HTTP/1.1
Server
2600:1f18:ed:550e:6ec0:9bc:6a32:779a Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date
Fri, 18 Aug 2023 00:27:02 GMT
Cache-Control
no-store
Strict-Transport-Security
max-age=31536000; includeSubDomains
Connection
keep-alive
Content-Length
43
Request-Time
1
Content-Type
image/gif

Redirect headers

Location
https://i6.liadm.com/s/57424?bidder_id=206088&bidder_uuid=d1b6cbbb-9265-433b-b118-214d0d38b554
Date
Fri, 18 Aug 2023 00:27:02 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Connection
keep-alive
Content-Length
0
Request-Time
2
g.pixel
aa.agkn.com/adscores/ Frame B878
43 B
658 B
Image
General
Full URL
https://aa.agkn.com/adscores/g.pixel?sid=9212314908&puid=cd82f741-ea73-42db-99dc-51c10768e69d
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.128.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-128-21.jfk50.r.cloudfront.net
Software
AAWebServer /
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 00:27:02 GMT
via
1.1 609b92127df3778f333c9eba7213368e.cloudfront.net (CloudFront)
server
AAWebServer
x-amz-cf-pop
JFK50-P4
access-control-allow-methods
GET, POST, OPTIONS
p3p
policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
x-cache
Miss from cloudfront
access-control-allow-headers
accept, cache-control, origin, x-requested-with, x-file-name, content-type
content-length
43
x-amz-cf-id
RQet_Ieo-KwqdWCdjvMs-hUF2POzzaqUk5VB_ihCZppFCrkXd7NjGA==
expires
0
/
bpi.rtactivate.com/tag/ Frame B878
43 B
108 B
Image
General
Full URL
https://bpi.rtactivate.com/tag/?id=50019&user_id=4f2f3cc0-7a37-4b36-9535-f2427556116a
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.216.72.86 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-216-72-86.compute-1.amazonaws.com
Software
awselb/2.0 /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 00:27:02 GMT
server
awselb/2.0
content-length
43
content-type
image/gif
37274
stags.bluekai.com/site/ Frame B878
62 B
458 B
Image
General
Full URL
https://stags.bluekai.com/site/37274?limit=1&id=f6144f99-90c8-44cb-8969-426f1cfe1408
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.107.25.203 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-107-25-203.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 00:27:02 GMT
content-type
image/gif
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
cache-control
max-age=0, no-cache, no-store
content-length
62
bk-server
41a8
expires
Thu, 01 Dec 1994 16:00:00 GMT
709996.gif
id.rlcdn.com/ Frame B878
42 B
60 B
Image
General
Full URL
https://id.rlcdn.com/709996.gif
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/cm?id=c6a5ba0d-ce02-41bd-a1ea-842c68bd5108&ph=8f5ed5d4-642c-4222-968a-d709c87ac3c8&us_privacy=&r=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D70%26external_user_id%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.60.190.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 00:27:02 GMT
via
1.1 google
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
pixel
cm.g.doubleclick.net/ Frame 1A63
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=Wk42NjBnQUphTGlzWWdBYg==&google_gid=CAESENCpylh9ZcdLjYvvFF-Zuqs&google_cver=1&google_push=AXcoOmRYBduuOOfCeE1pwKMS73cGi6_klm...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=Wk42NjBnQUphTGlzWWdBYg==&google_gid=CAESENCpylh9ZcdLjYvvFF-Zuqs&google_cver=1&google_push=AXcoOmRYBduuOOfCeE1pwKMS73cGi6_klmB7CVVL5prWdQPvp5n1djtAm7IaUykX1dG2Gj2Gy3-m8Y3DQKN0zXA-TU8xjC-_VY8
Requested by
Host: f9aff9bef49e1270a22b691c950b742a.safeframe.googlesyndication.com
URL: https://f9aff9bef49e1270a22b691c950b742a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.176.194 Grosse Pointe, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s37-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 00:27:02 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by
cache-yyz4533-YYZ
pragma
no-cache
date
Fri, 18 Aug 2023 00:27:02 GMT
via
1.1 varnish
server
Varnish
x-timer
S1692318422.211910,VS0,VE0
x-cache
HIT
location
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=Wk42NjBnQUphTGlzWWdBYg==&google_gid=CAESENCpylh9ZcdLjYvvFF-Zuqs&google_cver=1&google_push=AXcoOmRYBduuOOfCeE1pwKMS73cGi6_klmB7CVVL5prWdQPvp5n1djtAm7IaUykX1dG2Gj2Gy3-m8Y3DQKN0zXA-TU8xjC-_VY8
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
AdxPixel
tr.blismedia.com/v1/api/sync/ Frame 1A63
0
174 B
Image
General
Full URL
https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEKkAfyiU-U6WbFZkMhchuAI&google_cver=1&google_push=AXcoOmS6DXZDCOh2ielxmIkJWekrfIuMb5iLNkv-wG3SCbKiBuI76Zf40izxHyp7s1niCdjcDiT8hc9J_14I-HcBBsGIAL6lYP8
Requested by
Host: f9aff9bef49e1270a22b691c950b742a.safeframe.googlesyndication.com
URL: https://f9aff9bef49e1270a22b691c950b742a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.105.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.105.96.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 00:27:02 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
pixel
cm.g.doubleclick.net/ Frame 1A63
Redirect Chain
  • https://fksnk.com/cs/google?google_gid=CAESEOjRTQUjWx0Bvt-c35IZGK4&google_cver=1&google_push=AXcoOmTNpWXmuDQWPEZn8s_x1oXIHEhhnZF6J-GY5T8Eg4Hq6nL13htLIolQ8djIHtpjW1v2Igy7pgDMq-KtqTuLuSB1nDNyQxE
  • https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=RUZCMTAzQ0I0Q0MzNzhCQw==
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=RUZCMTAzQ0I0Q0MzNzhCQw==
Requested by
Host: f9aff9bef49e1270a22b691c950b742a.safeframe.googlesyndication.com
URL: https://f9aff9bef49e1270a22b691c950b742a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.176.194 Grosse Pointe, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s37-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 00:27:02 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=RUZCMTAzQ0I0Q0MzNzhCQw==
date
Fri, 18 Aug 2023 00:27:02 GMT
content-language
en-US
content-type
text/html;charset=ISO-8859-1
pixel
cm.g.doubleclick.net/ Frame 1A63
Redirect Chain
  • https://s.uuidksinc.net/match/47/?remote_uid=CAESEL5UyprqgKZpY1szZidPS04&c_param1=AXcoOmRPK8XN3QmiUNrZ57S2dWj46eHZyBHorsCzsRWYvUxOhp_CgT5XkvHbdfmWPRrZ5DmDjmw__gUOvGTBpTsRalEutT7XIA&gdpr=%%GDPR%%&ad...
  • https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=AXcoOmRPK8XN3QmiUNrZ57S2dWj46eHZyBHorsCzsRWYvUxOhp_CgT5XkvHbdfmWPRrZ5DmDjmw__gUOvGTBpTsRalEutT7XIA
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=AXcoOmRPK8XN3QmiUNrZ57S2dWj46eHZyBHorsCzsRWYvUxOhp_CgT5XkvHbdfmWPRrZ5DmDjmw__gUOvGTBpTsRalEutT7XIA
Requested by
Host: f9aff9bef49e1270a22b691c950b742a.safeframe.googlesyndication.com
URL: https://f9aff9bef49e1270a22b691c950b742a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.176.194 Grosse Pointe, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s37-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 00:27:02 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=AXcoOmRPK8XN3QmiUNrZ57S2dWj46eHZyBHorsCzsRWYvUxOhp_CgT5XkvHbdfmWPRrZ5DmDjmw__gUOvGTBpTsRalEutT7XIA
date
Fri, 18 Aug 2023 00:27:02 GMT
server
nginx/1.23.2
content-length
0
pixel
cm.g.doubleclick.net/ Frame 1A63
Redirect Chain
  • https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEIzCc1aVgg52IZEHNjIdSkk&google_cver=1&google_push=AXcoOmT6Mxqe2rR6S5-sLs55RY1oLGrh8csCTmZEMg8rtmRyAcxMp8mPDFeWChYAoVuEvTsSFtPZn-_ISvmo...
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmT6Mxqe2rR6S5-sLs55RY1oLGrh8csCTmZEMg8rtmRyAcxMp8mPDFeWChYAoVuEvTsSFtPZn-_ISvmovFrn-KJ1WFsppw4
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmT6Mxqe2rR6S5-sLs55RY1oLGrh8csCTmZEMg8rtmRyAcxMp8mPDFeWChYAoVuEvTsSFtPZn-_ISvmovFrn-KJ1WFsppw4
Requested by
Host: f9aff9bef49e1270a22b691c950b742a.safeframe.googlesyndication.com
URL: https://f9aff9bef49e1270a22b691c950b742a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.176.194 Grosse Pointe, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s37-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 00:27:02 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmT6Mxqe2rR6S5-sLs55RY1oLGrh8csCTmZEMg8rtmRyAcxMp8mPDFeWChYAoVuEvTsSFtPZn-_ISvmovFrn-KJ1WFsppw4
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
pixel
cm.g.doubleclick.net/ Frame 1A63
Redirect Chain
  • https://im.bluevoox.com/pixel?s1=2&s2=203601&s3=m52eksbsgbowze8o&cm=1&rd=1&google_gid=CAESENcZCY3QPq3fqS69Txw_UYk&google_cver=1&google_push=AXcoOmS1V7w61Gu181pauRQ63yRk6Anz1EjEB-TtQxT2HPci3kgIlmsyx...
  • https://cm.g.doubleclick.net/pixel?google_nid=do_global&google_push=AXcoOmS1V7w61Gu181pauRQ63yRk6Anz1EjEB-TtQxT2HPci3kgIlmsyxC5u_Jrz5j6uysxmc5WMmOC8NbzK7bQVJ5OkuHVHPpJt&google_hm=QlMuYjk5NS1hMzFiLT...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=do_global&google_push=AXcoOmS1V7w61Gu181pauRQ63yRk6Anz1EjEB-TtQxT2HPci3kgIlmsyxC5u_Jrz5j6uysxmc5WMmOC8NbzK7bQVJ5OkuHVHPpJt&google_hm=QlMuYjk5NS1hMzFiLTRmMWYtOWM4Mw==
Requested by
Host: f9aff9bef49e1270a22b691c950b742a.safeframe.googlesyndication.com
URL: https://f9aff9bef49e1270a22b691c950b742a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.176.194 Grosse Pointe, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s37-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 00:27:02 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=do_global&google_push=AXcoOmS1V7w61Gu181pauRQ63yRk6Anz1EjEB-TtQxT2HPci3kgIlmsyxC5u_Jrz5j6uysxmc5WMmOC8NbzK7bQVJ5OkuHVHPpJt&google_hm=QlMuYjk5NS1hMzFiLTRmMWYtOWM4Mw==
Date
Fri, 18 Aug 2023 00:27:02 GMT
Server
openresty
Connection
close
Content-Length
142
Content-Type
text/html
pixel
cm.g.doubleclick.net/ Frame 1A63
Redirect Chain
  • https://b1sync.zemanta.com/usersync/googleopenbidding/?google_gid=CAESECH8rSXhF8UPtE1Yx9XIXTU&google_cver=1&google_push=AXcoOmQxT0Hp6KfySaxFc5lg3kwfx0WGoqS9QPHGfsyG4aBdf-AOz4laS8B07asxcM33Bpc_1VpWn...
  • https://cm.g.doubleclick.net/pixel?google_nid=outbrain_eb&google_push=AXcoOmQxT0Hp6KfySaxFc5lg3kwfx0WGoqS9QPHGfsyG4aBdf-AOz4laS8B07asxcM33Bpc_1VpWn3FK7eGPhkC9Ku-1o3Id6ZIC&google_hm=WENyZkxyanJFOGpm...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=outbrain_eb&google_push=AXcoOmQxT0Hp6KfySaxFc5lg3kwfx0WGoqS9QPHGfsyG4aBdf-AOz4laS8B07asxcM33Bpc_1VpWn3FK7eGPhkC9Ku-1o3Id6ZIC&google_hm=WENyZkxyanJFOGpmVExFTXVBN0g=
Requested by
Host: f9aff9bef49e1270a22b691c950b742a.safeframe.googlesyndication.com
URL: https://f9aff9bef49e1270a22b691c950b742a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.176.194 Grosse Pointe, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s37-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 00:27:02 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 18 Aug 2023 00:27:02 GMT
Content-Type
text/html; charset=utf-8
Location
https://cm.g.doubleclick.net/pixel?google_nid=outbrain_eb&google_push=AXcoOmQxT0Hp6KfySaxFc5lg3kwfx0WGoqS9QPHGfsyG4aBdf-AOz4laS8B07asxcM33Bpc_1VpWn3FK7eGPhkC9Ku-1o3Id6ZIC&google_hm=WENyZkxyanJFOGpmVExFTXVBN0g=
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
240
Expires
Thu, 01 Dec 1994 16:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame 1A63
0
12 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13J7mMJZhx5l0CnPxawz-cesV1x_pOrnM8UanYISHeqA1y6vGX0jPUUbChb2JtItLeDRmACT608
Requested by
Host: f9aff9bef49e1270a22b691c950b742a.safeframe.googlesyndication.com
URL: https://f9aff9bef49e1270a22b691c950b742a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.176.194 Grosse Pointe, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s37-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 00:27:02 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
all
csm.us.criteo.net/ Frame 3B86
0
128 B
Ping
General
Full URL
https://csm.us.criteo.net/all?cppv=3&cpp=DTgy9FzppUpv7SBAQZfuap0U4pArbCCQelfXMdICIlf7snmpgLFmLPg2N3TUnLIpG2fQoF0HP-99qIL3Sv_5KlASLInRJULHqjdpE1cPj6JoarmMLy7-2ogU4g-bmPOIMJDuXSDgBcwcyQ9xFU1zU7MLA74q3brcUWfaqLfgHR0B4J9N2A0BISJZsKBaUrryUG6M9BmJXouQVS4GbHj5ausAixlPmCEK1QIe44f9G-Gx_4VMOlDcPlB57-uQ1M27iE8Rhnrzbif1i95R&sds=2&rev=88037&sendBeacon=true
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZN661AAM2KMKcQcGAA7PGOjH8m904Lmu7T3c5g&u=%7CkJTEXR2E7n6H2vMt%2FbpcigZmNUYqrqcweD2ddrMHON4%3D%7C&c1=rrpYFVpNqCuoMy_CN5j4rxwPFZaGZeBOQ-EedF60xEliq5YP9z1apJap4arQkRalnRQaPAWFzRiIk9kJCWZFKyCGRd_c0B-JXhFAU475GBt8De_gNLdI-YTn0vdIVKRDv5cIbvKIbf1lTLWajec_wXooZ_1e1TlPu1p4zkZ0dHzwcJkJp4wt24E-SoASPe8085DwZGrHLKx7FjRrMhvgma9rqwJBriX7baTe39vKvj8cfT0m_5Jc2R7cvLvgew6g7TA3kr2d3-QlNsbirD9LLwpNYYabYSsIlvfywNviSR0ucUfdLV6I83ZFHfXj5Lti82N4kCza9icTTZQ-zsQS4N_wK2KVtv97vq5H9NMWkz8iVdPo4vv97F_3TuSbIMCQaZ978nLFSVu4Xt_Sxni7uKf_QP82ar-JBLC_IlKnqdFHTP5mq5_q0nhLEN1WEgYRg86kuI_FTEGit_-a1SMhpHJINjOPIB70_mWrd7UCqQNsamMpKH8FM9uFTWj6g8RQpmf2AsCXuj1G-QCSLQecAG1QdwdSdkr7hM-iiRCf9NUcM_vcjAF2IyCVpSGEJ_361UCMOVmk64sfH8rc9W0swyw0Jak29FTQ3im26v5m-45iG_-9YpkhxSsm_eJiQcjqfwxliU6cggFZoYOPmt8yL0z9pMfygojHxB1yfWdP1_4&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC-2Kb1LreZKOxM4aOxAOYnruoApyB77BcosqnqnTAjbcBEAEgAGDJ7o6LwKSMEIIBF2NhLXB1Yi01OTAyMDgzMjg1MzAyNzc5yAEJ4AIAqAMByAMCqgSXAk_QCvkI55bdIAMMppe0X3GLegMEx20iUszlOqNOOQSZBNSvm3CY4nnBz6hOoaBChzIJBU7uw2mT5pmhW1iJRDoxGICQlYM_AatcjbVWcCMVfFHnujKHr5TG6fAb-smBtAgMcKs0rYLX04f_Ud72MGZj2chAZxWQ1M6zVfH40L_K7oqIg8ReiESWTJzt13aPrRKF0sUi75t88oEPqQUR3EP5bg1yB2e47wWGf1uwUlqSk3XBzGVh2Hdp2G5NOQsebVsVs6QSTrBr72PrPPjCjO5pfX1FAphdTZ13Plxgpt68nY_p6-zmHe1IrE7x0Bya7YKT6kG76gCd_OiJNWGIlURpVVzsS20WBkRCUleuJQfPo9Iozy467uAEAYAGw9Szoo-Xu5jwAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBIIgGEQATICigI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3pfle1HgnHpw_VxIs4WptOZPnRdQ%26client%3Dca-pub-5902083285302779%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::16 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.us.criteo.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Fri, 18 Aug 2023 00:27:01 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 3B86
2 KB
1 KB
Image
General
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZN661AAM2KMKcQcGAA7PGOjH8m904Lmu7T3c5g&u=%7CkJTEXR2E7n6H2vMt%2FbpcigZmNUYqrqcweD2ddrMHON4%3D%7C&c1=rrpYFVpNqCuoMy_CN5j4rxwPFZaGZeBOQ-EedF60xEliq5YP9z1apJap4arQkRalnRQaPAWFzRiIk9kJCWZFKyCGRd_c0B-JXhFAU475GBt8De_gNLdI-YTn0vdIVKRDv5cIbvKIbf1lTLWajec_wXooZ_1e1TlPu1p4zkZ0dHzwcJkJp4wt24E-SoASPe8085DwZGrHLKx7FjRrMhvgma9rqwJBriX7baTe39vKvj8cfT0m_5Jc2R7cvLvgew6g7TA3kr2d3-QlNsbirD9LLwpNYYabYSsIlvfywNviSR0ucUfdLV6I83ZFHfXj5Lti82N4kCza9icTTZQ-zsQS4N_wK2KVtv97vq5H9NMWkz8iVdPo4vv97F_3TuSbIMCQaZ978nLFSVu4Xt_Sxni7uKf_QP82ar-JBLC_IlKnqdFHTP5mq5_q0nhLEN1WEgYRg86kuI_FTEGit_-a1SMhpHJINjOPIB70_mWrd7UCqQNsamMpKH8FM9uFTWj6g8RQpmf2AsCXuj1G-QCSLQecAG1QdwdSdkr7hM-iiRCf9NUcM_vcjAF2IyCVpSGEJ_361UCMOVmk64sfH8rc9W0swyw0Jak29FTQ3im26v5m-45iG_-9YpkhxSsm_eJiQcjqfwxliU6cggFZoYOPmt8yL0z9pMfygojHxB1yfWdP1_4&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC-2Kb1LreZKOxM4aOxAOYnruoApyB77BcosqnqnTAjbcBEAEgAGDJ7o6LwKSMEIIBF2NhLXB1Yi01OTAyMDgzMjg1MzAyNzc5yAEJ4AIAqAMByAMCqgSXAk_QCvkI55bdIAMMppe0X3GLegMEx20iUszlOqNOOQSZBNSvm3CY4nnBz6hOoaBChzIJBU7uw2mT5pmhW1iJRDoxGICQlYM_AatcjbVWcCMVfFHnujKHr5TG6fAb-smBtAgMcKs0rYLX04f_Ud72MGZj2chAZxWQ1M6zVfH40L_K7oqIg8ReiESWTJzt13aPrRKF0sUi75t88oEPqQUR3EP5bg1yB2e47wWGf1uwUlqSk3XBzGVh2Hdp2G5NOQsebVsVs6QSTrBr72PrPPjCjO5pfX1FAphdTZ13Plxgpt68nY_p6-zmHe1IrE7x0Bya7YKT6kG76gCd_OiJNWGIlURpVVzsS20WBkRCUleuJQfPo9Iozy467uAEAYAGw9Szoo-Xu5jwAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBIIgGEQATICigI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3pfle1HgnHpw_VxIs4WptOZPnRdQ%26client%3Dca-pub-5902083285302779%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 00:27:02 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 12 Aug 2024 00:27:02 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame 3B86
2 KB
1 KB
Image
General
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZN661AAM2KMKcQcGAA7PGOjH8m904Lmu7T3c5g&u=%7CkJTEXR2E7n6H2vMt%2FbpcigZmNUYqrqcweD2ddrMHON4%3D%7C&c1=rrpYFVpNqCuoMy_CN5j4rxwPFZaGZeBOQ-EedF60xEliq5YP9z1apJap4arQkRalnRQaPAWFzRiIk9kJCWZFKyCGRd_c0B-JXhFAU475GBt8De_gNLdI-YTn0vdIVKRDv5cIbvKIbf1lTLWajec_wXooZ_1e1TlPu1p4zkZ0dHzwcJkJp4wt24E-SoASPe8085DwZGrHLKx7FjRrMhvgma9rqwJBriX7baTe39vKvj8cfT0m_5Jc2R7cvLvgew6g7TA3kr2d3-QlNsbirD9LLwpNYYabYSsIlvfywNviSR0ucUfdLV6I83ZFHfXj5Lti82N4kCza9icTTZQ-zsQS4N_wK2KVtv97vq5H9NMWkz8iVdPo4vv97F_3TuSbIMCQaZ978nLFSVu4Xt_Sxni7uKf_QP82ar-JBLC_IlKnqdFHTP5mq5_q0nhLEN1WEgYRg86kuI_FTEGit_-a1SMhpHJINjOPIB70_mWrd7UCqQNsamMpKH8FM9uFTWj6g8RQpmf2AsCXuj1G-QCSLQecAG1QdwdSdkr7hM-iiRCf9NUcM_vcjAF2IyCVpSGEJ_361UCMOVmk64sfH8rc9W0swyw0Jak29FTQ3im26v5m-45iG_-9YpkhxSsm_eJiQcjqfwxliU6cggFZoYOPmt8yL0z9pMfygojHxB1yfWdP1_4&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC-2Kb1LreZKOxM4aOxAOYnruoApyB77BcosqnqnTAjbcBEAEgAGDJ7o6LwKSMEIIBF2NhLXB1Yi01OTAyMDgzMjg1MzAyNzc5yAEJ4AIAqAMByAMCqgSXAk_QCvkI55bdIAMMppe0X3GLegMEx20iUszlOqNOOQSZBNSvm3CY4nnBz6hOoaBChzIJBU7uw2mT5pmhW1iJRDoxGICQlYM_AatcjbVWcCMVfFHnujKHr5TG6fAb-smBtAgMcKs0rYLX04f_Ud72MGZj2chAZxWQ1M6zVfH40L_K7oqIg8ReiESWTJzt13aPrRKF0sUi75t88oEPqQUR3EP5bg1yB2e47wWGf1uwUlqSk3XBzGVh2Hdp2G5NOQsebVsVs6QSTrBr72PrPPjCjO5pfX1FAphdTZ13Plxgpt68nY_p6-zmHe1IrE7x0Bya7YKT6kG76gCd_OiJNWGIlURpVVzsS20WBkRCUleuJQfPo9Iozy467uAEAYAGw9Szoo-Xu5jwAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBIIgGEQATICigI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3pfle1HgnHpw_VxIs4WptOZPnRdQ%26client%3Dca-pub-5902083285302779%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 00:27:02 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 12 Aug 2024 00:27:02 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 1CB3
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202308150101&jk=244299579352505&rc=null
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2002 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

services
sync.technoratimedia.com/ Frame B2D3
0
0
Document
General
Full URL
https://sync.technoratimedia.com/services?srv=cs&pid=45&uid=$UID$
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156344&userIdMacro=%24UID%24&predirect=https%3A%2F%2Fsync.technoratimedia.com%2Fservices%3Fsrv%3Dcs%26pid%3D45%26uid%3D%24UID%24
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2603:c020:400d:3000:f50:982a:7877:65bd Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-methods
POST,GET,HEAD,OPTIONS
access-control-allow-origin
https://ads.pubmatic.com/
age
0
date
Fri, 18 Aug 2023 00:27:02 GMT
server
nginx
via
1.1 varnish
x-varnish
262648826
styles__ltr.css
www.gstatic.com/recaptcha/releases/3kTz7WGoZLQTivI-amNftGZO/ Frame 5350
55 KB
24 KB
Stylesheet
General
Full URL
https://www.gstatic.com/recaptcha/releases/3kTz7WGoZLQTivI-amNftGZO/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=en&v=3kTz7WGoZLQTivI-amNftGZO&k=6Lf1KHQUAAAAAFNKEX1hdSWCS3mRMv4FlFaNslaD
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:809::2003 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 15 Aug 2023 23:15:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
177104
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24605
x-xss-protection
0
last-modified
Sun, 06 Aug 2023 12:02:10 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 14 Aug 2024 23:15:18 GMT
recaptcha__en.js
www.gstatic.com/recaptcha/releases/3kTz7WGoZLQTivI-amNftGZO/ Frame 5350
438 KB
176 KB
Script
General
Full URL
https://www.gstatic.com/recaptcha/releases/3kTz7WGoZLQTivI-amNftGZO/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=en&v=3kTz7WGoZLQTivI-amNftGZO&k=6Lf1KHQUAAAAAFNKEX1hdSWCS3mRMv4FlFaNslaD
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:809::2003 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
973351a8332ef14670e481d690b0e7d242a6b3c949fdcac75cb767068ee5241c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 22:33:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
93242
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
180114
x-xss-protection
0
last-modified
Sun, 06 Aug 2023 12:02:10 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 15 Aug 2024 22:33:00 GMT
all
csm.us.criteo.net/ Frame 560A
0
127 B
Ping
General
Full URL
https://csm.us.criteo.net/all?cppv=3&cpp=jY8nnFzppUpv7SBAwHgVgRPZaCHcnT8aLySoPYFCfYvb7cblXv7BOQjhw4NP1kRPniOF_-BplGdN2gV9cO5YrDEQW55gjmLsxuCBOEoYZ8tHH00GCzS-HtOqLX1hG0lvcTOHRQS02lLhDc5ZGx-0IW0i-U-0s9hjyk_ghYoON2hjlhJHi7ri7nVQQOHdLj_IsSVF2Ir57plCG2sy-Pg6bixxO9NVCmx2-Y7cummf7yisO9LQL6AWV3i1LOXa_1SvvlcAUZ1aZk48oioR&sds=2&rev=88037&sendBeacon=true
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZN661AAMluUIaAIQAAVVH3AX_h0Jm9RmMgBCJQ&u=%7CkJTEXR2E7n5Sm4KdTlExw3yuuKHAPgFlh07vpQYOmec%3D%7C&c1=TUPLs6ok1IhDgnvJmJgq2b8G6XvEBIvqi4VSciU_LzelNdNdJTtEK_lEZrcR-2V6vqRGFL537dByUwzXjpSA5Ow3obWN48gwzc8YHWzylIlVQ1fL1DisA3RLP01PKoZalfF8iieAiuL9Ti0zHMK4IE5WL2_AmODQ-JwWZ7ZgOkjq-055CZvSb-buq4UmwKu4lpb8IEjtBSpKDOxsb5bogUrIpkINSRZ1cfsEadBIfxyDMu-oW9hVlt4YG4LcRsWqoqVEWjh-66sgrS8W93gj_7v0mYTFb2m4XWu-_nBBI7NQ_g4P-lksRyLGB_8PpydolVXUE5uHi4jexAqXi96UKZQ6A4TYaPi4tZ6wYA3ICrp7u0QoUArNyjR1ya-o7AFULfMwUHXwSEVJCNRUprca2G6RBdGYLLx9IwHrrxB0GWEKWm2KkhghloL9oFxUdWLMfhA64RBYBqzF1EwCQdtxfkaNWl0Jz8-GLQCefP4yvd5x1K6cnpy0ORk-gPzzoWwSm3QcXihQ-jm-zw7lD-nukOYzsosOQ-ngsWYOr6HdL3TRs_DezygmschQmuZmp3JZlfYNRBVSR4Wn_wQx91ZLALfTrI9Rx9dOELpAV29GXFuNAOQkzW1t33r798h3iw0tbG-bMK_3tI5crDr1bX9nry6A9WrhG5cL&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCf6Ma1LreZOWtMpCEoPMPn6qVqAycge-wXKLKp6p0wI23ARABIABgye6Oi8CkjBCCARdjYS1wdWItNTkwMjA4MzI4NTMwMjc3OcgBCeACAKgDAcgDAqoElwJP0N13jtU72H5cWz_68Pgaq7lwxpUFxGL_V2de2YKmBcAUmrePw_Hd6NX7wv2qVhb33muZO85PPCHVcPB3s248zYvMydjS2iKHVvQ5RCSpredJvMDW-zVf6nOnV1FIhTrn8bTEqFxZt5sdn9horo01vWxGaJQfvrlzUQQ3udRCfbKWrP0D1oEYM5QttOK9TPLcVq7byaHk9s9HX7pTL36stnhUJwx4hzELSZEavrPRutFwa5_JsFNtDcZsJzAr9CuC1Mwn1JxTa1XTDewKPd_8ms1DQFjsppuAWNqVD2eZpWuHyrIdl28-EJMAH1L-nGkhDgaKk1gRGD-Kei0GYSUVaMh5-_2jY0pe9Cvh_mZUaOw46WuHJG_gBAGABsPUs6KPl7uY8AGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggSCIBhEAEyAooCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3_OvBywo0wtcx3fjCvCyGoXNzZbg%26client%3Dca-pub-5902083285302779%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::16 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.us.criteo.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Fri, 18 Aug 2023 00:27:01 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 560A
2 KB
1 KB
Image
General
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZN661AAMluUIaAIQAAVVH3AX_h0Jm9RmMgBCJQ&u=%7CkJTEXR2E7n5Sm4KdTlExw3yuuKHAPgFlh07vpQYOmec%3D%7C&c1=TUPLs6ok1IhDgnvJmJgq2b8G6XvEBIvqi4VSciU_LzelNdNdJTtEK_lEZrcR-2V6vqRGFL537dByUwzXjpSA5Ow3obWN48gwzc8YHWzylIlVQ1fL1DisA3RLP01PKoZalfF8iieAiuL9Ti0zHMK4IE5WL2_AmODQ-JwWZ7ZgOkjq-055CZvSb-buq4UmwKu4lpb8IEjtBSpKDOxsb5bogUrIpkINSRZ1cfsEadBIfxyDMu-oW9hVlt4YG4LcRsWqoqVEWjh-66sgrS8W93gj_7v0mYTFb2m4XWu-_nBBI7NQ_g4P-lksRyLGB_8PpydolVXUE5uHi4jexAqXi96UKZQ6A4TYaPi4tZ6wYA3ICrp7u0QoUArNyjR1ya-o7AFULfMwUHXwSEVJCNRUprca2G6RBdGYLLx9IwHrrxB0GWEKWm2KkhghloL9oFxUdWLMfhA64RBYBqzF1EwCQdtxfkaNWl0Jz8-GLQCefP4yvd5x1K6cnpy0ORk-gPzzoWwSm3QcXihQ-jm-zw7lD-nukOYzsosOQ-ngsWYOr6HdL3TRs_DezygmschQmuZmp3JZlfYNRBVSR4Wn_wQx91ZLALfTrI9Rx9dOELpAV29GXFuNAOQkzW1t33r798h3iw0tbG-bMK_3tI5crDr1bX9nry6A9WrhG5cL&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCf6Ma1LreZOWtMpCEoPMPn6qVqAycge-wXKLKp6p0wI23ARABIABgye6Oi8CkjBCCARdjYS1wdWItNTkwMjA4MzI4NTMwMjc3OcgBCeACAKgDAcgDAqoElwJP0N13jtU72H5cWz_68Pgaq7lwxpUFxGL_V2de2YKmBcAUmrePw_Hd6NX7wv2qVhb33muZO85PPCHVcPB3s248zYvMydjS2iKHVvQ5RCSpredJvMDW-zVf6nOnV1FIhTrn8bTEqFxZt5sdn9horo01vWxGaJQfvrlzUQQ3udRCfbKWrP0D1oEYM5QttOK9TPLcVq7byaHk9s9HX7pTL36stnhUJwx4hzELSZEavrPRutFwa5_JsFNtDcZsJzAr9CuC1Mwn1JxTa1XTDewKPd_8ms1DQFjsppuAWNqVD2eZpWuHyrIdl28-EJMAH1L-nGkhDgaKk1gRGD-Kei0GYSUVaMh5-_2jY0pe9Cvh_mZUaOw46WuHJG_gBAGABsPUs6KPl7uY8AGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggSCIBhEAEyAooCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3_OvBywo0wtcx3fjCvCyGoXNzZbg%26client%3Dca-pub-5902083285302779%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 00:27:02 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 12 Aug 2024 00:27:02 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame 560A
2 KB
1 KB
Image
General
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZN661AAMluUIaAIQAAVVH3AX_h0Jm9RmMgBCJQ&u=%7CkJTEXR2E7n5Sm4KdTlExw3yuuKHAPgFlh07vpQYOmec%3D%7C&c1=TUPLs6ok1IhDgnvJmJgq2b8G6XvEBIvqi4VSciU_LzelNdNdJTtEK_lEZrcR-2V6vqRGFL537dByUwzXjpSA5Ow3obWN48gwzc8YHWzylIlVQ1fL1DisA3RLP01PKoZalfF8iieAiuL9Ti0zHMK4IE5WL2_AmODQ-JwWZ7ZgOkjq-055CZvSb-buq4UmwKu4lpb8IEjtBSpKDOxsb5bogUrIpkINSRZ1cfsEadBIfxyDMu-oW9hVlt4YG4LcRsWqoqVEWjh-66sgrS8W93gj_7v0mYTFb2m4XWu-_nBBI7NQ_g4P-lksRyLGB_8PpydolVXUE5uHi4jexAqXi96UKZQ6A4TYaPi4tZ6wYA3ICrp7u0QoUArNyjR1ya-o7AFULfMwUHXwSEVJCNRUprca2G6RBdGYLLx9IwHrrxB0GWEKWm2KkhghloL9oFxUdWLMfhA64RBYBqzF1EwCQdtxfkaNWl0Jz8-GLQCefP4yvd5x1K6cnpy0ORk-gPzzoWwSm3QcXihQ-jm-zw7lD-nukOYzsosOQ-ngsWYOr6HdL3TRs_DezygmschQmuZmp3JZlfYNRBVSR4Wn_wQx91ZLALfTrI9Rx9dOELpAV29GXFuNAOQkzW1t33r798h3iw0tbG-bMK_3tI5crDr1bX9nry6A9WrhG5cL&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCf6Ma1LreZOWtMpCEoPMPn6qVqAycge-wXKLKp6p0wI23ARABIABgye6Oi8CkjBCCARdjYS1wdWItNTkwMjA4MzI4NTMwMjc3OcgBCeACAKgDAcgDAqoElwJP0N13jtU72H5cWz_68Pgaq7lwxpUFxGL_V2de2YKmBcAUmrePw_Hd6NX7wv2qVhb33muZO85PPCHVcPB3s248zYvMydjS2iKHVvQ5RCSpredJvMDW-zVf6nOnV1FIhTrn8bTEqFxZt5sdn9horo01vWxGaJQfvrlzUQQ3udRCfbKWrP0D1oEYM5QttOK9TPLcVq7byaHk9s9HX7pTL36stnhUJwx4hzELSZEavrPRutFwa5_JsFNtDcZsJzAr9CuC1Mwn1JxTa1XTDewKPd_8ms1DQFjsppuAWNqVD2eZpWuHyrIdl28-EJMAH1L-nGkhDgaKk1gRGD-Kei0GYSUVaMh5-_2jY0pe9Cvh_mZUaOw46WuHJG_gBAGABsPUs6KPl7uY8AGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggSCIBhEAEyAooCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3_OvBywo0wtcx3fjCvCyGoXNzZbg%26client%3Dca-pub-5902083285302779%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 00:27:02 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 12 Aug 2024 00:27:02 GMT
syncframe
gum.criteo.com/ Frame 65BF
15 KB
6 KB
Document
General
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=itsallinanutshell.com&us_privacy=1---
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::c , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
c5f572ed80485a43331f587039ef455ab7400d278434cdee0965a0fea35befcf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://itsallinanutshell.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 18 Aug 2023 00:27:02 GMT
server
Kestrel
server-processing-duration-in-ticks
1339100
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
publishertag.prebid.140.js
static.criteo.net/js/ld/
95 KB
31 KB
XHR
General
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.140.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
33849beaed6f34c2defe2ea3610a424d05730d79a9af10e3cf67e070af0694e0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://itsallinanutshell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 00:27:02 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 03 Aug 2023 11:12:29 GMT
server
nginx
etag
W/"64cb8b9d-17ba9"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 19 Aug 2023 00:27:02 GMT
greenoaks.gif
itsallinanutshell.com/detroitchicago/
0
62 B
Ping
General
Full URL
https://itsallinanutshell.com/detroitchicago/greenoaks.gif?orig=0&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiJiNjRmZDFlZC1kZDNjLTQ4ZTMtNDU2ZS01NDVlYWU1OGM4MTUiLCJkb21haW5faWQiOiI0OTY5OTYiLCJ0X2Vwb2NoIjoxNjkyMzE4NDE0LCJkYXRhIjpbeyJuYW1lIjoiZGlzcGxheV9hZF92aWV3cG9ydF9weCIsInZhbCI6IjE5MjAwMCJ9LHsibmFtZSI6ImRpc3BsYXlfYWRfdmlld3BvcnRfY291bnQiLCJ2YWwiOiIzIn0seyJuYW1lIjoibmF0aXZlX2FkX3ZpZXdwb3J0X3B4IiwidmFsIjoiMCJ9LHsibmFtZSI6Im5hdGl2ZV9hZF92aWV3cG9ydF9jb3VudCIsInZhbCI6IjAifSx7Im5hbWUiOiJkaXNwbGF5X2FkX2RvY19weCIsInZhbCI6IjI1NzUyMCJ9LHsibmFtZSI6ImRpc3BsYXlfYWRfZG9jX2NvdW50IiwidmFsIjoiMyJ9LHsibmFtZSI6Im5hdGl2ZV9hZF9kb2NfcHgiLCJ2YWwiOiIwIn0seyJuYW1lIjoibmF0aXZlX2FkX2RvY19jb3VudCIsInZhbCI6IjAifSx7Im5hbWUiOiJ2aWV3cG9ydF9zaXplIiwidmFsIjoiMTYwMHgxMjAwIn0seyJuYW1lIjoidmlld3BvcnRfcHgiLCJ2YWwiOiIxOTIwMDAwIn0seyJuYW1lIjoiZG9jX3B4IiwidmFsIjoiNTM2MDAwMCJ9LHsibmFtZSI6ImRvY19oZWlnaHQiLCJ2YWwiOiIzMzUwIn1dfV0=
Requested by
Host: www.ezojs.com
URL: https://www.ezojs.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-17y07-2y1e-7y0b-6y0d-27y13-4y16-3y18-4y1c-5y21-4y22-1y25-2y24-5y26-3y29-72y2c-158y30-176y34-4y36-21y3a-12y3b-6y59-2y5d-22&cmbcb=178&sj=x04x02x06x07x1ex0bx0dx13x16x18x1cx21x22x25x24x26x29x2cx30x34x36x3ax3bx59x5d&abt=EdgeHostDomain
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1f10:4c55:e23f:afb4:7f32:3aa4:fbc Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://itsallinanutshell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

access-control-allow-origin
https://itsallinanutshell.com
x-middleton-display
ezp_sol
date
Fri, 18 Aug 2023 00:27:02 GMT
cache-control
private, max-age=0, must-revalidate, no-cache, no-store
vary
Accept-Encoding
expires
Thu, 17 Aug 2023 00:27:02 GMT
truncated
/ Frame A955
211 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0648aeae8d2f0ad6d1ef79bf2aff8f27b49dd7724306d3c9a9e09dfbe34d548d

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 0491
211 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
aa3e5fd5837ede26d4b8d44268a5bd835fbe49b6b72c5acf08be965c7ea733e5

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type
image/png
greenoaks.gif
itsallinanutshell.com/detroitchicago/
0
16 B
Ping
General
Full URL
https://itsallinanutshell.com/detroitchicago/greenoaks.gif?orig=0&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiJiNjRmZDFlZC1kZDNjLTQ4ZTMtNDU2ZS01NDVlYWU1OGM4MTUiLCJkb21haW5faWQiOiI0OTY5OTYiLCJ0X2Vwb2NoIjoxNjkyMzE4NDE0LCJkYXRhIjpbeyJuYW1lIjoiZGlzcGxheV9hZF92aWV3cG9ydF9weCIsInZhbCI6IjM4NDAwMCJ9LHsibmFtZSI6ImRpc3BsYXlfYWRfdmlld3BvcnRfY291bnQiLCJ2YWwiOiI2In0seyJuYW1lIjoibmF0aXZlX2FkX3ZpZXdwb3J0X3B4IiwidmFsIjoiMCJ9LHsibmFtZSI6Im5hdGl2ZV9hZF92aWV3cG9ydF9jb3VudCIsInZhbCI6IjAifSx7Im5hbWUiOiJkaXNwbGF5X2FkX2RvY19weCIsInZhbCI6IjUxNTA0MCJ9LHsibmFtZSI6ImRpc3BsYXlfYWRfZG9jX2NvdW50IiwidmFsIjoiNiJ9LHsibmFtZSI6Im5hdGl2ZV9hZF9kb2NfcHgiLCJ2YWwiOiIwIn0seyJuYW1lIjoibmF0aXZlX2FkX2RvY19jb3VudCIsInZhbCI6IjAifSx7Im5hbWUiOiJ2aWV3cG9ydF9zaXplIiwidmFsIjoiMTYwMHgxMjAwIn0seyJuYW1lIjoidmlld3BvcnRfcHgiLCJ2YWwiOiIxOTIwMDAwIn0seyJuYW1lIjoiZG9jX3B4IiwidmFsIjoiNTM2MDAwMCJ9LHsibmFtZSI6ImRvY19oZWlnaHQiLCJ2YWwiOiIzMzUwIn1dfV0=
Requested by
Host: www.ezojs.com
URL: https://www.ezojs.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-17y07-2y1e-7y0b-6y0d-27y13-4y16-3y18-4y1c-5y21-4y22-1y25-2y24-5y26-3y29-72y2c-158y30-176y34-4y36-21y3a-12y3b-6y59-2y5d-22&cmbcb=178&sj=x04x02x06x07x1ex0bx0dx13x16x18x1cx21x22x25x24x26x29x2cx30x34x36x3ax3bx59x5d&abt=EdgeHostDomain
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1f10:4c55:e23f:afb4:7f32:3aa4:fbc Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://itsallinanutshell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

access-control-allow-origin
https://itsallinanutshell.com
x-middleton-display
ezp_sol
date
Fri, 18 Aug 2023 00:27:02 GMT
cache-control
private, max-age=0, must-revalidate, no-cache, no-store
vary
Accept-Encoding
expires
Thu, 17 Aug 2023 00:27:02 GMT
ads
securepubads.g.doubleclick.net/gampad/
45 KB
11 KB
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=244299579352505&correlator=492814240240293&eid=31076398%2C31076768%2C31077123&output=ldjh&gdfp_req=1&vrg=202308150101&ptt=17&impl=fif&us_privacy=1---&iu_parts=21732118914%3A22975044942%2Citsallinanutshell_com-medrectangle-2&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&ifi=14&didk=1504799095&sfv=1-0-40&rcs=4&eri=1&sc=1&cookie=ID%3D873143505799b32e%3AT%3D1692318415%3ART%3D1692318415%3AS%3DALNI_MZKdxWcwhATBS_BWyj8cEreudmDwA&gpic=UID%3D00000d8c0537ff80%3AT%3D1692318415%3ART%3D1692318415%3AS%3DALNI_MaCTkwevePLqFczOym_Lp657bBqwA&abxe=1&dt=1692318422597&lmt=1692354422&adxs=436&adys=1110&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fitsallinanutshell.com%2F&vis=1&psz=728x-1&msz=728x-1&fws=516&ohw=1600&ga_vid=1075092753.1692318415&ga_sid=1692318416&ga_hid=1732463647&ga_fc=true&dlt=1692318414472&idt=949&prev_scp=a%3D%257C0%257C%26iid1%3D6561939639604062%26eid%3D6561939639604062%26t%3D134%26d%3D496996%26t1%3D134%26pvc%3D0%26ap%3D1100%26sap%3D1100%26as%3Drevenue%26plat%3D1%26bra%3Dmod13%26ic%3D5%26at%3Dmbf%26adr%3D399%26ezosn%3D3%26reft%3Dtf%26refs%3D30%26refa%3D1%26ga%3D5302779%26rid%3D99998%26pt%3D5%26al%3D1005%26compid%3D0%26tap%3Ditsallinanutshell_com-medrectangle-2-6561939639604062%26eb_br%3Df09d4fef38161a27d028cff6eebf43aa%2C33dd523f8e4dda158f0aa99686dda7f2%26eba%3D1%26bv%3D15%26bvm%3D0%26bvr%3D5%26avc%3D113%26shp%3D1%26ftsn%3D12%26ftsng%3D12%26br1%3D6%26br2%3D100%26ezoic%3D1%26nmau%3D0%26mau%3D0%26stl%3D63%2C14%2C28%2C4%2C51%2C0%2C88%2C0%2C71%2C30%2C0%2C31%2C901%2C902%2C903%26deal1%3D20%2C21%2C22%2C23%2C24%2C25%2C26%2C1794%2C2310%2C2339%2C2526%2C2527%2C2763%2C2764%2C2765%2C3054%2C3154%2C3430%2C3455%2C3456%2C3457%2C3458%2C3460%2C3682%2C3683%2C3684%2C4184%2C4185%2C4186%2C5747%2C9%2C10%2C11%2C12%2C13%2C14%2C15%2C16%2C17%2C2351%2C2610%2C2761%2C3044%2C7%2C8%2C915%2C874%2C835%2C17%2C19%2C2351%2C2610%2C2688%2C2761%2C3044%2C3045%2C4276%2C7%2C8%2C916%2C915%2C874%2C835%2C17%2C19%2C2351%2C2610%2C2688%2C2693%2C2761%2C3044%2C3045%2C3053%2C4276%2C7%2C8%2C916%2C915%2C874%2C835%2C17%2C18%2C19%2C1428%2C2351%2C2610%2C2688%2C2693%2C2761%2C3044%2C3045%2C3052%2C3053%2C3856%2C4276%2C7%2C8%2C916%2C915%2C874%2C835%26lb%3D26%26reqt%3D1692318422434&adks=3076448883&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308150101/pubads_impl.js?cb=31077123
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2002 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f98e1a93063f0fc244d3897371767a924114482032d5346867e83de24efd0e91
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://itsallinanutshell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 00:27:02 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11418
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://itsallinanutshell.com
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
-jd_BcJ2_muHebna6aM-t4BwAJqN83NnF3hDm83RPZ4.js
pagead2.googlesyndication.com/bg/ Frame 44CF
37 KB
14 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/-jd_BcJ2_muHebna6aM-t4BwAJqN83NnF3hDm83RPZ4.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2002 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fa377f05c276fe6b8779b9dae9a33eb78070009a8df373671778439bcdd13d9e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 15 Aug 2023 21:15:35 GMT
content-encoding
br
x-content-type-options
nosniff
age
184287
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14691
x-xss-protection
0
last-modified
Mon, 14 Aug 2023 12:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 14 Aug 2024 21:15:35 GMT
prebid
prebid.media.net/rtb/
846 B
838 B
XHR
General
Full URL
https://prebid.media.net/rtb/prebid?cid=8CU8HDVRS
Requested by
Host: c0.pubmine.com
URL: https://c0.pubmine.com/2.37.11677685674593/3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.148.139 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
139.148.107.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
83493bc8b171f50d86b10cf095a4571e28230a58a8e14974f5bec58f9a67b915

Request headers

Referer
https://itsallinanutshell.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 00:27:02 GMT
content-encoding
gzip
via
1.1 google
server
nginx
accept-ch
Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
content-type
application/json;charset=utf-8
access-control-allow-origin
https://itsallinanutshell.com
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
clear
expires
Fri, 18 Aug 2023 00:27:02 GMT
bidRequest
c2shb.ssp.yahoo.com/
62 B
511 B
XHR
General
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=2c9d2b4f01646444af68468bac080021&pos=automattic_mobile_hb_728x90&cmd=bid&secure=1&us_privacy=1---
Requested by
Host: c0.pubmine.com
URL: https://c0.pubmine.com/2.37.11677685674593/3.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.236.83.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-236-83-94.compute-1.amazonaws.com
Software
ATS/9.1.10.75 /
Resource Hash
7f413a6226017b972f8f3f3c8543a25846e727ef7b06a73cd3dd730c31f8b9ac

Request headers

Referer
https://itsallinanutshell.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 18 Aug 2023 00:27:02 GMT
content-encoding
gzip
server
ATS/9.1.10.75
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://itsallinanutshell.com
access-control-allow-credentials
true
content-length
80
arj
automattic-d.openx.net/w/1.0/
190 B
433 B
XHR
General
Full URL
https://automattic-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fitsallinanutshell.com%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=600&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=&nocache=1692318422646&gdpr=0&us_privacy=1---&aus=728x90&divids=728x90_1&aucs=&auid=540649038&aumfs=300
Requested by
Host: c0.pubmine.com
URL: https://c0.pubmine.com/2.37.11677685674593/3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
a33dcdd8465dc908de3b35c37fe55ac8a5f9a4181cb709c286e59edf799bc9c7

Request headers

Referer
https://itsallinanutshell.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 00:27:02 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
application/json
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://itsallinanutshell.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
176
expires
Mon, 26 Jul 1997 05:00:00 GMT
css
fonts.mailerlite.com/ Frame 11BE
176 KB
7 KB
Stylesheet
General
Full URL
https://fonts.mailerlite.com/css?family=Roboto:400,400i,700,700i|Merriweather:400,900i,900,700i,700,300,300i,400i|Lato:400,400i,700,700i|Montserrat:400,400i,700,700i|Montserrat+Alternates:400,400i,700,700i|Open+Sans:400,400i,700,700i|PT+Sans:400,400i,700,700i|Source+Sans+Pro:400,400i,700,700i|Roboto+Slab:400,700|Ubuntu:400,400i,700,700i|Titillium+Web:400,400i,700,700i|Nunito:400,400i,700,700i|Cabin:400,400i,700,700i|Oswald:400,700|Work+Sans:400,700|Exo:400,400i,700,700i|Comfortaa:400,700|Raleway:400,400i,700,700i|Oxygen:400,700|Poppins:400,400i,700,700i|Playfair+Display:400,400i,700,700i|Shadows+Into+Light+Two|PT+Serif:400,400italic,700,700italic|Josefin+Slab:400,400italic,700,700italic|Arvo:400,700,700italic,400italic|Vollkorn:400,400italic,700,700italic|Karla:400,400italic,700,700italic|Noto+Sans:400,400italic,700,700italic|Barlow+Condensed:400,400italic,700,700italic|Anton|Inter:400,700|Abril+Fatface|Yeseva+One|Poiret+One|Marck+Script|Pacifico|Fira+Sans|Rubik&subset=cyrillic,cyrillic-ext,latin-ext
Requested by
Host: assets.mlcdn.com
URL: https://assets.mlcdn.com/fonts.css?version=1683642
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:c45 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2919310cae24ba76feb93e198bdbcd94260bcfcbd7e87dd331585db353494e19

Request headers

accept-language
en-US,en;q=0.9
Referer
https://assets.mlcdn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 00:27:02 GMT
content-encoding
br
server
cloudflare
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
cf-ray
7f86075d9c594bc0-BUF
services
uat-net.technoratimedia.com/ Frame 0DB5
Redirect Chain
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=synacor_xapi&khaos=LLFUOWMM-1P-IU2L
  • https://uat-net.technoratimedia.com/services?srv=cs&pid=44&uid=LLFUOWMM-1P-IU2L
0
2 KB
Image
General
Full URL
https://uat-net.technoratimedia.com/services?srv=cs&pid=44&uid=LLFUOWMM-1P-IU2L
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=synacor_xapi&endpoint=us-east
Protocol
H2
Server
2603:c020:400d:3000:f50:982a:7877:65bd Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 00:27:02 GMT
via
1.1 varnish
server
nginx
age
0
access-control-allow-methods
POST,GET,HEAD,OPTIONS
x-varnish
335776717
access-control-allow-origin
https://eus.rubiconproject.com/
access-control-allow-credentials
true

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://uat-net.technoratimedia.com/services?srv=cs&pid=44&uid=LLFUOWMM-1P-IU2L
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
8f31d5fb12ac7ec11f837ad8263e0f6c
Expires
0
csi
csi.gstatic.com/ Frame DAC5
0
45 B
Ping
General
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~llfuoyuk&c=4531014347017&slotId=2265507173508.5&ghmsh_eids=44751890%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275%2C44797735
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.585.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 00:27:02 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame DAC5
0
0
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?sic=0&eic=1&lst=none&lec=1009&lid=176&sdkv=h.3.585.0&e=44751890%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275%2C44797735&id=ima_html5&c=2463457510211319&domain=itsallinanutshell.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.585.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2002 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 00:27:02 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sid
mug.criteo.com/ Frame 65BF
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=itsallinanutshell.com&sn=ChromeSyncframe&so=0&topUrl=itsallinanutshell.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0
  • https://mug.criteo.com/sid?cpp=2U3nnnx4M0E4R1hXU3BEWmtxQ2FpNkt2OWh4R3BFckcrb0JjTmFwWmN1YUZoTStNMy9xbzY1NE8yMWRHcGtybEFDZkRLMXdLL2svNy9MWmpXMmtzZy9MU3JJbnRiQ28rajlQZ055UldEY011cVhWbzZpMWdBalE3aXd1Yz...
481 B
684 B
Fetch
General
Full URL
https://mug.criteo.com/sid?cpp=2U3nnnx4M0E4R1hXU3BEWmtxQ2FpNkt2OWh4R3BFckcrb0JjTmFwWmN1YUZoTStNMy9xbzY1NE8yMWRHcGtybEFDZkRLMXdLL2svNy9MWmpXMmtzZy9MU3JJbnRiQ28rajlQZ055UldEY011cVhWbzZpMWdBalE3aXd1YzRGRmp5bVNFb3ZMMkJSYW5BS0ZBMDhsWnBKdUgzaFJDMnF6ejZWWUVlNzFpanM2a1hIWlB4UW9pbXA2U2cwc1VETURjS3NHbXJDNWJXZGptNUxXM2FvMjhzclRJOEtOUEJqeWZPRitFMGxoQUl4L0hWczdhS2VnMDNqQ1pxZHRjSjUwd0t5aUdiZk9YSE5QMG9xZExENHYvSE1sRzhIOUZtZDFWQ3NKOHdrYlYzWk9zRWo4az18&cppv=2
Protocol
H2
Server
74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
41b053a7f6425731025ebe52a66d3e93d1f1ed1fec73528efdad8bb35efdaaa0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 00:27:02 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1392060
expires
0

Redirect headers

pragma
no-cache
date
Fri, 18 Aug 2023 00:27:02 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=2U3nnnx4M0E4R1hXU3BEWmtxQ2FpNkt2OWh4R3BFckcrb0JjTmFwWmN1YUZoTStNMy9xbzY1NE8yMWRHcGtybEFDZkRLMXdLL2svNy9MWmpXMmtzZy9MU3JJbnRiQ28rajlQZ055UldEY011cVhWbzZpMWdBalE3aXd1YzRGRmp5bVNFb3ZMMkJSYW5BS0ZBMDhsWnBKdUgzaFJDMnF6ejZWWUVlNzFpanM2a1hIWlB4UW9pbXA2U2cwc1VETURjS3NHbXJDNWJXZGptNUxXM2FvMjhzclRJOEtOUEJqeWZPRitFMGxoQUl4L0hWczdhS2VnMDNqQ1pxZHRjSjUwd0t5aUdiZk9YSE5QMG9xZExENHYvSE1sRzhIOUZtZDFWQ3NKOHdrYlYzWk9zRWo4az18&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
454122
content-length
0
expires
0
v1
btlr.sharethrough.com/universal/
446 B
483 B
XHR
General
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?cb=195-0-60
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.237.83.209 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-237-83-209.compute-1.amazonaws.com
Software
/
Resource Hash
a0a0feb17348b10730a54604329a82a4e4ab1df9296da2adfe0484f5b8dd9330

Request headers

Referer
https://itsallinanutshell.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 18 Aug 2023 00:27:02 GMT
content-encoding
gzip
x-openrtb-version
2.5
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://itsallinanutshell.com
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
306
prebid-request
onetag-sys.com/
15 B
368 B
XHR
General
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?cb=195-0-60
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.222.39.185 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip185.ip-51-222-39.net
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://itsallinanutshell.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
content-type
application/json
access-control-allow-origin
https://itsallinanutshell.com
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control
no-transform, no-cache
access-control-allow-credentials
true
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
recaptcha__en.js
www.gstatic.com/recaptcha/releases/3kTz7WGoZLQTivI-amNftGZO/ Frame 11BE
438 KB
176 KB
Script
General
Full URL
https://www.gstatic.com/recaptcha/releases/3kTz7WGoZLQTivI-amNftGZO/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:809::2003 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
973351a8332ef14670e481d690b0e7d242a6b3c949fdcac75cb767068ee5241c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://assets.mailerlite.com/
Origin
https://assets.mailerlite.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 22:33:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
93242
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
180114
x-xss-protection
0
last-modified
Sun, 06 Aug 2023 12:02:10 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 15 Aug 2024 22:33:00 GMT
army.gif
itsallinanutshell.com/porpoiseant/
0
16 B
Ping
General
Full URL
https://itsallinanutshell.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNzk5OTE5Mjg5NzY1MzcyNyIsImRvbWFpbl9pZCI6IjQ5Njk5NiIsInVuaXQiOiJkaXYtZ3B0LWFkLWl0c2FsbGluYW51dHNoZWxsX2NvbS1lZGdlLTEtMCIsInRfZXBvY2giOjE2OTIzMTg0MTQsImFkX3Bvc2l0aW9uIjoxMTAxLCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiVVMiLCJwYWdldmlld19pZCI6ImI2NGZkMWVkLWRkM2MtNDhlMy00NTZlLTU0NWVhZTU4YzgxNSIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6NDk3NDkwNDI3MiwiY3JlYXRpdmVfaWQiOjEzODI0MTEyMzUxNywiZGF0YSI6W3sibmFtZSI6ImZpbGxlZF9zaXplIiwidmFsIjoiWzE2MCw2MDBdIn1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiI3OTk5MTkyODk3NjUzNzI3IiwiZG9tYWluX2lkIjoiNDk2OTk2IiwidW5pdCI6ImRpdi1ncHQtYWQtaXRzYWxsaW5hbnV0c2hlbGxfY29tLWVkZ2UtMS0wIiwidF9lcG9jaCI6MTY5MjMxODQxNCwiYWRfcG9zaXRpb24iOjExMDEsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJVUyIsInBhZ2V2aWV3X2lkIjoiYjY0ZmQxZWQtZGQzYy00OGUzLTQ1NmUtNTQ1ZWFlNThjODE1IiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjo0OTc0OTA0MjcyLCJjcmVhdGl2ZV9pZCI6MTM4MjQxMTIzNTE3LCJkYXRhIjpbeyJuYW1lIjoiZmlsbGVkX2ZsdWlkIiwidmFsIjoiZmFsc2UifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6Ijc5OTkxOTI4OTc2NTM3MjciLCJkb21haW5faWQiOiI0OTY5OTYiLCJ1bml0IjoiZGl2LWdwdC1hZC1pdHNhbGxpbmFudXRzaGVsbF9jb20tZWRnZS0xLTAiLCJ0X2Vwb2NoIjoxNjkyMzE4NDE0LCJhZF9wb3NpdGlvbiI6MTEwMSwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IlVTIiwicGFnZXZpZXdfaWQiOiJiNjRmZDFlZC1kZDNjLTQ4ZTMtNDU2ZS01NDVlYWU1OGM4MTUiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjQ5NzQ5MDQyNzIsImNyZWF0aXZlX2lkIjoxMzgyNDExMjM1MTcsImRhdGEiOlt7Im5hbWUiOiJkb21haW5fZGZwX3N0eWxlX2lkIiwidmFsIjoiMzEifV0sImlzX29yaWciOmZhbHNlfV0=
Requested by
Host: www.ezojs.com
URL: https://www.ezojs.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-17y07-2y1e-7y0b-6y0d-27y13-4y16-3y18-4y1c-5y21-4y22-1y25-2y24-5y26-3y29-72y2c-158y30-176y34-4y36-21y3a-12y3b-6y59-2y5d-22&cmbcb=178&sj=x04x02x06x07x1ex0bx0dx13x16x18x1cx21x22x25x24x26x29x2cx30x34x36x3ax3bx59x5d&abt=EdgeHostDomain
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1f10:4c55:e23f:afb4:7f32:3aa4:fbc Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://itsallinanutshell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

access-control-allow-origin
https://itsallinanutshell.com
x-middleton-display
ezp_sol
date
Fri, 18 Aug 2023 00:27:02 GMT
cache-control
private, max-age=0, must-revalidate, no-cache, no-store
vary
Accept-Encoding
expires
Thu, 17 Aug 2023 00:27:02 GMT
army.gif
itsallinanutshell.com/porpoiseant/
0
62 B
Ping
General
Full URL
https://itsallinanutshell.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNDkzMTkxODk2MTYyNzA4NiIsImRvbWFpbl9pZCI6IjQ5Njk5NiIsInVuaXQiOiJkaXYtZ3B0LWFkLWl0c2FsbGluYW51dHNoZWxsX2NvbS1lZGdlLTItMCIsInRfZXBvY2giOjE2OTIzMTg0MTQsImFkX3Bvc2l0aW9uIjoxMTAyLCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiVVMiLCJwYWdldmlld19pZCI6ImI2NGZkMWVkLWRkM2MtNDhlMy00NTZlLTU0NWVhZTU4YzgxNSIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6NDk3NTQwMjMxOSwiY3JlYXRpdmVfaWQiOjEzODI0MTEyMzUxNywiZGF0YSI6W3sibmFtZSI6ImZpbGxlZF9zaXplIiwidmFsIjoiWzE2MCw2MDBdIn1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiI0OTMxOTE4OTYxNjI3MDg2IiwiZG9tYWluX2lkIjoiNDk2OTk2IiwidW5pdCI6ImRpdi1ncHQtYWQtaXRzYWxsaW5hbnV0c2hlbGxfY29tLWVkZ2UtMi0wIiwidF9lcG9jaCI6MTY5MjMxODQxNCwiYWRfcG9zaXRpb24iOjExMDIsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJVUyIsInBhZ2V2aWV3X2lkIjoiYjY0ZmQxZWQtZGQzYy00OGUzLTQ1NmUtNTQ1ZWFlNThjODE1IiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjo0OTc1NDAyMzE5LCJjcmVhdGl2ZV9pZCI6MTM4MjQxMTIzNTE3LCJkYXRhIjpbeyJuYW1lIjoiZmlsbGVkX2ZsdWlkIiwidmFsIjoiZmFsc2UifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6IjQ5MzE5MTg5NjE2MjcwODYiLCJkb21haW5faWQiOiI0OTY5OTYiLCJ1bml0IjoiZGl2LWdwdC1hZC1pdHNhbGxpbmFudXRzaGVsbF9jb20tZWRnZS0yLTAiLCJ0X2Vwb2NoIjoxNjkyMzE4NDE0LCJhZF9wb3NpdGlvbiI6MTEwMiwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IlVTIiwicGFnZXZpZXdfaWQiOiJiNjRmZDFlZC1kZDNjLTQ4ZTMtNDU2ZS01NDVlYWU1OGM4MTUiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjQ5NzU0MDIzMTksImNyZWF0aXZlX2lkIjoxMzgyNDExMjM1MTcsImRhdGEiOlt7Im5hbWUiOiJkb21haW5fZGZwX3N0eWxlX2lkIiwidmFsIjoiMzEifV0sImlzX29yaWciOmZhbHNlfV0=
Requested by
Host: www.ezojs.com
URL: https://www.ezojs.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-17y07-2y1e-7y0b-6y0d-27y13-4y16-3y18-4y1c-5y21-4y22-1y25-2y24-5y26-3y29-72y2c-158y30-176y34-4y36-21y3a-12y3b-6y59-2y5d-22&cmbcb=178&sj=x04x02x06x07x1ex0bx0dx13x16x18x1cx21x22x25x24x26x29x2cx30x34x36x3ax3bx59x5d&abt=EdgeHostDomain
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1f10:4c55:e23f:afb4:7f32:3aa4:fbc Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://itsallinanutshell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

access-control-allow-origin
https://itsallinanutshell.com
x-middleton-display
ezp_sol
date
Fri, 18 Aug 2023 00:27:03 GMT
cache-control
private, max-age=0, must-revalidate, no-cache, no-store
vary
Accept-Encoding
expires
Thu, 17 Aug 2023 00:27:03 GMT
sd
us-u.openx.net/w/1.0/
Redirect Chain
  • https://us-u.openx.net/w/1.0/pd?plm=10&ph=f6cce7d3-7041-4bde-ab1b-da9ab8777876&gdpr=0&us_privacy=1---
  • https://i.w55c.net/ping_match.gif?ei=OPENX&rurl=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_
  • https://us-u.openx.net/w/1.0/sd?id=537072979&val=ISyfZg9D1QwNkm5
43 B
61 B
Image
General
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072979&val=ISyfZg9D1QwNkm5
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://itsallinanutshell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 00:27:03 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 18 Aug 2023 00:27:02 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
PingMatch/v2.0.30-788-g55788f4#dev-temp-decrease-retargeting-updates-batch i-04f5649e09cbf9ea9@us-east-1e@dxedge-app-us-east-1-prod-asg
Location
https://us-u.openx.net/w/1.0/sd?id=537072979&val=ISyfZg9D1QwNkm5
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
integrator.js
adservice.google.com/adsid/
107 B
122 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=itsallinanutshell.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:809::2002 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://itsallinanutshell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 00:27:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
jquery.min.js
assets.mlcdn.com/ml/ajax/libs/jquery/1.8.3/ Frame 11BE
91 KB
33 KB
Script
General
Full URL
https://assets.mlcdn.com/ml/ajax/libs/jquery/1.8.3/jquery.min.js
Requested by
Host: groot.mailerlite.com
URL: https://groot.mailerlite.com/js/w/webforms.min.js?v08a893c96141fbc55feeeeac1fda7508
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:6cb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
61c6caebd23921741fb5ffe6603f16634fca9840c2bf56ac8201e9264d6daccf

Request headers

accept-language
en-US,en;q=0.9
Referer
https://assets.mailerlite.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 00:27:02 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 17 Aug 2023 21:05:10 GMT
server
cloudflare
age
12112
vary
Origin, Accept-Encoding
access-control-allow-methods
HEAD,GET,OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=691200
cf-ray
7f86075f5e9c4bd3-BUF
gen_204
pagead2.googlesyndication.com/pagead/ Frame DAC5
0
0
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?mode=1&lid=41&sdkv=h.3.585.0&e=44751890%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275%2C44797735&id=ima_html5&c=2463457510211319&domain=itsallinanutshell.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.585.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2002 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 00:27:02 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame DAC5
0
0
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?native=f&gdpr=f&tcStrValid=f&lid=165&sdkv=h.3.585.0&e=44751890%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275%2C44797735&id=ima_html5&c=2463457510211319&domain=itsallinanutshell.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.585.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2002 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 00:27:02 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame DAC5
0
0
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?delay=0&vpaidadapter=f&request_type=xfp&ctv=0&lid=6&sdkv=h.3.585.0&e=44751890%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275%2C44797735&id=ima_html5&c=2463457510211319&domain=itsallinanutshell.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.585.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2002 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 00:27:02 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame DAC5
0
0
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?step=sendingMessage&logid=0.7743533151937112&time=1692318422933&lid=43&sdkv=h.3.585.0&e=44751890%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275%2C44797735&id=ima_html5&c=2463457510211319&domain=itsallinanutshell.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.585.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2002 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 00:27:02 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame DAC5
0
0
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?step=receivedResponse&time=1692318422968&timeout=f&logid=0.7743533151937112&timediff=35&lid=43&sdkv=h.3.585.0&e=44751890%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275%2C44797735&id=ima_html5&c=2463457510211319&domain=itsallinanutshell.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.585.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2002 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 00:27:02 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame DAC5
0
0
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?rt=xfp&lid=17&sdkv=h.3.585.0&e=44751890%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275%2C44797735&id=ima_html5&c=2463457510211319&domain=itsallinanutshell.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.585.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2002 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 00:27:02 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame DAC5
0
0
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?contentLocation=flat&lid=160&sdkv=h.3.585.0&e=44751890%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275%2C44797735&id=ima_html5&c=2463457510211319&domain=itsallinanutshell.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.585.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2002 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 00:27:02 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
pubads.g.doubleclick.net/gampad/ Frame DAC5
156 B
143 B
XHR
General
Full URL
https://pubads.g.doubleclick.net/gampad/ads?correlator=1137696773424398&description_url=https%3A%2F%2Fitsallinanutshell.com%2F&env=vp&gdfp_req=1&output=xml_vast4&sz=400x300%7C640x480%7C640x360%7C300x168&unviewed_position_start=1&url=https%3A%2F%2Fitsallinanutshell.com%2F&ad_type=outstream_video&hl=en&max_ad_duration=30000&npa=0&tfcd=0&vpmute=0&iu=%2F21732118914%2C22975044942%2Fitsallinanutshell_com-outstream-video-1&vid_t=outstream&vpa=click&cust_params=act%3D1%26ap%3D1%26d%3D496996%26eb_br%3D6a552ada640fe30aee10cad530838cc8%26ft%3D0%26ic%3D1%26iid1%3D2513559983666239%26plat%3D1%26t%3D0%26tap%3Ditsallinanutshell_com-outstream-video-1-2513559983666239&sdkv=h.3.585.0&osd=2&frm=0&vis=1&sdr=1&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&us_privacy=1---&sdki=445&ptt=20&adk=1223778887&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.585.0&sid=7648EDD4-4E4E-40C2-991F-8B2E54FF1B1B&nel=0&eid=44751890%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275%2C44797735&top=https%3A%2F%2Fitsallinanutshell.com%2F&loc=https%3A%2F%2Fitsallinanutshell.com%2F&dlt=1692318414472&idt=1455&dt=1692318422970&cookie=ID%3D873143505799b32e%3AT%3D1692318415%3ART%3D1692318415%3AS%3DALNI_MZKdxWcwhATBS_BWyj8cEreudmDwA&gpic=UID%3D00000d8c0537ff80%3AT%3D1692318415%3ART%3D1692318415%3AS%3DALNI_MaCTkwevePLqFczOym_Lp657bBqwA&scor=1727591382531775&ged=ve4_td9_tt7_pd9_la9000_er0.0.0.0_vi0.0.1200.1600_vp0_ts1_eb16491
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.585.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80c::2002 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 00:27:03 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
anchor
www.google.com/recaptcha/api2/ Frame BDEA
55 KB
31 KB
Document
General
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lf1KHQUAAAAAFNKEX1hdSWCS3mRMv4FlFaNslaD&co=aHR0cHM6Ly9hc3NldHMubWFpbGVybGl0ZS5jb206NDQz&hl=en&v=3kTz7WGoZLQTivI-amNftGZO&size=normal&cb=fd88mpdnxnew
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/3kTz7WGoZLQTivI-amNftGZO/recaptcha__en.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:806::2004 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
ae4e0a5a5f84848d3e1ae545958c378173ee70cea4ea31a6b6c964a578f67dc9
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-loDvkOc-ASaxyKsCGaDNaQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://assets.mailerlite.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-length
31471
content-security-policy
script-src 'report-sample' 'nonce-loDvkOc-ASaxyKsCGaDNaQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 18 Aug 2023 00:27:03 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
json
gum.criteo.com/sid/ Frame
0
0
Preflight
General
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fitsallinanutshell.com%2F&domain=itsallinanutshell.com&cw=1&pbt=1&lsw=1&us_privacy=1---
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::c , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://itsallinanutshell.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://itsallinanutshell.com
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Fri, 18 Aug 2023 00:27:03 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
300911
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
/
id.a-mx.com/sync/
99 B
532 B
XHR
General
Full URL
https://id.a-mx.com/sync/?tagId=&ref=null&u=https://itsallinanutshell.com/&tl=https://itsallinanutshell.com/&nf=0&rt=true&v=7.54.0&av=2.0&vg=epbjs&us_privacy=1---&am=null&gdpr=0&gdpr_consent=
Requested by
Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?cb=195-0-60
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:29fd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c9e3e614146c5c9e2f2e77f46ee77918f2edb0831885ec298a0efaf148f3972e

Request headers

Referer
https://itsallinanutshell.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 18 Aug 2023 00:27:03 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9Z%2F63yLW1vbWS3vNQpHyf9xo1ASHP%2BjW8F5BbEfydD5EY8rv%2FpoY3JR9C5SmiwcC6uYke1%2BBCUo1Z1DENEzmtrEbNzP2bGz2EphIWUUODXcNyZIjLNxrh55t7SevndPSFR%2BCGpOACot7Tw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://itsallinanutshell.com
access-control-allow-credentials
true
cf-ray
7f86075fcfa34bc9-BUF
alt-svc
h3=":443"; ma=86400
fed
ups.analytics.yahoo.com/ups/58713/
0
279 B
XHR
General
Full URL
https://ups.analytics.yahoo.com/ups/58713/fed?v=1&1p=0&gdpr=0&gdpr_consent=&us_privacy=1---&url=https://itsallinanutshell.com/&pixelId=58713
Requested by
Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?cb=195-0-60
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.200.65.202 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-200-65-202.compute-1.amazonaws.com
Software
ATS/9.1.10.75 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://itsallinanutshell.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 18 Aug 2023 00:27:03 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.75
age
0
vary
Origin
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
access-control-allow-origin
https://itsallinanutshell.com
content-type
application/json
access-control-allow-credentials
true
content-length
0
sid
mug.criteo.com/
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fitsallinanutshell.com%2F&domain=itsallinanutshell.com&cw=1&pbt=1&lsw=1&us_privacy=1---
  • https://mug.criteo.com/sid?cpp=-bP6gXxBTEwzcHNvREh2ME9idGlKZFByM2J4UWQwdGx6YlBxWXBsNHNzaFlxS1VJdWM2ekR1d1lZSG9ieU1qMnBhS2dPWUlCZzN4MHh4SmtiaXJEYWRRMGNPL1lxRnpvQ1ljNWlrZGtGWGdLNlpEMjkxOTkycWtqd3Fndm...
477 B
749 B
XHR
General
Full URL
https://mug.criteo.com/sid?cpp=-bP6gXxBTEwzcHNvREh2ME9idGlKZFByM2J4UWQwdGx6YlBxWXBsNHNzaFlxS1VJdWM2ekR1d1lZSG9ieU1qMnBhS2dPWUlCZzN4MHh4SmtiaXJEYWRRMGNPL1lxRnpvQ1ljNWlrZGtGWGdLNlpEMjkxOTkycWtqd3Fndm5zU2tXS1FqSkZMK2tPNzZ4NThmam1tczdqbTNoTWdBV1lacWdkSlM1dnlzYk9BNUl5VGU1L3NJTktvcHFJVjk2bEduTjdLdC9RLzBRSUJZYWVIYVVVYTI5VHdqb3prMXZyVVNVYy9XMDhoRTJFNlpOdXRwK2d1eW8rU1RKT0ZQOWZ4bTgwNFNHUjlFTWI3bUozeWxFTVdydmJkVllHbm1jcjdkNWI5dFBuWGpJWDlBRGtEcz18&cppv=2
Protocol
H2
Server
74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
dce2c0e81a2304b2bb785f1a5cfc7b4a3da78a3fe4176c2621bb09e3b63bbcbe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://itsallinanutshell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 00:27:02 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1415405
expires
0

Redirect headers

pragma
no-cache
date
Fri, 18 Aug 2023 00:27:02 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
access-control-allow-methods
GET
access-control-allow-origin
https://itsallinanutshell.com
location
https://mug.criteo.com/sid?cpp=-bP6gXxBTEwzcHNvREh2ME9idGlKZFByM2J4UWQwdGx6YlBxWXBsNHNzaFlxS1VJdWM2ekR1d1lZSG9ieU1qMnBhS2dPWUlCZzN4MHh4SmtiaXJEYWRRMGNPL1lxRnpvQ1ljNWlrZGtGWGdLNlpEMjkxOTkycWtqd3Fndm5zU2tXS1FqSkZMK2tPNzZ4NThmam1tczdqbTNoTWdBV1lacWdkSlM1dnlzYk9BNUl5VGU1L3NJTktvcHFJVjk2bEduTjdLdC9RLzBRSUJZYWVIYVVVYTI5VHdqb3prMXZyVVNVYy9XMDhoRTJFNlpOdXRwK2d1eW8rU1RKT0ZQOWZ4bTgwNFNHUjlFTWI3bUozeWxFTVdydmJkVllHbm1jcjdkNWI5dFBuWGpJWDlBRGtEcz18&cppv=2
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
277509
content-length
0
expires
0
pbhid
id.hadron.ad.gt/api/v1/
141 B
315 B
XHR
General
Full URL
https://id.hadron.ad.gt/api/v1/pbhid?partner_id=524&_it=prebid
Requested by
Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?cb=195-0-60
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:545 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8f9d4e1b7f538d03a4d85a2c90e9f6daa8dedd88a47e8a75bf9768d1f37ae953

Request headers

Referer
https://itsallinanutshell.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 18 Aug 2023 00:27:03 GMT
content-encoding
gzip
server
cloudflare
allow
POST, OPTIONS, GET
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cf-ray
7f86076079804bd2-BUF
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
prebid
id5-sync.com/api/config/
135 B
550 B
XHR
General
Full URL
https://id5-sync.com/api/config/prebid
Requested by
Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?cb=195-0-60
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.117 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533568.ip-162-19-138.eu
Software
/
Resource Hash
e6cead609d342bd202f23b8fa86aff54f2503372d68ae63acca87e7dca2bec15
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://itsallinanutshell.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://itsallinanutshell.com
date
Fri, 18 Aug 2023 00:27:02 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
id
id.crwdcntrl.net/
152 B
820 B
XHR
General
Full URL
https://id.crwdcntrl.net/id?us_privacy=1---
Requested by
Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?cb=195-0-60
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.238.96.3 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-238-96-3.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
ba42f683fff47a1ca1885e91ed8c83ced68f3a4f0072772118762603d977fd41

Request headers

Referer
https://itsallinanutshell.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 00:27:03 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://itsallinanutshell.com
cache-control
no-cache
x-server
10.40.13.71
access-control-allow-credentials
true
content-length
152
expires
0
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012307272333000/ Frame 2C7C
222 KB
62 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012307272333000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308150101/pubads_impl.js?cb=31077123
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:824::2001 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ca0b13088e4cc740b37d30f2a5dd83dba46709641f40678950fc0a8f41c9c14c
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://itsallinanutshell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Thu, 17 Aug 2023 02:07:02 GMT
age
80401
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
62092
x-xss-protection
0
server
sffe
etag
"72571316e23440c4"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Fri, 16 Aug 2024 02:07:02 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012307272333000/v0/ Frame 2C7C
15 KB
5 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012307272333000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308150101/pubads_impl.js?cb=31077123
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:824::2001 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3fdd9957f328674a49573806215c9fe67a6f827515607cf8d7db980fc94b771c
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://itsallinanutshell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Thu, 17 Aug 2023 02:07:02 GMT
age
80401
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5267
x-xss-protection
0
server
sffe
etag
"85c6144a0af9a6d8"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Fri, 16 Aug 2024 02:07:02 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012307272333000/v0/ Frame 2C7C
94 KB
28 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012307272333000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308150101/pubads_impl.js?cb=31077123
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:824::2001 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a68a7aaf623132b6e47f6d9753c49336cc812251cc91a1b82280aca86144b29a
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://itsallinanutshell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 16 Aug 2023 07:51:39 GMT
age
146124
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29055
x-xss-protection
0
server
sffe
etag
"34be4077024c0aa5"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 15 Aug 2024 07:51:39 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012307272333000/v0/ Frame 2C7C
5 KB
2 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012307272333000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308150101/pubads_impl.js?cb=31077123
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:824::2001 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b70f0a80bac892e1e492a9ee5cee527ea2a9a2ff162614ff7a3acc78b2e83db0
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://itsallinanutshell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Thu, 17 Aug 2023 00:39:13 GMT
age
85670
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1908
x-xss-protection
0
server
sffe
etag
"a56399b21b8bf15b"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Fri, 16 Aug 2024 00:39:13 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012307272333000/v0/ Frame 2C7C
40 KB
13 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012307272333000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308150101/pubads_impl.js?cb=31077123
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:824::2001 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
485567ada85d2d82f3c23210e6082009fcd03700751bf61a07a56a256b1e8918
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://itsallinanutshell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 16 Aug 2023 20:48:37 GMT
age
99506
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13018
x-xss-protection
0
server
sffe
etag
"62ea6ad255afcfa9"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 15 Aug 2024 20:48:37 GMT
truncated
/ Frame 2C7C
219 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f0c46b809d2b157b830521d9ab38cb7fb36f04094961a0bb0ff53e567a96a66a

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type
image/png
15674793459692859512
tpc.googlesyndication.com/simgad/ Frame 2C7C
6 KB
7 KB
Image
General
Full URL
https://tpc.googlesyndication.com/simgad/15674793459692859512?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4qk7Yz4d9lmAC1qWo4XfcRKkYtkC3Q
Requested by
Host: itsallinanutshell.com
URL: https://itsallinanutshell.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2001 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2d90bd393f63bca4e446a884a1914b85e3a3aad4361ca5c3b1e8a6768d82c5e8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://itsallinanutshell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 14:01:36 GMT
x-content-type-options
nosniff
age
37527
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6638
x-xss-protection
0
last-modified
Sun, 30 Apr 2023 20:50:03 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 16 Aug 2024 14:01:36 GMT
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 2C7C
2 KB
2 KB
Image
General
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: itsallinanutshell.com
URL: https://itsallinanutshell.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2001 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://itsallinanutshell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 03:51:19 GMT
x-content-type-options
nosniff
server
cafe
age
74144
etag
14819457070020093239
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2502
x-xss-protection
0
expires
Fri, 18 Aug 2023 03:51:19 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 2C7C
295 B
319 B
Image
General
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: itsallinanutshell.com
URL: https://itsallinanutshell.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2001 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://itsallinanutshell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 13:58:42 GMT
x-content-type-options
nosniff
server
cafe
age
37701
etag
426692510519060060
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Fri, 18 Aug 2023 13:58:42 GMT
l
www.google.com/ads/measurement/ Frame 2C7C
0
0
Image
General
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRzVqNgll0VVFsHYh_W9QsfudOIbOFfZZv0r0MRPQ-SQfQQvBvmPKl_2myQzktfHU8lPbjSN-kalaaf4UHG04XAJaa85Q
Requested by
Host: itsallinanutshell.com
URL: https://itsallinanutshell.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:806::2004 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://itsallinanutshell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

army.gif
itsallinanutshell.com/porpoiseant/
0
16 B
Ping
General
Full URL
https://itsallinanutshell.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNjU2MTkzOTYzOTYwNDA2MiIsImRvbWFpbl9pZCI6IjQ5Njk5NiIsInVuaXQiOiJkaXYtZ3B0LWFkLWl0c2FsbGluYW51dHNoZWxsX2NvbS1tZWRyZWN0YW5nbGUtMi0wIiwidF9lcG9jaCI6MTY5MjMxODQxNCwiYWRfcG9zaXRpb24iOjExMDAsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJVUyIsInBhZ2V2aWV3X2lkIjoiYjY0ZmQxZWQtZGQzYy00OGUzLTQ1NmUtNTQ1ZWFlNThjODE1IiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjo0OTc0ODg2MDE4LCJjcmVhdGl2ZV9pZCI6MTM4MjQxMTIzNTE3LCJkYXRhIjpbeyJuYW1lIjoicmVmcmVzaF9jb3VudCIsInZhbCI6IjUifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6IjY1NjE5Mzk2Mzk2MDQwNjIiLCJkb21haW5faWQiOiI0OTY5OTYiLCJ1bml0IjoiZGl2LWdwdC1hZC1pdHNhbGxpbmFudXRzaGVsbF9jb20tbWVkcmVjdGFuZ2xlLTItMCIsInRfZXBvY2giOjE2OTIzMTg0MTQsImFkX3Bvc2l0aW9uIjoxMTAwLCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiVVMiLCJwYWdldmlld19pZCI6ImI2NGZkMWVkLWRkM2MtNDhlMy00NTZlLTU0NWVhZTU4YzgxNSIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6NDk3NDg4NjAxOCwiY3JlYXRpdmVfaWQiOjEzODI0MTEyMzUxNywiZGF0YSI6W3sibmFtZSI6ImZpbGxlZF9iaWRfaGFzaCIsInZhbCI6ImYwOWQ0ZmVmMzgxNjFhMjdkMDI4Y2ZmNmVlYmY0M2FhLDMzZGQ1MjNmOGU0ZGRhMTU4ZjBhYTk5Njg2ZGRhN2YyIn1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiI2NTYxOTM5NjM5NjA0MDYyIiwiZG9tYWluX2lkIjoiNDk2OTk2IiwidW5pdCI6ImRpdi1ncHQtYWQtaXRzYWxsaW5hbnV0c2hlbGxfY29tLW1lZHJlY3RhbmdsZS0yLTAiLCJ0X2Vwb2NoIjoxNjkyMzE4NDE0LCJyZXZlbnVlIjowLCJlc3RfcmV2ZW51ZSI6MC4wMDAwNiwiYWRfcG9zaXRpb24iOjExMDAsImFkX3NpemUiOiIiLCJiaWRfZmxvb3JfZmlsbGVkIjowLjAwMDA2LCJiaWRfZmxvb3JfcHJldiI6MC4wMDAyNiwic3RhdF9zb3VyY2VfaWQiOjM1LCJjb3VudHJ5X2NvZGUiOiJVUyIsInBhZ2V2aWV3X2lkIjoiYjY0ZmQxZWQtZGQzYy00OGUzLTQ1NmUtNTQ1ZWFlNThjODE1IiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjo0OTc0ODg2MDE4LCJjcmVhdGl2ZV9pZCI6MTM4MjQxMTIzNTE3LCJkYXRhIjpbeyJuYW1lIjoibG9hZGVkIiwidmFsIjoiMSJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNjU2MTkzOTYzOTYwNDA2MiIsImRvbWFpbl9pZCI6IjQ5Njk5NiIsInVuaXQiOiJkaXYtZ3B0LWFkLWl0c2FsbGluYW51dHNoZWxsX2NvbS1tZWRyZWN0YW5nbGUtMi0wIiwidF9lcG9jaCI6MTY5MjMxODQxNCwiYWRfcG9zaXRpb24iOjExMDAsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJVUyIsInBhZ2V2aWV3X2lkIjoiYjY0ZmQxZWQtZGQzYy00OGUzLTQ1NmUtNTQ1ZWFlNThjODE1IiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjo0OTc0ODg2MDE4LCJjcmVhdGl2ZV9pZCI6MTM4MjQxMTIzNTE3LCJkYXRhIjpbeyJuYW1lIjoiY3JlYXRpdmVfaWQiLCJ2YWwiOiIxMzgyNDExMjM1MTcifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6IjY1NjE5Mzk2Mzk2MDQwNjIiLCJkb21haW5faWQiOiI0OTY5OTYiLCJ1bml0IjoiZGl2LWdwdC1hZC1pdHNhbGxpbmFudXRzaGVsbF9jb20tbWVkcmVjdGFuZ2xlLTItMCIsInRfZXBvY2giOjE2OTIzMTg0MTQsImFkX3Bvc2l0aW9uIjoxMTAwLCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiVVMiLCJwYWdldmlld19pZCI6ImI2NGZkMWVkLWRkM2MtNDhlMy00NTZlLTU0NWVhZTU4YzgxNSIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6NDk3NDg4NjAxOCwiY3JlYXRpdmVfaWQiOjEzODI0MTEyMzUxNywiZGF0YSI6W3sibmFtZSI6ImxpbmVpdGVtX2lkIiwidmFsIjoiNDk3NDg4NjAxOCJ9XSwiaXNfb3JpZyI6ZmFsc2V9XQ==
Requested by
Host: www.ezojs.com
URL: https://www.ezojs.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-17y07-2y1e-7y0b-6y0d-27y13-4y16-3y18-4y1c-5y21-4y22-1y25-2y24-5y26-3y29-72y2c-158y30-176y34-4y36-21y3a-12y3b-6y59-2y5d-22&cmbcb=178&sj=x04x02x06x07x1ex0bx0dx13x16x18x1cx21x22x25x24x26x29x2cx30x34x36x3ax3bx59x5d&abt=EdgeHostDomain
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1f10:4c55:e23f:afb4:7f32:3aa4:fbc Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://itsallinanutshell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

access-control-allow-origin
https://itsallinanutshell.com
x-middleton-display
ezp_sol
date
Fri, 18 Aug 2023 00:27:03 GMT
cache-control
private, max-age=0, must-revalidate, no-cache, no-store
vary
Accept-Encoding
expires
Thu, 17 Aug 2023 00:27:03 GMT
4974886018
go.ezodn.com/dac/
0
586 B
XHR
General
Full URL
https://go.ezodn.com/dac/4974886018
Requested by
Host: www.ezojs.com
URL: https://www.ezojs.com/porpoiseant/banger.js?cb=195-0&bv=257&v=76&PageSpeed=off
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:e2::ac40:8817 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://itsallinanutshell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 00:27:03 GMT
cf-cache-status
EXPIRED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
0
last-modified
Thu, 17 Aug 2023 23:03:26 GMT
server
cloudflare
access-control-max-age
1728000
access-control-allow-methods
GET, POST, PUT, OPTIONS
content-type
text/plain
access-control-allow-origin
https://itsallinanutshell.com
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lPq8y8R9%2FllHQlkDn8YScC7q%2FK9oxLlKPdO%2BIILKbn%2BbMdhak5PgbH%2BNffMvQuPglmVk0a3Iv95x8yaBT4NjIgbOm2NnPcA3i1RB3HeIH7FYNum%2FzfgonHXvNi2%2B4isxChZ44aUlStqhI1g%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=14400
access-control-allow-credentials
true
vary
Accept-Encoding,Origin,Access-Control-Request-Method,Access-Control-Request-Headers
accept-ranges
bytes
cf-ray
7f8607600daec457-EWR
access-control-allow-headers
Content-Type
army.gif
itsallinanutshell.com/porpoiseant/
0
16 B
Ping
General
Full URL
https://itsallinanutshell.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNjU2MTkzOTYzOTYwNDA2MiIsImRvbWFpbl9pZCI6IjQ5Njk5NiIsInVuaXQiOiJkaXYtZ3B0LWFkLWl0c2FsbGluYW51dHNoZWxsX2NvbS1tZWRyZWN0YW5nbGUtMi0wIiwidF9lcG9jaCI6MTY5MjMxODQxNCwiYWRfcG9zaXRpb24iOjExMDAsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJVUyIsInBhZ2V2aWV3X2lkIjoiYjY0ZmQxZWQtZGQzYy00OGUzLTQ1NmUtNTQ1ZWFlNThjODE1IiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjo0OTc0ODg2MDE4LCJjcmVhdGl2ZV9pZCI6MTM4MjQxMTIzNTE3LCJkYXRhIjpbeyJuYW1lIjoidF9sb2NhbF9kYXRlIiwidmFsIjoiMjAyMy0wOC0xNyJ9LHsibmFtZSI6InRfbG9jYWxfaG91ciIsInZhbCI6IjE0In0seyJuYW1lIjoidF9sb2NhbF9kYXlfb2Zfd2VlayIsInZhbCI6IjQifSx7Im5hbWUiOiJ0X2xvY2FsX3RpbWV6b25lIiwidmFsIjoiNjAwIn1dLCJpc19vcmlnIjpmYWxzZX1d
Requested by
Host: www.ezojs.com
URL: https://www.ezojs.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-17y07-2y1e-7y0b-6y0d-27y13-4y16-3y18-4y1c-5y21-4y22-1y25-2y24-5y26-3y29-72y2c-158y30-176y34-4y36-21y3a-12y3b-6y59-2y5d-22&cmbcb=178&sj=x04x02x06x07x1ex0bx0dx13x16x18x1cx21x22x25x24x26x29x2cx30x34x36x3ax3bx59x5d&abt=EdgeHostDomain
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1f10:4c55:e23f:afb4:7f32:3aa4:fbc Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://itsallinanutshell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

access-control-allow-origin
https://itsallinanutshell.com
x-middleton-display
ezp_sol
date
Fri, 18 Aug 2023 00:27:02 GMT
cache-control
private, max-age=0, must-revalidate, no-cache, no-store
vary
Accept-Encoding
expires
Thu, 17 Aug 2023 00:27:02 GMT
army.gif
itsallinanutshell.com/porpoiseant/
0
16 B
Ping
General
Full URL
https://itsallinanutshell.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImF1Y3Rpb24iLCJpbXByZXNzaW9uX2lkIjoiNjU2MTkzOTYzOTYwNDA2MiIsImRvbWFpbl9pZCI6IjQ5Njk5NiIsInVuaXQiOiJkaXYtZ3B0LWFkLWl0c2FsbGluYW51dHNoZWxsX2NvbS1tZWRyZWN0YW5nbGUtMi0wIiwidF9lcG9jaCI6MTY5MjMxODQxNCwiYXVjdGlvbl9lcG9jaCI6MTY5MjMxODQyMywiYWRfcG9zaXRpb24iOjExMDAsImNvdW50cnlfY29kZSI6IlVTIiwicGFnZXZpZXdfaWQiOiJiNjRmZDFlZC1kZDNjLTQ4ZTMtNDU2ZS01NDVlYWU1OGM4MTUiLCJiaWRfZmxvb3JfaW5pdGlhbCI6MjAwLCJiaWRfZmxvb3JfcHJldiI6MjYsImJpZF9mbG9vcl9maWxsZWQiOjYsImF1Y3Rpb25fY291bnQiOjUsInJlZnJlc2hfYWRfY291bnQiOjAsImF1Y3Rpb25fZHVyYXRpb24iOjQwNywibXVsdGlfYWRfdW5pdCI6MCwibXVsdGlfYWRfY291bnQiOjAsIm5ldHdvcmtfY29kZSI6MjE3MzIxMTg5MTQsImRhdGEiOlt7Im5hbWUiOiIiLCJ2YWwiOiIifV0sImxpbmVfaXRlbV9pZCI6NDk3NDg4NjAxOH1d
Requested by
Host: www.ezojs.com
URL: https://www.ezojs.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-17y07-2y1e-7y0b-6y0d-27y13-4y16-3y18-4y1c-5y21-4y22-1y25-2y24-5y26-3y29-72y2c-158y30-176y34-4y36-21y3a-12y3b-6y59-2y5d-22&cmbcb=178&sj=x04x02x06x07x1ex0bx0dx13x16x18x1cx21x22x25x24x26x29x2cx30x34x36x3ax3bx59x5d&abt=EdgeHostDomain
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1f10:4c55:e23f:afb4:7f32:3aa4:fbc Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://itsallinanutshell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

access-control-allow-origin
https://itsallinanutshell.com
x-middleton-display
ezp_sol
date
Fri, 18 Aug 2023 00:27:03 GMT
cache-control
private, max-age=0, must-revalidate, no-cache, no-store
vary
Accept-Encoding
expires
Thu, 17 Aug 2023 00:27:03 GMT
pbcas
ads.yieldmo.com/ Frame 52F5
862 B
1 KB
Document
General
Full URL
https://ads.yieldmo.com/pbcas?us_privacy=1---&gdpr=0&gdpr_consent=&type=iframe
Requested by
Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?cb=195-0-60
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.173.48.72 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-173-48-72.compute-1.amazonaws.com
Software
/
Resource Hash
9ce8d9c2b5d1d880fb10b6ce65e71c14177aaf926d38ebca842a81a0fcd48377

Request headers

Referer
https://itsallinanutshell.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-headers
Cache-Control, Pragma, *
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
*
content-encoding
gzip
content-type
text/html;charset=utf-8
date
Fri, 18 Aug 2023 00:27:03 GMT
pragma
no-cache
vary
accept-encoding
/
onetag-sys.com/usync/ Frame 05E4
2 KB
814 B
Document
General
Full URL
https://onetag-sys.com/usync/?cb=1692318419727&us_privacy=1---
Requested by
Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?cb=195-0-60
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.222.39.185 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip185.ip-51-222-39.net
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://itsallinanutshell.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
content-type
text/html
strict-transport-security
max-age=15552000
v1
match.sharethrough.com/sync/
Redirect Chain
  • https://u.openx.net/w/1.0/cm?gdpr=0&gdpr_consent=&id=7ead435e-a2cd-4cbf-8876-adb66822613f&ph=c6b01e12-aa62-4ae6-9e10-71346e597c31&r=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3DF2...
  • https://match.sharethrough.com/sync/v1?source_id=F2Stothm3wg5g6opTuaPadz9&source_user_id=1f63e202-17fb-44a7-b635-fb018d65d6d3
68 B
279 B
Image
General
Full URL
https://match.sharethrough.com/sync/v1?source_id=F2Stothm3wg5g6opTuaPadz9&source_user_id=1f63e202-17fb-44a7-b635-fb018d65d6d3
Protocol
H2
Server
52.201.146.33 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-201-146-33.compute-1.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language
en-US,en;q=0.9
Referer
https://itsallinanutshell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 00:27:03 GMT
cache-control
no-cache
content-length
68
content-type
image/png

Redirect headers

date
Fri, 18 Aug 2023 00:27:03 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://match.sharethrough.com/sync/v1?source_id=F2Stothm3wg5g6opTuaPadz9&source_user_id=1f63e202-17fb-44a7-b635-fb018d65d6d3
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
pxl
engagefront.theweathernetwork.com/
47 B
314 B
Image
General
Full URL
https://engagefront.theweathernetwork.com/pxl
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.23.223 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
223.23.120.34.bc.googleusercontent.com
Software
TornadoServer/6.1 /
Resource Hash
af9dbf02c85319fda5ed6e97828a8328ce87a4a11e2a95d506654bf7dee244f4

Request headers

accept-language
en-US,en;q=0.9
Referer
https://itsallinanutshell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 00:27:03 GMT
via
1.1 google
server
TornadoServer/6.1
etag
"2f28ed1ccf7c08cf22491757fe20385249db162e"
p3p
policyref='/static/w3c/p3p.xml', CP='NOI DSP COR DEVa TAIa OUR BUS UNI'
content-type
image/gif
cache-control
max-age=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
47
expires
Fri, 18 Aug 2023 00:27:03 GMT
v1
match.sharethrough.com/sync/
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=41&p=244&cp=sharethrough&cu=1&gdpr=0&gdpr_consent=&url=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3D7658cb1d77a660882b48db06%26source_us...
  • https://match.sharethrough.com/sync/v1?source_id=7658cb1d77a660882b48db06&source_user_id=k-nNrTxJuicCFx8Xhx-m3qrR9J51JjqgrTlQJ6LQ&gdpr=0&gdpr_consent=
68 B
279 B
Image
General
Full URL
https://match.sharethrough.com/sync/v1?source_id=7658cb1d77a660882b48db06&source_user_id=k-nNrTxJuicCFx8Xhx-m3qrR9J51JjqgrTlQJ6LQ&gdpr=0&gdpr_consent=
Protocol
H2
Server
52.201.146.33 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-201-146-33.compute-1.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language
en-US,en;q=0.9
Referer
https://itsallinanutshell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 00:27:03 GMT
cache-control
no-cache
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Fri, 18 Aug 2023 00:27:03 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://match.sharethrough.com/sync/v1?source_id=7658cb1d77a660882b48db06&source_user_id=k-nNrTxJuicCFx8Xhx-m3qrR9J51JjqgrTlQJ6LQ&gdpr=0&gdpr_consent=
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
646720
content-length
0
expires
Fri, 18 Aug 2023 00:00:00 GMT
v1
match.sharethrough.com/sync/
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=97&redir=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3DgBgkxrVErPj9wqivTDd2AmVY%26source_user_id%3D%7BuserId%7D&gdpr=0&gdpr_consent=
  • https://match.sharethrough.com/sync/v1?source_id=gBgkxrVErPj9wqivTDd2AmVY&source_user_id=07e245da-4f06-492e-b7a4-be6d629de3b9-64debad1-5553&gdpr=0&gdpr_consent=
68 B
279 B
Image
General
Full URL
https://match.sharethrough.com/sync/v1?source_id=gBgkxrVErPj9wqivTDd2AmVY&source_user_id=07e245da-4f06-492e-b7a4-be6d629de3b9-64debad1-5553&gdpr=0&gdpr_consent=
Protocol
H2
Server
52.201.146.33 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-201-146-33.compute-1.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language
en-US,en;q=0.9
Referer
https://itsallinanutshell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 00:27:03 GMT
cache-control
no-cache
content-length
68
content-type
image/png

Redirect headers

pragma
no-cache
date
Fri, 18 Aug 2023 00:27:02 GMT
server
A
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://match.sharethrough.com/sync/v1?source_id=gBgkxrVErPj9wqivTDd2AmVY&source_user_id=07e245da-4f06-492e-b7a4-be6d629de3b9-64debad1-5553&gdpr=0&gdpr_consent=
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
v1
match.sharethrough.com/sync/
Redirect Chain
  • https://sync.1rx.io/usersync2/sharethrough
  • https://sync.mathtag.com/sync/img?mt_exid=74&redir=https%3A%2F%2Fsync.1rx.io%2Fusersync3%2Fmediamathtest%2F2155%2F%5BMM_UUID%5D%3Fzcc%3D0%26sspret%3D1&rndcb=1454681157
  • https://sync.1rx.io/usersync3/mediamathtest/2155/ce7f64de-bad7-4400-ba94-96f15d043fcc?zcc=0&sspret=1
  • https://sync.targeting.unrulymedia.com/csync/RX-0ec53a30-df5a-48f0-bcf0-e0134c0f42b3-005?redir=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3DrAoqYZyz6z2wirWVWwswmjws%26source_user_...
  • https://match.sharethrough.com/sync/v1?source_id=rAoqYZyz6z2wirWVWwswmjws&source_user_id=RX-0ec53a30-df5a-48f0-bcf0-e0134c0f42b3-005
68 B
279 B
Image
General
Full URL
https://match.sharethrough.com/sync/v1?source_id=rAoqYZyz6z2wirWVWwswmjws&source_user_id=RX-0ec53a30-df5a-48f0-bcf0-e0134c0f42b3-005
Protocol
H2
Server
52.201.146.33 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-201-146-33.compute-1.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language
en-US,en;q=0.9
Referer
https://itsallinanutshell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 00:27:03 GMT
cache-control
no-cache
content-length
68
content-type
image/png

Redirect headers

Date
Fri, 18 Aug 2023 00:27:03 GMT
Server
Tengine
ETag
RX0ec53a30df5a48f0bcf0e0134c0f42b3005
Transfer-Encoding
chunked
P3P
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
Location
https://match.sharethrough.com/sync/v1?source_id=rAoqYZyz6z2wirWVWwswmjws&source_user_id=RX-0ec53a30-df5a-48f0-bcf0-e0134c0f42b3-005
Content-Type
text/html
Connection
keep-alive
adjr
s.pubmine.com/
3 KB
2 KB
XHR
General
Full URL
https://s.pubmine.com/adjr?pvid=bfe7a08a-4e58-41fe-8b0f-ce80eb63daf9&rid=6926229013800
Requested by
Host: c0.pubmine.com
URL: https://c0.pubmine.com/2.37.11677685674593/ata.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.23.11.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-23-11-45.compute-1.amazonaws.com
Software
nginx /
Resource Hash
dcca616ebb0de84da0d46654d1afd94223153edf842efca0b8e7657e201c9b21

Request headers

Referer
https://itsallinanutshell.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 18 Aug 2023 00:27:03 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://itsallinanutshell.com
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Expires
0
styles__ltr.css
www.gstatic.com/recaptcha/releases/3kTz7WGoZLQTivI-amNftGZO/ Frame BDEA
55 KB
24 KB
Stylesheet
General
Full URL
https://www.gstatic.com/recaptcha/releases/3kTz7WGoZLQTivI-amNftGZO/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lf1KHQUAAAAAFNKEX1hdSWCS3mRMv4FlFaNslaD&co=aHR0cHM6Ly9hc3NldHMubWFpbGVybGl0ZS5jb206NDQz&hl=en&v=3kTz7WGoZLQTivI-amNftGZO&size=normal&cb=fd88mpdnxnew
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:809::2003 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 15 Aug 2023 23:15:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
177105
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24605
x-xss-protection
0
last-modified
Sun, 06 Aug 2023 12:02:10 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 14 Aug 2024 23:15:18 GMT
recaptcha__en.js
www.gstatic.com/recaptcha/releases/3kTz7WGoZLQTivI-amNftGZO/ Frame BDEA
438 KB
176 KB
Script
General
Full URL
https://www.gstatic.com/recaptcha/releases/3kTz7WGoZLQTivI-amNftGZO/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lf1KHQUAAAAAFNKEX1hdSWCS3mRMv4FlFaNslaD&co=aHR0cHM6Ly9hc3NldHMubWFpbGVybGl0ZS5jb206NDQz&hl=en&v=3kTz7WGoZLQTivI-amNftGZO&size=normal&cb=fd88mpdnxnew
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:809::2003 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
973351a8332ef14670e481d690b0e7d242a6b3c949fdcac75cb767068ee5241c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 22:33:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
93243
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
180114
x-xss-protection
0
last-modified
Sun, 06 Aug 2023 12:02:10 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 15 Aug 2024 22:33:00 GMT
ml_jQuery.inputmask.bundle.min.js
assets.mlcdn.com/gr/js/w/ Frame 11BE
69 KB
21 KB
Script
General
Full URL
https://assets.mlcdn.com/gr/js/w/ml_jQuery.inputmask.bundle.min.js?v3.3.1
Requested by
Host: groot.mailerlite.com
URL: https://groot.mailerlite.com/js/w/webforms.min.js?v08a893c96141fbc55feeeeac1fda7508
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:6cb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7dc240f4ac44fc99f05f51d362c54fcb4073b3e5daabf68fcec12193b333f8e6

Request headers

accept-language
en-US,en;q=0.9
Referer
https://assets.mailerlite.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 00:27:03 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 17 Aug 2023 22:31:33 GMT
server
cloudflare
age
6930
vary
Origin, Accept-Encoding
access-control-allow-methods
HEAD,GET,OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=691200
cf-ray
7f8607608ea04bd3-BUF
sync
ads.yieldmo.com/v000/ Frame 52F5
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=yieldmo&redir%3Dhttps%3A%2F%2Fads.yieldmo.com%2Fv000%2Fsync%3Fpn_id%3Dunl%26id%3D%5BRX_UUID%5D
  • https://sync.mathtag.com/sync/img?mt_exid=74&redir=https%3A%2F%2Fsync.1rx.io%2Fusersync3%2Fmediamathtest%2F2069.28%2F%5BMM_UUID%5D%3Fzcc%3D0%26sspret%3D1&rndcb=1188726320
  • https://sync.1rx.io/usersync3/mediamathtest/2069.28/1fa464de-bad7-4f00-8928-46f723d6fea4?zcc=0&sspret=1
  • https://sync.targeting.unrulymedia.com/csync/RX-0ec53a30-df5a-48f0-bcf0-e0134c0f42b3-005?redir=https%3A%2F%2Fads.yieldmo.com%2Fv000%2Fsync%3Fpn_id%3Dunl%26id%3DRX-0ec53a30-df5a-48f0-bcf0-e0134c0f42...
  • https://ads.yieldmo.com/v000/sync?pn_id=unl&id=RX-0ec53a30-df5a-48f0-bcf0-e0134c0f42b3-005
43 B
617 B
Image
General
Full URL
https://ads.yieldmo.com/v000/sync?pn_id=unl&id=RX-0ec53a30-df5a-48f0-bcf0-e0134c0f42b3-005
Requested by
Host: ads.yieldmo.com
URL: https://ads.yieldmo.com/pbcas?us_privacy=1---&gdpr=0&gdpr_consent=&type=iframe
Protocol
H2
Server
54.173.48.72 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-173-48-72.compute-1.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.yieldmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 00:27:03 GMT
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods
POST, GET, OPTIONS
content-type
image/gif;charset=utf-8
access-control-allow-origin
*
access-control-allow-headers
Cache-Control, Pragma, *
content-length
43

Redirect headers

Date
Fri, 18 Aug 2023 00:27:03 GMT
Server
Tengine
ETag
RX0ec53a30df5a48f0bcf0e0134c0f42b3005
Transfer-Encoding
chunked
P3P
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
Location
https://ads.yieldmo.com/v000/sync?pn_id=unl&id=RX-0ec53a30-df5a-48f0-bcf0-e0134c0f42b3-005
Content-Type
text/html
Connection
keep-alive
receive
pixel.tapad.com/idsync/ex/ Frame 52F5
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3107&partner_device_id=3m7DLyyGGDyyIfljonPf
  • https://dpm.demdex.net/ibs:dpid=540&dpuuid=ab9d17c0-c81c-44b4-a9b0-0faebcbda11d&redir=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Freceive%3Fpartner_id%3DADB%26partner_device_id%3D%24%7BDD_UUID%7D...
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=ADB&partner_device_id=01191767442811976341934855132811237166&pt=ab9d17c0-c81c-44b4-a9b0-0faebcbda11d%2C%2C
95 B
124 B
Image
General
Full URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=ADB&partner_device_id=01191767442811976341934855132811237166&pt=ab9d17c0-c81c-44b4-a9b0-0faebcbda11d%2C%2C
Requested by
Host: ads.yieldmo.com
URL: https://ads.yieldmo.com/pbcas?us_privacy=1---&gdpr=0&gdpr_consent=&type=iframe
Protocol
H3
Server
34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
62.113.111.34.bc.googleusercontent.com
Software
Jetty(11.0.13) /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.yieldmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 00:27:03 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
content-type
image/png
access-control-allow-origin
*
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95

Redirect headers

DCS
dcs-prod-usw2-1-v046-0e56d4276.edge-usw2.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
zZFAK2z1S5c=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://pixel.tapad.com/idsync/ex/receive?partner_id=ADB&partner_device_id=01191767442811976341934855132811237166&pt=ab9d17c0-c81c-44b4-a9b0-0faebcbda11d%2C%2C
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
sync
ads.yieldmo.com/ Frame 52F5
Redirect Chain
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=yieldmo
  • https://ads.yieldmo.com/sync?pn_id=rc&id=LLFUOWMM-1P-IU2L
43 B
599 B
Image
General
Full URL
https://ads.yieldmo.com/sync?pn_id=rc&id=LLFUOWMM-1P-IU2L
Requested by
Host: ads.yieldmo.com
URL: https://ads.yieldmo.com/pbcas?us_privacy=1---&gdpr=0&gdpr_consent=&type=iframe
Protocol
H2
Server
54.173.48.72 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-173-48-72.compute-1.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.yieldmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 00:27:03 GMT
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods
POST, GET, OPTIONS
content-type
image/gif;charset=utf-8
access-control-allow-origin
*
access-control-allow-headers
Cache-Control, Pragma, *
content-length
43

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://ads.yieldmo.com/sync?pn_id=rc&id=LLFUOWMM-1P-IU2L
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
8f31d5fb12ac7ec11f837ad8263e0f6c
Expires
0
pixel
cm.g.doubleclick.net/ Frame 52F5
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yieldmo_dbm&google_hm=M203REx5eUdHRHl5SWZsam9uUGY=
Requested by
Host: ads.yieldmo.com
URL: https://ads.yieldmo.com/pbcas?us_privacy=1---&gdpr=0&gdpr_consent=&type=iframe
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.176.194 Grosse Pointe, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s37-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.yieldmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 00:27:03 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sync
ads.yieldmo.com/v000/ Frame 52F5
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=yieldmo&ttd_tpi=1&ttd_puid=3m7DLyyGGDyyIfljonPf
  • https://ads.yieldmo.com/v000/sync?tdid=0487fdef-dbcb-4472-91ea-091af86a64fb
43 B
610 B
Image
General
Full URL
https://ads.yieldmo.com/v000/sync?tdid=0487fdef-dbcb-4472-91ea-091af86a64fb
Requested by
Host: ads.yieldmo.com
URL: https://ads.yieldmo.com/pbcas?us_privacy=1---&gdpr=0&gdpr_consent=&type=iframe
Protocol
H2
Server
54.173.48.72 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-173-48-72.compute-1.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.yieldmo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 00:27:03 GMT
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods
POST, GET, OPTIONS
content-type
image/gif;charset=utf-8
access-control-allow-origin
*
access-control-allow-headers
Cache-Control, Pragma, *
content-length
43

Redirect headers

location
https://ads.yieldmo.com/v000/sync?tdid=0487fdef-dbcb-4472-91ea-091af86a64fb
date
Fri, 18 Aug 2023 00:27:03 GMT
server
Kestrel
content-length
181
sid
mug.criteo.com/ Frame
0
0
Preflight
General
Full URL
https://mug.criteo.com/sid?cpp=-bP6gXxBTEwzcHNvREh2ME9idGlKZFByM2J4UWQwdGx6YlBxWXBsNHNzaFlxS1VJdWM2ekR1d1lZSG9ieU1qMnBhS2dPWUlCZzN4MHh4SmtiaXJEYWRRMGNPL1lxRnpvQ1ljNWlrZGtGWGdLNlpEMjkxOTkycWtqd3Fndm5zU2tXS1FqSkZMK2tPNzZ4NThmam1tczdqbTNoTWdBV1lacWdkSlM1dnlzYk9BNUl5VGU1L3NJTktvcHFJVjk2bEduTjdLdC9RLzBRSUJZYWVIYVVVYTI5VHdqb3prMXZyVVNVYy9XMDhoRTJFNlpOdXRwK2d1eW8rU1RKT0ZQOWZ4bTgwNFNHUjlFTWI3bUozeWxFTVdydmJkVllHbm1jcjdkNWI5dFBuWGpJWDlBRGtEcz18&cppv=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
null
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Fri, 18 Aug 2023 00:27:03 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
314136
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
SPug
simage4.pubmatic.com/AdServer/ Frame 1B93
0
128 B
Script
General
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fs.pubmine.com%2Fmatch%3Fbidder_id%3D11%26ssp_data%3Dde349555-d0ff-4738-bf5a-71b2f3727eaa%26rid%3D%26us_privacy%3D%26gdpr%3D0%26gdpr_consent%3D%26external_user_id%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.248.18.34 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 00:27:02 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
generate_204
tpc.googlesyndication.com/ Frame 44CF
0
10 B
Image
General
Full URL
https://tpc.googlesyndication.com/generate_204?aTb3Ag
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2001 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 00:27:03 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
webworker.js
www.google.com/recaptcha/api2/ Frame BDEA
102 B
134 B
Other
General
Full URL
https://www.google.com/recaptcha/api2/webworker.js?hl=en&v=3kTz7WGoZLQTivI-amNftGZO
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lf1KHQUAAAAAFNKEX1hdSWCS3mRMv4FlFaNslaD&co=aHR0cHM6Ly9hc3NldHMubWFpbGVybGl0ZS5jb206NDQz&hl=en&v=3kTz7WGoZLQTivI-amNftGZO&size=normal&cb=fd88mpdnxnew
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:806::2004 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
0d62c80e8180a2c275d761c5fb681cc5b0e41fff53d32926ebed430f91f511c9
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lf1KHQUAAAAAFNKEX1hdSWCS3mRMv4FlFaNslaD&co=aHR0cHM6Ly9hc3NldHMubWFpbGVybGl0ZS5jb206NDQz&hl=en&v=3kTz7WGoZLQTivI-amNftGZO&size=normal&cb=fd88mpdnxnew
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 00:27:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
cross-origin-embedder-policy
require-corp
x-frame-options
SAMEORIGIN
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
112
x-xss-protection
1; mode=block
expires
Fri, 18 Aug 2023 00:27:03 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame DAC5
0
0
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?sic=0&eic=1&lst=none&lec=1009&lid=176&sdkv=h.3.585.0&e=44751890%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275%2C44797735&id=ima_html5&c=2463457510211319&domain=itsallinanutshell.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.585.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2002 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 00:27:03 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
v1
lb.eu-1-id5-sync.com/lb/
33 B
408 B
XHR
General
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?cb=195-0-60
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.64 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216658.ip-141-95-98.eu
Software
/
Resource Hash
559ae2dc3f1b2fde708a290477da2752ca33399cf5f8d4b6afdafbba4498339d
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://itsallinanutshell.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://itsallinanutshell.com
date
Fri, 18 Aug 2023 00:27:03 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
si
googleads.g.doubleclick.net/pagead/drt/ Frame 2C7C
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
0
Image
General
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: itsallinanutshell.com
URL: https://itsallinanutshell.com/
Protocol
H2
Server
2607:f8b0:4006:820::2002 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Redirect headers

date
Fri, 18 Aug 2023 00:27:03 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
houseads-wpcom-20230801-googledomainstransfer-1x-728x90-upload.png
wordadsmediafiles.files.wordpress.com/2023/08/ Frame 1EDC
45 KB
46 KB
Image
General
Full URL
https://wordadsmediafiles.files.wordpress.com/2023/08/houseads-wpcom-20230801-googledomainstransfer-1x-728x90-upload.png
Requested by
Host: itsallinanutshell.com
URL: https://itsallinanutshell.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.72.25 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
bd8bbfc49367fef133855aa19d589482ba9d8c8156b769bc01f2b2330207f50d
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://itsallinanutshell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-nc
HIT jfk 25 np
date
Fri, 18 Aug 2023 00:27:03 GMT
x-content-type-options
nosniff
last-modified
Tue, 01 Aug 2023 21:40:58 GMT
server
nginx
x-orig-src
01_mogdir
vary
Origin
content-type
image/png
access-control-allow-origin
https://wordadsmediafiles.wordpress.com
access-control-allow-credentials
true
accept-ranges
bytes
content-length
46405
expires
Sun, 10 Sep 2023 08:04:07 GMT
imp_pixel
s.pubmine.com/ Frame 1EDC
43 B
286 B
Image
General
Full URL
https://s.pubmine.com/imp_pixel?pc=GfnldjUMkOngW-46wZ21wMMXtGye5arNVvkJCcInKtQXajoXk35hZqaL-930StvqVO75iqK-RlSIauRCaaaiVSDCdtxbvVUu7--vx7wJaRd3gx437ohPolXtSeVy2CdcbFOxK5ZCNN5uIWU-_eJCDJZJ2ujCHGPSXTwRW11eF23a8TqfOCKn&tuuid=de349555-d0ff-4738-bf5a-71b2f3727eaa&rid=
Requested by
Host: itsallinanutshell.com
URL: https://itsallinanutshell.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.23.11.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-23-11-45.compute-1.amazonaws.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-US,en;q=0.9
Referer
https://itsallinanutshell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date
Fri, 18 Aug 2023 00:27:03 GMT
Cache-Control
no-cache, no-store, must-revalidate
Content-Encoding
gzip
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
image/gif
wl_pixel
s.pubmine.com/ Frame 1EDC
43 B
286 B
Image
General
Full URL
https://s.pubmine.com/wl_pixel?tuuid=de349555-d0ff-4738-bf5a-71b2f3727eaa&pc=GfnldjUMkOngW-46wZ21wMMXtGye5arNVvkJCcInKtQXajoXk35hZqaL-930StvqVO75iqK-RlSIauRCaaaiVSDCdtxbvVUu7--vx7wJaRd3gx437ohPolXtSeVy2CdcbFOxK5ZCNN5uIWU-_eJCDJZJ2ujCHGPSXTwRW11eF23a8TqfOCKn
Requested by
Host: itsallinanutshell.com
URL: https://itsallinanutshell.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.23.11.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-23-11-45.compute-1.amazonaws.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-US,en;q=0.9
Referer
https://itsallinanutshell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date
Fri, 18 Aug 2023 00:27:03 GMT
Cache-Control
no-cache, no-store, must-revalidate
Content-Encoding
gzip
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
image/gif
v1
btlr.sharethrough.com/universal/
548 B
567 B
XHR
General
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?cb=195-0-60
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.237.83.209 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-237-83-209.compute-1.amazonaws.com
Software
/
Resource Hash
73a67de7b4419ace1e43436311c1f060aa0c9dd81fdc3de349f9ae4bacc3419f

Request headers

Referer
https://itsallinanutshell.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 18 Aug 2023 00:27:03 GMT
content-encoding
gzip
x-openrtb-version
2.5
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://itsallinanutshell.com
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
390
prebid-request
onetag-sys.com/
15 B
368 B
XHR
General
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?cb=195-0-60
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.222.39.185 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip185.ip-51-222-39.net
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://itsallinanutshell.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
content-type
application/json
access-control-allow-origin
https://itsallinanutshell.com
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control
no-transform, no-cache
access-control-allow-credentials
true
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
adview
securepubads.g.doubleclick.net/pagead/ Frame A955
0
0
Image
General
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CXsNu1LreZKOxM4aOxAOYnruoApyB77BcosqnqnTAjbcBEAEgAGDJ7o6LwKSMEIIBF2NhLXB1Yi01OTAyMDgzMjg1MzAyNzc5yAEJ4AIAqAMByAMCqgSUAk_QCvkI55bdIAMMppe0X3GLegMEx20iUszlOqNOOQSZBNSvm3CY4nnBz6hOoaBChzIJBU7uw2mT5pmhW1iJRDoxGICQlYM_AatcjbVWcCMVfFHnujKHr5TG6fAb-smBtAgMcKs0rYLX04f_Ud72MGZj2chAZxWQ1M6zVfH40L_K7oqIg8ReiESWTJzt13aPrRKF0sUi75t88oEPqQUR3EP5bg1yB2e47wWGf1uwUlqSk3XBzGVh2Hdp2G5NOQsebVsVs6QSTrBr72PrPPjCjO5pfX1FAphdTZ13Plxgpt68nY_p6-zmHe1IrE7x0Byar4CzeOpJYwBedYUF3hsBVvNVfVXCU6mN9T7Lm-mwCR9mdUMoDOAEAYAGw9Szoo-Xu5jwAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBIIgGEQATICigI6AoBASL39wTqACgP6CwIIAYAMAdAVAYAXAbIXHAoaEhRwdWItNTkwMjA4MzI4NTMwMjc3ORjv0W0&sigh=Jk6qSxJRpuQ&uach_m=[UACH]&cid=CAQSPABpAlJWLMLR4UPrkozVQWaKfOcWF8nDYcIn-FHwaMv726aDyNOE7MnySwvbdGXHCSiuQSoPWav49n7i9hgB&cbvp=2&vis=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2002 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://f9aff9bef49e1270a22b691c950b742a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

notify
rtb.va.us.criteo.com/google/auction/ Frame A955
0
125 B
Image
General
Full URL
https://rtb.va.us.criteo.com/google/auction/notify?profile=14&payload=kObvF_6vB6AB2ATiIp0XAgAAAGp7O3ahItx6ENS63mSncOP-T3ZUvIzoAAASAAAKCkFRVURDZ0VCQ2c&wp=ZN661AAM2KMKcQcGAA7PGOjH8m904Lmu7T3c5g&cbvp=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::3 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://f9aff9bef49e1270a22b691c950b742a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 00:27:03 GMT
strict-transport-security
max-age=31536000; preload;
server-processing-duration-in-ticks
273820
server
Kestrel
content-length
0
all
csm.us.criteo.net/ Frame 3B86
0
127 B
Ping
General
Full URL
https://csm.us.criteo.net/all?cppv=3&cpp=DTgy9FzppUpv7SBAQZfuap0U4pArbCCQelfXMdICIlf7snmpgLFmLPg2N3TUnLIpG2fQoF0HP-99qIL3Sv_5KlASLInRJULHqjdpE1cPj6JoarmMLy7-2ogU4g-bmPOIMJDuXSDgBcwcyQ9xFU1zU7MLA74q3brcUWfaqLfgHR0B4J9N2A0BISJZsKBaUrryUG6M9BmJXouQVS4GbHj5ausAixlPmCEK1QIe44f9G-Gx_4VMOlDcPlB57-uQ1M27iE8Rhnrzbif1i95R&sds=2&rev=88037&sendBeacon=true
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZN661AAM2KMKcQcGAA7PGOjH8m904Lmu7T3c5g&u=%7CkJTEXR2E7n6H2vMt%2FbpcigZmNUYqrqcweD2ddrMHON4%3D%7C&c1=rrpYFVpNqCuoMy_CN5j4rxwPFZaGZeBOQ-EedF60xEliq5YP9z1apJap4arQkRalnRQaPAWFzRiIk9kJCWZFKyCGRd_c0B-JXhFAU475GBt8De_gNLdI-YTn0vdIVKRDv5cIbvKIbf1lTLWajec_wXooZ_1e1TlPu1p4zkZ0dHzwcJkJp4wt24E-SoASPe8085DwZGrHLKx7FjRrMhvgma9rqwJBriX7baTe39vKvj8cfT0m_5Jc2R7cvLvgew6g7TA3kr2d3-QlNsbirD9LLwpNYYabYSsIlvfywNviSR0ucUfdLV6I83ZFHfXj5Lti82N4kCza9icTTZQ-zsQS4N_wK2KVtv97vq5H9NMWkz8iVdPo4vv97F_3TuSbIMCQaZ978nLFSVu4Xt_Sxni7uKf_QP82ar-JBLC_IlKnqdFHTP5mq5_q0nhLEN1WEgYRg86kuI_FTEGit_-a1SMhpHJINjOPIB70_mWrd7UCqQNsamMpKH8FM9uFTWj6g8RQpmf2AsCXuj1G-QCSLQecAG1QdwdSdkr7hM-iiRCf9NUcM_vcjAF2IyCVpSGEJ_361UCMOVmk64sfH8rc9W0swyw0Jak29FTQ3im26v5m-45iG_-9YpkhxSsm_eJiQcjqfwxliU6cggFZoYOPmt8yL0z9pMfygojHxB1yfWdP1_4&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC-2Kb1LreZKOxM4aOxAOYnruoApyB77BcosqnqnTAjbcBEAEgAGDJ7o6LwKSMEIIBF2NhLXB1Yi01OTAyMDgzMjg1MzAyNzc5yAEJ4AIAqAMByAMCqgSXAk_QCvkI55bdIAMMppe0X3GLegMEx20iUszlOqNOOQSZBNSvm3CY4nnBz6hOoaBChzIJBU7uw2mT5pmhW1iJRDoxGICQlYM_AatcjbVWcCMVfFHnujKHr5TG6fAb-smBtAgMcKs0rYLX04f_Ud72MGZj2chAZxWQ1M6zVfH40L_K7oqIg8ReiESWTJzt13aPrRKF0sUi75t88oEPqQUR3EP5bg1yB2e47wWGf1uwUlqSk3XBzGVh2Hdp2G5NOQsebVsVs6QSTrBr72PrPPjCjO5pfX1FAphdTZ13Plxgpt68nY_p6-zmHe1IrE7x0Bya7YKT6kG76gCd_OiJNWGIlURpVVzsS20WBkRCUleuJQfPo9Iozy467uAEAYAGw9Szoo-Xu5jwAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBIIgGEQATICigI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3pfle1HgnHpw_VxIs4WptOZPnRdQ%26client%3Dca-pub-5902083285302779%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::16 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.us.criteo.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Fri, 18 Aug 2023 00:27:03 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
adview
securepubads.g.doubleclick.net/pagead/ Frame 0491
0
0
Image
General
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CcSei1LreZOWtMpCEoPMPn6qVqAycge-wXKLKp6p0wI23ARABIABgye6Oi8CkjBCCARdjYS1wdWItNTkwMjA4MzI4NTMwMjc3OcgBCeACAKgDAcgDAqoElAJP0N13jtU72H5cWz_68Pgaq7lwxpUFxGL_V2de2YKmBcAUmrePw_Hd6NX7wv2qVhb33muZO85PPCHVcPB3s248zYvMydjS2iKHVvQ5RCSpredJvMDW-zVf6nOnV1FIhTrn8bTEqFxZt5sdn9horo01vWxGaJQfvrlzUQQ3udRCfbKWrP0D1oEYM5QttOK9TPLcVq7byaHk9s9HX7pTL36stnhUJwx4hzELSZEavrPRutFwa5_JsFNtDcZsJzAr9CuC1Mwn1JxTa1XTDewKPd_8ms1DQFjsppuAWNqVD2eZpWuHyrIdl28-EJMAH1L-nCsjLpQhYdER27bn9sZ86OaiVOBw1eVn-LkkfeJf4EpMwTqp6ajgBAGABsPUs6KPl7uY8AGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggSCIBhEAEyAooCOgKAQEi9_cE6gAoD-gsCCAGADAHQFQGAFwGyFxwKGhIUcHViLTU5MDIwODMyODUzMDI3NzkY79Ft&sigh=nasPnMMDB5I&uach_m=[UACH]&cid=CAQSPABpAlJWtpdL8itvJPdzlsHcK0z4XW4ncdrxx7-EV47JyrqiZ2NaeB0-ZYgnqkKSFt-p1oVmZgScF0-QzxgB&cbvp=2&vis=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2002 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://f9aff9bef49e1270a22b691c950b742a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

notify
rtb.va.us.criteo.com/google/auction/ Frame 0491
0
126 B
Image
General
Full URL
https://rtb.va.us.criteo.com/google/auction/notify?profile=14&payload=kObvF_6vB6AB2ATiIp0XAgAAAGp7O3ahItx6ENS63mTaqh3sOl-15uvPAAASAAAKCkFRVUJDZ0VCQ2c&wp=ZN661AAMluUIaAIQAAVVH3AX_h0Jm9RmMgBCJQ&cbvp=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::3 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://f9aff9bef49e1270a22b691c950b742a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 00:27:03 GMT
strict-transport-security
max-age=31536000; preload;
server-processing-duration-in-ticks
271695
server
Kestrel
content-length
0
all
csm.us.criteo.net/ Frame 560A
0
127 B
Ping
General
Full URL
https://csm.us.criteo.net/all?cppv=3&cpp=jY8nnFzppUpv7SBAwHgVgRPZaCHcnT8aLySoPYFCfYvb7cblXv7BOQjhw4NP1kRPniOF_-BplGdN2gV9cO5YrDEQW55gjmLsxuCBOEoYZ8tHH00GCzS-HtOqLX1hG0lvcTOHRQS02lLhDc5ZGx-0IW0i-U-0s9hjyk_ghYoON2hjlhJHi7ri7nVQQOHdLj_IsSVF2Ir57plCG2sy-Pg6bixxO9NVCmx2-Y7cummf7yisO9LQL6AWV3i1LOXa_1SvvlcAUZ1aZk48oioR&sds=2&rev=88037&sendBeacon=true
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZN661AAMluUIaAIQAAVVH3AX_h0Jm9RmMgBCJQ&u=%7CkJTEXR2E7n5Sm4KdTlExw3yuuKHAPgFlh07vpQYOmec%3D%7C&c1=TUPLs6ok1IhDgnvJmJgq2b8G6XvEBIvqi4VSciU_LzelNdNdJTtEK_lEZrcR-2V6vqRGFL537dByUwzXjpSA5Ow3obWN48gwzc8YHWzylIlVQ1fL1DisA3RLP01PKoZalfF8iieAiuL9Ti0zHMK4IE5WL2_AmODQ-JwWZ7ZgOkjq-055CZvSb-buq4UmwKu4lpb8IEjtBSpKDOxsb5bogUrIpkINSRZ1cfsEadBIfxyDMu-oW9hVlt4YG4LcRsWqoqVEWjh-66sgrS8W93gj_7v0mYTFb2m4XWu-_nBBI7NQ_g4P-lksRyLGB_8PpydolVXUE5uHi4jexAqXi96UKZQ6A4TYaPi4tZ6wYA3ICrp7u0QoUArNyjR1ya-o7AFULfMwUHXwSEVJCNRUprca2G6RBdGYLLx9IwHrrxB0GWEKWm2KkhghloL9oFxUdWLMfhA64RBYBqzF1EwCQdtxfkaNWl0Jz8-GLQCefP4yvd5x1K6cnpy0ORk-gPzzoWwSm3QcXihQ-jm-zw7lD-nukOYzsosOQ-ngsWYOr6HdL3TRs_DezygmschQmuZmp3JZlfYNRBVSR4Wn_wQx91ZLALfTrI9Rx9dOELpAV29GXFuNAOQkzW1t33r798h3iw0tbG-bMK_3tI5crDr1bX9nry6A9WrhG5cL&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCf6Ma1LreZOWtMpCEoPMPn6qVqAycge-wXKLKp6p0wI23ARABIABgye6Oi8CkjBCCARdjYS1wdWItNTkwMjA4MzI4NTMwMjc3OcgBCeACAKgDAcgDAqoElwJP0N13jtU72H5cWz_68Pgaq7lwxpUFxGL_V2de2YKmBcAUmrePw_Hd6NX7wv2qVhb33muZO85PPCHVcPB3s248zYvMydjS2iKHVvQ5RCSpredJvMDW-zVf6nOnV1FIhTrn8bTEqFxZt5sdn9horo01vWxGaJQfvrlzUQQ3udRCfbKWrP0D1oEYM5QttOK9TPLcVq7byaHk9s9HX7pTL36stnhUJwx4hzELSZEavrPRutFwa5_JsFNtDcZsJzAr9CuC1Mwn1JxTa1XTDewKPd_8ms1DQFjsppuAWNqVD2eZpWuHyrIdl28-EJMAH1L-nGkhDgaKk1gRGD-Kei0GYSUVaMh5-_2jY0pe9Cvh_mZUaOw46WuHJG_gBAGABsPUs6KPl7uY8AGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggSCIBhEAEyAooCOgKAQEi9_cE6-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3_OvBywo0wtcx3fjCvCyGoXNzZbg%26client%3Dca-pub-5902083285302779%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::16 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.us.criteo.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Fri, 18 Aug 2023 00:27:03 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
integrator.js
adservice.google.com/adsid/
107 B
122 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=itsallinanutshell.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:809::2002 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://itsallinanutshell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 00:27:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
adview
securepubads.g.doubleclick.net/pagead/ Frame 2C7C
0
0
Image
General
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=Cvhki1rreZMG3KcL__gSR4oCoDqHg0utw5oGE9p0R4ZDRhZ0OEAEgpczXamDJ7o6LwKSMEKAByOnGkQPIAQLgAgCoAwHIAwiqBIUCT9Dw0vN6yL7fjwqwUbKvtlUdZF-dh8hyQ2gy7sJ0QfygtjnBEIMwA23yW9_kNsOHodlC-sOVmehJyqXTQgArcrZh79zlkUbHuiAogh8xKTBycY_dEKaJDD1HL7gGTcB9bJWZan9w5VEE5izEapjzBw2Srs0PDXDaeuCEAgQ-T1G2FEaHOEdCNiAL0ZbtafrafbqbBNh3cGl-yvidKX4sIj_SeC4d2NLqh5mGXbc4MX0wx3SIuMtjwLa9rNpY_aiGWCFdFN0F8bRbWM7m9S9dtyiDJVdhNEDJaZNI5qLBqQaADrj4x3NM4NRQyq1yloDMAw2ke3A7_G6zHPQ1wfHG7gFX9aDUwATz7_PS9wPgBAGSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGAoAHoJa5bqgH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEEKKbBNIIFAiAYRABGB0yAooCOgKAQEi9_cE6mgm_AWh0dHBzOi8vd3d3LnJlY2lwZWZvcm1lLmFwcC9yY3Bmcm1lL2xwP3VpZD0xMDU2NyZsaWQ9NjA3MzImc2lkPTE2NTU4NjUyODU4JnNpZDI9MTM1MTk2ODk5MzE1JnNpZDM9NjU4ODE4NDM2MDY1JnNpZDQ9JnNpZDU9aXRzYWxsaW5hbnV0c2hlbGwuY29tJnNpZDY9JnNpZDc9JnNpZDg9JnJpZD17Z2NsaWR9Jl9hZ2lkPTAmYWlkPTAmcj0wgAoDyAsBogwMKgoKCOS0sQLutbEC2gwQCgoQ0PTUq4m9pfdpEgIBA9gTDNAVAYAXAbIXHgocCAASFHB1Yi05MDIzMjMyMTA5MDkxNTEyGO_RbQ&sigh=U07eymrmqQI&uach_m=[]&ase=2&cid=CAQSPABpAlJWe_fWOY7mDMqQ18XWFvIrk5GoYB81iBYSeSv8E_pBXihoduphBjMZnNYFVFOhQHk9zOrLbSfyXhgB&cbvp=2
Requested by
Host: itsallinanutshell.com
URL: https://itsallinanutshell.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::2002 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://itsallinanutshell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

gen_204
pagead2.googlesyndication.com/pagead/ Frame DAC5
0
0
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?mode=1&lid=41&sdkv=h.3.585.0&e=44751890%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275%2C44797735&id=ima_html5&c=2463457510211319&domain=itsallinanutshell.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.585.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2002 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 00:27:03 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame DAC5
0
0
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?native=f&gdpr=f&tcStrValid=f&lid=165&sdkv=h.3.585.0&e=44751890%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275%2C44797735&id=ima_html5&c=2463457510211319&domain=itsallinanutshell.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.585.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2002 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 00:27:03 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame DAC5
0
0
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?delay=0&vpaidadapter=f&request_type=xfp&ctv=0&lid=6&sdkv=h.3.585.0&e=44751890%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275%2C44797735&id=ima_html5&c=2463457510211319&domain=itsallinanutshell.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.585.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2002 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 00:27:03 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame DAC5
0
0
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?step=sendingMessage&logid=0.17291436059667142&time=1692318423763&lid=43&sdkv=h.3.585.0&e=44751890%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275%2C44797735&id=ima_html5&c=2463457510211319&domain=itsallinanutshell.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.585.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2002 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 00:27:03 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
bframe
www.google.com/recaptcha/api2/ Frame 3CE2
7 KB
1 KB
Document
General
Full URL
https://www.google.com/recaptcha/api2/bframe?hl=en&v=3kTz7WGoZLQTivI-amNftGZO&k=6Lf1KHQUAAAAAFNKEX1hdSWCS3mRMv4FlFaNslaD
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/3kTz7WGoZLQTivI-amNftGZO/recaptcha__en.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:806::2004 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
c3af215d44adfde0c293d5c9b17238860ae6882d1ad9a71aaafa64653e4f69a8
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-cad0Vu8Sp-3T0f774zAi3Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://assets.mailerlite.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-length
1161
content-security-policy
script-src 'report-sample' 'nonce-cad0Vu8Sp-3T0f774zAi3Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 18 Aug 2023 00:27:03 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
match
s.pubmine.com/ Frame E308
43 B
852 B
Document
General
Full URL
https://s.pubmine.com/match?bidder_id=26&ssp_data=de349555-d0ff-4738-bf5a-71b2f3727eaa&rid=&us_privacy=&gdpr=0&gdpr_consent=&external_user_id=2A9490F3-08AC-45EE-95C7-6A357A3D2EFD
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fs.pubmine.com%2Fmatch%3Fbidder_id%3D26%26ssp_data%3Dde349555-d0ff-4738-bf5a-71b2f3727eaa%26rid%3D%26us_privacy%3D%26gdpr%3D0%26gdpr_consent%3D%26external_user_id%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.23.11.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-23-11-45.compute-1.amazonaws.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Encoding
gzip
Content-Type
image/gif
Date
Fri, 18 Aug 2023 00:27:03 GMT
Server
nginx
Transfer-Encoding
chunked
gen_204
pagead2.googlesyndication.com/pagead/ Frame DAC5
0
0
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?step=receivedResponse&time=1692318423797&timeout=f&logid=0.17291436059667142&timediff=34&lid=43&sdkv=h.3.585.0&e=44751890%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275%2C44797735&id=ima_html5&c=2463457510211319&domain=itsallinanutshell.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.585.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2002 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 00:27:03 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame DAC5
0
0
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?rt=xfp&lid=17&sdkv=h.3.585.0&e=44751890%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275%2C44797735&id=ima_html5&c=2463457510211319&domain=itsallinanutshell.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.585.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2002 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 00:27:03 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame DAC5
0
0
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?contentLocation=flat&lid=160&sdkv=h.3.585.0&e=44751890%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275%2C44797735&id=ima_html5&c=2463457510211319&domain=itsallinanutshell.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.585.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2002 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 00:27:03 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
pubads.g.doubleclick.net/gampad/ Frame DAC5
156 B
143 B
XHR
General
Full URL
https://pubads.g.doubleclick.net/gampad/ads?correlator=1137696773424398&description_url=https%3A%2F%2Fitsallinanutshell.com%2F&env=vp&gdfp_req=1&output=xml_vast4&sz=400x300%7C640x480%7C640x360%7C300x168&unviewed_position_start=1&url=https%3A%2F%2Fitsallinanutshell.com%2F&ad_type=outstream_video&hl=en&max_ad_duration=30000&npa=0&tfcd=0&vpmute=0&iu=%2F21732118914%2C22975044942%2Fitsallinanutshell_com-outstream-video-1&vid_t=outstream&vpa=click&cust_params=act%3D1%26ap%3D1%26d%3D496996%26eb_br%3D4e79eeb5c47815f3d62b430ba7a86908%26ft%3D0%26ic%3D1%26iid1%3D2513559983666239%26plat%3D1%26t%3D0%26tap%3Ditsallinanutshell_com-outstream-video-1-2513559983666239&sdkv=h.3.585.0&osd=2&frm=0&vis=1&sdr=1&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&us_privacy=1---&sdki=445&ptt=20&adk=1223778887&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.585.0&sid=7648EDD4-4E4E-40C2-991F-8B2E54FF1B1B&nel=0&eid=44751890%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275%2C44797735&top=https%3A%2F%2Fitsallinanutshell.com%2F&loc=https%3A%2F%2Fitsallinanutshell.com%2F&dlt=1692318414472&idt=1455&dt=1692318423798&cookie=ID%3D873143505799b32e%3AT%3D1692318415%3ART%3D1692318415%3AS%3DALNI_MZKdxWcwhATBS_BWyj8cEreudmDwA&gpic=UID%3D00000d8c0537ff80%3AT%3D1692318415%3ART%3D1692318415%3AS%3DALNI_MaCTkwevePLqFczOym_Lp657bBqwA&scor=1727591382531775&ged=ve4_td10_tt8_pd10_la10000_er0.0.0.0_vi0.0.1200.1600_vp0_ts1_eb16491
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.585.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80c::2002 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 00:27:04 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
match
s.pubmine.com/ Frame E893
43 B
852 B
Document
General
Full URL
https://s.pubmine.com/match?bidder_id=11&ssp_data=de349555-d0ff-4738-bf5a-71b2f3727eaa&rid=&us_privacy=&gdpr=0&gdpr_consent=&external_user_id=2A9490F3-08AC-45EE-95C7-6A357A3D2EFD
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fs.pubmine.com%2Fmatch%3Fbidder_id%3D11%26ssp_data%3Dde349555-d0ff-4738-bf5a-71b2f3727eaa%26rid%3D%26us_privacy%3D%26gdpr%3D0%26gdpr_consent%3D%26external_user_id%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.23.11.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-23-11-45.compute-1.amazonaws.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Encoding
gzip
Content-Type
image/gif
Date
Fri, 18 Aug 2023 00:27:03 GMT
Server
nginx
Transfer-Encoding
chunked
styles__ltr.css
www.gstatic.com/recaptcha/releases/3kTz7WGoZLQTivI-amNftGZO/ Frame 3CE2
55 KB
24 KB
Stylesheet
General
Full URL
https://www.gstatic.com/recaptcha/releases/3kTz7WGoZLQTivI-amNftGZO/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=en&v=3kTz7WGoZLQTivI-amNftGZO&k=6Lf1KHQUAAAAAFNKEX1hdSWCS3mRMv4FlFaNslaD
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:809::2003 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 15 Aug 2023 23:15:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
177105
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24605
x-xss-protection
0
last-modified
Sun, 06 Aug 2023 12:02:10 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 14 Aug 2024 23:15:18 GMT
recaptcha__en.js
www.gstatic.com/recaptcha/releases/3kTz7WGoZLQTivI-amNftGZO/ Frame 3CE2
438 KB
176 KB
Script
General
Full URL
https://www.gstatic.com/recaptcha/releases/3kTz7WGoZLQTivI-amNftGZO/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=en&v=3kTz7WGoZLQTivI-amNftGZO&k=6Lf1KHQUAAAAAFNKEX1hdSWCS3mRMv4FlFaNslaD
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:809::2003 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
973351a8332ef14670e481d690b0e7d242a6b3c949fdcac75cb767068ee5241c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Wed, 16 Aug 2023 22:33:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
93243
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
180114
x-xss-protection
0
last-modified
Sun, 06 Aug 2023 12:02:10 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 15 Aug 2024 22:33:00 GMT
457.json
id5-sync.com/g/v2/
630 B
1 KB
XHR
General
Full URL
https://id5-sync.com/g/v2/457.json
Requested by
Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?cb=195-0-60
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.117 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533568.ip-162-19-138.eu
Software
/
Resource Hash
2a79e7a6998bf7cd13f491403002764b30fa529706acf7e0f1d79db7d0ce812b
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://itsallinanutshell.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 18 Aug 2023 00:27:03 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://itsallinanutshell.com
p3p
CP="CAO PSA OUR"
access-control-allow-credentials
true
match
s.pubmine.com/ Frame 9BBE
43 B
852 B
Document
General
Full URL
https://s.pubmine.com/match?bidder_id=26&ssp_data=de349555-d0ff-4738-bf5a-71b2f3727eaa&rid=&us_privacy=&gdpr=0&gdpr_consent=&external_user_id=2A9490F3-08AC-45EE-95C7-6A357A3D2EFD
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fs.pubmine.com%2Fmatch%3Fbidder_id%3D26%26ssp_data%3Dde349555-d0ff-4738-bf5a-71b2f3727eaa%26rid%3D%26us_privacy%3D%26gdpr%3D0%26gdpr_consent%3D%26external_user_id%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.23.11.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-23-11-45.compute-1.amazonaws.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Encoding
gzip
Content-Type
image/gif
Date
Fri, 18 Aug 2023 00:27:04 GMT
Server
nginx
Transfer-Encoding
chunked
usersync
usersync.gumgum.com/ Frame 1B3A
35 B
250 B
Document
General
Full URL
https://usersync.gumgum.com/usersync?b=pbm&i=2A9490F3-08AC-45EE-95C7-6A357A3D2EFD
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
3.214.33.241 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-214-33-241.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Fri, 18 Aug 2023 00:27:04 GMT
Expires
0
Pragma
no-cache
sodar
pagead2.googlesyndication.com/pagead/
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202308150101&jk=244299579352505&bg=!U1ClUATNAAZGPLJIZjw7ADkAdvg8WrIfxmatvWYa9NESoPJYOhjpgTMxGB4ZQc2R021kVRbLwn5Eboez84z8yVY7HPrDVEmucu8CAAACaFIAAAAKaAEHCgBwEr3IPrMSf9hrzsxSpklzdF1WPfjbQtwRy4jNkfAptC5AyATdFPkwZudiTRt0zOjtZuKFtAy2Kn42Im_FPunZGhccHIzpk2ixx2uyyXyhEnqcUIB2XJC0bJ70gUyMbWPgGwOQEChXqGVnAjrbBiYeR5kC0AGKlFyYTchak5V3PvUehHsG9Ow8rqAYDjZANIFHHtovaA9GiO2i58nxNLOMHoHFIE1eLd7mwii__iz71f1Vf73PBYbZjhw-YxvheUJOycdfJ_oQD77uHsSYsPqDqreE7uEXHokInNRGHkxjVFZfBIACAJUjIZWr7ygN3gtFQHWEZiMNXXikRYPbIFPNm2Gcg4BAoYzMAnNXrANup-TdoLwNOL3sx9YzlemNAQlHhgk2-s_I4zQwpL2UtUrK-L60FpsyXL7CfViZKCJZFP_ExnDAiV4jJa19E9XrcZe1ddrW5p9DCcb5VgLWiqt7q_0H3eMj-Ze0XrYFL6COIM2U2QZe0Yr-eO2pMODic4wwdlahhj8PyfBc6_IMJOkSCsBJyrkmffOc41DNYdZbLdxgi8WLZUX4xjYlYSboULisYWmh0xOI12_55CY-M-NvujDPxSZntGPDDc2By-WCOE4jLI1KkXP3VUbk9qshylHZlXli-poHwSKkLMPp60CJGskITIUqCHjTflydzbCCUtDOeghP2hiHNBGDTfQVVKfen2r-Ce_ceED9UTP8SAhpM83E4XJ3gIJgsrdxECfrK8zWg56mXtRay9exfXF7ualeLQO_yu2KNpmgivQ4IW-rOErKt_ZY7baQaeSvYDA-EIrKFdv_L_MdVZbRMFemKvpfiyolIg9_ePq2xkQx6w_-Bx3dBv2rsqy8JxxtU2kOJ9VZMR_nRD0ZIxeTZUnsuA4SxPjMePMJN9rK_5af4l1L3tMc-uYpPjELEmg4iOJrapcJeYRQ1hvO3vhQr2uU78KG47At2rpYih0ExqmcByOLHKigW1l-1nevkiOkil66_HkWKaoijOrXoRpGv2TzZ_8EMScyz7j2ku2AJUnc4hBAmrs7nyFWmjuvw80g71zW5rIjL9GRv5SQwsxgzD9kKpN6mn6_5RROklayLwT41ZfBcF0GuQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2002 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://itsallinanutshell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

army.gif
itsallinanutshell.com/porpoiseant/
0
16 B
Ping
General
Full URL
https://itsallinanutshell.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNjU2MTkzOTYzOTYwNDA2MiIsImRvbWFpbl9pZCI6IjQ5Njk5NiIsInVuaXQiOiJkaXYtZ3B0LWFkLWl0c2FsbGluYW51dHNoZWxsX2NvbS1tZWRyZWN0YW5nbGUtMi0wIiwidF9lcG9jaCI6MTY5MjMxODQxNCwicmV2ZW51ZSI6MCwiZXN0X3JldmVudWUiOjAsImFkX3Bvc2l0aW9uIjoxMTAwLCJhZF9zaXplIjoiIiwiYmlkX2Zsb29yX2ZpbGxlZCI6MCwiYmlkX2Zsb29yX3ByZXYiOjAsInN0YXRfc291cmNlX2lkIjowLCJjb3VudHJ5X2NvZGUiOiJVUyIsInBhZ2V2aWV3X2lkIjoiYjY0ZmQxZWQtZGQzYy00OGUzLTQ1NmUtNTQ1ZWFlNThjODE1IiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjo0OTc0ODg2MDE4LCJjcmVhdGl2ZV9pZCI6MTM4MjQxMTIzNTE3LCJkYXRhIjpbeyJuYW1lIjoidmlld2VkIiwidmFsIjoiMSJ9XSwiaXNfb3JpZyI6ZmFsc2V9XQ==
Requested by
Host: www.ezojs.com
URL: https://www.ezojs.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-17y07-2y1e-7y0b-6y0d-27y13-4y16-3y18-4y1c-5y21-4y22-1y25-2y24-5y26-3y29-72y2c-158y30-176y34-4y36-21y3a-12y3b-6y59-2y5d-22&cmbcb=178&sj=x04x02x06x07x1ex0bx0dx13x16x18x1cx21x22x25x24x26x29x2cx30x34x36x3ax3bx59x5d&abt=EdgeHostDomain
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1f10:4c55:e23f:afb4:7f32:3aa4:fbc Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://itsallinanutshell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

access-control-allow-origin
https://itsallinanutshell.com
x-middleton-display
ezp_sol
date
Fri, 18 Aug 2023 00:27:03 GMT
cache-control
private, max-age=0, must-revalidate, no-cache, no-store
vary
Accept-Encoding
expires
Thu, 17 Aug 2023 00:27:03 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame DAC5
0
0
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?sic=0&eic=1&lst=none&lec=1009&lid=176&sdkv=h.3.585.0&e=44751890%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275%2C44797735&id=ima_html5&c=2463457510211319&domain=itsallinanutshell.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.585.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2002 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 00:27:04 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
v1
btlr.sharethrough.com/universal/
515 B
478 B
XHR
General
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?cb=195-0-60
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.237.83.209 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-237-83-209.compute-1.amazonaws.com
Software
/
Resource Hash
899cd09ac71cfe4a15834dfd67351f179185db00b3d1cd44fb3e845dab083d17

Request headers

Referer
https://itsallinanutshell.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 18 Aug 2023 00:27:04 GMT
content-encoding
gzip
x-openrtb-version
2.5
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://itsallinanutshell.com
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
302
prebid-request
onetag-sys.com/
15 B
368 B
XHR
General
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?cb=195-0-60
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.222.39.185 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip185.ip-51-222-39.net
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://itsallinanutshell.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
content-type
application/json
access-control-allow-origin
https://itsallinanutshell.com
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control
no-transform, no-cache
access-control-allow-credentials
true
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
match
events-ssc.33across.com/ Frame BA70
68 B
82 B
Document
General
Full URL
https://events-ssc.33across.com/match?liv=h&us_privacy=&bidder_id=25&external_user_id=2A9490F3-08AC-45EE-95C7-6A357A3D2EFD
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?&p=156423&us_privacy=&predirect=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D25%26external_user_id%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
68
content-type
image/png
date
Fri, 18 Aug 2023 00:27:04 GMT
via
1.1 google
activeview
pagead2.googlesyndication.com/pcs/ Frame 0491
42 B
64 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuNDvKNAtcM2CjdtwMV8TtTUuB2ec8FkriOzw71MEan8jfxrhr6WR8WnTqjrlvf156YO6Jsw-9B_98YXEx3Cmm__Uet3SiPgEs1uGQ&sig=Cg0ArKJSzGhWJ0aohwuoEAE&id=lidar2&mcvt=1001&p=302,1440,902,1600&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20230816&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=4225512732&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1692318421345&rpt=2055&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2002 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://f9aff9bef49e1270a22b691c950b742a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 00:27:04 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame A955
42 B
64 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu4yJZAzz0xucaBrFs9q-2s3y40x66YrvVtSnc1zGlmobsI3d302UYy34DMKZKomXLDML1CINejSToX2_UHElUV424uwPdcsIvbxZY&sig=Cg0ArKJSzOVBPLgzXsanEAE&id=lidar2&mcvt=1007&p=302,0,902,160&mtos=1007,1007,1007,1007,1007&tos=1007,0,0,0,0&v=20230816&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=905025581&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1692318421324&rpt=1996&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2002 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://f9aff9bef49e1270a22b691c950b742a.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 00:27:04 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
integrator.js
adservice.google.com/adsid/
107 B
122 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=itsallinanutshell.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:809::2002 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://itsallinanutshell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 00:27:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame DAC5
0
0
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?mode=1&lid=41&sdkv=h.3.585.0&e=44751890%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275%2C44797735&id=ima_html5&c=2463457510211319&domain=itsallinanutshell.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.585.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2002 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 00:27:04 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame DAC5
0
0
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?native=f&gdpr=f&tcStrValid=f&lid=165&sdkv=h.3.585.0&e=44751890%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275%2C44797735&id=ima_html5&c=2463457510211319&domain=itsallinanutshell.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.585.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2002 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 00:27:04 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame DAC5
0
0
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?delay=0&vpaidadapter=f&request_type=xfp&ctv=0&lid=6&sdkv=h.3.585.0&e=44751890%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275%2C44797735&id=ima_html5&c=2463457510211319&domain=itsallinanutshell.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.585.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2002 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 00:27:04 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame DAC5
0
0
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?step=sendingMessage&logid=0.9784909194325504&time=1692318424438&lid=43&sdkv=h.3.585.0&e=44751890%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275%2C44797735&id=ima_html5&c=2463457510211319&domain=itsallinanutshell.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.585.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2002 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 00:27:04 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame DAC5
0
0
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?step=receivedResponse&time=1692318424442&timeout=f&logid=0.9784909194325504&timediff=4&lid=43&sdkv=h.3.585.0&e=44751890%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275%2C44797735&id=ima_html5&c=2463457510211319&domain=itsallinanutshell.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.585.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2002 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 00:27:04 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame DAC5
0
0
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?rt=xfp&lid=17&sdkv=h.3.585.0&e=44751890%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275%2C44797735&id=ima_html5&c=2463457510211319&domain=itsallinanutshell.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.585.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2002 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 00:27:04 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame DAC5
0
0
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?contentLocation=flat&lid=160&sdkv=h.3.585.0&e=44751890%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275%2C44797735&id=ima_html5&c=2463457510211319&domain=itsallinanutshell.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.585.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2002 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 00:27:04 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
pubads.g.doubleclick.net/gampad/ Frame DAC5
156 B
143 B
XHR
General
Full URL
https://pubads.g.doubleclick.net/gampad/ads?correlator=1137696773424398&description_url=https%3A%2F%2Fitsallinanutshell.com%2F&env=vp&gdfp_req=1&output=xml_vast4&sz=400x300%7C640x480%7C640x360%7C300x168&unviewed_position_start=1&url=https%3A%2F%2Fitsallinanutshell.com%2F&ad_type=outstream_video&hl=en&max_ad_duration=30000&npa=0&tfcd=0&vpmute=0&iu=%2F21732118914%2C22975044942%2Fitsallinanutshell_com-outstream-video-1&vid_t=outstream&vpa=click&cust_params=act%3D1%26ap%3D1%26d%3D496996%26eb_br%3D13505aceb7f83a105b073aa7cc81124c%26ft%3D0%26ic%3D1%26iid1%3D2513559983666239%26plat%3D1%26t%3D0%26tap%3Ditsallinanutshell_com-outstream-video-1-2513559983666239&sdkv=h.3.585.0&osd=2&frm=0&vis=1&sdr=1&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&us_privacy=1---&sdki=445&ptt=20&adk=1223778887&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.585.0&sid=7648EDD4-4E4E-40C2-991F-8B2E54FF1B1B&nel=0&eid=44751890%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275%2C44797735&top=https%3A%2F%2Fitsallinanutshell.com%2F&loc=https%3A%2F%2Fitsallinanutshell.com%2F&dlt=1692318414472&idt=1455&dt=1692318424444&cookie=ID%3D873143505799b32e%3AT%3D1692318415%3ART%3D1692318415%3AS%3DALNI_MZKdxWcwhATBS_BWyj8cEreudmDwA&gpic=UID%3D00000d8c0537ff80%3AT%3D1692318415%3ART%3D1692318415%3AS%3DALNI_MaCTkwevePLqFczOym_Lp657bBqwA&scor=1727591382531775&ged=ve4_td10_tt8_pd10_la10000_er0.0.0.0_vi0.0.1200.1600_vp0_ts0_eb16491
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.585.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80c::2002 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 00:27:04 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
match
events-ssc.33across.com/ Frame 6826
68 B
82 B
Document
General
Full URL
https://events-ssc.33across.com/match?liv=h&us_privacy=&bidder_id=25&external_user_id=2A9490F3-08AC-45EE-95C7-6A357A3D2EFD
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?&p=156423&us_privacy=&predirect=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D25%26external_user_id%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
68
content-type
image/png
date
Fri, 18 Aug 2023 00:27:04 GMT
via
1.1 google
army.gif
itsallinanutshell.com/porpoiseant/
0
62 B
Ping
General
Full URL
https://itsallinanutshell.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNjU2MTkzOTYzOTYwNDA2MiIsImRvbWFpbl9pZCI6IjQ5Njk5NiIsInVuaXQiOiJkaXYtZ3B0LWFkLWl0c2FsbGluYW51dHNoZWxsX2NvbS1tZWRyZWN0YW5nbGUtMi0wIiwidF9lcG9jaCI6MTY5MjMxODQxNCwiYWRfcG9zaXRpb24iOjExMDAsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJVUyIsInBhZ2V2aWV3X2lkIjoiYjY0ZmQxZWQtZGQzYy00OGUzLTQ1NmUtNTQ1ZWFlNThjODE1IiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjo0OTc0ODg2MDE4LCJjcmVhdGl2ZV9pZCI6MTM4MjQxMTIzNTE3LCJkYXRhIjpbeyJuYW1lIjoiZmlsbGVkX3NpemUiLCJ2YWwiOiJbNzI4LDkwXSJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNjU2MTkzOTYzOTYwNDA2MiIsImRvbWFpbl9pZCI6IjQ5Njk5NiIsInVuaXQiOiJkaXYtZ3B0LWFkLWl0c2FsbGluYW51dHNoZWxsX2NvbS1tZWRyZWN0YW5nbGUtMi0wIiwidF9lcG9jaCI6MTY5MjMxODQxNCwiYWRfcG9zaXRpb24iOjExMDAsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJVUyIsInBhZ2V2aWV3X2lkIjoiYjY0ZmQxZWQtZGQzYy00OGUzLTQ1NmUtNTQ1ZWFlNThjODE1IiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjo0OTc0ODg2MDE4LCJjcmVhdGl2ZV9pZCI6MTM4MjQxMTIzNTE3LCJkYXRhIjpbeyJuYW1lIjoiZmlsbGVkX2ZsdWlkIiwidmFsIjoiZmFsc2UifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6IjY1NjE5Mzk2Mzk2MDQwNjIiLCJkb21haW5faWQiOiI0OTY5OTYiLCJ1bml0IjoiZGl2LWdwdC1hZC1pdHNhbGxpbmFudXRzaGVsbF9jb20tbWVkcmVjdGFuZ2xlLTItMCIsInRfZXBvY2giOjE2OTIzMTg0MTQsImFkX3Bvc2l0aW9uIjoxMTAwLCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiVVMiLCJwYWdldmlld19pZCI6ImI2NGZkMWVkLWRkM2MtNDhlMy00NTZlLTU0NWVhZTU4YzgxNSIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6NDk3NDg4NjAxOCwiY3JlYXRpdmVfaWQiOjEzODI0MTEyMzUxNywiZGF0YSI6W3sibmFtZSI6ImRvbWFpbl9kZnBfc3R5bGVfaWQiLCJ2YWwiOiIxNCJ9XSwiaXNfb3JpZyI6ZmFsc2V9XQ==
Requested by
Host: www.ezojs.com
URL: https://www.ezojs.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-17y07-2y1e-7y0b-6y0d-27y13-4y16-3y18-4y1c-5y21-4y22-1y25-2y24-5y26-3y29-72y2c-158y30-176y34-4y36-21y3a-12y3b-6y59-2y5d-22&cmbcb=178&sj=x04x02x06x07x1ex0bx0dx13x16x18x1cx21x22x25x24x26x29x2cx30x34x36x3ax3bx59x5d&abt=EdgeHostDomain
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1f10:4c55:e23f:afb4:7f32:3aa4:fbc Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://itsallinanutshell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

access-control-allow-origin
https://itsallinanutshell.com
x-middleton-display
ezp_sol
date
Fri, 18 Aug 2023 00:27:04 GMT
cache-control
private, max-age=0, must-revalidate, no-cache, no-store
vary
Accept-Encoding
expires
Thu, 17 Aug 2023 00:27:04 GMT
match
events-ssc.33across.com/ Frame 4CD7
68 B
82 B
Document
General
Full URL
https://events-ssc.33across.com/match?liv=h&us_privacy=&bidder_id=25&external_user_id=2A9490F3-08AC-45EE-95C7-6A357A3D2EFD
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?&p=156423&us_privacy=&predirect=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D25%26external_user_id%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
68
content-type
image/png
date
Fri, 18 Aug 2023 00:27:04 GMT
via
1.1 google
usersync
usersync.gumgum.com/ Frame 9243
35 B
250 B
Document
General
Full URL
https://usersync.gumgum.com/usersync?b=pbm&i=2A9490F3-08AC-45EE-95C7-6A357A3D2EFD
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
3.214.33.241 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-214-33-241.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Fri, 18 Aug 2023 00:27:04 GMT
Expires
0
Pragma
no-cache
army.gif
itsallinanutshell.com/porpoiseant/
0
16 B
Ping
General
Full URL
https://itsallinanutshell.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNDkzMTkxODk2MTYyNzA4NiIsImRvbWFpbl9pZCI6IjQ5Njk5NiIsInVuaXQiOiJkaXYtZ3B0LWFkLWl0c2FsbGluYW51dHNoZWxsX2NvbS1lZGdlLTItMCIsInRfZXBvY2giOjE2OTIzMTg0MTQsInJldmVudWUiOjAsImVzdF9yZXZlbnVlIjowLCJhZF9wb3NpdGlvbiI6MTEwMiwiYWRfc2l6ZSI6IiIsImJpZF9mbG9vcl9maWxsZWQiOjAsImJpZF9mbG9vcl9wcmV2IjowLCJzdGF0X3NvdXJjZV9pZCI6MCwiY291bnRyeV9jb2RlIjoiVVMiLCJwYWdldmlld19pZCI6ImI2NGZkMWVkLWRkM2MtNDhlMy00NTZlLTU0NWVhZTU4YzgxNSIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6NDk3NTQwMjMxOSwiY3JlYXRpdmVfaWQiOjEzODI0MTEyMzUxNywiZGF0YSI6W3sibmFtZSI6InZpZXdlZCIsInZhbCI6IjEifV0sImlzX29yaWciOmZhbHNlfV0=
Requested by
Host: www.ezojs.com
URL: https://www.ezojs.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-17y07-2y1e-7y0b-6y0d-27y13-4y16-3y18-4y1c-5y21-4y22-1y25-2y24-5y26-3y29-72y2c-158y30-176y34-4y36-21y3a-12y3b-6y59-2y5d-22&cmbcb=178&sj=x04x02x06x07x1ex0bx0dx13x16x18x1cx21x22x25x24x26x29x2cx30x34x36x3ax3bx59x5d&abt=EdgeHostDomain
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1f10:4c55:e23f:afb4:7f32:3aa4:fbc Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://itsallinanutshell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

access-control-allow-origin
https://itsallinanutshell.com
x-middleton-display
ezp_sol
date
Fri, 18 Aug 2023 00:27:04 GMT
cache-control
private, max-age=0, must-revalidate, no-cache, no-store
vary
Accept-Encoding
expires
Thu, 17 Aug 2023 00:27:04 GMT
army.gif
itsallinanutshell.com/porpoiseant/
0
16 B
Ping
General
Full URL
https://itsallinanutshell.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiNzk5OTE5Mjg5NzY1MzcyNyIsImRvbWFpbl9pZCI6IjQ5Njk5NiIsInVuaXQiOiJkaXYtZ3B0LWFkLWl0c2FsbGluYW51dHNoZWxsX2NvbS1lZGdlLTEtMCIsInRfZXBvY2giOjE2OTIzMTg0MTQsInJldmVudWUiOjAsImVzdF9yZXZlbnVlIjowLCJhZF9wb3NpdGlvbiI6MTEwMSwiYWRfc2l6ZSI6IiIsImJpZF9mbG9vcl9maWxsZWQiOjAsImJpZF9mbG9vcl9wcmV2IjowLCJzdGF0X3NvdXJjZV9pZCI6MCwiY291bnRyeV9jb2RlIjoiVVMiLCJwYWdldmlld19pZCI6ImI2NGZkMWVkLWRkM2MtNDhlMy00NTZlLTU0NWVhZTU4YzgxNSIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6NDk3NDkwNDI3MiwiY3JlYXRpdmVfaWQiOjEzODI0MTEyMzUxNywiZGF0YSI6W3sibmFtZSI6InZpZXdlZCIsInZhbCI6IjEifV0sImlzX29yaWciOmZhbHNlfV0=
Requested by
Host: www.ezojs.com
URL: https://www.ezojs.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-17y07-2y1e-7y0b-6y0d-27y13-4y16-3y18-4y1c-5y21-4y22-1y25-2y24-5y26-3y29-72y2c-158y30-176y34-4y36-21y3a-12y3b-6y59-2y5d-22&cmbcb=178&sj=x04x02x06x07x1ex0bx0dx13x16x18x1cx21x22x25x24x26x29x2cx30x34x36x3ax3bx59x5d&abt=EdgeHostDomain
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1f10:4c55:e23f:afb4:7f32:3aa4:fbc Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://itsallinanutshell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

access-control-allow-origin
https://itsallinanutshell.com
x-middleton-display
ezp_sol
date
Fri, 18 Aug 2023 00:27:04 GMT
cache-control
private, max-age=0, must-revalidate, no-cache, no-store
vary
Accept-Encoding
expires
Thu, 17 Aug 2023 00:27:04 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 2C7C
42 B
64 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss0Y2tz4ewSaGUzZeKArWDy80ARfb3IUHObQM1PO3utlCkqcxN1kq6LGrXQ0YOYab4M16c6uJQg65AgPunrvM0kanqIwzq-OCQqhbyyne7HAfWuoCIpexm1w1kzmjb4AMbMVCpIyQBqrg&sai=AMfl-YRhHJEsweA-bTN0L3PQxVdsqaliXtN6CqcvusVbD3eBdC1r4idjnSgrS__0KUaj4ZOw5_d4Q4ySvctMB0SDmogNDeiiSyemplGU1AgtewXYLDxORQU-FbP4RWKB&sig=Cg0ArKJSzN_JhYhKqx1xEAE&cid=CAQSPABpAlJWe_fWOY7mDMqQ18XWFvIrk5GoYB81iBYSeSv8E_pBXihoduphBjMZnNYFVFOhQHk9zOrLbSfyXhgB&id=ampim&o=436,1110&d=728,90&ss=1600,1200&bs=1600,1200&mcvt=1002&mtos=0,0,1002,1002,1002&tos=0,0,1002,0,0&tfs=699&tls=1701&g=100&h=100&tt=1701&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2002 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://itsallinanutshell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 00:27:04 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
match
events-ssc.33across.com/ Frame D892
68 B
82 B
Document
General
Full URL
https://events-ssc.33across.com/match?liv=h&us_privacy=&bidder_id=25&external_user_id=2A9490F3-08AC-45EE-95C7-6A357A3D2EFD
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?&p=156423&us_privacy=&predirect=https%3A%2F%2Fevents-ssc.33across.com%2Fmatch%3Fliv%3Dh%26us_privacy%3D%26bidder_id%3D25%26external_user_id%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.239.71 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
71.239.117.34.bc.googleusercontent.com
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
68
content-type
image/png
date
Fri, 18 Aug 2023 00:27:04 GMT
via
1.1 google
imp_view_pixel
s.pubmine.com/
43 B
286 B
Image
General
Full URL
https://s.pubmine.com/imp_view_pixel?tuuid=de349555-d0ff-4738-bf5a-71b2f3727eaa&pc=GfnldjUMkOngW-46wZ21wMMXtGye5arNVvkJCcInKtQXajoXk35hZqaL-930StvqVO75iqK-RlSIauRCaaaiVSDCdtxbvVUu7--vx7wJaRd3gx437ohPolXtSeVy2CdcbFOxK5ZCNN5uIWU-_eJCDJZJ2ujCHGPSXTwRW11eF23a8TqfOCKn
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.23.11.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-23-11-45.compute-1.amazonaws.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-US,en;q=0.9
Referer
https://itsallinanutshell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date
Fri, 18 Aug 2023 00:27:04 GMT
Cache-Control
no-cache, no-store, must-revalidate
Content-Encoding
gzip
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
image/gif
gen_204
pagead2.googlesyndication.com/pagead/ Frame DAC5
0
0
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?sic=0&eic=1&lst=none&lec=1009&lid=176&sdkv=h.3.585.0&e=44751890%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275%2C44797735&id=ima_html5&c=2463457510211319&domain=itsallinanutshell.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.585.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2002 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 00:27:04 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
v1
btlr.sharethrough.com/universal/
426 B
448 B
XHR
General
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?cb=195-0-60
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.237.83.209 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-237-83-209.compute-1.amazonaws.com
Software
/
Resource Hash
5f4d263e40d43895691ece191073bf7eb121d7585569271a0e17605a871d3ae0

Request headers

Referer
https://itsallinanutshell.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 18 Aug 2023 00:27:04 GMT
content-encoding
gzip
x-openrtb-version
2.5
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://itsallinanutshell.com
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
294
prebid-request
onetag-sys.com/
15 B
368 B
XHR
General
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?cb=195-0-60
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.222.39.185 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip185.ip-51-222-39.net
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://itsallinanutshell.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
content-type
application/json
access-control-allow-origin
https://itsallinanutshell.com
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control
no-transform, no-cache
access-control-allow-credentials
true
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
integrator.js
adservice.google.com/adsid/
107 B
122 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=itsallinanutshell.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:809::2002 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://itsallinanutshell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 00:27:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame DAC5
0
0
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?mode=1&lid=41&sdkv=h.3.585.0&e=44751890%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275%2C44797735&id=ima_html5&c=2463457510211319&domain=itsallinanutshell.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.585.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2002 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 00:27:04 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame DAC5
0
0
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?native=f&gdpr=f&tcStrValid=f&lid=165&sdkv=h.3.585.0&e=44751890%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275%2C44797735&id=ima_html5&c=2463457510211319&domain=itsallinanutshell.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.585.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2002 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 00:27:04 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame DAC5
0
0
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?delay=0&vpaidadapter=f&request_type=xfp&ctv=0&lid=6&sdkv=h.3.585.0&e=44751890%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275%2C44797735&id=ima_html5&c=2463457510211319&domain=itsallinanutshell.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.585.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2002 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 00:27:04 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame DAC5
0
0
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?step=sendingMessage&logid=0.3668316927402888&time=1692318424948&lid=43&sdkv=h.3.585.0&e=44751890%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275%2C44797735&id=ima_html5&c=2463457510211319&domain=itsallinanutshell.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.585.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2002 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 00:27:04 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame DAC5
0
0
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?step=receivedResponse&time=1692318424955&timeout=f&logid=0.3668316927402888&timediff=7&lid=43&sdkv=h.3.585.0&e=44751890%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275%2C44797735&id=ima_html5&c=2463457510211319&domain=itsallinanutshell.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.585.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2002 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 00:27:04 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame DAC5
0
0
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?rt=xfp&lid=17&sdkv=h.3.585.0&e=44751890%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275%2C44797735&id=ima_html5&c=2463457510211319&domain=itsallinanutshell.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.585.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2002 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 00:27:04 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame DAC5
0
0
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?contentLocation=flat&lid=160&sdkv=h.3.585.0&e=44751890%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275%2C44797735&id=ima_html5&c=2463457510211319&domain=itsallinanutshell.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.585.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2002 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 00:27:04 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
pubads.g.doubleclick.net/gampad/ Frame DAC5
156 B
143 B
XHR
General
Full URL
https://pubads.g.doubleclick.net/gampad/ads?correlator=1137696773424398&description_url=https%3A%2F%2Fitsallinanutshell.com%2F&env=vp&gdfp_req=1&output=xml_vast4&sz=400x300%7C640x480%7C640x360%7C300x168&unviewed_position_start=1&url=https%3A%2F%2Fitsallinanutshell.com%2F&ad_type=outstream_video&hl=en&max_ad_duration=30000&npa=0&tfcd=0&vpmute=0&iu=%2F21732118914%2C22975044942%2Fitsallinanutshell_com-outstream-video-1&vid_t=outstream&vpa=click&cust_params=act%3D1%26ap%3D1%26d%3D496996%26eb_br%3Db09f4d2e4dcd3d270724508a246baee4%26ft%3D0%26ic%3D1%26iid1%3D2513559983666239%26plat%3D1%26t%3D0%26tap%3Ditsallinanutshell_com-outstream-video-1-2513559983666239&sdkv=h.3.585.0&osd=2&frm=0&vis=1&sdr=1&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&us_privacy=1---&sdki=445&ptt=20&adk=1223778887&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.585.0&sid=7648EDD4-4E4E-40C2-991F-8B2E54FF1B1B&nel=0&eid=44751890%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275%2C44797735&top=https%3A%2F%2Fitsallinanutshell.com%2F&loc=https%3A%2F%2Fitsallinanutshell.com%2F&dlt=1692318414472&idt=1455&dt=1692318424956&cookie=ID%3D873143505799b32e%3AT%3D1692318415%3ART%3D1692318415%3AS%3DALNI_MZKdxWcwhATBS_BWyj8cEreudmDwA&gpic=UID%3D00000d8c0537ff80%3AT%3D1692318415%3ART%3D1692318415%3AS%3DALNI_MaCTkwevePLqFczOym_Lp657bBqwA&scor=1727591382531775&ged=ve4_td11_tt9_pd11_la11000_er0.0.0.0_vi0.0.1200.1600_vp0_ts1_eb16491
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.585.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80c::2002 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 00:27:05 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame DAC5
0
0
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?sic=0&eic=1&lst=none&lec=1009&lid=176&sdkv=h.3.585.0&e=44751890%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275%2C44797735&id=ima_html5&c=2463457510211319&domain=itsallinanutshell.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.585.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2002 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 00:27:05 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
v1
btlr.sharethrough.com/universal/
322 B
424 B
XHR
General
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?cb=195-0-60
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.237.83.209 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-237-83-209.compute-1.amazonaws.com
Software
/
Resource Hash
ed0d103dd87f6fa53bf25fdbee0f67c2ef973519e4808b553d7359cfdd5f1cf9

Request headers

Referer
https://itsallinanutshell.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 18 Aug 2023 00:27:05 GMT
content-encoding
gzip
x-openrtb-version
2.5
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://itsallinanutshell.com
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
247
prebid-request
onetag-sys.com/
15 B
368 B
XHR
General
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?cb=195-0-60
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.222.39.185 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip185.ip-51-222-39.net
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://itsallinanutshell.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
content-type
application/json
access-control-allow-origin
https://itsallinanutshell.com
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control
no-transform, no-cache
access-control-allow-credentials
true
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
integrator.js
adservice.google.com/adsid/
107 B
122 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=itsallinanutshell.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:809::2002 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://itsallinanutshell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 00:27:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame DAC5
0
0
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?mode=1&lid=41&sdkv=h.3.585.0&e=44751890%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275%2C44797735&id=ima_html5&c=2463457510211319&domain=itsallinanutshell.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.585.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2002 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 00:27:05 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame DAC5
0
0
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?native=f&gdpr=f&tcStrValid=f&lid=165&sdkv=h.3.585.0&e=44751890%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275%2C44797735&id=ima_html5&c=2463457510211319&domain=itsallinanutshell.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.585.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2002 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 00:27:05 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame DAC5
0
0
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?delay=0&vpaidadapter=f&request_type=xfp&ctv=0&lid=6&sdkv=h.3.585.0&e=44751890%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275%2C44797735&id=ima_html5&c=2463457510211319&domain=itsallinanutshell.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.585.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2002 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 00:27:05 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame DAC5
0
0
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?step=sendingMessage&logid=0.3606233896143214&time=1692318425698&lid=43&sdkv=h.3.585.0&e=44751890%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275%2C44797735&id=ima_html5&c=2463457510211319&domain=itsallinanutshell.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.585.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2002 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 00:27:05 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame DAC5
0
0
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?step=receivedResponse&time=1692318425702&timeout=f&logid=0.3606233896143214&timediff=4&lid=43&sdkv=h.3.585.0&e=44751890%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275%2C44797735&id=ima_html5&c=2463457510211319&domain=itsallinanutshell.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.585.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2002 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 00:27:05 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame DAC5
0
0
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?rt=xfp&lid=17&sdkv=h.3.585.0&e=44751890%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275%2C44797735&id=ima_html5&c=2463457510211319&domain=itsallinanutshell.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.585.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2002 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 00:27:05 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame DAC5
0
0
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?contentLocation=flat&lid=160&sdkv=h.3.585.0&e=44751890%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275%2C44797735&id=ima_html5&c=2463457510211319&domain=itsallinanutshell.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.585.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2002 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 00:27:05 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
pubads.g.doubleclick.net/gampad/ Frame DAC5
156 B
143 B
XHR
General
Full URL
https://pubads.g.doubleclick.net/gampad/ads?correlator=1137696773424398&description_url=https%3A%2F%2Fitsallinanutshell.com%2F&env=vp&gdfp_req=1&output=xml_vast4&sz=400x300%7C640x480%7C640x360%7C300x168&unviewed_position_start=1&url=https%3A%2F%2Fitsallinanutshell.com%2F&ad_type=outstream_video&hl=en&max_ad_duration=30000&npa=0&tfcd=0&vpmute=0&iu=%2F21732118914%2C22975044942%2Fitsallinanutshell_com-outstream-video-1&vid_t=outstream&vpa=click&cust_params=act%3D1%26ap%3D1%26d%3D496996%26eb_br%3Df63322dda53fb357fc621e718fd4fb87%26ft%3D0%26ic%3D1%26iid1%3D2513559983666239%26plat%3D1%26t%3D0%26tap%3Ditsallinanutshell_com-outstream-video-1-2513559983666239&sdkv=h.3.585.0&osd=2&frm=0&vis=1&sdr=1&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&us_privacy=1---&sdki=445&ptt=20&adk=1223778887&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.585.0&sid=7648EDD4-4E4E-40C2-991F-8B2E54FF1B1B&nel=0&eid=44751890%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275%2C44797735&top=https%3A%2F%2Fitsallinanutshell.com%2F&loc=https%3A%2F%2Fitsallinanutshell.com%2F&dlt=1692318414472&idt=1455&dt=1692318425704&cookie=ID%3D873143505799b32e%3AT%3D1692318415%3ART%3D1692318415%3AS%3DALNI_MZKdxWcwhATBS_BWyj8cEreudmDwA&gpic=UID%3D00000d8c0537ff80%3AT%3D1692318415%3ART%3D1692318415%3AS%3DALNI_MaCTkwevePLqFczOym_Lp657bBqwA&scor=1727591382531775&ged=ve4_td12_tt10_pd12_la12000_er0.0.0.0_vi0.0.1200.1600_vp0_ts1_eb16491
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.585.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80c::2002 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 00:27:06 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
xXlqfLz3jhHCtfbunpGq5emaPDx17iBGQynh0m6F.jpg
storage.mlcdn.com/account_image/450750/ Frame 11BE
1 MB
1 MB
Image
General
Full URL
https://storage.mlcdn.com/account_image/450750/xXlqfLz3jhHCtfbunpGq5emaPDx17iBGQynh0m6F.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:6cb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f5ec81b6d378f62fb1e56a4feb40f824e182753970c6d604fd14b8e107317e0d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://assets.mailerlite.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 00:27:07 GMT
cf-cache-status
MISS
x-guploader-uploadid
ADPycdv6DxDDManQYcOBTvEZMdkvt1KOLCSNeydE7SlN2S8Zk8QNGkSUsmPYFxekqvXaBo39hrpPo6cyiwmsnYeeY1nVqEO7d868
x-goog-storage-class
REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-length
1488266
last-modified
Tue, 23 May 2023 16:51:05 GMT
server
cloudflare
etag
"329512df877af73235aa356f2d1b6391"
vary
Accept-Encoding
x-goog-generation
1684860665945792
content-type
image/jpeg
x-goog-hash
crc32c=E+u+UQ==, md5=MpUS34d69zI1qjVvLRtjkQ==
cache-control
public, max-age=691200
x-goog-stored-content-length
1488266
accept-ranges
bytes
cf-ray
7f860772af014bd3-BUF
expires
Fri, 18 Aug 2023 01:27:06 GMT
pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.mailerlite.com/fonts/s/poppins/v20/ Frame 11BE
8 KB
8 KB
Font
General
Full URL
https://fonts.mailerlite.com/fonts/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2
Requested by
Host: fonts.mailerlite.com
URL: https://fonts.mailerlite.com/css?family=Roboto:400,400i,700,700i|Merriweather:400,900i,900,700i,700,300,300i,400i|Lato:400,400i,700,700i|Montserrat:400,400i,700,700i|Montserrat+Alternates:400,400i,700,700i|Open+Sans:400,400i,700,700i|PT+Sans:400,400i,700,700i|Source+Sans+Pro:400,400i,700,700i|Roboto+Slab:400,700|Ubuntu:400,400i,700,700i|Titillium+Web:400,400i,700,700i|Nunito:400,400i,700,700i|Cabin:400,400i,700,700i|Oswald:400,700|Work+Sans:400,700|Exo:400,400i,700,700i|Comfortaa:400,700|Raleway:400,400i,700,700i|Oxygen:400,700|Poppins:400,400i,700,700i|Playfair+Display:400,400i,700,700i|Shadows+Into+Light+Two|PT+Serif:400,400italic,700,700italic|Josefin+Slab:400,400italic,700,700italic|Arvo:400,700,700italic,400italic|Vollkorn:400,400italic,700,700italic|Karla:400,400italic,700,700italic|Noto+Sans:400,400italic,700,700italic|Barlow+Condensed:400,400italic,700,700italic|Anton|Inter:400,700|Abril+Fatface|Yeseva+One|Poiret+One|Marck+Script|Pacifico|Fira+Sans|Rubik&subset=cyrillic,cyrillic-ext,latin-ext
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:c45 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://fonts.mailerlite.com/css?family=Roboto:400,400i,700,700i|Merriweather:400,900i,900,700i,700,300,300i,400i|Lato:400,400i,700,700i|Montserrat:400,400i,700,700i|Montserrat+Alternates:400,400i,700,700i|Open+Sans:400,400i,700,700i|PT+Sans:400,400i,700,700i|Source+Sans+Pro:400,400i,700,700i|Roboto+Slab:400,700|Ubuntu:400,400i,700,700i|Titillium+Web:400,400i,700,700i|Nunito:400,400i,700,700i|Cabin:400,400i,700,700i|Oswald:400,700|Work+Sans:400,700|Exo:400,400i,700,700i|Comfortaa:400,700|Raleway:400,400i,700,700i|Oxygen:400,700|Poppins:400,400i,700,700i|Playfair+Display:400,400i,700,700i|Shadows+Into+Light+Two|PT+Serif:400,400italic,700,700italic|Josefin+Slab:400,400italic,700,700italic|Arvo:400,700,700italic,400italic|Vollkorn:400,400italic,700,700italic|Karla:400,400italic,700,700italic|Noto+Sans:400,400italic,700,700italic|Barlow+Condensed:400,400italic,700,700italic|Anton|Inter:400,700|Abril+Fatface|Yeseva+One|Poiret+One|Marck+Script|Pacifico|Fira+Sans|Rubik&subset=cyrillic,cyrillic-ext,latin-ext
Origin
https://assets.mailerlite.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 00:27:06 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
last-modified
Wed, 27 Apr 2022 17:03:52 GMT
server
cloudflare
age
1390647
vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
7f860772addd4bc0-BUF
content-length
7884
expires
Sat, 17 Aug 2024 00:27:06 GMT
pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
fonts.mailerlite.com/fonts/s/poppins/v20/ Frame 11BE
8 KB
8 KB
Font
General
Full URL
https://fonts.mailerlite.com/fonts/s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
Requested by
Host: fonts.mailerlite.com
URL: https://fonts.mailerlite.com/css?family=Roboto:400,400i,700,700i|Merriweather:400,900i,900,700i,700,300,300i,400i|Lato:400,400i,700,700i|Montserrat:400,400i,700,700i|Montserrat+Alternates:400,400i,700,700i|Open+Sans:400,400i,700,700i|PT+Sans:400,400i,700,700i|Source+Sans+Pro:400,400i,700,700i|Roboto+Slab:400,700|Ubuntu:400,400i,700,700i|Titillium+Web:400,400i,700,700i|Nunito:400,400i,700,700i|Cabin:400,400i,700,700i|Oswald:400,700|Work+Sans:400,700|Exo:400,400i,700,700i|Comfortaa:400,700|Raleway:400,400i,700,700i|Oxygen:400,700|Poppins:400,400i,700,700i|Playfair+Display:400,400i,700,700i|Shadows+Into+Light+Two|PT+Serif:400,400italic,700,700italic|Josefin+Slab:400,400italic,700,700italic|Arvo:400,700,700italic,400italic|Vollkorn:400,400italic,700,700italic|Karla:400,400italic,700,700italic|Noto+Sans:400,400italic,700,700italic|Barlow+Condensed:400,400italic,700,700italic|Anton|Inter:400,700|Abril+Fatface|Yeseva+One|Poiret+One|Marck+Script|Pacifico|Fira+Sans|Rubik&subset=cyrillic,cyrillic-ext,latin-ext
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:c45 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://fonts.mailerlite.com/css?family=Roboto:400,400i,700,700i|Merriweather:400,900i,900,700i,700,300,300i,400i|Lato:400,400i,700,700i|Montserrat:400,400i,700,700i|Montserrat+Alternates:400,400i,700,700i|Open+Sans:400,400i,700,700i|PT+Sans:400,400i,700,700i|Source+Sans+Pro:400,400i,700,700i|Roboto+Slab:400,700|Ubuntu:400,400i,700,700i|Titillium+Web:400,400i,700,700i|Nunito:400,400i,700,700i|Cabin:400,400i,700,700i|Oswald:400,700|Work+Sans:400,700|Exo:400,400i,700,700i|Comfortaa:400,700|Raleway:400,400i,700,700i|Oxygen:400,700|Poppins:400,400i,700,700i|Playfair+Display:400,400i,700,700i|Shadows+Into+Light+Two|PT+Serif:400,400italic,700,700italic|Josefin+Slab:400,400italic,700,700italic|Arvo:400,700,700italic,400italic|Vollkorn:400,400italic,700,700italic|Karla:400,400italic,700,700italic|Noto+Sans:400,400italic,700,700italic|Barlow+Condensed:400,400italic,700,700italic|Anton|Inter:400,700|Abril+Fatface|Yeseva+One|Poiret+One|Marck+Script|Pacifico|Fira+Sans|Rubik&subset=cyrillic,cyrillic-ext,latin-ext
Origin
https://assets.mailerlite.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 00:27:06 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
last-modified
Wed, 27 Apr 2022 16:11:40 GMT
server
cloudflare
age
2853377
vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
7f860772adde4bc0-BUF
content-length
7816
expires
Sat, 17 Aug 2024 00:27:06 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.mailerlite.com/fonts/s/roboto/v30/ Frame 11BE
15 KB
16 KB
Font
General
Full URL
https://fonts.mailerlite.com/fonts/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.mailerlite.com
URL: https://fonts.mailerlite.com/css?family=Roboto:400,400i,700,700i|Merriweather:400,900i,900,700i,700,300,300i,400i|Lato:400,400i,700,700i|Montserrat:400,400i,700,700i|Montserrat+Alternates:400,400i,700,700i|Open+Sans:400,400i,700,700i|PT+Sans:400,400i,700,700i|Source+Sans+Pro:400,400i,700,700i|Roboto+Slab:400,700|Ubuntu:400,400i,700,700i|Titillium+Web:400,400i,700,700i|Nunito:400,400i,700,700i|Cabin:400,400i,700,700i|Oswald:400,700|Work+Sans:400,700|Exo:400,400i,700,700i|Comfortaa:400,700|Raleway:400,400i,700,700i|Oxygen:400,700|Poppins:400,400i,700,700i|Playfair+Display:400,400i,700,700i|Shadows+Into+Light+Two|PT+Serif:400,400italic,700,700italic|Josefin+Slab:400,400italic,700,700italic|Arvo:400,700,700italic,400italic|Vollkorn:400,400italic,700,700italic|Karla:400,400italic,700,700italic|Noto+Sans:400,400italic,700,700italic|Barlow+Condensed:400,400italic,700,700italic|Anton|Inter:400,700|Abril+Fatface|Yeseva+One|Poiret+One|Marck+Script|Pacifico|Fira+Sans|Rubik&subset=cyrillic,cyrillic-ext,latin-ext
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:c45 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://fonts.mailerlite.com/css?family=Roboto:400,400i,700,700i|Merriweather:400,900i,900,700i,700,300,300i,400i|Lato:400,400i,700,700i|Montserrat:400,400i,700,700i|Montserrat+Alternates:400,400i,700,700i|Open+Sans:400,400i,700,700i|PT+Sans:400,400i,700,700i|Source+Sans+Pro:400,400i,700,700i|Roboto+Slab:400,700|Ubuntu:400,400i,700,700i|Titillium+Web:400,400i,700,700i|Nunito:400,400i,700,700i|Cabin:400,400i,700,700i|Oswald:400,700|Work+Sans:400,700|Exo:400,400i,700,700i|Comfortaa:400,700|Raleway:400,400i,700,700i|Oxygen:400,700|Poppins:400,400i,700,700i|Playfair+Display:400,400i,700,700i|Shadows+Into+Light+Two|PT+Serif:400,400italic,700,700italic|Josefin+Slab:400,400italic,700,700italic|Arvo:400,700,700italic,400italic|Vollkorn:400,400italic,700,700italic|Karla:400,400italic,700,700italic|Noto+Sans:400,400italic,700,700italic|Barlow+Condensed:400,400italic,700,700italic|Anton|Inter:400,700|Abril+Fatface|Yeseva+One|Poiret+One|Marck+Script|Pacifico|Fira+Sans|Rubik&subset=cyrillic,cyrillic-ext,latin-ext
Origin
https://assets.mailerlite.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 00:27:06 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
cloudflare
age
767405
vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
7f860772bddf4bc0-BUF
content-length
15744
expires
Sat, 17 Aug 2024 00:27:06 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.mailerlite.com/fonts/s/roboto/v30/ Frame 11BE
15 KB
16 KB
Font
General
Full URL
https://fonts.mailerlite.com/fonts/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.mailerlite.com
URL: https://fonts.mailerlite.com/css?family=Roboto:400,400i,700,700i|Merriweather:400,900i,900,700i,700,300,300i,400i|Lato:400,400i,700,700i|Montserrat:400,400i,700,700i|Montserrat+Alternates:400,400i,700,700i|Open+Sans:400,400i,700,700i|PT+Sans:400,400i,700,700i|Source+Sans+Pro:400,400i,700,700i|Roboto+Slab:400,700|Ubuntu:400,400i,700,700i|Titillium+Web:400,400i,700,700i|Nunito:400,400i,700,700i|Cabin:400,400i,700,700i|Oswald:400,700|Work+Sans:400,700|Exo:400,400i,700,700i|Comfortaa:400,700|Raleway:400,400i,700,700i|Oxygen:400,700|Poppins:400,400i,700,700i|Playfair+Display:400,400i,700,700i|Shadows+Into+Light+Two|PT+Serif:400,400italic,700,700italic|Josefin+Slab:400,400italic,700,700italic|Arvo:400,700,700italic,400italic|Vollkorn:400,400italic,700,700italic|Karla:400,400italic,700,700italic|Noto+Sans:400,400italic,700,700italic|Barlow+Condensed:400,400italic,700,700italic|Anton|Inter:400,700|Abril+Fatface|Yeseva+One|Poiret+One|Marck+Script|Pacifico|Fira+Sans|Rubik&subset=cyrillic,cyrillic-ext,latin-ext
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:c45 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://fonts.mailerlite.com/css?family=Roboto:400,400i,700,700i|Merriweather:400,900i,900,700i,700,300,300i,400i|Lato:400,400i,700,700i|Montserrat:400,400i,700,700i|Montserrat+Alternates:400,400i,700,700i|Open+Sans:400,400i,700,700i|PT+Sans:400,400i,700,700i|Source+Sans+Pro:400,400i,700,700i|Roboto+Slab:400,700|Ubuntu:400,400i,700,700i|Titillium+Web:400,400i,700,700i|Nunito:400,400i,700,700i|Cabin:400,400i,700,700i|Oswald:400,700|Work+Sans:400,700|Exo:400,400i,700,700i|Comfortaa:400,700|Raleway:400,400i,700,700i|Oxygen:400,700|Poppins:400,400i,700,700i|Playfair+Display:400,400i,700,700i|Shadows+Into+Light+Two|PT+Serif:400,400italic,700,700italic|Josefin+Slab:400,400italic,700,700italic|Arvo:400,700,700italic,400italic|Vollkorn:400,400italic,700,700italic|Karla:400,400italic,700,700italic|Noto+Sans:400,400italic,700,700italic|Barlow+Condensed:400,400italic,700,700italic|Anton|Inter:400,700|Abril+Fatface|Yeseva+One|Poiret+One|Marck+Script|Pacifico|Fira+Sans|Rubik&subset=cyrillic,cyrillic-ext,latin-ext
Origin
https://assets.mailerlite.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 00:27:06 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
cloudflare
age
1874276
vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
7f860772bde04bc0-BUF
content-length
15860
expires
Sat, 17 Aug 2024 00:27:06 GMT
truncated
/ Frame BDEA
14 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0964d141519db34adc6aa127a33dbc6761cda1e56b584ea402082d99c44afb9e

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame BDEA
2 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
43ef4025567f7a15859b5252b6ccc1efe2ff8c7331b1aefbea7ce88eb5084d27

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type
image/png
logo_48.png
www.gstatic.com/recaptcha/api2/ Frame BDEA
2 KB
2 KB
Image
General
Full URL
https://www.gstatic.com/recaptcha/api2/logo_48.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/3kTz7WGoZLQTivI-amNftGZO/styles__ltr.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:809::2003 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.gstatic.com/recaptcha/releases/3kTz7WGoZLQTivI-amNftGZO/styles__ltr.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 23:30:57 GMT
x-content-type-options
nosniff
age
3369
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2228
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
expires
Thu, 24 Aug 2023 23:30:57 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame BDEA
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:809::2003 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 11 Aug 2023 07:41:31 GMT
x-content-type-options
nosniff
age
578735
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 10 Aug 2024 07:41:31 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame DAC5
0
0
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?sic=0&eic=1&lst=none&lec=1009&lid=176&sdkv=h.3.585.0&e=44751890%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275%2C44797735&id=ima_html5&c=2463457510211319&domain=itsallinanutshell.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.585.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2002 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 00:27:06 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
v1
btlr.sharethrough.com/universal/
545 B
512 B
XHR
General
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?cb=195-0-60
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.237.83.209 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-237-83-209.compute-1.amazonaws.com
Software
/
Resource Hash
efca6f2197ab58a8f114182949ee142393d1b444191c9d993c0628aff7095511

Request headers

Referer
https://itsallinanutshell.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 18 Aug 2023 00:27:06 GMT
content-encoding
gzip
x-openrtb-version
2.5
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://itsallinanutshell.com
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
335
prebid-request
onetag-sys.com/
15 B
368 B
XHR
General
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?cb=195-0-60
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.222.39.185 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip185.ip-51-222-39.net
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://itsallinanutshell.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
content-type
application/json
access-control-allow-origin
https://itsallinanutshell.com
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control
no-transform, no-cache
access-control-allow-credentials
true
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
integrator.js
adservice.google.com/adsid/
107 B
122 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=itsallinanutshell.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:809::2002 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://itsallinanutshell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 00:27:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame DAC5
0
0
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?mode=1&lid=41&sdkv=h.3.585.0&e=44751890%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275%2C44797735&id=ima_html5&c=2463457510211319&domain=itsallinanutshell.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.585.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2002 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 00:27:06 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame DAC5
0
0
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?native=f&gdpr=f&tcStrValid=f&lid=165&sdkv=h.3.585.0&e=44751890%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275%2C44797735&id=ima_html5&c=2463457510211319&domain=itsallinanutshell.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.585.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2002 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 00:27:06 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame DAC5
0
0
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?delay=0&vpaidadapter=f&request_type=xfp&ctv=0&lid=6&sdkv=h.3.585.0&e=44751890%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275%2C44797735&id=ima_html5&c=2463457510211319&domain=itsallinanutshell.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.585.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2002 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 00:27:06 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame DAC5
0
0
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?step=sendingMessage&logid=0.8013546176199613&time=1692318426263&lid=43&sdkv=h.3.585.0&e=44751890%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275%2C44797735&id=ima_html5&c=2463457510211319&domain=itsallinanutshell.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.585.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2002 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 00:27:06 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame DAC5
0
0
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?step=receivedResponse&time=1692318426267&timeout=f&logid=0.8013546176199613&timediff=4&lid=43&sdkv=h.3.585.0&e=44751890%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275%2C44797735&id=ima_html5&c=2463457510211319&domain=itsallinanutshell.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.585.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2002 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 00:27:06 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame DAC5
0
0
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?rt=xfp&lid=17&sdkv=h.3.585.0&e=44751890%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275%2C44797735&id=ima_html5&c=2463457510211319&domain=itsallinanutshell.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.585.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2002 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 00:27:06 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame DAC5
0
0
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?contentLocation=flat&lid=160&sdkv=h.3.585.0&e=44751890%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275%2C44797735&id=ima_html5&c=2463457510211319&domain=itsallinanutshell.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.585.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2002 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 00:27:06 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
pubads.g.doubleclick.net/gampad/ Frame DAC5
101 KB
18 KB
XHR
General
Full URL
https://pubads.g.doubleclick.net/gampad/ads?correlator=1137696773424398&description_url=https%3A%2F%2Fitsallinanutshell.com%2F&env=vp&gdfp_req=1&output=xml_vast4&sz=400x300%7C640x480%7C640x360%7C300x168&unviewed_position_start=1&url=https%3A%2F%2Fitsallinanutshell.com%2F&ad_type=outstream_video&hl=en&max_ad_duration=30000&npa=0&tfcd=0&vpmute=0&iu=%2F21732118914%2C22975044942%2Fitsallinanutshell_com-outstream-video-1&vid_t=outstream&vpa=click&cust_params=act%3D1%26ap%3D1%26d%3D496996%26eb_br%3Dc8f8afd5bc9d2b8b306959d0f8989efe%26ft%3D0%26ic%3D1%26iid1%3D2513559983666239%26plat%3D1%26t%3D0%26tap%3Ditsallinanutshell_com-outstream-video-1-2513559983666239&sdkv=h.3.585.0&osd=2&frm=0&vis=1&sdr=1&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&us_privacy=1---&sdki=445&ptt=20&adk=1223778887&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.585.0&sid=7648EDD4-4E4E-40C2-991F-8B2E54FF1B1B&nel=0&eid=44751890%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275%2C44797735&top=https%3A%2F%2Fitsallinanutshell.com%2F&loc=https%3A%2F%2Fitsallinanutshell.com%2F&dlt=1692318414472&idt=1455&dt=1692318426268&cookie=ID%3D873143505799b32e%3AT%3D1692318415%3ART%3D1692318415%3AS%3DALNI_MZKdxWcwhATBS_BWyj8cEreudmDwA&gpic=UID%3D00000d8c0537ff80%3AT%3D1692318415%3ART%3D1692318415%3AS%3DALNI_MaCTkwevePLqFczOym_Lp657bBqwA&scor=1727591382531775&ged=ve4_td12_tt10_pd12_la12000_er0.0.0.0_vi0.0.1200.1600_vp0_ts0_eb16491
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.585.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80c::2002 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3cf368f09127db73056170842b0be790edd475263c0be69587b5dc7cd6db2cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 00:27:06 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18419
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
track-view
assets.mailerlite.com/jsonp/450750/forms/88982420855981682/
0
74 B
Script
General
Full URL
https://assets.mailerlite.com/jsonp/450750/forms/88982420855981682/track-view?cache=1692318426507655843032392018
Requested by
Host: assets.mailerlite.com
URL: https://assets.mailerlite.com/js/universal.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:c45 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://itsallinanutshell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 00:27:06 GMT
via
Ingress
strict-transport-security
max-age=15724800; includeSubDomains
cf-cache-status
MISS
server
cloudflare
vary
Accept-Encoding
x-cache
MISS
access-control-allow-origin
*
cache-control
no-cache, private
cf-ray
7f860775bdee4bc0-BUF
x-cache-hits
0
csi
csi.gstatic.com/ Frame DAC5
0
17 B
Ping
General
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=3~llfup02u&c=4531014347017&slotId=2265507173508.5&icc=1&icrh=0&icri=0&icrs=1&icru=0&icp=GoogleWhyThisAd&icdi=18x18&vmfc=3&vhc=0&wta=1&ytext_viu=1&ytext_hd=0&ytext_vi=z8pwEmX0uaY&hghme=1
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.585.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 00:27:06 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame DAC5
0
0
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?sic=1&eic=0&lst=src&lec=-1&lid=176&sdkv=h.3.585.0&e=44751890%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275%2C44797735&id=ima_html5&c=2463457510211319&domain=itsallinanutshell.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.585.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2002 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 00:27:06 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame DAC5
0
17 B
Ping
General
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=4~llfup35d&c=4531014347017&slotId=2265507173508.5&qqid=CMTkl7X55IADFR8PaAgdzjkHDw&gqid=2rreZI75Ed23NZiek8gL&fb=ima_html5-lima&sdkv=h.3.585.0&mrd=8&aab=1&itv=1&met.4=ghmsh_s.llfup35h~ghmsh_s.llfup35i&ghmsh_hd=1&ghmsh_mi=22%2C18%2C&ghmsh_vi=134%2C136%2C243%2C247%2C396%2C398%2C&ghmsh_ai=139%2C140%2C250%2C&ghmsh_gvt=0&ams=1&vs=1280x720&vc=avc1.64001F&mt=video%2Fmp4&vsrc=youtube&bit=22&cpn=2wdclK6CCDsHyLl5
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.585.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 00:27:06 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame DAC5
0
0
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?type=action&lid=100&sdkv=h.3.585.0&e=44751890%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275%2C44797735&id=ima_html5&c=2463457510211319&domain=itsallinanutshell.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.585.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2002 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 00:27:06 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame DAC5
0
0
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?type=multiple_pod&lid=100&sdkv=h.3.585.0&e=44751890%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275%2C44797735&id=ima_html5&c=2463457510211319&domain=itsallinanutshell.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.585.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2002 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 00:27:06 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame DAC5
0
0
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?omData=%5B%5B%22doubleclickbygoogle.com-omid-video%22%2C%22limited%22%5D%5D&lid=129&sdkv=h.3.585.0&e=44751890%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275%2C44797735&id=ima_html5&c=2463457510211319&domain=itsallinanutshell.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.585.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2002 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 00:27:06 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame DAC5
0
0
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?pcp=f&lid=159&sdkv=h.3.585.0&e=44751890%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275%2C44797735&id=ima_html5&c=2463457510211319&domain=itsallinanutshell.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.585.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2002 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 00:27:06 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame DAC5
0
0
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?evt=start&format=TRUEVIEW&lid=143&sdkv=h.3.585.0&e=44751890%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275%2C44797735&id=ima_html5&c=2463457510211319&domain=itsallinanutshell.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.585.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2002 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 00:27:06 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
help_outline_white_24dp_with_3px_trbl_padding.png
imasdk.googleapis.com/formats/wta/ Frame DAC5
453 B
478 B
Image
General
Full URL
https://imasdk.googleapis.com/formats/wta/help_outline_white_24dp_with_3px_trbl_padding.png?wp=ca-video-pub-5902083285302779
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:821::200a Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e519cc4b7b8fdc64a7aaafc1b808cde266a234205aac0d6c55589c12446d565e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://imasdk.googleapis.com/js/core/bridge3.585.0_en.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 00:03:27 GMT
x-content-type-options
nosniff
age
1419
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
453
x-xss-protection
0
last-modified
Wed, 13 Oct 2021 14:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
image/png
cache-control
public, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 18 Aug 2023 00:53:27 GMT
/
googleads.g.doubleclick.net/pagead/interaction/ Frame DAC5
42 B
193 B
Image
General
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=Cyx9x2rreZMSPFJ-eoPMPzvOceInQo65y8IPz6b4Ru4Lzk4wOEAEg0bLlfmDJ7o6LwKSMEKABnK_7qALIAQXgAgCoAwGYBACqBKsCT9AX3yQ33jhtOfENiJ_sUCIO8J4Hj8QNr223mxjc77TuBsd3ccznEFVVq4DxTuiRVhKFsPeXd3_2piwrJ3YN5E3NHRRl5_mZy2V79jcWLzqs6Nz-udXiKjRlM6dH56LqmkyYRrIN7uPbWLjYLhtRDrXZMQ9vXQXK_tVGHL2ebLls5Zci5yO1VB_tCmMeenHvQRpnvU0hUoAWfnClPjW_iHZnrBBmhxNfd_0E4ZCVV49O-PdvnCqo0APyDlqdbg3MHIl-ih5d0jHlaF1vPigeYRdHjl0CLVgoYadaPZsS1Cs7mQi36Ln1Oljp8WNJFt9D2DosmrZWnrvl_gUy8keWkzbhWg9v1JPCy9h5Wk7B74qK47EceEEQ4nf2eYwRkukTP-ahs862OoAa7djABJSVxZuzBOAEAaAGVIAHzNCE1wGoB9m2sQKoB47OG6gHk9gbqAec3BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQKoB8qpsQKoB-ulsQLYBwGoCAHSCBQIgGEQARgdMgKKAjoCgEBIvf3BOpoJGmh0dHBzOi8vd3d3Lmhlcm8td2Fycy5jb20vsQkWJwaOhLXP0oAKA8gLAdALDuALAdoMEQoLEMClkpf8vrT2rAESAgEDmg0BDqoNAlVTyA0B2BMN0BUBmBYB4hYCCAH4FgGAFwE&sigh=YeikVXFjqsk&label=show_ad&sdkv=h.3.585.0&vci=CmsIARIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgdBZFNlbnNlIAQqDDYwMDk4MDYzNjE0NDIMNjY2NzI0NDk4MjAzQIsDUiMQDyUAAAJDKAE6C3o4cHdFbVgwdWFZQglnb29nbGVhZHNQABgB
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:820::2002 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 00:27:06 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
adview
pubads.g.doubleclick.net/pagead/ Frame DAC5
0
0
Image
General
Full URL
https://pubads.g.doubleclick.net/pagead/adview?ai=Clmxb2rreZMSPFJ-eoPMPzvOceInQo65y8IPz6b4Ru4Lzk4wOEAEg0bLlfmDJ7o6LwKSMEKABnK_7qALIAQXgAgCoAwGYBACqBKgCT9AX3yQ33jhtOfENiJ_sUCIO8J4Hj8QNr223mxjc77TuBsd3ccznEFVVq4DxTuiRVhKFsPeXd3_2piwrJ3YN5E3NHRRl5_mZy2V79jcWLzqs6Nz-udXiKjRlM6dH56LqmkyYRrIN7uPbWLjYLhtRDrXZMQ9vXQXK_tVGHL2ebLls5Zci5yO1VB_tCmMeenHvQRpnvU0hUoAWfnClPjW_iHZnrBBmhxNfd_0E4ZCVV49O-PdvnCqo0APyDlqdbg3MHIl-ih5d0jHlaF1vPigeYRdHjl0CLVgoYadaPZsS1Cs7mQi36Ln1Oljp8WNJFt9D2DosmrZWnrvl_gUy8h-XQUHvEPJLRlgZUoaWw25ua8oWT9g7ct8bzG9BxRBRDk_kE8q5ejA3ZG_ABJSVxZuzBOAEAZIFEwgSEAUYDzCm89KvpoKc5c8BUAGgBlSAB8zQhNcBqAfZtrECqAeOzhuoB5PYG6gHnNwbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBDg03yoCAHSCBQIgGEQARgdMgKKAjoCgEBIvf3BOpoJ9QFodHRwczovL3d3dy5oZXJvLXdhcnMuY29tLz9obD1lbiZkZWxheWVkc2lnbnVwPXRydWUmbnhfc291cmNlPWFkeF9hZHdvcmRzeW91dHViZS5od193Yl91dF8tLmNjLXd3XzEwbGFuZy5nLWFsbC5hLTI1NTQuYXUtYWxsLm9wdC1wdXJjaGFzZS5jb20tbmV3YWMubHAtZGVsYXllZC5jci1od19jYXN0bGVyb29tczJ0X2hfZW5fMTMwLmR0LXlvdXR1YmUuY2lkLTIwMzUzMTk0NjY2LmFnaWQtMTUxMTg2OTE4MDM2LmNzZC0yNTA3MjMuLYAKA8gLAdoMEQoLEMClkpf8vrT2rAESAgEDwhMGGJyv-6gC2BMN0BUBmBYB4hYCCAGAFwGyFx4KHAgAEhRwdWItOTAyMzIzMjEwOTA5MTUxMhjv0W0&sigh=OVoho1RABjQ&cmd=Ch1jYS12aWRlby1wdWItNTkwMjA4MzI4NTMwMjc3ORAAGAI&uach_m=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&ase=2&cid=CAQSPABpAlJWdQK6266l7itlyii-p6Aw9pd0XUY3OElHMg_85XIyGpxjsitSu3P-laZkE4pOU5s1jEuOEr26iRgB&vt=10&sdkv=h.3.585.0&vci=CmsIARIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgdBZFNlbnNlIAQqDDYwMDk4MDYzNjE0NDIMNjY2NzI0NDk4MjAzQIsDUiMQDyUAAAJDKAE6C3o4cHdFbVgwdWFZQglnb29nbGVhZHNQABgB
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80c::2002 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

csi
csi.gstatic.com/
0
17 B
Ping
General
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&top=1&puid=1~llfuouls&c=4531014347017&slotId=2265507173508.5&eee=missing-element&bi=missing-id
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://itsallinanutshell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 00:27:06 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
videoplayback
rr4---sn-ab5l6ndr.googlevideo.com/
3 MB
0
Media
General
Full URL
https://rr4---sn-ab5l6ndr.googlevideo.com/videoplayback?expire=1692347226&ei=2rreZLX-I6OV_9EP-6ew0AY&ip=2602:ffc8:2:104::17&id=cfca701265f4b9a6&itag=22&source=youtube&requiressl=yes&mh=l8&mm=31&mn=sn-ab5l6ndr&ms=au&mv=m&mvi=4&pl=48&susc=gvp&acao=yes&ctier=L&mime=video/mp4&vprv=1&dur=130.031&lmt=1690279026431808&mt=1692318073&txp=5532434&sparams=expire,ei,ip,id,itag,source,requiressl,susc,acao,ctier,mime,vprv,dur,lmt&sig=AOq0QJ8wRQIgbLJu8qwrnB_QyqcXMkWVmPLLZ9R2n1DjYkENmJzNarMCIQDlXxK6AMFItxJnP7853Gz4GstAQMcrmSubSWLrKu7nzA==&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRAIgWBSp4QwUKj9lbE6ZNoTVhSRhzbIPAlpAXVyX_E3E-zACIH8H6SspCXescgmhAJx2TLowt4PqwRx4x_9qGRY7ZxqG&cpn=2wdclK6CCDsHyLl5
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:3e::9 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gvs 1.0 /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://itsallinanutshell.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Range
bytes=0-

Response headers

Date
Fri, 18 Aug 2023 00:27:06 GMT
X-Content-Type-Options
nosniff
Last-Modified
Tue, 25 Jul 2023 09:57:06 GMT
Server
gvs 1.0
Vary
Origin
Content-Type
video/mp4
Content-Range
bytes 0-8624538/8624539
Cache-Control
private, max-age=28500
Cross-Origin-Resource-Policy
cross-origin
Connection
close
Accept-Ranges
bytes
Alt-Svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Content-Length
8624539
Expires
Fri, 18 Aug 2023 00:27:06 GMT
/
googleads.g.doubleclick.net/pagead/interaction/ Frame DAC5
42 B
64 B
Image
General
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=Cyx9x2rreZMSPFJ-eoPMPzvOceInQo65y8IPz6b4Ru4Lzk4wOEAEg0bLlfmDJ7o6LwKSMEKABnK_7qALIAQXgAgCoAwGYBACqBKsCT9AX3yQ33jhtOfENiJ_sUCIO8J4Hj8QNr223mxjc77TuBsd3ccznEFVVq4DxTuiRVhKFsPeXd3_2piwrJ3YN5E3NHRRl5_mZy2V79jcWLzqs6Nz-udXiKjRlM6dH56LqmkyYRrIN7uPbWLjYLhtRDrXZMQ9vXQXK_tVGHL2ebLls5Zci5yO1VB_tCmMeenHvQRpnvU0hUoAWfnClPjW_iHZnrBBmhxNfd_0E4ZCVV49O-PdvnCqo0APyDlqdbg3MHIl-ih5d0jHlaF1vPigeYRdHjl0CLVgoYadaPZsS1Cs7mQi36Ln1Oljp8WNJFt9D2DosmrZWnrvl_gUy8keWkzbhWg9v1JPCy9h5Wk7B74qK47EceEEQ4nf2eYwRkukTP-ahs862OoAa7djABJSVxZuzBOAEAaAGVIAHzNCE1wGoB9m2sQKoB47OG6gHk9gbqAec3BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQKoB8qpsQKoB-ulsQLYBwGoCAHSCBQIgGEQARgdMgKKAjoCgEBIvf3BOpoJGmh0dHBzOi8vd3d3Lmhlcm8td2Fycy5jb20vsQkWJwaOhLXP0oAKA8gLAdALDuALAdoMEQoLEMClkpf8vrT2rAESAgEDmg0BDqoNAlVTyA0B2BMN0BUBmBYB4hYCCAH4FgGAFwE&sigh=YeikVXFjqsk&label=video_ad_loaded&sdkv=h.3.585.0&vci=CpIBCAESGHB1YmFkcy5nLmRvdWJsZWNsaWNrLm5ldBoHQWRTZW5zZSAEKgw2MDA5ODA2MzYxNDQyDDY2NjcyNDQ5ODIwM0CLA1ImEA8lAAAHQygBOgt6OHB3RW1YMHVhWUIJZ29vZ2xlYWRzSPIBUABaImRvdWJsZWNsaWNrYnlnb29nbGUuY29tLW9taWQtdmlkZW8YAQ..
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2002 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 00:27:06 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame DAC5
0
0
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?latency=0.20000076293945312&lid=175&sdkv=h.3.585.0&e=44751890%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275%2C44797735&id=ima_html5&c=2463457510211319&domain=itsallinanutshell.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.585.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2002 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 00:27:06 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
adview
pubads.g.doubleclick.net/pagead/ Frame DAC5
0
0
Fetch
General
Full URL
https://pubads.g.doubleclick.net/pagead/adview?ai=Clmxb2rreZMSPFJ-eoPMPzvOceInQo65y8IPz6b4Ru4Lzk4wOEAEg0bLlfmDJ7o6LwKSMEKABnK_7qALIAQXgAgCoAwGYBACqBKgCT9AX3yQ33jhtOfENiJ_sUCIO8J4Hj8QNr223mxjc77TuBsd3ccznEFVVq4DxTuiRVhKFsPeXd3_2piwrJ3YN5E3NHRRl5_mZy2V79jcWLzqs6Nz-udXiKjRlM6dH56LqmkyYRrIN7uPbWLjYLhtRDrXZMQ9vXQXK_tVGHL2ebLls5Zci5yO1VB_tCmMeenHvQRpnvU0hUoAWfnClPjW_iHZnrBBmhxNfd_0E4ZCVV49O-PdvnCqo0APyDlqdbg3MHIl-ih5d0jHlaF1vPigeYRdHjl0CLVgoYadaPZsS1Cs7mQi36Ln1Oljp8WNJFt9D2DosmrZWnrvl_gUy8h-XQUHvEPJLRlgZUoaWw25ua8oWT9g7ct8bzG9BxRBRDk_kE8q5ejA3ZG_ABJSVxZuzBOAEAZIFEwgSEAUYDzCm89KvpoKc5c8BUAGgBlSAB8zQhNcBqAfZtrECqAeOzhuoB5PYG6gHnNwbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBDg03yoCAHSCBQIgGEQARgdMgKKAjoCgEBIvf3BOpoJ9QFodHRwczovL3d3dy5oZXJvLXdhcnMuY29tLz9obD1lbiZkZWxheWVkc2lnbnVwPXRydWUmbnhfc291cmNlPWFkeF9hZHdvcmRzeW91dHViZS5od193Yl91dF8tLmNjLXd3XzEwbGFuZy5nLWFsbC5hLTI1NTQuYXUtYWxsLm9wdC1wdXJjaGFzZS5jb20tbmV3YWMubHAtZGVsYXllZC5jci1od19jYXN0bGVyb29tczJ0X2hfZW5fMTMwLmR0LXlvdXR1YmUuY2lkLTIwMzUzMTk0NjY2LmFnaWQtMTUxMTg2OTE4MDM2LmNzZC0yNTA3MjMuLYAKA8gLAdoMEQoLEMClkpf8vrT2rAESAgEDwhMGGJyv-6gC2BMN0BUBmBYB4hYCCAGAFwGyFx4KHAgAEhRwdWItOTAyMzIzMjEwOTA5MTUxMhjv0W0&sigh=OVoho1RABjQ&cmd=Ch1jYS12aWRlby1wdWItNTkwMjA4MzI4NTMwMjc3ORAAGAI&uach_m=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&ase=2&cid=CAQSPABpAlJWdQK6266l7itlyii-p6Aw9pd0XUY3OElHMg_85XIyGpxjsitSu3P-laZkE4pOU5s1jEuOEr26iRgB&nis=4&sdkv=h.3.585.0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.585.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80c::2002 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Oy6hyfNY.js
tpc.googlesyndication.com/sodar/ Frame DAC5
41 KB
15 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/Oy6hyfNY.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.585.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2001 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3b2ea1c9f3587781b58285cf64279e67f6329a3924fb93f81529f1826e2f4d16
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 11 Aug 2023 17:23:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
543798
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15406
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 10 Aug 2024 17:23:48 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame DAC5
0
0
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?evt=start&format=TRUEVIEW&clicks_allowed=t&ux_refresh=t&learn_more_enabled=t&lid=170&sdkv=h.3.585.0&e=44751890%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275%2C44797735&id=ima_html5&c=2463457510211319&domain=itsallinanutshell.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.585.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2002 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 00:27:06 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame DAC5
0
0
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?evt=showui&format=TRUEVIEW&lid=143&sdkv=h.3.585.0&e=44751890%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275%2C44797735&id=ima_html5&c=2463457510211319&domain=itsallinanutshell.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.585.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2002 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 00:27:06 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/interaction/ Frame DAC5
42 B
64 B
Image
General
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=Cg_Tq2rreZMSPFJ-eoPMPzvOceInQo65y8IPz6b4Ru4Lzk4wOEAEg0bLlfmDJ7o6LwKSMEKABnK_7qALIAQXgAgCoAwGYBACqBKgCT9AX3yQ33jhtOfENiJ_sUCIO8J4Hj8QNr223mxjc77TuBsd3ccznEFVVq4DxTuiRVhKFsPeXd3_2piwrJ3YN5E3NHRRl5_mZy2V79jcWLzqs6Nz-udXiKjRlM6dH56LqmkyYRrIN7uPbWLjYLhtRDrXZMQ9vXQXK_tVGHL2ebLls5Zci5yO1VB_tCmMeenHvQRpnvU0hUoAWfnClPjW_iHZnrBBmhxNfd_0E4ZCVV49O-PdvnCqo0APyDlqdbg3MHIl-ih5d0jHlaF1vPigeYRdHjl0CLVgoYadaPZsS1Cs7mQi36Ln1Oljp8WNJFt9D2DosmrZWnrvl_gUy8h-XQUHvEPJLRlgZUoaWw25ua8oWT9g7ct8bzG9BxRBRDk_kE8q5ejA3ZG_ABJSVxZuzBOAEAaAGVIAHzNCE1wGoB9m2sQKoB47OG6gHk9gbqAec3BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQKoB8qpsQKoB-ulsQLYBwGoCAHSCBQIgGEQARgdMgKKAjoCgEBIvf3BOoAKA8gLAdoMEQoLEMClkpf8vrT2rAESAgEDqg0CVVPYEw3QFQGYFgHiFgIIAfgWAYAXAQ&sigh=WEiCWMGUp2Y&cmd=Ch1jYS12aWRlby1wdWItNTkwMjA4MzI4NTMwMjc3ORAAGAI&label=vast_creativeview&ad_mt=0&sdkv=h.3.585.0&vci=CpIBCAESGHB1YmFkcy5nLmRvdWJsZWNsaWNrLm5ldBoHQWRTZW5zZSAEKgw2MDA5ODA2MzYxNDQyDDY2NjcyNDQ5ODIwM0CLA1ImEA8lAAAHQygBOgt6OHB3RW1YMHVhWUIJZ29vZ2xlYWRzSPIBUABaImRvdWJsZWNsaWNrYnlnb29nbGUuY29tLW9taWQtdmlkZW8YAQ..
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2002 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 00:27:06 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/interaction/ Frame DAC5
42 B
64 B
Image
General
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=Cg_Tq2rreZMSPFJ-eoPMPzvOceInQo65y8IPz6b4Ru4Lzk4wOEAEg0bLlfmDJ7o6LwKSMEKABnK_7qALIAQXgAgCoAwGYBACqBKgCT9AX3yQ33jhtOfENiJ_sUCIO8J4Hj8QNr223mxjc77TuBsd3ccznEFVVq4DxTuiRVhKFsPeXd3_2piwrJ3YN5E3NHRRl5_mZy2V79jcWLzqs6Nz-udXiKjRlM6dH56LqmkyYRrIN7uPbWLjYLhtRDrXZMQ9vXQXK_tVGHL2ebLls5Zci5yO1VB_tCmMeenHvQRpnvU0hUoAWfnClPjW_iHZnrBBmhxNfd_0E4ZCVV49O-PdvnCqo0APyDlqdbg3MHIl-ih5d0jHlaF1vPigeYRdHjl0CLVgoYadaPZsS1Cs7mQi36Ln1Oljp8WNJFt9D2DosmrZWnrvl_gUy8h-XQUHvEPJLRlgZUoaWw25ua8oWT9g7ct8bzG9BxRBRDk_kE8q5ejA3ZG_ABJSVxZuzBOAEAaAGVIAHzNCE1wGoB9m2sQKoB47OG6gHk9gbqAec3BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQKoB8qpsQKoB-ulsQLYBwGoCAHSCBQIgGEQARgdMgKKAjoCgEBIvf3BOoAKA8gLAdoMEQoLEMClkpf8vrT2rAESAgEDqg0CVVPYEw3QFQGYFgHiFgIIAfgWAYAXAQ&sigh=WEiCWMGUp2Y&cmd=Ch1jYS12aWRlby1wdWItNTkwMjA4MzI4NTMwMjc3ORAAGAI&label=part2viewed&ad_mt=0&sdkv=h.3.585.0&vci=CpIBCAESGHB1YmFkcy5nLmRvdWJsZWNsaWNrLm5ldBoHQWRTZW5zZSAEKgw2MDA5ODA2MzYxNDQyDDY2NjcyNDQ5ODIwM0CLA1ImEA8lAAAHQygBOgt6OHB3RW1YMHVhWUIJZ29vZ2xlYWRzSPIBUABaImRvdWJsZWNsaWNrYnlnb29nbGUuY29tLW9taWQtdmlkZW8YAQ..
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2002 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 00:27:06 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/interaction/ Frame DAC5
42 B
64 B
Image
General
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=Cg_Tq2rreZMSPFJ-eoPMPzvOceInQo65y8IPz6b4Ru4Lzk4wOEAEg0bLlfmDJ7o6LwKSMEKABnK_7qALIAQXgAgCoAwGYBACqBKgCT9AX3yQ33jhtOfENiJ_sUCIO8J4Hj8QNr223mxjc77TuBsd3ccznEFVVq4DxTuiRVhKFsPeXd3_2piwrJ3YN5E3NHRRl5_mZy2V79jcWLzqs6Nz-udXiKjRlM6dH56LqmkyYRrIN7uPbWLjYLhtRDrXZMQ9vXQXK_tVGHL2ebLls5Zci5yO1VB_tCmMeenHvQRpnvU0hUoAWfnClPjW_iHZnrBBmhxNfd_0E4ZCVV49O-PdvnCqo0APyDlqdbg3MHIl-ih5d0jHlaF1vPigeYRdHjl0CLVgoYadaPZsS1Cs7mQi36Ln1Oljp8WNJFt9D2DosmrZWnrvl_gUy8h-XQUHvEPJLRlgZUoaWw25ua8oWT9g7ct8bzG9BxRBRDk_kE8q5ejA3ZG_ABJSVxZuzBOAEAaAGVIAHzNCE1wGoB9m2sQKoB47OG6gHk9gbqAec3BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQKoB8qpsQKoB-ulsQLYBwGoCAHSCBQIgGEQARgdMgKKAjoCgEBIvf3BOoAKA8gLAdoMEQoLEMClkpf8vrT2rAESAgEDqg0CVVPYEw3QFQGYFgHiFgIIAfgWAYAXAQ&sigh=WEiCWMGUp2Y&cmd=Ch1jYS12aWRlby1wdWItNTkwMjA4MzI4NTMwMjc3ORAAGAI&label=admute&ad_mt=0&sdkv=h.3.585.0&vci=CpIBCAESGHB1YmFkcy5nLmRvdWJsZWNsaWNrLm5ldBoHQWRTZW5zZSAEKgw2MDA5ODA2MzYxNDQyDDY2NjcyNDQ5ODIwM0CLA1ImEA8lAAAHQygBOgt6OHB3RW1YMHVhWUIJZ29vZ2xlYWRzSPIBUABaImRvdWJsZWNsaWNrYnlnb29nbGUuY29tLW9taWQtdmlkZW8YAQ..
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2002 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 00:27:06 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 0491
0
0

army.gif
itsallinanutshell.com/porpoiseant/
0
62 B
Ping
General
Full URL
https://itsallinanutshell.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMjUxMzU1OTk4MzY2NjIzOSIsImRvbWFpbl9pZCI6IjQ5Njk5NiIsInVuaXQiOiJpdHNhbGxpbmFudXRzaGVsbF9jb20tb3V0c3RyZWFtLXZpZGVvLTEiLCJ0X2Vwb2NoIjoxNjkyMzE4NDE0LCJwYWdldmlld19pZCI6ImI2NGZkMWVkLWRkM2MtNDhlMy00NTZlLTU0NWVhZTU4YzgxNSIsImRhdGEiOlt7Im5hbWUiOiJsb2FkZWQiLCJ2YWwiOiIxIn1dLCJpc19vcmlnIjpmYWxzZSwicmV2ZW51ZSI6MH1d
Requested by
Host: www.ezojs.com
URL: https://www.ezojs.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-3y02-8y06-17y07-2y1e-7y0b-6y0d-27y13-4y16-3y18-4y1c-5y21-4y22-1y25-2y24-5y26-3y29-72y2c-158y30-176y34-4y36-21y3a-12y3b-6y59-2y5d-22&cmbcb=178&sj=x04x02x06x07x1ex0bx0dx13x16x18x1cx21x22x25x24x26x29x2cx30x34x36x3ax3bx59x5d&abt=EdgeHostDomain
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1f10:4c55:e23f:afb4:7f32:3aa4:fbc Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://itsallinanutshell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

access-control-allow-origin
https://itsallinanutshell.com
x-middleton-display
ezp_sol
date
Fri, 18 Aug 2023 00:27:06 GMT
cache-control
private, max-age=0, must-revalidate, no-cache, no-store
vary
Accept-Encoding
expires
Thu, 17 Aug 2023 00:27:06 GMT
osvad.gif
itsallinanutshell.com/porpoiseant/
43 B
92 B
Image
General
Full URL
https://itsallinanutshell.com/porpoiseant/osvad.gif?e=%7B%22ad_filled%22%3A1%2C%22url%22%3A%22https%3A%2F%2Fitsallinanutshell.com%2F%22%2C%22pageview_id%22%3A%22b64fd1ed-dd3c-48e3-456e-545eae58c815%22%2C%22visit_uuid%22%3A%2241285c1a-0342-4057-6c03-603bdb243d29%22%2C%22template_id%22%3A134%2C%22domain_id%22%3A496996%2C%22vab_test_id%22%3A%22mod13%22%2C%22video_ad_impression_id%22%3A%221cde3233-6e85-4776-8b02-51b775d7b1e0%22%2C%22uuid%22%3A%221cde3233-6e85-4776-8b02-51b775d7b1e0%22%2C%22play_cnt%22%3A0%2C%22pause_cnt%22%3A0%2C%22completed%22%3Afalse%2C%22errored%22%3Afalse%2C%22skipped%22%3Afalse%2C%22clicked%22%3Afalse%2C%22viewable%22%3Afalse%2C%22ad_client%22%3A%22Google%20IMA%22%2C%22ad_system%22%3A%22AdSense%22%2C%22ad_index%22%3A1%2C%22player_name%22%3A%22ezvideojs%22%2C%22is_outstream%22%3Atrue%2C%22float_pos%22%3A0%2C%22cnx_backfill%22%3Afalse%2C%22ad_length%22%3A135%2C%22total_ads%22%3A1%2C%22has_companion%22%3A0%2C%22impression_id%22%3A2513559983666239%2C%22ad_unit%22%3A%22itsallinanutshell_com-outstream-video-1%22%2C%22ad_src%22%3A%22https%3A%2F%2Fpubads.g.doubleclick.net%2Fgampad%2Fads%3Fcorrelator%3D76303350684%26description_url%3Dhttps%253A%252F%252Fitsallinanutshell.com%252F%26env%3Dvp%26gdfp_req%3D1%26output%3Dxml_vast4%26sz%3D400x300%257C640x480%257C640x360%257C300x168%26unviewed_position_start%3D1%26url%3Dhttps%253A%252F%252Fitsallinanutshell.com%252F%26ad_type%3Doutstream_video%26hl%3Den%26impl%3Ds%26max_ad_duration%3D30000%26npa%3D0%26tfcd%3D0%26vpmute%3D1%26iu%3D%2F21732118914%2C22975044942%2Fitsallinanutshell_com-outstream-video-1%26vid_t%3Doutstream%26vpa%3Dauto%26cust_params%3Dact%253D1%2526ap%253D1%2526d%253D496996%2526eb_br%253Dc8f8afd5bc9d2b8b306959d0f8989efe%2526ft%253D0%2526ic%253D1%2526iid1%253D2513559983666239%2526plat%253D1%2526t%253D0%2526tap%253Ditsallinanutshell_com-outstream-video-1-2513559983666239%22%2C%22skippable%22%3Atrue%2C%22min_ad_length%22%3A0%2C%22max_ad_length%22%3A30000%2C%22ad_type%22%3A%22outstream_video%22%2C%22allowed_ad_sizes%22%3A%22400x300%7C640x480%7C640x360%7C300x168%22%2C%22t_pageview_time%22%3A1692318414%2C%22bidders%22%3A%22%5B11309%2C11291%5D%22%2C%22received_bidders%22%3A%22%5B%5D%22%2C%22video_position_id%22%3A0%2C%22auction_retry_count%22%3A7%2C%22bid_floor_gen%22%3A%22defaultOutstreamBidFloor%22%2C%22multiplier%22%3A3.5%2C%22winning_bid_floor%22%3A2.2%2C%22max_hb_bid%22%3A0%2C%22bid_floor_type%22%3A0%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1f10:4c55:e23f:afb4:7f32:3aa4:fbc Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://itsallinanutshell.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 00:27:06 GMT
content-encoding
br
vary
Accept-Encoding
content-type
image/gif
x-middleton-display
imp_sol
cache-control
private, max-age=0, must-revalidate, no-cache, no-store
content-length
47
expires
Thu, 17 Aug 2023 00:27:06 GMT
hhrtBw21.html
tpc.googlesyndication.com/sodar/ Frame 97CF
23 KB
9 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/hhrtBw21.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Oy6hyfNY.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2001 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
861aed070db50ce0da9928455deff784c115b44540b09450f225ff7cff0c7429
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://imasdk.googleapis.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
age
77852
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8727
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 17 Aug 2023 02:49:35 GMT
expires
Fri, 16 Aug 2024 02:49:35 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
-jd_BcJ2_muHebna6aM-t4BwAJqN83NnF3hDm83RPZ4.js
pagead2.googlesyndication.com/bg/ Frame 97CF
37 KB
14 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/-jd_BcJ2_muHebna6aM-t4BwAJqN83NnF3hDm83RPZ4.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/hhrtBw21.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2002 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fa377f05c276fe6b8779b9dae9a33eb78070009a8df373671778439bcdd13d9e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date
Tue, 15 Aug 2023 21:15:35 GMT
content-encoding
br
x-content-type-options
nosniff
age
184292
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14691
x-xss-protection
0
last-modified
Mon, 14 Aug 2023 12:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 14 Aug 2024 21:15:35 GMT
playback
www.youtube.com/api/stats/ Frame DAC5
0
0
Image
General
Full URL
https://www.youtube.com/api/stats/playback?ns=yt&fexp=44751890%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275%2C44797735&el=adunit&cpn=2wdclK6CCDsHyLl5&docid=z8pwEmX0uaY&visitordata=CgtJNGNwLWhMc21ZUQ%253D%253D&of=wbAUJoLFDaeeOSJrHXH1sg&ver=2&cmt=0.191&fmt=18&rt=0.000&adformat=2_2_1&euri=https%3A%2F%2Fitsallinanutshell.com%2F&len=129.985&vtype=gvp&c=web_gvp_ads&cver=h.0.0.0&cbr=Chrome&cbrver=116.0.5845.96&cos=Win32&cosver=537.36&cplatform=desktop&mos=1&volume=0&delay=28&rtn=10
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81c::200e Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

gen_204
pagead2.googlesyndication.com/pagead/ Frame 97CF
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=36&t=2&li=v_h.3.585.0&bgai=BAb7C2rreZMSPFJ-eoPMPzvOceAAAAAA4AboFEwiOzpW1-eSAAxXdWw0KHRjPBLk&bg=!lZallsLNAAZGPLJIZjw7ADkAdvg8Wqr0vWS01QAm7VidB5Bkz7SoN9zIcQvvDucV0zAjjlzmLlEO1o4ZguNLEFQHARlfNpzo9LACAAAAflIAAAAEaAEHCgEzl5JW8WPwU79aREWJlBcRdVxjPJ55dM8YllChJFzag4SUiSxQA7Xs3aLyLlOlGA3VHWt2uIlQW8KbClgb-GZpMqfmRXwXMRO1U9jLt4cM9XJu5jF5dDGUeGXxT7kSYo5lfU11hzdWbE9W4vMkbVq3Hnp7ILJXO9oFwGhfPH3CTkxtTb0vrHbHEnp8fh81O4bxKEBOnFFfqWjrJL1iTDHRTlX6lNiExe0mWTcbZVGMbPvTE5kHaWAmj5KXv1LLrS5rLfbSPShdPsA8sU2rpSc3nW-d4QstQMp6k_LaO8GjFTsz03Q6maQEpLBqjd3wGpe8stHN7Fm2NtT-u4sE_G5m5gzD8FVVsfxyLeLbeZ9Ay9jOEcQf6kDua93ui0WDvLqcMiWAdCbLQ9zOsQHeIKUcLb8trZkCTshxV2zd2ZNXTqrHEk3yuNPqhZIENi9ySgVhQC1v9pbmqmK4YtAqPaasetXU-nRPrVTJTBpScsGld-lOszAC_Zu7oMcKh_PtEyjdbrzKJ6P5qMzvkAtAvJlWfbxPZ674Yo1sY8YzhAvlavVMXBvmgB5F1PiYRlU0IyPUTXoF2GfF0N-dzavG-H4n_i-ySu76XJFmkhrkZpKgpxfVxgq7ShIccS_PgpgJcG0DTq76W0kWkIS-oWIJ10rvE6kvRfshLmAmAbRL2SArLQbNcWhjb5HDc7xgRGaFeuWcCH_OR9dWECE8FsqQspZ_bWP7URtIr9w4Fdj2gh4z5FdEiN0mzVmh64abQmq2bGqaHrmnin1XgAcSUgLwseRZo-3tPNJHX9hslVtmRHfisJ22jL0pbHamXA-SQft9jzAWLVbZooRJQFcbgzEz_oGDJjgsY_6B-YK3SV9FQbOnqgIATGwBAhZKIBQcVIokcjfekkT11l7jNEol_0rFHisgwM5GKi4-FSz8OYP9wHXSzAOgvvW8u10lPkQf88Cz-KsVpRURcqFwMAicXaf8iPaMvweNnK1uhFnL-LB1NECTw0dKnzRLaboh-snETtnabEgD6b8p-lkQQLERCy5bxKFV7Ohb_jriKJNN8uM_bDeFvpOoQC-SgWXr4okZCbs6-kiEXNgCHNh3mgPxsDgdXJ8nko8LPasu7JX4V2bqKvp2vPSOZbsUFqrz9EEKv9nEvtU8vnzUtNgwrO8aEPyORxkmKtNGdRGICRU0Qg9R3i-fCfFj0sFN
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2002 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 00:27:07 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
optimus_rules.json
tags.crwdcntrl.net/lt/c/15238/ Frame 53E1
155 B
637 B
XHR
General
Full URL
https://tags.crwdcntrl.net/lt/c/15238/optimus_rules.json
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/15238/lt.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.128.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-128-124.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1b92260a400bea230772ccfff1953fbe65deeb30da1a8aa146342d20833f24ff

Request headers

Referer
https://ads.us.e-planning.net/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Thu, 17 Aug 2023 11:35:11 GMT
via
1.1 bd3fb8ca205d8e5f716067cdf581fa76.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P4
age
46318
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
155
last-modified
Wed, 31 May 2023 20:08:40 GMT
server
AmazonS3
etag
"1a1722e9cedbdc8af0dcd3345e46c73a"
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
x-amz-cf-id
il9RigQ0S9gwOHWoFqQ_WyTIUExWhVLp-gmvQZX1LOHu4DMjZ6vAAQ==
data
bcp.crwdcntrl.net/6/ Frame 53E1
260 B
1 KB
XHR
General
Full URL
https://bcp.crwdcntrl.net/6/data
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/15238/lt.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.238.96.3 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-238-96-3.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
3f79b102c744991657082da9d966dff08bd32c1f09952324d7527e318e7c7d3e

Request headers

Referer
https://ads.us.e-planning.net/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 00:27:08 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://ads.us.e-planning.net
cache-control
no-cache
x-server
10.40.42.26
access-control-allow-credentials
true
content-length
260
expires
0
lt.iframe.html
tags.crwdcntrl.net/lt/shared/2/ Frame 14F6
2 KB
1 KB
Document
General
Full URL
https://tags.crwdcntrl.net/lt/shared/2/lt.iframe.html?c=15238
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/15238/lt.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.128.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-128-124.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a6af62ed047986e026099c3a3ba5135a44e07b3f4f5b84fc4a1ba62ee8b3daed

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
46320
cache-control
public, max-age=86400
content-encoding
gzip
content-type
text/html
date
Thu, 17 Aug 2023 11:35:10 GMT
etag
W/"ab50484458d62eef36ef1969b84da1b5"
last-modified
Tue, 25 Apr 2023 19:53:12 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 ee6e7a840d56ceb3b04e8ddd420dab06.cloudfront.net (CloudFront)
x-amz-cf-id
FAoRcYlMHQ7FoPPOtN-esslm-igePDGI8QPinSYIr81CjW2VP42Ahg==
x-amz-cf-pop
JFK50-P4
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
pixels
bcp.crwdcntrl.net/ Frame 05AD
755 B
948 B
Document
General
Full URL
https://bcp.crwdcntrl.net/pixels?s=41%2C12%2C54%2C7%2C2%2C116&c=15238&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/shared/2/lt.iframe.html?c=15238
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.238.96.3 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-238-96-3.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
10a051d3b73e318fd3e4cf0b128fffbe86c26285b1de2fe51f26c749198ef1cc

Request headers

Referer
https://tags.crwdcntrl.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-cache
content-length
755
content-type
text/html
date
Fri, 18 Aug 2023 00:27:09 GMT
expires
0
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
pragma
no-cache
server
Jetty(9.4.38.v20210224)
x-server
10.40.46.96
qmap
sync.crwdcntrl.net/ Frame 05AD
Redirect Chain
  • https://cms.analytics.yahoo.com/cms?partner_id=LOTME&gdpr=0
  • https://ups.analytics.yahoo.com/ups/58736/cms?partner_id=LOTME&gdpr=0
  • https://sync.crwdcntrl.net/qmap?c=5437&tp=DTAX&tpidqp=tpidqa&tpidqa=y-GvrV15xE2pwyhrpBGXQ.qjVWLYsZBUsjMOs-~A&gdpr=0
49 B
265 B
Image
General
Full URL
https://sync.crwdcntrl.net/qmap?c=5437&tp=DTAX&tpidqp=tpidqa&tpidqa=y-GvrV15xE2pwyhrpBGXQ.qjVWLYsZBUsjMOs-~A&gdpr=0
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=41%2C12%2C54%2C7%2C2%2C116&c=15238&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol
H2
Server
34.238.96.3 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-238-96-3.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 00:27:09 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.40.37.187
content-length
49
expires
0

Redirect headers

location
https://sync.crwdcntrl.net/qmap?c=5437&tp=DTAX&tpidqp=tpidqa&tpidqa=y-GvrV15xE2pwyhrpBGXQ.qjVWLYsZBUsjMOs-~A&gdpr=0
date
Fri, 18 Aug 2023 00:27:09 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.75
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
5907
tags.bluekai.com/site/ Frame 05AD
62 B
305 B
Image
General
Full URL
https://tags.bluekai.com/site/5907?limit=0&id=958a1912fda3710aba800f81512715af
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=41%2C12%2C54%2C7%2C2%2C116&c=15238&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.107.25.203 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-107-25-203.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
date
Fri, 18 Aug 2023 00:27:09 GMT
content-length
62
content-type
image/gif
qmap
sync.crwdcntrl.net/ Frame 05AD
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=lotame&gdpr=0
  • https://sync.crwdcntrl.net/qmap?c=6569&tp=STKA&tpid=0-f52a27e5-963b-512b-43e0-7607f1eb2d62$ip$96.9.249.38&gdpr=0&gdpr_consent=
49 B
264 B
Image
General
Full URL
https://sync.crwdcntrl.net/qmap?c=6569&tp=STKA&tpid=0-f52a27e5-963b-512b-43e0-7607f1eb2d62$ip$96.9.249.38&gdpr=0&gdpr_consent=
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=41%2C12%2C54%2C7%2C2%2C116&c=15238&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol
H2
Server
34.238.96.3 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-238-96-3.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 00:27:09 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.40.12.11
content-length
49
expires
0

Redirect headers

Location
https://sync.crwdcntrl.net/qmap?c=6569&tp=STKA&tpid=0-f52a27e5-963b-512b-43e0-7607f1eb2d62$ip$96.9.249.38&gdpr=0&gdpr_consent=
Date
Fri, 18 Aug 2023 00:27:09 GMT
Connection
keep-alive
Content-Length
165
Content-Type
text/html; charset=utf-8
pixel
cm.g.doubleclick.net/ Frame 05AD
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=lotameddp&google_hm=ZWUwODgwMjUxMGQ1NmE2N2ZiOTE3ZjFhMjAzYzliMTQ&gdpr=0
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=41%2C12%2C54%2C7%2C2%2C116&c=15238&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.176.194 Grosse Pointe, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s37-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 00:27:09 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rand=728051018
sync.crwdcntrl.net/map/c=281/tp=ANXS/tpid=4664318827337647392/gdpr=0/ Frame 05AD
Redirect Chain
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D281%2Ftp%3DANXS%2Ftpid%3D%24UID%2Fgdpr%3D0%2Frand=728051018
  • https://sync.crwdcntrl.net/map/c=281/tp=ANXS/tpid=4664318827337647392/gdpr=0/rand=728051018
49 B
264 B
Image
General
Full URL
https://sync.crwdcntrl.net/map/c=281/tp=ANXS/tpid=4664318827337647392/gdpr=0/rand=728051018
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=41%2C12%2C54%2C7%2C2%2C116&c=15238&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol
H2
Server
34.238.96.3 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-238-96-3.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 00:27:09 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.40.5.169
content-length
49
expires
0

Redirect headers

pragma
no-cache
date
Fri, 18 Aug 2023 00:27:09 GMT
an-x-request-uuid
dc3c12f9-896a-4dc9-b5cd-cac7e18876e8
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://sync.crwdcntrl.net/map/c=281/tp=ANXS/tpid=4664318827337647392/gdpr=0/rand=728051018
x-proxy-origin
96.9.249.38; 96.9.249.38; 797.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
gdpr_consent=
sync.crwdcntrl.net/map/c=10620/tp=TRAD/tpid=0487fdef-dbcb-4472-91ea-091af86a64fb/gdpr=0/ Frame 05AD
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=lotame&ttd_tpi=1&gdpr=0
  • https://sync.crwdcntrl.net/map/c=10620/tp=TRAD/tpid=0487fdef-dbcb-4472-91ea-091af86a64fb/gdpr=0/gdpr_consent=
49 B
265 B
Image
General
Full URL
https://sync.crwdcntrl.net/map/c=10620/tp=TRAD/tpid=0487fdef-dbcb-4472-91ea-091af86a64fb/gdpr=0/gdpr_consent=
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=41%2C12%2C54%2C7%2C2%2C116&c=15238&ch=%7B%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Protocol
H2
Server
34.238.96.3 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-238-96-3.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
en-US,en;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 00:27:09 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.40.37.136
content-length
49
expires
0

Redirect headers

location
https://sync.crwdcntrl.net/map/c=10620/tp=TRAD/tpid=0487fdef-dbcb-4472-91ea-091af86a64fb/gdpr=0/gdpr_consent=
date
Fri, 18 Aug 2023 00:27:09 GMT
server
Kestrel
content-length
249
/
googleads.g.doubleclick.net/pagead/interaction/ Frame DAC5
42 B
64 B
Image
General
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=Cg_Tq2rreZMSPFJ-eoPMPzvOceInQo65y8IPz6b4Ru4Lzk4wOEAEg0bLlfmDJ7o6LwKSMEKABnK_7qALIAQXgAgCoAwGYBACqBKgCT9AX3yQ33jhtOfENiJ_sUCIO8J4Hj8QNr223mxjc77TuBsd3ccznEFVVq4DxTuiRVhKFsPeXd3_2piwrJ3YN5E3NHRRl5_mZy2V79jcWLzqs6Nz-udXiKjRlM6dH56LqmkyYRrIN7uPbWLjYLhtRDrXZMQ9vXQXK_tVGHL2ebLls5Zci5yO1VB_tCmMeenHvQRpnvU0hUoAWfnClPjW_iHZnrBBmhxNfd_0E4ZCVV49O-PdvnCqo0APyDlqdbg3MHIl-ih5d0jHlaF1vPigeYRdHjl0CLVgoYadaPZsS1Cs7mQi36Ln1Oljp8WNJFt9D2DosmrZWnrvl_gUy8h-XQUHvEPJLRlgZUoaWw25ua8oWT9g7ct8bzG9BxRBRDk_kE8q5ejA3ZG_ABJSVxZuzBOAEAaAGVIAHzNCE1wGoB9m2sQKoB47OG6gHk9gbqAec3BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQKoB8qpsQKoB-ulsQLYBwGoCAHSCBQIgGEQARgdMgKKAjoCgEBIvf3BOoAKA8gLAdoMEQoLEMClkpf8vrT2rAESAgEDqg0CVVPYEw3QFQGYFgHiFgIIAfgWAYAXAQ&sigh=WEiCWMGUp2Y&cmd=Ch1jYS12aWRlby1wdWItNTkwMjA4MzI4NTMwMjc3ORAAGAI&label=video_skip_shown&ad_mt=5249&sdkv=h.3.585.0&vci=CpIBCAESGHB1YmFkcy5nLmRvdWJsZWNsaWNrLm5ldBoHQWRTZW5zZSAEKgw2MDA5ODA2MzYxNDQyDDY2NjcyNDQ5ODIwM0CLA1ImEA8lAAAHQygBOgt6OHB3RW1YMHVhWUIJZ29vZ2xlYWRzSPIBUABaImRvdWJsZWNsaWNrYnlnb29nbGUuY29tLW9taWQtdmlkZW8YAQ..
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2002 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 00:27:12 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
URL
javascript: void(0)
Domain
prebid.a-mo.net
URL
https://prebid.a-mo.net/cchain/7/29210?gdpr=&gdpr_consent=&gpp=&gpp_sid=&us_privacy=&A=deea23f1-5e51-43c2-b40a-cd2cb26ce7ab&bidder=amx_com&cbx=aHR0cHM6Ly9vdy5wdWJtYXRpYy5jb20vc2V0dWlkP2JpZGRlcj1hbXgmZ2Rwcj0mZ2Rwcl9jb25zZW50PSZncHA9JmdwcF9zaWQ9JmY9aSZ1aWQ9&uid=
Domain
ssl-market-east.smrtb.com
URL
https://ssl-market-east.smrtb.com/sync/all?nid=2TUXLJJcKa0vKWTmtdAr&rr=https%253A%252F%252Fsync.go.sonobi.com%252Fus.gif%253Fnw%253Dsr%2526nuid%253D%7BXID%7D
Domain
match.bnmla.com
URL
https://match.bnmla.com/usersync?sspid=10084&redir=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Den%26nuid%3D[UUID]
Domain
px.owneriq.net
URL
https://px.owneriq.net/ecc?redir=https%3a%2f%2fsimage2.pubmatic.com%2fAdServer%2fPug%3fvcode%3dbz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw%26piggybackCookie%3dQ7456048311862328828&uid=Q7456048311862328828&ref=%2Fepm
Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuNDvKNAtcM2CjdtwMV8TtTUuB2ec8FkriOzw71MEan8jfxrhr6WR8WnTqjrlvf156YO6Jsw-9B_98YXEx3Cmm__Uet3SiPgEs1uGQ&sig=Cg0ArKJSzGhWJ0aohwuoEAE&id=lidartos&mcvt=3549&p=302,1440,902,1600&mtos=3549,3549,3549,3549,3549&tos=3549,0,0,0,0&v=20230816&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=4225512732&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=b&rst=1692318421345&rpt=2055&isd=0&lsd=0&ec=1&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Verdicts & Comments Add Verdict or Comment

376 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| 21 object| 22 object| 23 object| 24 object| 25 object| 26 object| 27 object| 28 object| 29 object| 30 object| 31 object| 32 object| 33 object| 34 object| 35 object| 36 object| 37 object| 38 object| 39 object| 40 object| 41 object| 42 object| documentPictureInPicture object| __ez string| __ezScriptHost string| __sellerid string| __schain_domain string| __ez_nid object| ezasVars boolean| __ezasAggressive object| ezslots_raw object| __advertiserRule object| google_reactive_ads_global_state function| ezasvEvent object| ezasSlots function| ezaslEvent function| ezoAdBackFill object| ezoSTPixels function| ezoSTPixelAdd function| ezoGetSlotById function| ezoGetSlotNum function| ezoSTPixelFire boolean| ezhbopt boolean| ezpbCache object| __banger_pmp_deals object| _ebcids object| ez_ad_units object| ezslots object| ezrpos object| ezsrqt boolean| __ez_fad_haspo boolean| __ez_fad_hascp object| __ez_fad_po boolean| __ez_fad_floatshowd function| __ez_fad_rdy function| __ez_fad_position function| __ez_fad_display function| ezSetTargetingFromMap function| ezSetSlotTargeting function| ezGetSlotById function| __ez_close_anchor boolean| isEZABL number| ezmadspc boolean| ezoViewCheck boolean| ezDisableInitialLoad object| googletag object| ezaxmns object| ezaucmns object| __ez_fad_floating boolean| __ez_fad_gptd boolean| __ez_fad_ezpbinitd number| __ez_fad_pbt function| __ez_fad_gpt function| __ez_fad_pb function| __ez_init_slot function| ezogetbrkey boolean| ezoll string| ezoadxnc string| ezoadhb boolean| ezoicTestActive object| _ezaq object| _ezim_d object| _ezat function| gtag object| dataLayer object| __ezOutstream string| ezouid string| ezoTemplate string| ezoFormfactor object| ezo_elements_to_check string| soc_app_id number| did string| ezdomain number| ezoicSearchable function| create_ezolpl function| attach_ezolpl string| _audins_dom number| _audins_did boolean| ezAardvarkDetected function| ezDetectAardvark undefined| hREED string| ezoScriptHost object| IL11ILILIIlLLLILILLLLIILLLIIL11111LLILiiLIliLlILlLiiLLIiILL number| ezobv function| ezoSyncToDfp function| ezoGetDFPSlot object| ezomash boolean| ezowwinit function| ezbanger function| ezvt function| ezvb function| ezsr function| ezosethbbid function| ezosetowbids function| ezosethbbids function| ezGetSlotViewedTime function| formatBid function| fetchezoibfh object| ezoibfh number| ezoibfhHF function| adjustHbValues function| handleAmazonPremierAd function| ezasBuild function| ezorefgsl object| ezoic_mash function| reportEzError object| ezux boolean| __ezScrexFired boolean| isScrexed object| _ezImgFmt object| metricNameMap object| ezua object| ezuxgoals object| ezdent object| ezDenty object| ezVideoAnalytics object| ezVideoPlayer object| ezOutstreamPlayer function| ez_attachEvent function| ez_attachEventWithCapture function| ez_detachEvent function| ez_getQueryString function| ezoicSiteSpeed function| ezoicDocumentWrite function| __ezScrexify function| ezlogVital function| __ezDotData object| _ezfd object| riveted number| ez_tos_track_count number| ez_last_activity_count function| EzoIvent function| _findOverlappingQuietPeriods function| _findNetworkQuietPeriods function| ezoFetchConst function| __ez__ael undefined| __ez__ael__proto function| ezorqs function| ezorqe function| ezocfol function| ezogetrqbykey function| loadCSS object| ezLazySizesConfig object| ezLazySizes object| webVitals object| vttjs function| WebVTT function| videojs function| videojsMaxQualitySelector function| videojsVttThumbnails function| videojsContribAds function| videojsPlaylist function| videojsPlaylistUi function| videojsVttLinks function| videojsShare object| videojsMarkers function| vttPreview object| ct object| regeneratorRuntime object| epbjs function| PrebidImpressionController function| PrebidImpression object| _qevents number| indexKey object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga function| quantserve function| __qc object| ezt object| _qoptions object| ggeac object| google_js_reporting_queue object| gaGlobal function| __ez_vig_close_wrapper boolean| __inScopeForCCPA function| __uspapi function| __receiveUspapiMessage function| renderEzoicOutstreamVideoContent object| gaplugins object| gaData function| newEzVignette boolean| __ez_edge_a number| __ez_edge_mw string| __ez_edge_v string| __ez_edge_h number| __ez_edge_m function| getCookie object| __ezPwtBidders object| __ezPwtFloors object| PWT object| owpbjs function| openwrapRequestAdUnits function| openwrapRefreshSlot function| openwrapBidsBackHandler function| getSlotForhb function| __ez_fad_ezpbinit object| ezAYL object| ezCriteo object| ezYieldmo object| ezOneTag function| ezjsps boolean| __enableAnalytics object| __s2sbidders object| __s2sinstreambidders object| __allBidders string| ez__id5pd string| ez__uIdHash string| ez__sspDomain function| ezoChar function| ezoCharIsEmpty function| ezoCharSize function| __ez_addAllListeners undefined| __ez_dims undefined| google_measure_js_timing object| ezslot_interstitial number| i3 boolean| success number| ezodomstart number| ezoIint boolean| __ez__w_dom function| sidebarWall function| __ez_close_rail function| __ez_handle_rail_loaded object| __ezsbwcmd object| ezoptbid function| epbjsRequestAdUnits function| epbjsRefreshSlot function| setAuctionActive function| setAuctionFinished function| isValid256Hash object| ezslot_1 object| ezslot_3 object| ezslot_0 number| google_unique_id object| _google_rum_ns_ object| google_persistent_state_async number| google_global_correlator function| Goog_AdSense_Lidar_sendVastEvent function| Goog_AdSense_Lidar_getViewability function| Goog_AdSense_Lidar_getUrlSignalsArray function| Goog_AdSense_Lidar_getUrlSignalsList number| google_srt object| google object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$companion_ad_selection_settings object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ads_rendering_settings object| ima object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_error object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_error_event object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_event object| module$contents$ima$AdsManagerLoadedEvent_AdsManagerLoadedEvent object| goog string| ezIntType object| closure_lm_452627 object| closure_lm_865464 object| owpbjsChunk object| mnet string| nobidVersion object| nobid object| partnersWithoutErrorAndBids object| matchedimpressions object| ucTag object| OWT object| perf_vals boolean| __ez__w_load object| pbsLatency number| ezouspvv object| parts object| msgData object| slots string| slot object| epbjsChunk object| ADAGIO function| triggerPbjsAdWin object| activeAuctions object| Criteo object| pbic object| _defer_wait object| _wpemojiSettings object| WP_Statistics_Tracker_Object boolean| isHbFinished number| WP_Statistics_CheckTime number| WP_Statistics_Dnd_Active object| wpStatisticsUserOnline function| ml object| __ATA_PP object| __ATA function| callback__llfuoy17_1 object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client function| ml_webform_success_5314647 function| processGoogleToken object| googleToken object| googleIMState function| webforms_script function| ml_guid object| coblocksTinyswiper object| jetpackLazyImagesL10n undefined| $ undefined| jQuery function| ml_jQuery object| recaptcha object| closure_lm_805955 object| _stq object| jetpackSwiperLibraryPath object| jetpackCarouselStrings function| Inputmask object| wpATAJsonpFunction object| teads_analytics object| sas object| apntag object| _ADAGIO object| adNode string| selector object| relocateNode function| st_go function| linktracker_init object| wpcom object| GoogleGcLKhOms object| buttonElem object| e object| twemoji object| wp object| pbjs object| __ATA_HB object| criteo_syncframe_state object| criteo_pubtag object| criteo_pubtag_prebid_140 object| Criteo_prebid_140 object| ampInaboxPositionObserver object| ampInaboxFrameOverlayManager object| google_image_requests

353 Cookies

Domain/Path Name / Value
ad-cdn.technoratimedia.com/html Name: tads_tbla_bidi
Value: 1692318421607
.3lift.com/sync Name: sync
Value: CgoIoQEQroqnsKAxCgoIgQIQmKWnsKAxCgoI4gEQroqnsKAxCgoI5gEQroqnsKAxCgoIhwIQroqnsKAxCgkICRCuiqewoDEKCQhJEJilp7CgMQoJCAsQmKWnsKAxCgoIjAIQroqnsKAxCgoIrAIQmKWnsKAxCgoIrQIQmKWnsKAxCgoIzgEQmKWnsKAxCgoIkQIQmKWnsKAxCgoIkgIQmKWnsKAxCgoItAIQroqnsKAxCgkIOhCuiqewoDEKCQgbEJilp7CgMQoKCN4BEJilp7CgMQoJCF8QroqnsKAxCgkIHxCuiqewoDE=
i.liadm.com/s Name: _li_ss
Value: CgsKCQj_____BxDxFQ
i6.liadm.com/s Name: _li_ss
Value: CgA
.itsallinanutshell.com/ Name: ezoadgid_496996
Value: -1
.itsallinanutshell.com/ Name: ezoref_496996
Value:
.itsallinanutshell.com/ Name: ezosuibasgeneris-1
Value: c0aae33a-1f92-4700-5325-2a7c8ef3de97
.itsallinanutshell.com/ Name: ezoab_496996
Value: mod13
.itsallinanutshell.com/ Name: active_template::496996
Value: pub_site.1692318414
.itsallinanutshell.com/ Name: ezopvc_496996
Value: 1
.itsallinanutshell.com/ Name: ezepvv
Value: 0
.itsallinanutshell.com/ Name: ezovid_496996
Value: 1364656510
.itsallinanutshell.com/ Name: lp_496996
Value: https://itsallinanutshell.com/
.itsallinanutshell.com/ Name: ezovuuidtime_496996
Value: 1692318414
.itsallinanutshell.com/ Name: ezovuuid_496996
Value: 41285c1a-0342-4057-6c03-603bdb243d29
.itsallinanutshell.com/ Name: _ga_RQ3S2J0DET
Value: GS1.1.1692318415.1.0.1692318415.0.0.0
.itsallinanutshell.com/ Name: _ga_FMSZ48GY69
Value: GS1.1.1692318415.1.0.1692318415.0.0.0
.itsallinanutshell.com/ Name: _ga
Value: GA1.2.1075092753.1692318415
.itsallinanutshell.com/ Name: _gid
Value: GA1.2.113872474.1692318415
.itsallinanutshell.com/ Name: _gat_gtag_UA_76475896_1
Value: 1
.paypal.com/ Name: ts
Value: vreXpYrS%3D1787012815%26vteXpYrS%3D1692320215%26vr%3D0609b9d818a0a1d30bdcc1c7fd1342ff%26vt%3D0609b9d818a0a1d30bdcc1c7fd1342fe%26vtyp%3Dnew
.paypal.com/ Name: ts_c
Value: vr%3D0609b9d818a0a1d30bdcc1c7fd1342ff%26vt%3D0609b9d818a0a1d30bdcc1c7fd1342fe
itsallinanutshell.com/ Name: ezds
Value: ffid%3D1%2Cw%3D1600%2Ch%3D1200
itsallinanutshell.com/ Name: ezohw
Value: w%3D1600%2Ch%3D1200
.quantserve.com/ Name: mc
Value: 64debacf-6db2d-120fb-1c72f
.itsallinanutshell.com/ Name: __qca
Value: P0-1871011114-1692318415145
.itsallinanutshell.com/ Name: __gads
Value: ID=873143505799b32e:T=1692318415:RT=1692318415:S=ALNI_MZKdxWcwhATBS_BWyj8cEreudmDwA
.itsallinanutshell.com/ Name: __gpi
Value: UID=00000d8c0537ff80:T=1692318415:RT=1692318415:S=ALNI_MaCTkwevePLqFczOym_Lp657bBqwA
itsallinanutshell.com/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.adnxs.com/ Name: uuid2
Value: 4664318827337647392
.servenobid.com/ Name: pid_312
Value: 4664318827337647392
.doubleclick.net/ Name: IDE
Value: AHWqTUkfP9mfVOEbE4baLyz5x0JhUbSCkE-N0JcDz8YPFF02iNqbqcLCZSsMkLsyIUE
itsallinanutshell.com/ Name: ezouspvh
Value: 160
.media.net/ Name: visitor-id
Value: 3353200176634272000V10
.media.net/ Name: data-pbs
Value: setstatuscode~~1
.lijit.com/ Name: ljt_reader
Value: HKy6dGZHUq-Qsjh8SEqEABZ8
.simpli.fi/ Name: suid
Value: 7ECD5403DF2A44CEA68AD742A23A3A42
.adsrvr.org/ Name: TDID
Value: 0487fdef-dbcb-4472-91ea-091af86a64fb
.yieldmo.com/ Name: yieldmo_id
Value: 3m7DLyyGGDyyIfljonPf%7C1692316800000%7C0
.smartadserver.com/ Name: pid
Value: 8367935734482287302
.adform.net/ Name: C
Value: 1
.adform.net/ Name: uid
Value: 6684631721631464360
ads.us.e-planning.net/ Name: CT
Value: 1
.e-planning.net/ Name: E
Value: ADnf5OZ4iiILhfdK
.contextweb.com/ Name: V
Value: LRorNYzj3RZ1
bh.contextweb.com/ Name: INGRESSCOOKIE
Value: e27ab90b7198a656
.sitescout.com/ Name: ssi
Value: 07e245da-4f06-492e-b7a4-be6d629de3b9#1692318417913
.go.sonobi.com/ Name: __uis
Value: 2504e206-099c-4dfa-a5b0-f8c2c91d13ac
.disqus.com/ Name: zeta-ssp-user-id
Value: ua-a442413b-e95a-3372-b6b5-271a25820d15
.casalemedia.com/ Name: CMID
Value: ZN660gpfgXVAgUl4ibXoLAAA
.casalemedia.com/ Name: CMPS
Value: 1363
.casalemedia.com/ Name: CMPRO
Value: 1363
.krushmedia.com/ Name: krm_usr
Value: ca5955d1-d3ca-45a8-829a-c8784ff51cde
.krushmedia.com/ Name: krm_r
Value: 489
.sharethrough.com/ Name: stx_user_id
Value: bb326391-c238-40fd-9eb1-5876b565d721
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 2A9490F3-08AC-45EE-95C7-6A357A3D2EFD
.gumgum.com/ Name: vst
Value: u_889558d4-7cf8-4390-b256-922540a4a1b8
cookies.nextmillmedia.com/ Name: NMUID
Value: csuid_df1e4d4f-d158-49eb-8bdb-14f9705cfe50
.3lift.com/ Name: tluid
Value: 4080762774149756005240
.crwdcntrl.net/ Name: _cc_dc
Value: 0
.crwdcntrl.net/ Name: _cc_id
Value: ee08802510d56a67fb917f1a203c9b14
.rubiconproject.com/ Name: khaos
Value: LLFUOWMM-1P-IU2L
.company-target.com/ Name: tuuid
Value: e2deee73-398c-465f-aa2c-fae5ed15877b
.company-target.com/ Name: tuuid_lu
Value: 1692318418|ix:0
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~ZN660gAJaLisYgAb
.adgrx.com/ Name: ADGRX_UID
Value: f1351930-3d5d-11ee-8703-719c24424d7a
.tapad.com/ Name: TapAd_TS
Value: 1692318418320
.tapad.com/ Name: TapAd_DID
Value: ab9d17c0-c81c-44b4-a9b0-0faebcbda11d
.mxptint.net/ Name: mxpim
Value: R33647_107939190_FD337958.1.000000000000000064DEBAD2
.openx.net/ Name: i
Value: 02ac2866-0c38-46bd-a948-15a3e3894746|1692318418
.pubmatic.com/ Name: KRTBCOOKIE_57
Value: 22776-4664318827337647392&KRTB&23339-4664318827337647392
.pubmatic.com/ Name: KRTBCOOKIE_377
Value: 6810-0487fdef-dbcb-4472-91ea-091af86a64fb&KRTB&22918-0487fdef-dbcb-4472-91ea-091af86a64fb&KRTB&23031-0487fdef-dbcb-4472-91ea-091af86a64fb
.pubmatic.com/ Name: KRTBCOOKIE_391
Value: 22924-6684631721631464360&KRTB&23263-6684631721631464360&KRTB&23481-6684631721631464360
.amazon-adsystem.com/ Name: ad-id
Value: AxynvV-6O0_HkUB5VxwEJ9k
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.acuityplatform.com/ Name: auid
Value: 815211786820
.acuityplatform.com/ Name: aum
Value: "OikKAfqbdXNlck1hdGNoQnlVc2VyTWF0Y2hpbmdJZE1hcPqANvqNdXNlck1hdGNoaW5nSWTMkWxhc3REcm9wVGltZU1pbGxpcyUBRQFBHC2omGxhc3RTdWNjZXNzZnVsTWF0Y2hNaWxsaXMlAUUBQRwtqI90aGlyZFBhcnR5VXNlcklkIfv7hnZlcnNpb27C+w=="
.pubmatic.com/ Name: KRTBCOOKIE_188
Value: 3189-07e245da-4f06-492e-b7a4-be6d629de3b9-64debad1-5553&KRTB&23418-07e245da-4f06-492e-b7a4-be6d629de3b9-64debad1-5553
.pubmatic.com/ Name: KRTBCOOKIE_153
Value: 1923-gIxBK9TZRiibjkEshNwIf4SIQyybiUZ5hN6vObuc&KRTB&19420-gIxBK9TZRiibjkEshNwIf4SIQyybiUZ5hN6vObuc&KRTB&22979-gIxBK9TZRiibjkEshNwIf4SIQyybiUZ5hN6vObuc&KRTB&23403-gIxBK9TZRiibjkEshNwIf4SIQyybiUZ5hN6vObuc
.outbrain.com/ Name: obuid
Value: 1ff929bc-81ea-41d9-98ff-d1db63250c33
.pubmatic.com/ Name: KRTBCOOKIE_148
Value: 19421-uid:7ECD5403DF2A44CEA68AD742A23A3A42&KRTB&23489-uid:7ECD5403DF2A44CEA68AD742A23A3A42
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 22987-CAESELjFEQdiVWzBeaSqyv7wAb8&KRTB&23025-CAESELjFEQdiVWzBeaSqyv7wAb8&KRTB&23386-CAESELjFEQdiVWzBeaSqyv7wAb8
.adgrx.com/ Name: ADGRX_CM_PUBMATIC_BRIDGED
Value: 1
.yahoo.com/ Name: A3
Value: d=AQABBNK63mQCEIj1qbBHlRHQuzj-KeI1unsFEgEBAQEM4GToZNxH0iMA_eMAAA&S=AQAAAp0noDlTK_VmNOBnpnvAqZA
.zemanta.com/ Name: zuid
Value: XCrfLrjrE8jfTLEMuA7H
.deepintent.com/ Name: CDIUSER
Value: di_3589adc5c5654cff8c7f3
.360yield.com/ Name: tuuid
Value: 6e611e0d-248a-42aa-aae5-d95b1b85c6a2
.360yield.com/ Name: tuuid_lu
Value: 1692318418
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-f52a27e5-963b-512b-43e0-7607f1eb2d62.zU1wI4b4BwIaQZP18BuftMDGkozvxChl2Kox3LzYaLY
.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-f52a27e5-963b-512b-43e0-7607f1eb2d62.zU1wI4b4BwIaQZP18BuftMDGkozvxChl2Kox3LzYaLY
sync.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3A9Son5ZY7UStD4HYH8estYmAJ-SY.sBJJ%2Fn9xxMeSR0u8Ol1Fp6eeOvN%2BaqTDTd7XSfmmxYI
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3A9Son5ZY7UStD4HYH8estYmAJ-SY.sBJJ%2Fn9xxMeSR0u8Ol1Fp6eeOvN%2BaqTDTd7XSfmmxYI
.bidr.io/ Name: bito
Value: AABOFk7JvXYAACqoHL5WIg
.bidr.io/ Name: bitoIsSecure
Value: ok
sync.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKICdibiP5baNw__d6nb7zz9ewuzmnLmdXh0zaYLwTYwb9EHwYBCDS9fqmBjABOgTa3nmDQgR26knA.Osb8TMIO1gA8%2BOo7Ubp%2BqVkq9XqTx0oVYMb6Ku801lg
.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKICdibiP5baNw__d6nb7zz9ewuzmnLmdXh0zaYLwTYwb9EHwYBCDS9fqmBjABOgTa3nmDQgR26knA.Osb8TMIO1gA8%2BOo7Ubp%2BqVkq9XqTx0oVYMb6Ku801lg
.bidswitch.net/ Name: c
Value: 1692318418
.bidswitch.net/ Name: tuuid_lu
Value: 1692318418
.bidswitch.net/ Name: tuuid
Value: 99a3228b-b5ec-4ed0-ab3b-c41988f8f0a6
.w55c.net/ Name: wfivefivec
Value: ISyfZg9D1QwNkm5
.turn.com/ Name: uid
Value: 2700558205676423679
.pubmatic.com/ Name: KRTBCOOKIE_52
Value: 22772-R33647_107939190_FD337958&KRTB&23092-R33647_107939190_FD337958
.ipredictive.com/ Name: cu
Value: 155c8ce4-fcf7-4cee-8d64-d2c9a4d62452|1692318418387
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAA_-MSsjQ3MDA2NjQzMzI1N7c0NzQ2EOIz1PU2D80zi0-LdC-rDAMAZAyWbyQAAAA
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAA_-MSsjQ3MDA2NjQzMzI1N7c0NzQ2EOIz1PU2D80zi0-LdC-rDAMAZAyWbyQAAAA
.pubmatic.com/ Name: KRTBCOOKIE_469
Value: 8273-815211786820&KRTB&23428-815211786820
.pubmatic.com/ Name: KRTBCOOKIE_1003
Value: 22761-f1351930-3d5d-11ee-8703-719c24424d7a&KRTB&23275-f1351930-3d5d-11ee-8703-719c24424d7a
.pubmatic.com/ Name: KRTBCOOKIE_860
Value: 16335-9Son5ZY7UStD4HYH8estYmAJ-SY&KRTB&23334-9Son5ZY7UStD4HYH8estYmAJ-SY&KRTB&23417-9Son5ZY7UStD4HYH8estYmAJ-SY&KRTB&23426-9Son5ZY7UStD4HYH8estYmAJ-SY
.pubmatic.com/ Name: KRTBCOOKIE_1278
Value: 23329-cf403ff7-c356-4a56-869f-6d0a3a0a9d8c&KRTB&23340-cf403ff7-c356-4a56-869f-6d0a3a0a9d8c&KRTB&23498-cf403ff7-c356-4a56-869f-6d0a3a0a9d8c
.pubmatic.com/ Name: KRTBCOOKIE_32
Value: 11175-AAAFnL4wPr7wQAMyfGjqAAAAAAA&KRTB&22713-AAAFnL4wPr7wQAMyfGjqAAAAAAA&KRTB&22715-AAAFnL4wPr7wQAMyfGjqAAAAAAA
.pubmatic.com/ Name: KRTBCOOKIE_279
Value: 22890-0b7fda1c-fda1-41ac-b91d-d0575c6881ca&KRTB&23011-0b7fda1c-fda1-41ac-b91d-d0575c6881ca&KRTB&23355-0b7fda1c-fda1-41ac-b91d-d0575c6881ca
.pubmatic.com/ Name: KRTBCOOKIE_22
Value: 14911-2700558205676423679&KRTB&23150-2700558205676423679
.w55c.net/ Name: matchpubmatic
Value: 5
.bing.com/ Name: MUID
Value: 12377A5CDF7C67173F35692DDEA86696
.c.bing.com/ Name: MR
Value: 0
.pubmatic.com/ Name: KRTBCOOKIE_18
Value: 22947-970033166257797130
.pubmatic.com/ Name: KRTBCOOKIE_1305
Value: 23408-2A9490F3-08AC-45EE-95C7-6A357A3D2EFD&KRTB&23413-2A9490F3-08AC-45EE-95C7-6A357A3D2EFD&KRTB&23479-2A9490F3-08AC-45EE-95C7-6A357A3D2EFD&KRTB&23505-2A9490F3-08AC-45EE-95C7-6A357A3D2EFD
.pubmatic.com/ Name: KRTBCOOKIE_107
Value: 1471-uid:ISyfZg9D1QwNkm5&KRTB&23421-uid:ISyfZg9D1QwNkm5
beacon.lynx.cognitivlabs.com/ Name: UID
Value: fd0c3b58-758c-494c-88ba-21692b95657f
beacon.lynx.cognitivlabs.com/ Name: ss
Value: S2wd8s0ww%2FrJ9%2Bqk5Xu76THpkr9M%2BZGiEdqGNr%2BpmrAH4Oi1z0ul438%2FLd1K%2BA1huRxuj2biBBIwVxUmrr41pg%3D%3D
.linkedin.com/ Name: li_sugr
Value: c867515b-d13a-4644-bb29-ddafc3abd14a
.linkedin.com/ Name: lidc
Value: "b=TGST02:s=T:r=T:a=T:p=T:g=3062:u=1:x=1:i=1692318418:t=1692404818:v=2:sig=AQEYlGR-rD9sEdKT9_sgjZJKySkbEptD"
.csync.loopme.me/ Name: viewer_token
Value: 476719bc-fa55-432a-8561-61f6ff96f341
.creativecdn.com/ Name: u
Value: IQenns9db6STUgZpbm9c
.creativecdn.com/ Name: ts
Value: 1692318418
.retargetly.com/ Name: _rlid
Value: 78336b01-a437-4a0a-bf26-d4ba6496aee6
.linkedin.com/ Name: bcookie
Value: "v=2&063a1397-506f-4a4e-88ea-b4f71c99c8fa"
.richaudience.com/ Name: pdid
Value: 903e7a09-4896-46b3-aab6-1zz1692318422
.creative-serving.com/ Name: tuuid
Value: ba79f4b0-2c67-44c6-a073-33e99fa5210b
.creative-serving.com/ Name: c
Value: 1692318418
.creative-serving.com/ Name: tuuid_lu
Value: 1692318418
.technoratimedia.com/ Name: tads_uidp_45
Value: 33EAD8FF-CDBC-4FB2-8DA7-00F4584842DA
.technoratimedia.com/ Name: tads_uidp_48
Value: 4e29f957-8bcf-4dd8-bc1b-49b147223133
.technoratimedia.com/ Name: tads_uidp_90
Value: dd6efeea-2c59-4a87-b0ac-dbac85afd4f7
.technoratimedia.com/ Name: tads_uidp_91
Value: 2048915037081700588brt56841675014149615267a0
.technoratimedia.com/ Name: tads_uidp_70
Value: 1622253365053-949194170222-008367-009-004841
.technoratimedia.com/ Name: tads_uidp_77
Value: HDm8u29ZMvbvejN2j6-VjgFmS9J3EeQmDTIZiIlmi1U
.technoratimedia.com/ Name: tads_uidp_16
Value: 1543803565212
.technoratimedia.com/ Name: tads_uidp_83
Value: XDRyPC3y39Ya
.technoratimedia.com/ Name: tads_uid
Value: 0ACA07A79B244833993E8B9798357D18
.technoratimedia.com/ Name: tads_uid_cd
Value: 20230514043511+0000
.technoratimedia.com/ Name: tads_zora
Value: 2
.technoratimedia.com/ Name: envelope_liveramp.com
Value: 1691177336302
.socdm.com/ Name: SOC
Value: ZN660sCo8X8AAGhoHEoAAAAA
.bluekai.com/ Name: bku
Value: rtT99BvblZuOImGE
.33across.com/ Name: check
Value: true
.mgid.com/ Name: muidn
Value: n7hWS84i56qh
.mgid.com/ Name: __cf_bm
Value: AWca6qf4DOPHsmeuZvJppzlttNekG66YdDcms5bfgVs-1692318418-0-AWUdSZNoFmDS6CDIm4FwGOJPr7GCX5H9XQvg2BxXDY8QhwMM59BrIp5H2GGZjiiGUQ/NEevNAE//4thaQ/Y+tq0=
.pubmatic.com/ Name: KRTBCOOKIE_466
Value: 16530-99a3228b-b5ec-4ed0-ab3b-c41988f8f0a6
.smartadserver.com/ Name: TestIfCookieP
Value: ok
.smartadserver.com/ Name: pbw
Value: %24b%3d16999%3b%24o%3d11100
cm.mgid.com/ Name: mg_sync
Value: {}
.prebid.a-mo.net/ Name: _sv3_0
Value: 1
.a-mo.net/ Name: amuid2
Value: deea23f1-5e51-43c2-b40a-cd2cb26ce7ab
.prebid.a-mo.net/ Name: sd_amuid2
Value: deea23f1-5e51-43c2-b40a-cd2cb26ce7ab
.smartadserver.com/ Name: csync
Value: 127:AABOFk7JvXYAACqoHL5WIg
.pubmatic.com/ Name: KRTBCOOKIE_699
Value: 22727-AABOFk7JvXYAACqoHL5WIg
.prebid.a-mo.net/ Name: _sv3_13
Value: 1
.richaudience.com/ Name: avcid-sov-uid
Value: HKy6dGZHUq-Qsjh8SEqEABZ8
.prebid.a-mo.net/ Name: _sv3_4
Value: 1
.retargetly.com/ Name: _rlmp1
Value: 2||1692318419&&9||1692318419&&11||1692318419&&13||1692318419&&14||1692318419&&22||1692318419&&23|07e245da-4f06-492e-b7a4-be6d629de3b9-64debad1-5553|1692318419&&24||1692318419&&27||1692318419&&51||1692318419&&63||1692318419&&70||1692318419&&72||1692318419&&74||1692318419
ads.playground.xyz/ Name: connect.sid
Value: s%3AsiEHSWwx0Me2RtWsERI6CG9YIakUsxxj.m2dhKKKiKg4Xjy5luoT5xTFii7i9MRQFDeka2ibo9BI
.adsby.bidtheatre.com/ Name: __kuid
Value: e19bc275-ed28-476b-a3ee-6e4401a63d4c.461532419
.omnitagjs.com/ Name: ayl_visitor
Value: c8d4ebd0d55f2f573486a807347b7e78
.prebid.a-mo.net/ Name: _sv3_2
Value: 1
.script.ac/ Name: __cf_bm
Value: en5J6E1jvHn.sl4UzR8zrtG0KET_zfIfFQok9RaNBFE-1692318419-0-AYFsvknTtEIPRwmCQLjPi+dxFW1gr3Me9Xqc3OmSZjEWM+F+bLVlZlQhAjR/SY7jr/mcVIOUk7GpBKzSllydaA0=
.prebid.a-mo.net/ Name: _sv3_3
Value: 1
.prebid.a-mo.net/ Name: _sv3_14
Value: 1
.w55c.net/ Name: matchcasale
Value: 5
.admanmedia.com/ Name: admtr
Value: 611477f1-2266-4456-bda3-55c0a8b20fc4
.admanmedia.com/ Name: ac_r
Value: CS71
.a-mx.com/ Name: amuid2
Value: deea23f1-5e51-43c2-b40a-cd2cb26ce7ab
s.pubmine.com/ Name: tuuid
Value: de349555-d0ff-4738-bf5a-71b2f3727eaa
s.pubmine.com/ Name: tuuid_lu
Value: 1692318420
s.pubmine.com/ Name: tps
Value: !196,461561220!110,461561220!142,461561220!100,461561220!109,461561220!61,461561220!80,461561220
itsallinanutshell.com/ Name: __ATA_tuuid
Value: de349555-d0ff-4738-bf5a-71b2f3727eaa
.go.sonobi.com/ Name: __uqc
Value: 1
.tynt.com/ Name: uid
Value: CoIKSmTeutRbWzXoMydxAg==
.deepintent.com/ Name: CDIPARTNERS
Value: %7B%22113%22%3A%2220230818%22%2C%22142%22%3A%2220230818%22%7D
.smaato.net/ Name: SCM
Value: bc5bc3dc17
.technoratimedia.com/ Name: tads_ipv6
Value: 2602:ffc8:2:104::17
.33across.com/ Name: 33x_ps
Value: u%3D212240589342896%3As1%3D1692318420615%3Ats%3D1692318420615
.smaato.net/ Name: SCM1002067
Value: bc5bc3dc17
.pubmatic.com/ Name: SyncRTB3
Value: 1693612800%3A35%7C1692835200%3A38%7C1693180800%3A63%7C1694908800%3A224%7C1693440000%3A239_243_99_214_264_96_238%7C1697414400%3A69%7C1693526400%3A13_166_3_22_104_178_165_176_240_220_71_54_249_5_56_8_46_81_250_204_48_21_234_233_55_231%7C1692921600%3A2_223_15
.adkernel.com/ Name: SSPZ
Value: 183045
.adkernel.com/ Name: DSP2F_71
Value: 343983
.adkernel.com/ Name: ADKUID
Value: A4583535020344787631
x.videobyte.com/ Name: vbxuid
Value: 2faf151c-23cb-4a64-be7d-68bd2f610eb3
.semasio.net/ Name: SEUNCY
Value: A762A88C41957B9C
.go.sonobi.com/ Name: __uir_zt
Value: 84969996621307843
.go.sonobi.com/ Name: __uin_zt
Value: 970033166257797130
itsallinanutshell.com/ Name: ezux_lpl_496996
Value: 1692318420828|b64fd1ed-dd3c-48e3-456e-545eae58c815|false
.serverbid.com/ Name: CONSUMABLEID
Value: 141733df679a48f99733df679a58f9ba
.go.sonobi.com/ Name: __uir_yh
Value: 84969996621307843
.go.sonobi.com/ Name: __uin_yh
Value: y-.ErJdDtE2uH7svRzPOcQHA5F0cXGAfukULHRiSs-~A
.openx.net/ Name: univ_id
Value: 537072971|0487fdef-dbcb-4472-91ea-091af86a64fb|1692318420820350
.go.sonobi.com/ Name: __uir_td
Value: 84969996621307843
.go.sonobi.com/ Name: __uin_td
Value: 0487fdef-dbcb-4472-91ea-091af86a64fb
.go.sonobi.com/ Name: __uir_tl
Value: 84969996621307843
.go.sonobi.com/ Name: __uin_tl
Value: 4080762774149756005240
.go.sonobi.com/ Name: __uir_eb
Value: 84969996621307843
.go.sonobi.com/ Name: __uin_eb
Value: CAESEB697W8mmHgjQzWfoLRY2Q8||1
.go.sonobi.com/ Name: __uir_ox
Value: 84969996621307843
.go.sonobi.com/ Name: __uin_ox
Value: 7a2dab3d-746b-4e45-88a6-d46da59835fe
.smaato.net/ Name: SCMo
Value: bc5bc3dc17
.go.sonobi.com/ Name: __uir_an
Value: 84969996621307843
.go.sonobi.com/ Name: __uin_an
Value: 4664318827337647392
.go.sonobi.com/ Name: __uir_rh
Value: 84969996621307843
.go.sonobi.com/ Name: __uin_rh
Value: IQenns9db6STUgZpbm9c
.go.sonobi.com/ Name: __uir_vb
Value: 84969996621307843
.go.sonobi.com/ Name: __uin_vb
Value: 2faf151c-23cb-4a64-be7d-68bd2f610eb3
pool.admedo.com/ Name: c
Value: 1692318420
pool.admedo.com/ Name: tuuid
Value: 78c6077d-9ae0-4df2-96e9-29f094f3081c
.mfadsrvr.com/ Name: c
Value: 1692318420
.criteo.com/ Name: uid
Value: dc3254b7-4f75-4b8f-addd-7bd55c3f0cfa
.id5-sync.com/ Name: cf
Value:
.id5-sync.com/ Name: cip
Value:
.id5-sync.com/ Name: cnac
Value:
.id5-sync.com/ Name: car
Value:
.id5-sync.com/ Name: gdpr
Value:
.w55c.net/ Name: matchmedianet
Value: 5
.mfadsrvr.com/ Name: tuuid
Value: 33c5860f-fea7-4a3e-9467-6dfe3d4f70be
.contextweb.com/ Name: pb_rtb_ev
Value: 3-1mcj|4is.0.CAESEGHUiaeyxm7VYo2ufmcsJsg|7bq.0.1|8nM.0.1|7LJ.0.2504e206-099c-4dfa-a5b0-f8c2c91d13ac|7dN.0.AABOFk7JvXYAACqoHL5WIg
.go.sonobi.com/ Name: __uir_co
Value: 84970000916275140
.go.sonobi.com/ Name: __uin_co
Value: 10d14413798e4309914413798ef309f8
.media.net/ Name: data-dat
Value: setstatuscode~~1
.media.net/ Name: data-rk
Value: 970033166257797130~~13
.demdex.net/ Name: demdex
Value: 01191767442811976341934855132811237166
.id5-sync.com/ Name: 3pi
Value:
.id5-sync.com/ Name: callback
Value:
.mfadsrvr.com/ Name: tuuid_lu
Value: 1692318421
.go.sonobi.com/ Name: __uir_pp
Value: 84970000916275140
.go.sonobi.com/ Name: __uin_pp
Value: LRorNYzj3RZ1
.go.sonobi.com/ Name: __uir_bw
Value: 84970000916275140
.go.sonobi.com/ Name: __uin_bw
Value: 99a3228b-b5ec-4ed0-ab3b-c41988f8f0a6
.mfadsrvr.com/ Name: ssh
Value: !medianet,1692318421
.media.net/ Name: data-c
Value: dc3254b7-4f75-4b8f-addd-7bd55c3f0cfa~~1
.media.net/ Name: data-c-ts
Value: 1692318421
.media.net/ Name: data-ayl
Value: c8d4ebd0d55f2f573486a807347b7e78~~13
.media.net/ Name: data-xu
Value: ISyfZg9D1QwNkm5~~13
pool.admedo.com/ Name: tuuid_lu
Value: 1692318421
.pippio.com/ Name: did
Value: xhoRGaJP4NHycBpv
.pippio.com/ Name: didts
Value: 1692318421
.pippio.com/ Name: nnls
Value:
.pippio.com/ Name: pxrc
Value: CNX1+qYGEgYIgr0rEAA=
.media.net/ Name: data-so
Value: 2504e206-099c-4dfa-a5b0-f8c2c91d13ac~~13
.ctnsnet.com/ Name: cid_c6ca2427314b495ebd115a5b809ca2cc
Value: 1
.media.net/ Name: data-a
Value: 4664318827337647392~~13
.kargo.com/ Name: ktcid
Value: 0abf53cc-8515-0958-5515-4808c745bcc7
.media.net/ Name: data-o
Value: 192c7ea0-0ebf-43aa-90d1-a3253541e667~~13
.pswec.com/ Name: tuuid
Value: 2b1fce9e-d794-48b0-be1f-8d5c813563cc
.pswec.com/ Name: c
Value: 1692318421
.pswec.com/ Name: tuuid_lu
Value: 1692318421
.bfmio.com/ Name: __187_cid
Value: 2A9490F3-08AC-45EE-95C7-6A357A3D2EFD
.bfmio.com/ Name: __io_cid
Value: e4f3bf81f5be03017d5f01ead215a09ca173ef19
.dpm.demdex.net/ Name: dpm
Value: 01191767442811976341934855132811237166
.inmobi.com/ Name: idsp_c
Value: a0630e9e-019c-45a7-bfab-a4edc6e1e75b
.media.net/ Name: data-co
Value: AAAIuZ3ZnldwrANUpSWvAAAAAAA~~13
.media.net/ Name: data-g
Value: CAESENhtjoQ6IHLliwQGTt2N6NM~~13
.media.net/ Name: data-ttd
Value: 0487fdef-dbcb-4472-91ea-091af86a64fb~~1
.adx.opera.com/ Name: UID
Value: OPU87e67693242d4262bc1cef6d7740e2c8
.media.net/ Name: data-mf
Value: 33c5860f-fea7-4a3e-9467-6dfe3d4f70be~~1
.thrtle.com/ Name: mc
Value: eyJpZCI6ImVlYjllNmFlLThmZmMtNDA2Zi05ZWZjLTIwNjJhM2YwNjhjZiIsImwiOjE2OTIzMTg0MjE1MzUsInQiOjF9
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-0ec53a30-df5a-48f0-bcf0-e0134c0f42b3-005%22%7D
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 7
.pubmatic.com/ Name: DPSync3
Value: 1693440000%3A259_262_261_260%7C1692403200%3A248_255%7C1693526400%3A256_258_245_236_201_263%7C1693353600%3A257%7C1692921600%3A252_265_253
.pro-market.net/ Name: anProfile
Value: "-8swf20mdcjmy+1+1f=1+1g=1+1j=57:1+rs=s+rt=2602FFC8000201040000000000000017+s2=(rzk991)+vm=15-3353200176634272000V10"
.pro-market.net/ Name: anHistory
Value: "-8swf20mdcjmy+2+!#7/y$W!Mo!"
.media.net/ Name: data-r1
Value: RX-0ec53a30-df5a-48f0-bcf0-e0134c0f42b3-005~~13
.tynt.com/ Name: pids
Value: %5B%7B%22p%22%3A%22797f54a72d%22%2C%22f%22%3A1%2C%22ts%22%3A1692318420658%7D%2C%7B%22p%22%3A%223bfd58deb3%22%2C%22f%22%3A1%2C%22ts%22%3A1692318421659%7D%2C%7B%22p%22%3A%224bee518595%22%2C%22f%22%3A1%2C%22ts%22%3A1692318420658%7D%2C%7B%22p%22%3A%22029cc11ae7%22%2C%22f%22%3A1%2C%22ts%22%3A1692318421659%7D%2C%7B%22p%22%3A%221fbac30d28%22%2C%22f%22%3A1%2C%22ts%22%3A1692318421659%7D%2C%7B%22p%22%3A%227daaa56bb0%22%2C%22f%22%3A1%2C%22ts%22%3A1692318420658%7D%2C%7B%22p%22%3A%227912d88d74%22%2C%22f%22%3A1%2C%22ts%22%3A1692318421659%7D%2C%7B%22p%22%3A%2224c05c7b76%22%2C%22f%22%3A1%2C%22ts%22%3A1692318420658%7D%2C%7B%22p%22%3A%22d26852f088%22%2C%22f%22%3A1%2C%22ts%22%3A1692318420658%7D%2C%7B%22p%22%3A%2222833ea406%22%2C%22f%22%3A1%2C%22ts%22%3A1692318421659%7D%2C%7B%22p%22%3A%22f9a4a8fd15%22%2C%22f%22%3A1%2C%22ts%22%3A1692318420658%7D%2C%7B%22p%22%3A%22008c314e8f%22%2C%22f%22%3A1%2C%22ts%22%3A1692318421659%7D%5D
.c.appier.net/ Name: _auid
Value: x15wm7xKCpm-rhyn1breZA
.dotomi.com/ Name: DotomiTest
Value: 1ea1693851e20fcc
itsallinanutshell.com/ Name: _tfpvi
Value: YzFlODlkOWQtN2RkNS00ZTQ5LWIzNzgtNjM3YzBhNjc0ODFmIy0zLTM%3D
.pubmatic.com/ Name: KRTBCOOKIE_904
Value: 16787-x15wm7xKCpm-rhyn1breZA
.pubmatic.com/ Name: PugT
Value: 1692318421
.taboola.com/ Name: t_gid
Value: 2073ac0e-8531-4e1f-8031-1e32d9d9436a-tuctbd84055
.aralego.com/ Name: sspid
Value: 9d143149-e6b6-3937-95a5-82158078bdc6
.intentiq.com/ Name: intentIQ
Value: mIbhpPYCAR
.intentiq.com/ Name: IQver
Value: 1.9
.media.net/ Name: data-sy
Value: 0ACA07A79B244833993E8B9798357D18~~3
.media.net/ Name: data-r
Value: LLFUOWMM-1P-IU2L~~1
.adnxs.com/ Name: anj
Value: dTM7k!M4/YDunaTF']wIg2GVQu#0R7!]tbP6j2F-.aDFd<pAQ.gk'@9cyi2Xlybnue:!KogjZ%HfQcD'qMXGikLd?p*g0D(W#><y
.adnxs.com/ Name: uids
Value: eyJ0ZW1wVUlEcyI6eyJ0cmlwbGVsaWZ0Ijp7InVpZCI6IjQwODA3NjI3NzQxNDk3NTYwMDUyNDAiLCJleHBpcmVzIjoiMjAyMy0xMS0xNlQwMDoyNzowMVoifX0sImJpcnRoZGF5IjoiMjAyMy0wOC0xOFQwMDoyNzowMVoifQ==
.ads.pubmatic.com/ Name: pubsyncexp
Value: 1692340021903
.analytics.yahoo.com/ Name: IDSYNC
Value: "18z8~2deo:19ai~2deo:191a~2deo:175w~2deo:1991~2deo:190u~2deo:18yi~2deo:18za~2deo"
.media6degrees.com/ Name: clid
Value: 2rzk99101170wafngvrzdbj9000000016d010x01801
.media6degrees.com/ Name: acs
Value: 012020k1rzk991xzt10
.technoratimedia.com/ Name: tads_uidp_7
Value: 86b1267a-99c4-432e-a24c-b7b089be0156
.ow.pubmatic.com/ Name: uids
Value: eyJ0ZW1wVUlEcyI6eyJlcGxhbm5pbmciOnsidWlkIjoiQURuZjVPWjRpaUlMaGZkSyIsImV4cGlyZXMiOiIyMDIzLTA5LTAxVDAwOjI2OjU3Ljk5MjEwNjI0N1oifSwiaXgiOnsidWlkIjoiWk42NjBncGZnWFZBZ1VsNGliWG9MQUFBXHUwMDI2MTM2MyIsImV4cGlyZXMiOiIyMDIzLTA5LTAxVDAwOjI3OjAwLjA4OTI3MTgzN1oifSwibWVkaWFuZXQiOnsidWlkIjoiMzM1MzIwMDE3NjYzNDI3MjAwMFYxMCIsImV4cGlyZXMiOiIyMDIzLTA5LTAxVDAwOjI2OjU3LjU3ODM4Nzg5NloifSwibm9iaWQiOnsidWlkIjoiTXpFeU9qUTIhalF6TVRnNE1qY3pNemMyISpjek9USX4iLCJleHBpcmVzIjoiMjAyMy0wOS0wMVQwMDoyNjo1Ny4wOTIzNTg5OTlaIn0sInB1Ym1hdGljIjp7InVpZCI6IjJBOTQ5MEYzLTA4QUMtNDVFRS05NUM3LTZBMzU3QTNEMkVGRCIsImV4cGlyZXMiOiIyMDIzLTA5LTAxVDAwOjI3OjAyLjAwNDg1MzIyNloifX19
.clickagy.com/ Name: cb
Value: ZN661n_zJlcXIZg8fIT4ycP2
aorta.clickagy.com/ Name: chs
Value: [{"ch":"4","t":"2023-08-18 00:27:02"}]
.technoratimedia.com/ Name: tads_uidp_88
Value: 2520054880395420162427
.liadm.com/ Name: lidid
Value: fc6ac603-6eef-4775-ba05-ddb069ed9ae0
io.narrative.io/ Name: io.narrative.guid.v2
Value: f37862b0-3d5d-11ee-9828-02e4221a2b5f
.intentiq.com/ Name: IQPData
Value: 1611266342#1692318422102#0#1692318422102
.intentiq.com/ Name: IQPending
Value: pending
.intentiq.com/ Name: intentIQCDate
Value: 1692318422110
.intentiq.com/ Name: ASDT
Value: 0
.intentiq.com/ Name: CSDT
Value: UEQ6Ml8wJlRuRXhkTjk
.rlcdn.com/ Name: rlas3
Value: VlLHwSCwXsja+zGeEOU55YdWakjX/si1O1ouq5Roocc=
.rlcdn.com/ Name: pxrc
Value: CNT1+qYGEgUI6AcQABIFCOhHEAASBgi66gEQAQ==
.smaato.net/ Name: SCMg
Value: bc5bc3dc17
.tribalfusion.com/ Name: ANON_ID
Value: a4nwYSSZdIijSTnMSXxNpdo6fuLSsUFTuTCuvjGwWv6LTBk1FuLQFEDnWQZcQ3rQgs7oSGmtm8vHpimIrfqwtKQy1nAq1TJC7IwiU1xRQky0QwDXYTH90ujhAAdq8f
.blismedia.com/ Name: b
Value: 64DEBAD66FF08FAE23BC3508BLIS
fksnk.com/ Name: AWSALBCORS
Value: j/YD8Yaec0it+PPzbbupGY513g248nt8PHjXgCQGc6GJZsE9HNAnLuw11KJhObWa9wkefkZftjrexLEpdPhWptE6wORiLW+/ScxBte6pjw1aFfjEVi7uflxxWh9U
.fksnk.com/ Name: f_001
Value: EFB103CB4CC378BC
.fksnk.com/ Name: g_001
Value: 1
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAA_9vEyGtoZmlkbGhhAkQG5rsQfCMjoNAqFgTfwNTEZJUoEt_MxBAA6rn7KEAAAAA
.quantserve.com/ Name: d
Value: EK4BEQHeKfijCJiTAA
.bluekai.com/ Name: bkdc
Value: phx
.agkn.com/ Name: ab
Value: 0001%3AFvLp2Rtq2AFhJ6Nrkfn%2F%2Bub3cIyIPgU3
.uuidksinc.net/ Name: jcsuuid
Value: NPHW8Vlo9pKBpI7eGLwi
.yandex.ru/ Name: yuidss
Value: 9872895721692318422
.yandex.ru/ Name: yandexuid
Value: 9872895721692318422
.rkdms.com/ Name: sessionid
Value: h-ad0bb4dabcf23259d877e1e1d0153c20_t-1692318422
.rkdms.com/ Name: sc
Value: 13%3A110688
.mookie1.com/ Name: id
Value: 10594366287868868051
.mookie1.com/ Name: mdata
Value: 1|10594366287868868051|1692318422692
.mookie1.com/ Name: ov
Value: 224d0dca704cb1b8e709ff0c81b4232b
.smaato.net/ Name: SCMtmp1001980
Value: bc5bc3dc17
.smaato.net/ Name: SCM1001980
Value: bc5bc3dc17
.send.microad.jp/ Name: TR
Value: 1d2fb9bf7f6836dcabd9d81bd3bcdd388163e581b14420ef
.openx.net/ Name: pd
Value: v2|1692318420.1.1|iKvPvMgakWgy.wvmmbwuYeShEgKwrg2f8.g6fYn8wDwtmKvJvuoqvRwi
itsallinanutshell.com/ Name: ezouspvv
Value: 170
itsallinanutshell.com/ Name: ezouspva
Value: 4
.sitescout.com/ Name: _ssuma
Value: eyI0NSI6MTY5MjMxODQxODIwOCwiNTciOjE2OTIzMTg0MTg2MzQsIjI2IjoxNjkyMzE4NDIxOTY4LCIzOSI6MTY5MjMxODQxNzk0NSwiMTciOjE2OTIzMTg0MjE4OTYsIjciOjE2OTIzMTg0MTc5NDUsIjcwIjoxNjkyMzE4NDE3OTQ1LCI0MSI6MTY5MjMxODQyMzA0OX0
.ads.yieldmo.com/ Name: re_sync
Value: rc%3D1176061%7Cunl%3D1176061%7Ct%3D1176061%7Ctapad%3D1176061%7Cdv360%3D1176061
.crwdcntrl.net/ Name: _cc_cc
Value: "ACZ4XmNQSE01sLAwMDI1NEgxNUs0M09LsjQ0TzNMNDIwTrZMMjRhAIKUe7uug2goAABUcAtM"
.crwdcntrl.net/ Name: _cc_aud
Value: "ABR4XmNgYGBIubfrOpCCAgAixQLU"
.itsallinanutshell.com/ Name: panoramaId_expiry
Value: 1692404823054
.itsallinanutshell.com/ Name: _cc_id
Value: ee08802510d56a67fb917f1a203c9b14
.itsallinanutshell.com/ Name: panoramaId
Value: f1d0219d68494eca494c67d53107a9fb927aee7a2e37391c3cf234ba690aa7d5
.w55c.net/ Name: matchopenx
Value: 5
.rubiconproject.com/ Name: audit
Value: 1|aylLiCDfFf2WcF2hZZcnNymbLsmiY+/qHd4f7Crdeyjhj9K5Ghav9faoNLh6Z9BG96XQdYNeNYXqFTrNE4+z9kqVaHlG5SlgpmvllXEtYN4=
.pubmatic.com/ Name: SPugT
Value: 1692318422
.adsrvr.org/ Name: TDCPM
Value: CAESFQoGZ29vZ2xlEgsIhtfR1fvijzwQBRIVCgZjYXNhbGUSCwiot5DZ--KPPBAFEhYKB3N2eDl0NTASCwig_L3b--KPPBAFEhQKBXRhcGFkEgsIqJvK3PvijzwQBRIYCgliaWRzd2l0Y2gSCwig9972--KPPBAFGAEgASgCMgsI7JTatpLjjzwQBTgBWgd5aWVsZG1vYAI.
.mathtag.com/ Name: uuid
Value: 1fa464de-bad7-4f00-8928-46f723d6fea4
.ads.yieldmo.com/ Name: ptrrc
Value: LLFUOWMM-1P-IU2L
.ads.yieldmo.com/ Name: ptrt
Value: 0487fdef-dbcb-4472-91ea-091af86a64fb
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-0ec53a30-df5a-48f0-bcf0-e0134c0f42b3-005%22%2C%22nxtrdr%22%3Afalse%7D
s.pubmine.com/ Name: lcai9h
Value: !167,1,1692318423
s.pubmine.com/ Name: ih
Value: !4610,461561223
s.pubmine.com/ Name: lcri5m
Value: !2766,1,1692318423
s.pubmine.com/ Name: ar1d
Value: !0,1,1692318423
.itsallinanutshell.com/ Name: cto_bundle
Value: NeGiZ19ab2xRc1FIeUhqWTFmeFVzZFhPVUZ1TnZLcmo2VTNCQUJJNmUxNkVyYTMyJTJGUE1RYVBxT0NBQTZqaWtNWTBxJTJCaTdRVnlHRk8lMkJhMkh4N09xbEMxUXhZNFBTTWs3SVIxMEw0OWdoJTJGVEVRTEdkZEl1UTZzSWlZZEdZaTZ6akZVWFpYTzFodWw3cyUyQlpDbmlZUWxzZkppcnYwNnJ3M0szVWtPbGNNSSUyQjc4T21oUDglM0Q
.itsallinanutshell.com/ Name: cto_bidid
Value: HlqG2F9sR1M3M2ZRMkk2dG1kb2IlMkYlMkJveFdTWDJuYWYxOVN5JTJGZDA3ZmlUYW5nRThQU045MG5lbER3ZURUVGhkbmJCRE1KNFVBcjR4U2l3NUZCWHdrSWFlTUt3bG9kUTI5Z21Kdk9kd1c4ZUF1OElZek9VbWxMSjAxUGsyTWlxZXRMeWZPMg
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value: 1!5520-2!5520-3!5520
.ads.yieldmo.com/ Name: ptrunl
Value: RX-0ec53a30-df5a-48f0-bcf0-e0134c0f42b3-005
.doubleclick.net/ Name: DSID
Value: NO_DATA
s.pubmine.com/ Name: rum
Value: !26,2A9490F3-08AC-45EE-95C7-6A357A3D2EFD,461561224!11,2A9490F3-08AC-45EE-95C7-6A357A3D2EFD,461561223!18,99a3228b-b5ec-4ed0-ab3b-c41988f8f0a6,461561220!23,8367935734482287302,461561220!13,2504e206-099c-4dfa-a5b0-f8c2c91d13ac,461561220!1,99a3228b-b5ec-4ed0-ab3b-c41988f8f0a6,461561221!30,0ACA07A79B244833993E8B9798357D18,461561221!6,212240589342896,461561221!20,ID5-e9d6zwcfQs6vtYtluw4wwRilNJYB_IBe8aTRkhw_Qg,461561221!24,212240589342896,461561221!10,4664318827337647392,461561220
.id5-sync.com/ Name: id5
Value: 08e078be-cd59-7dd9-bb5d-762e386cc7f6#1692318420939#3
itsallinanutshell.com/ Name: mailerlite:forms:shown:88982420855981682
Value: 450750
.go.sonobi.com/ Name: HAPLB8G
Value: s85113|ZN663

18 Console Messages

Source Level URL
Text
network error URL: javascript: void(0)
Message:
Failed to load resource: net::ERR_UNKNOWN_URL_SCHEME
network error URL: https://fonts.googleapis.com/css?family=:400|Anton:100,100italic,200,200italic,300,300italic,400,400italic,500,500italic,600,600italic,700,700italic,800,800italic,900,900italic|Faustina:100,100italic,200,200italic,300,300italic,400,400italic,500,500italic,600,600italic,700,700italic,800,800italic,900,900italic|Lora:100,100italic,200,200italic,300,300italic,400,400italic,500,500italic,600,600italic,700,700italic,800,800italic,900,900italic|Oswald:100,100italic,200,200italic,300,300italic,400,400italic,500,500italic,600,600italic,700,700italic,800,800italic,900,900italic|Roboto:100,100italic,200,200italic,300,300italic,400,400italic,500,500italic,600,600italic,700,700italic,800,800italic,900,900italic|Source+Sans+Pro:300,300italic,400,400italic,600|Yrsa:300,400,700&display=optional
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://www.paypalobjects.com/en_NL/i/scr/pixel.gif
Message:
Failed to load resource: the server responded with a status of 404 ()
security warning URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js(Line 481)
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
network error URL: https://u-iad04.e-planning.net/um?uid=&dc=b337141cfdc8cf59&fi=2dc5d7ef17b42550
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://us01.z.antigena.com/l/FZt5psomz79DGe~O1V5PkX7S8-NVJIdw0INR-k~Duu9c36GyIDyElf4y8fa2~-9InNSq4BCadyu-8tQSiIkaVleT~Yh8GI4ocNSeo4~API4DJEsYNIMg2sPMMXvjcckTUFy53ZYw3gzv35jSAchydRkSr2XFgqe-kzzlKTlv1VT7-TlAc0PcX7nFzbKlHypwbpU3AWUAJgUx%202A9490F3-08AC-45EE-95C7-6A357A3D2EFD&rnd=RND
Message:
Failed to load resource: the server responded with a status of 403 (Forbidden)
network error URL: https://bcp.crwdcntrl.net/map/c=11530/tp=RTRG/tpid=78336b01-a437-4a0a-bf26-d4ba6496aee6
Message:
Failed to load resource: the server responded with a status of 400 ()
javascript warning URL: https://itsallinanutshell.com/
Message:
The resource https://itsallinanutshell.com/porpoiseant/fads.js?gcb=195-0&cb=26 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript warning URL: https://itsallinanutshell.com/
Message:
The resource javascript: void(0) was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript warning URL: https://itsallinanutshell.com/
Message:
The resource https://fonts.googleapis.com/css?family=:400|Anton:100,100italic,200,200italic,300,300italic,400,400italic,500,500italic,600,600italic,700,700italic,800,800italic,900,900italic|Faustina:100,100italic,200,200italic,300,300italic,400,400italic,500,500italic,600,600italic,700,700italic,800,800italic,900,900italic|Lora:100,100italic,200,200italic,300,300italic,400,400italic,500,500italic,600,600italic,700,700italic,800,800italic,900,900italic|Oswald:100,100italic,200,200italic,300,300italic,400,400italic,500,500italic,600,600italic,700,700italic,800,800italic,900,900italic|Roboto:100,100italic,200,200italic,300,300italic,400,400italic,500,500italic,600,600italic,700,700italic,800,800italic,900,900italic|Source+Sans+Pro:300,300italic,400,400italic,600|Yrsa:300,400,700&display=optional was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
deprecation warning URL: https://script.4dex.io/localstore.js
Message:
Listener added for a synchronous 'DOMNodeRemoved' DOM Mutation Event. This event type is deprecated (https://w3c.github.io/uievents/#legacy-event-types) and work is underway to remove it from this browser. Usage of this event listener will cause performance issues today, and represents a risk of future incompatibility. Consider using MutationObserver instead.
network error URL: https://prebid.a-mo.net/cchain/7/29210?gdpr=&gdpr_consent=&gpp=&gpp_sid=&us_privacy=&A=deea23f1-5e51-43c2-b40a-cd2cb26ce7ab&bidder=amx_com&cbx=aHR0cHM6Ly9vdy5wdWJtYXRpYy5jb20vc2V0dWlkP2JpZGRlcj1hbXgmZ2Rwcj0mZ2Rwcl9jb25zZW50PSZncHA9JmdwcF9zaWQ9JmY9aSZ1aWQ9&uid=
Message:
Failed to load resource: net::ERR_TOO_MANY_REDIRECTS
network error URL: https://sync-dmp.mobtrakk.com/match/bidswitch?id=${user_id}&gdpr=0&consent=&usp=&ssp=medianet&bsw=99a3228b-b5ec-4ed0-ab3b-c41988f8f0a6
Message:
Failed to load resource: the server responded with a status of 502 ()
other warning URL: https://f9aff9bef49e1270a22b691c950b742a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html(Line 15)
Message:
Origin trial controlled feature not enabled: 'attribution-reporting'.
network error URL: https://x.bidswitch.net/sync?ssp=synacor&user_id=0ACA07A79B244833993E8B9798357D18
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: https://ups.analytics.yahoo.com/ups/58713/fed?v=1&1p=0&gdpr=0&gdpr_consent=&us_privacy=1---&url=https://itsallinanutshell.com/&pixelId=58713
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://app.retargetly.com/sync?pid=11&google_gid=CAESEJ33vkXXC5RBr2xILC0--Zg&google_cver=1
Message:
Failed to load resource: the server responded with a status of 504 ()
network error URL: https://match.bnmla.com/usersync?sspid=10084&redir=https%3A%2F%2Fsync.go.sonobi.com%2Fus.gif%3Fnw%3Den%26nuid%3D[UUID]
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

33across-match.dotomi.com
a.teads.tv
a.tribalfusion.com
aa.agkn.com
aax-eu.amazon-adsystem.com
acdn.adnxs.com
ad-cdn.technoratimedia.com
ad.360yield.com
ad.mrtnsvr.com
ad.turn.com
ads.creative-serving.com
ads.pubmatic.com
ads.servenobid.com
ads.stickyadstv.com
ads.us.criteo.com
ads.us.e-planning.net
ads.yieldmo.com
adservice.google.com
aid.send.microad.jp
an.yandex.ru
analytics.pangle-ads.com
aorta.clickagy.com
ap.lijit.com
api.retargetly.com
app.retargetly.com
assets.mailerlite.com
assets.mlcdn.com
at.teads.tv
automattic-d.openx.net
b1sync.zemanta.com
bcp.crwdcntrl.net
beacon.lynx.cognitivlabs.com
bh.contextweb.com
bidder.criteo.com
bpi.rtactivate.com
bshr.ezodn.com
btlr.sharethrough.com
c.bing.com
c0.pubmine.com
c1.adform.net
c2shb.ssp.yahoo.com
cadmus.script.ac
cat.va.us.criteo.com
cdn-0.itsallinanutshell.com
cdn.ampproject.org
cdn.jsdelivr.net
cdnjs.cloudflare.com
cm.adgrx.com
cm.g.doubleclick.net
cm.mgid.com
cms-xch-chicago.33across.com
cms.analytics.yahoo.com
cms.quantserve.com
contextual.media.net
cookies.nextmillmedia.com
core.iprom.net
crb.kargo.com
creativecdn.com
cs.admanmedia.com
cs.krushmedia.com
cs.media.net
cs.videowalldirect.com
csi.gstatic.com
csm.us.criteo.net
csync.loopme.me
d2skc0orvsqfj9.cloudfront.net
de.tynt.com
dis.criteo.com
dpm.demdex.net
dsum-sec.casalemedia.com
dsum.casalemedia.com
e.serverbid.com
eb2.3lift.com
engagefront.theweathernetwork.com
eu-u.openx.net
eus.rubiconproject.com
events-ssc.33across.com
f9aff9bef49e1270a22b691c950b742a.safeframe.googlesyndication.com
fei.pro-market.net
fksnk.com
fonts.googleapis.com
fonts.gstatic.com
fonts.mailerlite.com
g.ezodn.com
g.ezoic.net
go.ezodn.com
gocm.c.appier.net
googleads.g.doubleclick.net
groot.mailerlite.com
gum.criteo.com
hb-api.omnitagjs.com
hbx.media.net
i.e-planning.net
i.liadm.com
i.w55c.net
i6.liadm.com
ib.adnxs.com
ic.tynt.com
ice.360yield.com
id.a-mx.com
id.crwdcntrl.net
id.hadron.ad.gt
id.rlcdn.com
id5-sync.com
idpix.media6degrees.com
idsync.rlcdn.com
im.bluevoox.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
imasdk.googleapis.com
io.narrative.io
ipac.ctnsnet.com
itsallinanutshell.com
lb.eu-1-id5-sync.com
lexicon.33across.com
match.adsrvr.org
match.bnmla.com
match.deepintent.com
match.prod.bidr.io
match.sharethrough.com
matching.truffle.bid
medianet-match.dotomi.com
mid.rkdms.com
mug.criteo.com
mweb.ck.inmobi.com
nep.advangelists.com

odr.mookie1.com
onetag-sys.com
ow.pubmatic.com
p.rfihub.com
pagead2.googlesyndication.com
pdp-service.prd-00.retargetly.com
pippio.com
pixel-sync.sitescout.com
pixel-us-east.rubiconproject.com
pixel.33across.com
pixel.quantserve.com
pixel.rubiconproject.com
pixel.sitescout.com
pixel.tapad.com
pixel.wp.com
pm.w55c.net
pmp.mxptint.net
pool.admedo.com
pr-bh.ybp.yahoo.com
prebid-match.dotomi.com
prebid.a-mo.net
prebid.media.net
pubads.g.doubleclick.net
pubmatic-match.dotomi.com
px.ads.linkedin.com
px.owneriq.net
r.casalemedia.com
r.turn.com
retargetly-match.dotomi.com
rr4---sn-ab5l6ndr.googlevideo.com
rtb-csync.smartadserver.com
rtb.adentifi.com
rtb.gumgum.com
rtb.mfadsrvr.com
rtb.openx.net
rtb.va.us.criteo.com
rules.quantcount.com
s.ad.smaato.net
s.amazon-adsystem.com
s.company-target.com
s.e-planning.net
s.pubmine.com
s.tribalfusion.com
s.uuidksinc.net
s0.2mdn.net
script.4dex.io
secure-assets.rubiconproject.com
secure.adnxs.com
secure.quantserve.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
simage4.pubmatic.com
ssbsync-global.smartadserver.com
ssbsync.smartadserver.com
ssc-cms.33across.com
ssl-market-east.smrtb.com
ssp.disqus.com
ssum-sec.casalemedia.com
ssum.casalemedia.com
stags.bluekai.com
static.criteo.net
storage.mlcdn.com
synacor-match.dotomi.com
sync-dmp.mobtrakk.com
sync-tm.everesttech.net
sync.1rx.io
sync.adkernel.com
sync.admanmedia.com
sync.aralego.com
sync.bfmio.com
sync.crwdcntrl.net
sync.e-planning.net
sync.go.sonobi.com
sync.inmobi.com
sync.intentiq.com
sync.ipredictive.com
sync.mathtag.com
sync.outbrain.com
sync.richaudience.com
sync.smartadserver.com
sync.srv.stackadapt.com
sync.taboola.com
sync.targeting.unrulymedia.com
sync.teads.tv
sync.technoratimedia.com
sync1.intentiq.com
synchroscript.deliveryengine.adswizz.com
t.adx.opera.com
t.pswec.com
t.pubmatic.com
tags.bluekai.com
tags.crwdcntrl.net
tg.socdm.com
thrtle.com
token.rubiconproject.com
tpc.googlesyndication.com
tr.blismedia.com
u-iad04.e-planning.net
u.openx.net
uat-net.technoratimedia.com
uipglob.semasio.net
um.simpli.fi
ums.acuityplatform.com
ups.analytics.yahoo.com
us-u.openx.net
us01.z.antigena.com
usersync.gumgum.com
visitor.omnitagjs.com
wordadsmediafiles.files.wordpress.com
www.ezojs.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.paypal.com
www.paypalobjects.com
www.youtube.com
x.bidswitch.net
x.videobyte.com
match.bnmla.com

pagead2.googlesyndication.com
prebid.a-mo.net
px.owneriq.net
ssl-market-east.smrtb.com
104.107.25.203
104.36.115.123
107.178.254.65
108.138.128.124
108.138.128.21
124.146.215.46
13.226.36.207
130.35.192.4
141.226.224.48
141.95.98.64
142.250.176.194
151.101.130.49
151.101.193.108
151.101.66.133
159.89.246.130
162.19.138.117
162.248.18.34
162.248.18.37
168.119.72.236
172.104.105.5
172.98.26.241
172.98.26.245
173.231.178.83
174.137.133.32
18.116.16.40
18.164.116.64
184.72.156.158
185.167.164.37
185.184.8.90
192.0.72.25
192.0.76.3
192.0.77.38
192.229.210.155
192.40.39.223
192.96.203.13
195.244.31.10
195.5.165.20
198.148.27.131
199.127.204.171
199.38.167.131
2.22.40.190
2.22.40.22
20.127.253.7
20.85.134.6
2001:4860:4802:32::3
202.233.84.1
205.234.175.175
207.198.113.205
207.198.113.88
216.200.232.253
216.22.16.8
23.105.12.136
23.105.12.159
23.21.221.118
23.52.158.180
23.88.86.2
2600:1901:0:8344::
2600:1901:0:8eee::
2600:1f10:4c55:e23d:6ffa:4113:c739:8c8
2600:1f10:4c55:e23f:afb4:7f32:3aa4:fbc
2600:1f18:4e9:5a01:3974:5cd2:89d:2ca0
2600:1f18:ed:550e:6ec0:9bc:6a32:779a
2600:9000:21dd:1600:6:44e3:f8c0:93a1
2600:9000:2511:6800:1b:5138:8a40:93a1
2600:9000:2511:bc00:1b:6b7d:2300:93a1
2603:c020:400d:3000:f50:982a:7877:65bd
2606:2800:21f:2cf1:7be6:911:71d9:25f7
2606:4700:10::6816:108d
2606:4700:10::6816:545
2606:4700:10::6816:6cb
2606:4700:1::6813:884e
2606:4700:20::681a:8a9
2606:4700:3030::6815:5d19
2606:4700:3031::6815:29fd
2606:4700:3033::ac43:a290
2606:4700::6811:190e
2606:4700::6812:16ea
2606:4700::6812:1791
2606:4700::6812:19ad
2606:4700::6812:c45
2606:4700:e2::ac40:8817
2606:ae80:1450:15::1690
2607:f8b0:4006:3e::9
2607:f8b0:4006:806::2004
2607:f8b0:4006:809::2002
2607:f8b0:4006:809::2003
2607:f8b0:4006:80a::2008
2607:f8b0:4006:80b::200a
2607:f8b0:4006:80c::2002
2607:f8b0:4006:817::200e
2607:f8b0:4006:81c::200e
2607:f8b0:4006:81d::2002
2607:f8b0:4006:81e::2001
2607:f8b0:4006:81f::2002
2607:f8b0:4006:81f::2006
2607:f8b0:4006:820::2002
2607:f8b0:4006:821::200a
2607:f8b0:4006:824::2001
2620:100:a001::16
2620:100:a001::18
2620:100:a001::24
2620:100:a001::3
2620:100:a001::4
2620:100:a001::c
2620:112:f002:bbbb::21
2620:116:800b:21:f059:4f7e:28a9:1588
2620:1ec:21::14
2620:1ec:c11::200
2a02:6b8::90
2a04:4e42:600::485
3.135.132.32
3.214.33.241
3.223.58.25
3.233.248.22
31.220.27.134
34.102.163.6
34.107.148.139
34.111.113.62
34.117.239.71
34.120.23.223
34.170.123.2
34.200.65.202
34.233.30.236
34.236.83.94
34.237.83.209
34.238.96.3
34.246.241.162
34.96.105.8
34.96.71.22
35.186.193.173
35.186.253.211
35.190.60.146
35.190.90.30
35.207.24.140
35.210.53.219
35.211.178.172
35.214.144.9
35.244.159.8
35.71.131.137
38.91.45.7
38.98.69.175
40.76.134.238
44.193.215.220
44.196.72.67
44.212.232.9
44.216.72.86
44.226.139.197
50.19.227.133
50.57.31.206
51.222.39.185
52.200.202.57
52.201.146.33
52.204.75.117
52.207.126.75
52.223.22.214
52.23.11.45
52.23.88.72
52.44.3.194
52.45.175.185
52.46.155.104
52.6.59.36
52.7.24.177
54.156.138.112
54.156.29.217
54.173.48.72
54.174.203.135
54.175.73.148
54.209.93.224
54.211.218.86
54.81.4.21
54.82.254.5
63.251.114.136
63.251.28.233
64.202.112.127
64.74.236.159
67.202.105.23
67.202.105.34
67.220.228.203
68.67.161.182
69.166.1.34
69.90.254.78
72.247.65.83
72.247.69.164
74.119.119.139
74.119.119.147
74.119.119.150
76.13.32.147
8.2.110.134
8.2.110.24
8.2.111.52
8.28.7.81
8.28.7.92
8.43.72.97
8.43.72.98
80.77.87.163
82.145.213.8
0200bc38d986631f9cc4680084d7d263ccf17fa4a3c627b26ff347e0cfcf1d47
0648aeae8d2f0ad6d1ef79bf2aff8f27b49dd7724306d3c9a9e09dfbe34d548d
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
0964d141519db34adc6aa127a33dbc6761cda1e56b584ea402082d99c44afb9e
0a2c88a1b5166ad261aa7fff6dc7089c7288d3cad5b32c9049bfbb3a29017e2e
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c34dc4de2a524e93b1315788f03ba101b99e22ff50082945e84a00368d73e16
0d0a6262c545e8bbc895116e5afb22579c468d7abb77e378f377d6fed57c1dce
0d111d61901004eafd87c672f12f6cd54b3c376513aa672bf58100506dfe76f5
0d62c80e8180a2c275d761c5fb681cc5b0e41fff53d32926ebed430f91f511c9
0daa9ae49460256e86d7f6fe89d832b19bdf139a28a9bf32aa48a7d3956529f9
0e48cafc5be8b340f549d16fb048ac0dc93b9ff6bee1a27e158b3114a113739a
0ea6c65d8e460987a7ea8f98355f789fe6bfbe11b0afe7a1c65d6042da65ea33
0ed6a5f0f538fd39b78030a852691db1a37351c3bb5187627c6844fb135d57b8
0eef35992b214af5251445fa6edda217dec37eb85de291752f74a9193d04d27c
101ead936a2281d53dcc064b7e2a2ab0d53b92ef3ef7b34b668673007895c860
10a051d3b73e318fd3e4cf0b128fffbe86c26285b1de2fe51f26c749198ef1cc
11e823d3befb8f2b14b28e5d775a244f82de30c3c790291f82e8f782b07dde4b
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
18cbfcb608af5885f7916274b60578d32006c90e8fce3d98dbcc89a646707608
19016ba9dbcdc75c80caef1921595e7de36683131486523ce81979aae316c7d7
19037f548c23b16f66ac2e1cede1fe5bdc253589a37bd985334ca3adedd110dc
19121f76902524e88c824089e73449fa9202dd28139e3c152388083ea924fa3e
1adad90acf544fdc1f70dfbdd12d6d53d8c5fba3ef7431c2ef4584a2243c3e5d
1b92260a400bea230772ccfff1953fbe65deeb30da1a8aa146342d20833f24ff
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1cfd32e37f8aba263101f06e8f702adfaef55a6601857cf5e2c6dd0b0388dcd6
1e907729e2c94d83c64b79749de49e456f0303390d4c078c37f44e498c36125a
2060d29f49d996a26f3888bf75735db9e023f651d382164d295337be9dc99620
21873b48864f2603d1c96674b2dfb83249b505f5b916a9a8b6f1543e66e44909
247e402c1d9149f1443f3c5a92ea35c0897ae5ad6c61d8629cd5dc5b3a30597c
2795289b3b1f557de8416911af709a9ddf88c0277bd0b6405378a6330591296f
2919310cae24ba76feb93e198bdbcd94260bcfcbd7e87dd331585db353494e19
29240ede0f8caf3a8ee8c2f48d1848dd98f9ecd6445c287376398e7e75b01eb4
2a79e7a6998bf7cd13f491403002764b30fa529706acf7e0f1d79db7d0ce812b
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2b104db680a9d1df48409a24d2f18c31e2867e67e921c44b00c72b22d9762bb8
2bd27fb4cdd30b9b0c730e44a8ec482a49dbf95eaa5c3f399c816dfef9990beb
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
2d90bd393f63bca4e446a884a1914b85e3a3aad4361ca5c3b1e8a6768d82c5e8
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
2fbf8198ca7c1c7c388bf35472ca4824c7d20604a31af2b29c85a647abc9aeb0
2fd4aeb859f19e41cf023725c31175da6cb0cad8ed87e93cba322ee07dfbbbb3
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
31cd7bd5f71dfcb7caebc43b16ea2ef880d2ac8da1212dacc0213e7eb0ecbb3e
31d4a4356e8058eaaf4e9dc93d93f7cca92d79de5c159a8c2a9ae2193953c58a
32e72b11a23866376e97cfdaa82a127aaedbaaa13c2b3dbdd1197684196f0883
33849beaed6f34c2defe2ea3610a424d05730d79a9af10e3cf67e070af0694e0
341a8ac8f8abf74c6c8406b8b64ff7aac03d28709184f0b8937ccdf6722f2ae1
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
3642c7e774562f7483d7b0de93dd1759fc6928e85eebd7e62ddae72e9d46c9cb
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
38894c4f121d9832e23ab3a8195fa6388c5135d5e87c42e6e4dd919941e23714
3918580cdace4adee5bfeafe65b12155db271301f2841dd59a121c8c0a1ca793
3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280
3b2ea1c9f3587781b58285cf64279e67f6329a3924fb93f81529f1826e2f4d16
3c1c366e13aedf7a3e721edf1e9c69dc9d955c5c83f893ad77fffaac8d7433ba
3d2f1224eafb6a9035c3b847f46493f285e48fd81b5e6e34f157a24d36e6230e
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3f79b102c744991657082da9d966dff08bd32c1f09952324d7527e318e7c7d3e
3f84745b37ee5be42c2bc7dbb5d28a99c40416981c378bc141f945fc19fd2e3f
3fdd9957f328674a49573806215c9fe67a6f827515607cf8d7db980fc94b771c
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
41b053a7f6425731025ebe52a66d3e93d1f1ed1fec73528efdad8bb35efdaaa0
435b1ece4a55f4f8d06866b32c1aee3cc4661eb905265894795f15a57bf1b33d
43ef4025567f7a15859b5252b6ccc1efe2ff8c7331b1aefbea7ce88eb5084d27
4443eccbe460b086b56483fdbfdaafca2c11c369a796a56c097997b15c160660
44f9b644648bc617dc561b8bb575276387fdbe044c97d84f0fb6e80e4997120c
4539a37b37acaf787b3ccd0bb1e9a3372c9150aff547eeddd0296ad2a6d664f8
453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22
4566cc4dddb2fd6641747b8b37ecf6e30fc41fb39378b8504d2389e8a98d8e4a
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
4718dd9f68e969d1cb5e1b6172206b7150ad1d8cd5c5c1fe5812dd0e1646d426
485567ada85d2d82f3c23210e6082009fcd03700751bf61a07a56a256b1e8918
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0
4f54bc7e9e40bc5b67e8e5f1a19c649d88b73ac555e1171231f4913a4cef7c35
4f618d20d85f3163d72432606f3afa3c17b6c79954f967ec3df9a710503c9df4
4f7fcb0e1aed73f7bdec63bd851e1d18232f64c592c06dc298aa991945536fdb
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54a49f6ac67e83c81d4562a90d07c9a92e1de912fd231ad9db18d73959698d61
556a762cb34dbf3b17f61a68584586012a4eeb91b08477a18f163c383ba777c1
559ae2dc3f1b2fde708a290477da2752ca33399cf5f8d4b6afdafbba4498339d
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
565976069e84fb18b98293a50427aaf754909ab98a694622e929ac4e02cdcd3d
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5cb616f61628c2af47568cf14cb569dfa53d119a5404ec6fb29d1311afe5e0cd
5f4d263e40d43895691ece191073bf7eb121d7585569271a0e17605a871d3ae0
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824
606a750e74ed4ed70f86a4c243c2fc82206788fb4ca32295f804a737c038261d
6072f68d19be69e39e79ffbe1848577c3eed08875d8fb9ba2f71ed481dab2892
60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
61c6caebd23921741fb5ffe6603f16634fca9840c2bf56ac8201e9264d6daccf
6300f448d738e70ac11f0140df0b3ce91a2de9e0da7fdf09d32d28031600ba51
63966fc6b5d82ed7b606f3251cc45047f06af17d6d1b92dcac3f8369b76a7867
6479d8bb0a527c7d020f332ddd9848c4bcf19164a119095daff361cf2110bf68
6572d79b2b894c2c7b28312350d3553a753675e78229b9142e2e1882baeb0d1b
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
66f3a07e1fa9b64a686b66381e4458dbc8abf3dbbff954720c4eec07b84411c2
6923498f78595bd12b0b85b4d8fb03395bb293984a9efb4251447a9b80f459bb
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
70023ca0a233fa93370022f69d0537f8fcbd2fa2f4ce9d7c670e779b1421d933
716a727e47216ad28191f60fb09d59015b1bcb3df8cc32b5bb94f73d534a5732
718599a25ec212265f9627cf0cfbb19a79b41d8387e9b1305c7c4ddff5dcd2be
7220842eba5770f3302f9705541e1e679bb12db1f78a561ce89fb55a095d64c1
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
73a67de7b4419ace1e43436311c1f060aa0c9dd81fdc3de349f9ae4bacc3419f
75cabc24bf21015cd44fc8329fd6070558e9503cf50eadfa65b8d20504bb803f
75cf2f501c8272994e358a8ca7b8ef8a438d14ea537eedaf1c4579e94dc40462
772d1c5b5b67693881f3be7b7964a80fd8e165a7effc84f145f66496be2bb388
773ef390c0650fce7fe2832f5427c428f943a630c21f166a316384937006720f
77540abcdb45da71190faa6dd3fba9ecdb84308769469778a805e41d18ad4d85
78ae55fc0ceb8ac07f56b87f7886371e91a57dafb6ee5154f317b7bb11da12a7
79cd291e4c409d5e73e1aabf30003d76d283da92207588ccb7d655bdcc5d8bb9
7a108193a3c54e5c07c1207c0e38b0279d9cddc0fb844fdbdcaf82629ec69eb8
7adfac299561b9d5ab03c88e9d582cf76bd31746a4c0564d7d0d428199c943df
7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762
7c7818c25a18e8a38553fcbcbc2ad0b5e964103a7d2e494f82815e3f70bf3fc5
7cd8dcb9820d7558bcb35bde35d9923a77c8eb9d2a274366261ad55948dfed31
7d5c101c45e81c6d68be1c9d549029e27a94d766871ac10520ac101f087d80ba
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
7db9f20f5fa5b2464fc28e9d4e012863d447990944899a7088c35278f803f783
7dc240f4ac44fc99f05f51d362c54fcb4073b3e5daabf68fcec12193b333f8e6
7f413a6226017b972f8f3f3c8543a25846e727ef7b06a73cd3dd730c31f8b9ac
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
821da8af52f9abd6ed4c5148caee6e2cf2188c9ca01a0008a5a1ce789ce7d99b
83493bc8b171f50d86b10cf095a4571e28230a58a8e14974f5bec58f9a67b915
834dbc209dc11e12e2b7ff341745b7fd2f9efa7f6aaddd8684402745844aa4a1
846743c227d81e77edd849d905bc8d97553265f0777fd352f4bb1ef2e2d18be5
861aed070db50ce0da9928455deff784c115b44540b09450f225ff7cff0c7429
865d0fd4e9a531eeff3238f8f7f2a4f4da2e260cb1d541c686c98798e9c1eb52
86a4259f69590a5e5331dceb9310fe5b4f6a5273caf5f43e1a597e08364035b0
8730c26defc411dd8a51f1da47e5ae3804fab6868f7914a26b09d8e0791bbe39
8955c2a881307d63cdc22494d2dd42503e99fd8788ed804b8b3750452e478578
899cd09ac71cfe4a15834dfd67351f179185db00b3d1cd44fb3e845dab083d17
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
8ef8d4cdc8b22349344815ede1e936f09207938987f6cb6ff82838948d9e06bd
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
8f9d4e1b7f538d03a4d85a2c90e9f6daa8dedd88a47e8a75bf9768d1f37ae953
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423
9513e310d8e5be6b1388347f4f48bae1490edacdbcd6bd98d6bf3bb6678d9b5a
952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8
973351a8332ef14670e481d690b0e7d242a6b3c949fdcac75cb767068ee5241c
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a204fcc6d9861548ca2cc2ea08a4db64c8f6d050b166d4e0ef87faec037b29c
9a7d924759c28a80661acf0874b60dd1a9675dcc68ef7e6b2ba52d478a227bda
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9c404da90b764cc0001704aa7a3fcd9d8406cd240b874eea16e62c44fe55e33b
9ce8d9c2b5d1d880fb10b6ce65e71c14177aaf926d38ebca842a81a0fcd48377
9da284a40812a6542ddbb236751d57abb25ec2d882754fe6a4b388c71604f4b2
9f6da0b5119f113fc4f41fa76d9b41b28ad15a572be1b06dcefe52982258e1e9
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0a0feb17348b10730a54604329a82a4e4ab1df9296da2adfe0484f5b8dd9330
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a157a21d0e2c0fbccfb8a7ba640337d06209687dffbaee39bf703d52c3342d70
a1f44218022adba9bb1f845b2034548d1199dbc92c7821498770f5e457b9aa11
a33dcdd8465dc908de3b35c37fe55ac8a5f9a4181cb709c286e59edf799bc9c7
a37c6f7d5a009da940943dc23de6ede50599df22dda28346aeebb4649bd9cb45
a39f7912f7063c137edc0be924f7f6bba59fe831b470adbcec32cbb49ed10b93
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a65b3283670eb5cdf03ddd685b0fdacb8ae103f4bc7501d65cdb64a43603004d
a68a7aaf623132b6e47f6d9753c49336cc812251cc91a1b82280aca86144b29a
a6af62ed047986e026099c3a3ba5135a44e07b3f4f5b84fc4a1ba62ee8b3daed
a6eda84e469463424ebf458949c409a82ee31d042cf3c8e84978658832f634c5
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
aa3e5fd5837ede26d4b8d44268a5bd835fbe49b6b72c5acf08be965c7ea733e5
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a
ae350a48422e36ae5444203547b8e62806b204ec555103218dedbae063f30561
ae4e0a5a5f84848d3e1ae545958c378173ee70cea4ea31a6b6c964a578f67dc9
af9dbf02c85319fda5ed6e97828a8328ce87a4a11e2a95d506654bf7dee244f4
b0cbbfe7e06fd7a9274bcdf96bde690f294cdef1ba01f2f20c9a9bd09eb1502b
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2
b342d4e2fece3c3f717417b53bb8e59f1ff4f37826535b007d7d76c51f17428c
b4b0789c9d823fd2888f4f2501afd255b449971ea288d46ab65bc2408088515a
b70f0a80bac892e1e492a9ee5cee527ea2a9a2ff162614ff7a3acc78b2e83db0
b7af825fccd2879d585f6abf113280ec6e7cef2ebd349eb532dfb11c01e34664
b9d61e1cdaa802cdc30f619c7cf16e0a8dfb2667f6009afe27b37810d9a7ed2e
ba42f683fff47a1ca1885e91ed8c83ced68f3a4f0072772118762603d977fd41
ba5558c1c192a93f9bda4e05378466d5eff871b99a81e4d9eb0dd1bf4858bf77
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bc1780362682f417ae0ee6e2d5a4f3c1b7970cd751d0ff337310f7eaabdc30e5
bd8bbfc49367fef133855aa19d589482ba9d8c8156b769bc01f2b2330207f50d
bdb99561757007471ab3a8db3515bb78cbccab04541f639ecb4a785a75ee7a88
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c27c396b7f4c1ff33d934d2c66f082c7f81193203971648a114f862c9143c234
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf
c2f351631f19a94a51c59c1d56abf5f8c29e4254bb15c2cb31d9c406cde48b11
c3246dffc779d6121b77d2a6ab17184df0a3f44d691f76d1a7ccbe73bb655fb8
c3af215d44adfde0c293d5c9b17238860ae6882d1ad9a71aaafa64653e4f69a8
c47bbdc39af7f5ac31d9f494ef999067da7cb95cf85e69a9446792ebdc67582e
c582d92fe960964510837aec55f5e72ffb20c2bac59ffb98ea0e93f2aa900682
c5f572ed80485a43331f587039ef455ab7400d278434cdee0965a0fea35befcf
c6565b2d033e2305072b2fc6c60b1ddf38937c42970add14e6a0c7425433b7d0
c83ae168153d6d218a83314b17dc5a145e5860f34f1fe9a2863a4b75d7aa5e88
c90cff659645a312a28804965f3dbc34061338f7234ff5d6ddb2c57e9eadec15
c9b58c48bf02a5f1c31b896ae343d20ed2fdd81deeff0b4a8c277f27f9d7db60
c9e3e614146c5c9e2f2e77f46ee77918f2edb0831885ec298a0efaf148f3972e
ca0b13088e4cc740b37d30f2a5dd83dba46709641f40678950fc0a8f41c9c14c
ca7752fb33cf3a98c0f29bc4eec563112025da4109a0dcc69dabf5f861751258
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
cacd900a2587c234c53e9d0108fc51ff6c61420c4f89a1731014b673a7b9a1a8
cb8cc87ec13a04c749498f59622494e7c73e16b9fe542b8ceac43a71f256e343
cc0e716595a20cd577f4cba25c11b4b54d92311f5f4bf22b992af281cabbc0c7
cc435cbd63327b4af4eb1c90b9e72cfad085505dc85ac218167de28fd8bcb527
cd3a8b850696ce72310a597cbd004321d1d395426d0ffa14298b53ea058bb521
cd6d90c437ad29bf686fa424c66b18222f9032bf06df985b9b18aa48d672d5ca
cead18a3a6354cfc90b053410447811fbcae8bf072d6171e280d28311cabf77f
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d136b57771acb729a6114335f2748d946eadf9c43e7c01062575fe807cdebb47
d2c8d7c78689480749ffe806a16a96c4cfff117983c8c71c4b3d8aa408f15642
d3b08a5673dd490e77db3177de8b8863e5d9d40fc4c99b270a20812a49042212
d752621a7b032d959c9e5d8b6906075374298c19dd2ad2173dbbb4ff04cac43f
d8811c83300c6502143e4847aa6400bd5f25785b68a6e814757061dd2b34afde
d8920c61bbe3d45583f0fae3443f5d36ee9073b27efdab8012df6b9f9a02025a
dcca616ebb0de84da0d46654d1afd94223153edf842efca0b8e7657e201c9b21
dce2c0e81a2304b2bb785f1a5cfc7b4a3da78a3fe4176c2621bb09e3b63bbcbe
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
dd468dca546b1978f0c492a6afaee28fc5e5a4223629d5fa4ef5653452330cd0
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
de8f5c3c12c0aa30a06ad419f70a23b6af2ebf72e3ffacaec37ab72258657a47
df042c68320bb3f47758d907ec6f1f4a1375b9c6c17c018d901ac5ec4fff8d4f
e00e9cdbd9366fb79b0a72bb4bd16443c88c74ef8d14a2380bb96a5be75db0d6
e159eae54b67eeb6bee46ca3acd7a62e28562998d9b12d77c193ab21698053f6
e184f406380108ed797bf9d0eebd49b314d360f89882aee36ae771924a412e7d
e23decabee8464b650d1d0241283ba0c469806e14a2199efc5bb41771cb673c1
e2b441a28838ee3c705a3097624e8f3786e428aeaacdde1b781e16a1c3cd264d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3cf368f09127db73056170842b0be790edd475263c0be69587b5dc7cd6db2cf
e4910abb67969431121b3a2338e8b033d1b998554dfa6855855b061546b219e9
e519cc4b7b8fdc64a7aaafc1b808cde266a234205aac0d6c55589c12446d565e
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e6cead609d342bd202f23b8fa86aff54f2503372d68ae63acca87e7dca2bec15
e80e1f559553e009fbc37dfe6871919bdb9d68504a1086ec1e69b32196a25a4b
e82e1b48eb2deba36d6d344a44011240896b933127b29554ebaea4ac54009c73
e83fd8df64eaed67ac9920f69019c47c5482da4a9c5b328cb5f5c565ca5d1ce3
e886727611b35745c1dfaea0a1e49ff94355cf72cb58252c5fc2be321e60f8ba
ec9fe4d0ced38987b5b20c2b8431e541cdf946f422f2130435f02487d06f8283
ed0d103dd87f6fa53bf25fdbee0f67c2ef973519e4808b553d7359cfdd5f1cf9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efca6f2197ab58a8f114182949ee142393d1b444191c9d993c0628aff7095511
efd6a2a2bbc09b56a2d53c75c35a6c0da88bd537c264b3a285b4568d17efb44c
f00407e9580b7346093a4fe47ca43f274520a729d5ca34ffa7a6e1b10a7d416d
f05698d815081e9ec8cb78b0175cd62943ef4982e9c6237a91b6c8bcf72a0ec6
f07d2ed51a0c07b8c363a4afda3298b6e24cfcad881c926ca491a992d922f124
f0c46b809d2b157b830521d9ab38cb7fb36f04094961a0bb0ff53e567a96a66a
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f5ec81b6d378f62fb1e56a4feb40f824e182753970c6d604fd14b8e107317e0d
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f7c623284d9d62c3fae552e4c6824bc2548e7e7ca693553629b4c5b6155618c8
f933061de4a138a2deb1b78375f6beacd5e911f25301a8ef27cd4a0e04fa1688
f98e1a93063f0fc244d3897371767a924114482032d5346867e83de24efd0e91
fa039a4a7b55f0396c3959e5d7a5740ba99b853c3499c141416ffd5b6da00b51
fa377f05c276fe6b8779b9dae9a33eb78070009a8df373671778439bcdd13d9e
fb0721ad92aff052c96e6a1b2cdb18c25c76041897126c03161c969ac2844804
fb9da2eee0ed7927944de42f7555abd829bf1d5cdb44516cc43131f6bf6cb0a0
fc433ae63f224fbf6d4becb40172809660fe98c6d4c8064249f45d535dedd62c
fd19ec34c5e978188c757defac1748370800c99c1fd2595a492115b709810abb
fda04c7b27b3db6bda165e1d1324e7c475edc1f3cc06e927a78f739d74992fcb
ff7f47054a4a8d99157388150e9a10b22aad97a81afb0b5e4f3b3bbbb0333399
ffa114663c8acf0573b46ef06f7b9fa19896e3186356e8522ac2ba30078a4c41