urlscan.io logo urlscan.io
SecurityTrails logo

213.238.171.129.sslip.io Open in urlscan Pro
213.238.171.129  Public Scan

Go To Rescan Add Verdict Report
URL: https://213.238.171.129.sslip.io/
Submission: On November 28 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 126 IPs in 13 countries across 126 domains to perform 555 HTTP transactions. The main IP is 213.238.171.129, located in Turkey and belongs to VERIGOM, TR. The main domain is 213.238.171.129.sslip.io.
TLS certificate: Issued by R3 on November 27th 2023. Valid for: 3 months.
This is the only time 213.238.171.129.sslip.io was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
55 213.238.171.129 200456 (VERIGOM)
38 199.232.37.188 54113 (FASTLY)
1 2600:9000:23c... 16509 (AMAZON-02)
11 2606:4700::68... 13335 (CLOUDFLAR...)
1 4 2a04:4e42:46:... 54113 (FASTLY)
18 2607:f8b0:400... 15169 (GOOGLE)
4 2607:f8b0:400... 15169 (GOOGLE)
5 2600:141b:900... 20940 (AKAMAI-ASN1)
2 2606:4700:440... 13335 (CLOUDFLAR...)
2 2600:1901:0:9... 15169 (GOOGLE)
2 2600:9000:247... 16509 (AMAZON-02)
3 2607:f8b0:400... 15169 (GOOGLE)
7 2607:f8b0:400... 15169 (GOOGLE)
5 2600:1901:0:8... 396982 (GOOGLE-CL...)
6 14 2607:f8b0:400... 15169 (GOOGLE)
8 52.2.217.2 14618 (AMAZON-AES)
2 63.140.38.165 14618 (AMAZON-AES)
1 2600:803:1504... 701 (UUNET)
3 3 35.244.154.8 396982 (GOOGLE-CL...)
11 15 142.250.64.226 15169 (GOOGLE)
1 1 34.117.77.79 396982 (GOOGLE-CL...)
3 151.101.129.188 54113 (FASTLY)
2 2 3.232.64.79 14618 (AMAZON-AES)
6 6 34.200.65.202 14618 (AMAZON-AES)
2 2606:4700:440... 13335 (CLOUDFLAR...)
1 34.202.199.100 14618 (AMAZON-AES)
6 7 35.71.131.137 16509 (AMAZON-02)
1 3.229.24.114 14618 (AMAZON-AES)
1 34.120.155.137 396982 (GOOGLE-CL...)
2 4 54.88.134.208 14618 (AMAZON-AES)
5 2607:f8b0:400... 15169 (GOOGLE)
8 63.140.38.128 14618 (AMAZON-AES)
2 54.196.227.84 14618 (AMAZON-AES)
1 2600:1f16:e61... 16509 (AMAZON-02)
32 3.92.156.8 14618 (AMAZON-AES)
1 18.164.124.99 16509 (AMAZON-02)
10 23.51.54.26 16625 (AKAMAI-AS)
3 18.238.40.125 16509 (AMAZON-02)
12 146.75.29.188 54113 (FASTLY)
5 9 68.67.160.114 29990 (ASN-APPNEX)
1 104.36.115.111 62713 (AS-PUBMATIC)
1 23.195.93.95 16625 (AKAMAI-AS)
1 35.211.178.18 19527 (GOOGLE-2)
1 69.166.1.64 27630 (AS-XFERNET)
12 52.45.224.4 14618 (AMAZON-AES)
2 54.243.45.130 14618 (AMAZON-AES)
2 172.64.151.101 13335 (CLOUDFLAR...)
1 35.186.253.211 15169 (GOOGLE)
11 2602:803:c002... 26667 (RUBICONPR...)
5 35.169.174.253 14618 (AMAZON-AES)
4 11 52.223.22.214 16509 (AMAZON-02)
1 18.173.132.10 16509 (AMAZON-02)
2 18.164.107.227 16509 (AMAZON-02)
4 129.80.46.219 31898 (ORACLE-BM...)
1 2607:f8b0:400... 15169 (GOOGLE)
6 6 199.127.204.171 26120 (RHYTHMONE)
1 63.251.28.134 26558 (FREEWHEEL)
3 2620:1ec:21::14 8068 (MICROSOFT...)
2 4 2600:1f18:4e9... 14618 (AMAZON-AES)
7 8 35.211.178.172 15169 (GOOGLE)
2 74.119.119.150 19750 (AS-CRITEO)
7 34.98.72.95 396982 (GOOGLE-CL...)
17 2607:f8b0:400... 15169 (GOOGLE)
1 1 54.237.38.140 14618 (AMAZON-AES)
5 172.66.42.247 13335 (CLOUDFLAR...)
3 2607:f8b0:400... 15169 (GOOGLE)
1 34.120.253.250 396982 (GOOGLE-CL...)
10 2607:f8b0:400... 15169 (GOOGLE)
3 184.73.244.76 14618 (AMAZON-AES)
1 5 2607:f8b0:400... 15169 (GOOGLE)
1 54.85.148.229 14618 (AMAZON-AES)
1 2607:f8b0:400... 15169 (GOOGLE)
1 1 2.22.36.24 1299 (TWELVE99 ...)
16 184.72.178.21 14618 (AMAZON-AES)
2 2607:f8b0:400... 15169 (GOOGLE)
14 2.18.109.123 16625 (AKAMAI-AS)
1 2607:f8b0:400... 15169 (GOOGLE)
3 3 198.148.27.131 19189 (PULSEPOINT)
3 13.35.93.31 16509 (AMAZON-02)
5 23.51.53.13 16625 (AKAMAI-AS)
4 34.111.8.32 396982 (GOOGLE-CL...)
5 8.28.7.81 62713 (AS-PUBMATIC)
1 7 34.98.64.218 396982 (GOOGLE-CL...)
1 1 184.24.207.174 16625 (AKAMAI-AS)
2 104.110.250.70 16625 (AKAMAI-AS)
1 1 35.211.118.13 15169 (GOOGLE)
4 7 34.111.113.62 396982 (GOOGLE-CL...)
2 2 35.207.24.140 15169 (GOOGLE)
3 3 64.74.236.63 19024 (INTERNAP-...)
2 7 18.161.34.34 16509 (AMAZON-02)
2 6 52.46.143.56 16509 (AMAZON-02)
3 36 8.28.7.83 62713 (AS-PUBMATIC)
1 40.76.134.238 8075 (MICROSOFT...)
2 2 35.236.220.17 396982 (GOOGLE-CL...)
5 162.248.18.34 62713 (AS-PUBMATIC)
2 2 2606:ae80:147... 25751 (VALUECLICK)
1 1 54.165.74.222 14618 (AMAZON-AES)
2 4 151.101.66.49 54113 (FASTLY)
1 13.225.63.110 16509 (AMAZON-02)
1 108.138.85.112 16509 (AMAZON-02)
15 20 69.173.151.100 26667 (RUBICONPR...)
1 2607:f8b0:402... 15169 (GOOGLE)
1 2 2600:1f18:66e... 14618 (AMAZON-AES)
1 18.233.185.233 14618 (AMAZON-AES)
1 108.139.47.20 16509 (AMAZON-02)
1 2600:9000:21d... 16509 (AMAZON-02)
2 3.137.65.67 16509 (AMAZON-02)
2 2600:1f16:e61... 16509 (AMAZON-02)
1 2 2620:100:a001::c 19750 (AS-CRITEO)
2 74.119.119.139 19750 (AS-CRITEO)
1 34.117.4.53 396982 (GOOGLE-CL...)
1 52.95.115.255 16509 (AMAZON-02)
11 11 54.146.202.96 14618 (AMAZON-AES)
1 147.28.129.37 54825 (PACKET)
1 1 2600:9000:266... 16509 (AMAZON-02)
1 1 2600:9000:20e... 16509 (AMAZON-02)
1 18.173.219.51 16509 (AMAZON-02)
1 2 104.18.41.104 13335 (CLOUDFLAR...)
1 104.77.153.27 20940 (AKAMAI-ASN1)
1 2600:141b:1c0... 20940 (AKAMAI-ASN1)
2 2600:9000:24f... 16509 (AMAZON-02)
1 184.87.37.119 16625 (AKAMAI-AS)
1 2a04:4e42::714 54113 (FASTLY)
1 3.234.94.35 14618 (AMAZON-AES)
1 2600:9000:21e... 16509 (AMAZON-02)
1 3.94.12.39 14618 (AMAZON-AES)
2 2 23.83.76.89 395954 (LEASEWEB-...)
2 2 2603:c020:400... 31898 (ORACLE-BM...)
2 8.18.47.7 398989 (DEEPINTENT)
2 2 2620:116:800b... 14618 (AMAZON-AES)
1 1 51.255.68.171 16276 (OVH)
4 4 173.231.178.81 32475 (SINGLEHOP...)
2 4 52.70.29.196 14618 (AMAZON-AES)
2 35.169.162.91 14618 (AMAZON-AES)
2 52.3.119.146 14618 (AMAZON-AES)
2 52.54.71.185 14618 (AMAZON-AES)
2 4 38.98.69.175 174 (COGENT-174)
4 4 207.198.113.88 13768 (COGECO-PEER1)
3 3 2620:112:f002... 6336 (TURN-US-ASN)
1 1 34.226.253.81 14618 (AMAZON-AES)
2 2 52.71.244.43 14618 (AMAZON-AES)
1 1 199.38.167.130 54312 (ROCKETFUEL)
1 2 2606:4700::68... 13335 (CLOUDFLAR...)
1 1 54.159.136.91 14618 (AMAZON-AES)
1 2 52.206.205.175 14618 (AMAZON-AES)
1 1 82.145.213.8 39832 (NO-OPERA)
1 1 35.214.235.117 15169 (GOOGLE)
1 1 69.90.254.78 13768 (COGECO-PEER1)
1 35.186.193.173 15169 (GOOGLE)
1 1 172.104.121.22 63949 (AKAMAI-LI...)
1 1 74.121.140.211 30419 (MEDIAMATH...)
1 195.5.165.20 44968 (IPROM-AS)
1 162.55.120.196 24940 (HETZNER-AS)
2 2 23.48.190.245 16625 (AKAMAI-AS)
1 3.248.28.79 16509 (AMAZON-02)
1 1 107.178.254.65 396982 (GOOGLE-CL...)
2 2 185.167.164.43 198622 (ADFORM)
1 1 188.166.17.21 14061 (DIGITALOC...)
1 13.225.214.129 16509 (AMAZON-02)
1 107.23.110.3 ()
1 1 52.22.32.84 ()
2 2 3.19.248.185 ()
1 35.226.42.89 ()
1 2 54.152.66.88 ()
2 151.101.129.208 ()
555 126
55    213.238.171.129 (Turkey)

ASN200456 (VERIGOM, TR)
213.238.171.129.sslip.io
38    199.232.37.188 (New York, United States)

ASN54113 (FASTLY, US)
www.cbsnews.com
assets1.cbsnewsstatic.com
assets3.cbsnewsstatic.com
assets2.cbsnewsstatic.com
tealium.cbsnews.com
feeds-cbsn.cbsnews.com
1    2600:9000:23cb:2600:4:daa7:500:93a1 (United States)

ASN16509 (AMAZON-02, US)
disco.headliner.link
11    2606:4700::6812:83ec (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.cookielaw.org
4    2a04:4e42:46::444 (United States)

ASN54113 (FASTLY, US)
cdn.privacy.paramount.com
production-cmp.isgprivacy.cbsi.com
doppler-config.cbsivideo.com
18    2607:f8b0:4006:809::2002 (United States)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
4    2607:f8b0:4006:81c::200a (United States)

ASN15169 (GOOGLE, US)
imasdk.googleapis.com
5    2600:141b:9000::b857:ad50 (Secaucus, United States)

ASN20940 (AKAMAI-ASN1, NL)
fms.viacomcbs.digital
2    2606:4700:4400::ac40:9b77 (United States)

ASN13335 (CLOUDFLARENET, US)
geolocation.onetrust.com
2    2600:1901:0:9ed6::1 (Kansas City, United States)

ASN15169 (GOOGLE, US)
uninterestedquarter.com
2    2600:9000:247b:6c00:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
static.adsafeprotected.com
3    2607:f8b0:4006:81e::2002 (United States)

ASN15169 (GOOGLE, US)
pubads.g.doubleclick.net
7    2607:f8b0:4008:80b::2002 (Bradenton, United States)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
5    2600:1901:0:809c::1 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
wellgroomedhydrant.com
14    2607:f8b0:4008:805::200e (Bradenton, United States)

ASN15169 (GOOGLE, US)
dai.google.com
8    52.2.217.2 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-2-217-2.compute-1.amazonaws.com
dpm.demdex.net
cbsi.demdex.net
2    63.140.38.165 (United States)

ASN14618 (AMAZON-AES, US)
PTR: ip-63-140-38-165.data.adobedc.net
saa.cbsnews.com
1    2600:803:1504:1::c (United States)

ASN701 (UUNET, US)
r1---sn-8xgp1vo-2pul.googlevideo.com
3    35.244.154.8 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.154.244.35.bc.googleusercontent.com
idsync.rlcdn.com
15    142.250.64.226 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: mia07s57-in-f2.1e100.net
cm.g.doubleclick.net
1    34.117.77.79 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 79.77.117.34.bc.googleusercontent.com
ml314.com
3    151.101.129.188 (United States)

ASN54113 (FASTLY, US)
at.cbsi.com
2    3.232.64.79 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-232-64-79.compute-1.amazonaws.com
ps.eyeota.net
6    34.200.65.202 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-200-65-202.compute-1.amazonaws.com
cms.analytics.yahoo.com
ups.analytics.yahoo.com
2    2606:4700:4400::ac40:90a6 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.confiant-integrations.net
1    34.202.199.100 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-202-199-100.compute-1.amazonaws.com
id.sv.rkdms.com
7    35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
match.adsrvr.org
1    3.229.24.114 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-229-24-114.compute-1.amazonaws.com
idx.liadm.com
1    34.120.155.137 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 137.155.120.34.bc.googleusercontent.com
api.rlcdn.com
4    54.88.134.208 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-88-134-208.compute-1.amazonaws.com
sync.crwdcntrl.net
bcp.crwdcntrl.net
5    2607:f8b0:4009:2e::8 (Bolingbrook, United States)

ASN15169 (GOOGLE, US)
r3---sn-vgqsrn66.googlevideo.com
8    63.140.38.128 (United States)

ASN14618 (AMAZON-AES, US)
PTR: ip-63-140-38-128.data.adobedc.net
cbsnews.hb-api.omtrdc.net
2    54.196.227.84 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-196-227-84.compute-1.amazonaws.com
247eda56317d1549491233a36.litix.io
1    2600:1f16:e61:3f01:a4e3:c039:b71b:e458 (Columbus, United States)

ASN16509 (AMAZON-02, US)
dmp.v.fwmrm.net
32    3.92.156.8 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-92-156-8.compute-1.amazonaws.com
c2shb.pubgw.yahoo.com
1    18.164.124.99 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-164-124-99.jfk50.r.cloudfront.net
sync.getpublica.com
10    23.51.54.26 (Secaucus, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-51-54-26.deploy.static.akamaitechnologies.com
z.moatads.com
px.moatads.com
3    18.238.40.125 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-238-40-125.jfk52.r.cloudfront.net
c.amazon-adsystem.com
12    146.75.29.188 (Ashburn, United States)

ASN54113 (FASTLY, US)
pbs.at.cbsi.com
9    68.67.160.114 (Brooklyn, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 672.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
ib.adnxs.com
1    104.36.115.111 (United States)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
1    23.195.93.95 (Secaucus, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-195-93-95.deploy.static.akamaitechnologies.com
a.teads.tv
1    35.211.178.18 (North Charleston, United States)

ASN19527 (GOOGLE-2, US)
PTR: 18.178.211.35.bc.googleusercontent.com
grid.bidswitch.net
1    69.166.1.64 (United States)

ASN27630 (AS-XFERNET, US)
apex.go.sonobi.com
12    52.45.224.4 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-45-224-4.compute-1.amazonaws.com
g2.gumgum.com
2    54.243.45.130 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-243-45-130.compute-1.amazonaws.com
krk2.kargo.com
2    172.64.151.101 (United States)

ASN13335 (CLOUDFLARENET, US)
htlb.casalemedia.com
1    35.186.253.211 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com
rtb.openx.net
11    2602:803:c002:200::52 (United States)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
5    35.169.174.253 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-169-174-253.compute-1.amazonaws.com
usersync.getpublica.com
11    52.223.22.214 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: afb83dd09526a6517.awsglobalaccelerator.com
eb2.3lift.com
1    18.173.132.10 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-173-132-10.jfk52.r.cloudfront.net
config.aps.amazon-adsystem.com
2    18.164.107.227 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-164-107-227.jfk50.r.cloudfront.net
aax.amazon-adsystem.com
4    129.80.46.219 (Ashburn, United States)

ASN31898 (ORACLE-BMC-31898, US)
mb.moatads.com
1    2607:f8b0:4008:805::2001 (Bradenton, United States)

ASN15169 (GOOGLE, US)
194b924f7110d37d1d41f6d5fbfd923d.safeframe.googlesyndication.com
6    199.127.204.171 (United States)

ASN26120 (RHYTHMONE, US)
sync.1rx.io
sync.targeting.unrulymedia.com
1    63.251.28.134 (Secaucus, United States)

ASN26558 (FREEWHEEL, US)
ads.stickyadstv.com
3    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
4    2600:1f18:4e9:5a07:afa7:1461:468e:7e6f (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
pr-bh.ybp.yahoo.com
8    35.211.178.172 (North Charleston, United States)

ASN15169 (GOOGLE, US)
PTR: 172.178.211.35.bc.googleusercontent.com
x.bidswitch.net
2    74.119.119.150 (United States)

ASN19750 (AS-CRITEO, US)
dis.criteo.com
7    34.98.72.95 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 95.72.98.34.bc.googleusercontent.com
assets.bounceexchange.com
17    2607:f8b0:4008:800::2001 (Bradenton, United States)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
1    54.237.38.140 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-237-38-140.compute-1.amazonaws.com
ads.yieldmo.com
5    172.66.42.247 (United States)

ASN13335 (CLOUDFLARENET, US)
resources.infolinks.com
router.infolinks.com
3    2607:f8b0:4006:821::2002 (United States)

ASN15169 (GOOGLE, US)
www.googletagservices.com
1    34.120.253.250 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 250.253.120.34.bc.googleusercontent.com
tag.bounceexchange.com
10    2607:f8b0:4006:809::2001 (United States)

ASN15169 (GOOGLE, US)
cdn.ampproject.org
3    184.73.244.76 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-184-73-244-76.compute-1.amazonaws.com
protected-by.clarium.io
5    2607:f8b0:4008:805::2004 (Bradenton, United States)

ASN15169 (GOOGLE, US)
www.google.com
1    54.85.148.229 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-85-148-229.compute-1.amazonaws.com
track2.adpredictive.com
1    2607:f8b0:4008:809::200a (Bradenton, United States)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2.22.36.24 (Liljeholmen, Sweden)

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)
PTR: a2-22-36-24.deploy.static.akamaitechnologies.com
hbx.media.net
16    184.72.178.21 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-184-72-178-21.compute-1.amazonaws.com
trends.revcontent.com
yeet.revcontent.com
2    2607:f8b0:4008:806::2003 (Bradenton, United States)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
14    2.18.109.123 (London, United Kingdom)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-109-123.deploy.static.akamaitechnologies.com
cbsdfp5832910442.s.moatpixel.com
1    2607:f8b0:4008:80a::2002 (Bradenton, United States)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
3    198.148.27.131 (New York, United States)

ASN19189 (PULSEPOINT, US)
bh.contextweb.com
3    13.35.93.31 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-93-31.jfk50.r.cloudfront.net
assets.revcontent.com
5    23.51.53.13 (Secaucus, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-51-53-13.deploy.static.akamaitechnologies.com
ads.pubmatic.com
4    34.111.8.32 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 32.8.111.34.bc.googleusercontent.com
api.bounceexchange.com
contextual-analytics.wunderkind.co
events.bouncex.net
5    8.28.7.81 (United States)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
7    34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com
u.openx.net
us-u.openx.net
1    184.24.207.174 (Seattle, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a184-24-207-174.deploy.static.akamaitechnologies.com
secure-assets.rubiconproject.com
2    104.110.250.70 (New York, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a104-110-250-70.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
1    35.211.118.13 (North Charleston, United States)

ASN15169 (GOOGLE, US)
PTR: 13.118.211.35.bc.googleusercontent.com
r.bidswitch.net
7    34.111.113.62 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 62.113.111.34.bc.googleusercontent.com
pixel.tapad.com
2    35.207.24.140 (North Charleston, United States)

ASN15169 (GOOGLE, US)
PTR: 140.24.207.35.bc.googleusercontent.com
rtb.mfadsrvr.com
3    64.74.236.63 (United States)

ASN19024 (INTERNAP-BLK5, US)
PTR: chi.outbrain.com
b1sync.zemanta.com
7    18.161.34.34 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-161-34-34.bos50.r.cloudfront.net
sb.scorecardresearch.com
6    52.46.143.56 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
36    8.28.7.83 (United States)

ASN62713 (AS-PUBMATIC, US)
simage2.pubmatic.com
image2.pubmatic.com
1    40.76.134.238 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
us01.z.antigena.com
2    35.236.220.17 (Washington, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 17.220.236.35.bc.googleusercontent.com
um.simpli.fi
5    162.248.18.34 (United States)

ASN62713 (AS-PUBMATIC, US)
image4.pubmatic.com
simage4.pubmatic.com
2    2606:ae80:1471:11::410 (United States)

ASN25751 (VALUECLICK, US)
pubmatic-match.dotomi.com
1    54.165.74.222 (United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-165-74-222.compute-1.amazonaws.com
sync.ipredictive.com
4    151.101.66.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
1    13.225.63.110 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-63-110.ewr53.r.cloudfront.net
img.revcontent.com
1    108.138.85.112 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-85-112.iad12.r.cloudfront.net
images.revcontent.com
20    69.173.151.100 (United States)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
token.rubiconproject.com
pixel-us-east.rubiconproject.com
1    2607:f8b0:402a:80b::2003 (United States)

ASN15169 (GOOGLE, US)
csi.gstatic.com
2    2600:1f18:66e7:fb11:7ec0:2f52:a755:95b0 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
beacons.extremereach.io
1    18.233.185.233 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-233-185-233.compute-1.amazonaws.com
beacons-ipv4.extremereach.io
1    108.139.47.20 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-139-47-20.jfk50.r.cloudfront.net
general-ipv4.telemetry.tataritv.com
1    2600:9000:21da:ea00:1f:439:80c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
general-ipv6.telemetry.tataritv.com
2    3.137.65.67 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-137-65-67.us-east-2.compute.amazonaws.com
tvp.tv
2    2600:1f16:e61:3f00:93d2:52b:cea6:7db8 (Columbus, United States)

ASN16509 (AMAZON-02, US)
7f077.v.fwmrm.net
2    2620:100:a001::c (United States)

ASN19750 (AS-CRITEO, US)
gum.criteo.com
2    74.119.119.139 (United States)

ASN19750 (AS-CRITEO, US)
mug.criteo.com
1    34.117.4.53 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 53.4.117.34.bc.googleusercontent.com
ssp.wknd.ai
1    52.95.115.255 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
11    54.146.202.96 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-146-202-96.compute-1.amazonaws.com
match.prod.bidr.io
1    147.28.129.37 (Ashburn, United States)

ASN54825 (PACKET, US)
prebid.a-mo.net
1    2600:9000:266a:8000:1a:5235:f980:93a1 (United States)

ASN16509 (AMAZON-02, US)
live.primis.tech
1    2600:9000:20ee:4000:1b:6b7d:2300:93a1 (United States)

ASN16509 (AMAZON-02, US)
sync.intentiq.com
1    18.173.219.51 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-173-219-51.jfk52.r.cloudfront.net
sync1.intentiq.com
2    104.18.41.104 (None, )

ASN13335 (CLOUDFLARENET, US)
capi.connatix.com
1    104.77.153.27 (New York, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a104-77-153-27.deploy.static.akamaitechnologies.com
hb.yahoo.net
1    2600:141b:1c00:49e::13b8 (Secaucus, United States)

ASN20940 (AKAMAI-ASN1, NL)
cdn.optimizely.com
2    2600:9000:24f1:d600:18:1fcd:353:c61 (United States)

ASN16509 (AMAZON-02, US)
static.chartbeat.com
1    184.87.37.119 (Lithia Springs, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a184-87-37-119.deploy.static.akamaitechnologies.com
a2628570003.cdn.optimizely.com
1    2a04:4e42::714 (United States)

ASN54113 (FASTLY, US)
mab.chartbeat.com
1    3.234.94.35 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-234-94-35.compute-1.amazonaws.com
ping.chartbeat.net
1    2600:9000:21ea:1200:1d:8c8c:47c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn-magiclinks.trackonomics.net
1    3.94.12.39 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-94-12-39.compute-1.amazonaws.com
logx.optimizely.com
2    23.83.76.89 (Los Angeles, United States)

ASN395954 (LEASEWEB-USA-LAX, US)
rtb-csync.smartadserver.com
2    2603:c020:400d:3000:f50:982a:7877:65bd (Ashburn, United States)

ASN31898 (ORACLE-BMC-31898, US)
sync.technoratimedia.com
2    8.18.47.7 (Miami, United States)

ASN398989 (DEEPINTENT, US)
match.deepintent.com
2    2620:116:800b:21:1456:d0e1:7db4:a56b (United States)

ASN14618 (AMAZON-AES, US)
cms.quantserve.com
1    51.255.68.171 (France)

ASN16276 (OVH, FR)
PTR: ns3028611.ip-51-255-68.eu
dsp.nrich.ai
4    173.231.178.81 (United States)

ASN32475 (SINGLEHOP-LLC, US)
cm.adgrx.com
4    52.70.29.196 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-70-29-196.compute-1.amazonaws.com
thrtle.com
2    35.169.162.91 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-169-162-91.compute-1.amazonaws.com
crb.kargo.com
2    52.3.119.146 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-3-119-146.compute-1.amazonaws.com
sync.bfmio.com
2    52.54.71.185 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-54-71-185.compute-1.amazonaws.com
rtb.adentifi.com
4    38.98.69.175 (North Bergen, United States)

ASN174 (COGENT-174, US)
pmp.mxptint.net
4    207.198.113.88 (Herndon, United States)

ASN13768 (COGECO-PEER1, CA)
pixel-sync.sitescout.com
3    2620:112:f002:bbbb::21 (United States)

ASN6336 (TURN-US-ASN, US)
ad.turn.com
1    34.226.253.81 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-226-253-81.compute-1.amazonaws.com
rtb.adstanding.com
2    52.71.244.43 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-71-244-43.compute-1.amazonaws.com
pm.w55c.net
1    199.38.167.130 (United States)

ASN54312 (ROCKETFUEL, US)
p.rfihub.com
2    2606:4700::6812:18ad (United States)

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
1    54.159.136.91 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-159-136-91.compute-1.amazonaws.com
sync.srv.stackadapt.com
2    52.206.205.175 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-206-205-175.compute-1.amazonaws.com
beacon.lynx.cognitivlabs.com
1    82.145.213.8 (Norway)

ASN39832 (NO-OPERA, NO)
PTR: n-sysadmin-jumpbox-03.feednews.opera.technology
t.adx.opera.com
1    35.214.235.117 (Groningen, Netherlands)

ASN15169 (GOOGLE, US)
PTR: 117.235.214.35.bc.googleusercontent.com
csync.loopme.me
1    69.90.254.78 (Herndon, United States)

ASN13768 (COGECO-PEER1, CA)
ums.acuityplatform.com
1    35.186.193.173 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com
ipac.ctnsnet.com
1    172.104.121.22 (Tokyo, Japan)

ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG)
PTR: li1731-22.members.linode.com
gocm.c.appier.net
1    74.121.140.211 (Reston, United States)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
1    195.5.165.20 (Slovenia)

ASN44968 (IPROM-AS, SI)
core.iprom.net
1    162.55.120.196 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.196.120.55.162.clients.your-server.de
matching.truffle.bid
2    23.48.190.245 (El Segundo, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-48-190-245.deploy.static.akamaitechnologies.com
px.owneriq.net
1    3.248.28.79 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-248-28-79.eu-west-1.compute.amazonaws.com
synchroscript.deliveryengine.adswizz.com
1    107.178.254.65 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 65.254.178.107.bc.googleusercontent.com
pippio.com
2    185.167.164.43 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
1    188.166.17.21 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)
match.adsby.bidtheatre.com
1    13.225.214.129 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-214-129.ewr50.r.cloudfront.net
trx-hub.com
1    107.23.110.3 (None, )

ASN- ()
bpi.rtactivate.com
1    52.22.32.84 (None, )

ASN- ()
i.liadm.com
2    3.19.248.185 (None, )

ASN- ()
he.lijit.com
1    35.226.42.89 (None, )

ASN- ()
p.alcmpn.com
2    54.152.66.88 (None, )

ASN- ()
io.narrative.io
2    151.101.129.208 (None, )

ASN- ()
sdk.iad-03.braze.com
Apex Domain
Subdomains		 Transfer
55 sslip.io
213.238.171.129.sslip.io
635 KB
52 pubmatic.com
hbopenbid.pubmatic.com — Cisco Umbrella Rank: 502
ads.pubmatic.com — Cisco Umbrella Rank: 534
image6.pubmatic.com — Cisco Umbrella Rank: 823
simage2.pubmatic.com — Cisco Umbrella Rank: 843
image2.pubmatic.com — Cisco Umbrella Rank: 924
image4.pubmatic.com — Cisco Umbrella Rank: 1184
simage4.pubmatic.com — Cisco Umbrella Rank: 1289
124 KB
42 yahoo.com
cms.analytics.yahoo.com — Cisco Umbrella Rank: 1460
ups.analytics.yahoo.com — Cisco Umbrella Rank: 327
c2shb.pubgw.yahoo.com — Cisco Umbrella Rank: 1906
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 492
7 KB
37 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 196
pubads.g.doubleclick.net — Cisco Umbrella Rank: 401
cm.g.doubleclick.net — Cisco Umbrella Rank: 245
googleads.g.doubleclick.net — Cisco Umbrella Rank: 33
246 KB
34 rubiconproject.com
fastlane.rubiconproject.com — Cisco Umbrella Rank: 513
secure-assets.rubiconproject.com — Cisco Umbrella Rank: 969
eus.rubiconproject.com — Cisco Umbrella Rank: 602
pixel.rubiconproject.com — Cisco Umbrella Rank: 376
token.rubiconproject.com — Cisco Umbrella Rank: 458
pixel-us-east.rubiconproject.com — Cisco Umbrella Rank: 1156
36 KB
25 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 97
194b924f7110d37d1d41f6d5fbfd923d.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 149
253 KB
23 cbsnewsstatic.com
assets1.cbsnewsstatic.com — Cisco Umbrella Rank: 21621
assets3.cbsnewsstatic.com — Cisco Umbrella Rank: 22469
assets2.cbsnewsstatic.com — Cisco Umbrella Rank: 22059
1 MB
21 revcontent.com
trends.revcontent.com — Cisco Umbrella Rank: 2528
assets.revcontent.com — Cisco Umbrella Rank: 7382
img.revcontent.com — Cisco Umbrella Rank: 10265
images.revcontent.com — Cisco Umbrella Rank: 8685
yeet.revcontent.com — Cisco Umbrella Rank: 8368
87 KB
19 google.com
dai.google.com — Cisco Umbrella Rank: 12402
www.google.com — Cisco Umbrella Rank: 2
28 KB
17 cbsnews.com
www.cbsnews.com — Cisco Umbrella Rank: 17420
tealium.cbsnews.com — Cisco Umbrella Rank: 28220
feeds-cbsn.cbsnews.com — Cisco Umbrella Rank: 23732
saa.cbsnews.com — Cisco Umbrella Rank: 26881
798 KB
16 cbsi.com
production-cmp.isgprivacy.cbsi.com — Cisco Umbrella Rank: 11019
at.cbsi.com — Cisco Umbrella Rank: 11309
pbs.at.cbsi.com — Cisco Umbrella Rank: 14032
215 KB
14 moatpixel.com
cbsdfp5832910442.s.moatpixel.com — Cisco Umbrella Rank: 15233
3 KB
14 moatads.com
z.moatads.com — Cisco Umbrella Rank: 647
mb.moatads.com — Cisco Umbrella Rank: 744
px.moatads.com — Cisco Umbrella Rank: 593
115 KB
13 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 306
config.aps.amazon-adsystem.com — Cisco Umbrella Rank: 598
aax.amazon-adsystem.com — Cisco Umbrella Rank: 394
s.amazon-adsystem.com — Cisco Umbrella Rank: 310
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 890
76 KB
12 gumgum.com
g2.gumgum.com — Cisco Umbrella Rank: 1591
15 KB
11 bidr.io
match.prod.bidr.io — Cisco Umbrella Rank: 573
6 KB
11 3lift.com
eb2.3lift.com — Cisco Umbrella Rank: 417
5 KB
11 cookielaw.org
cdn.cookielaw.org — Cisco Umbrella Rank: 342
203 KB
10 ampproject.org
cdn.ampproject.org — Cisco Umbrella Rank: 406
207 KB
10 bidswitch.net
grid.bidswitch.net — Cisco Umbrella Rank: 1165
x.bidswitch.net — Cisco Umbrella Rank: 351
r.bidswitch.net — Cisco Umbrella Rank: 7109
5 KB
9 bounceexchange.com
assets.bounceexchange.com — Cisco Umbrella Rank: 2091
tag.bounceexchange.com — Cisco Umbrella Rank: 2927
api.bounceexchange.com — Cisco Umbrella Rank: 2503
181 KB
9 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 246
7 KB
8 openx.net
rtb.openx.net — Cisco Umbrella Rank: 695
u.openx.net — Cisco Umbrella Rank: 659
us-u.openx.net — Cisco Umbrella Rank: 522
2 KB
8 omtrdc.net
cbsnews.hb-api.omtrdc.net — Cisco Umbrella Rank: 28568
8 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 228
cbsi.demdex.net — Cisco Umbrella Rank: 9213
9 KB
7 scorecardresearch.com
sb.scorecardresearch.com — Cisco Umbrella Rank: 172
8 KB
7 tapad.com
pixel.tapad.com — Cisco Umbrella Rank: 487
1 KB
7 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 353
3 KB
6 criteo.com
dis.criteo.com — Cisco Umbrella Rank: 597
gum.criteo.com — Cisco Umbrella Rank: 454
mug.criteo.com — Cisco Umbrella Rank: 2926
2 KB
6 getpublica.com
sync.getpublica.com — Cisco Umbrella Rank: 16446
usersync.getpublica.com — Cisco Umbrella Rank: 4170
7 KB
6 googlevideo.com
r1---sn-8xgp1vo-2pul.googlevideo.com — Cisco Umbrella Rank: 134875
r3---sn-vgqsrn66.googlevideo.com — Cisco Umbrella Rank: 241977
1 MB
5 infolinks.com
resources.infolinks.com — Cisco Umbrella Rank: 6655
router.infolinks.com — Cisco Umbrella Rank: 2919
62 KB
5 wellgroomedhydrant.com
wellgroomedhydrant.com — Cisco Umbrella Rank: 26871
1 KB
5 viacomcbs.digital
fms.viacomcbs.digital — Cisco Umbrella Rank: 14621
1 KB
5 googleapis.com
imasdk.googleapis.com — Cisco Umbrella Rank: 447
fonts.googleapis.com — Cisco Umbrella Rank: 31
1 MB
4 sitescout.com
pixel-sync.sitescout.com — Cisco Umbrella Rank: 726
2 KB
4 mxptint.net
pmp.mxptint.net — Cisco Umbrella Rank: 4887
2 KB
4 thrtle.com
thrtle.com — Cisco Umbrella Rank: 1352
1 KB
4 adgrx.com
cm.adgrx.com — Cisco Umbrella Rank: 1392
2 KB
4 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 709
1020 B
4 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 567
3 KB
4 kargo.com
krk2.kargo.com — Cisco Umbrella Rank: 2762
crb.kargo.com — Cisco Umbrella Rank: 1180
2 KB
4 crwdcntrl.net
sync.crwdcntrl.net — Cisco Umbrella Rank: 865
bcp.crwdcntrl.net — Cisco Umbrella Rank: 887
1 KB
4 rlcdn.com
idsync.rlcdn.com — Cisco Umbrella Rank: 415
api.rlcdn.com — Cisco Umbrella Rank: 957
1 KB
3 turn.com
ad.turn.com — Cisco Umbrella Rank: 851
1 KB
3 chartbeat.com
static.chartbeat.com — Cisco Umbrella Rank: 1585
mab.chartbeat.com — Cisco Umbrella Rank: 2550
34 KB
3 optimizely.com
cdn.optimizely.com — Cisco Umbrella Rank: 834
a2628570003.cdn.optimizely.com — Cisco Umbrella Rank: 22738
logx.optimizely.com — Cisco Umbrella Rank: 1496
88 KB
3 extremereach.io
beacons.extremereach.io — Cisco Umbrella Rank: 3893
beacons-ipv4.extremereach.io — Cisco Umbrella Rank: 45189
1 KB
3 zemanta.com
b1sync.zemanta.com — Cisco Umbrella Rank: 580
2 KB
3 contextweb.com
bh.contextweb.com — Cisco Umbrella Rank: 547
2 KB
3 gstatic.com
fonts.gstatic.com
csi.gstatic.com
32 KB
3 clarium.io
protected-by.clarium.io — Cisco Umbrella Rank: 1459
730 B
3 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 212
192 KB
3 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 377
916 B
3 fwmrm.net
dmp.v.fwmrm.net — Cisco Umbrella Rank: 13579
7f077.v.fwmrm.net — Cisco Umbrella Rank: 9971
1 KB
2 braze.com
sdk.iad-03.braze.com
556 B
2 narrative.io
io.narrative.io
643 B
2 lijit.com
he.lijit.com
1 KB
2 cbsivideo.com
doppler-config.cbsivideo.com
21 KB
2 adform.net
c1.adform.net — Cisco Umbrella Rank: 599
1 KB
2 owneriq.net
px.owneriq.net — Cisco Umbrella Rank: 1767
1 KB
2 cognitivlabs.com
beacon.lynx.cognitivlabs.com — Cisco Umbrella Rank: 1484
831 B
2 tribalfusion.com
a.tribalfusion.com — Cisco Umbrella Rank: 860
s.tribalfusion.com — Cisco Umbrella Rank: 2311
1021 B
2 w55c.net
pm.w55c.net — Cisco Umbrella Rank: 912
1 KB
2 adentifi.com
rtb.adentifi.com — Cisco Umbrella Rank: 1218
573 B
2 bfmio.com
sync.bfmio.com — Cisco Umbrella Rank: 1749
850 B
2 quantserve.com
cms.quantserve.com — Cisco Umbrella Rank: 764
1 KB
2 deepintent.com
match.deepintent.com — Cisco Umbrella Rank: 1055
584 B
2 technoratimedia.com
sync.technoratimedia.com — Cisco Umbrella Rank: 1617
5 KB
2 smartadserver.com
rtb-csync.smartadserver.com — Cisco Umbrella Rank: 733
2 KB
2 connatix.com
capi.connatix.com — Cisco Umbrella Rank: 1113
535 B
2 intentiq.com
sync.intentiq.com — Cisco Umbrella Rank: 886
sync1.intentiq.com — Cisco Umbrella Rank: 2801
2 KB
2 tvp.tv
tvp.tv — Cisco Umbrella Rank: 26299
211 B
2 tataritv.com
general-ipv4.telemetry.tataritv.com — Cisco Umbrella Rank: 17327
general-ipv6.telemetry.tataritv.com — Cisco Umbrella Rank: 17338
784 B
2 dotomi.com
pubmatic-match.dotomi.com — Cisco Umbrella Rank: 3483
744 B
2 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 795
1 KB
2 mfadsrvr.com
rtb.mfadsrvr.com — Cisco Umbrella Rank: 1131
912 B
2 bouncex.net
events.bouncex.net — Cisco Umbrella Rank: 1954
280 B
2 unrulymedia.com
sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1268
1 KB
2 casalemedia.com
htlb.casalemedia.com — Cisco Umbrella Rank: 511
863 B
2 litix.io
247eda56317d1549491233a36.litix.io — Cisco Umbrella Rank: 29078
2 liadm.com
idx.liadm.com — Cisco Umbrella Rank: 2376
i.liadm.com
1 KB
2 confiant-integrations.net
cdn.confiant-integrations.net — Cisco Umbrella Rank: 1481
126 KB
2 eyeota.net
ps.eyeota.net — Cisco Umbrella Rank: 1148
1 KB
2 adsafeprotected.com
static.adsafeprotected.com — Cisco Umbrella Rank: 587
967 B
2 uninterestedquarter.com
uninterestedquarter.com — Cisco Umbrella Rank: 28274
48 KB
2 onetrust.com
geolocation.onetrust.com — Cisco Umbrella Rank: 590
550 B
1 alcmpn.com
p.alcmpn.com
285 B
1 rtactivate.com
bpi.rtactivate.com
109 B
1 trx-hub.com
trx-hub.com — Cisco Umbrella Rank: 6981
464 B
1 bidtheatre.com
match.adsby.bidtheatre.com — Cisco Umbrella Rank: 2242
555 B
1 pippio.com
pippio.com — Cisco Umbrella Rank: 988
633 B
1 adswizz.com
synchroscript.deliveryengine.adswizz.com — Cisco Umbrella Rank: 2700
363 B
1 truffle.bid
matching.truffle.bid — Cisco Umbrella Rank: 6588
1 iprom.net
core.iprom.net — Cisco Umbrella Rank: 6074
277 B
1 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 1372
738 B
1 appier.net
gocm.c.appier.net — Cisco Umbrella Rank: 2603
436 B
1 ctnsnet.com
ipac.ctnsnet.com — Cisco Umbrella Rank: 5723
369 B
1 acuityplatform.com
ums.acuityplatform.com — Cisco Umbrella Rank: 1309
674 B
1 loopme.me
csync.loopme.me — Cisco Umbrella Rank: 940
225 B
1 opera.com
t.adx.opera.com — Cisco Umbrella Rank: 1397
553 B
1 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 689
1 KB
1 rfihub.com
p.rfihub.com — Cisco Umbrella Rank: 868
795 B
1 adstanding.com
rtb.adstanding.com — Cisco Umbrella Rank: 7554
358 B
1 nrich.ai
dsp.nrich.ai — Cisco Umbrella Rank: 3111
583 B
1 trackonomics.net
cdn-magiclinks.trackonomics.net — Cisco Umbrella Rank: 6223
35 KB
1 chartbeat.net
ping.chartbeat.net — Cisco Umbrella Rank: 1376
201 B
1 yahoo.net
hb.yahoo.net — Cisco Umbrella Rank: 938
647 B
1 primis.tech
live.primis.tech — Cisco Umbrella Rank: 1458
556 B
1 a-mo.net
prebid.a-mo.net — Cisco Umbrella Rank: 751
451 B
1 wknd.ai
ssp.wknd.ai — Cisco Umbrella Rank: 3898
200 B
1 ipredictive.com
sync.ipredictive.com — Cisco Umbrella Rank: 909
554 B
1 antigena.com
us01.z.antigena.com — Cisco Umbrella Rank: 4024
1 wunderkind.co
contextual-analytics.wunderkind.co — Cisco Umbrella Rank: 2908
1 KB
1 media.net
hbx.media.net — Cisco Umbrella Rank: 1337
658 B
1 adpredictive.com
track2.adpredictive.com — Cisco Umbrella Rank: 27441
143 B
1 yieldmo.com
ads.yieldmo.com — Cisco Umbrella Rank: 657
528 B
1 stickyadstv.com
ads.stickyadstv.com — Cisco Umbrella Rank: 566
659 B
1 sonobi.com
apex.go.sonobi.com — Cisco Umbrella Rank: 1987
1 KB
1 teads.tv
a.teads.tv — Cisco Umbrella Rank: 1462
621 B
1 rkdms.com
id.sv.rkdms.com — Cisco Umbrella Rank: 5530
278 B
1 ml314.com
ml314.com — Cisco Umbrella Rank: 1908
429 B
1 paramount.com
cdn.privacy.paramount.com — Cisco Umbrella Rank: 19083
11 KB
1 headliner.link
disco.headliner.link — Cisco Umbrella Rank: 20949
54 KB
0 mrtnsvr.com Failed
ad.mrtnsvr.com Failed
0 cbsistatic.com Failed
cbsnews4.cbsistatic.com Failed
555 126
Domain Requested by
55 213.238.171.129.sslip.io 213.238.171.129.sslip.io
www.cbsnews.com
32 c2shb.pubgw.yahoo.com at.cbsi.com
24 simage2.pubmatic.com 3 redirects ads.pubmatic.com
18 securepubads.g.doubleclick.net www.cbsnews.com
securepubads.g.doubleclick.net
213.238.171.129.sslip.io
www.googletagservices.com
17 tpc.googlesyndication.com securepubads.g.doubleclick.net
213.238.171.129.sslip.io
cdn.confiant-integrations.net
tpc.googlesyndication.com
cdn.ampproject.org
15 cm.g.doubleclick.net 11 redirects eb2.3lift.com
u.openx.net
14 cbsdfp5832910442.s.moatpixel.com
14 dai.google.com 6 redirects imasdk.googleapis.com
www.cbsnews.com
12 pixel.rubiconproject.com 8 redirects
12 image2.pubmatic.com ads.pubmatic.com
12 g2.gumgum.com at.cbsi.com
12 pbs.at.cbsi.com at.cbsi.com
eb2.3lift.com
ads.pubmatic.com
u.openx.net
12 assets1.cbsnewsstatic.com 213.238.171.129.sslip.io
www.cbsnews.com
11 match.prod.bidr.io 11 redirects
11 eb2.3lift.com 4 redirects at.cbsi.com
eb2.3lift.com
11 fastlane.rubiconproject.com at.cbsi.com
11 cdn.cookielaw.org www.cbsnews.com
cdn.cookielaw.org
cdn.privacy.paramount.com
11 www.cbsnews.com www.cbsnews.com
213.238.171.129.sslip.io
10 cdn.ampproject.org cdn.confiant-integrations.net
9 ib.adnxs.com 5 redirects at.cbsi.com
eb2.3lift.com
8 yeet.revcontent.com assets.revcontent.com
8 trends.revcontent.com 213.238.171.129.sslip.io
trends.revcontent.com
assets.revcontent.com
8 x.bidswitch.net 7 redirects eb2.3lift.com
8 cbsnews.hb-api.omtrdc.net tealium.cbsnews.com
7 token.rubiconproject.com 6 redirects eus.rubiconproject.com
7 sb.scorecardresearch.com 2 redirects
7 pixel.tapad.com 4 redirects
7 assets.bounceexchange.com 213.238.171.129.sslip.io
tag.bounceexchange.com
assets.bounceexchange.com
7 match.adsrvr.org 6 redirects at.cbsi.com
7 dpm.demdex.net tealium.cbsnews.com
7 pagead2.googlesyndication.com imasdk.googleapis.com
securepubads.g.doubleclick.net
tpc.googlesyndication.com
www.googletagservices.com
7 assets2.cbsnewsstatic.com 213.238.171.129.sslip.io
6 s.amazon-adsystem.com 2 redirects ads.pubmatic.com
u.openx.net
5 us-u.openx.net u.openx.net
ads.pubmatic.com
5 image6.pubmatic.com ads.pubmatic.com
5 ads.pubmatic.com 213.238.171.129.sslip.io
at.cbsi.com
assets.bounceexchange.com
5 px.moatads.com 213.238.171.129.sslip.io
5 www.google.com 1 redirects 213.238.171.129.sslip.io
tpc.googlesyndication.com
5 usersync.getpublica.com sync.getpublica.com
usersync.getpublica.com
5 z.moatads.com at.cbsi.com
z.moatads.com
213.238.171.129.sslip.io
5 r3---sn-vgqsrn66.googlevideo.com
5 ups.analytics.yahoo.com 5 redirects
5 wellgroomedhydrant.com uninterestedquarter.com
5 fms.viacomcbs.digital www.cbsnews.com
at.cbsi.com
4 pixel-sync.sitescout.com 4 redirects
4 pmp.mxptint.net 2 redirects
4 thrtle.com 2 redirects
4 cm.adgrx.com 4 redirects
4 simage4.pubmatic.com ads.pubmatic.com
4 sync-tm.everesttech.net 2 redirects ads.pubmatic.com
4 resources.infolinks.com 213.238.171.129.sslip.io
resources.infolinks.com
4 pr-bh.ybp.yahoo.com 2 redirects u.openx.net
4 sync.1rx.io 4 redirects
4 mb.moatads.com z.moatads.com
4 imasdk.googleapis.com www.cbsnews.com
imasdk.googleapis.com
4 assets3.cbsnewsstatic.com 213.238.171.129.sslip.io
3 ad.turn.com 3 redirects
3 b1sync.zemanta.com 3 redirects
3 assets.revcontent.com 213.238.171.129.sslip.io
3 bh.contextweb.com 3 redirects
3 protected-by.clarium.io 213.238.171.129.sslip.io
3 www.googletagservices.com 213.238.171.129.sslip.io
3 px.ads.linkedin.com eb2.3lift.com
3 c.amazon-adsystem.com at.cbsi.com
c.amazon-adsystem.com
3 sync.crwdcntrl.net 2 redirects
3 at.cbsi.com www.cbsnews.com
at.cbsi.com
3 idsync.rlcdn.com 3 redirects
3 pubads.g.doubleclick.net imasdk.googleapis.com
2 sdk.iad-03.braze.com www.cbsnews.com
2 io.narrative.io 1 redirects
2 he.lijit.com 2 redirects
2 doppler-config.cbsivideo.com 1 redirects
2 c1.adform.net 2 redirects
2 px.owneriq.net 2 redirects
2 beacon.lynx.cognitivlabs.com 1 redirects ads.pubmatic.com
2 pm.w55c.net 2 redirects
2 rtb.adentifi.com ads.pubmatic.com
2 sync.bfmio.com ads.pubmatic.com
2 crb.kargo.com ads.pubmatic.com
2 cms.quantserve.com 2 redirects
2 match.deepintent.com ads.pubmatic.com
2 sync.technoratimedia.com 2 redirects
2 rtb-csync.smartadserver.com 2 redirects
2 static.chartbeat.com www.cbsnews.com
2 capi.connatix.com 1 redirects
2 mug.criteo.com
2 gum.criteo.com 1 redirects
2 7f077.v.fwmrm.net
2 tvp.tv
2 beacons.extremereach.io 1 redirects
2 pubmatic-match.dotomi.com 2 redirects
2 um.simpli.fi 2 redirects
2 rtb.mfadsrvr.com 2 redirects
2 events.bouncex.net
2 eus.rubiconproject.com assets.bounceexchange.com
eus.rubiconproject.com
2 u.openx.net 1 redirects at.cbsi.com
2 fonts.gstatic.com fonts.googleapis.com
2 dis.criteo.com eb2.3lift.com
ads.pubmatic.com
2 sync.targeting.unrulymedia.com 2 redirects
2 aax.amazon-adsystem.com c.amazon-adsystem.com
2 htlb.casalemedia.com at.cbsi.com
2 krk2.kargo.com at.cbsi.com
2 247eda56317d1549491233a36.litix.io tealium.cbsnews.com
2 cdn.confiant-integrations.net at.cbsi.com
cdn.confiant-integrations.net
2 ps.eyeota.net 2 redirects
2 saa.cbsnews.com tealium.cbsnews.com
2 static.adsafeprotected.com
2 uninterestedquarter.com www.cbsnews.com
2 feeds-cbsn.cbsnews.com www.cbsnews.com
2 geolocation.onetrust.com cdn.cookielaw.org
2 tealium.cbsnews.com www.cbsnews.com
1 p.alcmpn.com
1 i.liadm.com 1 redirects
1 bpi.rtactivate.com
1 trx-hub.com
1 match.adsby.bidtheatre.com 1 redirects
1 bcp.crwdcntrl.net
1 pippio.com 1 redirects
1 synchroscript.deliveryengine.adswizz.com
1 matching.truffle.bid ads.pubmatic.com
1 core.iprom.net ads.pubmatic.com
1 sync.mathtag.com 1 redirects
1 gocm.c.appier.net 1 redirects
1 ipac.ctnsnet.com ads.pubmatic.com
1 ums.acuityplatform.com 1 redirects
1 csync.loopme.me 1 redirects
1 t.adx.opera.com 1 redirects
1 sync.srv.stackadapt.com 1 redirects
1 s.tribalfusion.com ads.pubmatic.com
1 a.tribalfusion.com 1 redirects
1 p.rfihub.com 1 redirects
1 rtb.adstanding.com 1 redirects
1 dsp.nrich.ai 1 redirects
1 logx.optimizely.com cdn.optimizely.com
1 cdn-magiclinks.trackonomics.net www.cbsnews.com
1 ping.chartbeat.net
1 mab.chartbeat.com static.chartbeat.com
1 a2628570003.cdn.optimizely.com cdn.optimizely.com
1 cdn.optimizely.com www.cbsnews.com
1 hb.yahoo.net
1 sync1.intentiq.com
1 sync.intentiq.com 1 redirects
1 live.primis.tech 1 redirects
1 prebid.a-mo.net
1 aax-eu.amazon-adsystem.com
1 ssp.wknd.ai
1 pixel-us-east.rubiconproject.com 1 redirects
1 general-ipv6.telemetry.tataritv.com
1 general-ipv4.telemetry.tataritv.com
1 beacons-ipv4.extremereach.io
1 csi.gstatic.com imasdk.googleapis.com
1 images.revcontent.com
1 img.revcontent.com
1 sync.ipredictive.com 1 redirects
1 image4.pubmatic.com
1 us01.z.antigena.com
1 r.bidswitch.net 1 redirects
1 contextual-analytics.wunderkind.co assets.bounceexchange.com
1 secure-assets.rubiconproject.com 1 redirects
1 api.bounceexchange.com assets.bounceexchange.com
1 router.infolinks.com resources.infolinks.com
1 googleads.g.doubleclick.net
1 hbx.media.net 1 redirects
1 fonts.googleapis.com cdn.confiant-integrations.net
1 track2.adpredictive.com 213.238.171.129.sslip.io
1 tag.bounceexchange.com assets.bounceexchange.com
1 ads.yieldmo.com 1 redirects
1 ads.stickyadstv.com usersync.getpublica.com
1 194b924f7110d37d1d41f6d5fbfd923d.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 config.aps.amazon-adsystem.com c.amazon-adsystem.com
1 rtb.openx.net at.cbsi.com
1 apex.go.sonobi.com at.cbsi.com
1 grid.bidswitch.net at.cbsi.com
1 a.teads.tv at.cbsi.com
1 hbopenbid.pubmatic.com at.cbsi.com
1 sync.getpublica.com at.cbsi.com
1 dmp.v.fwmrm.net
1 api.rlcdn.com at.cbsi.com
1 idx.liadm.com at.cbsi.com
1 id.sv.rkdms.com at.cbsi.com
1 cms.analytics.yahoo.com 1 redirects
1 ml314.com 1 redirects
1 r1---sn-8xgp1vo-2pul.googlevideo.com
1 cbsi.demdex.net tealium.cbsnews.com
1 production-cmp.isgprivacy.cbsi.com cdn.privacy.paramount.com
1 cdn.privacy.paramount.com www.cbsnews.com
1 disco.headliner.link 213.238.171.129.sslip.io
0 ad.mrtnsvr.com Failed ads.pubmatic.com
0 cbsnews4.cbsistatic.com Failed
555 189
Subject Issuer Validity Valid
sales.ketabii.com
R3		 2023-11-27 -
2024-02-25		 3 months crt.sh
*.cbsnews.com
Sectigo RSA Organization Validation Secure Server CA		 2023-02-23 -
2024-03-15		 a year crt.sh
*.cbsnewsstatic.com
Sectigo RSA Organization Validation Secure Server CA		 2023-01-01 -
2024-01-31		 a year crt.sh
*.headliner.link
Amazon RSA 2048 M01		 2023-03-05 -
2024-04-02		 a year crt.sh
cookielaw.org
Cloudflare Inc ECC CA-3		 2023-04-01 -
2024-03-31		 a year crt.sh
cdn.privacy.paramount.com
Sectigo RSA Organization Validation Secure Server CA		 2023-02-04 -
2024-02-04		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
MTVI.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-09-06 -
2024-09-05		 a year crt.sh
*.isgprivacy.cbsi.com
Sectigo RSA Organization Validation Secure Server CA		 2023-06-06 -
2024-06-19		 a year crt.sh
onetrust.com
Cloudflare Inc ECC CA-3		 2023-11-13 -
2024-11-12		 a year crt.sh
uninterestedquarter.com
R3		 2023-11-21 -
2024-02-19		 3 months crt.sh
static.adsafeprotected.com
Amazon RSA 2048 M02		 2023-07-07 -
2024-08-04		 a year crt.sh
wellgroomedhydrant.com
R3		 2023-11-26 -
2024-02-24		 3 months crt.sh
*.google.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
*.demdex.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-26 -
2024-10-26		 a year crt.sh
saa.cbsnews.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-01-29 -
2024-02-29		 a year crt.sh
*.at.cbsi.com
Sectigo RSA Organization Validation Secure Server CA		 2023-07-14 -
2024-07-13		 a year crt.sh
confiant-integrations.net
GTS CA 1P5		 2023-11-19 -
2024-02-17		 3 months crt.sh
rkdms.com
Amazon RSA 2048 M03		 2023-10-04 -
2024-11-01		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2023-04-12 -
2024-05-13		 a year crt.sh
*.liadm.com
Amazon RSA 2048 M02		 2023-08-31 -
2024-09-28		 a year crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2023-02-02 -
2024-03-03		 a year crt.sh
*.hb-api.omtrdc.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-04-19 -
2024-05-19		 a year crt.sh
*.litix.io
Amazon RSA 2048 M02		 2023-07-24 -
2024-08-21		 a year crt.sh
*.v.fwmrm.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-11-09 -
2023-12-10		 a year crt.sh
web.ssp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-10-17 -
2024-04-10		 6 months crt.sh
*.getpublica.com
Amazon RSA 2048 M02		 2023-06-15 -
2024-07-12		 a year crt.sh
moatads.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-10-25 -
2024-10-24		 a year crt.sh
c.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-02-28 -
2024-02-17		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2023-02-13 -
2024-03-15		 a year crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2023-04-20 -
2024-05-20		 a year crt.sh
teads.tv
R3		 2023-11-03 -
2024-02-01		 3 months crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2023-03-23 -
2024-03-23		 a year crt.sh
*.go.sonobi.com
Go Daddy Secure Certificate Authority - G2		 2022-12-06 -
2024-01-07		 a year crt.sh
dev.eks.va.adexchange.gumgum.com
Amazon RSA 2048 M02		 2023-11-17 -
2024-12-15		 a year crt.sh
*.app.kargo.com
Amazon RSA 2048 M02		 2023-02-21 -
2024-01-18		 a year crt.sh
casalemedia.com
Cloudflare Inc ECC CA-3		 2023-05-21 -
2024-05-20		 a year crt.sh
*.openx.net
RapidSSL TLS RSA CA G1		 2023-08-18 -
2024-08-18		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-03-05 -
2024-04-03		 a year crt.sh
*.3lift.com
Amazon RSA 2048 M02		 2023-04-13 -
2024-05-11		 a year crt.sh
config.aps.amazon-adsystem.com
Amazon RSA 2048 M02		 2023-02-20 -
2024-03-20		 a year crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-03-16 -
2024-03-08		 a year crt.sh
*.moatads.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-06-20 -
2024-07-20		 a year crt.sh
*.ads.stickyadstv.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-04-19 -
2024-05-19		 a year crt.sh
www.linkedin.com
DigiCert SHA2 Secure Server CA		 2023-11-03 -
2024-05-03		 6 months crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-26 -
2023-12-23		 3 months crt.sh
assets.bounceexchange.com
GTS CA 1D4		 2023-11-20 -
2024-02-18		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-05-15 -
2024-05-14		 a year crt.sh
tag.bounceexchange.com
R3		 2023-11-20 -
2024-02-18		 3 months crt.sh
misc-sni.google.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
protected-by.clarium.io
Amazon RSA 2048 M03		 2023-11-16 -
2024-12-15		 a year crt.sh
www.google.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
adpredictive.com
Amazon RSA 2048 M02		 2023-10-15 -
2024-11-12		 a year crt.sh
revcontent.com
Amazon RSA 2048 M02		 2023-05-18 -
2024-06-16		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
*.wunderkind.co
R3		 2023-10-07 -
2024-01-05		 3 months crt.sh
s.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-03-03 -
2024-02-19		 a year crt.sh
*.z.antigena.com
Sectigo ECC Domain Validation Secure Server CA		 2023-04-03 -
2024-04-02		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-08-29 -
2024-02-21		 6 months crt.sh
*.telemetry.tataritv.com
Amazon RSA 2048 M02		 2023-11-15 -
2024-12-14		 a year crt.sh
tvp.tv
Amazon RSA 2048 M02		 2023-04-25 -
2024-05-23		 a year crt.sh
*.extremereach.io
Amazon RSA 2048 M01		 2023-09-04 -
2024-10-01		 a year crt.sh
*.scorecardresearch.com
Sectigo RSA Domain Validation Secure Server CA		 2022-12-15 -
2023-12-28		 a year crt.sh
aax-eu.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-06-21 -
2024-03-02		 8 months crt.sh
cdn.optimizely.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-09-01 -
2024-09-04		 a year crt.sh
*.chartbeat.com
Thawte TLS RSA CA G1		 2023-05-16 -
2024-06-06		 a year crt.sh
*.cdn.optimizely.com
GeoTrust RSA CA 2018		 2023-02-26 -
2024-02-28		 a year crt.sh
*.chartbeat.net
Thawte TLS RSA CA G1		 2023-11-20 -
2024-12-20		 a year crt.sh
*.trackonomics.net
Sectigo RSA Domain Validation Secure Server CA		 2023-11-17 -
2024-12-17		 a year crt.sh
logx.optimizely.com
Amazon RSA 2048 M01		 2023-06-24 -
2024-07-22		 a year crt.sh
*.deepintent.com
Go Daddy Secure Certificate Authority - G2		 2022-11-30 -
2024-01-01		 a year crt.sh
*.everesttech.net
GlobalSign Atlas R3 DV TLS CA 2023 Q3		 2023-08-11 -
2024-09-11		 a year crt.sh
*.prod.use1.green.ops.kargo.com
Amazon RSA 2048 M01		 2022-11-10 -
2023-12-09		 a year crt.sh
*.bfmio.com
Amazon RSA 2048 M02		 2023-03-17 -
2024-04-14		 a year crt.sh
adentifi.com
Amazon RSA 2048 M01		 2023-07-06 -
2024-08-03		 a year crt.sh
beacon.lynx.cognitivlabs.com
Amazon RSA 2048 M02		 2023-03-31 -
2024-04-28		 a year crt.sh
*.ctnsnet.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-10-13 -
2024-11-10		 a year crt.sh
*.iprom.net
R3		 2023-11-13 -
2024-02-11		 3 months crt.sh
truffle.bid
R3		 2023-10-24 -
2024-01-22		 3 months crt.sh
*.deliveryengine.adswizz.com
Amazon RSA 2048 M02		 2023-02-09 -
2024-02-13		 a year crt.sh
*.crwdcntrl.net
Amazon RSA 2048 M01		 2023-10-08 -
2024-11-05		 a year crt.sh
*.tapad.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-18 -
2024-09-17		 a year crt.sh
*.trx-hub.com
Amazon RSA 2048 M02		 2023-01-21 -
2024-02-19		 a year crt.sh
rtactivate.com
Amazon RSA 2048 M01		 2023-03-14 -
2024-04-11		 a year crt.sh
*.iad-03.braze.com
GlobalSign Atlas R3 DV TLS CA 2023 Q3		 2023-09-07 -
2024-10-08		 a year crt.sh

This page contains 62 frames:

Primary Page: https://213.238.171.129.sslip.io/
Frame ID: 4F74A465F6736D0F9E3D8D42EF283B7F
Requests: 244 HTTP requests in this frame

Frame: https://www.cbsnews.com/embed/video/?v=5659e73acd91751548aa89950cf015b01701135726&usprivacy=null
Frame ID: 0C7C5E15BEAC55B3A8321C0A902B8778
Requests: 60 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/dai_iframe3.605.0_debug_en.html?origin=https%3A%2F%2Fwww.cbsnews.com
Frame ID: C47037D9FF2AACBEE563E52230047519
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 1E1C7FA8E8F4A2D8D8573480EFFAC67C
Requests: 1 HTTP requests in this frame

Frame: https://cbsi.demdex.net/dest5.html?d_nsid=0
Frame ID: 5F339BAE80878F0193B63CE26563EA2D
Requests: 8 HTTP requests in this frame

Frame: https://usersync.getpublica.com/usersync?gpdr=0&consent=&us_privacy=1YNN
Frame ID: D7B70756F6B59C84EA11DC7101B1D501
Requests: 6 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fpbs.at.cbsi.com%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID&ld=1
Frame ID: 2B89F1D23B2DFD475107CBA409C752BE
Requests: 12 HTTP requests in this frame

Frame: https://z.moatads.com/hd09824092/iframe.html
Frame ID: 3305228D49AC9168A97B5A7A0D0DBF2A
Requests: 1 HTTP requests in this frame

Frame: https://194b924f7110d37d1d41f6d5fbfd923d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 02B87E8B886A7DF6C0CBEBAA9A761C2C
Requests: 1 HTTP requests in this frame

Frame: https://assets.bounceexchange.com/assets/bounce/iframebuster.js
Frame ID: 01C7D976FA6C5CD8E4CA41402A5E4E1C
Requests: 2 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvULzvvonMh4_7MJPdYCVoOoxC326TMsS8jmH_wpXVXxeHpp7ZoLgxdLO_PC6fLv_M8YmbgNbmhX7pzoiXcw9em7MHAofQSqdCex7jrVjltyKLAZnZui46vOQ0PNpZUZEIi1zUOMnr-v2VdCFDMGmh2hOoZ2Rq60pV8fBk7v0TVyawV6MOxyax28DhAbkGOPVf8NpV5F90VGgMQG7EpdZ_gbg0o8NUWc6xbXn5m_rfppYd5tn7KWPRfdKSCZNcsoCB0mKsKvGFhqSBPRuTAGpArkyeeiaTg_bd2uEH0IV1gorvsXOH-ikKyIH6hQqUIfOldHescVS1kDvE10RuQfp9mgXrfC9NpcdG9GQIRGv4&sai=AMfl-YQtErXgdkQ8AbEBFRch4JgWOJ80pA8aU5jTFkdqOmkzCgYOuEihG9Zk9yH4evtYQcrgKR3qSnYEDpJdw6VUWLPqVkZ4hW70HSuNvEhF9tsD20_whuA6-IL-9JTo7RpN-4i9NFx_jWcN03REVZb_WhA&sig=Cg0ArKJSzIsYuzzHwA9UEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Frame ID: 6F97A8CAD43CD77F14CD6D144A46EFCA
Requests: 9 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012310301456000/amp4ads-v0.mjs
Frame ID: 1EF8BBD8A79C60854DF78DC28112752D
Requests: 15 HTTP requests in this frame

Frame: https://track2.adpredictive.com/?event=impression&clientname=Viacom&adpcampaign=OOAlwaysOn&cachebuster=578306533&adunit=/8264/aw-cbsnews/home&lineitemid=6409609095&adid=25477209&orderid=3238758707&creativeid=138453610355&idadunit=23206089&deviceid=&pixelid=76
Frame ID: 806D15747F162EDF29F5995B35635C39
Requests: 10 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstfg7ZkokHCdHmUN2-PoPfYrIwP2ve9Rs41KhXdCeG-DbXnqbQJj0_Nh2I7ntqhNvAbZdvMZrJaf5H9ARjo4txN78zHOlF5WVc5PVvBSCWfk8TJcJpNmeJZUXT8L-sxd47RDLDVbPHlcUgHoT5SeWP62M5cp36w0-FQQNsdfTl-KaOVPHkkBp1HrLEQ7nBjPYk-NqDt3cdZT9Dstv7glRBDa7w2UnvjLHd9bx470g6DhUKUSTllGDQo3OnL7hDEAuQExF3G9d69WlEYIbHhsdCFJyJnM7tZerthinhhBi-2I9KC6ETUWUhHQY039-7J5ZX9KmPVua69qBR9UukNvfkcYksjgf3RcYsBvUTqGmaEA9AoksWFsA&sai=AMfl-YTjCW3X4CZl4TrJtOpkro_0jY2-YTnxMn7BuB4gqx9dPY2RXhpoNE0tzkFpjCBTbUjTnZVgaiDpa1BMqOZqTtzJ5T1q8yZsv9IoKBrL-88CsM_k76g2F_66fsn8Wjyx3-HaSZ1Twl8TXbneWn8ILw&sig=Cg0ArKJSzMsoqMAsGGL4EAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Frame ID: 51CAF2DAF752C34EAD0A4695FC450EC8
Requests: 28 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012310301456000/amp4ads-v0.mjs
Frame ID: 49FDCC556C8C38E719BB2E7CE2C68518
Requests: 17 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 450BD50E25F46FE7D9CB8EBB3D310344
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 41750D38C445436D64D6777AA58117A0
Requests: 2 HTTP requests in this frame

Frame: https://router.infolinks.com/usync/manage?pid=3306660&wsid=0&pdom=213.238.171.129.sslip.io&purl=https%3A%2F%2F213.238.171.129.sslip.io%2F&usprivacy=1YNN
Frame ID: A0B757D1FB3B8AD9322FC30E01F37742
Requests: 1 HTTP requests in this frame

Frame: https://assets.bounceexchange.com/assets/bounce/local_storage_frame17.min.html
Frame ID: 7FC9E5B11DFE8EE9762C6A73BACF834C
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&predirect=https%3A%2F%2Fpbs.at.cbsi.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D
Frame ID: 4C7D966F9C3A40747E0CB26F51053C31
Requests: 25 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&predirect=https%3A%2F%2Fpbs.at.cbsi.com%2Fsetuid%3Fbidder%3Dgroupm%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D
Frame ID: E160E22ABEA437ADF3D1FCF7B557FBBD
Requests: 16 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/cm?cc=1&id=891039ac-a916-42bb-a651-4be9e3b201da&ph=a3aece0c-9e80-4316-8deb-faf804779bd1&gdpr=&gdpr_consent=&r=https%3A%2F%2Fpbs.at.cbsi.com%2Fsetuid%3Fbidder%3Dopenx%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D
Frame ID: 40D1837CF778F3C4EB3684DC72F439E2
Requests: 8 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156512
Frame ID: 5D534BB0727795F78FB3C22702915058
Requests: 9 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=20986&endpoint=us-east
Frame ID: 9FF126905AC8FCF6EBA58DD0F598B2E8
Requests: 20 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/dcm?pid=3b882453-6770-4785-baf8-a598533c054a&id=C5B20BED-E183-402B-A22C-83D5EF22CB2C&redir=true&gdpr=0&gdpr_consent=&dcc=t
Frame ID: E35F6A708650CCE7ABCEC7EFF558CC5A
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=3056755399233263756&gdpr=0&gdpr_consent=
Frame ID: 505A0C666669E0BCA66705242CF67E30
Requests: 1 HTTP requests in this frame

Frame: https://pbs.at.cbsi.com/setuid?bidder=pubmatic&gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&f=b&uid=C5B20BED-E183-402B-A22C-83D5EF22CB2C
Frame ID: 124055FAD7165E7A9292235D1AEB4123
Requests: 1 HTTP requests in this frame

Frame: https://a2628570003.cdn.optimizely.com/client_storage/a2628570003.html
Frame ID: 4C72B8437595F43D4B7DE4F34746B03C
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AADX-E7KypAAABKsoCMXRw&gdpr=0
Frame ID: C8592F09AB11D891550B954DCA4D63EA
Requests: 1 HTTP requests in this frame

Frame: https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent=
Frame ID: 1B8539C3FB754FCA99949DC2B4AE6403
Requests: 1 HTTP requests in this frame

Frame: https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=
Frame ID: CF081B79B9C934BCA4C84B8A745693D9
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=59c70eXaPdb80z-C4dYg1-GDO9P8hz3StdZYLk-d
Frame ID: 82AD65AD0868F9C801EEEBD34071D804
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=23bd3352-e7fa-4d20-94b7-7e3199ca7991&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=
Frame ID: 3AB8954D3EC03AF3A3024B5D3B3950DE
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=df9238f6-8d90-11ee-a05a-06905cfe2b77
Frame ID: 812602DAC63F77AD238D3B4785664E15
Requests: 1 HTTP requests in this frame

Frame: https://pbs.at.cbsi.com/setuid?bidder=pubmatic&gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&f=b&uid=C5B20BED-E183-402B-A22C-83D5EF22CB2C
Frame ID: 53A02B79D033033AC998F63379385013
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AADX-E7KypAAABKsoCMXRw&gdpr=0&gdpr_consent=
Frame ID: 255E00D9988DF88DA42803952215A2EB
Requests: 1 HTTP requests in this frame

Frame: https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent=
Frame ID: B021D3EA6AFDF75F5D53F71AF9EC208E
Requests: 1 HTTP requests in this frame

Frame: https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=
Frame ID: F149F9CC963DCD7A44A3EC88E663476F
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=-MBYFvrNXhHjxFxG-ZFDQviUCkDjxwtA-ZbrWxBl
Frame ID: 8306488D014253E0F1F9D534C8350762
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=23bd3352-e7fa-4d20-94b7-7e3199ca7991&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=
Frame ID: A823C10BE06F35AA4F4A0A67963DEA02
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=df9238f6-8d90-11ee-a05a-06905cfe2b77
Frame ID: A676B045B47F8D9BE0A7289BBC75EAEC
Requests: 1 HTTP requests in this frame

Frame: https://pbs.at.cbsi.com/setuid?bidder=groupm&gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&f=b&uid=C5B20BED-E183-402B-A22C-83D5EF22CB2C
Frame ID: C797DDF422C5F6BFBE96244D698814F5
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:f9Ti3QeA1R7NhE5&gdpr=0&gdpr_consent=
Frame ID: DEDFF2194B9C1D6488EC4653B99ECB92
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=1797288128071551211
Frame ID: EF5C07F8959515483FCA8491AFC81EC8
Requests: 1 HTTP requests in this frame

Frame: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: 7183053EF5093BD7C7EE8AE009B0EED5
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=hhtuxYqsW2NjryUO9oBqpM5CYIY&gdpr=0&gdpr_consent=
Frame ID: 47BEAE8C5B12BA547D75FEBEC94F2FF7
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: C6554EEBC5A10EB4587A88185018FA6F
Requests: 1 HTTP requests in this frame

Frame: https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=C5B20BED-E183-402B-A22C-83D5EF22CB2C
Frame ID: FF7147F2AA18695A4F39DF58EF2B9EB6
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPUb921b702034e445fae22937cc7b7fd4c
Frame ID: 3821F9FF2AC76FDAA4B295D74E4C39B8
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDMmdGw9MTI5NjAw&piggybackCookie=uid:W4l2hieW1Pe-3sxK-lnb&gdpr=0&gdpr_consent=&gdpr=0
Frame ID: 541D1A4FC5E2C555083DFE0E75E175EF
Requests: 1 HTTP requests in this frame

Frame: https://ad.mrtnsvr.com/sync/pubmatic?gdpr=0&gdpr_consent=
Frame ID: A316723808AB8C58C35B5D01D6FAED53
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Frame ID: AE5D416CD7EF24C3E7609C7798081ECE
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=857602416520
Frame ID: C0A3AE8CD9771FA92E2B1519D21EFF1F
Requests: 1 HTTP requests in this frame

Frame: https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Frame ID: B1F95F082F43A012CB957D93B8DCD827
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=KddlgywiDrGjqcCcAkhlZQ
Frame ID: B6BF08FD4C3AEB0E6F0EDADC5AFF075A
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-6d7d368c-feeb-4b59-b1dc-1945c652496a-005
Frame ID: BA0CDC5EAAEAF75CF1BD31579A1D1E31
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:0e2f6565-4802-4400-88b1-07b19da69a18&gdpr=0&gdpr_consent=
Frame ID: 5085DF66EFEFD66557B6221E01AB3251
Requests: 1 HTTP requests in this frame

Frame: https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Frame ID: B7F0B1E4283A503591D99889BBBB00E0
Requests: 1 HTTP requests in this frame

Frame: https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID
Frame ID: 6DD511196ADFA25656C1B2A28C57D617
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=Q7544227861187578966
Frame ID: D0BED48388FE5FD4D6A56957F2E92BC5
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:3632AF9873274782B2743660ED8B6F3C&gdpr=0&gdpr_consent=
Frame ID: C4A8BAEC53C702C62F63AB4B60D88780
Requests: 1 HTTP requests in this frame

Frame: https://pbs.at.cbsi.com/setuid?bidder=groupm&gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&f=b&uid=C5B20BED-E183-402B-A22C-83D5EF22CB2C
Frame ID: D305D339A422FFC9114DD721365830F3
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

CBS News - Breaking news, 24/7 live streaming news & top storiesBack ButtonSearch IconFilter Icon

Detected technologies

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • moatads\.com
Overall confidence: 100%
Detected patterns
  • cdn\.cookielaw\.org
  • otSDKStub\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • optimizely\.com.*\.js
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

555
Requests

75 %
HTTPS

27 %
IPv6

126
Domains

189
Subdomains

126
IPs

13
Countries

7979 kB
Transfer

22903 kB
Size

228
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 133
  • https://dai.google.com/linear/pods/v1/p/Sid4xiTQTkCT1SLu6rjUSQ/256b38fd-8ed9-4188-8f15-081c15139a16:CBF2/289997/0/2/a2490d3c744cd6c7e5676ecfc6956ee9/5.ts HTTP 302
  • https://r1---sn-8xgp1vo-2pul.googlevideo.com/videoplayback?expire=1701222777&ei=-UdlZejkM9qN_tcPlreHoA0&ip=0.0.0.0&ogomk=hk1&requiressl=yes&nc=8264&gomv=google_0059853393398448509%2Cgoogle_8463160428169783479%2Cgoogle_5392535423601081439%2Cgoogle_7128987864577960729%2Cgoogle_2417603258264297874&ctier=L&mime=video/MP2T&itag=340&faskm=468&ogoms=cr9M53MXij3oZ6_x0U91-w&goc=13&sgovp=gir%3Dyes%3Bitag%3D340%3Bxtags%3Dvc%3Davc%3Avccf%3Dmain%3Avfr%3D29.97%3Avsz%3D320x180%3Avtbr%3D160%3Bclen%3D613921%3Bdur%3D30030%3Blmt%3D1700889156985509&acao=yes&source=dclk_video_ads&id=ea14bb9ea8f325c1&fvskm=150&gomt=100%2C7507%2C14765%2C22522%2C29030&sgoap=gir%3Dyes%3Bitag%3D340%3Bxtags%3Dac%3Daac%3Aaccf%3Dlc%3Aach%3D2%3Aasr%3D48000%3Aatbr%3D128%3Bclen%3D488194%3Bdur%3D30080%3Blmt%3D1700889023369518&ogomt=-5100,-4100,-3100,-2100,-1100,-100&susc=dvc&xpc=Eghovf3BOnoBAQ==&sparams=expire,ei,ip,ogomk,requiressl,gomv,ctier,mime,itag,faskm,ogoms,goc,sgovp,acao,source,id,fvskm,gomt,sgoap,ogomt,susc,xpc&sig=ANLwegAwRQIhAI_QUI976v4h-QXLV7VDsVfMEHqLFPp0ZjK6itlyxrAvAiB6JT_R7ywHl25MII4QKxTPSG3B6Ua3ueTrHXmyNjLW7A==&mh=FI&mip=2600:803:a88:1134::134&mm=31&mn=sn-8xgp1vo-2pul&ms=au&mt=1701135473&mv=u&mvi=1&pcm2cms=yes&pl=58&rmhost=r2---sn-8xgp1vo-2pul.googlevideo.com&shardbypass=md-default&smhost=r2---sn-8xgp1vo-2pue.googlevideo.com&lsparams=mh,mip,mm,mn,ms,mv,mvi,pcm2cms,pl,rmhost,shardbypass,smhost&lsig=AM8Gb2swRQIhAKjUbivzJBLUwwQX7un7guZ702bjezra7KsYucwYQRelAiBAC6T533ifFxod-u-zNEAuxxrDiIGhYhPu_dqC_ZNLlg%3D%3D&fvidshow=150&fvidskip=0&govp=slices%3D0-738%2C511137-613920&faudshow=233&faudskip=237&goap=slices%3D0-631%2C324521-488193&ogomm=31000&cpn=JWs4_Y7ZQYiPFQgc
Request Chain 134
  • https://idsync.rlcdn.com/365868.gif?partner_uid=34874868566750200013628261027188838197 HTTP 307
  • https://idsync.rlcdn.com/1000.gif?memo=CKyqFhIxCi0IARCYEhomMzQ4NzQ4Njg1NjY3NTAyMDAwMTM2MjgyNjEwMjcxODg4MzgxOTcQABoNCPuPlasGEgUI6AcQAEIASgA HTTP 307
  • https://dpm.demdex.net/ibs:dpid=477&dpuuid=da1b264d45d5eb460bd379041589b25651a9b4dced360bad944fbf5e56e3106eb0da87c991749652
Request Chain 136
  • https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=MzQ4NzQ4Njg1NjY3NTAyMDAwMTM2MjgyNjEwMjcxODg4MzgxOTc= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm=&gdpr=0&gdpr_consent=&google_hm=MzQ4NzQ4Njg1NjY3NTAyMDAwMTM2MjgyNjEwMjcxODg4MzgxOTc=&google_tc= HTTP 302
  • https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEKVx0b7357jLdXkkVz76XVw&google_cver=1?gdpr=0&gdpr_consent=
Request Chain 137
  • https://ml314.com/utsync.ashx?eid=50112&et=0&gdpr=0&gdpr_consent=&return=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D22052%26dpuuid%3D[PersonID] HTTP 302
  • https://dpm.demdex.net/ibs:dpid=22052&dpuuid=3640245160328036358
Request Chain 139
  • https://ps.eyeota.net/match?bid=6j5b2cv&uid=34874868566750200013628261027188838197&r=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D30064%26dpuuid%3D%7BUUID_6j5b2cv%7D HTTP 302
  • https://ps.eyeota.net/match/bounce/?bid=6j5b2cv&uid=34874868566750200013628261027188838197&r=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D30064%26dpuuid%3D%7BUUID_6j5b2cv%7D HTTP 302
  • https://dpm.demdex.net/ibs:dpid=30064&dpuuid=%7BUUID_6j5b2cv%7D
Request Chain 140
  • https://cms.analytics.yahoo.com/cms?partner_id=ADOBE&_hosted_id=34874868566750200013628261027188838197&gdpr=0&gdpr_consent= HTTP 302
  • https://ups.analytics.yahoo.com/ups/58782/cms?partner_id=ADOBE&_hosted_id=34874868566750200013628261027188838197&gdpr=0&gdpr_consent= HTTP 302
  • https://dpm.demdex.net/ibs:dpid=30646?dpuuid=y-Yfe9IOdE2pGT0KdRNTULNfW3xLoUBvPJhcM-~A
Request Chain 148
  • https://sync.crwdcntrl.net/map/c=9828/tp=ADBE/gdpr=0/gdpr_consent=/tpid=34874868566750200013628261027188838197?https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D121998%26dpuuid%3D${profile_id} HTTP 302
  • https://sync.crwdcntrl.net/map/ct=y/c=9828/tp=ADBE/gdpr=0/gdpr_consent=/tpid=34874868566750200013628261027188838197?https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D121998%26dpuuid%3D${profile_id} HTTP 302
  • https://dpm.demdex.net/ibs:dpid=121998&dpuuid=1d687e167c02500a890de9e89c7d0a13
Request Chain 150
  • https://dai.google.com/linear/pods/v1/p/Sid4xiTQTkCT1SLu6rjUSQ/256b38fd-8ed9-4188-8f15-081c15139a16:CBF2/289997/0/3/a2490d3c744cd6c7e5676ecfc6956ee9/0.ts HTTP 302
  • https://r3---sn-vgqsrn66.googlevideo.com/videoplayback?expire=1701222777&ei=-UdlZev7M9ejir4Pq52RmAQ&ip=0.0.0.0&gomv=google_1053790928596539081%2Cgoogle_3084581355319042694%2Cgoogle_8009495976067089511%2Cgoogle_9081477706638390454%2Cgoogle_4352406798680671331&goc=13&requiressl=yes&ogomt=-5100,-4100,-3100,-2100,-1100,-100&mime=video/MP2T&sgovp=gir%3Dyes%3Bitag%3D340%3Bxtags%3Dvc%3Davc%3Avccf%3Dmain%3Avfr%3D29.97%3Avsz%3D320x180%3Avtbr%3D160%3Bclen%3D614378%3Bdur%3D30030%3Blmt%3D1695731641307828&itag=340&nc=8264&ogoms=dRxwMlk6P2yVgO_OSlZjwg&faskm=468&fvskm=150&acao=yes&ogomk=hk1&gomt=100%2C7507%2C14765%2C22522%2C29030&sgoap=gir%3Dyes%3Bitag%3D340%3Bxtags%3Dac%3Daac%3Aaccf%3Dlc%3Aach%3D2%3Aasr%3D48000%3Aatbr%3D128%3Bclen%3D488599%3Bdur%3D30080%3Blmt%3D1695731620829872&ctier=L&source=dclk_video_ads&id=cfc512097d242da6&susc=dvc&xpc=Eghovf3BOnoBAQ==&sparams=expire,ei,ip,gomv,goc,requiressl,ogomt,mime,sgovp,itag,ogoms,faskm,fvskm,acao,ogomk,gomt,sgoap,ctier,source,id,susc,xpc&sig=ANLwegAwRQIhAJEk5Uyu8NEdEHhRw0gtGhRr_SqvdYIlkSmQlMoHqBrbAiBrq4RVrOyvacRS52IdWWOhbbSsVXUut72Fgb7CZg1XCw==&mh=N2&mip=2600:803:a88:1134::134&mm=34&mn=sn-vgqsrn66&ms=ltu&mt=1701135529&mv=u&mvi=3&pl=58&rmhost=r4---sn-vgqsrn66.googlevideo.com&shardbypass=md-default&smhost=r5---sn-vgqsrn67.googlevideo.com&lsparams=mh,mip,mm,mn,ms,mv,mvi,pl,rmhost,shardbypass,smhost&lsig=AM8Gb2swRgIhAPTrj7pKu19a4FWaKsZc1RW1J3p1xJy-EuDRjbS4H4V5AiEAg2NaSSR5Jf4nfDtmK0lvX1nCWXYbfPn9XEObj1WoSeU%3D&fvidshow=150&fvidskip=0&govp=slices%3D0-102659&faudshow=235&faudskip=0&goap=slices%3D0-162802&ogomm=6000&cpn=JWs4_Y7ZQYiPFQgc
Request Chain 231
  • https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fpbs.at.cbsi.com%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID HTTP 302
  • https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fpbs.at.cbsi.com%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID&ld=1
Request Chain 241
  • https://dai.google.com/linear/pods/v1/p/Sid4xiTQTkCT1SLu6rjUSQ/256b38fd-8ed9-4188-8f15-081c15139a16:CBF2/289997/0/3/a2490d3c744cd6c7e5676ecfc6956ee9/1.ts HTTP 302
  • https://r3---sn-vgqsrn66.googlevideo.com/videoplayback?expire=1701222777&ei=-UdlZev7M9ejir4Pq52RmAQ&ip=0.0.0.0&gomv=google_1053790928596539081%2Cgoogle_3084581355319042694%2Cgoogle_8009495976067089511%2Cgoogle_9081477706638390454%2Cgoogle_4352406798680671331&goc=13&requiressl=yes&ogomt=-5100,-4100,-3100,-2100,-1100,-100&mime=video/MP2T&sgovp=gir%3Dyes%3Bitag%3D340%3Bxtags%3Dvc%3Davc%3Avccf%3Dmain%3Avfr%3D29.97%3Avsz%3D320x180%3Avtbr%3D160%3Bclen%3D614378%3Bdur%3D30030%3Blmt%3D1695731641307828&itag=340&nc=8264&ogoms=dRxwMlk6P2yVgO_OSlZjwg&faskm=468&fvskm=150&acao=yes&ogomk=hk1&gomt=100%2C7507%2C14765%2C22522%2C29030&sgoap=gir%3Dyes%3Bitag%3D340%3Bxtags%3Dac%3Daac%3Aaccf%3Dlc%3Aach%3D2%3Aasr%3D48000%3Aatbr%3D128%3Bclen%3D488599%3Bdur%3D30080%3Blmt%3D1695731620829872&ctier=L&source=dclk_video_ads&id=cfc512097d242da6&susc=dvc&xpc=Eghovf3BOnoBAQ==&sparams=expire,ei,ip,gomv,goc,requiressl,ogomt,mime,sgovp,itag,ogoms,faskm,fvskm,acao,ogomk,gomt,sgoap,ctier,source,id,susc,xpc&sig=ANLwegAwRQIhAJEk5Uyu8NEdEHhRw0gtGhRr_SqvdYIlkSmQlMoHqBrbAiBrq4RVrOyvacRS52IdWWOhbbSsVXUut72Fgb7CZg1XCw==&mh=N2&mip=2600:803:a88:1134::134&mm=34&mn=sn-vgqsrn66&ms=ltu&mt=1701135529&mv=u&mvi=3&pl=58&rmhost=r4---sn-vgqsrn66.googlevideo.com&shardbypass=md-default&smhost=r5---sn-vgqsrn67.googlevideo.com&lsparams=mh,mip,mm,mn,ms,mv,mvi,pl,rmhost,shardbypass,smhost&lsig=AM8Gb2swRgIhAPTrj7pKu19a4FWaKsZc1RW1J3p1xJy-EuDRjbS4H4V5AiEAg2NaSSR5Jf4nfDtmK0lvX1nCWXYbfPn9XEObj1WoSeU%3D&fvidshow=150&fvidskip=0&govp=slices%3D0-738%2C102660-205357&faudshow=234&faudskip=235&goap=slices%3D0-324818&ogomm=11000&cpn=JWs4_Y7ZQYiPFQgc
Request Chain 249
  • https://eb2.3lift.com/getuid?gdpr=&cmp_cs=&us_privacy=1YNN&redir=https%3A%2F%2Fusersync.getpublica.com%2Fusermatch%3Fprovider%3Dtriplelift%26did%3De219d0ab-f15d-4205-bd2a-5edb3f41f205%26TripleliftID%3D%24UID&gdpr=&us_privacy=1YNN&consent= HTTP 302
  • https://usersync.getpublica.com/usermatch?provider=triplelift&did=e219d0ab-f15d-4205-bd2a-5edb3f41f205&TripleliftID=1960977007445951021668
Request Chain 250
  • https://sync.1rx.io/usersync2/rmpssp?sub=publica&redir=https%3A%2F%2Fusersync.getpublica.com%2Fusermatch%3Fprovider%3Dunruly%26did%3De219d0ab-f15d-4205-bd2a-5edb3f41f205%26uid%3D%5BRX_UUID%5D&gdpr=&us_privacy=1YNN&consent= HTTP 302
  • https://sync.1rx.io/usersync2/rmpssp?sub=publica&zcc=1&redir=https%3A%2F%2Fusersync.getpublica.com%2Fusermatch%3Fprovider%3Dunruly%26did%3De219d0ab-f15d-4205-bd2a-5edb3f41f205%26uid%3D%5BRX_UUID%5D&cb=1701136380836&us_privacy=1YNN HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-6d7d368c-feeb-4b59-b1dc-1945c652496a-005?redir=https%3A%2F%2Fusersync.getpublica.com%2Fusermatch%3Fprovider%3Dunruly%26did%3De219d0ab-f15d-4205-bd2a-5edb3f41f205%26uid%3DRX-6d7d368c-feeb-4b59-b1dc-1945c652496a-005%26us_privacy%3D1YNN HTTP 302
  • https://usersync.getpublica.com/usermatch?provider=unruly&did=e219d0ab-f15d-4205-bd2a-5edb3f41f205&uid=RX-6d7d368c-feeb-4b59-b1dc-1945c652496a-005&us_privacy=1YNN
Request Chain 251
  • https://ups.analytics.yahoo.com/ups/58549/occ?uid=e219d0ab-f15d-4205-bd2a-5edb3f41f205&gdpr=&gdpr_consent=&gdpr=&us_privacy=1YNN&consent= HTTP 302
  • https://usersync.getpublica.com/usermatch?provider=yahoo&did=e219d0ab-f15d-4205-bd2a-5edb3f41f205&YahooID=y-Vzh18XVE2uHxVaYQi_nSPiW8Pz7vaIwBta_y5fM-~A
Request Chain 252
  • https://ib.adnxs.com/getuid?https://usersync.getpublica.com/usermatch?provider=appnexus&did=e219d0ab-f15d-4205-bd2a-5edb3f41f205&appnexusID=$UID&gdpr=&us_privacy=1YNN&consent= HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fusersync.getpublica.com%2Fusermatch%3Fprovider%3Dappnexus%26did%3De219d0ab-f15d-4205-bd2a-5edb3f41f205%26appnexusID%3D%24UID%26gdpr%3D%26us_privacy%3D1YNN%26consent%3D HTTP 302
  • https://usersync.getpublica.com/usermatch?provider=appnexus&did=e219d0ab-f15d-4205-bd2a-5edb3f41f205&appnexusID=3056755399233263756&gdpr=&us_privacy=1YNN&consent=
Request Chain 254
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=3658&xuid=b3c3d956-bdf4-48cc-a145-56097a595da9&dongle=0cfd&gdpr=0&gdpr_consent=
Request Chain 255
  • https://eb2.3lift.com/ebda?sync=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MTk2MDk3NzAwNzQ0NTk1MTAyMTY2OA%3D%3D HTTP 302
  • https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
Request Chain 256
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEOAAL1IguK21lsfUwGZNfAA&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
Request Chain 257
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MTk2MDk3NzAwNzQ0NTk1MTAyMTY2OA%3D%3D
Request Chain 259
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/1960977007445951021668?gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-hjr4rBNE2oTNp.XVdiq_eChOrXeZPLUgD8HKS5kigQ--~A&dongle=0883
Request Chain 262
  • https://ib.adnxs.com/getuid?https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3335%26xuid%3D%24UID%26dongle%3D4d58%26gdpr=0%26gdpr_consent= HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Feb2.3lift.com%252Fxuid%253Fmid%253D3335%2526xuid%253D%2524UID%2526dongle%253D4d58%2526gdpr%3D0%2526gdpr_consent%3D HTTP 302
  • https://eb2.3lift.com/xuid?mid=3335&xuid=3056755399233263756&dongle=4d58&gdpr=0&gdpr_consent=
Request Chain 267
  • https://dai.google.com/linear/pods/v1/p/Sid4xiTQTkCT1SLu6rjUSQ/256b38fd-8ed9-4188-8f15-081c15139a16:CBF2/289997/0/3/a2490d3c744cd6c7e5676ecfc6956ee9/2.ts HTTP 302
  • https://r3---sn-vgqsrn66.googlevideo.com/videoplayback?expire=1701222777&ei=-UdlZev7M9ejir4Pq52RmAQ&ip=0.0.0.0&gomv=google_1053790928596539081%2Cgoogle_3084581355319042694%2Cgoogle_8009495976067089511%2Cgoogle_9081477706638390454%2Cgoogle_4352406798680671331&goc=13&requiressl=yes&ogomt=-5100,-4100,-3100,-2100,-1100,-100&mime=video/MP2T&sgovp=gir%3Dyes%3Bitag%3D340%3Bxtags%3Dvc%3Davc%3Avccf%3Dmain%3Avfr%3D29.97%3Avsz%3D320x180%3Avtbr%3D160%3Bclen%3D614378%3Bdur%3D30030%3Blmt%3D1695731641307828&itag=340&nc=8264&ogoms=dRxwMlk6P2yVgO_OSlZjwg&faskm=468&fvskm=150&acao=yes&ogomk=hk1&gomt=100%2C7507%2C14765%2C22522%2C29030&sgoap=gir%3Dyes%3Bitag%3D340%3Bxtags%3Dac%3Daac%3Aaccf%3Dlc%3Aach%3D2%3Aasr%3D48000%3Aatbr%3D128%3Bclen%3D488599%3Bdur%3D30080%3Blmt%3D1695731620829872&ctier=L&source=dclk_video_ads&id=cfc512097d242da6&susc=dvc&xpc=Eghovf3BOnoBAQ==&sparams=expire,ei,ip,gomv,goc,requiressl,ogomt,mime,sgovp,itag,ogoms,faskm,fvskm,acao,ogomk,gomt,sgoap,ctier,source,id,susc,xpc&sig=ANLwegAwRQIhAJEk5Uyu8NEdEHhRw0gtGhRr_SqvdYIlkSmQlMoHqBrbAiBrq4RVrOyvacRS52IdWWOhbbSsVXUut72Fgb7CZg1XCw==&mh=N2&mip=2600:803:a88:1134::134&mm=34&mn=sn-vgqsrn66&ms=ltu&mt=1701135529&mv=u&mvi=3&pl=58&rmhost=r4---sn-vgqsrn66.googlevideo.com&shardbypass=md-default&smhost=r5---sn-vgqsrn67.googlevideo.com&lsparams=mh,mip,mm,mn,ms,mv,mvi,pl,rmhost,shardbypass,smhost&lsig=AM8Gb2swRgIhAPTrj7pKu19a4FWaKsZc1RW1J3p1xJy-EuDRjbS4H4V5AiEAg2NaSSR5Jf4nfDtmK0lvX1nCWXYbfPn9XEObj1WoSeU%3D&fvidshow=150&fvidskip=0&govp=slices%3D0-738%2C205358-307199&faudshow=235&faudskip=1&goap=slices%3D0-631%2C162803-324818&ogomm=16000&cpn=JWs4_Y7ZQYiPFQgc
Request Chain 271
  • https://ads.yieldmo.com/pbsync?gdpr=&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fpbs.at.cbsi.com%2Fsetuid%3Fbidder%3Dyieldmo%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Di%26uid%3D%24UID HTTP 302
  • https://pbs.at.cbsi.com/setuid?bidder=yieldmo&gpp=&gpp_sid=&f=i&uid=3FAkaVUEEkUN3KjKU0UN&gdpr=&gdpr_consent=&us_privacy=
Request Chain 276
  • https://dai.google.com/linear/pods/v1/p/Sid4xiTQTkCT1SLu6rjUSQ/256b38fd-8ed9-4188-8f15-081c15139a16:CBF2/289997/0/3/a2490d3c744cd6c7e5676ecfc6956ee9/3.ts HTTP 302
  • https://r3---sn-vgqsrn66.googlevideo.com/videoplayback?expire=1701222777&ei=-UdlZev7M9ejir4Pq52RmAQ&ip=0.0.0.0&gomv=google_1053790928596539081%2Cgoogle_3084581355319042694%2Cgoogle_8009495976067089511%2Cgoogle_9081477706638390454%2Cgoogle_4352406798680671331&goc=13&requiressl=yes&ogomt=-5100,-4100,-3100,-2100,-1100,-100&mime=video/MP2T&sgovp=gir%3Dyes%3Bitag%3D340%3Bxtags%3Dvc%3Davc%3Avccf%3Dmain%3Avfr%3D29.97%3Avsz%3D320x180%3Avtbr%3D160%3Bclen%3D614378%3Bdur%3D30030%3Blmt%3D1695731641307828&itag=340&nc=8264&ogoms=dRxwMlk6P2yVgO_OSlZjwg&faskm=468&fvskm=150&acao=yes&ogomk=hk1&gomt=100%2C7507%2C14765%2C22522%2C29030&sgoap=gir%3Dyes%3Bitag%3D340%3Bxtags%3Dac%3Daac%3Aaccf%3Dlc%3Aach%3D2%3Aasr%3D48000%3Aatbr%3D128%3Bclen%3D488599%3Bdur%3D30080%3Blmt%3D1695731620829872&ctier=L&source=dclk_video_ads&id=cfc512097d242da6&susc=dvc&xpc=Eghovf3BOnoBAQ==&sparams=expire,ei,ip,gomv,goc,requiressl,ogomt,mime,sgovp,itag,ogoms,faskm,fvskm,acao,ogomk,gomt,sgoap,ctier,source,id,susc,xpc&sig=ANLwegAwRQIhAJEk5Uyu8NEdEHhRw0gtGhRr_SqvdYIlkSmQlMoHqBrbAiBrq4RVrOyvacRS52IdWWOhbbSsVXUut72Fgb7CZg1XCw==&mh=N2&mip=2600:803:a88:1134::134&mm=34&mn=sn-vgqsrn66&ms=ltu&mt=1701135529&mv=u&mvi=3&pl=58&rmhost=r4---sn-vgqsrn66.googlevideo.com&shardbypass=md-default&smhost=r5---sn-vgqsrn67.googlevideo.com&lsparams=mh,mip,mm,mn,ms,mv,mvi,pl,rmhost,shardbypass,smhost&lsig=AM8Gb2swRgIhAPTrj7pKu19a4FWaKsZc1RW1J3p1xJy-EuDRjbS4H4V5AiEAg2NaSSR5Jf4nfDtmK0lvX1nCWXYbfPn9XEObj1WoSeU%3D&fvidshow=150&fvidskip=0&govp=slices%3D0-738%2C307200-409663&faudshow=234&faudskip=236&goap=slices%3D0-631%2C162803-486666&ogomm=21000&cpn=JWs4_Y7ZQYiPFQgc
Request Chain 321
  • https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&redirect=https%3A%2F%2Fpbs.at.cbsi.com%2Fsetuid%3Fbidder%3Dmedianet%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Di%26uid%3D%3Cvsid%3E HTTP 302
  • https://pbs.at.cbsi.com/setuid?bidder=medianet&gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&f=i&uid=3441379825658219000V10
Request Chain 340
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 358
  • https://bh.contextweb.com/rtset?pid=561205&ev=1&rurl=https%3A%2F%2Fpbs.at.cbsi.com%2Fsetuid%3Fbidder%3Dpulsepoint%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Di%26uid%3D%25%25VGUID%25%25 HTTP 302
  • https://pbs.at.cbsi.com/setuid?bidder=pulsepoint&gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&f=i&uid=mG0tKx3rnDkV&ev=1&pid=561205
Request Chain 370
  • https://u.openx.net/w/1.0/cm?id=891039ac-a916-42bb-a651-4be9e3b201da&ph=a3aece0c-9e80-4316-8deb-faf804779bd1&gdpr=&gdpr_consent=&r=https%3A%2F%2Fpbs.at.cbsi.com%2Fsetuid%3Fbidder%3Dopenx%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D HTTP 302
  • https://u.openx.net/w/1.0/cm?cc=1&id=891039ac-a916-42bb-a651-4be9e3b201da&ph=a3aece0c-9e80-4316-8deb-faf804779bd1&gdpr=&gdpr_consent=&r=https%3A%2F%2Fpbs.at.cbsi.com%2Fsetuid%3Fbidder%3Dopenx%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D
Request Chain 372
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=20986&endpoint=us-east HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=20986&endpoint=us-east
Request Chain 376
  • https://x.bidswitch.net/sync?ssp=revcontent&rev_dt=1701136382928 HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=revcontent&rev_dt=1701136382928 HTTP 302
  • https://r.bidswitch.net/sync?bidswitch_ssp_id=revcontent&bsw_custom_parameter=23bd3352-e7fa-4d20-94b7-7e3199ca7991 HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3205&partner_device_id=23bd3352-e7fa-4d20-94b7-7e3199ca7991&partner_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D393%26user_id%3D0%26ssp%3Drevcontent%26bsw_param%3D23bd3352-e7fa-4d20-94b7-7e3199ca7991 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=729b67a9-636b-43b1-a134-cfcfdcf9e9d7%252Chttps%25253A%25252F%25252Fx.bidswitch.net%25252Fsync%25253Fdsp_id%25253D393%252526user_id%25253D0%252526ssp%25253Drevcontent%252526bsw_param%25253D23bd3352-e7fa-4d20-94b7-7e3199ca7991%252C&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=b3c3d956-bdf4-48cc-a145-56097a595da9&ttd_puid=729b67a9-636b-43b1-a134-cfcfdcf9e9d7%2Chttps%253A%252F%252Fx.bidswitch.net%252Fsync%253Fdsp_id%253D393%2526user_id%253D0%2526ssp%253Drevcontent%2526bsw_param%253D23bd3352-e7fa-4d20-94b7-7e3199ca7991%2C HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=393&user_id=0&ssp=revcontent&bsw_param=23bd3352-e7fa-4d20-94b7-7e3199ca7991 HTTP 302
  • https://trends.revcontent.com/cm/pixel_sync?bidder=118&bidder_uid=23bd3352-e7fa-4d20-94b7-7e3199ca7991&callback=dspCMCallback
Request Chain 377
  • https://rtb.mfadsrvr.com/sync?ssp=revcontent&ssp_user_id=e97628e26d3c434fad95a367613dfeec&rev_dt=1701136382929 HTTP 302
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=revcontent&ssp_user_id=e97628e26d3c434fad95a367613dfeec&rev_dt=1701136382929 HTTP 302
  • https://trends.revcontent.com/cm/pixel_sync?exchange_uid=e97628e26d3c434fad95a367613dfeec&bidder=154&bidder_uid=2221df48-ba2a-4d32-9085-697f6bcb030f&callback=dspCMCallback
Request Chain 378
  • https://b1sync.zemanta.com/usersync/revcontent/?puid=e97628e26d3c434fad95a367613dfeec&cb=https%3A%2F%2Ftrends.revcontent.com%2Fcm%2Fpixel_sync%3Fexchange_uid%3De97628e26d3c434fad95a367613dfeec_2%26bidder%3D3%26bidder_uid%3D__ZUID__%26callback%3DdspCMCallback&rev_dt=1701136382929 HTTP 302
  • https://b1sync.zemanta.com/usersync/revcontent/?cb=https%3A%2F%2Ftrends.revcontent.com%2Fcm%2Fpixel_sync%3Fexchange_uid%3De97628e26d3c434fad95a367613dfeec_2%26bidder%3D3%26bidder_uid%3D__ZUID__%26callback%3DdspCMCallback&puid=e97628e26d3c434fad95a367613dfeec&rev_dt=1701136382929&s=2 HTTP 302
  • https://trends.revcontent.com/cm/pixel_sync?exchange_uid=e97628e26d3c434fad95a367613dfeec_2&bidder=3&bidder_uid=W4l2hieW1Pe-3sxK-lnb&callback=dspCMCallback
Request Chain 379
  • https://sb.scorecardresearch.com/p?c1=19&c2=3005086&ns_ap_an=CBSNewsBrowser&ns_ap_pn=js&ns_ap_pv=5&c12=_&name=foreground&ns_ap_ec=1&ns_ap_ev=start&ns_ap_device=Win32&ns_ap_id=1701136382950&ns_ap_csf=1&ns_ap_bi=unknown&ns_ap_pfm=webbrowser&ns_ap_pfv=Chrome%20119.0.6045.159&ns_ap_ver=*null&ns_ap_sv=7.5.0.200713&ns_ap_bv=7.5.0.200713&ns_ap_smv=6.4&ns_type=view&ns_ap_gs=1701136377936&ns_ts=1701136377936&ns_ap_cfg=1110101-110-3C-7D0-A-1F-1E-1E-12C-A&ns_ap_env=0-0-2&ns_ap_ut=60000&ns_ap_ar=unknown&ns_ap_cs=1&ns_ap_fg=1&ns_ap_dft=0&ns_ap_dbt=0&ns_ap_dit=0&ns_ap_as=1&ns_ap_das=0&ns_ap_usage=0&ns_radio=unknown&cs_ucfr=&ns_ap_install=1701136377936&ns_ap_ft=0&ns_ap_bt=0&ns_ap_it=0&ns_ap_res=300x169&ns_ap_sd=1600x1200&ns_ap_po=0x0&ns_ap_lang=en-US&ns_ap_jb=unknown&ns_c=UTF-8&c7=https%3A%2F%2Fwww.cbsnews.com%2Fembed%2Fvideo%2F%3Fv%3D5659e73acd91751548aa89950cf015b01701135726%26usprivacy%3Dnull%23tVhrU%252BM6Ev0rlKsmH7Yw8fvBVGo2JGGWvVzIJTC1VYRyyZbsaPBrJTshMPnv25LtxIGZuvvh3nkgudVqqVut00e8KaiuijJFW%252BW8YjU5VSifFGmKSk7DlCjnMUo5SDFZ0wg%252BocOfYYJyqqwpJoVy%252FqbQimRcOX98U6ptKXRSuiagQDH0LdMydCdy1NjWXNVyIqKGOo5U5DhGjC1d800DdLPy5Y7EV2KGn20W1et%252Fq%252F%252F8tqVhQJLXxcN8vrKmKb5Bs%252B%252F%252FFtoFownNZ5hWtMhhSs1ByNM6gX4U8pxshKCilfBAmVwsTm5AdHLd7AuTZ5BCJ67T9FdKEcqLnEYovf%252BFQkUzwiuUlcq5bumO73qa%252FAP2a4aajan64esahSQFO%252B30tPnMYQsQqQwlhItYchGBVVWV%252FHw5XA4R56TixlnrFKxX0egsKrLlcFWHyyFdDtlyaGiGuRzq%252BnKoOcuhpbuu7hJNJY5HVAtFSPWRRVTTtkzX8TQnjuLlsFrVWZgjmi6HjqW9mI62HMZGjOzIRp5hWFZsW9gJiWmHBiFmqJMQLYfPZItYpbbbUXnFCMpU3Te0F13ztLPvZfJlPbId2yeuiSLs666t25aHkOf7thbFmm6HGri%252F%252Bpmf%252Bt%252Frp2542otrgKO%252BFfvYDH3TisMIebEbEssMPTcyQ830hMZf5OjuVCkZXB2yeWDpkcfCslpz6XFjvXO%252Bcbuoq%252BVwDa7acB6O5REv1k2LeAayXC32TGw7BiYkgkPJEK8IC3T9LDNr73Aze6thRM%252BSokhS0lhPaU4QRHSV8uWQrEkOiy0otl7o%252FR%252F3z5N7fXFdO%252Bz7w%252BKPzvyRbePvdaVbKy5YhipYC5VlCndRXKPl8EXNSpI83F2DRv0uqpvN5nhtAUXLoQAjfpWVhbC%252BxzSAMRpJABPJqCFk2WboqrbtmaoVOqHqWThUHQIHaht65GveEcqoMjNarFtRwhCLVgCjj2LwpMWgrnsi9Z4gHRCDaN%252BLpW9Q1geWvpWLbTP42B%252B9bk2gNG1XUQ%252Br9HbzBFlHSsoLDBYAgThBXMKkLvZPkgw20AzUJWQn5%252FuIgOVxFIHkIi2i5z068QdO2KIOecRoSPBenZdFzgvW6a3Iy3hKYlSn4sy0U%252FirSOnFQWr6p5Z9avswgLCIfbwRPyE%252Fgw2tVoH4%252FOvz9gsAbLwJIk7x6O3Q331u%252BuukFgOy2Q0aGX8dvYmyCBeL01fSiWGDAeVBiiowJNvdoOZByegaRVuY0nT66j8dBsdUVFbFyISS0VMG3Ak2BcO826dM0t3gLc7ADGIo47vPooatmVCHeDwfBcyNNdc9W5%252FFm4xlZzmB%252BCC8HCaAfl8%252BuD9APN%252BMbEMzdX0QITEqfu4GcYqS0SfjAmVRCA3JIgYNrhiGhqdVKRs5BrRANHGI5Ng2j6DJazkBkYoOMlKxkQ7IPTisVbIibvufzPFXecDT8dVkMb4Kbopv8%252FHVdFCuWT56vBvfTG9%252FfxpAmpajdYZKXawJJ2sNeG%252Fz67Kn%252FFlEhgMrgYAlZPQG6BEIr4Q4pwRSNw8a2WiuTbSJ6Y6nqqFNLNWaXbrq%252BNKw1YvZxeRCd6aXnj0bHOfHh8xYAayM5BGAM5%252BMS%252Fj3DocGpWBGME00zUZ6B90ecUOxRm9NuxvAGpVAwNGGhIOf5d0vkyuha4jG19vbr9ez4OpmcX83G%252F8efLuazm6Dm9ubyezpQz41XQmG%252B%252FyAxOpni3Kq9K6LGGwCspfzVyHsh2Y%252FdNi%252BNNo4IPB7v305tXXgaNovVborJFAFLtHRpH10Dz40UZYVuQ1sj83uQFwxFD3TPBFBgDPjUcGI7EO1gwVszXMAaa0GsW%252FakxXg67Ss7v6bKkY6gpjzgFdBIiC%252BhWmQoDJAAopvlsPxXqdkrdG9JBJxWke6uZfw6t3CYstJQ8Cjos4rRgWDfIT6EKbgSErFDAHMO4Hgl9CZdTWhhe%252B45lBQ7%252BocF5v8CEViQjCX5Oe4mhpnUMVZM2E5%252FEIaAj4S21IfFgNIoionbCSJANy%252F5pDGgttJZv9zpBbsv36Zs6IkrNr%252BRsQ5G5ZLMLIdU3cx0Crf8nXDNJHpKDtwECAFSbIMR1aRZCv6IFsVuOEKJMcyPG2tjgmqakawGgkqDvXrtHuogFNQwkQ5PLwWRGUqKXSAswiuA4RjBRUngkcRiRoGsp8mInVsG7jGu1SifJYjeErhtgBDjGiUEhkQ4mmu5Rue6gGTVS3iO6pvYVONbBcigH0jjuzDlHkdTmENER5N91TNU3XrRHfPNe1cNw5q3YNlTz3UkxBImdiP%252FD49MSwoFJKRnDR8rRs6GZzAbQBhIbPpYLILV16B10HrtNI9C9vhw9OQ8ilZi31KZEk6hZiBgQAXQBngcCBB3r%252FgQPQvKhjaY6MrVZ%252BagUUT%252Fc5Mz0prXZQI4CPCK0BMpeV3Ms56CMQT%252Fquu7WFV14mh%252Blg3VA3iGBMPaZp8lFQ9VtZfpAb60y4iXoXi9UYzKi6k1W7hVj5IOz9ChnI8b1FGbqC9RU1VOsRp%252F8ico2olU64vfP9k%252BEBuFcnYJJfkH2NG4LgwYtv9%252BAfhFW7F4oxav6XVYH4QtCuey4Eu3NPu1wHHQf%252Fx48fBOaE7ZwC%252BbHvXVBMwRbsXXgMPMPgMJCFPJmlR41uWNMelTU3dMIB125eXtutrY8vXptb0n2NchBDrRETpHUIrLUQrLUb3AtVh9D8EGv4ZMMP1Rseg27e0a9w6Dk3r60Ria%252F%252F3DwSltM7EDkkurgPQHgE%252Bgv3QtKcrg7ETuIYpmhdcXoo24UgWSsQSR%252FT%252FJITErD9VbJ9Fu93%252FAA%253D%253D&ns_cut=c8%3Dcbs%2520news%2520-%2520breaking%2520news%252C%252024%252F7%2520live HTTP 302
  • https://sb.scorecardresearch.com/p2?c1=19&c2=3005086&ns_ap_an=CBSNewsBrowser&ns_ap_pn=js&ns_ap_pv=5&c12=_&name=foreground&ns_ap_ec=1&ns_ap_ev=start&ns_ap_device=Win32&ns_ap_id=1701136382950&ns_ap_csf=1&ns_ap_bi=unknown&ns_ap_pfm=webbrowser&ns_ap_pfv=Chrome%20119.0.6045.159&ns_ap_ver=*null&ns_ap_sv=7.5.0.200713&ns_ap_bv=7.5.0.200713&ns_ap_smv=6.4&ns_type=view&ns_ap_gs=1701136377936&ns_ts=1701136377936&ns_ap_cfg=1110101-110-3C-7D0-A-1F-1E-1E-12C-A&ns_ap_env=0-0-2&ns_ap_ut=60000&ns_ap_ar=unknown&ns_ap_cs=1&ns_ap_fg=1&ns_ap_dft=0&ns_ap_dbt=0&ns_ap_dit=0&ns_ap_as=1&ns_ap_das=0&ns_ap_usage=0&ns_radio=unknown&cs_ucfr=&ns_ap_install=1701136377936&ns_ap_ft=0&ns_ap_bt=0&ns_ap_it=0&ns_ap_res=300x169&ns_ap_sd=1600x1200&ns_ap_po=0x0&ns_ap_lang=en-US&ns_ap_jb=unknown&ns_c=UTF-8&c7=https%3A%2F%2Fwww.cbsnews.com%2Fembed%2Fvideo%2F%3Fv%3D5659e73acd91751548aa89950cf015b01701135726%26usprivacy%3Dnull%23tVhrU%252BM6Ev0rlKsmH7Yw8fvBVGo2JGGWvVzIJTC1VYRyyZbsaPBrJTshMPnv25LtxIGZuvvh3nkgudVqqVut00e8KaiuijJFW%252BW8YjU5VSifFGmKSk7DlCjnMUo5SDFZ0wg%252BocOfYYJyqqwpJoVy%252FqbQimRcOX98U6ptKXRSuiagQDH0LdMydCdy1NjWXNVyIqKGOo5U5DhGjC1d800DdLPy5Y7EV2KGn20W1et%252Fq%252F%252F8tqVhQJLXxcN8vrKmKb5Bs%252B%252F%252FFtoFownNZ5hWtMhhSs1ByNM6gX4U8pxshKCilfBAmVwsTm5AdHLd7AuTZ5BCJ67T9FdKEcqLnEYovf%252BFQkUzwiuUlcq5bumO73qa%252FAP2a4aajan64esahSQFO%252B30tPnMYQsQqQwlhItYchGBVVWV%252FHw5XA4R56TixlnrFKxX0egsKrLlcFWHyyFdDtlyaGiGuRzq%252BnKoOcuhpbuu7hJNJY5HVAtFSPWRRVTTtkzX8TQnjuLlsFrVWZgjmi6HjqW9mI62HMZGjOzIRp5hWFZsW9gJiWmHBiFmqJMQLYfPZItYpbbbUXnFCMpU3Te0F13ztLPvZfJlPbId2yeuiSLs666t25aHkOf7thbFmm6HGri%252F%252Bpmf%252Bt%252Frp2542otrgKO%252BFfvYDH3TisMIebEbEssMPTcyQ830hMZf5OjuVCkZXB2yeWDpkcfCslpz6XFjvXO%252Bcbuoq%252BVwDa7acB6O5REv1k2LeAayXC32TGw7BiYkgkPJEK8IC3T9LDNr73Aze6thRM%252BSokhS0lhPaU4QRHSV8uWQrEkOiy0otl7o%252FR%252F3z5N7fXFdO%252Bz7w%252BKPzvyRbePvdaVbKy5YhipYC5VlCndRXKPl8EXNSpI83F2DRv0uqpvN5nhtAUXLoQAjfpWVhbC%252BxzSAMRpJABPJqCFk2WboqrbtmaoVOqHqWThUHQIHaht65GveEcqoMjNarFtRwhCLVgCjj2LwpMWgrnsi9Z4gHRCDaN%252BLpW9Q1geWvpWLbTP42B%252B9bk2gNG1XUQ%252Br9HbzBFlHSsoLDBYAgThBXMKkLvZPkgw20AzUJWQn5%252FuIgOVxFIHkIi2i5z068QdO2KIOecRoSPBenZdFzgvW6a3Iy3hKYlSn4sy0U%252FirSOnFQWr6p5Z9avswgLCIfbwRPyE%252Fgw2tVoH4%252FOvz9gsAbLwJIk7x6O3Q331u%252BuukFgOy2Q0aGX8dvYmyCBeL01fSiWGDAeVBiiowJNvdoOZByegaRVuY0nT66j8dBsdUVFbFyISS0VMG3Ak2BcO826dM0t3gLc7ADGIo47vPooatmVCHeDwfBcyNNdc9W5%252FFm4xlZzmB%252BCC8HCaAfl8%252BuD9APN%252BMbEMzdX0QITEqfu4GcYqS0SfjAmVRCA3JIgYNrhiGhqdVKRs5BrRANHGI5Ng2j6DJazkBkYoOMlKxkQ7IPTisVbIibvufzPFXecDT8dVkMb4Kbopv8%252FHVdFCuWT56vBvfTG9%252FfxpAmpajdYZKXawJJ2sNeG%252Fz67Kn%252FFlEhgMrgYAlZPQG6BEIr4Q4pwRSNw8a2WiuTbSJ6Y6nqqFNLNWaXbrq%252BNKw1YvZxeRCd6aXnj0bHOfHh8xYAayM5BGAM5%252BMS%252Fj3DocGpWBGME00zUZ6B90ecUOxRm9NuxvAGpVAwNGGhIOf5d0vkyuha4jG19vbr9ez4OpmcX83G%252F8efLuazm6Dm9ubyezpQz41XQmG%252B%252FyAxOpni3Kq9K6LGGwCspfzVyHsh2Y%252FdNi%252BNNo4IPB7v305tXXgaNovVborJFAFLtHRpH10Dz40UZYVuQ1sj83uQFwxFD3TPBFBgDPjUcGI7EO1gwVszXMAaa0GsW%252FakxXg67Ss7v6bKkY6gpjzgFdBIiC%252BhWmQoDJAAopvlsPxXqdkrdG9JBJxWke6uZfw6t3CYstJQ8Cjos4rRgWDfIT6EKbgSErFDAHMO4Hgl9CZdTWhhe%252B45lBQ7%252BocF5v8CEViQjCX5Oe4mhpnUMVZM2E5%252FEIaAj4S21IfFgNIoionbCSJANy%252F5pDGgttJZv9zpBbsv36Zs6IkrNr%252BRsQ5G5ZLMLIdU3cx0Crf8nXDNJHpKDtwECAFSbIMR1aRZCv6IFsVuOEKJMcyPG2tjgmqakawGgkqDvXrtHuogFNQwkQ5PLwWRGUqKXSAswiuA4RjBRUngkcRiRoGsp8mInVsG7jGu1SifJYjeErhtgBDjGiUEhkQ4mmu5Rue6gGTVS3iO6pvYVONbBcigH0jjuzDlHkdTmENER5N91TNU3XrRHfPNe1cNw5q3YNlTz3UkxBImdiP%252FD49MSwoFJKRnDR8rRs6GZzAbQBhIbPpYLILV16B10HrtNI9C9vhw9OQ8ilZi31KZEk6hZiBgQAXQBngcCBB3r%252FgQPQvKhjaY6MrVZ%252BagUUT%252Fc5Mz0prXZQI4CPCK0BMpeV3Ms56CMQT%252Fquu7WFV14mh%252Blg3VA3iGBMPaZp8lFQ9VtZfpAb60y4iXoXi9UYzKi6k1W7hVj5IOz9ChnI8b1FGbqC9RU1VOsRp%252F8ico2olU64vfP9k%252BEBuFcnYJJfkH2NG4LgwYtv9%252BAfhFW7F4oxav6XVYH4QtCuey4Eu3NPu1wHHQf%252Fx48fBOaE7ZwC%252BbHvXVBMwRbsXXgMPMPgMJCFPJmlR41uWNMelTU3dMIB125eXtutrY8vXptb0n2NchBDrRETpHUIrLUQrLUb3AtVh9D8EGv4ZMMP1Rseg27e0a9w6Dk3r60Ria%252F%252F3DwSltM7EDkkurgPQHgE%252Bgv3QtKcrg7ETuIYpmhdcXoo24UgWSsQSR%252FT%252FJITErD9VbJ9Fu93%252FAA%253D%253D&ns_cut=c8%3Dcbs%2520news%2520-%2520breaking%2520news%252C%252024%252F7%2520live
Request Chain 380
  • https://sb.scorecardresearch.com/p?c1=19&c2=3005086&ns_ap_an=CBSNewsBrowser&ns_ap_pn=js&ns_ap_pv=5&c12=_&name=foreground&ns_ap_ec=2&ns_ap_ev=hidden&ns_ap_device=Win32&ns_ap_id=1701136382950&ns_ap_bi=unknown&ns_ap_pfm=webbrowser&ns_ap_pfv=Chrome%20119.0.6045.159&ns_ap_ver=*null&ns_ap_sv=7.5.0.200713&ns_ap_bv=7.5.0.200713&ns_ap_smv=6.4&ns_type=hidden&ns_ts=1701136379323&ns_ap_env=0-0-2&ns_st_sv=7.5.0.200713&ns_st_smv=6.4&ns_st_it=c&ns_st_id=1701136377939&ns_st_ec=1&ns_st_cn=1&ns_st_ev=play&ns_st_sp=1&ns_st_sc=1&ns_st_ppc=1&ns_st_apc=1&ns_st_spc=1&ns_st_dppc=1&ns_st_dapc=1&ns_st_dspc=1&ns_st_psq=1&ns_st_asq=1&ns_st_sq=1&ns_st_po=0&ns_st_lda=0&ns_st_ldw=0&ns_st_ldo=0&ns_st_hd=10001&ns_st_mp=%40cbsinteractive%2Favia-js&ns_st_mv=2.17.0&ns_st_cl=0&ns_st_pn=1&ns_st_tp=0&ns_st_ct=vc13&ns_st_li=1&ns_st_ty=video&ns_st_ci=9mwStzqtXKyib_egzSUPPh4DldNaEjJ2&ns_ap_ar=unknown&ns_ap_cs=1&ns_radio=unknown&ns_st_pt=0&ns_st_ipt=0&ns_st_iap=0&ns_st_iet=0&ns_st_iupc=0&ns_st_iupa=0&ns_st_ilpc=0&ns_st_ilpa=0&ns_st_ibc=0&ns_st_ibt=0&ns_st_itpc=0&ns_st_icpc=0&ns_st_cfg=111110001-5-4b0-3-5&c3=CBSNewsBrowser&c4=CBSNews.com&c6=LiveTV-CBSN%20Live&ns_st_ce=1&ns_st_ia=1&ns_st_pu=cbsnews&ns_st_st=CBSNews.com&ns_st_pr=*null&ns_st_sn=*null&ns_st_en=*null&ns_st_ep=*null&ns_st_ge=news&ns_st_dskc=0&ns_st_dska=0&ns_st_skd=0&ns_st_dskt=0&ns_st_dpc=0&cs_ucfr=&ns_ap_res=300x169&ns_ap_sd=1600x1200&ns_ap_po=0x0&ns_ap_lang=en-US&ns_c=UTF-8&ns_st_lt=1384&ns_st_br=0&ns_st_rt=100&ns_st_vo=100&ns_st_pb=1&ns_st_dpt=0&ns_st_ap=0&ns_st_dap=0&ns_st_et=0&ns_st_det=0&ns_st_upc=0&ns_st_dupc=0&ns_st_upa=0&ns_st_dupa=0&ns_st_lpc=0&ns_st_dlpc=0&ns_st_lpa=0&ns_st_dlpa=0&ns_st_bc=0&ns_st_dbc=0&ns_st_bt=0&ns_st_dbt=0&ns_st_bp=0&ns_st_dtpc=0&ns_st_dcpc=0&ns_st_skc=0&ns_st_ska=0&ns_st_skt=0&ns_st_pc=0&ns_st_pp=0&ns_st_pa=0&ns_cut=c7%3Dhttps%253A%252F%252Fwww.cbsnews.com%252Fembed%252Fvideo%252F%253Fv%253D5659e73acd91751548aa89950cf015b01701135726%2526usprivacy%253Dnull%2523tVhrU%25252BM6Ev0rlKsmH7Yw8fvBVGo2JGGWvVzIJTC1VYRyyZbsaPBrJTshMPnv25LtxIGZuvvh3nkgudVqqVut00e8KaiuijJFW%25252BW8YjU5VSifFGmKSk7DlCjnMUo5SDFZ0wg%25252BocOfYYJyqqwpJoVy%25252FqbQimRcOX98U6ptKXRSuiagQDH0LdMydCdy1NjWXNVyIqKGOo5U5DhGjC1d800DdLPy5Y7EV2KGn20W1et%25252Fq%25252F%25252F8tqVhQJLXxcN8vrKmKb5Bs%25252B%25252F%25252FFtoFownNZ5hWtMhhSs1ByNM6gX4U8pxshKCilfBAmVwsTm5AdHLd7AuTZ5BCJ67T9FdKEcqLnEYovf%25252BFQkUzwiuUlcq5bumO73qa%25252FAP2a4aajan64esahSQFO%25252B30tPnMYQsQqQwlhItYchGBVVWV%25252FHw5XA4R56TixlnrFKxX0egsKrLlcFWHyyFdDtlyaGiGuRzq%25252BnKoOcuhpbuu7hJNJY5HVAtFSPWRRVTTtkzX8TQnjuLlsFrVWZgjmi6HjqW9mI62HMZGjOzIRp5hWFZsW9gJiWmHBiFmqJMQLYfPZItYpbbbUXnFCMpU3Te0F13ztLPvZfJlPbId2yeuiSLs666t25aHkOf7thbFmm6HGri%25252F%25252Bpmf%25252Bt%25252Frp2542otrgKO%25252BFfvYDH3TisMIebEbEssMPTcyQ830hMZf5OjuVCkZXB2yeWDpkcfCslpz6XFjvXO%25252Bcbuoq%25252BVwDa7acB6O5REv1k2LeAayXC32TGw7BiYkgkPJEK8IC3T9LDNr73Aze6thRM%25252BSokhS0lhPaU4QRHSV8uWQrEkOiy0otl7o%25252FR%25252F3z5N7fXFdO%25252Bz7w%25252BKPzvyRbePvdaVbKy5YhipYC5VlCndRXKPl8EXNSpI83F2DRv0uqpvN5nhtAUXLoQAjfpWVhbC%25252BxzSAMRpJABPJqCFk2WboqrbtmaoVOqHqWThUHQIHaht65GveEcqoMjNarFtRwhCLVgCjj2LwpMWgrnsi9Z4gHRCDaN%25252BLpW9Q1geWvpWLbTP42B%25252B9bk2gNG1XUQ%25252Br9HbzBFlHSsoLDBYAgThBXMKkLvZPkgw20AzUJWQn5%25252FuIgOVxFIHkIi2i5z068QdO2KIOecRoSPBenZdFzgvW6a3Iy3hKYlSn4sy0U%25252FirSOnFQWr6p5Z9avswgLCIfbwRPyE%25252Fgw2tVoH4%25252FOvz9gsAbLwJIk7x6O3Q331u%25252BuukFgOy2Q0aGX8dvYmyCBeL01fSiWGDAeVBiiowJNvdoOZByegaRVuY0nT66j8dBsdUVFbFyISS0VMG3Ak2BcO826dM0t3gLc7ADGIo47vPooatmVCHeDwfBcyNNdc9W5%25252FFm4xlZzmB%25252BCC8HCaAfl8%25252BuD9APN%25252BMbEMzdX0QITEqfu4GcYqS0SfjAmVRCA3JIgYNrhiGhqdVKRs5BrRANHGI5Ng2j6DJazkBkYoOMlKxkQ7IPTisVbIibvufzPFXecDT8dVkMb4Kbopv8%25252FHVdFCuWT56vBvfTG9%25252FfxpAmpajdYZKXawJJ2sNeG%25252Fz67Kn%25252FFlEhgMrgYAlZPQG6BEIr4Q4pwRSNw8a2WiuTbSJ6Y6nqqFNLNWaXbrq%25252BNKw1YvZxeRCd6aXnj0bHOfHh8xYAayM5BGAM5%25252BMS%25252Fj3DocGpWBGME00zUZ6B90ecUOxRm9NuxvAGpVAwNGGhIOf5d0vkyuha4jG19vbr9ez4OpmcX83G%25252F8efLuazm6Dm9ubyezpQz41XQmG%25252B%25252FyAxOpni3Kq9K6LGGwCspfzVyHsh2Y%25252FdNi%25252BNNo4IPB7v305tXXgaNovVborJFAFLtHRpH10Dz40UZYVuQ1sj83uQFwxFD3TPBFBgDPjUcGI7EO1gwVszXMAaa0GsW%25252F HTTP 302
  • https://sb.scorecardresearch.com/p2?c1=19&c2=3005086&ns_ap_an=CBSNewsBrowser&ns_ap_pn=js&ns_ap_pv=5&c12=_&name=foreground&ns_ap_ec=2&ns_ap_ev=hidden&ns_ap_device=Win32&ns_ap_id=1701136382950&ns_ap_bi=unknown&ns_ap_pfm=webbrowser&ns_ap_pfv=Chrome%20119.0.6045.159&ns_ap_ver=*null&ns_ap_sv=7.5.0.200713&ns_ap_bv=7.5.0.200713&ns_ap_smv=6.4&ns_type=hidden&ns_ts=1701136379323&ns_ap_env=0-0-2&ns_st_sv=7.5.0.200713&ns_st_smv=6.4&ns_st_it=c&ns_st_id=1701136377939&ns_st_ec=1&ns_st_cn=1&ns_st_ev=play&ns_st_sp=1&ns_st_sc=1&ns_st_ppc=1&ns_st_apc=1&ns_st_spc=1&ns_st_dppc=1&ns_st_dapc=1&ns_st_dspc=1&ns_st_psq=1&ns_st_asq=1&ns_st_sq=1&ns_st_po=0&ns_st_lda=0&ns_st_ldw=0&ns_st_ldo=0&ns_st_hd=10001&ns_st_mp=%40cbsinteractive%2Favia-js&ns_st_mv=2.17.0&ns_st_cl=0&ns_st_pn=1&ns_st_tp=0&ns_st_ct=vc13&ns_st_li=1&ns_st_ty=video&ns_st_ci=9mwStzqtXKyib_egzSUPPh4DldNaEjJ2&ns_ap_ar=unknown&ns_ap_cs=1&ns_radio=unknown&ns_st_pt=0&ns_st_ipt=0&ns_st_iap=0&ns_st_iet=0&ns_st_iupc=0&ns_st_iupa=0&ns_st_ilpc=0&ns_st_ilpa=0&ns_st_ibc=0&ns_st_ibt=0&ns_st_itpc=0&ns_st_icpc=0&ns_st_cfg=111110001-5-4b0-3-5&c3=CBSNewsBrowser&c4=CBSNews.com&c6=LiveTV-CBSN%20Live&ns_st_ce=1&ns_st_ia=1&ns_st_pu=cbsnews&ns_st_st=CBSNews.com&ns_st_pr=*null&ns_st_sn=*null&ns_st_en=*null&ns_st_ep=*null&ns_st_ge=news&ns_st_dskc=0&ns_st_dska=0&ns_st_skd=0&ns_st_dskt=0&ns_st_dpc=0&cs_ucfr=&ns_ap_res=300x169&ns_ap_sd=1600x1200&ns_ap_po=0x0&ns_ap_lang=en-US&ns_c=UTF-8&ns_st_lt=1384&ns_st_br=0&ns_st_rt=100&ns_st_vo=100&ns_st_pb=1&ns_st_dpt=0&ns_st_ap=0&ns_st_dap=0&ns_st_et=0&ns_st_det=0&ns_st_upc=0&ns_st_dupc=0&ns_st_upa=0&ns_st_dupa=0&ns_st_lpc=0&ns_st_dlpc=0&ns_st_lpa=0&ns_st_dlpa=0&ns_st_bc=0&ns_st_dbc=0&ns_st_bt=0&ns_st_dbt=0&ns_st_bp=0&ns_st_dtpc=0&ns_st_dcpc=0&ns_st_skc=0&ns_st_ska=0&ns_st_skt=0&ns_st_pc=0&ns_st_pp=0&ns_st_pa=0&ns_cut=c7%3Dhttps%253A%252F%252Fwww.cbsnews.com%252Fembed%252Fvideo%252F%253Fv%253D5659e73acd91751548aa89950cf015b01701135726%2526usprivacy%253Dnull%2523tVhrU%25252BM6Ev0rlKsmH7Yw8fvBVGo2JGGWvVzIJTC1VYRyyZbsaPBrJTshMPnv25LtxIGZuvvh3nkgudVqqVut00e8KaiuijJFW%25252BW8YjU5VSifFGmKSk7DlCjnMUo5SDFZ0wg%25252BocOfYYJyqqwpJoVy%25252FqbQimRcOX98U6ptKXRSuiagQDH0LdMydCdy1NjWXNVyIqKGOo5U5DhGjC1d800DdLPy5Y7EV2KGn20W1et%25252Fq%25252F%25252F8tqVhQJLXxcN8vrKmKb5Bs%25252B%25252F%25252FFtoFownNZ5hWtMhhSs1ByNM6gX4U8pxshKCilfBAmVwsTm5AdHLd7AuTZ5BCJ67T9FdKEcqLnEYovf%25252BFQkUzwiuUlcq5bumO73qa%25252FAP2a4aajan64esahSQFO%25252B30tPnMYQsQqQwlhItYchGBVVWV%25252FHw5XA4R56TixlnrFKxX0egsKrLlcFWHyyFdDtlyaGiGuRzq%25252BnKoOcuhpbuu7hJNJY5HVAtFSPWRRVTTtkzX8TQnjuLlsFrVWZgjmi6HjqW9mI62HMZGjOzIRp5hWFZsW9gJiWmHBiFmqJMQLYfPZItYpbbbUXnFCMpU3Te0F13ztLPvZfJlPbId2yeuiSLs666t25aHkOf7thbFmm6HGri%25252F%25252Bpmf%25252Bt%25252Frp2542otrgKO%25252BFfvYDH3TisMIebEbEssMPTcyQ830hMZf5OjuVCkZXB2yeWDpkcfCslpz6XFjvXO%25252Bcbuoq%25252BVwDa7acB6O5REv1k2LeAayXC32TGw7BiYkgkPJEK8IC3T9LDNr73Aze6thRM%25252BSokhS0lhPaU4QRHSV8uWQrEkOiy0otl7o%25252FR%25252F3z5N7fXFdO%25252Bz7w%25252BKPzvyRbePvdaVbKy5YhipYC5VlCndRXKPl8EXNSpI83F2DRv0uqpvN5nhtAUXLoQAjfpWVhbC%25252BxzSAMRpJABPJqCFk2WboqrbtmaoVOqHqWThUHQIHaht65GveEcqoMjNarFtRwhCLVgCjj2LwpMWgrnsi9Z4gHRCDaN%25252BLpW9Q1geWvpWLbTP42B%25252B9bk2gNG1XUQ%25252Br9HbzBFlHSsoLDBYAgThBXMKkLvZPkgw20AzUJWQn5%25252FuIgOVxFIHkIi2i5z068QdO2KIOecRoSPBenZdFzgvW6a3Iy3hKYlSn4sy0U%25252FirSOnFQWr6p5Z9avswgLCIfbwRPyE%25252Fgw2tVoH4%25252FOvz9gsAbLwJIk7x6O3Q331u%25252BuukFgOy2Q0aGX8dvYmyCBeL01fSiWGDAeVBiiowJNvdoOZByegaRVuY0nT66j8dBsdUVFbFyISS0VMG3Ak2BcO826dM0t3gLc7ADGIo47vPooatmVCHeDwfBcyNNdc9W5%25252FFm4xlZzmB%25252BCC8HCaAfl8%25252BuD9APN%25252BMbEMzdX0QITEqfu4GcYqS0SfjAmVRCA3JIgYNrhiGhqdVKRs5BrRANHGI5Ng2j6DJazkBkYoOMlKxkQ7IPTisVbIibvufzPFXecDT8dVkMb4Kbopv8%25252FHVdFCuWT56vBvfTG9%25252FfxpAmpajdYZKXawJJ2sNeG%25252Fz67Kn%25252FFlEhgMrgYAlZPQG6BEIr4Q4pwRSNw8a2WiuTbSJ6Y6nqqFNLNWaXbrq%25252BNKw1YvZxeRCd6aXnj0bHOfHh8xYAayM5BGAM5%25252BMS%25252Fj3DocGpWBGME00zUZ6B90ecUOxRm9NuxvAGpVAwNGGhIOf5d0vkyuha4jG19vbr9ez4OpmcX83G%25252F8efLuazm6Dm9ubyezpQz41XQmG%25252B%25252FyAxOpni3Kq9K6LGGwCspfzVyHsh2Y%25252FdNi%25252BNNo4IPB7v305tXXgaNovVborJFAFLtHRpH10Dz40UZYVuQ1sj83uQFwxFD3TPBFBgDPjUcGI7EO1gwVszXMAaa0GsW%25252F
Request Chain 381
  • https://s.amazon-adsystem.com/dcm?pid=3b882453-6770-4785-baf8-a598533c054a&id=C5B20BED-E183-402B-A22C-83D5EF22CB2C&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=3b882453-6770-4785-baf8-a598533c054a&id=C5B20BED-E183-402B-A22C-83D5EF22CB2C&redir=true&gdpr=0&gdpr_consent=&dcc=t
Request Chain 382
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=3056755399233263756&gdpr=0&gdpr_consent=
Request Chain 384
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=xbIL7eGDQCuiLIPV7yLLLA%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Request Chain 385
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3371&partner_device_id=C5B20BED-E183-402B-A22C-83D5EF22CB2C HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3371&partner_device_id=C5B20BED-E183-402B-A22C-83D5EF22CB2C HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=729b67a9-636b-43b1-a134-cfcfdcf9e9d7%252C%252C&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=b3c3d956-bdf4-48cc-a145-56097a595da9&ttd_puid=729b67a9-636b-43b1-a134-cfcfdcf9e9d7%2C%2C
Request Chain 388
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=QzVCMjBCRUQtRTE4My00MDJCLUEyMkMtODNENUVGMjJDQjJD&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 389
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEJliGf-ehooLfXpl0kxSe8Q&google_cver=1
Request Chain 390
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:3632AF9873274782B2743660ED8B6F3C
Request Chain 391
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=b3c3d956-bdf4-48cc-a145-56097a595da9&gdpr=0&gdpr_consent=
Request Chain 392
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=C5B20BED-E183-402B-A22C-83D5EF22CB2C&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-Sdgb2kxE2uWtR6MQurjheKV9rYSkE2o-~A&gdpr=0
Request Chain 394
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=C5B20BED-E183-402B-A22C-83D5EF22CB2C&gdpr=0&gdpr_consent= HTTP 302
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=20cbfb7ac26f239f&is_secure=true&networkId=17100&version=1&nuid=C5B20BED-E183-402B-A22C-83D5EF22CB2C&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAACL5QUjZaaMgNztonrAAAAAAA&expiration=1701222783&nuid=C5B20BED-E183-402B-A22C-83D5EF22CB2C&is_secure=true&gdpr_consent=&gdpr=0
Request Chain 395
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=cbfa431b-c3f4-455e-ae13-376871c80544&gdpr=0&gdpr_consent=
Request Chain 398
  • https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D&_test=ZWVH-wAC4Qn2aQBH HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537148856&val=ZWVH-wAC4Qn2aQBH&_test=ZWVH-wAC4Qn2aQBH
Request Chain 401
  • https://match.adsrvr.org/track/cmf/openx?oxid=c4254182-32e4-3432-4616-29153f40d7ff&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=b3c3d956-bdf4-48cc-a145-56097a595da9&ttd_puid=c4254182-32e4-3432-4616-29153f40d7ff&gdpr=0&gdpr_consent=
Request Chain 403
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEPs7HiI045iKqSzrs9N487M&google_cver=1
Request Chain 415
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-cbsi&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://pbs.at.cbsi.com/setuid?bidder=rubicon&uid=LPHOOFP5-1H-KTTM
Request Chain 418
  • https://beacons.extremereach.io/cp-imp?cid=324718&creative_id=45073534&line_item=15820651&companion_id=0&er_ts=1701135779&vv=2.0&gpp=[GPPSTRING]&gpp_sid=[GPPSECTIONID]&hasIpSync=1& HTTP 302
  • https://beacons-ipv4.extremereach.io/ip-sync?fp=044f0aed82c2
Request Chain 439
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2F213.238.171.129.sslip.io%2F&domain=213.238.171.129.sslip.io&cw=1&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=W9A41nx2THpOTDVqdis4SDNVbXc5NEVoYzZiR1BjcElhVTQ1VXZnRUJENlRMWUp4NUVNOC9jK2RTcXlkUzAxTXdKaElpd1ZDR3JjOEs2Z2g5NUQ3R3JlcTZabGRZa2t0SUd5cFkwZ2tBSVVWQS9CLzhQTFVUWlBpWkp3ZFJXNDhkUEtPenI4Zmd3bi9KbVZXSFVTVkc2M2E5V3JvUlNaWkVEZFFTMFExMEs3NUh3MUpuZWtkcWgyWGwwS3k0UEpLc2w1SHpMby9vZSs5b0tzRnNZTDNkcXQxWXF2VnpSSFkwYmdscU5VNUk3YzZiSkJNa294Syt4TmpzTkRDUFl5ZDVFWjNafA&cppv=2
Request Chain 441
  • https://dai.google.com/linear/pods/v1/p/Sid4xiTQTkCT1SLu6rjUSQ/256b38fd-8ed9-4188-8f15-081c15139a16:CBF2/289997/0/3/a2490d3c744cd6c7e5676ecfc6956ee9/4.ts HTTP 302
  • https://r3---sn-vgqsrn66.googlevideo.com/videoplayback?expire=1701222777&ei=-UdlZev7M9ejir4Pq52RmAQ&ip=0.0.0.0&gomv=google_1053790928596539081%2Cgoogle_3084581355319042694%2Cgoogle_8009495976067089511%2Cgoogle_9081477706638390454%2Cgoogle_4352406798680671331&goc=13&requiressl=yes&ogomt=-5100,-4100,-3100,-2100,-1100,-100&mime=video/MP2T&sgovp=gir%3Dyes%3Bitag%3D340%3Bxtags%3Dvc%3Davc%3Avccf%3Dmain%3Avfr%3D29.97%3Avsz%3D320x180%3Avtbr%3D160%3Bclen%3D614378%3Bdur%3D30030%3Blmt%3D1695731641307828&itag=340&nc=8264&ogoms=dRxwMlk6P2yVgO_OSlZjwg&faskm=468&fvskm=150&acao=yes&ogomk=hk1&gomt=100%2C7507%2C14765%2C22522%2C29030&sgoap=gir%3Dyes%3Bitag%3D340%3Bxtags%3Dac%3Daac%3Aaccf%3Dlc%3Aach%3D2%3Aasr%3D48000%3Aatbr%3D128%3Bclen%3D488599%3Bdur%3D30080%3Blmt%3D1695731620829872&ctier=L&source=dclk_video_ads&id=cfc512097d242da6&susc=dvc&xpc=Eghovf3BOnoBAQ==&sparams=expire,ei,ip,gomv,goc,requiressl,ogomt,mime,sgovp,itag,ogoms,faskm,fvskm,acao,ogomk,gomt,sgoap,ctier,source,id,susc,xpc&sig=ANLwegAwRQIhAJEk5Uyu8NEdEHhRw0gtGhRr_SqvdYIlkSmQlMoHqBrbAiBrq4RVrOyvacRS52IdWWOhbbSsVXUut72Fgb7CZg1XCw==&mh=N2&mip=2600:803:a88:1134::134&mm=34&mn=sn-vgqsrn66&ms=ltu&mt=1701135529&mv=u&mvi=3&pl=58&rmhost=r4---sn-vgqsrn66.googlevideo.com&shardbypass=md-default&smhost=r5---sn-vgqsrn67.googlevideo.com&lsparams=mh,mip,mm,mn,ms,mv,mvi,pl,rmhost,shardbypass,smhost&lsig=AM8Gb2swRgIhAPTrj7pKu19a4FWaKsZc1RW1J3p1xJy-EuDRjbS4H4V5AiEAg2NaSSR5Jf4nfDtmK0lvX1nCWXYbfPn9XEObj1WoSeU%3D&fvidshow=150&fvidskip=0&govp=slices%3D0-738%2C409664-507995&faudshow=235&faudskip=2&goap=slices%3D0-631%2C324819-486666&ogomm=26000&cpn=JWs4_Y7ZQYiPFQgc
Request Chain 442
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=20986&us_privacy=1YNN&khaos=LPHOOFP5-1H-KTTM HTTP 302
  • https://ssp.wknd.ai/magnite-sync?uid=LPHOOFP5-1H-KTTM&us_privacy=1YNN
Request Chain 445
  • https://token.rubiconproject.com/token?pid=2249&pt=n&us_privacy=1YNN HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NTQxZmRkZTcyMGMxNjM2ZjNjZGEwNTU3Mzk0ODAzMTViMDliN2Q2ZA&us_privacy=1YNN
Request Chain 446
  • https://pixel.rubiconproject.com/exchange/sync.php?p=a9us&us_privacy=1YNN HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=LPHOOFP5-1H-KTTM&ex=d-rubiconproject.com&status=ok&us_privacy=1YNN
Request Chain 447
  • https://token.rubiconproject.com/token?pid=36584&us_privacy=1YNN HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LPHOOFP5-1H-KTTM&us_privacy=1YNN
Request Chain 449
  • https://match.adsrvr.org/track/cmf/rubicon?us_privacy=1YNN HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=b3c3d956-bdf4-48cc-a145-56097a595da9&gdpr=0&gdpr_consent=&expires=30
Request Chain 450
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&us_privacy=1YNN HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEFvoqs4mGh6lc_NqUy0E5GY&google_cver=1
Request Chain 451
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1&us_privacy=1YNN HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/7vhIuibG-UmNrsMUjsPRqMn5EUdSAgOZEtemQ7w0kco?csrc=&us_privacy=1YNN HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-.8AOSQlE2oJSSBBw158OOVdU7DkP7G3ZaAktCg--~A
Request Chain 452
  • https://token.rubiconproject.com/token?pid=25470&us_privacy=1YNN HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TFBIT09GUDUtMUgtS1RUTQ==&us_privacy=1YNN HTTP 302
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEOxFMY60ZNwzXLGVnL023Wc&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFBIT09GUDUtMUgtS1RUTQ==&google_push=
Request Chain 453
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&us_privacy=1YNN HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=tNBuy_M_Tc-PHYErDrycrQ&rk=usync-na HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=tNBuy_M_Tc-PHYErDrycrQ
Request Chain 454
  • https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp&us_privacy=1YNN HTTP 303
  • https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp&us_privacy=1YNN&_bee_ppp=1 HTTP 303
  • https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AADX-E7KypAAABKsoCMXRw&expires=30
Request Chain 455
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-adaptmx&us_privacy=1YNN HTTP 302
  • https://prebid.a-mo.net/setuid/magnite?uid=LPHOOFP5-1H-KTTM&us_privacy=1YNN
Request Chain 456
  • https://pixel.rubiconproject.com/exchange/sync.php?p=primis&us_privacy=1YNN HTTP 302
  • https://live.primis.tech/live/liveCS.php?source=external&advId=100&advUuid=LPHOOFP5-1H-KTTM&us_privacy=1YNN HTTP 301
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=LPHOOFP5-1H-KTTM HTTP 302
  • https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=LPHOOFP5-1H-KTTM&ckls=true&ci=idYH9spGbC&nc=false&trid=-707287314
Request Chain 457
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-apn&us_privacy=1YNN HTTP 302
  • https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=LPHOOFP5-1H-KTTM&us_privacy=1YNN
Request Chain 458
  • https://pixel.rubiconproject.com/exchange/sync.php?p=19564&us_privacy=1YNN HTTP 302
  • https://capi.connatix.com/us/pixel?puid=LPHOOFP5-1H-KTTM&pId=11&gdpr=&gdpr_consent=&us_privacy=&us_privacy=1YNN HTTP 302
  • https://capi.connatix.com/us/pixel?puid=LPHOOFP5-1H-KTTM&pId=11&gdpr=&gdpr_consent=&us_privacy=&us_privacy=1YNN&final=true
Request Chain 459
  • https://token.rubiconproject.com/token?pid=37556&a=1&us_privacy=1YNN HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3355&partner_device_id=LPHOOFP5-1H-KTTM&us_privacy=1YNN
Request Chain 460
  • https://token.rubiconproject.com/token?pid=26594&us_privacy=1YNN HTTP 302
  • https://ups.analytics.yahoo.com/ups/58160/sync?_origin=1&uid=LPHOOFP5-1H-KTTM&redir=true&us_privacy=1YNN HTTP 302
  • https://ups.analytics.yahoo.com/ups/58824/sync?_origin=0&dpid=58160&ovsid=LPHOOFP5-1H-KTTM&redir=true&us_privacy=1YNN HTTP 302
  • https://hb.yahoo.net/cksync?cs=63&axid_e=eS1kcXBiSFFoRTJ1RVhuTVVQZGh4amNudVB4M1F1M25Ken5B&ovsid=LPHOOFP5-1H-KTTM&dpid=58160&us_privacy=1YNN
Request Chain 490
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent= HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFEWC1FN0t5cEFBQUJLc29DTVhSdw&gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Csyn%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Csyn%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 303
  • https://rtb-csync.smartadserver.com/redir?partneruserid=AADX-E7KypAAABKsoCMXRw&partnerid=127&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dsyn%252Cpp%252Cpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2%26userid%3DSMART_USER_ID&gdpr=0 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=syn%2Cpp%2Cpm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=2&userid=5490910651018334647&gdpr=0&gdpr_consent= HTTP 303
  • https://sync.technoratimedia.com/services?uid=AADX-E7KypAAABKsoCMXRw&srv=cs&pid=73&cb=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26userid%3D5490910651018334647%26gdpr%3D0%26gdpr_consent%3D%26bee_sync_partners%3Dpp%252Cpm%26bee_sync_current_partner%3Dsyn%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3&gdpr=0 HTTP 307
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&userid=5490910651018334647&gdpr=0&gdpr_consent=&bee_sync_partners=pp%2Cpm&bee_sync_current_partner=syn&bee_sync_initiator=adx&bee_sync_hop_count=3 HTTP 303
  • https://bh.contextweb.com/bh/rtset?ev=AADX-E7KypAAABKsoCMXRw&do=add&pid=558502&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26userid%3D5490910651018334647%26gdpr%3D0%26bee_sync_partners%3Dpm%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D4&gdpr=0 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&userid=5490910651018334647&gdpr=0&bee_sync_partners=pm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=4&ev=AADX-E7KypAAABKsoCMXRw&pid=558502&do=add&gdpr=0 HTTP 303
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AADX-E7KypAAABKsoCMXRw&gdpr=0
Request Chain 493
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=59c70eXaPdb80z-C4dYg1-GDO9P8hz3StdZYLk-d
Request Chain 494
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://dsp.nrich.ai/bidswitch/sync?bidswitch_ssp_id=pubmatic&bsw_custom_parameter=23bd3352-e7fa-4d20-94b7-7e3199ca7991&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=283&user_id=696a9e81-e116-44fd-bcc5-1e5ae32870f9&expires=1&user_group=2&ssp=pubmatic&bsw_param=23bd3352-e7fa-4d20-94b7-7e3199ca7991&gdpr=0&gdpr_consent=&gdpr_pd= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=23bd3352-e7fa-4d20-94b7-7e3199ca7991&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=
Request Chain 495
  • https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.adgrx.com/bridge.gif?AG_PID=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=df9238f6-8d90-11ee-a05a-06905cfe2b77
Request Chain 497
  • https://thrtle.com/insync?vxii_pid=10067&vxii_pdid=C5B20BED-E183-402B-A22C-83D5EF22CB2C&gdpr=0&gdpr_consent= HTTP 302
  • https://thrtle.com/insync?gdpr=0&gdpr_consent=&vxii_pdid=C5B20BED-E183-402B-A22C-83D5EF22CB2C&vxii_pid=12&vxii_pid1=10067&vxii_rcid=1500a741-4ae0-4226-bfd2-6ca021799ff2
Request Chain 502
  • https://pmp.mxptint.net/sn.ashx?&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjc0NCZ0bD0xNTc2ODAw&piggybackCookie=R33645_10CD5156D_C2563653&r=https://pmp.mxptint.net/sn.ashx?ak=1 HTTP 302
  • https://pmp.mxptint.net/sn.ashx?ak=1
Request Chain 503
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=3&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=e7aec9d5-d48a-43eb-98ec-eba6db98bb60-65654802-5553&gdpr=0&gdpr_consent=
Request Chain 504
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2635919596870554906&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 505
  • https://thrtle.com/insync?vxii_pid=10067&vxii_pdid=C5B20BED-E183-402B-A22C-83D5EF22CB2C&gdpr=0&gdpr_consent= HTTP 302
  • https://thrtle.com/insync?gdpr=0&gdpr_consent=&vxii_pdid=C5B20BED-E183-402B-A22C-83D5EF22CB2C&vxii_pid=12&vxii_pid1=10067&vxii_rcid=5db749de-7e40-408b-8e19-2b63c386ee6a
Request Chain 509
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent= HTTP 303
  • https://bh.contextweb.com/bh/rtset?ev=AADX-E7KypAAABKsoCMXRw&do=add&pid=558502&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26gdpr_consent%3D%26bee_sync_partners%3Dsas%252Csyn%252Cpm%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dpm%26bee_sync_hop_count%3D1&gdpr=0 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Csyn%2Cpm&bee_sync_current_partner=pp&bee_sync_initiator=pm&bee_sync_hop_count=1&ev=AADX-E7KypAAABKsoCMXRw&pid=558502&do=add&gdpr=0 HTTP 303
  • https://rtb-csync.smartadserver.com/redir?partneruserid=AADX-E7KypAAABKsoCMXRw&partnerid=127&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26gdpr%3D0%26bee_sync_partners%3Dsyn%252Cpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dpm%26bee_sync_hop_count%3D2%26userid%3DSMART_USER_ID&gdpr=0 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&gdpr=0&bee_sync_partners=syn%2Cpm&bee_sync_current_partner=sas&bee_sync_initiator=pm&bee_sync_hop_count=2&userid=4050266413919326501&gdpr=0&gdpr_consent= HTTP 303
  • https://sync.technoratimedia.com/services?uid=AADX-E7KypAAABKsoCMXRw&srv=cs&pid=73&cb=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26gdpr%3D0%26userid%3D4050266413919326501%26gdpr%3D0%26gdpr_consent%3D%26bee_sync_partners%3Dpm%26bee_sync_current_partner%3Dsyn%26bee_sync_initiator%3Dpm%26bee_sync_hop_count%3D3&gdpr=0 HTTP 307
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&gdpr=0&userid=4050266413919326501&gdpr=0&gdpr_consent=&bee_sync_partners=pm&bee_sync_current_partner=syn&bee_sync_initiator=pm&bee_sync_hop_count=3 HTTP 303
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AADX-E7KypAAABKsoCMXRw&gdpr=0&gdpr_consent=
Request Chain 512
  • https://pmp.mxptint.net/sn.ashx?&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjc0NCZ0bD0xNTc2ODAw&piggybackCookie=R33647_10CD5156D_C2BC8FA1&r=https://pmp.mxptint.net/sn.ashx?ak=1 HTTP 302
  • https://pmp.mxptint.net/sn.ashx?ak=1
Request Chain 514
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=-MBYFvrNXhHjxFxG-ZFDQviUCkDjxwtA-ZbrWxBl
Request Chain 515
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://rtb.adstanding.com/ssp/bidswitch/cookie?bidswitch_ssp_id=pubmatic&bidswitch_custom_parameter=23bd3352-e7fa-4d20-94b7-7e3199ca7991 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=317&user_id=b97de1766730b2aa23de4eb09dd810a9&expires=30&ssp=pubmatic&bsw_param=23bd3352-e7fa-4d20-94b7-7e3199ca7991 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=23bd3352-e7fa-4d20-94b7-7e3199ca7991&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=
Request Chain 516
  • https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.adgrx.com/bridge.gif?AG_PID=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=df9238f6-8d90-11ee-a05a-06905cfe2b77
Request Chain 517
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=3&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=e7aec9d5-d48a-43eb-98ec-eba6db98bb60-65654802-5553&gdpr=0&gdpr_consent=
Request Chain 518
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2852092378984338714&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 521
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:f9Ti3QeA1R7NhE5&gdpr=0&gdpr_consent=
Request Chain 522
  • https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=1797288128071551211
Request Chain 523
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID} HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Request Chain 524
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=hhtuxYqsW2NjryUO9oBqpM5CYIY&gdpr=0&gdpr_consent=
Request Chain 526
  • https://beacon.lynx.cognitivlabs.com/pbmtc.gif?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0xJnR5cGU9MSZjb2RlPTM0MzkmdGw9MTI5NjAw&piggybackCookie=$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0xJnR5cGU9MSZjb2RlPTM0MzkmdGw9MTI5NjAw&piggybackCookie=8b9b8f6c-c210-4107-bc4e-30b9bd3223d8&r=https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=${PUBMATIC_UID} HTTP 302
  • https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=C5B20BED-E183-402B-A22C-83D5EF22CB2C
Request Chain 527
  • https://t.adx.opera.com/pub/sync?pubid=pub8730968190912 HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPUb921b702034e445fae22937cc7b7fd4c
Request Chain 528
  • https://b1sync.zemanta.com/usersync/pubmatic/?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDMmdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDMmdGw9MTI5NjAw&piggybackCookie=uid:W4l2hieW1Pe-3sxK-lnb&gdpr=0&gdpr_consent=&gdpr=0
Request Chain 530
  • https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token} HTTP 307
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Request Chain 531
  • https://ums.acuityplatform.com/tum?umid=6 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=857602416520
Request Chain 533
  • https://gocm.c.appier.net/pubmatic HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=KddlgywiDrGjqcCcAkhlZQ
Request Chain 534
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://ad.turn.com/r/cs?pid=45&rndcb=6960745698 HTTP 302
  • https://sync.1rx.io/usersync/turn/2780034784946410778?dspret=1&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-6d7d368c-feeb-4b59-b1dc-1945c652496a-005?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%3D%26piggybackCookie%3DRX-6d7d368c-feeb-4b59-b1dc-1945c652496a-005 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-6d7d368c-feeb-4b59-b1dc-1945c652496a-005
Request Chain 535
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:0e2f6565-4802-4400-88b1-07b19da69a18&gdpr=0&gdpr_consent=
Request Chain 538
  • https://px.owneriq.net/epm?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=$UID HTTP 302
  • https://px.owneriq.net/ecc?redir=https%3a%2f%2fsimage2.pubmatic.com%2fAdServer%2fPug%3fvcode%3dbz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw%26piggybackCookie%3dQ7544227861187578966&uid=Q7544227861187578966&ref=%2Fepm HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=Q7544227861187578966
Request Chain 539
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:3632AF9873274782B2743660ED8B6F3C&gdpr=0&gdpr_consent=
Request Chain 541
  • https://idsync.rlcdn.com/712188.gif?partner_uid=C5B20BED-E183-402B-A22C-83D5EF22CB2C&gdpr=0&gdpr_consent= HTTP 307
  • https://pippio.com/api/sync?pid=5324&it=1&iv=934558ece05fbab7c82a85187a865988412eeae7b7d6bee9e972f54608af64f6791426b5417dce21&_=2 HTTP 307
  • https://px.ads.linkedin.com/db_sync?pid=10339&puuid=934558ece05fbab7c82a85187a865988412eeae7b7d6bee9e972f54608af64f6791426b5417dce21&rand=00814687
Request Chain 544
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=6830002172029342515
Request Chain 545
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:a6fb5414-ac15-4a40-861c-4402e80f71ac&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Request Chain 552
  • https://doppler-config.cbsivideo.com/doppler.js HTTP 302
  • https://doppler-config.cbsivideo.com/doppler.b29058ac.min.js
Request Chain 557
  • https://i.liadm.com/s/75145?bidder_id=195755&bidder_uuid=C5B20BED-E183-402B-A22C-83D5EF22CB2C HTTP 303
  • https://he.lijit.com/merge?pid=8105&event_type=email&lc_md5=ea850f47c7f0334a37803d054e22987d&lc_sha1=6fb1efc025eb6ace05e6290bdbc20873962b48fc&lc_sha256=aec929b7c650316e9d46992c3ad4a2f2d27455c5fd8a328b47e3b2182ffc92dd& HTTP 302
  • https://he.lijit.com/merge?dnr=1&pid=8105&lc_md5=ea850f47c7f0334a37803d054e22987d&uc_md5=&lc_sha1=6fb1efc025eb6ace05e6290bdbc20873962b48fc&uc_sha1=&lc_sha256=aec929b7c650316e9d46992c3ad4a2f2d27455c5fd8a328b47e3b2182ffc92dd&uc_sha256=&lc_domain_sha1= HTTP 302
  • https://p.alcmpn.com/em/173/111/2361.gif?bid=6fb1efc025eb6ace05e6290bdbc20873962b48fc&gid=ea850f47c7f0334a37803d054e22987d&eid=aec929b7c650316e9d46992c3ad4a2f2d27455c5fd8a328b47e3b2182ffc92dd
Request Chain 559
  • https://io.narrative.io/?companyId=673&id=pubmatic_id:C5B20BED-E183-402B-A22C-83D5EF22CB2C HTTP 302
  • https://io.narrative.io/?io.narrative.guid.v2=e1682550-8d90-11ee-b479-0e71178f036d&companyId=673&id=pubmatic_id:C5B20BED-E183-402B-A22C-83D5EF22CB2C

555 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
213.238.171.129.sslip.io/ 		438 KB
94 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://213.238.171.129.sslip.io/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.238.171.129 , Turkey, ASN200456 (VERIGOM, TR),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
4f36cfb4c1659c842099e22ced447064fc12172b3f07bab0949e72c015834b8e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
age
646
cache-control
max-age=900, public
content-encoding
gzip
content-length
94290
content-type
text/html; charset=UTF-8
core-api-cache-key
e8074928-8717-4e96-94d3-c57247d92fc5
date
Tue, 28 Nov 2023 01:52:53 GMT
last-modified
Tue, 28 Nov 2023 01:42:06 GMT
link
<https://assets1.cbsnewsstatic.com>; rel="preconnect", <https://assets2.cbsnewsstatic.com>; rel="preconnect", <https://assets3.cbsnewsstatic.com>; rel="preconnect", </fly/bundles/cbsnewscontent/fonts/ProximaNova-Regular/ProximaNova-Regular.woff2>; rel="preload"; as="font"; crossorigin, </fly/bundles/cbsnewscontent/fonts/ProximaNova-Bold/ProximaNova-Bold.woff2>; rel="preload"; as="font"; crossorigin, </fly/bundles/cbsnewscontent/fonts/PublicoHeadline-Bold/PublicoHeadline-Bold.woff2>; rel="preload"; as="font"; crossorigin, </fly/bundles/cbsnewscontent/fonts/PublicoHeadline-Black/PublicoHeadline-Black.woff2>; rel="preload"; as="font"; crossorigin, </fly/bundles/cbsnewscontent/fonts/PublicoText/PublicoText.woff2>; rel="preload"; as="font"; crossorigin, </fly/bundles/cbsnewscontent/css/door.min.css?v=5659e73acd91751548aa89950cf015b0>; rel="stylesheet preload"; as="style", <https://www.cbsnews.com/fly/bundles/cbsnewscore/js-build/main.js?v=5659e73acd91751548aa89950cf015b0>; rel="preload"; as="script", <https://www.cbsnews.com/fly/bundles/cbsnewscore/js-build/main.responsive.js?v=5659e73acd91751548aa89950cf015b0>; rel="preload"; as="script", <https://vidtech.cbsinteractive.com>; rel="preconnect"
server
nginx/1.18.0 (Ubuntu)
vary
Accept-Encoding, X-Geo-GDPR, X-Device, X-Edge-Forwarded-Proto
via
1.1 varnish
x-content-type-options
nosniff
x-device
desktop
x-edge-forwarded-proto
https
x-xss-protection
1; mode=block
ProximaNova-Regular.woff2
213.238.171.129.sslip.io/fly/bundles/cbsnewscontent/fonts/ProximaNova-Regular/ 		26 KB
27 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://213.238.171.129.sslip.io/fly/bundles/cbsnewscontent/fonts/ProximaNova-Regular/ProximaNova-Regular.woff2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.238.171.129 , Turkey, ASN200456 (VERIGOM, TR),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
25cc1a8d371ebecb108a5e0ebe87b23142b9eb66fc3410cf3edb9b58e61fc561
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://213.238.171.129.sslip.io/
Origin
https://213.238.171.129.sslip.io
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 01:52:53 GMT
via
1.1 varnish
x-content-type-options
nosniff
age
2939511
x-device
desktop
content-length
26984
x-xss-protection
1; mode=block
core-api-cache-key
last-modified
Mon, 23 Oct 2023 18:30:39 GMT
server
nginx/1.18.0 (Ubuntu)
x-edge-forwarded-proto
https
etag
"6536bbcf-6968"
vary
X-Device, X-Edge-Forwarded-Proto
content-type
font/woff2
cache-control
max-age=31536000
accept-ranges
bytes
expires
Thu, 24 Oct 2024 01:21:01 GMT
ProximaNova-Bold.woff2
213.238.171.129.sslip.io/fly/bundles/cbsnewscontent/fonts/ProximaNova-Bold/ 		24 KB
25 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://213.238.171.129.sslip.io/fly/bundles/cbsnewscontent/fonts/ProximaNova-Bold/ProximaNova-Bold.woff2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.238.171.129 , Turkey, ASN200456 (VERIGOM, TR),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
299f93b4e8a74d0880cd959ff3d27c2a0b4d061d241d6ecf79cfcedfb15360a2
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://213.238.171.129.sslip.io/
Origin
https://213.238.171.129.sslip.io
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 01:52:53 GMT
strict-transport-security
max-age=15724800; includeSubDomains
x-content-type-options
nosniff
via
1.1 varnish
age
687817
x-device
desktop
content-length
24720
x-xss-protection
1; mode=block
last-modified
Fri, 17 Nov 2023 13:10:36 GMT
server
nginx/1.18.0 (Ubuntu)
x-edge-forwarded-proto
https
etag
"6557664c-6090"
vary
X-Device, X-Edge-Forwarded-Proto
access-control-allow-methods
GET
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=5184000s
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 19 Nov 2024 02:49:16 GMT
PublicoHeadline-Bold.woff2
213.238.171.129.sslip.io/fly/bundles/cbsnewscontent/fonts/PublicoHeadline-Bold/ 		32 KB
33 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://213.238.171.129.sslip.io/fly/bundles/cbsnewscontent/fonts/PublicoHeadline-Bold/PublicoHeadline-Bold.woff2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.238.171.129 , Turkey, ASN200456 (VERIGOM, TR),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
4a47ce84e1fdde51475cd77a0fd312bb383de8f10a979e14ede34eec91df5e79
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://213.238.171.129.sslip.io/
Origin
https://213.238.171.129.sslip.io
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 01:52:53 GMT
strict-transport-security
max-age=15724800; includeSubDomains
x-content-type-options
nosniff
via
1.1 varnish
age
2518215
x-device
desktop
content-length
32632
x-xss-protection
1; mode=block
last-modified
Fri, 27 Oct 2023 16:40:37 GMT
server
nginx/1.18.0 (Ubuntu)
x-edge-forwarded-proto
https
etag
"653be805-7f78"
vary
X-Device, X-Edge-Forwarded-Proto
access-control-allow-methods
GET
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=5184000s
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 28 Oct 2024 22:22:37 GMT
PublicoHeadline-Black.woff2
213.238.171.129.sslip.io/fly/bundles/cbsnewscontent/fonts/PublicoHeadline-Black/ 		24 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://213.238.171.129.sslip.io/fly/bundles/cbsnewscontent/fonts/PublicoHeadline-Black/PublicoHeadline-Black.woff2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.238.171.129 , Turkey, ASN200456 (VERIGOM, TR),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
dea4eb388be423aa5f77f2983f867492757e88f0afac98e9558a32ece1c1e9e6
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://213.238.171.129.sslip.io/
Origin
https://213.238.171.129.sslip.io
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 01:52:53 GMT
strict-transport-security
max-age=15724800; includeSubDomains
x-content-type-options
nosniff
via
1.1 varnish
age
1735324
x-device
desktop
content-length
24160
x-xss-protection
1; mode=block
last-modified
Mon, 06 Nov 2023 22:10:33 GMT
server
nginx/1.18.0 (Ubuntu)
x-edge-forwarded-proto
https
etag
"65496459-5e60"
vary
X-Device, X-Edge-Forwarded-Proto
access-control-allow-methods
GET
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=5184000s
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 06 Nov 2024 23:50:49 GMT
PublicoText.woff2
213.238.171.129.sslip.io/fly/bundles/cbsnewscontent/fonts/PublicoText/ 		28 KB
29 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://213.238.171.129.sslip.io/fly/bundles/cbsnewscontent/fonts/PublicoText/PublicoText.woff2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.238.171.129 , Turkey, ASN200456 (VERIGOM, TR),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
8c1d4ca40cb7f6849fc0947cd2e3186ec82786d1aba8eb832e89ccb5874bd5db
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://213.238.171.129.sslip.io/
Origin
https://213.238.171.129.sslip.io
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 01:52:53 GMT
strict-transport-security
max-age=15724800; includeSubDomains
x-content-type-options
nosniff
via
1.1 varnish
age
1735324
x-device
desktop
content-length
28896
x-xss-protection
1; mode=block
last-modified
Mon, 06 Nov 2023 22:10:33 GMT
server
nginx/1.18.0 (Ubuntu)
x-edge-forwarded-proto
https
etag
"65496459-70e0"
vary
X-Device, X-Edge-Forwarded-Proto
access-control-allow-methods
GET
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=5184000s
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 06 Nov 2024 23:50:49 GMT
door.min.css
213.238.171.129.sslip.io/fly/bundles/cbsnewscontent/css/ 		258 KB
39 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://213.238.171.129.sslip.io/fly/bundles/cbsnewscontent/css/door.min.css?v=5659e73acd91751548aa89950cf015b0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.238.171.129 , Turkey, ASN200456 (VERIGOM, TR),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
119c6a528ba39a60a3dcdb6b89ca6ed87cfd444957136f9b6d98d5e9d3134665
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://213.238.171.129.sslip.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 01:52:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=15724800; includeSubDomains
via
1.1 varnish
age
903262
x-device
desktop
content-length
39132
x-xss-protection
1; mode=block
last-modified
Fri, 17 Nov 2023 13:15:41 GMT
server
nginx/1.18.0 (Ubuntu)
x-edge-forwarded-proto
https
etag
W/"6557677d-40799"
vary
Accept-Encoding, X-Device, X-Edge-Forwarded-Proto
access-control-allow-methods
GET
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=5184000s
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 16 Nov 2024 14:58:30 GMT
main.js
www.cbsnews.com/fly/bundles/cbsnewscore/js-build/ 		71 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.cbsnews.com/fly/bundles/cbsnewscore/js-build/main.js?v=5659e73acd91751548aa89950cf015b0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.37.188 New York, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
2456315a37213a8eb0e8a02bc98c467e9dcd4545b6060e47c1e6a96a0765d44d
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://213.238.171.129.sslip.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 28 Nov 2023 01:52:52 GMT
via
1.1 varnish
age
903791
x-device
desktop
x-xss-protection
1; mode=block
content-length
24565
last-modified
Fri, 17 Nov 2023 13:16:00 GMT
x-edge-forwarded-proto
https
etag
W/"65576790-11ad6"
vary
Accept-Encoding, X-Device, X-Edge-Forwarded-Proto
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=5184000s
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 16 Nov 2024 14:49:41 GMT
main.responsive.js
www.cbsnews.com/fly/bundles/cbsnewscore/js-build/ 		32 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.cbsnews.com/fly/bundles/cbsnewscore/js-build/main.responsive.js?v=5659e73acd91751548aa89950cf015b0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.37.188 New York, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
720e27dfe2cacfe3f65e1682fffa45268e5bfd40fdad57447e23bf7f9a2eb5b2
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://213.238.171.129.sslip.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 28 Nov 2023 01:52:52 GMT
via
1.1 varnish
age
903791
x-device
desktop
x-xss-protection
1; mode=block
content-length
10880
last-modified
Fri, 17 Nov 2023 13:16:00 GMT
x-edge-forwarded-proto
https
etag
W/"65576790-815e"
vary
Accept-Encoding, X-Device, X-Edge-Forwarded-Proto
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=5184000s
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 16 Nov 2024 14:49:41 GMT
logo-square-32.svg
213.238.171.129.sslip.io/assets/show/cbs-mornings/ 		9 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://213.238.171.129.sslip.io/assets/show/cbs-mornings/logo-square-32.svg
Requested by
Host: 213.238.171.129.sslip.io
URL: https://213.238.171.129.sslip.io/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.238.171.129 , Turkey, ASN200456 (VERIGOM, TR),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
542ed46baa4019bd1c2c533921a44c71a99b77058d9a0930c966153f64daa387

Request headers

accept-language
en-US,en;q=0.9
Referer
https://213.238.171.129.sslip.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 01:52:53 GMT
content-encoding
gzip
via
1.1 varnish
age
0
content-length
3523
x-device
desktop
last-modified
Thu, 26 Oct 2023 15:56:48 GMT
server
nginx/1.18.0 (Ubuntu)
x-edge-forwarded-proto
https
etag
"daa4c8b7841cf43cc05c4ac0758d3c5b"
vary
Accept-Encoding, X-Device, X-Edge-Forwarded-Proto
access-control-allow-methods
GET
content-type
image/svg+xml
access-control-allow-origin
*
accept-ranges
bytes
timing-allow-origin
*
logo-square-32.svg
213.238.171.129.sslip.io/assets/show/evening-news/ 		8 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://213.238.171.129.sslip.io/assets/show/evening-news/logo-square-32.svg
Requested by
Host: 213.238.171.129.sslip.io
URL: https://213.238.171.129.sslip.io/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.238.171.129 , Turkey, ASN200456 (VERIGOM, TR),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
0dc1eaa16604f380a6a3d7336f2c1d2da3b6a77aa74135754fe14409877929f6

Request headers

accept-language
en-US,en;q=0.9
Referer
https://213.238.171.129.sslip.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 01:52:53 GMT
content-encoding
gzip
via
1.1 varnish
age
0
content-length
3148
x-device
desktop
last-modified
Thu, 26 Oct 2023 15:56:49 GMT
server
nginx/1.18.0 (Ubuntu)
x-edge-forwarded-proto
https
etag
"b076a2fbd604a8a1669b749a6c811dda"
vary
Accept-Encoding, X-Device, X-Edge-Forwarded-Proto
access-control-allow-methods
GET
content-type
image/svg+xml
access-control-allow-origin
*
accept-ranges
bytes
timing-allow-origin
*
logo-square-32.svg
213.238.171.129.sslip.io/assets/show/60-minutes/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://213.238.171.129.sslip.io/assets/show/60-minutes/logo-square-32.svg
Requested by
Host: 213.238.171.129.sslip.io
URL: https://213.238.171.129.sslip.io/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.238.171.129 , Turkey, ASN200456 (VERIGOM, TR),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
7c2a9b0ebc8e415be8693b60754f183f3837c35a25ab30c6d7b589ee2353310d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://213.238.171.129.sslip.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 01:52:53 GMT
content-encoding
gzip
via
1.1 varnish
age
0
content-length
721
x-device
desktop
last-modified
Thu, 26 Oct 2023 15:56:47 GMT
server
nginx/1.18.0 (Ubuntu)
x-edge-forwarded-proto
https
etag
"fd09de54fd73b8754a521a601bf10905"
vary
Accept-Encoding, X-Device, X-Edge-Forwarded-Proto
access-control-allow-methods
GET
content-type
image/svg+xml
access-control-allow-origin
*
accept-ranges
bytes
timing-allow-origin
*
logo-square-32.svg
213.238.171.129.sslip.io/assets/show/cbs-mornings-saturday/ 		10 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://213.238.171.129.sslip.io/assets/show/cbs-mornings-saturday/logo-square-32.svg
Requested by
Host: 213.238.171.129.sslip.io
URL: https://213.238.171.129.sslip.io/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.238.171.129 , Turkey, ASN200456 (VERIGOM, TR),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
bbb3bfd0cdfa5bd8f651735573bc1979f499b3d92743852495de4e8a7c15f4a6

Request headers

accept-language
en-US,en;q=0.9
Referer
https://213.238.171.129.sslip.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 01:52:53 GMT
content-encoding
gzip
via
1.1 varnish
age
0
content-length
3921
x-device
desktop
last-modified
Thu, 26 Oct 2023 15:56:48 GMT
server
nginx/1.18.0 (Ubuntu)
x-edge-forwarded-proto
https
etag
"c560dc01b2702b2de8fa2f3df259b9ac"
vary
Accept-Encoding, X-Device, X-Edge-Forwarded-Proto
access-control-allow-methods
GET
content-type
image/svg+xml
access-control-allow-origin
*
accept-ranges
bytes
timing-allow-origin
*
logo-square-32.svg
213.238.171.129.sslip.io/assets/show/face-the-nation/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://213.238.171.129.sslip.io/assets/show/face-the-nation/logo-square-32.svg
Requested by
Host: 213.238.171.129.sslip.io
URL: https://213.238.171.129.sslip.io/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.238.171.129 , Turkey, ASN200456 (VERIGOM, TR),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
b1e4f585831adbbbeb5ece543acf891fd10d936ac0ab104150118b7290f0a2d1

Request headers

accept-language
en-US,en;q=0.9
Referer
https://213.238.171.129.sslip.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 01:52:53 GMT
content-encoding
gzip
via
1.1 varnish
age
0
content-length
1009
x-device
desktop
last-modified
Thu, 26 Oct 2023 15:56:49 GMT
server
nginx/1.18.0 (Ubuntu)
x-edge-forwarded-proto
https
etag
"1f1aa9c91649775d64f4be31663a324d"
vary
Accept-Encoding, X-Device, X-Edge-Forwarded-Proto
access-control-allow-methods
GET
content-type
image/svg+xml
access-control-allow-origin
*
accept-ranges
bytes
timing-allow-origin
*
logo-square-32.svg
213.238.171.129.sslip.io/assets/show/sunday-morning/ 		3 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://213.238.171.129.sslip.io/assets/show/sunday-morning/logo-square-32.svg
Requested by
Host: 213.238.171.129.sslip.io
URL: https://213.238.171.129.sslip.io/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.238.171.129 , Turkey, ASN200456 (VERIGOM, TR),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
ddce6a171ead6c4cbc7ed048f66a97a2b5781741aab2926507513cdb3dd7dccc

Request headers

accept-language
en-US,en;q=0.9
Referer
https://213.238.171.129.sslip.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 01:52:53 GMT
content-encoding
gzip
via
1.1 varnish
age
0
content-length
1294
x-device
desktop
last-modified
Thu, 26 Oct 2023 15:56:51 GMT
server
nginx/1.18.0 (Ubuntu)
x-edge-forwarded-proto
https
etag
"7bbd9273b40a1225094ee771bb17f2b1"
vary
Accept-Encoding, X-Device, X-Edge-Forwarded-Proto
access-control-allow-methods
GET
content-type
image/svg+xml
access-control-allow-origin
*
accept-ranges
bytes
timing-allow-origin
*
logo-square-32.svg
213.238.171.129.sslip.io/assets/show/48-hours/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://213.238.171.129.sslip.io/assets/show/48-hours/logo-square-32.svg
Requested by
Host: 213.238.171.129.sslip.io
URL: https://213.238.171.129.sslip.io/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.238.171.129 , Turkey, ASN200456 (VERIGOM, TR),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
d99937e8195e14a02b6a6dee370835eeea26e6dd295aa4296bbee8349bb98233

Request headers

accept-language
en-US,en;q=0.9
Referer
https://213.238.171.129.sslip.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 01:52:53 GMT
content-encoding
gzip
via
1.1 varnish
age
0
content-length
695
x-device
desktop
last-modified
Thu, 26 Oct 2023 15:56:47 GMT
server
nginx/1.18.0 (Ubuntu)
x-edge-forwarded-proto
https
etag
"ce15365f3a6f36daa0d896ccd2109100"
vary
Accept-Encoding, X-Device, X-Edge-Forwarded-Proto
access-control-allow-methods
GET
content-type
image/svg+xml
access-control-allow-origin
*
accept-ranges
bytes
timing-allow-origin
*
logo-square-32.svg
213.238.171.129.sslip.io/assets/show/cbs-reports/ 		5 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://213.238.171.129.sslip.io/assets/show/cbs-reports/logo-square-32.svg
Requested by
Host: 213.238.171.129.sslip.io
URL: https://213.238.171.129.sslip.io/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.238.171.129 , Turkey, ASN200456 (VERIGOM, TR),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
68afb50bd79b337f9c6cf6f4107ebbad61d51ac040e82c7b525553fac6f6be62

Request headers

accept-language
en-US,en;q=0.9
Referer
https://213.238.171.129.sslip.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 01:52:53 GMT
content-encoding
gzip
via
1.1 varnish
age
0
content-length
2217
x-device
desktop
last-modified
Mon, 23 Oct 2023 18:37:35 GMT
server
nginx/1.18.0 (Ubuntu)
x-edge-forwarded-proto
https
etag
"9e7b11820361f00c71391a6f8da269b6"
vary
Accept-Encoding, X-Device, X-Edge-Forwarded-Proto
access-control-allow-methods
GET
content-type
image/svg+xml
access-control-allow-origin
*
accept-ranges
bytes
timing-allow-origin
*
logo-square-32.svg
213.238.171.129.sslip.io/assets/show/cbs-news-mornings/ 		7 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://213.238.171.129.sslip.io/assets/show/cbs-news-mornings/logo-square-32.svg
Requested by
Host: 213.238.171.129.sslip.io
URL: https://213.238.171.129.sslip.io/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.238.171.129 , Turkey, ASN200456 (VERIGOM, TR),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
eac0304fa4373ddb2611190e2bc2fb9190317d315afd9eb772d546fce7c02589

Request headers

accept-language
en-US,en;q=0.9
Referer
https://213.238.171.129.sslip.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 01:52:53 GMT
content-encoding
gzip
via
1.1 varnish
age
0
content-length
2730
x-device
desktop
last-modified
Mon, 23 Oct 2023 18:37:35 GMT
server
nginx/1.18.0 (Ubuntu)
x-edge-forwarded-proto
https
etag
"7c67e1568c28532111b357b95dc0bb86"
vary
Accept-Encoding, X-Device, X-Edge-Forwarded-Proto
access-control-allow-methods
GET
content-type
image/svg+xml
access-control-allow-origin
*
accept-ranges
bytes
timing-allow-origin
*
logo-square-32.svg
213.238.171.129.sslip.io/assets/show/america-decides/ 		3 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://213.238.171.129.sslip.io/assets/show/america-decides/logo-square-32.svg
Requested by
Host: 213.238.171.129.sslip.io
URL: https://213.238.171.129.sslip.io/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.238.171.129 , Turkey, ASN200456 (VERIGOM, TR),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
03d3aafe5741f37b3d94080b21f6ef11253cbce34ea6750ade405f3195a6bc4b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://213.238.171.129.sslip.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 01:52:53 GMT
content-encoding
gzip
via
1.1 varnish
age
0
content-length
1328
x-device
desktop
last-modified
Thu, 26 Oct 2023 15:56:47 GMT
server
nginx/1.18.0 (Ubuntu)
x-edge-forwarded-proto
https
etag
"d4a50e2c40c8e09d0db2047c950a60c3"
vary
Accept-Encoding, X-Device, X-Edge-Forwarded-Proto
access-control-allow-methods
GET
content-type
image/svg+xml
access-control-allow-origin
*
accept-ranges
bytes
timing-allow-origin
*
logo-square-32.svg
213.238.171.129.sslip.io/assets/show/prime-time-with-john-dickerson/ 		5 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://213.238.171.129.sslip.io/assets/show/prime-time-with-john-dickerson/logo-square-32.svg
Requested by
Host: 213.238.171.129.sslip.io
URL: https://213.238.171.129.sslip.io/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.238.171.129 , Turkey, ASN200456 (VERIGOM, TR),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
ca3f07f4e7e1d13882d00f91d1cced485491c5b2f5d1883f86cce8a317d05650

Request headers

accept-language
en-US,en;q=0.9
Referer
https://213.238.171.129.sslip.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 01:52:53 GMT
content-encoding
gzip
via
1.1 varnish
age
0
content-length
2019
x-device
desktop
last-modified
Thu, 26 Oct 2023 15:56:51 GMT
server
nginx/1.18.0 (Ubuntu)
x-edge-forwarded-proto
https
etag
"88cd25cf9f58f64bc6e86f1f6f9fd52e"
vary
Accept-Encoding, X-Device, X-Edge-Forwarded-Proto
access-control-allow-methods
GET
content-type
image/svg+xml
access-control-allow-origin
*
accept-ranges
bytes
timing-allow-origin
*
logo-square-32.svg
213.238.171.129.sslip.io/assets/show/cbs-weekender/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://213.238.171.129.sslip.io/assets/show/cbs-weekender/logo-square-32.svg
Requested by
Host: 213.238.171.129.sslip.io
URL: https://213.238.171.129.sslip.io/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.238.171.129 , Turkey, ASN200456 (VERIGOM, TR),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
631df19a43d14aa23fbb8e0a5746bb97892f31e10312d6671a0a061417029ce3

Request headers

accept-language
en-US,en;q=0.9
Referer
https://213.238.171.129.sslip.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 01:52:53 GMT
content-encoding
gzip
via
1.1 varnish
age
0
content-length
589
x-device
desktop
last-modified
Thu, 26 Oct 2023 15:56:48 GMT
server
nginx/1.18.0 (Ubuntu)
x-edge-forwarded-proto
https
etag
"c64ffccbffa1771fbfb2d0f8fe31bbcb"
vary
Accept-Encoding, X-Device, X-Edge-Forwarded-Proto
access-control-allow-methods
GET
content-type
image/svg+xml
access-control-allow-origin
*
accept-ranges
bytes
timing-allow-origin
*
logo-square-32.svg
213.238.171.129.sslip.io/assets/show/the-takeout/ 		3 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://213.238.171.129.sslip.io/assets/show/the-takeout/logo-square-32.svg
Requested by
Host: 213.238.171.129.sslip.io
URL: https://213.238.171.129.sslip.io/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.238.171.129 , Turkey, ASN200456 (VERIGOM, TR),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
c6383d777a022696c8d7f45d9a1e6a5ad8fefb1ab663b10ee4f03db351020fcd

Request headers

accept-language
en-US,en;q=0.9
Referer
https://213.238.171.129.sslip.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 01:52:53 GMT
content-encoding
gzip
via
1.1 varnish
age
0
content-length
1472
x-device
desktop
last-modified
Thu, 26 Oct 2023 15:56:52 GMT
server
nginx/1.18.0 (Ubuntu)
x-edge-forwarded-proto
https
etag
"225b0612dbf0ec3f730ec1c02c35affc"
vary
Accept-Encoding, X-Device, X-Edge-Forwarded-Proto
access-control-allow-methods
GET
content-type
image/svg+xml
access-control-allow-origin
*
accept-ranges
bytes
timing-allow-origin
*
logo-square-32.svg
213.238.171.129.sslip.io/assets/show/uplift/ 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://213.238.171.129.sslip.io/assets/show/uplift/logo-square-32.svg
Requested by
Host: 213.238.171.129.sslip.io
URL: https://213.238.171.129.sslip.io/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.238.171.129 , Turkey, ASN200456 (VERIGOM, TR),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
247702ecc39010300f2eb5e645266b9bc178f44d08f927507f66fa7b96ba5455

Request headers

accept-language
en-US,en;q=0.9
Referer
https://213.238.171.129.sslip.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 01:52:53 GMT
content-encoding
gzip
via
1.1 varnish
age
0
content-length
1680
x-device
desktop
last-modified
Thu, 26 Oct 2023 15:56:52 GMT
server
nginx/1.18.0 (Ubuntu)
x-edge-forwarded-proto
https
etag
"04055a426192ecfa317266f6b3d15a51"
vary
Accept-Encoding, X-Device, X-Edge-Forwarded-Proto
access-control-allow-methods
GET
content-type
image/svg+xml
access-control-allow-origin
*
accept-ranges
bytes
timing-allow-origin
*
logo-square-32.svg
213.238.171.129.sslip.io/assets/show/eye-on-america/ 		3 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://213.238.171.129.sslip.io/assets/show/eye-on-america/logo-square-32.svg
Requested by
Host: 213.238.171.129.sslip.io
URL: https://213.238.171.129.sslip.io/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.238.171.129 , Turkey, ASN200456 (VERIGOM, TR),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
c3965c2db5a7e83642ddb137e9d57b4acacafe099abf6eb7daf97b9f660a9e34

Request headers

accept-language
en-US,en;q=0.9
Referer
https://213.238.171.129.sslip.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 01:52:53 GMT
content-encoding
gzip
via
1.1 varnish
age
0
content-length
1370
x-device
desktop
last-modified
Thu, 26 Oct 2023 15:56:49 GMT
server
nginx/1.18.0 (Ubuntu)
x-edge-forwarded-proto
https
etag
"3c5e3485ec31b769c0e8933cd1f04e1f"
vary
Accept-Encoding, X-Device, X-Edge-Forwarded-Proto
access-control-allow-methods
GET
content-type
image/svg+xml
access-control-allow-origin
*
accept-ranges
bytes
timing-allow-origin
*
logo-square-32.svg
213.238.171.129.sslip.io/assets/show/the-dish/ 		3 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://213.238.171.129.sslip.io/assets/show/the-dish/logo-square-32.svg
Requested by
Host: 213.238.171.129.sslip.io
URL: https://213.238.171.129.sslip.io/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.238.171.129 , Turkey, ASN200456 (VERIGOM, TR),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d62f6140a19af16515a5d4d0221605d5d6d3ad0f38c792534da2d283e820596

Request headers

accept-language
en-US,en;q=0.9
Referer
https://213.238.171.129.sslip.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 01:52:53 GMT
content-encoding
gzip
via
1.1 varnish
age
0
content-length
1526
x-device
desktop
last-modified
Thu, 26 Oct 2023 15:56:52 GMT
server
nginx/1.18.0 (Ubuntu)
x-edge-forwarded-proto
https
etag
"8098b500ddf00988f8d56e614679a031"
vary
Accept-Encoding, X-Device, X-Edge-Forwarded-Proto
access-control-allow-methods
GET
content-type
image/svg+xml
access-control-allow-origin
*
accept-ranges
bytes
timing-allow-origin
*
logo-square-32.svg
213.238.171.129.sslip.io/assets/show/here-comes-the-sun/ 		6 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://213.238.171.129.sslip.io/assets/show/here-comes-the-sun/logo-square-32.svg
Requested by
Host: 213.238.171.129.sslip.io
URL: https://213.238.171.129.sslip.io/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.238.171.129 , Turkey, ASN200456 (VERIGOM, TR),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
f0877351aa93ada7eedc2f2bbf0661ed0d6015c63a685d75ace0ce4ad0068be4

Request headers

accept-language
en-US,en;q=0.9
Referer
https://213.238.171.129.sslip.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 01:52:53 GMT
content-encoding
gzip
via
1.1 varnish
age
0
content-length
2395
x-device
desktop
last-modified
Mon, 23 Oct 2023 18:37:36 GMT
server
nginx/1.18.0 (Ubuntu)
x-edge-forwarded-proto
https
etag
"030b9db07d5536ea01baf7e1f4106d00"
vary
Accept-Encoding, X-Device, X-Edge-Forwarded-Proto
access-control-allow-methods
GET
content-type
image/svg+xml
access-control-allow-origin
*
accept-ranges
bytes
timing-allow-origin
*
logo-square-32.svg
213.238.171.129.sslip.io/assets/show/person-to-person/ 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://213.238.171.129.sslip.io/assets/show/person-to-person/logo-square-32.svg
Requested by
Host: 213.238.171.129.sslip.io
URL: https://213.238.171.129.sslip.io/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.238.171.129 , Turkey, ASN200456 (VERIGOM, TR),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
8630282ccf13d1d42eae46d6012fba53069c6145ddd8711712a424609bfcdcda

Request headers

accept-language
en-US,en;q=0.9
Referer
https://213.238.171.129.sslip.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 01:52:53 GMT
content-encoding
gzip
via
1.1 varnish
age
0
content-length
1585
x-device
desktop
last-modified
Thu, 26 Oct 2023 15:56:51 GMT
server
nginx/1.18.0 (Ubuntu)
x-edge-forwarded-proto
https
etag
"3bfb68e6f9ea02be6c7061c11eb0b1ab"
vary
Accept-Encoding, X-Device, X-Edge-Forwarded-Proto
access-control-allow-methods
GET
content-type
image/svg+xml
access-control-allow-origin
*
accept-ranges
bytes
timing-allow-origin
*
flyout-live-cbsnews@1x.png
213.238.171.129.sslip.io/assets/live_icons/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://213.238.171.129.sslip.io/assets/live_icons/flyout-live-cbsnews@1x.png
Requested by
Host: 213.238.171.129.sslip.io
URL: https://213.238.171.129.sslip.io/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.238.171.129 , Turkey, ASN200456 (VERIGOM, TR),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
2206cc3b3080dba8a841a08281ea5add576e41ce3cb9c1275d04dedf09d26a51

Request headers

accept-language
en-US,en;q=0.9
Referer
https://213.238.171.129.sslip.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 01:52:53 GMT
via
1.1 varnish
last-modified
Thu, 26 Oct 2023 15:56:42 GMT
server
nginx/1.18.0 (Ubuntu)
x-edge-forwarded-proto
https
age
0
etag
"30802b2f6c605e8b5722e719110d8cab"
vary
X-Device, X-Edge-Forwarded-Proto
access-control-allow-methods
GET
content-type
image/png
access-control-allow-origin
*
accept-ranges
bytes
timing-allow-origin
*
content-length
7515
x-device
desktop
flyout-live-baltimore@1x.png
213.238.171.129.sslip.io/assets/live_icons/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://213.238.171.129.sslip.io/assets/live_icons/flyout-live-baltimore@1x.png
Requested by
Host: 213.238.171.129.sslip.io
URL: https://213.238.171.129.sslip.io/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.238.171.129 , Turkey, ASN200456 (VERIGOM, TR),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
81d770080c1b800be3a53c463260330cb7c2b15f194634f75e2b1f847507b2fa

Request headers

accept-language
en-US,en;q=0.9
Referer
https://213.238.171.129.sslip.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 01:52:53 GMT
via
1.1 varnish
last-modified
Thu, 26 Oct 2023 15:56:42 GMT
server
nginx/1.18.0 (Ubuntu)
x-edge-forwarded-proto
https
age
0
etag
"d0714c80de04d267e026a93cce5f4526"
vary
X-Device, X-Edge-Forwarded-Proto
access-control-allow-methods
GET
content-type
image/png
access-control-allow-origin
*
accept-ranges
bytes
timing-allow-origin
*
content-length
5396
x-device
desktop
flyout-live-sanfrancisco@1x.png
213.238.171.129.sslip.io/assets/live_icons/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://213.238.171.129.sslip.io/assets/live_icons/flyout-live-sanfrancisco@1x.png
Requested by
Host: 213.238.171.129.sslip.io
URL: https://213.238.171.129.sslip.io/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.238.171.129 , Turkey, ASN200456 (VERIGOM, TR),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
406eaffa99cf933d468ae69e334e192b8f97a9e50a0eb02e05b7fe32737e2759

Request headers

accept-language
en-US,en;q=0.9
Referer
https://213.238.171.129.sslip.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 01:52:53 GMT
via
1.1 varnish
last-modified
Thu, 26 Oct 2023 15:56:42 GMT
server
nginx/1.18.0 (Ubuntu)
x-edge-forwarded-proto
https
age
0
etag
"1d39f11485bd63e26866b5f55664864a"
vary
X-Device, X-Edge-Forwarded-Proto
access-control-allow-methods
GET
content-type
image/png
access-control-allow-origin
*
accept-ranges
bytes
timing-allow-origin
*
content-length
5896
x-device
desktop
flyout-live-boston@1x.png
213.238.171.129.sslip.io/assets/live_icons/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://213.238.171.129.sslip.io/assets/live_icons/flyout-live-boston@1x.png
Requested by
Host: 213.238.171.129.sslip.io
URL: https://213.238.171.129.sslip.io/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.238.171.129 , Turkey, ASN200456 (VERIGOM, TR),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
330db8c80df2e65bf1ab27c70a0042f79f0921b5a0bd237da0b391a82a97f232

Request headers

accept-language
en-US,en;q=0.9
Referer
https://213.238.171.129.sslip.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 01:52:53 GMT
via
1.1 varnish
last-modified
Thu, 26 Oct 2023 15:56:42 GMT
server
nginx/1.18.0 (Ubuntu)
x-edge-forwarded-proto
https
age
0
etag
"5860a12d76aa14a5748a67e1bd05379c"
vary
X-Device, X-Edge-Forwarded-Proto
access-control-allow-methods
GET
content-type
image/png
access-control-allow-origin
*
accept-ranges
bytes
timing-allow-origin
*
content-length
6491
x-device
desktop
flyout-live-chicago@1x.png
213.238.171.129.sslip.io/assets/live_icons/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://213.238.171.129.sslip.io/assets/live_icons/flyout-live-chicago@1x.png
Requested by
Host: 213.238.171.129.sslip.io
URL: https://213.238.171.129.sslip.io/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.238.171.129 , Turkey, ASN200456 (VERIGOM, TR),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
b84bc98b4024a0d63cade00923c66e78bdf1f431edb62d40bdebe7c0d7c71b97

Request headers

accept-language
en-US,en;q=0.9
Referer
https://213.238.171.129.sslip.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 01:52:53 GMT
via
1.1 varnish
last-modified
Thu, 26 Oct 2023 15:56:42 GMT
server
nginx/1.18.0 (Ubuntu)
x-edge-forwarded-proto
https
age
0
etag
"66588fc5d4bbeb6f75cba95d80346fc5"
vary
X-Device, X-Edge-Forwarded-Proto
access-control-allow-methods
GET
content-type
image/png
access-control-allow-origin
*
accept-ranges
bytes
timing-allow-origin
*
content-length
5520
x-device
desktop
flyout-live-colorado@1x.png
213.238.171.129.sslip.io/assets/live_icons/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://213.238.171.129.sslip.io/assets/live_icons/flyout-live-colorado@1x.png
Requested by
Host: 213.238.171.129.sslip.io
URL: https://213.238.171.129.sslip.io/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.238.171.129 , Turkey, ASN200456 (VERIGOM, TR),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
29538425766b8e607f722b292629b5da8a1b5c480f26febec71ce3e689db0ca8

Request headers

accept-language
en-US,en;q=0.9
Referer
https://213.238.171.129.sslip.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 01:52:53 GMT
via
1.1 varnish
last-modified
Thu, 26 Oct 2023 15:56:42 GMT
server
nginx/1.18.0 (Ubuntu)
x-edge-forwarded-proto
https
age
0
etag
"81d374d9ba0de6fca5a6037a107d038f"
vary
X-Device, X-Edge-Forwarded-Proto
access-control-allow-methods
GET
content-type
image/png
access-control-allow-origin
*
accept-ranges
bytes
timing-allow-origin
*
content-length
5413
x-device
desktop
flyout-live-detroit@1x.png
213.238.171.129.sslip.io/assets/live_icons/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://213.238.171.129.sslip.io/assets/live_icons/flyout-live-detroit@1x.png
Requested by
Host: 213.238.171.129.sslip.io
URL: https://213.238.171.129.sslip.io/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.238.171.129 , Turkey, ASN200456 (VERIGOM, TR),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3797f2b02c4e4a5a4f6f62bd6f0b47a7bb6d74638cd29bb97b0de698a7271e1a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://213.238.171.129.sslip.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 01:52:53 GMT
via
1.1 varnish
last-modified
Thu, 26 Oct 2023 15:56:42 GMT
server
nginx/1.18.0 (Ubuntu)
x-edge-forwarded-proto
https
age
0
etag
"5d7214a2cda4502a00a6cb5c6ffc27f0"
vary
X-Device, X-Edge-Forwarded-Proto
access-control-allow-methods
GET
content-type
image/png
access-control-allow-origin
*
accept-ranges
bytes
timing-allow-origin
*
content-length
5349
x-device
desktop
flyout-live-losangeles@1x.png
213.238.171.129.sslip.io/assets/live_icons/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://213.238.171.129.sslip.io/assets/live_icons/flyout-live-losangeles@1x.png
Requested by
Host: 213.238.171.129.sslip.io
URL: https://213.238.171.129.sslip.io/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.238.171.129 , Turkey, ASN200456 (VERIGOM, TR),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
2a8d1d7919d3d0edde8d6897a47fa7d797094b070ff2c912317b6684925cc655

Request headers

accept-language
en-US,en;q=0.9
Referer
https://213.238.171.129.sslip.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 01:52:53 GMT
via
1.1 varnish
last-modified
Thu, 26 Oct 2023 15:56:42 GMT
server
nginx/1.18.0 (Ubuntu)
x-edge-forwarded-proto
https
age
0
etag
"cc19a8e75e9cd5f8fe442560bf1a5b69"
vary
X-Device, X-Edge-Forwarded-Proto
access-control-allow-methods
GET
content-type
image/png
access-control-allow-origin
*
accept-ranges
bytes
timing-allow-origin
*
content-length
4141
x-device
desktop
flyout-live-miami@1x.png
213.238.171.129.sslip.io/assets/live_icons/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://213.238.171.129.sslip.io/assets/live_icons/flyout-live-miami@1x.png
Requested by
Host: 213.238.171.129.sslip.io
URL: https://213.238.171.129.sslip.io/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.238.171.129 , Turkey, ASN200456 (VERIGOM, TR),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
b857347e8644e3dfc228417e700986e7981a434ee3e37ec8f3edff3acaaacb15

Request headers

accept-language
en-US,en;q=0.9
Referer
https://213.238.171.129.sslip.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 01:52:53 GMT
via
1.1 varnish
last-modified
Thu, 26 Oct 2023 15:56:42 GMT
server
nginx/1.18.0 (Ubuntu)
x-edge-forwarded-proto
https
age
0
etag
"44cee9647997cab2cd86150f0040e7ba"
vary
X-Device, X-Edge-Forwarded-Proto
access-control-allow-methods
GET
content-type
image/png
access-control-allow-origin
*
accept-ranges
bytes
timing-allow-origin
*
content-length
5700
x-device
desktop
flyout-live-minnesota@1x.png
213.238.171.129.sslip.io/assets/live_icons/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://213.238.171.129.sslip.io/assets/live_icons/flyout-live-minnesota@1x.png
Requested by
Host: 213.238.171.129.sslip.io
URL: https://213.238.171.129.sslip.io/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.238.171.129 , Turkey, ASN200456 (VERIGOM, TR),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
15b6030c65413214411e5e2bf8a960add1a99825048061b874d99f82c310b4ae

Request headers

accept-language
en-US,en;q=0.9
Referer
https://213.238.171.129.sslip.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 01:52:53 GMT
via
1.1 varnish
last-modified
Thu, 26 Oct 2023 15:56:42 GMT
server
nginx/1.18.0 (Ubuntu)
x-edge-forwarded-proto
https
age
0
etag
"b680ad3eae9a191f3dce10b6e61b631c"
vary
X-Device, X-Edge-Forwarded-Proto
access-control-allow-methods
GET
content-type
image/png
access-control-allow-origin
*
accept-ranges
bytes
timing-allow-origin
*
content-length
5292
x-device
desktop
flyout-live-newyork@1x.png
213.238.171.129.sslip.io/assets/live_icons/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://213.238.171.129.sslip.io/assets/live_icons/flyout-live-newyork@1x.png
Requested by
Host: 213.238.171.129.sslip.io
URL: https://213.238.171.129.sslip.io/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.238.171.129 , Turkey, ASN200456 (VERIGOM, TR),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
98279c8ba2ab23c05982c576f922443fb5bfd6934f5bf8830d2be961b5cfc474

Request headers

accept-language
en-US,en;q=0.9
Referer
https://213.238.171.129.sslip.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 01:52:53 GMT
via
1.1 varnish
last-modified
Thu, 26 Oct 2023 15:56:42 GMT
server
nginx/1.18.0 (Ubuntu)
x-edge-forwarded-proto
https
age
0
etag
"a10e87fc8fd6c2990020b31285622b92"
vary
X-Device, X-Edge-Forwarded-Proto
access-control-allow-methods
GET
content-type
image/png
access-control-allow-origin
*
accept-ranges
bytes
timing-allow-origin
*
content-length
5454
x-device
desktop
flyout-live-philadelphia@1x.png
213.238.171.129.sslip.io/assets/live_icons/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://213.238.171.129.sslip.io/assets/live_icons/flyout-live-philadelphia@1x.png
Requested by
Host: 213.238.171.129.sslip.io
URL: https://213.238.171.129.sslip.io/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.238.171.129 , Turkey, ASN200456 (VERIGOM, TR),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
1d6ef446c1c980d0eb158d99763b88810eb37a91d8a36408a7cc69f17fabe4b5

Request headers

accept-language
en-US,en;q=0.9
Referer
https://213.238.171.129.sslip.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 01:52:53 GMT
via
1.1 varnish
last-modified
Thu, 26 Oct 2023 15:56:42 GMT
server
nginx/1.18.0 (Ubuntu)
x-edge-forwarded-proto
https
age
0
etag
"36ad4d6315d2740280a010b50c039145"
vary
X-Device, X-Edge-Forwarded-Proto
access-control-allow-methods
GET
content-type
image/png
access-control-allow-origin
*
accept-ranges
bytes
timing-allow-origin
*
content-length
4758
x-device
desktop
flyout-live-pittsburgh@1x.png
213.238.171.129.sslip.io/assets/live_icons/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://213.238.171.129.sslip.io/assets/live_icons/flyout-live-pittsburgh@1x.png
Requested by
Host: 213.238.171.129.sslip.io
URL: https://213.238.171.129.sslip.io/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.238.171.129 , Turkey, ASN200456 (VERIGOM, TR),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
d1cf07d433a923298b8b708845ded352d8ec8c8f5e69aca2e6d13e4929907a55

Request headers

accept-language
en-US,en;q=0.9
Referer
https://213.238.171.129.sslip.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 01:52:53 GMT
via
1.1 varnish
last-modified
Thu, 26 Oct 2023 15:56:42 GMT
server
nginx/1.18.0 (Ubuntu)
x-edge-forwarded-proto
https
age
0
etag
"4c773a04d70af7e58b4042589256a7c9"
vary
X-Device, X-Edge-Forwarded-Proto
access-control-allow-methods
GET
content-type
image/png
access-control-allow-origin
*
accept-ranges
bytes
timing-allow-origin
*
content-length
5003
x-device
desktop
flyout-live-sacramento@1x.png
213.238.171.129.sslip.io/assets/live_icons/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://213.238.171.129.sslip.io/assets/live_icons/flyout-live-sacramento@1x.png
Requested by
Host: 213.238.171.129.sslip.io
URL: https://213.238.171.129.sslip.io/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.238.171.129 , Turkey, ASN200456 (VERIGOM, TR),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
518d265e7492ff69971397df36b1504256005db2967607e9a3bf64baa60cd1e9

Request headers

accept-language
en-US,en;q=0.9
Referer
https://213.238.171.129.sslip.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 01:52:53 GMT
via
1.1 varnish
last-modified
Thu, 26 Oct 2023 15:56:42 GMT
server
nginx/1.18.0 (Ubuntu)
x-edge-forwarded-proto
https
age
24
etag
"fcf663aad1e95c860931bc8e06b7fde5"
vary
X-Device, X-Edge-Forwarded-Proto
access-control-allow-methods
GET
content-type
image/png
access-control-allow-origin
*
accept-ranges
bytes
timing-allow-origin
*
content-length
5020
x-device
desktop
flyout-live-texas@1x.png
213.238.171.129.sslip.io/assets/live_icons/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://213.238.171.129.sslip.io/assets/live_icons/flyout-live-texas@1x.png
Requested by
Host: 213.238.171.129.sslip.io
URL: https://213.238.171.129.sslip.io/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.238.171.129 , Turkey, ASN200456 (VERIGOM, TR),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
59a32c94ea6b833e767d464c4aa17f630d03b318e5d0461669f73914dcc65769

Request headers

accept-language
en-US,en;q=0.9
Referer
https://213.238.171.129.sslip.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 01:52:53 GMT
via
1.1 varnish
last-modified
Thu, 26 Oct 2023 15:56:42 GMT
server
nginx/1.18.0 (Ubuntu)
x-edge-forwarded-proto
https
age
0
etag
"b71e6afd5f6f902c8321739469bee178"
vary
X-Device, X-Edge-Forwarded-Proto
access-control-allow-methods
GET
content-type
image/png
access-control-allow-origin
*
accept-ranges
bytes
timing-allow-origin
*
content-length
8007
x-device
desktop
flyout-live-cbs-sports-hq@1x.png
213.238.171.129.sslip.io/assets/live_icons/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://213.238.171.129.sslip.io/assets/live_icons/flyout-live-cbs-sports-hq@1x.png
Requested by
Host: 213.238.171.129.sslip.io
URL: https://213.238.171.129.sslip.io/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.238.171.129 , Turkey, ASN200456 (VERIGOM, TR),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
a6e3011d74b5fbd43acc90563ed7dcf76c49f852009ced30e3961411046fe803

Request headers

accept-language
en-US,en;q=0.9
Referer
https://213.238.171.129.sslip.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 01:52:53 GMT
via
1.1 varnish
last-modified
Thu, 26 Oct 2023 15:56:42 GMT
server
nginx/1.18.0 (Ubuntu)
x-edge-forwarded-proto
https
age
0
etag
"5a4a2c6078112f9406da1ee90ce1940c"
vary
X-Device, X-Edge-Forwarded-Proto
access-control-allow-methods
GET
content-type
image/png
access-control-allow-origin
*
accept-ranges
bytes
timing-allow-origin
*
content-length
7979
x-device
desktop
flyout-live-inside-edition@1x.png
213.238.171.129.sslip.io/assets/live_icons/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://213.238.171.129.sslip.io/assets/live_icons/flyout-live-inside-edition@1x.png
Requested by
Host: 213.238.171.129.sslip.io
URL: https://213.238.171.129.sslip.io/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.238.171.129 , Turkey, ASN200456 (VERIGOM, TR),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
5f3aae2c704ff1919707745708c5be550920015cd6cd32e86336c0c1bffcb7f7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://213.238.171.129.sslip.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 01:52:53 GMT
via
1.1 varnish
last-modified
Thu, 26 Oct 2023 15:56:42 GMT
server
nginx/1.18.0 (Ubuntu)
x-edge-forwarded-proto
https
age
0
etag
"2fb455701e35d488cd6bc14734c9bb3e"
vary
X-Device, X-Edge-Forwarded-Proto
access-control-allow-methods
GET
content-type
image/png
access-control-allow-origin
*
accept-ranges
bytes
timing-allow-origin
*
content-length
5392
x-device
desktop
flyout-live-mixible@1x.png
213.238.171.129.sslip.io/assets/live_icons/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://213.238.171.129.sslip.io/assets/live_icons/flyout-live-mixible@1x.png
Requested by
Host: 213.238.171.129.sslip.io
URL: https://213.238.171.129.sslip.io/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.238.171.129 , Turkey, ASN200456 (VERIGOM, TR),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
065e9ecb8afbe6bb081942aff75e7b1d339ffd9685462128ac5192a160941ae5

Request headers

accept-language
en-US,en;q=0.9
Referer
https://213.238.171.129.sslip.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 01:52:53 GMT
via
1.1 varnish
last-modified
Thu, 26 Oct 2023 15:56:42 GMT
server
nginx/1.18.0 (Ubuntu)
x-edge-forwarded-proto
https
age
0
etag
"d695f2a84e595781c06ad5b6edb5738c"
vary
X-Device, X-Edge-Forwarded-Proto
access-control-allow-methods
GET
content-type
image/png
access-control-allow-origin
*
accept-ranges
bytes
timing-allow-origin
*
content-length
4226
x-device
desktop
responsive.min.css
213.238.171.129.sslip.io/fly/bundles/cbsnewscontent/css/ 		280 KB
42 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://213.238.171.129.sslip.io/fly/bundles/cbsnewscontent/css/responsive.min.css?v=5659e73acd91751548aa89950cf015b0
Requested by
Host: 213.238.171.129.sslip.io
URL: https://213.238.171.129.sslip.io/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.238.171.129 , Turkey, ASN200456 (VERIGOM, TR),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
94277016b9cfd1841456b42956005a0f56ae4bfb468d672e7dc0534b34f633e4
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://213.238.171.129.sslip.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 01:52:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=15724800; includeSubDomains
via
1.1 varnish
age
903713
x-device
desktop
content-length
42287
x-xss-protection
1; mode=block
last-modified
Fri, 17 Nov 2023 13:15:43 GMT
server
nginx/1.18.0 (Ubuntu)
x-edge-forwarded-proto
https
etag
W/"6557677f-46124"
vary
Accept-Encoding, X-Device, X-Edge-Forwarded-Proto
access-control-allow-methods
GET
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=5184000s
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 16 Nov 2024 14:51:00 GMT
gettyimages-1806654747.jpg
assets1.cbsnewsstatic.com/hub/i/r/2023/11/27/b8e4b90f-31ab-4510-ab05-aefdf2d853fd/thumbnail/640x360/2f0e64f436c12b7591932c7d015c0aba/ 		57 KB
57 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets1.cbsnewsstatic.com/hub/i/r/2023/11/27/b8e4b90f-31ab-4510-ab05-aefdf2d853fd/thumbnail/640x360/2f0e64f436c12b7591932c7d015c0aba/gettyimages-1806654747.jpg?v=5659e73acd91751548aa89950cf015b0
Requested by
Host: 213.238.171.129.sslip.io
URL: https://213.238.171.129.sslip.io/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.37.188 New York, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
227698f9473523b735aa88d16366866ba878a804fbcf0e420ba50be4acff4c5d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://213.238.171.129.sslip.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 01:52:52 GMT
via
1.1 varnish
last-modified
Mon, 27 Nov 2023 22:21:57 GMT
age
12585
etag
"e8bbcd207d0a7dd7894386bf90221815"
content-type
image/jpeg
cache-control
max-age=5184000s
accept-ranges
bytes
timing-allow-origin
*
link
<https://assets1.cbsnewsstatic.com/hub/i/r/2023/11/27/b8e4b90f-31ab-4510-ab05-aefdf2d853fd/thumbnail/640x360/2f0e64f436c12b7591932c7d015c0aba/gettyimages-1806654747.jpg>; rel="canonical"
content-length
58421
image-1.png
assets3.cbsnewsstatic.com/hub/i/r/2023/11/26/29eb481b-d1d9-4b7b-b28d-58dd452e4563/thumbnail/640x360g2/4b874f5bfa5864a79b92366e2541c59a/ 		382 KB
382 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets3.cbsnewsstatic.com/hub/i/r/2023/11/26/29eb481b-d1d9-4b7b-b28d-58dd452e4563/thumbnail/640x360g2/4b874f5bfa5864a79b92366e2541c59a/image-1.png?v=5659e73acd91751548aa89950cf015b0
Requested by
Host: 213.238.171.129.sslip.io
URL: https://213.238.171.129.sslip.io/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.37.188 New York, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
195715ee0adb3b3bf6c435b440bfab73e93d572bd364d9478b22aaaabf95fcd8

Request headers

accept-language
en-US,en;q=0.9
Referer
https://213.238.171.129.sslip.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 01:52:52 GMT
via
1.1 varnish
last-modified
Mon, 27 Nov 2023 12:59:00 GMT
age
46397
etag
"6a7c2d32a69a1467172788ab1e7585af"
content-type
image/png
cache-control
max-age=5184000s
accept-ranges
bytes
timing-allow-origin
*
link
<https://assets1.cbsnewsstatic.com/hub/i/r/2023/11/26/29eb481b-d1d9-4b7b-b28d-58dd452e4563/thumbnail/640x360g2/4b874f5bfa5864a79b92366e2541c59a/image-1.png>; rel="canonical"
content-length
391014
cbsn-fusion-what-trump-could-face-in-special-counsels-jan-6-probe-thumbnail-2136502-640x360.jpg
assets3.cbsnewsstatic.com/hub/i/r/2023/07/18/49ce94af-3612-41e8-9514-db80897dda4f/thumbnail/640x360/ba8d540c40ff52d3192b7d8cc13a2248/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets3.cbsnewsstatic.com/hub/i/r/2023/07/18/49ce94af-3612-41e8-9514-db80897dda4f/thumbnail/640x360/ba8d540c40ff52d3192b7d8cc13a2248/cbsn-fusion-what-trump-could-face-in-special-counsels-jan-6-probe-thumbnail-2136502-640x360.jpg?v=5659e73acd91751548aa89950cf015b0
Requested by
Host: 213.238.171.129.sslip.io
URL: https://213.238.171.129.sslip.io/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.37.188 New York, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
f86366f35aa57fbd20ad62caaaf4b15e38903b16df61e48556a565e19cb570dc

Request headers

accept-language
en-US,en;q=0.9
Referer
https://213.238.171.129.sslip.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 01:52:52 GMT
via
1.1 varnish
last-modified
Tue, 18 Jul 2023 23:25:37 GMT
age
10445
etag
"60512726d65eac1e4aca69fa47289042"
content-type
image/jpeg
cache-control
max-age=5184000s
accept-ranges
bytes
timing-allow-origin
*
link
<https://assets1.cbsnewsstatic.com/hub/i/r/2023/07/18/49ce94af-3612-41e8-9514-db80897dda4f/thumbnail/640x360/ba8d540c40ff52d3192b7d8cc13a2248/cbsn-fusion-what-trump-could-face-in-special-counsels-jan-6-probe-thumbnail-2136502-640x360.jpg>; rel="canonical"
content-length
14926
ap17023711999843.jpg
assets2.cbsnewsstatic.com/hub/i/r/2023/03/31/f1ca414a-bcbb-4baf-8bc5-7385bebd1aab/thumbnail/640x360g4/9af058e73187abaf59f3323888f56c87/ 		48 KB
48 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets2.cbsnewsstatic.com/hub/i/r/2023/03/31/f1ca414a-bcbb-4baf-8bc5-7385bebd1aab/thumbnail/640x360g4/9af058e73187abaf59f3323888f56c87/ap17023711999843.jpg?v=5659e73acd91751548aa89950cf015b0
Requested by
Host: 213.238.171.129.sslip.io
URL: https://213.238.171.129.sslip.io/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.37.188 New York, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
85af33b3bfad511db80d2fcc1245bf6d952f6df636797f1f50a1f270d028cf33

Request headers

accept-language
en-US,en;q=0.9
Referer
https://213.238.171.129.sslip.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 01:52:52 GMT
via
1.1 varnish
last-modified
Tue, 15 Aug 2023 00:15:44 GMT
age
28212
etag
"b27b6a25a51bcdd3a68916c27bda2fc9"
content-type
image/jpeg
cache-control
max-age=5184000s
accept-ranges
bytes
timing-allow-origin
*
link
<https://assets1.cbsnewsstatic.com/hub/i/r/2023/03/31/f1ca414a-bcbb-4baf-8bc5-7385bebd1aab/thumbnail/640x360g4/9af058e73187abaf59f3323888f56c87/ap17023711999843.jpg>; rel="canonical"
content-length
49406
gettyimages-1782471520.jpg
assets2.cbsnewsstatic.com/hub/i/r/2023/11/15/475f0a5f-cce1-4346-b702-36868cd7c2d0/thumbnail/640x360/84b598f705b876bc5f957bf3e239907e/ 		47 KB
47 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets2.cbsnewsstatic.com/hub/i/r/2023/11/15/475f0a5f-cce1-4346-b702-36868cd7c2d0/thumbnail/640x360/84b598f705b876bc5f957bf3e239907e/gettyimages-1782471520.jpg?v=5659e73acd91751548aa89950cf015b0
Requested by
Host: 213.238.171.129.sslip.io
URL: https://213.238.171.129.sslip.io/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.37.188 New York, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
272d2e19b15b17a439d4f5074dab1546a4942adf675409aa6a4a60d4aca1ab67

Request headers

accept-language
en-US,en;q=0.9
Referer
https://213.238.171.129.sslip.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 01:52:52 GMT
via
1.1 varnish
last-modified
Wed, 15 Nov 2023 19:22:21 GMT
age
1060185
etag
"1762e4bb71ef1685331b861c6eaa640a"
content-type
image/jpeg
cache-control
max-age=5184000s
accept-ranges
bytes
timing-allow-origin
*
link
<https://assets1.cbsnewsstatic.com/hub/i/r/2023/11/15/475f0a5f-cce1-4346-b702-36868cd7c2d0/thumbnail/640x360/84b598f705b876bc5f957bf3e239907e/gettyimages-1782471520.jpg>; rel="canonical"
content-length
48154
gettyimages-1008258358.jpg
assets1.cbsnewsstatic.com/hub/i/r/2023/10/03/d7ae5b23-812f-4722-9c25-466f8b22e5a5/thumbnail/640x360/a8e591c53b3847eeb4d01c675ffd83eb/ 		39 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets1.cbsnewsstatic.com/hub/i/r/2023/10/03/d7ae5b23-812f-4722-9c25-466f8b22e5a5/thumbnail/640x360/a8e591c53b3847eeb4d01c675ffd83eb/gettyimages-1008258358.jpg?v=5659e73acd91751548aa89950cf015b0
Requested by
Host: 213.238.171.129.sslip.io
URL: https://213.238.171.129.sslip.io/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.37.188 New York, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
3486e7b4a56255ea6b9716484eb177e5613846850d379ed37af2502de1d196d3

Request headers

accept-language
en-US,en;q=0.9
Referer
https://213.238.171.129.sslip.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 01:52:52 GMT
via
1.1 varnish
last-modified
Tue, 03 Oct 2023 21:33:18 GMT
age
34540
etag
"ab0b7f32a27d73dcc83e8bdf01def007"
content-type
image/jpeg
cache-control
max-age=5184000s
accept-ranges
bytes
timing-allow-origin
*
link
<https://assets1.cbsnewsstatic.com/hub/i/r/2023/10/03/d7ae5b23-812f-4722-9c25-466f8b22e5a5/thumbnail/640x360/a8e591c53b3847eeb4d01c675ffd83eb/gettyimages-1008258358.jpg>; rel="canonical"
content-length
40046
ap23331569559428.jpg
assets2.cbsnewsstatic.com/hub/i/r/2023/11/27/aa82ef6a-418b-45b2-8226-d2a96384771a/thumbnail/640x360/203b6dc4bc16b3347aa90ad600782312/ 		38 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets2.cbsnewsstatic.com/hub/i/r/2023/11/27/aa82ef6a-418b-45b2-8226-d2a96384771a/thumbnail/640x360/203b6dc4bc16b3347aa90ad600782312/ap23331569559428.jpg?v=5659e73acd91751548aa89950cf015b0
Requested by
Host: 213.238.171.129.sslip.io
URL: https://213.238.171.129.sslip.io/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.37.188 New York, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
0ed2e72b8338f47244500532f1c4a2f898130780a6ed2e0f4f59473cf4496a56

Request headers

accept-language
en-US,en;q=0.9
Referer
https://213.238.171.129.sslip.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 01:52:52 GMT
via
1.1 varnish
last-modified
Mon, 27 Nov 2023 17:48:11 GMT
age
28968
etag
"3038ead9992533ab35fbf51977d64e2f"
content-type
image/jpeg
cache-control
max-age=5184000s
accept-ranges
bytes
timing-allow-origin
*
link
<https://assets1.cbsnewsstatic.com/hub/i/r/2023/11/27/aa82ef6a-418b-45b2-8226-d2a96384771a/thumbnail/640x360/203b6dc4bc16b3347aa90ad600782312/ap23331569559428.jpg>; rel="canonical"
content-length
39331
gettyimages-1256716193.jpg
assets3.cbsnewsstatic.com/hub/i/r/2023/10/03/b69809ef-fe7d-464c-81df-5e78e1580571/thumbnail/640x360/1046b831df3c53e09590a8c2e5cde88e/ 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets3.cbsnewsstatic.com/hub/i/r/2023/10/03/b69809ef-fe7d-464c-81df-5e78e1580571/thumbnail/640x360/1046b831df3c53e09590a8c2e5cde88e/gettyimages-1256716193.jpg?v=5659e73acd91751548aa89950cf015b0
Requested by
Host: 213.238.171.129.sslip.io
URL: https://213.238.171.129.sslip.io/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.37.188 New York, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
70026939ae15fefaef7ccc2c697b126b84497e92f3c8c8a662e141b1dc1c8f01

Request headers

accept-language
en-US,en;q=0.9
Referer
https://213.238.171.129.sslip.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 01:52:52 GMT
via
1.1 varnish
last-modified
Tue, 03 Oct 2023 18:11:16 GMT
age
2387386
etag
"fc85f8c217c81757bb2e9ad705ca3775"
content-type
image/jpeg
cache-control
max-age=5184000s
accept-ranges
bytes
timing-allow-origin
*
link
<https://assets1.cbsnewsstatic.com/hub/i/r/2023/10/03/b69809ef-fe7d-464c-81df-5e78e1580571/thumbnail/640x360/1046b831df3c53e09590a8c2e5cde88e/gettyimages-1256716193.jpg>; rel="canonical"
content-length
28844
gettyimages-1241463508.jpg
assets1.cbsnewsstatic.com/hub/i/r/2023/11/27/abbb41f9-2f7a-41d3-a675-eaa240370ceb/thumbnail/640x360/b04642fe70a4879da308a0620a86538b/ 		37 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets1.cbsnewsstatic.com/hub/i/r/2023/11/27/abbb41f9-2f7a-41d3-a675-eaa240370ceb/thumbnail/640x360/b04642fe70a4879da308a0620a86538b/gettyimages-1241463508.jpg?v=5659e73acd91751548aa89950cf015b0
Requested by
Host: 213.238.171.129.sslip.io
URL: https://213.238.171.129.sslip.io/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.37.188 New York, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
2fc21f505c6160286b2b85a077fba645b58f9fafd72ddeda41de66d901e218e8

Request headers

accept-language
en-US,en;q=0.9
Referer
https://213.238.171.129.sslip.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 01:52:52 GMT
via
1.1 varnish
last-modified
Mon, 27 Nov 2023 20:08:26 GMT
age
20593
etag
"a7cb7d655cc22d6b56fe2699d7e4777d"
content-type
image/jpeg
cache-control
max-age=5184000s
accept-ranges
bytes
timing-allow-origin
*
link
<https://assets1.cbsnewsstatic.com/hub/i/r/2023/11/27/abbb41f9-2f7a-41d3-a675-eaa240370ceb/thumbnail/640x360/b04642fe70a4879da308a0620a86538b/gettyimages-1241463508.jpg>; rel="canonical"
content-length
37733
video-door-cbsnews@1x.png
213.238.171.129.sslip.io/assets/live_cards/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://213.238.171.129.sslip.io/assets/live_cards/video-door-cbsnews@1x.png
Requested by
Host: 213.238.171.129.sslip.io
URL: https://213.238.171.129.sslip.io/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.238.171.129 , Turkey, ASN200456 (VERIGOM, TR),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
db15d0dca42325e52f61acbab666be731af215b544e2d9ec7d327e47a763afe8

Request headers

accept-language
en-US,en;q=0.9
Referer
https://213.238.171.129.sslip.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 01:52:53 GMT
via
1.1 varnish
last-modified
Thu, 26 Oct 2023 15:56:41 GMT
server
nginx/1.18.0 (Ubuntu)
x-edge-forwarded-proto
https
age
187
etag
"647fb1fb221a74e3da8cfa09cfe9450b"
vary
X-Device, X-Edge-Forwarded-Proto
access-control-allow-methods
GET
content-type
image/png
access-control-allow-origin
*
accept-ranges
bytes
timing-allow-origin
*
content-length
11700
x-device
desktop
gettyimages-1244607341.jpg
assets1.cbsnewsstatic.com/hub/i/r/2023/11/28/a7b061cb-949a-47df-b331-0f2ad850479e/thumbnail/640x360/2c3306188300cf777c24e8624169b556/ 		48 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets1.cbsnewsstatic.com/hub/i/r/2023/11/28/a7b061cb-949a-47df-b331-0f2ad850479e/thumbnail/640x360/2c3306188300cf777c24e8624169b556/gettyimages-1244607341.jpg?v=5659e73acd91751548aa89950cf015b0
Requested by
Host: 213.238.171.129.sslip.io
URL: https://213.238.171.129.sslip.io/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.37.188 New York, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
46d82c6e94f7ccd5a9f284172b81ef0816351a60a53b10e3753db12cfb1b3555

Request headers

accept-language
en-US,en;q=0.9
Referer
https://213.238.171.129.sslip.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 01:52:52 GMT
via
1.1 varnish
last-modified
Tue, 28 Nov 2023 01:24:59 GMT
age
1648
etag
"93c77930fd74e051b46037b0fbb59756"
content-type
image/jpeg
cache-control
max-age=5184000s
accept-ranges
bytes
timing-allow-origin
*
link
<https://assets1.cbsnewsstatic.com/hub/i/r/2023/11/28/a7b061cb-949a-47df-b331-0f2ad850479e/thumbnail/640x360/2c3306188300cf777c24e8624169b556/gettyimages-1244607341.jpg>; rel="canonical"
content-length
49443
gettyimages-1238793440.jpg
assets2.cbsnewsstatic.com/hub/i/r/2023/10/03/96473934-0f0f-48c5-94e0-7481b0aee73a/thumbnail/640x360/b3e36df8dbe50a879714a1ff05bfcf00/ 		34 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets2.cbsnewsstatic.com/hub/i/r/2023/10/03/96473934-0f0f-48c5-94e0-7481b0aee73a/thumbnail/640x360/b3e36df8dbe50a879714a1ff05bfcf00/gettyimages-1238793440.jpg?v=5659e73acd91751548aa89950cf015b0
Requested by
Host: 213.238.171.129.sslip.io
URL: https://213.238.171.129.sslip.io/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.37.188 New York, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
fd60a3c0bf748f4ef33dbb9eac95a6ac6a806a6182ca63011b641f9188632194

Request headers

accept-language
en-US,en;q=0.9
Referer
https://213.238.171.129.sslip.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 01:52:52 GMT
via
1.1 varnish
last-modified
Tue, 03 Oct 2023 12:11:52 GMT
age
7377
etag
"398f950101a6c1cd9ba4d2aa38a21318"
content-type
image/jpeg
cache-control
max-age=5184000s
accept-ranges
bytes
timing-allow-origin
*
link
<https://assets1.cbsnewsstatic.com/hub/i/r/2023/10/03/96473934-0f0f-48c5-94e0-7481b0aee73a/thumbnail/640x360/b3e36df8dbe50a879714a1ff05bfcf00/gettyimages-1238793440.jpg>; rel="canonical"
content-length
34420
20180828_bigmac.jpg
assets2.cbsnewsstatic.com/hub/i/r/2018/09/26/80a45de0-36b5-4fa3-99ff-a56a1f229bda/thumbnail/640x360/af27be13154b26a16b608c54db3caba2/ 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets2.cbsnewsstatic.com/hub/i/r/2018/09/26/80a45de0-36b5-4fa3-99ff-a56a1f229bda/thumbnail/640x360/af27be13154b26a16b608c54db3caba2/20180828_bigmac.jpg?v=5659e73acd91751548aa89950cf015b0
Requested by
Host: 213.238.171.129.sslip.io
URL: https://213.238.171.129.sslip.io/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.37.188 New York, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
6795d0a9acbd40672a508a822c7c2a4840b43fe7c486df2a0c96264653e3155c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://213.238.171.129.sslip.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 01:52:52 GMT
via
1.1 varnish
last-modified
Wed, 01 Jun 2022 07:14:30 GMT
age
513939
etag
"1c66bb05fc2f6e28873cc8abd31de469"
content-type
image/jpeg
cache-control
max-age=5184000s
accept-ranges
bytes
timing-allow-origin
*
link
<https://assets1.cbsnewsstatic.com/hub/i/r/2018/09/26/80a45de0-36b5-4fa3-99ff-a56a1f229bda/thumbnail/640x360/af27be13154b26a16b608c54db3caba2/20180828_bigmac.jpg>; rel="canonical"
content-length
28937
gettyimages-1782225491.jpg
assets1.cbsnewsstatic.com/hub/i/r/2023/11/27/d4f27114-e62e-4fe2-a6d0-678d5177d28f/thumbnail/640x360/38c70b16d24acec3e129cb07e1598ee3/ 		22 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets1.cbsnewsstatic.com/hub/i/r/2023/11/27/d4f27114-e62e-4fe2-a6d0-678d5177d28f/thumbnail/640x360/38c70b16d24acec3e129cb07e1598ee3/gettyimages-1782225491.jpg?v=5659e73acd91751548aa89950cf015b0
Requested by
Host: 213.238.171.129.sslip.io
URL: https://213.238.171.129.sslip.io/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.37.188 New York, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
f2fdbd9fa50c614a7a44f031cb9b287d42c62c2bbb273878770afc8758fddd58

Request headers

accept-language
en-US,en;q=0.9
Referer
https://213.238.171.129.sslip.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 01:52:52 GMT
via
1.1 varnish
last-modified
Mon, 27 Nov 2023 22:30:49 GMT
age
12026
etag
"bdb5f4d7324c1a46f30dad9df5ca684b"
content-type
image/jpeg
cache-control
max-age=5184000s
accept-ranges
bytes
timing-allow-origin
*
link
<https://assets1.cbsnewsstatic.com/hub/i/r/2023/11/27/d4f27114-e62e-4fe2-a6d0-678d5177d28f/thumbnail/640x360/38c70b16d24acec3e129cb07e1598ee3/gettyimages-1782225491.jpg>; rel="canonical"
content-length
22809
widget.js
disco.headliner.link/d/cbsnews/web/js/ 		175 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://disco.headliner.link/d/cbsnews/web/js/widget.js
Requested by
Host: 213.238.171.129.sslip.io
URL: https://213.238.171.129.sslip.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:23cb:2600:4:daa7:500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
48cf5e6fadb3e29ac5c299c292f4f0c5dbed7c1ef44d721c77defa164d14cfd4

Request headers

accept-language
en-US,en;q=0.9
Referer
https://213.238.171.129.sslip.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 01:49:43 GMT
content-encoding
gzip
via
1.1 db615220fdf1b471c82cd306c2f4717a.cloudfront.net (CloudFront)
last-modified
Tue, 26 Sep 2023 16:23:46 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P1
age
198
x-amz-server-side-encryption
AES256
etag
W/"51c059fd326c332d430b768f08ae6784"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=300
x-amz-cf-id
cgfPFThJ4ruksmnBlywI_N3HqN3_8zBzFFjwruWydXf4nqr9RBNi8w==
truncated
/ 		63 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e4b985a733456e8352e89d0893a32bd9a5c2ebfbb5ad026383f8ae94aacf899a

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type
image/svg+xml
flyout-live-cbsnews@1x.png
213.238.171.129.sslip.io/assets/live_icons/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://213.238.171.129.sslip.io/assets/live_icons/flyout-live-cbsnews@1x.png
Requested by
Host: 213.238.171.129.sslip.io
URL: https://213.238.171.129.sslip.io/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.238.171.129 , Turkey, ASN200456 (VERIGOM, TR),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
2206cc3b3080dba8a841a08281ea5add576e41ce3cb9c1275d04dedf09d26a51

Request headers

accept-language
en-US,en;q=0.9
Referer
https://213.238.171.129.sslip.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 01:52:53 GMT
via
1.1 varnish
last-modified
Thu, 26 Oct 2023 15:56:42 GMT
server
nginx/1.18.0 (Ubuntu)
x-edge-forwarded-proto
https
age
0
etag
"30802b2f6c605e8b5722e719110d8cab"
vary
X-Device, X-Edge-Forwarded-Proto
access-control-allow-methods
GET
content-type
image/png
access-control-allow-origin
*
accept-ranges
bytes
timing-allow-origin
*
content-length
7515
x-device
desktop
ProximaNova-Bold.woff2
213.238.171.129.sslip.io/fly/bundles/cbsnewscontent/fonts/ProximaNova-Bold/ 		24 KB
25 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://213.238.171.129.sslip.io/fly/bundles/cbsnewscontent/fonts/ProximaNova-Bold/ProximaNova-Bold.woff2
Requested by
Host: 213.238.171.129.sslip.io
URL: https://213.238.171.129.sslip.io/fly/bundles/cbsnewscontent/css/responsive.min.css?v=5659e73acd91751548aa89950cf015b0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.238.171.129 , Turkey, ASN200456 (VERIGOM, TR),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
299f93b4e8a74d0880cd959ff3d27c2a0b4d061d241d6ecf79cfcedfb15360a2
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://213.238.171.129.sslip.io/fly/bundles/cbsnewscontent/css/responsive.min.css?v=5659e73acd91751548aa89950cf015b0
Origin
https://213.238.171.129.sslip.io
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 01:52:54 GMT
strict-transport-security
max-age=15724800; includeSubDomains
x-content-type-options
nosniff
via
1.1 varnish
age
687818
x-device
desktop
content-length
24720
x-xss-protection
1; mode=block
last-modified
Fri, 17 Nov 2023 13:10:36 GMT
server
nginx/1.18.0 (Ubuntu)
x-edge-forwarded-proto
https
etag
"6557664c-6090"
vary
X-Device, X-Edge-Forwarded-Proto
access-control-allow-methods
GET
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=5184000s
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 19 Nov 2024 02:49:16 GMT
PublicoHeadline-Black.woff2
213.238.171.129.sslip.io/fly/bundles/cbsnewscontent/fonts/PublicoHeadline-Black/ 		24 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://213.238.171.129.sslip.io/fly/bundles/cbsnewscontent/fonts/PublicoHeadline-Black/PublicoHeadline-Black.woff2
Requested by
Host: 213.238.171.129.sslip.io
URL: https://213.238.171.129.sslip.io/fly/bundles/cbsnewscontent/css/responsive.min.css?v=5659e73acd91751548aa89950cf015b0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.238.171.129 , Turkey, ASN200456 (VERIGOM, TR),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
dea4eb388be423aa5f77f2983f867492757e88f0afac98e9558a32ece1c1e9e6
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://213.238.171.129.sslip.io/fly/bundles/cbsnewscontent/css/responsive.min.css?v=5659e73acd91751548aa89950cf015b0
Origin
https://213.238.171.129.sslip.io
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 01:52:54 GMT
strict-transport-security
max-age=15724800; includeSubDomains
x-content-type-options
nosniff
via
1.1 varnish
age
1735325
x-device
desktop
content-length
24160
x-xss-protection
1; mode=block
last-modified
Mon, 06 Nov 2023 22:10:33 GMT
server
nginx/1.18.0 (Ubuntu)
x-edge-forwarded-proto
https
etag
"65496459-5e60"
vary
X-Device, X-Edge-Forwarded-Proto
access-control-allow-methods
GET
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=5184000s
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 06 Nov 2024 23:50:49 GMT
PublicoHeadline-Bold.woff2
213.238.171.129.sslip.io/fly/bundles/cbsnewscontent/fonts/PublicoHeadline-Bold/ 		32 KB
33 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://213.238.171.129.sslip.io/fly/bundles/cbsnewscontent/fonts/PublicoHeadline-Bold/PublicoHeadline-Bold.woff2
Requested by
Host: 213.238.171.129.sslip.io
URL: https://213.238.171.129.sslip.io/fly/bundles/cbsnewscontent/css/responsive.min.css?v=5659e73acd91751548aa89950cf015b0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.238.171.129 , Turkey, ASN200456 (VERIGOM, TR),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
4a47ce84e1fdde51475cd77a0fd312bb383de8f10a979e14ede34eec91df5e79
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://213.238.171.129.sslip.io/fly/bundles/cbsnewscontent/css/responsive.min.css?v=5659e73acd91751548aa89950cf015b0
Origin
https://213.238.171.129.sslip.io
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 01:52:54 GMT
strict-transport-security
max-age=15724800; includeSubDomains
x-content-type-options
nosniff
via
1.1 varnish
age
2518215
x-device
desktop
content-length
32632
x-xss-protection
1; mode=block
last-modified
Fri, 27 Oct 2023 16:40:37 GMT
server
nginx/1.18.0 (Ubuntu)
x-edge-forwarded-proto
https
etag
"653be805-7f78"
vary
X-Device, X-Edge-Forwarded-Proto
access-control-allow-methods
GET
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=5184000s
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 28 Oct 2024 22:22:37 GMT
ProximaNova-Regular.woff2
213.238.171.129.sslip.io/fly/bundles/cbsnewscontent/fonts/ProximaNova-Regular/ 		26 KB
27 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://213.238.171.129.sslip.io/fly/bundles/cbsnewscontent/fonts/ProximaNova-Regular/ProximaNova-Regular.woff2
Requested by
Host: 213.238.171.129.sslip.io
URL: https://213.238.171.129.sslip.io/fly/bundles/cbsnewscontent/css/responsive.min.css?v=5659e73acd91751548aa89950cf015b0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.238.171.129 , Turkey, ASN200456 (VERIGOM, TR),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
25cc1a8d371ebecb108a5e0ebe87b23142b9eb66fc3410cf3edb9b58e61fc561
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://213.238.171.129.sslip.io/fly/bundles/cbsnewscontent/css/responsive.min.css?v=5659e73acd91751548aa89950cf015b0
Origin
https://213.238.171.129.sslip.io
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 01:52:54 GMT
via
1.1 varnish
x-content-type-options
nosniff
age
2939512
x-device
desktop
content-length
26984
x-xss-protection
1; mode=block
core-api-cache-key
last-modified
Mon, 23 Oct 2023 18:30:39 GMT
server
nginx/1.18.0 (Ubuntu)
x-edge-forwarded-proto
https
etag
"6536bbcf-6968"
vary
X-Device, X-Edge-Forwarded-Proto
content-type
font/woff2
cache-control
max-age=31536000
accept-ranges
bytes
expires
Thu, 24 Oct 2024 01:21:01 GMT
truncated
/ 		239 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
10e6f57f39cbaa938c3c7ac90c1eee53474f8d47236755a128734e8b9a07c3c8

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type
image/svg+xml
PublicoText.woff2
213.238.171.129.sslip.io/fly/bundles/cbsnewscontent/fonts/PublicoText/ 		28 KB
29 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://213.238.171.129.sslip.io/fly/bundles/cbsnewscontent/fonts/PublicoText/PublicoText.woff2
Requested by
Host: 213.238.171.129.sslip.io
URL: https://213.238.171.129.sslip.io/fly/bundles/cbsnewscontent/css/responsive.min.css?v=5659e73acd91751548aa89950cf015b0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.238.171.129 , Turkey, ASN200456 (VERIGOM, TR),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
8c1d4ca40cb7f6849fc0947cd2e3186ec82786d1aba8eb832e89ccb5874bd5db
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://213.238.171.129.sslip.io/fly/bundles/cbsnewscontent/css/responsive.min.css?v=5659e73acd91751548aa89950cf015b0
Origin
https://213.238.171.129.sslip.io
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 01:52:54 GMT
strict-transport-security
max-age=15724800; includeSubDomains
x-content-type-options
nosniff
via
1.1 varnish
age
1735325
x-device
desktop
content-length
28896
x-xss-protection
1; mode=block
last-modified
Mon, 06 Nov 2023 22:10:33 GMT
server
nginx/1.18.0 (Ubuntu)
x-edge-forwarded-proto
https
etag
"65496459-70e0"
vary
X-Device, X-Edge-Forwarded-Proto
access-control-allow-methods
GET
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=5184000s
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 06 Nov 2024 23:50:49 GMT
logo-wide-transparent-500.svg
213.238.171.129.sslip.io/assets/show/eye-on-america/ 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://213.238.171.129.sslip.io/assets/show/eye-on-america/logo-wide-transparent-500.svg
Requested by
Host: 213.238.171.129.sslip.io
URL: https://213.238.171.129.sslip.io/fly/bundles/cbsnewscontent/css/responsive.min.css?v=5659e73acd91751548aa89950cf015b0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.238.171.129 , Turkey, ASN200456 (VERIGOM, TR),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
0de19ca7c735b21a7ce93fc81ba53d64f5cd4a0e39b8c31731b74ff9692685f9

Request headers

accept-language
en-US,en;q=0.9
Referer
https://213.238.171.129.sslip.io/fly/bundles/cbsnewscontent/css/responsive.min.css?v=5659e73acd91751548aa89950cf015b0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 01:52:54 GMT
content-encoding
gzip
via
1.1 varnish
age
187
content-length
1728
x-device
desktop
last-modified
Mon, 27 Nov 2023 19:54:52 GMT
server
nginx/1.18.0 (Ubuntu)
x-edge-forwarded-proto
https
etag
"dc0b093b3713eb7a549a281a164db1ed"
vary
Accept-Encoding, X-Device, X-Edge-Forwarded-Proto
access-control-allow-methods
GET
content-type
image/svg+xml
access-control-allow-origin
*
accept-ranges
bytes
timing-allow-origin
*
truncated
/ 		236 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
cc4b8ba332bce386714ddd948191111bd0f4459875ae1cd7623829e7adc7ff28

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type
image/svg+xml
logo-wide-transparent-500.svg
213.238.171.129.sslip.io/assets/show/prime-time-with-john-dickerson/ 		7 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://213.238.171.129.sslip.io/assets/show/prime-time-with-john-dickerson/logo-wide-transparent-500.svg
Requested by
Host: 213.238.171.129.sslip.io
URL: https://213.238.171.129.sslip.io/fly/bundles/cbsnewscontent/css/responsive.min.css?v=5659e73acd91751548aa89950cf015b0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.238.171.129 , Turkey, ASN200456 (VERIGOM, TR),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
c319db2237e3629388116b0b2fd86b57ae8bbbbb9aa4d57ffc86dfd6d6d1a2ba

Request headers

accept-language
en-US,en;q=0.9
Referer
https://213.238.171.129.sslip.io/fly/bundles/cbsnewscontent/css/responsive.min.css?v=5659e73acd91751548aa89950cf015b0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 01:52:54 GMT
content-encoding
gzip
via
1.1 varnish
age
187
content-length
3034
x-device
desktop
last-modified
Mon, 27 Nov 2023 19:54:54 GMT
server
nginx/1.18.0 (Ubuntu)
x-edge-forwarded-proto
https
etag
"5aaa37557026ed97c7a280ef936b79ca"
vary
Accept-Encoding, X-Device, X-Edge-Forwarded-Proto
access-control-allow-methods
GET
content-type
image/svg+xml
access-control-allow-origin
*
accept-ranges
bytes
timing-allow-origin
*
logo-wide-transparent-500.svg
213.238.171.129.sslip.io/assets/show/cbs-reports/ 		5 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://213.238.171.129.sslip.io/assets/show/cbs-reports/logo-wide-transparent-500.svg
Requested by
Host: 213.238.171.129.sslip.io
URL: https://213.238.171.129.sslip.io/fly/bundles/cbsnewscontent/css/responsive.min.css?v=5659e73acd91751548aa89950cf015b0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.238.171.129 , Turkey, ASN200456 (VERIGOM, TR),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
afca58f2c31bc20024bcc1359e839484408759d75ede9e0d4cfe80049038c7ee

Request headers

accept-language
en-US,en;q=0.9
Referer
https://213.238.171.129.sslip.io/fly/bundles/cbsnewscontent/css/responsive.min.css?v=5659e73acd91751548aa89950cf015b0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 01:52:54 GMT
content-encoding
gzip
via
1.1 varnish
age
187
content-length
2205
x-device
desktop
last-modified
Thu, 26 Oct 2023 15:56:48 GMT
server
nginx/1.18.0 (Ubuntu)
x-edge-forwarded-proto
https
etag
"8910f977541b0140a1bd6e5f7a9205cb"
vary
Accept-Encoding, X-Device, X-Edge-Forwarded-Proto
access-control-allow-methods
GET
content-type
image/svg+xml
access-control-allow-origin
*
accept-ranges
bytes
timing-allow-origin
*
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ae7df002af4ec129f8403467125a84f6b8a62a837e5db100005b00ad7cfbdaee

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type
image/svg+xml
otSDKStub.js
cdn.cookielaw.org/scripttemplates/ 		21 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Requested by
Host: www.cbsnews.com
URL: https://www.cbsnews.com/fly/bundles/cbsnewscore/js-build/main.js?v=5659e73acd91751548aa89950cf015b0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9ea1823078c462969eaa59d6ef62623c19d77b72e25a103105b043aefaa0769a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://213.238.171.129.sslip.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 28 Nov 2023 01:52:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
/EzX6ku1+i8ak28m1WuIrw==
age
72965
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
6841
x-ms-lease-status
unlocked
last-modified
Wed, 22 Nov 2023 17:38:25 GMT
server
cloudflare
etag
0x8DBEB81D4AA9473
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
7f5edf5c-201e-004a-17b1-1d9a0c000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
82cef95ecb9f8c3c-EWR
optanon-v1.1.0.js
cdn.privacy.paramount.com/dist/ 		39 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.privacy.paramount.com/dist/optanon-v1.1.0.js
Requested by
Host: www.cbsnews.com
URL: https://www.cbsnews.com/fly/bundles/cbsnewscore/js-build/main.js?v=5659e73acd91751548aa89950cf015b0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:46::444 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
f64aebb3dd712d3b558276e7eda3c524c14fab350a3aa8b8389bd8e3eef5dcf7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://213.238.171.129.sslip.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 01:52:53 GMT
content-encoding
gzip
via
1.1 varnish
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
age
381
x-amz-server-side-encryption
AES256
x-amz-meta-codebuild-buildarn
arn:aws:codebuild:us-east-2:485666168322:build/prod-optanon-pipeline:1887daf2-ed12-44c6-a7a9-c37298875075
x-cache
HIT
content-length
11174
x-amz-id-2
DUve1Tv1C2agNc7Fq6e1ReWibNjTxdtUU8KBzmegs583wA2pVw1XtaCtmUIfoZkIJxvWcEjhtDsMu5FAV/SdWA==
x-xss-protection
1; mode=block
x-served-by
cache-lga21936-LGA
last-modified
Wed, 25 Oct 2023 14:20:36 GMT
x-timer
S1701136374.579015,VS0,VE0
etag
"4bf60fd75b307f892da0b10caa4d7cdc"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/x-javascript
access-control-allow-origin
*
access-control-expose-headers
X-CDN
accept-ranges
bytes
x-cache-hits
52
live-stream-icons.sprite.svg
www.cbsnews.com/assets/sprites/ 		120 KB
34 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.cbsnews.com/assets/sprites/live-stream-icons.sprite.svg?v=5659e73acd91751548aa89950cf015b0
Requested by
Host: www.cbsnews.com
URL: https://www.cbsnews.com/fly/bundles/cbsnewscore/js-build/main.js?v=5659e73acd91751548aa89950cf015b0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.37.188 New York, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
8efa51d4e9620bdc48f6583f5e7901afa0a65486993a7d7e30071f08c6e3d255

Request headers

accept-language
en-US,en;q=0.9
Referer
https://213.238.171.129.sslip.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 01:52:53 GMT
content-encoding
gzip
via
1.1 varnish
last-modified
Thu, 26 Oct 2023 15:56:55 GMT
x-edge-forwarded-proto
https
age
154
etag
"7c98447af401d8a3d54d9457871fe5e9"
vary
Accept-Encoding, X-Device, X-Edge-Forwarded-Proto
access-control-allow-methods
GET
content-type
image/svg+xml
access-control-allow-origin
*
accept-ranges
bytes
timing-allow-origin
*
x-device
desktop
content-length
33981
/
www.cbsnews.com/embed/video/ Frame 0C7C 		104 KB
33 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.cbsnews.com/embed/video/?v=5659e73acd91751548aa89950cf015b01701135726&usprivacy=null
Requested by
Host: www.cbsnews.com
URL: https://www.cbsnews.com/fly/bundles/cbsnewscore/js-build/main.js?v=5659e73acd91751548aa89950cf015b0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.37.188 New York, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
d767233e917c54707e80fc1232f5d1a8df7d02db94e8b08d8d83eb583cdd780b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://213.238.171.129.sslip.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
age
104
cache-control
max-age=31536000, public
content-encoding
gzip
content-length
33536
content-type
text/html; charset=UTF-8
core-api-cache-key
date
Tue, 28 Nov 2023 01:52:53 GMT
last-modified
Tue, 28 Nov 2023 01:51:08 GMT
link
<https://assets1.cbsnewsstatic.com>; rel="preconnect", <https://assets2.cbsnewsstatic.com>; rel="preconnect", <https://assets3.cbsnewsstatic.com>; rel="preconnect", <https://www.cbsnews.com/fly/bundles/cbsnewscore/js-build/main.video-embed.js?v=5659e73acd91751548aa89950cf015b0>; rel="preload"; as="script", <https://vidtech.cbsinteractive.com>; rel="preconnect"
vary
Accept-Encoding,, X-Device, X-Edge-Forwarded-Proto
via
1.1 varnish
x-content-type-options
nosniff
x-device
desktop
x-edge-forwarded-proto
https
x-xss-protection
1; mode=block
adapter-live-headline-rundown.js
www.cbsnews.com/fly/bundles/cbsnewscore/js-build/managers/ 		693 B
721 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.cbsnews.com/fly/bundles/cbsnewscore/js-build/managers/adapter-live-headline-rundown.js?v=5659e73acd91751548aa89950cf015b0
Requested by
Host: www.cbsnews.com
URL: https://www.cbsnews.com/fly/bundles/cbsnewscore/js-build/main.js?v=5659e73acd91751548aa89950cf015b0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.37.188 New York, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
72276fa2d087eb36209f3680d5dab31c28e7b38fae5ac24eb7d782c9c1246c29
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://213.238.171.129.sslip.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 28 Nov 2023 01:52:53 GMT
via
1.1 varnish
age
903791
x-device
desktop
x-xss-protection
1; mode=block
content-length
408
last-modified
Fri, 17 Nov 2023 13:16:00 GMT
x-edge-forwarded-proto
https
etag
"65576790-2b5"
vary
Accept-Encoding, X-Device, X-Edge-Forwarded-Proto
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=5184000s
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 16 Nov 2024 14:49:42 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		100 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: www.cbsnews.com
URL: https://www.cbsnews.com/fly/bundles/cbsnewscore/js-build/main.js?v=5659e73acd91751548aa89950cf015b0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:809::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f6396e10385abbfed080858b7e155e92f371ebed4895193e086e9e327166d969
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://213.238.171.129.sslip.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 01:52:53 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31353
x-xss-protection
0
server
cafe
etag
860 / 19689 / m202311090101 / config-hash: 16204867678510254442
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Tue, 28 Nov 2023 01:52:53 GMT
main.video-embed.js
www.cbsnews.com/fly/bundles/cbsnewscore/js-build/ Frame 0C7C 		645 KB
175 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.cbsnews.com/fly/bundles/cbsnewscore/js-build/main.video-embed.js?v=5659e73acd91751548aa89950cf015b0
Requested by
Host: 213.238.171.129.sslip.io
URL: https://213.238.171.129.sslip.io/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.37.188 New York, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
7539100ad11920b839c188c97cab36d8df37ba71e0477ee7762148a6a3746ceb
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cbsnews.com/embed/video/?v=5659e73acd91751548aa89950cf015b01701135726&usprivacy=null
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 28 Nov 2023 01:52:53 GMT
via
1.1 varnish
age
903782
x-device
desktop
x-xss-protection
1; mode=block
content-length
179255
last-modified
Fri, 17 Nov 2023 13:16:00 GMT
x-edge-forwarded-proto
https
etag
W/"65576790-a133a"
vary
Accept-Encoding, X-Device, X-Edge-Forwarded-Proto
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=5184000s
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 16 Nov 2024 14:49:51 GMT
ima3_dai.js
imasdk.googleapis.com/js/sdkloader/ Frame 0C7C 		511 KB
172 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3_dai.js
Requested by
Host: www.cbsnews.com
URL: https://www.cbsnews.com/embed/video/?v=5659e73acd91751548aa89950cf015b01701135726&usprivacy=null
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81c::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7342b82c002e27bdfeb42b67d139c5e8d00723143bdad5352ee98cf069fa99f6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cbsnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 01:52:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
175034
x-xss-protection
0
expires
Tue, 28 Nov 2023 01:52:53 GMT
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame 0C7C 		365 KB
125 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: www.cbsnews.com
URL: https://www.cbsnews.com/embed/video/?v=5659e73acd91751548aa89950cf015b01701135726&usprivacy=null
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81c::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4b11a3cb86b8e90ee13ac577dbb1a2398373c7d7777a18066cf50b991ecae129
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cbsnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 01:52:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
128095
x-xss-protection
0
expires
Tue, 28 Nov 2023 01:52:53 GMT
lookup
fms.viacomcbs.digital/ Frame 0C7C 		190 B
286 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://fms.viacomcbs.digital/lookup
Requested by
Host: www.cbsnews.com
URL: https://www.cbsnews.com/embed/video/?v=5659e73acd91751548aa89950cf015b01701135726&usprivacy=null
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:9000::b857:ad50 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
a7c422907c52a2c993ab2f08a4da4110693b43723e3fbcb2ae9935f540157f19

Request headers

Referer
https://www.cbsnews.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Tue, 28 Nov 2023 01:52:53 GMT
cache-control
private,max-age=43200
content-length
190
vary
Origin
content-type
application/json
keyart-cbsnews-stream-1920x1080.jpg
assets1.cbsnewsstatic.com/hub/i/r/2023/11/06/417717e0-e68e-4aca-9a4e-354376806fcf/thumbnail/1280x720/94f9d3b934fbca8f7be43b87c3b03820/ Frame 0C7C 		106 KB
107 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets1.cbsnewsstatic.com/hub/i/r/2023/11/06/417717e0-e68e-4aca-9a4e-354376806fcf/thumbnail/1280x720/94f9d3b934fbca8f7be43b87c3b03820/keyart-cbsnews-stream-1920x1080.jpg?v=5659e73acd91751548aa89950cf015b0
Requested by
Host: www.cbsnews.com
URL: https://www.cbsnews.com/embed/video/?v=5659e73acd91751548aa89950cf015b01701135726&usprivacy=null
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.37.188 New York, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
276f4cac68e7e4924bfb465e8fc4500c6066852f249de71b219dcecd51dda556

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cbsnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 01:52:53 GMT
via
1.1 varnish
last-modified
Mon, 06 Nov 2023 21:45:49 GMT
age
1186687
etag
"a5889ebc1c06ad452c6e25a161331b9d"
content-type
image/jpeg
cache-control
max-age=5184000s
accept-ranges
bytes
timing-allow-origin
*
link
<https://assets1.cbsnewsstatic.com/hub/i/r/2023/11/06/417717e0-e68e-4aca-9a4e-354376806fcf/thumbnail/1280x720/94f9d3b934fbca8f7be43b87c3b03820/keyart-cbsnews-stream-1920x1080.jpg>; rel="canonical"
content-length
108876
breakingnews_us.rundown.json
213.238.171.129.sslip.io/feedfiles/ 		80 B
673 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://213.238.171.129.sslip.io/feedfiles/breakingnews_us.rundown.json
Requested by
Host: www.cbsnews.com
URL: https://www.cbsnews.com/fly/bundles/cbsnewscore/js-build/main.responsive.js?v=5659e73acd91751548aa89950cf015b0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.238.171.129 , Turkey, ASN200456 (VERIGOM, TR),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
a5eb82ceb5e7241a3b0fc258e5348af7aea604cebe07b48db51254d1a4d007a3

Request headers

accept-language
en-US,en;q=0.9
Referer
https://213.238.171.129.sslip.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 01:52:54 GMT
content-encoding
gzip
via
1.1 varnish
last-modified
Thu, 03 Aug 2023 22:17:12 GMT
server
nginx/1.18.0 (Ubuntu)
x-edge-forwarded-proto
https
age
54
etag
"4f3661de3954ee0c3881e71b0e9fd746"
vary
Accept-Encoding, X-Device, X-Edge-Forwarded-Proto
content-type
application/json
cache-control
max-age=60, public
accept-ranges
bytes
content-length
75
x-device
desktop
utag.js
tealium.cbsnews.com/site/prod/ Frame 0C7C 		541 KB
160 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tealium.cbsnews.com/site/prod/utag.js?v=202309221625
Requested by
Host: www.cbsnews.com
URL: https://www.cbsnews.com/embed/video/?v=5659e73acd91751548aa89950cf015b01701135726&usprivacy=null
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.37.188 New York, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
95a4782358ce7c4e22475eb612274c204bfc8a0c8d3299e7d6c1f242ae958fef

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cbsnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 01:52:53 GMT
content-encoding
gzip
via
1.1 varnish
last-modified
Fri, 22 Sep 2023 16:28:10 GMT
age
278
etag
"920a76e7067bcad2ab6d296e4b1c9f0f"
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=31536000s
accept-ranges
bytes
content-length
164022
shamanNotifier.js
production-cmp.isgprivacy.cbsi.com/cps/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://production-cmp.isgprivacy.cbsi.com/cps/shamanNotifier.js
Requested by
Host: cdn.privacy.paramount.com
URL: https://cdn.privacy.paramount.com/dist/optanon-v1.1.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:46::444 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
3a50882d604b09d44a0615c6907e696c04e2891b39c81a7025bb780127925c51
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://213.238.171.129.sslip.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 01:52:53 GMT
content-encoding
gzip
via
1.1 varnish
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
age
778
x-amz-server-side-encryption
AES256
x-amz-meta-codebuild-buildarn
arn:aws:codebuild:us-east-2:485666168322:build/prod-shaman-notifier-pipeline:9e6ff986-09de-43f8-9f29-4d0b329938b9
x-cache
HIT
content-length
2006
x-amz-id-2
lZfNJOAoO8ePOOBAnPAd8hxRLGkP7dPsXt46xWQMeECN0xRuP2HUz2rKdQy84jjbA7W3qejuPWw=
x-xss-protection
1; mode=block
x-served-by
cache-lga21957-LGA
last-modified
Tue, 09 May 2023 14:48:15 GMT
x-timer
S1701136374.757443,VS0,VE0
etag
"77bcfb9608b344c5fca3eeb8ff723a4d"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/x-javascript
access-control-allow-origin
*
access-control-expose-headers
X-CDN
accept-ranges
bytes
x-cache-hits
108
dcac2674-caed-40ff-aa7a-b0d0834705d3.json
cdn.cookielaw.org/consent/dcac2674-caed-40ff-aa7a-b0d0834705d3/ 		5 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/consent/dcac2674-caed-40ff-aa7a-b0d0834705d3/dcac2674-caed-40ff-aa7a-b0d0834705d3.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
58f4221b759177e73c8870b947bec3aefee9b9b2e1ceb01ec7492c11ed5af7be
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://213.238.171.129.sslip.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 28 Nov 2023 01:52:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
MISS
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-md5
ysFX3gGq6t2c0ny+LaZYgA==
content-length
1896
x-ms-lease-status
unlocked
last-modified
Tue, 14 Nov 2023 15:18:27 GMT
server
cloudflare
etag
0x8DBE524F3EAAFF8
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
74703601-f01e-0066-7b9d-2176a3000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
82cef95ffd16728f-EWR
expires
Wed, 29 Nov 2023 01:52:53 GMT
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/ 		429 KB
135 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:809::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b04dfae5d49297b8b6a514bd8bf1c7bea7ebe622232401a5abed5a92809a2b66
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://213.238.171.129.sslip.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 27 Nov 2023 02:17:46 GMT
content-encoding
br
x-content-type-options
nosniff
age
84907
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
137535
x-xss-protection
0
server
cafe
etag
18342593356503948095
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Tue, 26 Nov 2024 02:17:46 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		57 B
597 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=213.238.171.129.sslip.io
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:809::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
959fb799aa5409ec5a84da35f1d765864fca811b193a0d2e5c0f6dfa29ee124a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://213.238.171.129.sslip.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 01:52:53 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
55
x-xss-protection
0
expires
Tue, 28 Nov 2023 01:52:53 GMT
location
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 		69 B
305 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9b77 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
59e58524340cd7ad353be010374b124c242fdde10a0ed41047fe2fd4bb9e5a2e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept
application/json
Referer
https://213.238.171.129.sslip.io/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 01:52:54 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
application/json
access-control-allow-origin
*
cf-ray
82cef9634b8d8c1d-EWR
access-control-allow-headers
Content-Type
pp-stacked1x.png
www.cbsnews.com/bundles/cbsnewscore/images/video-player/ Frame 0C7C 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.cbsnews.com/bundles/cbsnewscore/images/video-player/pp-stacked1x.png
Requested by
Host: 213.238.171.129.sslip.io
URL: https://213.238.171.129.sslip.io/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.37.188 New York, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
33c80567e0584326a9ffa6523c541b11a416a559dc989c3c40a2c422e9febf11
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cbsnews.com/embed/video/?v=5659e73acd91751548aa89950cf015b01701135726&usprivacy=null
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 01:52:54 GMT
via
1.1 varnish
x-content-type-options
nosniff
age
1177319
content-length
3822
x-device
desktop
x-xss-protection
1; mode=block
core-api-cache-key
last-modified
Thu, 09 Nov 2023 18:35:37 GMT
x-edge-forwarded-proto
https
etag
"654d2679-eee"
vary
X-Device, X-Edge-Forwarded-Proto
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
expires
Wed, 13 Nov 2024 10:50:54 GMT
/
feeds-cbsn.cbsnews.com/2.1/rundown/ Frame 0C7C 		72 KB
7 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://feeds-cbsn.cbsnews.com/2.1/rundown/?edition=CBSN-US&partner=cbsnsite
Requested by
Host: www.cbsnews.com
URL: https://www.cbsnews.com/fly/bundles/cbsnewscore/js-build/main.video-embed.js?v=5659e73acd91751548aa89950cf015b0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.37.188 New York, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
a2e89e542e44485026f66678c74cb69480bdbbb033a63aaba321f21f25276541

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cbsnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 01:52:54 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
last-modified
Tue, 28 Nov 2023 01:51:16 GMT
age
53
etag
W/"c4ba9ed69ac7142ac9d4ba18e4174703"
vary
Accept-Encoding, X-Geo-GDPR, X-Geo-GDPR
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
public
accept-ranges
bytes
content-length
6495
hls.min.js
www.cbsnews.com/fly/bundles/cbsnewscore/js-build/polyfills/ Frame 0C7C 		307 KB
90 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.cbsnews.com/fly/bundles/cbsnewscore/js-build/polyfills/hls.min.js?v=5659e73acd91751548aa89950cf015b0
Requested by
Host: www.cbsnews.com
URL: https://www.cbsnews.com/embed/video/?v=5659e73acd91751548aa89950cf015b01701135726&usprivacy=null
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.37.188 New York, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
0fa9e15e718c1c73a57d2b3e1cccfd809b2310c1b583a406035f5a961a1fc7fe
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cbsnews.com/embed/video/?v=5659e73acd91751548aa89950cf015b01701135726&usprivacy=null
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 28 Nov 2023 01:52:54 GMT
via
1.1 varnish
age
903782
x-device
desktop
x-xss-protection
1; mode=block
content-length
91460
last-modified
Fri, 17 Nov 2023 13:16:00 GMT
x-edge-forwarded-proto
https
etag
W/"65576790-4ca10"
vary
Accept-Encoding, X-Device, X-Edge-Forwarded-Proto
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=5184000s
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 16 Nov 2024 14:49:52 GMT
v2dct7QSPycqlji17HhQJwi0MtrZ5V7i9ctT0h1hlUQXDRaBEpmYI3aE
uninterestedquarter.com/ Frame 0C7C 		68 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://uninterestedquarter.com/v2dct7QSPycqlji17HhQJwi0MtrZ5V7i9ctT0h1hlUQXDRaBEpmYI3aE
Requested by
Host: www.cbsnews.com
URL: https://www.cbsnews.com/embed/video/?v=5659e73acd91751548aa89950cf015b01701135726&usprivacy=null
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:9ed6::1 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
7b237ffd39315f45f4f63e68a504707f191e491098db2071240c59bf9416a828
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cbsnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; preload
content-encoding
br
via
1.1 google
date
Tue, 28 Nov 2023 01:52:54 GMT
x-datacenter
gce-us-east1
etag
"099f9540d48ada91ed4f73edde3c1ab025164699c84586ab6220340de7b6d9c2"
x-buildname
hoothoot
vary
Accept-Encoding, Accept-Language
x-hostname
fen-hoothoot-us-east1-spot-wndx
content-type
text/javascript; charset=utf-8
cache-control
private, must-revalidate, max-age=21600
x-buildnumber
1072352451
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
/
feeds-cbsn.cbsnews.com/2.1/rundown/ Frame 0C7C 		72 KB
6 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://feeds-cbsn.cbsnews.com/2.1/rundown/?edition=CBSN-US&partner=cbsnsite
Requested by
Host: www.cbsnews.com
URL: https://www.cbsnews.com/fly/bundles/cbsnewscore/js-build/main.video-embed.js?v=5659e73acd91751548aa89950cf015b0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.37.188 New York, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
a2e89e542e44485026f66678c74cb69480bdbbb033a63aaba321f21f25276541

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cbsnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 01:52:54 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
last-modified
Tue, 28 Nov 2023 01:51:16 GMT
age
53
etag
W/"c4ba9ed69ac7142ac9d4ba18e4174703"
vary
Accept-Encoding, X-Geo-GDPR, X-Geo-GDPR
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
public
accept-ranges
bytes
content-length
6495
keyart-cbsnews-stream-1920x1080.jpg
assets1.cbsnewsstatic.com/hub/i/r/2023/11/06/417717e0-e68e-4aca-9a4e-354376806fcf/thumbnail/1280x720/94f9d3b934fbca8f7be43b87c3b03820/ Frame 0C7C 		106 KB
106 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets1.cbsnewsstatic.com/hub/i/r/2023/11/06/417717e0-e68e-4aca-9a4e-354376806fcf/thumbnail/1280x720/94f9d3b934fbca8f7be43b87c3b03820/keyart-cbsnews-stream-1920x1080.jpg?v=5659e73acd91751548aa89950cf015b0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.37.188 New York, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
276f4cac68e7e4924bfb465e8fc4500c6066852f249de71b219dcecd51dda556

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cbsnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 01:52:54 GMT
via
1.1 varnish
last-modified
Mon, 06 Nov 2023 21:45:49 GMT
age
1186687
etag
"a5889ebc1c06ad452c6e25a161331b9d"
content-type
image/jpeg
cache-control
max-age=5184000s
accept-ranges
bytes
timing-allow-origin
*
link
<https://assets1.cbsnewsstatic.com/hub/i/r/2023/11/06/417717e0-e68e-4aca-9a4e-354376806fcf/thumbnail/1280x720/94f9d3b934fbca8f7be43b87c3b03820/keyart-cbsnews-stream-1920x1080.jpg>; rel="canonical"
content-length
108876
otBannerSdk.js
cdn.cookielaw.org/scripttemplates/202310.2.0/ 		426 KB
103 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/202310.2.0/otBannerSdk.js
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
838f4b697deefb701f31eb892e6dde74a92dd7c65d4d56f967bb79c17a66d79e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://213.238.171.129.sslip.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 28 Nov 2023 01:52:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
3zwKFeg02sA5dMnkMN3c/A==
age
58540
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
105024
x-ms-lease-status
unlocked
last-modified
Thu, 16 Nov 2023 13:00:40 GMT
server
cloudflare
etag
0x8DBE6A40929C5B9
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
f57dfeae-a01e-007b-7411-197b1f000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
82cef9640aa38c3c-EWR
ima3_dai_debug.js
imasdk.googleapis.com/js/sdkloader/ Frame 0C7C 		7 MB
858 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3_dai_debug.js
Requested by
Host: www.cbsnews.com
URL: https://www.cbsnews.com/fly/bundles/cbsnewscore/js-build/main.video-embed.js?v=5659e73acd91751548aa89950cf015b0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81c::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f7ef7bdb140fcd765bdac4986c81d77307c5a5eff6582c17a6fe91b1f7775793
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cbsnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 01:52:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
877224
x-xss-protection
0
expires
Tue, 28 Nov 2023 01:52:54 GMT
skeleton.gif
static.adsafeprotected.com/ Frame 0C7C 		43 B
484 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.adsafeprotected.com/skeleton.gif?bannnerid=176127_advertisement_
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:247b:6c00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cbsnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 23 Jul 2023 08:00:59 GMT
x-amz-version-id
iiN8XkcmZQdDIQeKkzAiegPwcD.5WPja
via
1.1 38385695b10551583d750b943a475982.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK52-P2
age
11037116
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
43
last-modified
Mon, 17 Aug 2020 23:55:15 GMT
server
AmazonS3
etag
"45cf913e5d9d3c9b2058033056d3dd23"
content-type
image/gif
cache-control
max-age=315360000
accept-ranges
bytes
x-amz-cf-id
QtowjbACyQrrbdJE3qnujH6ftZiEWrZvbMeAL0nMfawSmSZ67OikZw==
en.json
cdn.cookielaw.org/consent/dcac2674-caed-40ff-aa7a-b0d0834705d3/dfb9c271-bef2-4a90-b3cd-520538cf5278/ 		78 KB
18 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/consent/dcac2674-caed-40ff-aa7a-b0d0834705d3/dfb9c271-bef2-4a90-b3cd-520538cf5278/en.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202310.2.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d374fd2001caa24f052c109e9280c53e3973577d56b7a48572d67817cbbbcdb3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://213.238.171.129.sslip.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 28 Nov 2023 01:52:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
MISS
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-md5
L/esqJOT2b06t+xr0pP1Gw==
content-length
18697
x-ms-lease-status
unlocked
last-modified
Tue, 14 Nov 2023 15:19:00 GMT
server
cloudflare
etag
0x8DBE525078691FD
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
a68fb07c-e01e-008e-6f9d-21ef35000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
82cef9662933728f-EWR
expires
Wed, 29 Nov 2023 01:52:54 GMT
dai_iframe3.605.0_debug_en.html
imasdk.googleapis.com/js/core/ Frame C470 		272 KB
82 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/dai_iframe3.605.0_debug_en.html?origin=https%3A%2F%2Fwww.cbsnews.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3_dai_debug.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81c::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
92a0cfb39bc47c5d14d40f2eca585f29859cdbaae86f21da4495934b8fca45ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.cbsnews.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
age
364379
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
84040
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Thu, 23 Nov 2023 20:39:55 GMT
expires
Fri, 22 Nov 2024 20:39:55 GMT
last-modified
Wed, 15 Nov 2023 19:12:19 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
integrator.json
pubads.g.doubleclick.net/adsid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/adsid/integrator.json?aos=https%3A%2F%2F213.238.171.129.sslip.io
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81e::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
x-afma-token-requester-type
Access-Control-Request-Method
GET
Origin
https://www.cbsnews.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
x-afma-token-requester-type
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://www.cbsnews.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
date
Tue, 28 Nov 2023 01:52:55 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 1E1C 		40 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3_dai_debug.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4008:80b::2002 Bradenton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6300f448d738e70ac11f0140df0b3ce91a2de9e0da7fdf09d32d28031600ba51
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 01:33:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1180
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13893
x-xss-protection
0
last-modified
Wed, 09 Aug 2023 15:57:08 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Tue, 28 Nov 2023 02:33:15 GMT
integrator.json
pubads.g.doubleclick.net/adsid/ Frame 0C7C 		15 B
58 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/adsid/integrator.json?aos=https%3A%2F%2F213.238.171.129.sslip.io
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3_dai_debug.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6cb74b1c20520023a412d8e0bc04e0bcc832be2f66b0a584056db181dcd5a052
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.cbsnews.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
x-afma-token-requester-type
requester_type_8

Response headers

date
Tue, 28 Nov 2023 01:52:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.cbsnews.com
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
x-xss-protection
0
otFlat.json
cdn.cookielaw.org/scripttemplates/202310.2.0/assets/ 		13 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/202310.2.0/assets/otFlat.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202310.2.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ea5db5581e262d77d1a43fbb3f0fa3661b51d097b40ca38f584b4943f47cf2e0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://213.238.171.129.sslip.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 28 Nov 2023 01:52:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
MISS
content-md5
jMofvR4jSi4vqxABuEyIag==
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
3017
x-ms-lease-status
unlocked
last-modified
Thu, 16 Nov 2023 13:00:31 GMT
server
cloudflare
etag
0x8DBE6A403CB9890
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
3bf10cdb-601e-0064-579d-21c81b000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
82cef9686d98728f-EWR
otPcCenter.json
cdn.cookielaw.org/scripttemplates/202310.2.0/assets/v2/ 		62 KB
13 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/202310.2.0/assets/v2/otPcCenter.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202310.2.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0b0a210e89ac35b54a9b4ccb0336ea91c561e6dc5f8bda49574da98d40799c6e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://213.238.171.129.sslip.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 28 Nov 2023 01:52:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
MISS
content-md5
PV7Y7lcwNLcROEFo5k3N7g==
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-length
12708
x-ms-lease-status
unlocked
last-modified
Thu, 16 Nov 2023 13:00:33 GMT
server
cloudflare
etag
0x8DBE6A4052B1BC5
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
9b908b79-001e-005d-5d9d-213307000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
82cef9687da7728f-EWR
otCommonStyles.css
cdn.cookielaw.org/scripttemplates/202310.2.0/assets/ 		21 KB
4 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/202310.2.0/assets/otCommonStyles.css
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202310.2.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d3f7b0ec4de079928a999641e781e80f33597a392a561bc460276dfb4efb6eec
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://213.238.171.129.sslip.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 28 Nov 2023 01:52:55 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
MISS
content-encoding
gzip
content-md5
c7xAZ9MSGAobGaTYg/Qtag==
x-ms-lease-status
unlocked
last-modified
Thu, 16 Nov 2023 13:00:45 GMT
server
cloudflare
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
x-ms-request-id
e85c990b-a01e-0019-659d-21b938000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
cf-ray
82cef9687da8728f-EWR
otCCPAiab.js
cdn.cookielaw.org/opt-out/ 		22 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/opt-out/otCCPAiab.js
Requested by
Host: cdn.privacy.paramount.com
URL: https://cdn.privacy.paramount.com/dist/optanon-v1.1.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a7b7120dffd25546c93c1367b9c86a3dc87e71d2c89ebb39163a71eb3b659f01
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://213.238.171.129.sslip.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 28 Nov 2023 01:52:55 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
content-md5
ERttG9+iQk1LCPjR495NRw==
age
2822
x-ms-lease-status
unlocked
last-modified
Tue, 22 Feb 2022 22:01:18 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
c19e7251-301e-0069-5d8f-1300cf000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
cf-ray
82cef96888aa8c3c-EWR
dnsfeed
geolocation.onetrust.com/cookieconsentpub/v1/geo/location/ 		78 B
245 B 		Script
General
Check archive.org
Download Go to
Full URL
https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location/dnsfeed
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/opt-out/otCCPAiab.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9b77 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6ed37e392b16dc80c3fe4470e3e48eb831b86dc84531de828b734190073d8062
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://213.238.171.129.sslip.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 01:52:55 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
server
cloudflare
cf-ray
82cef9696d6f8cab-EWR
vary
Accept-Encoding
content-type
text/javascript
00c7d24a6eef4efcffbe84367abc0a2cc0ffa
wellgroomedhydrant.com/submit/3e82421c9ff3b77/ Frame 0C7C 		295 B
806 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://wellgroomedhydrant.com/submit/3e82421c9ff3b77/00c7d24a6eef4efcffbe84367abc0a2cc0ffa
Requested by
Host: uninterestedquarter.com
URL: https://uninterestedquarter.com/v2dct7QSPycqlji17HhQJwi0MtrZ5V7i9ctT0h1hlUQXDRaBEpmYI3aE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:809c::1 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software
/
Resource Hash
c2b5307e2583806f132c2c8a86438c8cfd2af8557c0621d696d080017e4c4b66
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

Referer
https://www.cbsnews.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

strict-transport-security
max-age=15724800; preload
date
Tue, 28 Nov 2023 01:52:55 GMT
via
1.1 google
x-buildnumber
1072352451
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
295
x-datacenter
gce-us-east1
x-buildname
hoothoot
vary
Accept-Encoding, Origin
access-control-allow-methods
POST, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.cbsnews.com
x-hostname
fen-hoothoot-us-east1-spot-wndx
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
expires
Tue, 28 Nov 2023 01:52:54 GMT
streams
pubads.g.doubleclick.net/ssai/event/Sid4xiTQTkCT1SLu6rjUSQ/ Frame 0C7C 		577 B
298 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/ssai/event/Sid4xiTQTkCT1SLu6rjUSQ/streams
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3_dai_debug.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
df18d62903da2f5883592b2960bebd633e904c8bf8be1dba47455b60d719738b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.cbsnews.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 28 Nov 2023 01:52:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.cbsnews.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-disposition
attachment; filename="stream_info.json"
access-control-allow-headers
Authorization
content-length
275
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 01 Jan 1990 00:00:00 GMT
ap23329594939125.jpg
assets1.cbsnewsstatic.com/hub/i/r/2023/11/27/8934de9d-c8f5-49a8-b354-79849fba4f5b/thumbnail/640x360/9139db63c5b00b2c079e8a5d55be512b/ 		37 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets1.cbsnewsstatic.com/hub/i/r/2023/11/27/8934de9d-c8f5-49a8-b354-79849fba4f5b/thumbnail/640x360/9139db63c5b00b2c079e8a5d55be512b/ap23329594939125.jpg?v=5659e73acd91751548aa89950cf015b0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.37.188 New York, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
5c1623ee87f9a81fb9b0188516f8f5afda81c8b23898fec7d66de3ed390f4a1d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://213.238.171.129.sslip.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 01:52:55 GMT
via
1.1 varnish
last-modified
Mon, 27 Nov 2023 23:21:24 GMT
age
8918
etag
"b62dac7c4691339f5c40be8ab2ae79c3"
content-type
image/jpeg
cache-control
max-age=5184000s
accept-ranges
bytes
timing-allow-origin
*
link
<https://assets1.cbsnewsstatic.com/hub/i/r/2023/11/27/8934de9d-c8f5-49a8-b354-79849fba4f5b/thumbnail/640x360/9139db63c5b00b2c079e8a5d55be512b/ap23329594939125.jpg>; rel="canonical"
content-length
38368
gettyimages-1782225491.jpg
assets1.cbsnewsstatic.com/hub/i/r/2023/11/27/d4f27114-e62e-4fe2-a6d0-678d5177d28f/thumbnail/640x360/38c70b16d24acec3e129cb07e1598ee3/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets1.cbsnewsstatic.com/hub/i/r/2023/11/27/d4f27114-e62e-4fe2-a6d0-678d5177d28f/thumbnail/640x360/38c70b16d24acec3e129cb07e1598ee3/gettyimages-1782225491.jpg?v=5659e73acd91751548aa89950cf015b0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.37.188 New York, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
f2fdbd9fa50c614a7a44f031cb9b287d42c62c2bbb273878770afc8758fddd58

Request headers

accept-language
en-US,en;q=0.9
Referer
https://213.238.171.129.sslip.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 01:52:55 GMT
via
1.1 varnish
last-modified
Mon, 27 Nov 2023 22:30:49 GMT
age
12028
etag
"bdb5f4d7324c1a46f30dad9df5ca684b"
content-type
image/jpeg
cache-control
max-age=5184000s
accept-ranges
bytes
timing-allow-origin
*
link
<https://assets1.cbsnewsstatic.com/hub/i/r/2023/11/27/d4f27114-e62e-4fe2-a6d0-678d5177d28f/thumbnail/640x360/38c70b16d24acec3e129cb07e1598ee3/gettyimages-1782225491.jpg>; rel="canonical"
content-length
22809
gettyimages-1238793440.jpg
assets2.cbsnewsstatic.com/hub/i/r/2023/10/03/96473934-0f0f-48c5-94e0-7481b0aee73a/thumbnail/640x360/b3e36df8dbe50a879714a1ff05bfcf00/ 		34 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets2.cbsnewsstatic.com/hub/i/r/2023/10/03/96473934-0f0f-48c5-94e0-7481b0aee73a/thumbnail/640x360/b3e36df8dbe50a879714a1ff05bfcf00/gettyimages-1238793440.jpg?v=5659e73acd91751548aa89950cf015b0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.37.188 New York, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
fd60a3c0bf748f4ef33dbb9eac95a6ac6a806a6182ca63011b641f9188632194

Request headers

accept-language
en-US,en;q=0.9
Referer
https://213.238.171.129.sslip.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 01:52:55 GMT
via
1.1 varnish
last-modified
Tue, 03 Oct 2023 12:11:52 GMT
age
7379
etag
"398f950101a6c1cd9ba4d2aa38a21318"
content-type
image/jpeg
cache-control
max-age=5184000s
accept-ranges
bytes
timing-allow-origin
*
link
<https://assets1.cbsnewsstatic.com/hub/i/r/2023/10/03/96473934-0f0f-48c5-94e0-7481b0aee73a/thumbnail/640x360/b3e36df8dbe50a879714a1ff05bfcf00/gettyimages-1238793440.jpg>; rel="canonical"
content-length
34420
ap23324751074639.jpg
assets1.cbsnewsstatic.com/hub/i/r/2023/11/27/4c7b4c06-6fd6-47a7-8cd4-05b55fb63455/thumbnail/640x360/07581c61ce34fa69d8a3556add92f99b/ 		42 KB
42 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets1.cbsnewsstatic.com/hub/i/r/2023/11/27/4c7b4c06-6fd6-47a7-8cd4-05b55fb63455/thumbnail/640x360/07581c61ce34fa69d8a3556add92f99b/ap23324751074639.jpg?v=5659e73acd91751548aa89950cf015b0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.37.188 New York, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
c93b39434a45f4779a884833f1eb5c0764d2f7e63328822b5a51af10f22ac732

Request headers

accept-language
en-US,en;q=0.9
Referer
https://213.238.171.129.sslip.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 01:52:55 GMT
via
1.1 varnish
last-modified
Mon, 27 Nov 2023 15:13:38 GMT
age
38333
etag
"0e0c4da93395aa7cdc22f7eeaefa5cf6"
content-type
image/jpeg
cache-control
max-age=5184000s
accept-ranges
bytes
timing-allow-origin
*
link
<https://assets1.cbsnewsstatic.com/hub/i/r/2023/11/27/4c7b4c06-6fd6-47a7-8cd4-05b55fb63455/thumbnail/640x360/07581c61ce34fa69d8a3556add92f99b/ap23324751074639.jpg>; rel="canonical"
content-length
42615
ap23312650378080.jpg
assets1.cbsnewsstatic.com/hub/i/r/2023/11/09/510b25f2-3506-4196-9f56-a7f3ffad7168/thumbnail/640x360/71b2c7f179eefa0bcd9ae5f55c937f37/ 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets1.cbsnewsstatic.com/hub/i/r/2023/11/09/510b25f2-3506-4196-9f56-a7f3ffad7168/thumbnail/640x360/71b2c7f179eefa0bcd9ae5f55c937f37/ap23312650378080.jpg?v=5659e73acd91751548aa89950cf015b0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.37.188 New York, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
393f300584045704534d2b8391d2dbc5efe80057ea74f19b3b620fdf9ca8e0d1

Request headers

accept-language
en-US,en;q=0.9
Referer
https://213.238.171.129.sslip.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 01:52:55 GMT
via
1.1 varnish
last-modified
Thu, 09 Nov 2023 13:50:41 GMT
age
1597912
etag
"056cffe63b930eba97a07e6816b43754"
content-type
image/jpeg
cache-control
max-age=5184000s
accept-ranges
bytes
timing-allow-origin
*
link
<https://assets1.cbsnewsstatic.com/hub/i/r/2023/11/09/510b25f2-3506-4196-9f56-a7f3ffad7168/thumbnail/640x360/71b2c7f179eefa0bcd9ae5f55c937f37/ap23312650378080.jpg>; rel="canonical"
content-length
25781
ot_guard_logo.svg
cdn.cookielaw.org/logos/static/ 		497 B
488 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/logos/static/ot_guard_logo.svg
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202310.2.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
691dcdb24853a0f5ce4e6597e5713dea66799b57ffe2c2a10f28f98e0b569b19
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://213.238.171.129.sslip.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 28 Nov 2023 01:52:55 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
MISS
content-encoding
gzip
content-md5
tXyZydHjxQshFMbbBT1/8A==
x-ms-lease-status
unlocked
last-modified
Mon, 27 Nov 2023 13:33:15 GMT
server
cloudflare
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
5580f0be-201e-0028-769d-21582b000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
cf-ray
82cef96b0b0c728f-EWR
Icon_Logo_Blue_2.png
cdn.cookielaw.org/logos/869be997-c257-4071-b658-a5427317b5c6/31eb64d3-daa3-4385-8992-298df8d43285/497e6d0a-4f9f-41f3-9dab-a652b6dc0e77/ 		44 KB
44 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.cookielaw.org/logos/869be997-c257-4071-b658-a5427317b5c6/31eb64d3-daa3-4385-8992-298df8d43285/497e6d0a-4f9f-41f3-9dab-a652b6dc0e77/Icon_Logo_Blue_2.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3398c832ff4a6236383928071f474b77fc14fed0f96c1eb51a2e911a719cd587
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://213.238.171.129.sslip.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 28 Nov 2023 01:52:55 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
LBbV4Jf/vBEWtpH65lFhqw==
age
51572
content-length
44648
x-ms-lease-status
unlocked
last-modified
Thu, 25 Aug 2022 14:54:56 GMT
server
cloudflare
etag
0x8DA86A9C69EBFD6
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
x-ms-request-id
f1fdbd58-101e-008a-1876-146232000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
82cef96b3c778c3c-EWR
powered_by_logo.svg
cdn.cookielaw.org/logos/static/ 		5 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.cookielaw.org/logos/static/powered_by_logo.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:83ec , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://213.238.171.129.sslip.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 28 Nov 2023 01:52:55 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
content-md5
Y+c301RBZNK39PvKQWrIBw==
age
6972
x-ms-lease-status
unlocked
last-modified
Mon, 27 Nov 2023 03:36:43 GMT
server
cloudflare
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
x-ms-request-id
ccf762a7-801e-0088-55e5-20dc8a000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
cf-ray
82cef96b3c788c3c-EWR
869342a3cee1e0df26921b48a2e58a7b386337f743ca76618af0
wellgroomedhydrant.com/ Frame 0C7C 		3 B
75 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://wellgroomedhydrant.com/869342a3cee1e0df26921b48a2e58a7b386337f743ca76618af0
Requested by
Host: uninterestedquarter.com
URL: https://uninterestedquarter.com/v2dct7QSPycqlji17HhQJwi0MtrZ5V7i9ctT0h1hlUQXDRaBEpmYI3aE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:809c::1 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software
/
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

Referer
https://www.cbsnews.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

strict-transport-security
max-age=15724800; preload
date
Tue, 28 Nov 2023 01:52:55 GMT
via
1.1 google
x-buildnumber
1072352451
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3
x-datacenter
gce-us-east1
x-buildname
hoothoot
vary
Accept-Encoding, Origin
access-control-allow-methods
POST, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.cbsnews.com
x-hostname
fen-hoothoot-us-east1-spot-wndx
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
expires
Tue, 28 Nov 2023 01:52:54 GMT
404296374-343194735069328-139029050953559532-n.jpg
assets1.cbsnewsstatic.com/hub/i/r/2023/11/27/f02baab3-52e0-4346-a2ec-1526f479edc9/thumbnail/640x360/11586156b054b21abe91fb4b968e42c1/ 		25 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets1.cbsnewsstatic.com/hub/i/r/2023/11/27/f02baab3-52e0-4346-a2ec-1526f479edc9/thumbnail/640x360/11586156b054b21abe91fb4b968e42c1/404296374-343194735069328-139029050953559532-n.jpg?v=5659e73acd91751548aa89950cf015b0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.37.188 New York, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
6057b1883b269446f8a2e9260df6fbd4383eddb9c58ac312f9c6b18113778fd4

Request headers

accept-language
en-US,en;q=0.9
Referer
https://213.238.171.129.sslip.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 01:52:55 GMT
via
1.1 varnish
last-modified
Mon, 27 Nov 2023 20:01:45 GMT
age
21059
etag
"b4649e2fc2db0e50faf641c80730715d"
content-type
image/jpeg
cache-control
max-age=5184000s
accept-ranges
bytes
timing-allow-origin
*
link
<https://assets1.cbsnewsstatic.com/hub/i/r/2023/11/27/f02baab3-52e0-4346-a2ec-1526f479edc9/thumbnail/640x360/11586156b054b21abe91fb4b968e42c1/404296374-343194735069328-139029050953559532-n.jpg>; rel="canonical"
content-length
25940
12-year-old-steals-forklift-ann-arbor.png
assets2.cbsnewsstatic.com/hub/i/r/2023/11/27/230721e3-b4db-453e-b7a2-c8514eb5468e/thumbnail/640x360/bf3d02a8d1ed70ea4ead46af647b0614/ 		177 KB
177 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets2.cbsnewsstatic.com/hub/i/r/2023/11/27/230721e3-b4db-453e-b7a2-c8514eb5468e/thumbnail/640x360/bf3d02a8d1ed70ea4ead46af647b0614/12-year-old-steals-forklift-ann-arbor.png?v=5659e73acd91751548aa89950cf015b0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.37.188 New York, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
67a5cf03d77ba81e0dfcb6e2996780cb6650c1e9b4a3812c3e917c8d79828035

Request headers

accept-language
en-US,en;q=0.9
Referer
https://213.238.171.129.sslip.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 01:52:55 GMT
via
1.1 varnish
last-modified
Mon, 27 Nov 2023 18:58:48 GMT
age
24162
etag
"051d3f286338a6c02e7c8a1e925d09b4"
content-type
image/png
cache-control
max-age=5184000s
accept-ranges
bytes
timing-allow-origin
*
link
<https://assets1.cbsnewsstatic.com/hub/i/r/2023/11/27/230721e3-b4db-453e-b7a2-c8514eb5468e/thumbnail/640x360/bf3d02a8d1ed70ea4ead46af647b0614/12-year-old-steals-forklift-ann-arbor.png>; rel="canonical"
content-length
181220
ios17-getty-images.jpg
assets3.cbsnewsstatic.com/hub/i/r/2023/11/27/a3e8f337-ec58-4ac2-b14a-a45bfdb04d05/thumbnail/640x360/9011adad77b70838dd67b071eed40346/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets3.cbsnewsstatic.com/hub/i/r/2023/11/27/a3e8f337-ec58-4ac2-b14a-a45bfdb04d05/thumbnail/640x360/9011adad77b70838dd67b071eed40346/ios17-getty-images.jpg?v=5659e73acd91751548aa89950cf015b0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.37.188 New York, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
c65dbac8410d7c114507cb865ff7d2ee5ab690b33263fce692b0fd9bd69350c3

Request headers

accept-language
en-US,en;q=0.9
Referer
https://213.238.171.129.sslip.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 01:52:55 GMT
via
1.1 varnish
last-modified
Mon, 27 Nov 2023 15:02:45 GMT
age
38878
etag
"dd41f5287fb63f943da80b876ef87e7d"
content-type
image/jpeg
cache-control
max-age=5184000s
accept-ranges
bytes
timing-allow-origin
*
link
<https://assets1.cbsnewsstatic.com/hub/i/r/2023/11/27/a3e8f337-ec58-4ac2-b14a-a45bfdb04d05/thumbnail/640x360/9011adad77b70838dd67b071eed40346/ios17-getty-images.jpg>; rel="canonical"
content-length
19143
287d64c9b8101dad300a506e310e4773ebff56692c7110ca91a6
wellgroomedhydrant.com/ Frame 0C7C 		2 B
28 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://wellgroomedhydrant.com/287d64c9b8101dad300a506e310e4773ebff56692c7110ca91a6
Requested by
Host: uninterestedquarter.com
URL: https://uninterestedquarter.com/v2dct7QSPycqlji17HhQJwi0MtrZ5V7i9ctT0h1hlUQXDRaBEpmYI3aE
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:1901:0:809c::1 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software
/
Resource Hash
4355a46b19d348dc2f57c046f8ef63d4538ebb936000f3c9ee954a27460dd865
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

Referer
https://www.cbsnews.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

strict-transport-security
max-age=15724800; preload
date
Tue, 28 Nov 2023 01:52:56 GMT
via
1.1 google
x-buildnumber
1072352451
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
x-datacenter
gce-us-east1
x-buildname
hoothoot
vary
Accept-Encoding, Origin
access-control-allow-methods
POST, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.cbsnews.com
x-hostname
fen-hoothoot-us-east1-spot-wndx
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
expires
Tue, 28 Nov 2023 01:52:55 GMT
id3-events.json
dai.google.com/linear/hls/pa/event/Sid4xiTQTkCT1SLu6rjUSQ/stream/256b38fd-8ed9-4188-8f15-081c15139a16:CBF2/ Frame 0C7C 		106 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://dai.google.com/linear/hls/pa/event/Sid4xiTQTkCT1SLu6rjUSQ/stream/256b38fd-8ed9-4188-8f15-081c15139a16:CBF2/id3-events.json
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3_dai_debug.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4008:805::200e Bradenton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
f8b8137031a6e1e77e08b41b8abde91c9af330b6d9e99fc0431b50ddd5951d76
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cbsnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Nov 2023 01:52:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.cbsnews.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-disposition
attachment; filename="id3-events.json"
access-control-allow-headers
Authorization
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
expires
Mon, 01 Jan 1990 00:00:00 GMT
truncated
/ Frame 0C7C 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a7379a376036fab277e6176ce58592952d41b99177bf3b85d508734433e9c846

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type
image/svg+xml
master.m3u8
dai.google.com/linear/hls/pa/event/Sid4xiTQTkCT1SLu6rjUSQ/stream/256b38fd-8ed9-4188-8f15-081c15139a16:CBF2/ Frame 0C7C 		2 KB
920 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dai.google.com/linear/hls/pa/event/Sid4xiTQTkCT1SLu6rjUSQ/stream/256b38fd-8ed9-4188-8f15-081c15139a16:CBF2/master.m3u8
Requested by
Host: www.cbsnews.com
URL: https://www.cbsnews.com/fly/bundles/cbsnewscore/js-build/polyfills/hls.min.js?v=5659e73acd91751548aa89950cf015b0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4008:805::200e Bradenton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
2a87732e2e79f815d76991b517c933a27f5280e30797762f167f80b5ade6f824
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cbsnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Nov 2023 01:52:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
content-type
application/x-mpegURL; charset=UTF-8
access-control-allow-origin
https://www.cbsnews.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-disposition
inline; filename="master.m3u8"
access-control-allow-headers
Authorization
content-length
541
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 01 Jan 1990 00:00:00 GMT
utag.js
tealium.cbsnews.com/site/prod/ 		541 KB
160 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tealium.cbsnews.com/site/prod/utag.js?v=202309221625
Requested by
Host: www.cbsnews.com
URL: https://www.cbsnews.com/fly/bundles/cbsnewscore/js-build/main.js?v=5659e73acd91751548aa89950cf015b0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.37.188 New York, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
95a4782358ce7c4e22475eb612274c204bfc8a0c8d3299e7d6c1f242ae958fef

Request headers

accept-language
en-US,en;q=0.9
Referer
https://213.238.171.129.sslip.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 01:52:58 GMT
content-encoding
gzip
via
1.1 varnish
last-modified
Fri, 22 Sep 2023 16:28:10 GMT
age
283
etag
"920a76e7067bcad2ab6d296e4b1c9f0f"
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=31536000s
accept-ranges
bytes
content-length
164022
343641.m3u8
dai.google.com/linear/hls/pa/event/Sid4xiTQTkCT1SLu6rjUSQ/stream/256b38fd-8ed9-4188-8f15-081c15139a16:CBF2/variant/a2490d3c744cd6c7e5676ecfc6956ee9/bandwidth/ Frame 0C7C 		4 KB
478 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dai.google.com/linear/hls/pa/event/Sid4xiTQTkCT1SLu6rjUSQ/stream/256b38fd-8ed9-4188-8f15-081c15139a16:CBF2/variant/a2490d3c744cd6c7e5676ecfc6956ee9/bandwidth/343641.m3u8
Requested by
Host: www.cbsnews.com
URL: https://www.cbsnews.com/fly/bundles/cbsnewscore/js-build/polyfills/hls.min.js?v=5659e73acd91751548aa89950cf015b0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4008:805::200e Bradenton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
02758176b038743144fd402dde05d0b0e669f2a2daaff68f17b9ac0fa64ffb2b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cbsnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Nov 2023 01:52:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
content-type
application/x-mpegURL; charset=UTF-8
access-control-allow-origin
https://www.cbsnews.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-disposition
inline; filename="variant.m3u8"
access-control-allow-headers
Authorization
content-length
382
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 01 Jan 1990 00:00:00 GMT
id
dpm.demdex.net/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://dpm.demdex.net/id?d_visid_ver=4.4.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=10D31225525FF5790A490D4D%40AdobeOrg&d_nsid=0&ts=1701136378357
Requested by
Host: tealium.cbsnews.com
URL: https://tealium.cbsnews.com/site/prod/utag.js?v=202309221625
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.2.217.2 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-2-217-2.compute-1.amazonaws.com
Software
/
Resource Hash
626b749c912e14985016557bfac3b6162d687076653b70b60da61e88fad492ae
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://213.238.171.129.sslip.io/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

dcs
dcs-prod-va6-1-v053-088c494ef.edge-va6.demdex.com 3 ms
pragma
no-cache
date
Tue, 28 Nov 2023 01:52:58 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
x-tid
bWtZN/w4RWM=
vary
Origin
content-type
application/json;charset=utf-8
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
access-control-allow-origin
https://213.238.171.129.sslip.io
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
access-control-allow-credentials
true
content-length
760
expires
Thu, 01 Jan 1970 00:00:00 UTC
dest5.html
cbsi.demdex.net/ Frame 5F33 		7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cbsi.demdex.net/dest5.html?d_nsid=0
Requested by
Host: tealium.cbsnews.com
URL: https://tealium.cbsnews.com/site/prod/utag.js?v=202309221625
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.2.217.2 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-2-217-2.compute-1.amazonaws.com
Software
/
Resource Hash
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://213.238.171.129.sslip.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding
gzip
content-type
text/html;charset=UTF-8
date
Tue, 28 Nov 2023 01:52:58 GMT
dcs
dcs-prod-va6-1-v053-061d3874e.edge-va6.demdex.com 0 ms
expires
Thu, 01 Jan 1970 00:00:00 UTC
last-modified
Sat, 25 Nov 2023 10:55:46 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains
vary
accept-encoding
x-tid
zX2alxDbTPI=
id
saa.cbsnews.com/ 		48 B
465 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://saa.cbsnews.com/id?d_visid_ver=4.4.1&d_fieldgroup=A&mcorgid=10D31225525FF5790A490D4D%40AdobeOrg&mid=34726976660438081533606722353634462285&ts=1701136378504
Requested by
Host: tealium.cbsnews.com
URL: https://tealium.cbsnews.com/site/prod/utag.js?v=202309221625
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
63.140.38.165 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ip-63-140-38-165.data.adobedc.net
Software
jag /
Resource Hash
6a7f2741885474282051be5ed5a043f87855d5a39a26c447874603ab89218ff6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://213.238.171.129.sslip.io/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Tue, 28 Nov 2023 01:52:58 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
server
jag
vary
Origin
content-type
application/x-javascript;charset=utf-8
access-control-allow-origin
https://213.238.171.129.sslip.io
p3p
CP="This is not a P3P policy"
cache-control
no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials
true
content-length
48
x-xss-protection
1; mode=block
videoplayback
r1---sn-8xgp1vo-2pul.googlevideo.com/ Frame 0C7C
Redirect Chain
  • https://dai.google.com/linear/pods/v1/p/Sid4xiTQTkCT1SLu6rjUSQ/256b38fd-8ed9-4188-8f15-081c15139a16:CBF2/289997/0/2/a2490d3c744cd6c7e5676ecfc6956ee9/5.ts
  • https://r1---sn-8xgp1vo-2pul.googlevideo.com/videoplayback?expire=1701222777&ei=-UdlZejkM9qN_tcPlreHoA0&ip=0.0.0.0&ogomk=hk1&requiressl=yes&nc=8264&gomv=google_0059853393398448509%2Cgoogle_84631604...
224 KB
225 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://r1---sn-8xgp1vo-2pul.googlevideo.com/videoplayback?expire=1701222777&ei=-UdlZejkM9qN_tcPlreHoA0&ip=0.0.0.0&ogomk=hk1&requiressl=yes&nc=8264&gomv=google_0059853393398448509%2Cgoogle_8463160428169783479%2Cgoogle_5392535423601081439%2Cgoogle_7128987864577960729%2Cgoogle_2417603258264297874&ctier=L&mime=video/MP2T&itag=340&faskm=468&ogoms=cr9M53MXij3oZ6_x0U91-w&goc=13&sgovp=gir%3Dyes%3Bitag%3D340%3Bxtags%3Dvc%3Davc%3Avccf%3Dmain%3Avfr%3D29.97%3Avsz%3D320x180%3Avtbr%3D160%3Bclen%3D613921%3Bdur%3D30030%3Blmt%3D1700889156985509&acao=yes&source=dclk_video_ads&id=ea14bb9ea8f325c1&fvskm=150&gomt=100%2C7507%2C14765%2C22522%2C29030&sgoap=gir%3Dyes%3Bitag%3D340%3Bxtags%3Dac%3Daac%3Aaccf%3Dlc%3Aach%3D2%3Aasr%3D48000%3Aatbr%3D128%3Bclen%3D488194%3Bdur%3D30080%3Blmt%3D1700889023369518&ogomt=-5100,-4100,-3100,-2100,-1100,-100&susc=dvc&xpc=Eghovf3BOnoBAQ==&sparams=expire,ei,ip,ogomk,requiressl,gomv,ctier,mime,itag,faskm,ogoms,goc,sgovp,acao,source,id,fvskm,gomt,sgoap,ogomt,susc,xpc&sig=ANLwegAwRQIhAI_QUI976v4h-QXLV7VDsVfMEHqLFPp0ZjK6itlyxrAvAiB6JT_R7ywHl25MII4QKxTPSG3B6Ua3ueTrHXmyNjLW7A==&mh=FI&mip=2600:803:a88:1134::134&mm=31&mn=sn-8xgp1vo-2pul&ms=au&mt=1701135473&mv=u&mvi=1&pcm2cms=yes&pl=58&rmhost=r2---sn-8xgp1vo-2pul.googlevideo.com&shardbypass=md-default&smhost=r2---sn-8xgp1vo-2pue.googlevideo.com&lsparams=mh,mip,mm,mn,ms,mv,mvi,pcm2cms,pl,rmhost,shardbypass,smhost&lsig=AM8Gb2swRQIhAKjUbivzJBLUwwQX7un7guZ702bjezra7KsYucwYQRelAiBAC6T533ifFxod-u-zNEAuxxrDiIGhYhPu_dqC_ZNLlg%3D%3D&fvidshow=150&fvidskip=0&govp=slices%3D0-738%2C511137-613920&faudshow=233&faudskip=237&goap=slices%3D0-631%2C324521-488193&ogomm=31000&cpn=JWs4_Y7ZQYiPFQgc
Protocol
HTTP/1.1
Server
2600:803:1504:1::c , United States, ASN701 (UUNET, US),
Reverse DNS
Software
gvs 1.0 /
Resource Hash
57a8cc3bae0bfa43590633a5b0027afc9f26d6331094f7fe44593c9a542dcd41
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cbsnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Tue, 28 Nov 2023 01:52:59 GMT
X-Content-Type-Options
nosniff
Transfer-Encoding
chunked
Cross-Origin-Resource-Policy
cross-origin
Connection
close
Alt-Svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Last-Modified
Sat, 25 Nov 2023 05:12:36 GMT
Server
gvs 1.0
Vary
Origin
Content-Type
video/MP2T
Access-Control-Allow-Origin
null
Access-Control-Expose-Headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control
private, max-age=86098
Access-Control-Allow-Credentials
true
Timing-Allow-Origin
null
Expires
Tue, 28 Nov 2023 01:52:59 GMT

Redirect headers

date
Tue, 28 Nov 2023 01:52:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23
x-xss-protection
0
pragma
no-cache
x-frame-options
SAMEORIGIN
content-type
, text/html; charset=UTF-8, text/html; charset=UTF-8
access-control-allow-origin
https://www.cbsnews.com
location
https://r1---sn-8xgp1vo-2pul.googlevideo.com/videoplayback?expire=1701222777&ei=-UdlZejkM9qN_tcPlreHoA0&ip=0.0.0.0&ogomk=hk1&requiressl=yes&nc=8264&gomv=google_0059853393398448509%2Cgoogle_8463160428169783479%2Cgoogle_5392535423601081439%2Cgoogle_7128987864577960729%2Cgoogle_2417603258264297874&ctier=L&mime=video/MP2T&itag=340&faskm=468&ogoms=cr9M53MXij3oZ6_x0U91-w&goc=13&sgovp=gir%3Dyes%3Bitag%3D340%3Bxtags%3Dvc%3Davc%3Avccf%3Dmain%3Avfr%3D29.97%3Avsz%3D320x180%3Avtbr%3D160%3Bclen%3D613921%3Bdur%3D30030%3Blmt%3D1700889156985509&acao=yes&source=dclk_video_ads&id=ea14bb9ea8f325c1&fvskm=150&gomt=100%2C7507%2C14765%2C22522%2C29030&sgoap=gir%3Dyes%3Bitag%3D340%3Bxtags%3Dac%3Daac%3Aaccf%3Dlc%3Aach%3D2%3Aasr%3D48000%3Aatbr%3D128%3Bclen%3D488194%3Bdur%3D30080%3Blmt%3D1700889023369518&ogomt=-5100,-4100,-3100,-2100,-1100,-100&susc=dvc&xpc=Eghovf3BOnoBAQ==&sparams=expire,ei,ip,ogomk,requiressl,gomv,ctier,mime,itag,faskm,ogoms,goc,sgovp,acao,source,id,fvskm,gomt,sgoap,ogomt,susc,xpc&sig=ANLwegAwRQIhAI_QUI976v4h-QXLV7VDsVfMEHqLFPp0ZjK6itlyxrAvAiB6JT_R7ywHl25MII4QKxTPSG3B6Ua3ueTrHXmyNjLW7A==&mh=FI&mip=2600:803:a88:1134::134&mm=31&mn=sn-8xgp1vo-2pul&ms=au&mt=1701135473&mv=u&mvi=1&pcm2cms=yes&pl=58&rmhost=r2---sn-8xgp1vo-2pul.googlevideo.com&shardbypass=md-default&smhost=r2---sn-8xgp1vo-2pue.googlevideo.com&lsparams=mh,mip,mm,mn,ms,mv,mvi,pcm2cms,pl,rmhost,shardbypass,smhost&lsig=AM8Gb2swRQIhAKjUbivzJBLUwwQX7un7guZ702bjezra7KsYucwYQRelAiBAC6T533ifFxod-u-zNEAuxxrDiIGhYhPu_dqC_ZNLlg%3D%3D&fvidshow=150&fvidskip=0&govp=slices%3D0-738%2C511137-613920&faudshow=233&faudskip=237&goap=slices%3D0-631%2C324521-488193&ogomm=31000&cpn=JWs4_Y7ZQYiPFQgc
access-control-expose-headers
Location
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Authorization
expires
Mon, 01 Jan 1990 00:00:00 GMT
ibs:dpid=477&dpuuid=da1b264d45d5eb460bd379041589b25651a9b4dced360bad944fbf5e56e3106eb0da87c991749652
dpm.demdex.net/ Frame 5F33
Redirect Chain
  • https://idsync.rlcdn.com/365868.gif?partner_uid=34874868566750200013628261027188838197
  • https://idsync.rlcdn.com/1000.gif?memo=CKyqFhIxCi0IARCYEhomMzQ4NzQ4Njg1NjY3NTAyMDAwMTM2MjgyNjEwMjcxODg4MzgxOTcQABoNCPuPlasGEgUI6AcQAEIASgA
  • https://dpm.demdex.net/ibs:dpid=477&dpuuid=da1b264d45d5eb460bd379041589b25651a9b4dced360bad944fbf5e56e3106eb0da87c991749652
42 B
716 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=477&dpuuid=da1b264d45d5eb460bd379041589b25651a9b4dced360bad944fbf5e56e3106eb0da87c991749652
Protocol
H2
Server
52.2.217.2 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-2-217-2.compute-1.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cbsi.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

dcs
dcs-prod-va6-2-v053-0fe467b97.edge-va6.demdex.com 2 ms
pragma
no-cache
date
Tue, 28 Nov 2023 01:52:59 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-encoding
gzip
x-tid
47WzV21TTp8=
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length
59
expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

date
Tue, 28 Nov 2023 01:52:59 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://dpm.demdex.net/ibs:dpid=477&dpuuid=da1b264d45d5eb460bd379041589b25651a9b4dced360bad944fbf5e56e3106eb0da87c991749652
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
s21827077571976
saa.cbsnews.com/b/ss/cbsicbsnewssite-dev/10/JS-2.17.0/ 		117 B
257 B 		Script
General
Check archive.org
Download Go to
Full URL
https://saa.cbsnews.com/b/ss/cbsicbsnewssite-dev/10/JS-2.17.0/s21827077571976?AQB=1&ndh=1&pf=1&callback=s_c_il[0].doPostbacks&et=1&t=27%2F10%2F2023%2015%3A52%3A58%201%20600&d.&nsid=0&jsonv=1&.d&sdid=12226C8C8679D6E8-272102A95782D421&mid=34726976660438081533606722353634462285&aamlh=7&ce=UTF-8&ns=cbsinteractive&pageName=cbsnews%3A%2F&g=https%3A%2F%2F213.238.171.129.sslip.io%2F&c.&siteEdition=us&siteOrigin=us&brandPlatformId=cbsnews_site_desktop&hasVideo=true&clientTimestamp=2023-11-28T01%3A52%3A58.353Z&optimizelyExp=D%3Dv44&cm.&ssf=0&.cm&.c&cc=USD&ch=frontdoor&server=213.238.171.129.sslip.io&aamb=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&v1=cbsnews_site_desktop&h1=cbsnews%3Afrontdoor&c2=D%3Dv2&v2=us&c3=D%3Dv3&v3=responsive%20web%7C%7C%7Cdesktop&c4=D%3Dv4&v4=direct&c5=D%3Dv5&v5=cbsicbsnewssite-dev&c6=D%3Dv6&v6=cbsnews%3Afrontdoor&c7=D%3Dv7&v7=https%3A%2F%2F213.238.171.129.sslip.io%2F&c8=D%3Dv8&v8=CBS%20News%20-%20Breaking%20news%2C%2024%2F7%20live%20streaming%20news%20%26%20top%20stories&c9=D%3Dv9&v9=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F119.0.6045.159%20Safari%2F537.36&c10=D%3Dv10&v10=front_door&c11=D%3Dv11&v11=D%3Dch%2B%22%3A%22%2Bv10&v12=D%3Dmid&v15=not%20authenticated%7Canon&c20=D%3Dv20&v20=cbs%20news%20-%20breaking%20news%2C%2024%2F7%20live%20streaming%20news%20%26%20top%20stories&c22=D%3Dv22&v22=content_feature&c23=D%3Dv23&v23=1ba86ba8-758d-11e2-9d12-0018fe8a00b0&c24=D%3Dv24&v24=5dc0a850-f78c-4d7b-b045-444db5b3fd59&c30=D%3Dv30&v30=e8074928-8717-4e96-94d3-c57247d92fc5&c36=D%3Dv36&c44=D%3Dv44&v44=katysTest%3D2%7CliveTvButtonInHeader%3D0%7Crecirc-queryly%3D1%7Cvpa-roku%3D1&c47=D%3Dv47&c51=Monday&v51=Monday&c52=1&v52=1&c53=D%3Dv53&c54=D%3Dv54&c55=D%3Dv55&c56=D%3Dv56&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=10D31225525FF5790A490D4D%40AdobeOrg&AQE=1
Requested by
Host: tealium.cbsnews.com
URL: https://tealium.cbsnews.com/site/prod/utag.js?v=202309221625
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
63.140.38.165 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ip-63-140-38-165.data.adobedc.net
Software
jag /
Resource Hash
dd40d61fc9eaf54d81632552f8ea15f5828f3073821622c082bafbcc9fdada4d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://213.238.171.129.sslip.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Nov 2023 01:52:58 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
last-modified
Wed, 29 Nov 2023 01:52:58 GMT
server
jag
etag
3653162556107980800-4617758421162991569
vary
*
p3p
CP="This is not a P3P policy"
access-control-allow-origin
*
content-type
application/x-javascript;charset=utf-8
cache-control
no-cache, no-store, max-age=0, no-transform, private
content-length
117
x-xss-protection
1; mode=block
expires
Mon, 27 Nov 2023 01:52:58 GMT
ibs:dpid=771&dpuuid=CAESEKVx0b7357jLdXkkVz76XVw&google_cver=1
dpm.demdex.net/ Frame 5F33
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=MzQ4NzQ4Njg1NjY3NTAyMDAwMTM2MjgyNjEwMjcxODg4MzgxOTc=
  • https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm=&gdpr=0&gdpr_consent=&google_hm=MzQ4NzQ4Njg1NjY3NTAyMDAwMTM2MjgyNjEwMjcxODg4MzgxOTc=&google_tc=
  • https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEKVx0b7357jLdXkkVz76XVw&google_cver=1?gdpr=0&gdpr_consent=
42 B
716 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEKVx0b7357jLdXkkVz76XVw&google_cver=1?gdpr=0&gdpr_consent=
Protocol
H2
Server
52.2.217.2 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-2-217-2.compute-1.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cbsi.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

dcs
dcs-prod-va6-2-v053-047e37864.edge-va6.demdex.com 2 ms
pragma
no-cache
date
Tue, 28 Nov 2023 01:52:59 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-encoding
gzip
x-tid
y+q4L1ntSuQ=
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length
59
expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma
no-cache
date
Tue, 28 Nov 2023 01:52:59 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEKVx0b7357jLdXkkVz76XVw&google_cver=1?gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ibs:dpid=22052&dpuuid=3640245160328036358
dpm.demdex.net/ Frame 5F33
Redirect Chain
  • https://ml314.com/utsync.ashx?eid=50112&et=0&gdpr=0&gdpr_consent=&return=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D22052%26dpuuid%3D[PersonID]
  • https://dpm.demdex.net/ibs:dpid=22052&dpuuid=3640245160328036358
42 B
716 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=22052&dpuuid=3640245160328036358
Protocol
H2
Server
52.2.217.2 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-2-217-2.compute-1.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cbsi.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

dcs
dcs-prod-va6-1-v053-0daab3a62.edge-va6.demdex.com 2 ms
pragma
no-cache
date
Tue, 28 Nov 2023 01:52:59 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-encoding
gzip
x-tid
nDDMCu39T4w=
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length
59
expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma
no-cache
date
Tue, 28 Nov 2023 01:52:59 GMT
via
1.1 google, 1.1 google
server
Google Frontend
content-type
image/gif
location
https://dpm.demdex.net/ibs:dpid=22052&dpuuid=3640245160328036358
p3p
CP="NON DSP COR ADMo PSAo DEVo BUS COM UNI NAV DEM STA"
cache-control
no-cache, no-store, must-revalidate
x-cloud-trace-context
c17a1cfe676018ca579cd632b110b997
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
0,Wed, 29 Nov 2023 01:52:59 GMT
bidbarrel-cbsnews.min.js
at.cbsi.com/lib/dist/prod/ 		855 KB
194 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://at.cbsi.com/lib/dist/prod/bidbarrel-cbsnews.min.js?adaptive=true
Requested by
Host: www.cbsnews.com
URL: https://www.cbsnews.com/fly/bundles/cbsnewscore/js-build/main.js?v=5659e73acd91751548aa89950cf015b0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.188 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
30b77bf0c0360a4ef402dee9f91c2df7094cd39f68fee44353876e193af14f1c
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

accept-language
en-US,en;q=0.9
Referer
https://213.238.171.129.sslip.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-encoding
br
at-rc
us
age
65
at-lib-version-major
3
x-amz-server-side-encryption
AES256
at-svc
lib
x-amz-meta-surrogate-key
adlib-all-refs/releases/v3.15.0
x-served-by
cache-ewr18165-EWR
x-timer
S1701136379.065775,VS0,VE1
etag
"d1a099cba5cdc3ab39040c39be61030f"
vary
Accept-Encoding, Origin
content-type
application/javascript
at-lib-version-minor
15
cache-control
max-age=900, public, must-revalidate
x-cache-hits
3044
x-abtest
none
date
Tue, 28 Nov 2023 01:52:59 GMT
via
1.1 varnish
strict-transport-security
max-age=300
x-cache
HIT
at-lib-variant
core
at-cc
us
fastly-restarts
1
content-length
197541
at-lib-version-patch
0
at-lib-version
v3.15.0
at-lib-env
prod
last-modified
Wed, 25 Oct 2023 13:45:25 GMT
server
AmazonS3
at-subsvc
dist
at-url
/public/refs/releases/v3.15.0/all/bidbarrel-cbsnews_us.min.js.br?adaptive=true
at-lib-site
cbsnews
accept-ranges
bytes
ibs:dpid=30064&dpuuid=%7BUUID_6j5b2cv%7D
dpm.demdex.net/ Frame 5F33
Redirect Chain
  • https://ps.eyeota.net/match?bid=6j5b2cv&uid=34874868566750200013628261027188838197&r=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D30064%26dpuuid%3D%7BUUID_6j5b2cv%7D
  • https://ps.eyeota.net/match/bounce/?bid=6j5b2cv&uid=34874868566750200013628261027188838197&r=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D30064%26dpuuid%3D%7BUUID_6j5b2cv%7D
  • https://dpm.demdex.net/ibs:dpid=30064&dpuuid=%7BUUID_6j5b2cv%7D
42 B
731 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=30064&dpuuid=%7BUUID_6j5b2cv%7D
Protocol
H2
Server
52.2.217.2 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-2-217-2.compute-1.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cbsi.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

dcs
dcs-prod-va6-1-v053-07369f4e5.edge-va6.demdex.com 0 ms
pragma
no-cache
date
Tue, 28 Nov 2023 01:52:59 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-encoding
gzip
x-tid
66rAOMVCT80=
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
x-error
104,303
content-length
59
expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location
https://dpm.demdex.net/ibs:dpid=30064&dpuuid={UUID_6j5b2cv}
Date
Tue, 28 Nov 2023 01:52:59 GMT
Content-Length
0
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"
ibs:dpid=30646
dpm.demdex.net/ Frame 5F33
Redirect Chain
  • https://cms.analytics.yahoo.com/cms?partner_id=ADOBE&_hosted_id=34874868566750200013628261027188838197&gdpr=0&gdpr_consent=
  • https://ups.analytics.yahoo.com/ups/58782/cms?partner_id=ADOBE&_hosted_id=34874868566750200013628261027188838197&gdpr=0&gdpr_consent=
  • https://dpm.demdex.net/ibs:dpid=30646?dpuuid=y-Yfe9IOdE2pGT0KdRNTULNfW3xLoUBvPJhcM-~A
42 B
716 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=30646?dpuuid=y-Yfe9IOdE2pGT0KdRNTULNfW3xLoUBvPJhcM-~A
Protocol
H2
Server
52.2.217.2 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-2-217-2.compute-1.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cbsi.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

dcs
dcs-prod-va6-2-v053-00949e323.edge-va6.demdex.com 1 ms
pragma
no-cache
date
Tue, 28 Nov 2023 01:52:59 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-encoding
gzip
x-tid
Vu48F6B5QjM=
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length
59
expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

location
https://dpm.demdex.net/ibs:dpid=30646?dpuuid=y-Yfe9IOdE2pGT0KdRNTULNfW3xLoUBvPJhcM-~A
date
Tue, 28 Nov 2023 01:52:59 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.87
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
diff
at.cbsi.com/lib/api/v1/cbsnews/prod/config/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://at.cbsi.com/lib/api/v1/cbsnews/prod/config/diff?variant=us
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.188 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,variant,version
Access-Control-Request-Method
GET
Origin
https://213.238.171.129.sslip.io
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-headers
*
access-control-allow-origin
https://213.238.171.129.sslip.io
allow
GET,HEAD
at-subsvc
api
at-svc
lib
at-url
/v1/cbsnews/develop/config/diff?variant=us
content-length
8
content-type
text/html; charset=utf-8
date
Tue, 28 Nov 2023 01:52:59 GMT
etag
W/"8-ZRAf8oNBS3Bjb/SU2GYZCmbtmXg"
server
Google Frontend
strict-transport-security
max-age=300
vary
Accept-Encoding, Origin
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-cloud-trace-context
b35307e1dbd54f8c4f172d6f1fc7a574
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-download-options
noopen
x-frame-options
SAMEORIGIN
x-served-by
cache-ewr18148-EWR
x-timer
S1701136379.284317,VS0,VE15
x-xss-protection
1; mode=block
config.js
cdn.confiant-integrations.net/6NAGEHPQTIMciZyoLrUIDQZlmus/gpt_and_prebid/ 		186 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.confiant-integrations.net/6NAGEHPQTIMciZyoLrUIDQZlmus/gpt_and_prebid/config.js
Requested by
Host: at.cbsi.com
URL: https://at.cbsi.com/lib/dist/prod/bidbarrel-cbsnews.min.js?adaptive=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:90a6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1365c2e7f65b68ab3ab4d6b0594e8d31c2c14b0ef6e71dd56f14a2f6711dbb4f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://213.238.171.129.sslip.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 01:52:59 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 27 Nov 2023 22:16:03 GMT
server
cloudflare
x-amz-request-id
G3AY7D13ZDVTCZYR
age
860
etag
W/"e107dca6a89373a26d00a71819e80050"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=900, stale-while-revalidate=3600
cf-ray
82cef9824c7c32c6-PHL
alt-svc
h3=":443"; ma=86400
x-amz-id-2
RtsogeP8CUu9qy/aIA54wapXRZ64pjIbkM5/2zoV1sj6WMK6kqZAK7G7jqlLZJd5K3SnLVGlnNQ=
diff
at.cbsi.com/lib/api/v1/cbsnews/prod/config/ 		76 KB
10 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://at.cbsi.com/lib/api/v1/cbsnews/prod/config/diff?variant=us
Requested by
Host: at.cbsi.com
URL: https://at.cbsi.com/lib/dist/prod/bidbarrel-cbsnews.min.js?adaptive=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.188 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
35e3323a05cd760d4d50dd2b1e5f03c3aa33b5891357bcef69e631c89ba8ae6d
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Content-Type
application/json
Accept
application/json
Referer
https://213.238.171.129.sslip.io/
variant
us
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
version
v3.15.0

Response headers

date
Tue, 28 Nov 2023 01:52:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=300
via
1.1 varnish
age
0
x-dns-prefetch-control
off
x-cache
MISS
at-svc
lib
ttl
900s
content-length
10398
x-xss-protection
1; mode=block
x-served-by
cache-ewr18148-EWR
server
Google Frontend
at-subsvc
api
x-timer
S1701136379.345407,VS0,VE66
at-url
/v1/cbsnews/develop/config/diff?variant=us
etag
W/400dfb025e4b64c31d1ff426a0cf0ebd067252c2
x-download-options
noopen
x-frame-options
SAMEORIGIN
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
*
x-cloud-trace-context
0daa5ff95a30d6eb97ac8dc1c613a13e
cache-control
max-age=900
accept-ranges
bytes
access-control-allow-headers
*
x-cache-hits
0
/
id.sv.rkdms.com/identity/ 		2 B
278 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id.sv.rkdms.com/identity/?vendor=idsv2&sv_cid=5274_04512&sv_pubid=CBSI&sv_domain=213.238.171.129.sslip.io
Requested by
Host: at.cbsi.com
URL: https://at.cbsi.com/lib/dist/prod/bidbarrel-cbsnews.min.js?adaptive=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.202.199.100 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-202-199-100.compute-1.amazonaws.com
Software
awselb/2.0 /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer
https://213.238.171.129.sslip.io/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin
https://213.238.171.129.sslip.io
date
Tue, 28 Nov 2023 01:52:59 GMT
access-control-allow-credentials
true
server
awselb/2.0
content-length
2
vary
Accept-Encoding
content-type
application/json
rid
match.adsrvr.org/track/ 		109 B
573 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=casale&fmt=json&p=183728
Requested by
Host: at.cbsi.com
URL: https://at.cbsi.com/lib/dist/prod/bidbarrel-cbsnews.min.js?adaptive=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
95dcda2b953f1a9e6ab6261a3c6b729f6a74b65584baef52679aff93fed04ed7

Request headers

Referer
https://213.238.171.129.sslip.io/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Tue, 28 Nov 2023 01:52:59 GMT
content-encoding
gzip
server
Kestrel
vary
Origin, Accept-Encoding
content-type
application/json
access-control-allow-origin
https://213.238.171.129.sslip.io
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
expires
Thu, 28 Dec 2023 01:52:59 GMT
any
idx.liadm.com/idex/ie/ 		54 B
468 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://idx.liadm.com/idex/ie/any
Requested by
Host: at.cbsi.com
URL: https://at.cbsi.com/lib/dist/prod/bidbarrel-cbsnews.min.js?adaptive=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.229.24.114 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-229-24-114.compute-1.amazonaws.com
Software
/
Resource Hash
866d266da2e3ce14d802e62e789988a84b6eb50a737296b940f109f3a0af350e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://213.238.171.129.sslip.io/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Tue, 28 Nov 2023 01:52:59 GMT
strict-transport-security
max-age=31536000; includeSubDomains
vary
Origin
request-time
10
content-type
application/json
access-control-allow-origin
https://213.238.171.129.sslip.io
cache-control
max-age=86399, private
access-control-allow-credentials
true
trace-id
23de32ef67ac7f4f
content-length
54
expires
Wed, 29 Nov 2023 01:52:59 GMT
identity
api.rlcdn.com/api/ 		0
285 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.rlcdn.com/api/identity?pid=2&rt=envelope
Requested by
Host: at.cbsi.com
URL: https://at.cbsi.com/lib/dist/prod/bidbarrel-cbsnews.min.js?adaptive=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.155.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
137.155.120.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://213.238.171.129.sslip.io/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Tue, 28 Nov 2023 01:52:59 GMT
via
1.1 google
access-control-allow-methods
GET, OPTIONS
access-control-allow-origin
https://213.238.171.129.sslip.io
cache-control
no-cache, no-store
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
ibs:dpid=121998&dpuuid=1d687e167c02500a890de9e89c7d0a13
dpm.demdex.net/ Frame 5F33
Redirect Chain
  • https://sync.crwdcntrl.net/map/c=9828/tp=ADBE/gdpr=0/gdpr_consent=/tpid=34874868566750200013628261027188838197?https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D121998%26dpuuid%3D${profile_id}
  • https://sync.crwdcntrl.net/map/ct=y/c=9828/tp=ADBE/gdpr=0/gdpr_consent=/tpid=34874868566750200013628261027188838197?https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D121998%26dpuuid%3D${profile_id}
  • https://dpm.demdex.net/ibs:dpid=121998&dpuuid=1d687e167c02500a890de9e89c7d0a13
42 B
716 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=121998&dpuuid=1d687e167c02500a890de9e89c7d0a13
Protocol
H2
Server
52.2.217.2 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-2-217-2.compute-1.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cbsi.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

dcs
dcs-prod-va6-2-v053-0f4691eeb.edge-va6.demdex.com 3 ms
pragma
no-cache
date
Tue, 28 Nov 2023 01:52:59 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-encoding
gzip
x-tid
drdvRPgaQ+A=
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length
59
expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma
no-cache
date
Tue, 28 Nov 2023 01:52:59 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location
https://dpm.demdex.net/ibs:dpid=121998&dpuuid=1d687e167c02500a890de9e89c7d0a13
cache-control
no-cache
x-server
10.40.8.33
content-length
0
expires
0
febb9f7e-45c8-4e6a-8772-14cd8c2d6262
https://www.cbsnews.com/ Frame 0C7C 		80 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.cbsnews.com/febb9f7e-45c8-4e6a-8772-14cd8c2d6262
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
49eaa23c3c030f1ff520d0ec7cafb9d3cd3ddf9f729b4666fc4cb59cebf6b0cc

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Length
81453
Content-Type
text/javascript
videoplayback
r3---sn-vgqsrn66.googlevideo.com/ Frame 0C7C
Redirect Chain
  • https://dai.google.com/linear/pods/v1/p/Sid4xiTQTkCT1SLu6rjUSQ/256b38fd-8ed9-4188-8f15-081c15139a16:CBF2/289997/0/3/a2490d3c744cd6c7e5676ecfc6956ee9/0.ts
  • https://r3---sn-vgqsrn66.googlevideo.com/videoplayback?expire=1701222777&ei=-UdlZev7M9ejir4Pq52RmAQ&ip=0.0.0.0&gomv=google_1053790928596539081%2Cgoogle_3084581355319042694%2Cgoogle_8009495976067089...
227 KB
227 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://r3---sn-vgqsrn66.googlevideo.com/videoplayback?expire=1701222777&ei=-UdlZev7M9ejir4Pq52RmAQ&ip=0.0.0.0&gomv=google_1053790928596539081%2Cgoogle_3084581355319042694%2Cgoogle_8009495976067089511%2Cgoogle_9081477706638390454%2Cgoogle_4352406798680671331&goc=13&requiressl=yes&ogomt=-5100,-4100,-3100,-2100,-1100,-100&mime=video/MP2T&sgovp=gir%3Dyes%3Bitag%3D340%3Bxtags%3Dvc%3Davc%3Avccf%3Dmain%3Avfr%3D29.97%3Avsz%3D320x180%3Avtbr%3D160%3Bclen%3D614378%3Bdur%3D30030%3Blmt%3D1695731641307828&itag=340&nc=8264&ogoms=dRxwMlk6P2yVgO_OSlZjwg&faskm=468&fvskm=150&acao=yes&ogomk=hk1&gomt=100%2C7507%2C14765%2C22522%2C29030&sgoap=gir%3Dyes%3Bitag%3D340%3Bxtags%3Dac%3Daac%3Aaccf%3Dlc%3Aach%3D2%3Aasr%3D48000%3Aatbr%3D128%3Bclen%3D488599%3Bdur%3D30080%3Blmt%3D1695731620829872&ctier=L&source=dclk_video_ads&id=cfc512097d242da6&susc=dvc&xpc=Eghovf3BOnoBAQ==&sparams=expire,ei,ip,gomv,goc,requiressl,ogomt,mime,sgovp,itag,ogoms,faskm,fvskm,acao,ogomk,gomt,sgoap,ctier,source,id,susc,xpc&sig=ANLwegAwRQIhAJEk5Uyu8NEdEHhRw0gtGhRr_SqvdYIlkSmQlMoHqBrbAiBrq4RVrOyvacRS52IdWWOhbbSsVXUut72Fgb7CZg1XCw==&mh=N2&mip=2600:803:a88:1134::134&mm=34&mn=sn-vgqsrn66&ms=ltu&mt=1701135529&mv=u&mvi=3&pl=58&rmhost=r4---sn-vgqsrn66.googlevideo.com&shardbypass=md-default&smhost=r5---sn-vgqsrn67.googlevideo.com&lsparams=mh,mip,mm,mn,ms,mv,mvi,pl,rmhost,shardbypass,smhost&lsig=AM8Gb2swRgIhAPTrj7pKu19a4FWaKsZc1RW1J3p1xJy-EuDRjbS4H4V5AiEAg2NaSSR5Jf4nfDtmK0lvX1nCWXYbfPn9XEObj1WoSeU%3D&fvidshow=150&fvidskip=0&govp=slices%3D0-102659&faudshow=235&faudskip=0&goap=slices%3D0-162802&ogomm=6000&cpn=JWs4_Y7ZQYiPFQgc
Protocol
H3
Server
2607:f8b0:4009:2e::8 Bolingbrook, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gvs 1.0 /
Resource Hash
368e449cd700e2dce075c6901039a8107cc4ecbfa84af93304fe5875c7321d3d
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cbsnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

client-protocol
quic
date
Tue, 28 Nov 2023 01:52:59 GMT
x-content-type-options
nosniff
last-modified
Tue, 26 Sep 2023 12:34:01 GMT
server
gvs 1.0
vary
Origin
content-type
video/MP2T
access-control-allow-origin
null
access-control-expose-headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control
private, max-age=86098
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
null
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
expires
Tue, 28 Nov 2023 01:52:59 GMT

Redirect headers

date
Tue, 28 Nov 2023 01:52:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23
x-xss-protection
0
pragma
no-cache
x-frame-options
SAMEORIGIN
content-type
, text/html; charset=UTF-8, text/html; charset=UTF-8
access-control-allow-origin
https://www.cbsnews.com
location
https://r3---sn-vgqsrn66.googlevideo.com/videoplayback?expire=1701222777&ei=-UdlZev7M9ejir4Pq52RmAQ&ip=0.0.0.0&gomv=google_1053790928596539081%2Cgoogle_3084581355319042694%2Cgoogle_8009495976067089511%2Cgoogle_9081477706638390454%2Cgoogle_4352406798680671331&goc=13&requiressl=yes&ogomt=-5100,-4100,-3100,-2100,-1100,-100&mime=video/MP2T&sgovp=gir%3Dyes%3Bitag%3D340%3Bxtags%3Dvc%3Davc%3Avccf%3Dmain%3Avfr%3D29.97%3Avsz%3D320x180%3Avtbr%3D160%3Bclen%3D614378%3Bdur%3D30030%3Blmt%3D1695731641307828&itag=340&nc=8264&ogoms=dRxwMlk6P2yVgO_OSlZjwg&faskm=468&fvskm=150&acao=yes&ogomk=hk1&gomt=100%2C7507%2C14765%2C22522%2C29030&sgoap=gir%3Dyes%3Bitag%3D340%3Bxtags%3Dac%3Daac%3Aaccf%3Dlc%3Aach%3D2%3Aasr%3D48000%3Aatbr%3D128%3Bclen%3D488599%3Bdur%3D30080%3Blmt%3D1695731620829872&ctier=L&source=dclk_video_ads&id=cfc512097d242da6&susc=dvc&xpc=Eghovf3BOnoBAQ==&sparams=expire,ei,ip,gomv,goc,requiressl,ogomt,mime,sgovp,itag,ogoms,faskm,fvskm,acao,ogomk,gomt,sgoap,ctier,source,id,susc,xpc&sig=ANLwegAwRQIhAJEk5Uyu8NEdEHhRw0gtGhRr_SqvdYIlkSmQlMoHqBrbAiBrq4RVrOyvacRS52IdWWOhbbSsVXUut72Fgb7CZg1XCw==&mh=N2&mip=2600:803:a88:1134::134&mm=34&mn=sn-vgqsrn66&ms=ltu&mt=1701135529&mv=u&mvi=3&pl=58&rmhost=r4---sn-vgqsrn66.googlevideo.com&shardbypass=md-default&smhost=r5---sn-vgqsrn67.googlevideo.com&lsparams=mh,mip,mm,mn,ms,mv,mvi,pl,rmhost,shardbypass,smhost&lsig=AM8Gb2swRgIhAPTrj7pKu19a4FWaKsZc1RW1J3p1xJy-EuDRjbS4H4V5AiEAg2NaSSR5Jf4nfDtmK0lvX1nCWXYbfPn9XEObj1WoSeU%3D&fvidshow=150&fvidskip=0&govp=slices%3D0-102659&faudshow=235&faudskip=0&goap=slices%3D0-162802&ogomm=6000&cpn=JWs4_Y7ZQYiPFQgc
access-control-expose-headers
Location
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Authorization
expires
Mon, 01 Jan 1990 00:00:00 GMT
wrap.js
cdn.confiant-integrations.net/gptprebidnative/202310231203/ 		264 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.confiant-integrations.net/gptprebidnative/202310231203/wrap.js
Requested by
Host: cdn.confiant-integrations.net
URL: https://cdn.confiant-integrations.net/6NAGEHPQTIMciZyoLrUIDQZlmus/gpt_and_prebid/config.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:90a6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bb4f8df5602b561c6a5247851f27cebac4099886c0f337e67e5ea9fa0f9caac8

Request headers

accept-language
en-US,en;q=0.9
Referer
https://213.238.171.129.sslip.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 01:52:59 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 23 Oct 2023 16:04:16 GMT
server
cloudflare
x-amz-request-id
A2JK2CCYFA1HS2P1
age
493260
etag
W/"866ce4ef9ef41c261f6060e4f642bb88"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
cf-ray
82cef982be5032c6-PHL
alt-svc
h3=":443"; ma=86400
x-amz-id-2
Dg8kGZ94LfmzUarJqrmrP/zxKQogmtP5Tz4EHQdKv0B8lOFq6K8BrHR3bsjT4KFdHv+ELeDFFsPdQI6EllaQyQ==
sessions
cbsnews.hb-api.omtrdc.net/api/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://cbsnews.hb-api.omtrdc.net/api/v1/sessions
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
63.140.38.128 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ip-63-140-38-128.data.adobedc.net
Software
jag /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.cbsnews.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-headers
X-Adobe-AEP-Validation-Token, Content-Type, Content-Length, Host, Referer, User-Agent
access-control-allow-methods
POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, max-age=0, no-transform, private
content-length
2
content-type
text/plain; charset=UTF-8
date
Tue, 28 Nov 2023 01:52:58 GMT
server
jag
x-content-type-options
nosniff
x-xss-protection
1; mode=block
sessions
cbsnews.hb-api.omtrdc.net/api/v1/ Frame 0C7C 		76 B
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cbsnews.hb-api.omtrdc.net/api/v1/sessions
Requested by
Host: tealium.cbsnews.com
URL: https://tealium.cbsnews.com/site/prod/utag.js?v=202309221625
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
63.140.38.128 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ip-63-140-38-128.data.adobedc.net
Software
jag /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.cbsnews.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-type
application/json

Response headers

date
Tue, 28 Nov 2023 01:52:59 GMT
x-content-type-options
nosniff
server
jag
content-type
text/plain; charset=UTF-8
access-control-allow-origin
*
location
/api/v1/sessions/9a0623762b4ebe4f9f74588b7de91314c81d3eee66ac9949c59449b762eec2fa
access-control-expose-headers
Location
cache-control
no-cache, no-store, max-age=0, no-transform, private
content-length
76
x-xss-protection
1; mode=block
/
247eda56317d1549491233a36.litix.io/ Frame 0C7C 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://247eda56317d1549491233a36.litix.io/
Requested by
Host: tealium.cbsnews.com
URL: https://tealium.cbsnews.com/site/prod/utag.js?v=202309221625
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.196.227.84 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-196-227-84.compute-1.amazonaws.com
Software
envoy /
Resource Hash

Request headers

Referer
https://www.cbsnews.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
*
date
Tue, 28 Nov 2023 01:52:59 GMT
x-envoy-upstream-service-time
0
server
envoy
content-length
0
access-control-allow-methods
POST, GET
u
dmp.v.fwmrm.net/ad/ Frame 5F33 		0
460 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmp.v.fwmrm.net/ad/u?mode=echo&cr=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D796%26dpuuid%3D%23%7Buser.id%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f16:e61:3f01:a4e3:c039:b71b:e458 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://cbsi.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 28 Nov 2023 01:52:59 GMT
X-Fw-Request-Id
umo0447_1701136379894429821
Content-Type
text/html
P3P
policyref="https://www.freewheel.tv/w3c/p3p.xml",CP="ALL DSP COR NID"
Cache-Control
no-store
Connection
keep-alive
Keep-Alive
timeout=300
Content-Length
0
Expires
0
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.92.156.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-92-156-8.compute-1.amazonaws.com
Software
ATS/9.1.10.90 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://213.238.171.129.sslip.io
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://213.238.171.129.sslip.io
access-control-max-age
600
age
0
content-length
0
date
Tue, 28 Nov 2023 01:53:00 GMT
server
ATS/9.1.10.90
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.92.156.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-92-156-8.compute-1.amazonaws.com
Software
ATS/9.1.10.90 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://213.238.171.129.sslip.io
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://213.238.171.129.sslip.io
access-control-max-age
600
age
0
content-length
0
date
Tue, 28 Nov 2023 01:53:00 GMT
server
ATS/9.1.10.90
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.92.156.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-92-156-8.compute-1.amazonaws.com
Software
ATS/9.1.10.90 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://213.238.171.129.sslip.io
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://213.238.171.129.sslip.io
access-control-max-age
600
age
0
content-length
0
date
Tue, 28 Nov 2023 01:53:00 GMT
server
ATS/9.1.10.90
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.92.156.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-92-156-8.compute-1.amazonaws.com
Software
ATS/9.1.10.90 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://213.238.171.129.sslip.io
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://213.238.171.129.sslip.io
access-control-max-age
600
age
0
content-length
0
date
Tue, 28 Nov 2023 01:53:00 GMT
server
ATS/9.1.10.90
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.92.156.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-92-156-8.compute-1.amazonaws.com
Software
ATS/9.1.10.90 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://213.238.171.129.sslip.io
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://213.238.171.129.sslip.io
access-control-max-age
600
age
0
content-length
0
date
Tue, 28 Nov 2023 01:53:00 GMT
server
ATS/9.1.10.90
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.92.156.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-92-156-8.compute-1.amazonaws.com
Software
ATS/9.1.10.90 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://213.238.171.129.sslip.io
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://213.238.171.129.sslip.io
access-control-max-age
600
age
0
content-length
0
date
Tue, 28 Nov 2023 01:53:00 GMT
server
ATS/9.1.10.90
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.92.156.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-92-156-8.compute-1.amazonaws.com
Software
ATS/9.1.10.90 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://213.238.171.129.sslip.io
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://213.238.171.129.sslip.io
access-control-max-age
600
age
0
content-length
0
date
Tue, 28 Nov 2023 01:53:00 GMT
server
ATS/9.1.10.90
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.92.156.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-92-156-8.compute-1.amazonaws.com
Software
ATS/9.1.10.90 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://213.238.171.129.sslip.io
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://213.238.171.129.sslip.io
access-control-max-age
600
age
0
content-length
0
date
Tue, 28 Nov 2023 01:53:00 GMT
server
ATS/9.1.10.90
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.92.156.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-92-156-8.compute-1.amazonaws.com
Software
ATS/9.1.10.90 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://213.238.171.129.sslip.io
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://213.238.171.129.sslip.io
access-control-max-age
600
age
0
content-length
0
date
Tue, 28 Nov 2023 01:53:00 GMT
server
ATS/9.1.10.90
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.92.156.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-92-156-8.compute-1.amazonaws.com
Software
ATS/9.1.10.90 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://213.238.171.129.sslip.io
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://213.238.171.129.sslip.io
access-control-max-age
600
age
0
content-length
0
date
Tue, 28 Nov 2023 01:53:00 GMT
server
ATS/9.1.10.90
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.92.156.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-92-156-8.compute-1.amazonaws.com
Software
ATS/9.1.10.90 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://213.238.171.129.sslip.io
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://213.238.171.129.sslip.io
access-control-max-age
600
age
0
content-length
0
date
Tue, 28 Nov 2023 01:53:00 GMT
server
ATS/9.1.10.90
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.92.156.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-92-156-8.compute-1.amazonaws.com
Software
ATS/9.1.10.90 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://213.238.171.129.sslip.io
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://213.238.171.129.sslip.io
access-control-max-age
600
age
0
content-length
0
date
Tue, 28 Nov 2023 01:53:00 GMT
server
ATS/9.1.10.90
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.92.156.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-92-156-8.compute-1.amazonaws.com
Software
ATS/9.1.10.90 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://213.238.171.129.sslip.io
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://213.238.171.129.sslip.io
access-control-max-age
600
age
0
content-length
0
date
Tue, 28 Nov 2023 01:53:00 GMT
server
ATS/9.1.10.90
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.92.156.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-92-156-8.compute-1.amazonaws.com
Software
ATS/9.1.10.90 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://213.238.171.129.sslip.io
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://213.238.171.129.sslip.io
access-control-max-age
600
age
0
content-length
0
date
Tue, 28 Nov 2023 01:53:00 GMT
server
ATS/9.1.10.90
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.92.156.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-92-156-8.compute-1.amazonaws.com
Software
ATS/9.1.10.90 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://213.238.171.129.sslip.io
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://213.238.171.129.sslip.io
access-control-max-age
600
age
0
content-length
0
date
Tue, 28 Nov 2023 01:53:00 GMT
server
ATS/9.1.10.90
bidRequest
c2shb.pubgw.yahoo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.92.156.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-92-156-8.compute-1.amazonaws.com
Software
ATS/9.1.10.90 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://213.238.171.129.sslip.io
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://213.238.171.129.sslip.io
access-control-max-age
600
age
0
content-length
0
date
Tue, 28 Nov 2023 01:53:00 GMT
server
ATS/9.1.10.90
sync.js
sync.getpublica.com/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sync.getpublica.com/sync.js
Requested by
Host: at.cbsi.com
URL: https://at.cbsi.com/lib/dist/prod/bidbarrel-cbsnews.min.js?adaptive=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.124.99 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-124-99.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d62294b7e6cd4ca6ee405dcdac8f2f923d64f04e9fc19a9e9db40ffa475f9928

Request headers

accept-language
en-US,en;q=0.9
Referer
https://213.238.171.129.sslip.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 06 Nov 2023 04:50:08 GMT
content-encoding
gzip
via
1.1 eef964f7ded2584b0acfd4f410d14ff2.cloudfront.net (CloudFront)
last-modified
Fri, 03 Jun 2022 21:16:50 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P7
age
1890172
etag
W/"c4600274336851f8fba38c4fcd66d078"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=2592000, public
x-amz-cf-id
Wi2E2X4z9LrXhp1XvAE7TQTlCA_UhWlDyUx_NhVdJUix1V9ZVp8iJQ==
moatheader.js
z.moatads.com/cbsprebidheader506831276743/ 		292 KB
99 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://z.moatads.com/cbsprebidheader506831276743/moatheader.js
Requested by
Host: at.cbsi.com
URL: https://at.cbsi.com/lib/dist/prod/bidbarrel-cbsnews.min.js?adaptive=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.51.54.26 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-51-54-26.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
3c005e458f727e1f20ac2c2ebc908c4fb55cc01f1ad54adb409730f4c95ce5ad

Request headers

accept-language
en-US,en;q=0.9
Referer
https://213.238.171.129.sslip.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 01:52:59 GMT
content-encoding
gzip
last-modified
Tue, 31 Oct 2023 08:17:47 GMT
server
AmazonS3
x-amz-request-id
109JM9R0GGSQF0RX
etag
"31b465dc104f99fd2a8b216d8f6db9ce"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=19649
accept-ranges
bytes
content-length
101260
x-amz-id-2
Q311WbwsIRDzkmhNEDUDsNI2/WIuba1z0C5YbiIPhip2QGzMk0EQexGB6YWX9pDFvi4ji7YZc7VPHMwPMgJ7Vw==
apstag.js
c.amazon-adsystem.com/aax2/ 		267 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: at.cbsi.com
URL: https://at.cbsi.com/lib/dist/prod/bidbarrel-cbsnews.min.js?adaptive=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.40.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-40-125.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c484c78d502a9769494d9fe87c9a826618b36fd60b567dee2cfa0f4e9163d79d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://213.238.171.129.sslip.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 01:21:21 GMT
content-encoding
gzip
via
1.1 368146333bf1a1071e8432a7d4e41e1a.cloudfront.net (CloudFront), 1.1 20292965cdbba1b959488426be2ef49e.cloudfront.net (CloudFront)
last-modified
Mon, 13 Nov 2023 20:18:45 GMT
server
AmazonS3
x-amz-cf-pop
IAD89-C3, JFK52-P3
age
1899
x-amz-server-side-encryption
AES256
etag
W/"08899ab5b5f986f64974630ad47b39a1"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
x-amz-cf-id
KgT9b70LgOW9cnOqlZLR5BJEtne0X-cUxQfGEVOEHUb6b0T2cBC4Bg==
bidbarrel
fms.viacomcbs.digital/lookup/ 		166 B
263 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://fms.viacomcbs.digital/lookup/bidbarrel
Requested by
Host: at.cbsi.com
URL: https://at.cbsi.com/lib/dist/prod/bidbarrel-cbsnews.min.js?adaptive=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:9000::b857:ad50 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
652f3fe8163b40346a568ec544a51dc10c558d972876ff5859298ea286a73e56

Request headers

Referer
https://213.238.171.129.sslip.io/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Tue, 28 Nov 2023 01:52:59 GMT
cache-control
private,max-age=43200
content-length
166
vary
Origin
content-type
application/json
bidbarrel
fms.viacomcbs.digital/lookup/ 		166 B
263 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://fms.viacomcbs.digital/lookup/bidbarrel
Requested by
Host: at.cbsi.com
URL: https://at.cbsi.com/lib/dist/prod/bidbarrel-cbsnews.min.js?adaptive=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:9000::b857:ad50 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
706005f8f4cdf3d33ce240712a260cc822459b98c6733f72702184e33b25c94c

Request headers

Referer
https://213.238.171.129.sslip.io/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Tue, 28 Nov 2023 01:52:59 GMT
cache-control
private,max-age=43200
content-length
166
vary
Origin
content-type
application/json
bidbarrel
fms.viacomcbs.digital/lookup/ 		166 B
263 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://fms.viacomcbs.digital/lookup/bidbarrel
Requested by
Host: at.cbsi.com
URL: https://at.cbsi.com/lib/dist/prod/bidbarrel-cbsnews.min.js?adaptive=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:9000::b857:ad50 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
40d773710d685e5f0110e8b34418a6845ab85fa00e883743cb8ee6bd80e5ebde

Request headers

Referer
https://213.238.171.129.sslip.io/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Tue, 28 Nov 2023 01:52:59 GMT
cache-control
private,max-age=43200
content-length
166
vary
Origin
content-type
application/json
bidbarrel
fms.viacomcbs.digital/lookup/ 		166 B
263 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://fms.viacomcbs.digital/lookup/bidbarrel
Requested by
Host: at.cbsi.com
URL: https://at.cbsi.com/lib/dist/prod/bidbarrel-cbsnews.min.js?adaptive=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:9000::b857:ad50 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
842afd38c5e89bde9cc5a3d817894bed6c8b190427cb748bd29eda4b400ca56d

Request headers

Referer
https://213.238.171.129.sslip.io/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Tue, 28 Nov 2023 01:52:59 GMT
cache-control
private,max-age=43200
content-length
166
vary
Origin
content-type
application/json
cookie_sync
pbs.at.cbsi.com/ 		2 KB
895 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pbs.at.cbsi.com/cookie_sync
Requested by
Host: at.cbsi.com
URL: https://at.cbsi.com/lib/dist/prod/bidbarrel-cbsnews.min.js?adaptive=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.75.29.188 Ashburn, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
f4964194db405b7e9f6de68f7adba39a64b3ce864da9b8f44256c4f1dc5fa90d

Request headers

Referer
https://213.238.171.129.sslip.io/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
content-type
text/plain

Response headers

x-cache-hits
0
date
Tue, 28 Nov 2023 01:52:59 GMT
content-encoding
gzip
via
1.1 varnish
x-cache
MISS
content-length
619
x-served-by
cache-iad-kiad7000034-IAD
pragma
no-cache
x-timer
S1701136380.828468,VS0,VE6
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://213.238.171.129.sslip.io
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
accept-ranges
bytes
expires
0
auction
pbs.at.cbsi.com/openrtb2/ 		231 B
286 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pbs.at.cbsi.com/openrtb2/auction
Requested by
Host: at.cbsi.com
URL: https://at.cbsi.com/lib/dist/prod/bidbarrel-cbsnews.min.js?adaptive=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.75.29.188 Ashburn, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
93edc33aa2a6e807ec4c13f270703bb3fba72a251eb6decffec3c49a184db3ea

Request headers

Referer
https://213.238.171.129.sslip.io/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
content-type
text/plain

Response headers

x-cache-hits
0
date
Tue, 28 Nov 2023 01:52:59 GMT
content-encoding
gzip
via
1.1 varnish
x-prebid
pbs-java/1.123.0
x-cache
MISS
content-length
202
x-served-by
cache-iad-kiad7000034-IAD
pragma
no-cache
x-timer
S1701136380.832224,VS0,VE123
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://213.238.171.129.sslip.io
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
accept-ranges
bytes
expires
0
prebid
ib.adnxs.com/ut/v3/ 		19 B
588 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: at.cbsi.com
URL: https://at.cbsi.com/lib/dist/prod/bidbarrel-cbsnews.min.js?adaptive=true
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.114 Brooklyn, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
672.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://213.238.171.129.sslip.io/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Tue, 28 Nov 2023 01:52:59 GMT
an-x-request-uuid
03824aa7-39ca-4f8b-9f25-2a727f2fa693
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://213.238.171.129.sslip.io
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
206.66.96.134; 206.66.96.134; 672.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
19
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
prebid
ib.adnxs.com/ut/v3/ 		19 B
587 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: at.cbsi.com
URL: https://at.cbsi.com/lib/dist/prod/bidbarrel-cbsnews.min.js?adaptive=true
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.114 Brooklyn, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
672.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://213.238.171.129.sslip.io/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Tue, 28 Nov 2023 01:52:59 GMT
an-x-request-uuid
cf1e3491-2024-4d48-91ef-4c2bb2cf9453
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://213.238.171.129.sslip.io
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
206.66.96.134; 206.66.96.134; 672.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
19
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
translator
hbopenbid.pubmatic.com/ 		0
122 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: at.cbsi.com
URL: https://at.cbsi.com/lib/dist/prod/bidbarrel-cbsnews.min.js?adaptive=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.111 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://213.238.171.129.sslip.io/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://213.238.171.129.sslip.io
date
Tue, 28 Nov 2023 01:53:00 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
bid-request
a.teads.tv/hb/ 		16 B
621 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/hb/bid-request
Requested by
Host: at.cbsi.com
URL: https://at.cbsi.com/lib/dist/prod/bidbarrel-cbsnews.min.js?adaptive=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.195.93.95 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-93-95.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Request headers

Referer
https://213.238.171.129.sslip.io/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Tue, 28 Nov 2023 01:53:00 GMT
content-encoding
gzip
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://213.238.171.129.sslip.io
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
42
expires
Tue, 28 Nov 2023 01:53:00 GMT
hbjson
grid.bidswitch.net/ 		24 B
375 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://grid.bidswitch.net/hbjson?sp=trustx
Requested by
Host: at.cbsi.com
URL: https://at.cbsi.com/lib/dist/prod/bidbarrel-cbsnews.min.js?adaptive=true
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.211.178.18 North Charleston, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS
18.178.211.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
477632be17a38eae5765b373d3f9fbbee93dca6f0afffa1815079a5383c77267

Request headers

Referer
https://213.238.171.129.sslip.io/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
content-type
text/plain

Response headers

Date
Tue, 28 Nov 2023 01:53:00 GMT
Content-Encoding
gzip
Server
nginx
Content-Type
application/json
access-control-allow-origin
https://213.238.171.129.sslip.io
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
49
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
517 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: at.cbsi.com
URL: https://at.cbsi.com/lib/dist/prod/bidbarrel-cbsnews.min.js?adaptive=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.92.156.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-92-156-8.compute-1.amazonaws.com
Software
ATS/9.1.10.90 /
Resource Hash
c99655d3c0d749e481197148fe082333bf7b1df05cbe0c29abec474448587f9b

Request headers

Referer
https://213.238.171.129.sslip.io/
x-openrtb-version
2.5
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
content-type
application/json

Response headers

date
Tue, 28 Nov 2023 01:53:00 GMT
content-encoding
gzip
server
ATS/9.1.10.90
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://213.238.171.129.sslip.io
access-control-allow-credentials
true
content-length
84
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
117 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: at.cbsi.com
URL: https://at.cbsi.com/lib/dist/prod/bidbarrel-cbsnews.min.js?adaptive=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.92.156.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-92-156-8.compute-1.amazonaws.com
Software
ATS/9.1.10.90 /
Resource Hash
de3f1fd55183c58e7acd6c0d39b0e223410844a8beadfaa7ed7bec0f5c391009

Request headers

Referer
https://213.238.171.129.sslip.io/
x-openrtb-version
2.5
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
content-type
application/json

Response headers

date
Tue, 28 Nov 2023 01:53:00 GMT
content-encoding
gzip
server
ATS/9.1.10.90
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://213.238.171.129.sslip.io
access-control-allow-credentials
true
content-length
84
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
117 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: at.cbsi.com
URL: https://at.cbsi.com/lib/dist/prod/bidbarrel-cbsnews.min.js?adaptive=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.92.156.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-92-156-8.compute-1.amazonaws.com
Software
ATS/9.1.10.90 /
Resource Hash
d0b37cfd14e3aec021486af8b65494ec54bbf5bc67858e993d122a4816e36474

Request headers

Referer
https://213.238.171.129.sslip.io/
x-openrtb-version
2.5
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
content-type
application/json

Response headers

date
Tue, 28 Nov 2023 01:53:00 GMT
content-encoding
gzip
server
ATS/9.1.10.90
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://213.238.171.129.sslip.io
access-control-allow-credentials
true
content-length
84
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
117 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: at.cbsi.com
URL: https://at.cbsi.com/lib/dist/prod/bidbarrel-cbsnews.min.js?adaptive=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.92.156.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-92-156-8.compute-1.amazonaws.com
Software
ATS/9.1.10.90 /
Resource Hash
02354ab81dd4d561793d8047f145e2dba45d02f0d1f965e4922bf1af968a9fa0

Request headers

Referer
https://213.238.171.129.sslip.io/
x-openrtb-version
2.5
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
content-type
application/json

Response headers

date
Tue, 28 Nov 2023 01:53:00 GMT
content-encoding
gzip
server
ATS/9.1.10.90
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://213.238.171.129.sslip.io
access-control-allow-credentials
true
content-length
84
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
117 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: at.cbsi.com
URL: https://at.cbsi.com/lib/dist/prod/bidbarrel-cbsnews.min.js?adaptive=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.92.156.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-92-156-8.compute-1.amazonaws.com
Software
ATS/9.1.10.90 /
Resource Hash
88f5f53e57a59458f8b86cff6ef47de533eb4cc402cfa730c069ed2b1d71f5bc

Request headers

Referer
https://213.238.171.129.sslip.io/
x-openrtb-version
2.5
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
content-type
application/json

Response headers

date
Tue, 28 Nov 2023 01:53:00 GMT
content-encoding
gzip
server
ATS/9.1.10.90
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://213.238.171.129.sslip.io
access-control-allow-credentials
true
content-length
84
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
117 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: at.cbsi.com
URL: https://at.cbsi.com/lib/dist/prod/bidbarrel-cbsnews.min.js?adaptive=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.92.156.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-92-156-8.compute-1.amazonaws.com
Software
ATS/9.1.10.90 /
Resource Hash
e4dc0968cca7489a3a425f15c614505c9cb104e60c7ca20c53d18aed3a732a7c

Request headers

Referer
https://213.238.171.129.sslip.io/
x-openrtb-version
2.5
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
content-type
application/json

Response headers

date
Tue, 28 Nov 2023 01:53:00 GMT
content-encoding
gzip
server
ATS/9.1.10.90
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://213.238.171.129.sslip.io
access-control-allow-credentials
true
content-length
84
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
117 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: at.cbsi.com
URL: https://at.cbsi.com/lib/dist/prod/bidbarrel-cbsnews.min.js?adaptive=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.92.156.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-92-156-8.compute-1.amazonaws.com
Software
ATS/9.1.10.90 /
Resource Hash
52e30df32b375bff5e687ede5efb71c3ce472e2f0972c473e9cc22e9a2270f5a

Request headers

Referer
https://213.238.171.129.sslip.io/
x-openrtb-version
2.5
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
content-type
application/json

Response headers

date
Tue, 28 Nov 2023 01:53:00 GMT
content-encoding
gzip
server
ATS/9.1.10.90
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://213.238.171.129.sslip.io
access-control-allow-credentials
true
content-length
84
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
117 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: at.cbsi.com
URL: https://at.cbsi.com/lib/dist/prod/bidbarrel-cbsnews.min.js?adaptive=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.92.156.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-92-156-8.compute-1.amazonaws.com
Software
ATS/9.1.10.90 /
Resource Hash
232113364085d2c055b72681d134ad7ebccd42bbf6296f457c19ee9c7a38de25

Request headers

Referer
https://213.238.171.129.sslip.io/
x-openrtb-version
2.5
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
content-type
application/json

Response headers

date
Tue, 28 Nov 2023 01:53:00 GMT
content-encoding
gzip
server
ATS/9.1.10.90
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://213.238.171.129.sslip.io
access-control-allow-credentials
true
content-length
84
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
117 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: at.cbsi.com
URL: https://at.cbsi.com/lib/dist/prod/bidbarrel-cbsnews.min.js?adaptive=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.92.156.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-92-156-8.compute-1.amazonaws.com
Software
ATS/9.1.10.90 /
Resource Hash
715f4e1d00916a45781e00854e9181988c097046f4c586ef595bca19deed87bd

Request headers

Referer
https://213.238.171.129.sslip.io/
x-openrtb-version
2.5
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
content-type
application/json

Response headers

date
Tue, 28 Nov 2023 01:53:00 GMT
content-encoding
gzip
server
ATS/9.1.10.90
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://213.238.171.129.sslip.io
access-control-allow-credentials
true
content-length
84
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
119 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: at.cbsi.com
URL: https://at.cbsi.com/lib/dist/prod/bidbarrel-cbsnews.min.js?adaptive=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.92.156.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-92-156-8.compute-1.amazonaws.com
Software
ATS/9.1.10.90 /
Resource Hash
99473bf996a68e748ab54b8735f92bb3422763e4383d7e4c6b430fcc3d61bafd

Request headers

Referer
https://213.238.171.129.sslip.io/
x-openrtb-version
2.5
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
content-type
application/json

Response headers

date
Tue, 28 Nov 2023 01:53:00 GMT
content-encoding
gzip
server
ATS/9.1.10.90
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://213.238.171.129.sslip.io
access-control-allow-credentials
true
content-length
83
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
117 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: at.cbsi.com
URL: https://at.cbsi.com/lib/dist/prod/bidbarrel-cbsnews.min.js?adaptive=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.92.156.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-92-156-8.compute-1.amazonaws.com
Software
ATS/9.1.10.90 /
Resource Hash
a7ee5a6a51288ea6e0b7e24df57edbec355b3f754daa94a296dad2702b906c58

Request headers

Referer
https://213.238.171.129.sslip.io/
x-openrtb-version
2.5
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
content-type
application/json

Response headers

date
Tue, 28 Nov 2023 01:53:00 GMT
content-encoding
gzip
server
ATS/9.1.10.90
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://213.238.171.129.sslip.io
access-control-allow-credentials
true
content-length
84
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
117 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: at.cbsi.com
URL: https://at.cbsi.com/lib/dist/prod/bidbarrel-cbsnews.min.js?adaptive=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.92.156.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-92-156-8.compute-1.amazonaws.com
Software
ATS/9.1.10.90 /
Resource Hash
6cd215a02f11740bc1c877114be7ff375523da28b8ed3e5cecf2333517c8a3b6

Request headers

Referer
https://213.238.171.129.sslip.io/
x-openrtb-version
2.5
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
content-type
application/json

Response headers

date
Tue, 28 Nov 2023 01:53:00 GMT
content-encoding
gzip
server
ATS/9.1.10.90
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://213.238.171.129.sslip.io
access-control-allow-credentials
true
content-length
84
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
117 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: at.cbsi.com
URL: https://at.cbsi.com/lib/dist/prod/bidbarrel-cbsnews.min.js?adaptive=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.92.156.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-92-156-8.compute-1.amazonaws.com
Software
ATS/9.1.10.90 /
Resource Hash
eb8348c69f7b606d9cfeb3817f11762ec900db130c405f84a0891dc452e936a4

Request headers

Referer
https://213.238.171.129.sslip.io/
x-openrtb-version
2.5
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
content-type
application/json

Response headers

date
Tue, 28 Nov 2023 01:53:00 GMT
content-encoding
gzip
server
ATS/9.1.10.90
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://213.238.171.129.sslip.io
access-control-allow-credentials
true
content-length
84
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
117 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: at.cbsi.com
URL: https://at.cbsi.com/lib/dist/prod/bidbarrel-cbsnews.min.js?adaptive=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.92.156.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-92-156-8.compute-1.amazonaws.com
Software
ATS/9.1.10.90 /
Resource Hash
af20fc35e31f29999a16220aff96dbe14f14c263fb8e6946ccac76887e97c0aa

Request headers

Referer
https://213.238.171.129.sslip.io/
x-openrtb-version
2.5
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
content-type
application/json

Response headers

date
Tue, 28 Nov 2023 01:53:00 GMT
content-encoding
gzip
server
ATS/9.1.10.90
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://213.238.171.129.sslip.io
access-control-allow-credentials
true
content-length
84
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
117 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: at.cbsi.com
URL: https://at.cbsi.com/lib/dist/prod/bidbarrel-cbsnews.min.js?adaptive=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.92.156.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-92-156-8.compute-1.amazonaws.com
Software
ATS/9.1.10.90 /
Resource Hash
d98d889ce3d9e25fe760cb36d947c5b22df8836a3e8a0bb706c3a511f676f944

Request headers

Referer
https://213.238.171.129.sslip.io/
x-openrtb-version
2.5
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
content-type
application/json

Response headers

date
Tue, 28 Nov 2023 01:53:00 GMT
content-encoding
gzip
server
ATS/9.1.10.90
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://213.238.171.129.sslip.io
access-control-allow-credentials
true
content-length
84
bidRequest
c2shb.pubgw.yahoo.com/ 		66 B
117 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/bidRequest
Requested by
Host: at.cbsi.com
URL: https://at.cbsi.com/lib/dist/prod/bidbarrel-cbsnews.min.js?adaptive=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.92.156.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-92-156-8.compute-1.amazonaws.com
Software
ATS/9.1.10.90 /
Resource Hash
076e818b0b6e9c662c708f1ad9c4363d2cdb0e7a0b606e4a257731fc34c23bf6

Request headers

Referer
https://213.238.171.129.sslip.io/
x-openrtb-version
2.5
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
content-type
application/json

Response headers

date
Tue, 28 Nov 2023 01:53:00 GMT
content-encoding
gzip
server
ATS/9.1.10.90
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://213.238.171.129.sslip.io
access-control-allow-credentials
true
content-length
84
trinity.json
apex.go.sonobi.com/ 		669 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%22%2F8264%2Faw-cbsnews%2Fmpu-flex-top%7C129c49bd87fc1a7e%22%3A%22300x250%2C11x11%7Cf%3D0.5%2Cgpid%3D%2F8264%2Faw-cbsnews%2Fhome%23mpu-flex-top%2Cc%3Dd%2C%22%2C%22%2F8264%2Faw-cbsnews%2Fmpu-flex-inc2%7C130ed10fff78e37e%22%3A%22300x250%2C11x11%7Cf%3D0.5%2Cgpid%3D%2F8264%2Faw-cbsnews%2Fhome%23mpu-flex-inc2%2Cc%3Dd%2C%22%2C%22%2F8264%2Faw-cbsnews%2Fleader-plus-top%7C131bc29f92b4594b%22%3A%22728x90%2C970x250%7Cf%3D0.5%2Cgpid%3D%2F8264%2Faw-cbsnews%2Fhome%23leader-plus-top%2Cc%3Dd%2C%22%2C%22%2F8264%2Faw-cbsnews%2Fmpu-flex-inc3%7C132c886db337feab%22%3A%22300x250%2C11x11%7Cf%3D0.5%2Cgpid%3D%2F8264%2Faw-cbsnews%2Fhome%23mpu-flex-inc3%2Cc%3Dd%2C%22%2C%22%2F8264%2Faw-cbsnews%2Fleader-plus-inc2%7C133cb52a37ffb76%22%3A%22728x90%2C970x250%7Cf%3D0.5%2Cgpid%3D%2F8264%2Faw-cbsnews%2Fhome%23leader-plus-inc2%2Cc%3Dd%2C%22%2C%22%2F8264%2Faw-cbsnews%2Fleader-plus-inc3%7C1345ca086bee9fe5%22%3A%22728x90%2C970x250%7Cf%3D0.5%2Cgpid%3D%2F8264%2Faw-cbsnews%2Fhome%23leader-plus-inc3%2Cc%3Dd%2C%22%2C%22%2F8264%2Faw-cbsnews%2Fmpu-flex-inc4%7C1351e59311356be7%22%3A%22300x250%2C11x11%7Cf%3D0.5%2Cgpid%3D%2F8264%2Faw-cbsnews%2Fhome%23mpu-flex-inc4%2Cc%3Dd%2C%22%2C%22%2F8264%2Faw-cbsnews%2Fleader-plus-inc4%7C136ef9e255acf671%22%3A%22728x90%2C970x250%7Cf%3D0.5%2Cgpid%3D%2F8264%2Faw-cbsnews%2Fhome%23leader-plus-inc4%2Cc%3Dd%2C%22%2C%22%2F8264%2Faw-cbsnews%2Fmpu-flex-inc5%7C1378db7a0f8e198d%22%3A%22300x250%2C11x11%7Cf%3D0.5%2Cgpid%3D%2F8264%2Faw-cbsnews%2Fhome%23mpu-flex-inc5%2Cc%3Dd%2C%22%2C%22%2F8264%2Faw-cbsnews%2Fleader-plus-inc5%7C13866c2da09d6dd3%22%3A%22728x90%2C970x250%7Cf%3D0.5%2Cgpid%3D%2F8264%2Faw-cbsnews%2Fhome%23leader-plus-inc5%2Cc%3Dd%2C%22%2C%22%2F8264%2Faw-cbsnews%2Fmpu-flex-inc6%7C139d85022664a5a6%22%3A%22300x250%2C11x11%7Cf%3D0.5%2Cgpid%3D%2F8264%2Faw-cbsnews%2Fhome%23mpu-flex-inc6%2Cc%3Dd%2C%22%7D&ref=https%3A%2F%2F213.238.171.129.sslip.io%2F&s=c41d9a87-034e-4fde-9a6f-bab373d5a83d&pv=50936196-5b37-4288-9af7-3f399c7bb899&vp=desktop&lib_name=prebid&lib_v=8.20.0&us=5&iqid=%7B%22pcid%22%3A%220928c1cc-ec83-4170-a19c-a72f38b8d19e%22%2C%22pcidDate%22%3A1701136379816%7D&fpd=%7B%22source%22%3A%7B%7D%2C%22site%22%3A%7B%22domain%22%3A%22213.238.171.129.sslip.io%22%2C%22keywords%22%3A%22CBSNews%2Cbreakingnews%2Cnationalnews%2Cu.s.news%2Cworldnews%2Cnewsvideo%2Centertainmentnews%2Cpoliticalnews%2Csportsnews%2Cbusinessnews%2Ctravelnews%2Chealthnews%2Ctechnologynews%2Cfinancialnews%2Ccbsnews.com%22%2C%22publisher%22%3A%7B%22domain%22%3A%22sslip.io%22%7D%2C%22page%22%3A%22https%3A%2F%2F213.238.171.129.sslip.io%2F%22%7D%2C%22device%22%3A%7B%22w%22%3A1600%2C%22h%22%3A1200%2C%22dnt%22%3A0%2C%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F119.0.6045.159%20Safari%2F537.36%22%2C%22language%22%3A%22en%22%2C%22sua%22%3A%7B%22source%22%3A1%2C%22browsers%22%3A%5B%5D%2C%22mobile%22%3A0%7D%7D%7D&ius=0&eids=%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%221d52d2c4-845a-4f00-9b64-9499dbcd08a9%22%2C%22atype%22%3A1%7D%5D%7D%5D&kw=CBSNews%2Cbreakingnews%2Cnationalnews%2Cu.s.news%2Cworldnews%2Cnewsvideo%2Centertainmentnews%2Cpoliticalnews%2Csportsnews%2Cbusinessnews%2Ctravelnews%2Chealthnews%2Ctechnologynews%2Cfinancialnews%2Ccbsnews.com&coppa=0
Requested by
Host: at.cbsi.com
URL: https://at.cbsi.com/lib/dist/prod/bidbarrel-cbsnews.min.js?adaptive=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.166.1.64 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
36b4586090a685f70a6c00b8cef4155fe570d344004cb1ed635ba45107181323
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://213.238.171.129.sslip.io/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Tue, 28 Nov 2023 01:53:00 GMT
content-encoding
gzip
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-6-185
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
content-type
application/json
access-control-allow-origin
https://213.238.171.129.sslip.io
cache-control
no-cache, no-store, private
access-control-allow-credentials
true
tcn
Choice
content-length
278
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT
imp
g2.gumgum.com/hbid/ 		2 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?lt=1701136379818&to=600&aun=mpu-flex-top&pubcid=1d52d2c4-845a-4f00-9b64-9499dbcd08a9&gpid=%2F8264%2Faw-cbsnews%2Fhome%23mpu-flex-top&fp=0.5&fpc=USD&maxw=300&maxh=250&si=92401&pi=3&bf=300x250%2C11x11&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2F213.238.171.129.sslip.io%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%228.20.0%22%7D&ogu=https%3A%2F%2Fwww.cbsnews.com%2F&ns=10035
Requested by
Host: at.cbsi.com
URL: https://at.cbsi.com/lib/dist/prod/bidbarrel-cbsnews.min.js?adaptive=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.45.224.4 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-45-224-4.compute-1.amazonaws.com
Software
nginx /
Resource Hash
64a10cfcbf437b910b4d542dee492a82e0bc5fc02fac1c18806de65ed2bd60b9

Request headers

Referer
https://213.238.171.129.sslip.io/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Tue, 28 Nov 2023 01:53:00 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://213.238.171.129.sslip.io
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
0
imp
g2.gumgum.com/hbid/ 		2 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?lt=1701136379820&to=600&aun=mpu-flex-inc2&pubcid=1d52d2c4-845a-4f00-9b64-9499dbcd08a9&gpid=%2F8264%2Faw-cbsnews%2Fhome%23mpu-flex-inc2&fp=0.5&fpc=USD&maxw=300&maxh=250&si=92390&pi=3&bf=300x250%2C11x11&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2F213.238.171.129.sslip.io%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%228.20.0%22%7D&ogu=https%3A%2F%2Fwww.cbsnews.com%2F&ns=10035
Requested by
Host: at.cbsi.com
URL: https://at.cbsi.com/lib/dist/prod/bidbarrel-cbsnews.min.js?adaptive=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.45.224.4 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-45-224-4.compute-1.amazonaws.com
Software
nginx /
Resource Hash
baae6b668c4eb83202b9e341751fcbc803124180e275e281ae3b86b6b7196a2f

Request headers

Referer
https://213.238.171.129.sslip.io/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Tue, 28 Nov 2023 01:53:00 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://213.238.171.129.sslip.io
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
0
imp
g2.gumgum.com/hbid/ 		2 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?lt=1701136379821&to=600&aun=leader-plus-top&pubcid=1d52d2c4-845a-4f00-9b64-9499dbcd08a9&gpid=%2F8264%2Faw-cbsnews%2Fhome%23leader-plus-top&fp=0.5&fpc=USD&maxw=970&maxh=250&si=92393&pi=3&bf=728x90%2C970x250&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2F213.238.171.129.sslip.io%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%228.20.0%22%7D&ogu=https%3A%2F%2Fwww.cbsnews.com%2F&ns=10035
Requested by
Host: at.cbsi.com
URL: https://at.cbsi.com/lib/dist/prod/bidbarrel-cbsnews.min.js?adaptive=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.45.224.4 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-45-224-4.compute-1.amazonaws.com
Software
nginx /
Resource Hash
ff06dcd5e40fc7dcf398375c1c0c4b3c80601ac8111fbddd7d9a8d79b829a105

Request headers

Referer
https://213.238.171.129.sslip.io/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Tue, 28 Nov 2023 01:53:00 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://213.238.171.129.sslip.io
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
0
imp
g2.gumgum.com/hbid/ 		2 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?lt=1701136379821&to=600&aun=mpu-flex-inc3&pubcid=1d52d2c4-845a-4f00-9b64-9499dbcd08a9&gpid=%2F8264%2Faw-cbsnews%2Fhome%23mpu-flex-inc3&fp=0.5&fpc=USD&maxw=300&maxh=250&si=92390&pi=3&bf=300x250%2C11x11&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2F213.238.171.129.sslip.io%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%228.20.0%22%7D&ogu=https%3A%2F%2Fwww.cbsnews.com%2F&ns=10035
Requested by
Host: at.cbsi.com
URL: https://at.cbsi.com/lib/dist/prod/bidbarrel-cbsnews.min.js?adaptive=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.45.224.4 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-45-224-4.compute-1.amazonaws.com
Software
nginx /
Resource Hash
e14dc41636709a3b0042ec6dee5475fb3bcbeedfdc3650d836d1ca3ce336309d

Request headers

Referer
https://213.238.171.129.sslip.io/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Tue, 28 Nov 2023 01:53:00 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://213.238.171.129.sslip.io
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
0
imp
g2.gumgum.com/hbid/ 		2 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?lt=1701136379822&to=600&aun=leader-plus-inc2&pubcid=1d52d2c4-845a-4f00-9b64-9499dbcd08a9&gpid=%2F8264%2Faw-cbsnews%2Fhome%23leader-plus-inc2&fp=0.5&fpc=USD&maxw=970&maxh=250&si=92415&pi=3&bf=728x90%2C970x250&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2F213.238.171.129.sslip.io%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%228.20.0%22%7D&ogu=https%3A%2F%2Fwww.cbsnews.com%2F&ns=10035
Requested by
Host: at.cbsi.com
URL: https://at.cbsi.com/lib/dist/prod/bidbarrel-cbsnews.min.js?adaptive=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.45.224.4 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-45-224-4.compute-1.amazonaws.com
Software
nginx /
Resource Hash
cf136f094c7f82d1c0c28ad64ecfaff847f8899ecf66494c7a8ee73abda58c48

Request headers

Referer
https://213.238.171.129.sslip.io/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Tue, 28 Nov 2023 01:53:00 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://213.238.171.129.sslip.io
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
0
imp
g2.gumgum.com/hbid/ 		2 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?lt=1701136379823&to=600&aun=leader-plus-inc3&pubcid=1d52d2c4-845a-4f00-9b64-9499dbcd08a9&gpid=%2F8264%2Faw-cbsnews%2Fhome%23leader-plus-inc3&fp=0.5&fpc=USD&maxw=970&maxh=250&si=92415&pi=3&bf=728x90%2C970x250&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2F213.238.171.129.sslip.io%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%228.20.0%22%7D&ogu=https%3A%2F%2Fwww.cbsnews.com%2F&ns=10035
Requested by
Host: at.cbsi.com
URL: https://at.cbsi.com/lib/dist/prod/bidbarrel-cbsnews.min.js?adaptive=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.45.224.4 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-45-224-4.compute-1.amazonaws.com
Software
nginx /
Resource Hash
c406780834f1884eb7d3f321d022a36508d573a07e86e7e1b3f6455c4f43275b

Request headers

Referer
https://213.238.171.129.sslip.io/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Tue, 28 Nov 2023 01:53:00 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://213.238.171.129.sslip.io
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
0
imp
g2.gumgum.com/hbid/ 		2 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?lt=1701136379823&to=600&aun=mpu-flex-inc4&pubcid=1d52d2c4-845a-4f00-9b64-9499dbcd08a9&gpid=%2F8264%2Faw-cbsnews%2Fhome%23mpu-flex-inc4&fp=0.5&fpc=USD&maxw=300&maxh=250&si=92390&pi=3&bf=300x250%2C11x11&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2F213.238.171.129.sslip.io%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%228.20.0%22%7D&ogu=https%3A%2F%2Fwww.cbsnews.com%2F&ns=10035
Requested by
Host: at.cbsi.com
URL: https://at.cbsi.com/lib/dist/prod/bidbarrel-cbsnews.min.js?adaptive=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.45.224.4 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-45-224-4.compute-1.amazonaws.com
Software
nginx /
Resource Hash
0c9a2d2c121f95573bc6aba66f49b78dde2841a04a076721c69883741d231741

Request headers

Referer
https://213.238.171.129.sslip.io/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Tue, 28 Nov 2023 01:53:00 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://213.238.171.129.sslip.io
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
0
imp
g2.gumgum.com/hbid/ 		2 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?lt=1701136379824&to=600&aun=leader-plus-inc4&pubcid=1d52d2c4-845a-4f00-9b64-9499dbcd08a9&gpid=%2F8264%2Faw-cbsnews%2Fhome%23leader-plus-inc4&fp=0.5&fpc=USD&maxw=970&maxh=250&si=92415&pi=3&bf=728x90%2C970x250&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2F213.238.171.129.sslip.io%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%228.20.0%22%7D&ogu=https%3A%2F%2Fwww.cbsnews.com%2F&ns=10035
Requested by
Host: at.cbsi.com
URL: https://at.cbsi.com/lib/dist/prod/bidbarrel-cbsnews.min.js?adaptive=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.45.224.4 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-45-224-4.compute-1.amazonaws.com
Software
nginx /
Resource Hash
c29fd07a303f4eed97b55ac1bf160c73300f40eaeb4c5f305bdb07e6012e43b9

Request headers

Referer
https://213.238.171.129.sslip.io/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Tue, 28 Nov 2023 01:53:00 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://213.238.171.129.sslip.io
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
0
imp
g2.gumgum.com/hbid/ 		2 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?lt=1701136379825&to=600&aun=mpu-flex-inc5&pubcid=1d52d2c4-845a-4f00-9b64-9499dbcd08a9&gpid=%2F8264%2Faw-cbsnews%2Fhome%23mpu-flex-inc5&fp=0.5&fpc=USD&maxw=300&maxh=250&si=92390&pi=3&bf=300x250%2C11x11&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2F213.238.171.129.sslip.io%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%228.20.0%22%7D&ogu=https%3A%2F%2Fwww.cbsnews.com%2F&ns=10035
Requested by
Host: at.cbsi.com
URL: https://at.cbsi.com/lib/dist/prod/bidbarrel-cbsnews.min.js?adaptive=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.45.224.4 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-45-224-4.compute-1.amazonaws.com
Software
nginx /
Resource Hash
7fe05de865636eb530276a2b7acea53e5e82415f2de5aad0dcc56a0cfd39a918

Request headers

Referer
https://213.238.171.129.sslip.io/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Tue, 28 Nov 2023 01:53:00 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://213.238.171.129.sslip.io
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
0
imp
g2.gumgum.com/hbid/ 		2 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?lt=1701136379826&to=600&aun=leader-plus-inc5&pubcid=1d52d2c4-845a-4f00-9b64-9499dbcd08a9&gpid=%2F8264%2Faw-cbsnews%2Fhome%23leader-plus-inc5&fp=0.5&fpc=USD&maxw=970&maxh=250&si=92415&pi=3&bf=728x90%2C970x250&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2F213.238.171.129.sslip.io%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%228.20.0%22%7D&ogu=https%3A%2F%2Fwww.cbsnews.com%2F&ns=10035
Requested by
Host: at.cbsi.com
URL: https://at.cbsi.com/lib/dist/prod/bidbarrel-cbsnews.min.js?adaptive=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.45.224.4 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-45-224-4.compute-1.amazonaws.com
Software
nginx /
Resource Hash
316e5741a53dfd98743876fcdd741d5efbf8a98b35afca2578b5e61415f01e7a

Request headers

Referer
https://213.238.171.129.sslip.io/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Tue, 28 Nov 2023 01:53:00 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://213.238.171.129.sslip.io
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
0
imp
g2.gumgum.com/hbid/ 		2 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?lt=1701136379827&to=600&aun=mpu-flex-inc6&pubcid=1d52d2c4-845a-4f00-9b64-9499dbcd08a9&gpid=%2F8264%2Faw-cbsnews%2Fhome%23mpu-flex-inc6&fp=0.5&fpc=USD&maxw=300&maxh=250&si=92390&pi=3&bf=300x250%2C11x11&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2F213.238.171.129.sslip.io%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%228.20.0%22%7D&ogu=https%3A%2F%2Fwww.cbsnews.com%2F&ns=10035
Requested by
Host: at.cbsi.com
URL: https://at.cbsi.com/lib/dist/prod/bidbarrel-cbsnews.min.js?adaptive=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.45.224.4 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-45-224-4.compute-1.amazonaws.com
Software
nginx /
Resource Hash
9c89aa6968134ff29659e3ae9332dc217d5db905f2b5386928591f244fa4fcd9

Request headers

Referer
https://213.238.171.129.sslip.io/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Tue, 28 Nov 2023 01:53:00 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://213.238.171.129.sslip.io
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
0
prebid
krk2.kargo.com/api/v1/ 		2 B
472 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://krk2.kargo.com/api/v1/prebid
Requested by
Host: at.cbsi.com
URL: https://at.cbsi.com/lib/dist/prod/bidbarrel-cbsnews.min.js?adaptive=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.243.45.130 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-243-45-130.compute-1.amazonaws.com
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer
https://213.238.171.129.sslip.io/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Tue, 28 Nov 2023 01:53:00 GMT
content-encoding
gzip
x-accel-expires
0
nbr
510
vary
Accept-Encoding
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://213.238.171.129.sslip.io
cache-control
no-cache, no-store, no-transform, must-revalidate, private, max-age=0
access-control-allow-credentials
true
content-length
26
expires
Thu, 01 Jan 1970 00:00:00 UTC
pbjs
htlb.casalemedia.com/openrtb/ 		38 B
552 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=506205
Requested by
Host: at.cbsi.com
URL: https://at.cbsi.com/lib/dist/prod/bidbarrel-cbsnews.min.js?adaptive=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0c88e5cad7fae79f9c54fa4c68e7c45a2d9754776b9c55c5fa350cc216ad35fd

Request headers

Referer
https://213.238.171.129.sslip.io/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Tue, 28 Nov 2023 01:53:00 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i%2FqbFRU12HlM7WjuDagmFE8DPiInuTRWQZs3PpD0OTJpg61JWHosXy1MNJGns7WcGTjJb6GhEsM4q5tNodpXFRlb3RUmlu5bhHMDLpJCGFCf4HtfqRMnIODbxN%2BmphKNvaBD8Xby"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://213.238.171.129.sslip.io
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
82cef9888e9b8c48-EWR
alt-svc
h3=":443"; ma=86400
content-length
38
expires
0
pbjs
htlb.casalemedia.com/openrtb/ 		38 B
311 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=506205
Requested by
Host: at.cbsi.com
URL: https://at.cbsi.com/lib/dist/prod/bidbarrel-cbsnews.min.js?adaptive=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0c88e5cad7fae79f9c54fa4c68e7c45a2d9754776b9c55c5fa350cc216ad35fd

Request headers

Referer
https://213.238.171.129.sslip.io/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Tue, 28 Nov 2023 01:53:00 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ljgzFcMgM033cKs8aha4DYewOmKAEvjWsYdFP36WhaU6ZPafzJ5AEpbFVspqghZBqI4i8aw9c%2BGeb%2FM2kTdp0jew0e%2Fitdsnu17P2L2AX14D%2BCCtTvmYN%2B6MAHmhxXWgSaBPPCav"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://213.238.171.129.sslip.io
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
82cef9888e9f8c48-EWR
alt-svc
h3=":443"; ma=86400
content-length
38
expires
0
prebidjs
rtb.openx.net/openrtbb/ 		53 B
355 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rtb.openx.net/openrtbb/prebidjs
Requested by
Host: at.cbsi.com
URL: https://at.cbsi.com/lib/dist/prod/bidbarrel-cbsnews.min.js?adaptive=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
/
Resource Hash
b8872b960f80a1cd564a26e966402f4f843aa9c4b002d306e5bec3446db62657

Request headers

Referer
https://213.238.171.129.sslip.io/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
content-type
text/plain

Response headers

date
Tue, 28 Nov 2023 01:53:00 GMT
content-encoding
gzip
via
1.1 google
vary
Origin
content-type
text/plain
access-control-allow-origin
https://213.238.171.129.sslip.io
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
77
fastlane.json
fastlane.rubiconproject.com/a/api/ 		421 B
771 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=10970&site_id=320764&zone_id=1660824&size_id=15&eid_pubcid.org=1d52d2c4-845a-4f00-9b64-9499dbcd08a9%5E1&rf=https%3A%2F%2F213.238.171.129.sslip.io%2F&kw=CBSNews%2Cbreakingnews%2Cnationalnews%2Cu.s.news%2Cworldnews%2Cnewsvideo%2Centertainmentnews%2Cpoliticalnews%2Csportsnews%2Cbusinessnews%2Ctravelnews%2Chealthnews%2Ctechnologynews%2Cfinancialnews%2Ccbsnews.com&tg_i.domain=213.238.171.129.sslip.io&tg_i.page=https%3A%2F%2F213.238.171.129.sslip.io%2F&tg_i.pbadslot=%2F8264%2Faw-cbsnews%2Fhome%23mpu-flex-top&tk_flint=pbjs_lite_v8.20.0&l_pb_bid_id=198ad3d949236017&p_screen_res=1600x1200&rp_secure=1&rp_hard_floor=0.5&rp_maxbids=1&p_gpid=%2F8264%2Faw-cbsnews%2Fhome%23mpu-flex-top&slots=1&rand=0.13984052131680946
Requested by
Host: at.cbsi.com
URL: https://at.cbsi.com/lib/dist/prod/bidbarrel-cbsnews.min.js?adaptive=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c002:200::52 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
146dc1d7c5eb4a55845dc09eca64cca7f53598183cce62b6d0d829a3b7819766

Request headers

Referer
https://213.238.171.129.sslip.io/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Tue, 28 Nov 2023 01:53:00 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://213.238.171.129.sslip.io
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
421
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		422 B
772 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=10970&site_id=320764&zone_id=1660824&size_id=15&eid_pubcid.org=1d52d2c4-845a-4f00-9b64-9499dbcd08a9%5E1&rf=https%3A%2F%2F213.238.171.129.sslip.io%2F&kw=CBSNews%2Cbreakingnews%2Cnationalnews%2Cu.s.news%2Cworldnews%2Cnewsvideo%2Centertainmentnews%2Cpoliticalnews%2Csportsnews%2Cbusinessnews%2Ctravelnews%2Chealthnews%2Ctechnologynews%2Cfinancialnews%2Ccbsnews.com&tg_i.domain=213.238.171.129.sslip.io&tg_i.page=https%3A%2F%2F213.238.171.129.sslip.io%2F&tg_i.pbadslot=%2F8264%2Faw-cbsnews%2Fhome%23mpu-flex-inc2&tk_flint=pbjs_lite_v8.20.0&l_pb_bid_id=199a57b12f2c7acf&p_screen_res=1600x1200&rp_secure=1&rp_hard_floor=0.5&rp_maxbids=1&p_gpid=%2F8264%2Faw-cbsnews%2Fhome%23mpu-flex-inc2&slots=1&rand=0.12481282577872643
Requested by
Host: at.cbsi.com
URL: https://at.cbsi.com/lib/dist/prod/bidbarrel-cbsnews.min.js?adaptive=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c002:200::52 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
63417d1e88ad5cbbe1c4089e21271fd10c89c540f128b420874af1eaf8e4f992

Request headers

Referer
https://213.238.171.129.sslip.io/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Tue, 28 Nov 2023 01:53:00 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://213.238.171.129.sslip.io
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
422
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		443 B
795 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=10970&site_id=320764&zone_id=1660824&size_id=2&alt_size_ids=57&eid_pubcid.org=1d52d2c4-845a-4f00-9b64-9499dbcd08a9%5E1&rf=https%3A%2F%2F213.238.171.129.sslip.io%2F&kw=CBSNews%2Cbreakingnews%2Cnationalnews%2Cu.s.news%2Cworldnews%2Cnewsvideo%2Centertainmentnews%2Cpoliticalnews%2Csportsnews%2Cbusinessnews%2Ctravelnews%2Chealthnews%2Ctechnologynews%2Cfinancialnews%2Ccbsnews.com&tg_i.domain=213.238.171.129.sslip.io&tg_i.page=https%3A%2F%2F213.238.171.129.sslip.io%2F&tg_i.pbadslot=%2F8264%2Faw-cbsnews%2Fhome%23leader-plus-top&tk_flint=pbjs_lite_v8.20.0&l_pb_bid_id=2002f0dec4e96dc4&p_screen_res=1600x1200&rp_secure=1&rp_hard_floor=0.5&rp_maxbids=1&p_gpid=%2F8264%2Faw-cbsnews%2Fhome%23leader-plus-top&slots=1&rand=0.5793330261660139
Requested by
Host: at.cbsi.com
URL: https://at.cbsi.com/lib/dist/prod/bidbarrel-cbsnews.min.js?adaptive=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c002:200::52 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
f3664e88b8da310c13d2046c7b21a02661d58d97bbf1566533e2142f82f564b1

Request headers

Referer
https://213.238.171.129.sslip.io/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Tue, 28 Nov 2023 01:53:00 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://213.238.171.129.sslip.io
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
443
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		422 B
772 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=10970&site_id=320764&zone_id=1660824&size_id=15&eid_pubcid.org=1d52d2c4-845a-4f00-9b64-9499dbcd08a9%5E1&rf=https%3A%2F%2F213.238.171.129.sslip.io%2F&kw=CBSNews%2Cbreakingnews%2Cnationalnews%2Cu.s.news%2Cworldnews%2Cnewsvideo%2Centertainmentnews%2Cpoliticalnews%2Csportsnews%2Cbusinessnews%2Ctravelnews%2Chealthnews%2Ctechnologynews%2Cfinancialnews%2Ccbsnews.com&tg_i.domain=213.238.171.129.sslip.io&tg_i.page=https%3A%2F%2F213.238.171.129.sslip.io%2F&tg_i.pbadslot=%2F8264%2Faw-cbsnews%2Fhome%23mpu-flex-inc3&tk_flint=pbjs_lite_v8.20.0&l_pb_bid_id=2013fbe9d6b904dc&p_screen_res=1600x1200&rp_secure=1&rp_hard_floor=0.5&rp_maxbids=1&p_gpid=%2F8264%2Faw-cbsnews%2Fhome%23mpu-flex-inc3&slots=1&rand=0.9842458294212828
Requested by
Host: at.cbsi.com
URL: https://at.cbsi.com/lib/dist/prod/bidbarrel-cbsnews.min.js?adaptive=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c002:200::52 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
b49c70539bf8ea921ba898e695544c784ea722d7f036e6b843c95ae2acc970d4

Request headers

Referer
https://213.238.171.129.sslip.io/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Tue, 28 Nov 2023 01:53:00 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://213.238.171.129.sslip.io
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
422
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		444 B
976 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=10970&site_id=320764&zone_id=1660824&size_id=2&alt_size_ids=57&eid_pubcid.org=1d52d2c4-845a-4f00-9b64-9499dbcd08a9%5E1&rf=https%3A%2F%2F213.238.171.129.sslip.io%2F&kw=CBSNews%2Cbreakingnews%2Cnationalnews%2Cu.s.news%2Cworldnews%2Cnewsvideo%2Centertainmentnews%2Cpoliticalnews%2Csportsnews%2Cbusinessnews%2Ctravelnews%2Chealthnews%2Ctechnologynews%2Cfinancialnews%2Ccbsnews.com&tg_i.domain=213.238.171.129.sslip.io&tg_i.page=https%3A%2F%2F213.238.171.129.sslip.io%2F&tg_i.pbadslot=%2F8264%2Faw-cbsnews%2Fhome%23leader-plus-inc2&tk_flint=pbjs_lite_v8.20.0&l_pb_bid_id=2027482fec8630f7&p_screen_res=1600x1200&rp_secure=1&rp_hard_floor=0.5&rp_maxbids=1&p_gpid=%2F8264%2Faw-cbsnews%2Fhome%23leader-plus-inc2&slots=1&rand=0.2574341513093261
Requested by
Host: at.cbsi.com
URL: https://at.cbsi.com/lib/dist/prod/bidbarrel-cbsnews.min.js?adaptive=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c002:200::52 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
313734c6a8618b2f9ed5e2b0fdede2b5ceaafd7f42bc768ffc47ae2c2ec27989

Request headers

Referer
https://213.238.171.129.sslip.io/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Tue, 28 Nov 2023 01:53:00 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://213.238.171.129.sslip.io
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
444
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		444 B
795 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=10970&site_id=320764&zone_id=1660824&size_id=2&alt_size_ids=57&eid_pubcid.org=1d52d2c4-845a-4f00-9b64-9499dbcd08a9%5E1&rf=https%3A%2F%2F213.238.171.129.sslip.io%2F&kw=CBSNews%2Cbreakingnews%2Cnationalnews%2Cu.s.news%2Cworldnews%2Cnewsvideo%2Centertainmentnews%2Cpoliticalnews%2Csportsnews%2Cbusinessnews%2Ctravelnews%2Chealthnews%2Ctechnologynews%2Cfinancialnews%2Ccbsnews.com&tg_i.domain=213.238.171.129.sslip.io&tg_i.page=https%3A%2F%2F213.238.171.129.sslip.io%2F&tg_i.pbadslot=%2F8264%2Faw-cbsnews%2Fhome%23leader-plus-inc3&tk_flint=pbjs_lite_v8.20.0&l_pb_bid_id=20307eb3099aeed7&p_screen_res=1600x1200&rp_secure=1&rp_hard_floor=0.5&rp_maxbids=1&p_gpid=%2F8264%2Faw-cbsnews%2Fhome%23leader-plus-inc3&slots=1&rand=0.41732064098512667
Requested by
Host: at.cbsi.com
URL: https://at.cbsi.com/lib/dist/prod/bidbarrel-cbsnews.min.js?adaptive=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c002:200::52 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
c3264a06ba10c869c3d0d51b1d6ed6acdf45a0434fcbb3237fe35615c43c94d2

Request headers

Referer
https://213.238.171.129.sslip.io/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Tue, 28 Nov 2023 01:53:00 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://213.238.171.129.sslip.io
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
444
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		422 B
773 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=10970&site_id=320764&zone_id=1660824&size_id=15&eid_pubcid.org=1d52d2c4-845a-4f00-9b64-9499dbcd08a9%5E1&rf=https%3A%2F%2F213.238.171.129.sslip.io%2F&kw=CBSNews%2Cbreakingnews%2Cnationalnews%2Cu.s.news%2Cworldnews%2Cnewsvideo%2Centertainmentnews%2Cpoliticalnews%2Csportsnews%2Cbusinessnews%2Ctravelnews%2Chealthnews%2Ctechnologynews%2Cfinancialnews%2Ccbsnews.com&tg_i.domain=213.238.171.129.sslip.io&tg_i.page=https%3A%2F%2F213.238.171.129.sslip.io%2F&tg_i.pbadslot=%2F8264%2Faw-cbsnews%2Fhome%23mpu-flex-inc4&tk_flint=pbjs_lite_v8.20.0&l_pb_bid_id=204903a99c6a6dc4&p_screen_res=1600x1200&rp_secure=1&rp_hard_floor=0.5&rp_maxbids=1&p_gpid=%2F8264%2Faw-cbsnews%2Fhome%23mpu-flex-inc4&slots=1&rand=0.6929112111554367
Requested by
Host: at.cbsi.com
URL: https://at.cbsi.com/lib/dist/prod/bidbarrel-cbsnews.min.js?adaptive=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c002:200::52 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
218c479ab2616c95cdb825787c21e9eb9d3c5b663bb9b23affe8071740e61787

Request headers

Referer
https://213.238.171.129.sslip.io/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Tue, 28 Nov 2023 01:53:00 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://213.238.171.129.sslip.io
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
422
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		444 B
796 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=10970&site_id=320764&zone_id=1660824&size_id=2&alt_size_ids=57&eid_pubcid.org=1d52d2c4-845a-4f00-9b64-9499dbcd08a9%5E1&rf=https%3A%2F%2F213.238.171.129.sslip.io%2F&kw=CBSNews%2Cbreakingnews%2Cnationalnews%2Cu.s.news%2Cworldnews%2Cnewsvideo%2Centertainmentnews%2Cpoliticalnews%2Csportsnews%2Cbusinessnews%2Ctravelnews%2Chealthnews%2Ctechnologynews%2Cfinancialnews%2Ccbsnews.com&tg_i.domain=213.238.171.129.sslip.io&tg_i.page=https%3A%2F%2F213.238.171.129.sslip.io%2F&tg_i.pbadslot=%2F8264%2Faw-cbsnews%2Fhome%23leader-plus-inc4&tk_flint=pbjs_lite_v8.20.0&l_pb_bid_id=20571218dcde0deb&p_screen_res=1600x1200&rp_secure=1&rp_hard_floor=0.5&rp_maxbids=1&p_gpid=%2F8264%2Faw-cbsnews%2Fhome%23leader-plus-inc4&slots=1&rand=0.6587014734248169
Requested by
Host: at.cbsi.com
URL: https://at.cbsi.com/lib/dist/prod/bidbarrel-cbsnews.min.js?adaptive=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c002:200::52 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
c8416a5ad9aa2ee4672d7ccb6bada46a4fac42608223eaa7bc2505ca3a18c1ca

Request headers

Referer
https://213.238.171.129.sslip.io/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Tue, 28 Nov 2023 01:53:00 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://213.238.171.129.sslip.io
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
444
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		422 B
773 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=10970&site_id=320764&zone_id=1660824&size_id=15&eid_pubcid.org=1d52d2c4-845a-4f00-9b64-9499dbcd08a9%5E1&rf=https%3A%2F%2F213.238.171.129.sslip.io%2F&kw=CBSNews%2Cbreakingnews%2Cnationalnews%2Cu.s.news%2Cworldnews%2Cnewsvideo%2Centertainmentnews%2Cpoliticalnews%2Csportsnews%2Cbusinessnews%2Ctravelnews%2Chealthnews%2Ctechnologynews%2Cfinancialnews%2Ccbsnews.com&tg_i.domain=213.238.171.129.sslip.io&tg_i.page=https%3A%2F%2F213.238.171.129.sslip.io%2F&tg_i.pbadslot=%2F8264%2Faw-cbsnews%2Fhome%23mpu-flex-inc5&tk_flint=pbjs_lite_v8.20.0&l_pb_bid_id=206992072f0762cd&p_screen_res=1600x1200&rp_secure=1&rp_hard_floor=0.5&rp_maxbids=1&p_gpid=%2F8264%2Faw-cbsnews%2Fhome%23mpu-flex-inc5&slots=1&rand=0.44315497981847285
Requested by
Host: at.cbsi.com
URL: https://at.cbsi.com/lib/dist/prod/bidbarrel-cbsnews.min.js?adaptive=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c002:200::52 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
f4d1d36eefbba603f15f6511108b2c8fb57a682f14aa0e0d58bcaeb66332e886

Request headers

Referer
https://213.238.171.129.sslip.io/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Tue, 28 Nov 2023 01:53:00 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://213.238.171.129.sslip.io
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
422
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		444 B
795 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=10970&site_id=320764&zone_id=1660824&size_id=2&alt_size_ids=57&eid_pubcid.org=1d52d2c4-845a-4f00-9b64-9499dbcd08a9%5E1&rf=https%3A%2F%2F213.238.171.129.sslip.io%2F&kw=CBSNews%2Cbreakingnews%2Cnationalnews%2Cu.s.news%2Cworldnews%2Cnewsvideo%2Centertainmentnews%2Cpoliticalnews%2Csportsnews%2Cbusinessnews%2Ctravelnews%2Chealthnews%2Ctechnologynews%2Cfinancialnews%2Ccbsnews.com&tg_i.domain=213.238.171.129.sslip.io&tg_i.page=https%3A%2F%2F213.238.171.129.sslip.io%2F&tg_i.pbadslot=%2F8264%2Faw-cbsnews%2Fhome%23leader-plus-inc5&tk_flint=pbjs_lite_v8.20.0&l_pb_bid_id=207b389bab710635&p_screen_res=1600x1200&rp_secure=1&rp_hard_floor=0.5&rp_maxbids=1&p_gpid=%2F8264%2Faw-cbsnews%2Fhome%23leader-plus-inc5&slots=1&rand=0.8783455160612355
Requested by
Host: at.cbsi.com
URL: https://at.cbsi.com/lib/dist/prod/bidbarrel-cbsnews.min.js?adaptive=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c002:200::52 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
f1d8514c694fc47c1845862ed9934b05ffa5eeedf411c148125a5aea11b90515

Request headers

Referer
https://213.238.171.129.sslip.io/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Tue, 28 Nov 2023 01:53:00 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://213.238.171.129.sslip.io
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
444
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		422 B
773 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=10970&site_id=320764&zone_id=1660824&size_id=15&eid_pubcid.org=1d52d2c4-845a-4f00-9b64-9499dbcd08a9%5E1&rf=https%3A%2F%2F213.238.171.129.sslip.io%2F&kw=CBSNews%2Cbreakingnews%2Cnationalnews%2Cu.s.news%2Cworldnews%2Cnewsvideo%2Centertainmentnews%2Cpoliticalnews%2Csportsnews%2Cbusinessnews%2Ctravelnews%2Chealthnews%2Ctechnologynews%2Cfinancialnews%2Ccbsnews.com&tg_i.domain=213.238.171.129.sslip.io&tg_i.page=https%3A%2F%2F213.238.171.129.sslip.io%2F&tg_i.pbadslot=%2F8264%2Faw-cbsnews%2Fhome%23mpu-flex-inc6&tk_flint=pbjs_lite_v8.20.0&l_pb_bid_id=208105ac275e63e9&p_screen_res=1600x1200&rp_secure=1&rp_hard_floor=0.5&rp_maxbids=1&p_gpid=%2F8264%2Faw-cbsnews%2Fhome%23mpu-flex-inc6&slots=1&rand=0.8810601756644776
Requested by
Host: at.cbsi.com
URL: https://at.cbsi.com/lib/dist/prod/bidbarrel-cbsnews.min.js?adaptive=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c002:200::52 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
a8b06f4c162fb2fa36b3e6e2e8042ad4bff95e84adce7f1f7962549f977cfcb5

Request headers

Referer
https://213.238.171.129.sslip.io/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Tue, 28 Nov 2023 01:53:00 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://213.238.171.129.sslip.io
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
422
expires
Wed, 17 Sep 1975 21:32:10 GMT
events
cbsnews.hb-api.omtrdc.net/api/v1/sessions/9a0623762b4ebe4f9f74588b7de91314c81d3eee66ac9949c59449b762eec2fa/ Frame 0C7C 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cbsnews.hb-api.omtrdc.net/api/v1/sessions/9a0623762b4ebe4f9f74588b7de91314c81d3eee66ac9949c59449b762eec2fa/events
Requested by
Host: tealium.cbsnews.com
URL: https://tealium.cbsnews.com/site/prod/utag.js?v=202309221625
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
63.140.38.128 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ip-63-140-38-128.data.adobedc.net
Software
jag /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.cbsnews.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-type
application/json

Response headers

access-control-allow-origin
*
date
Tue, 28 Nov 2023 01:52:59 GMT
cache-control
no-cache, no-store, max-age=0, no-transform, private
x-content-type-options
nosniff
server
jag
x-xss-protection
1; mode=block
usersync
usersync.getpublica.com/ Frame D7B7 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.getpublica.com/usersync?gpdr=0&consent=&us_privacy=1YNN
Requested by
Host: sync.getpublica.com
URL: https://sync.getpublica.com/sync.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.169.174.253 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-169-174-253.compute-1.amazonaws.com
Software
/
Resource Hash
7ff8b2b40be5b81d03ba81dccaf2fc736a1d2bd7a588115deb21abfc3cb53de4

Request headers

Referer
https://213.238.171.129.sslip.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
private, no-cache, no-store, must-revalidate, proxy-revalidate
content-length
1047
content-type
text/html; charset=utf-8
date
Tue, 28 Nov 2023 01:53:00 GMT
expires
0
pragma
no-cache
vary
Origin
sync
eb2.3lift.com/ Frame 2B89
Redirect Chain
  • https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fpbs.at.cbsi.com%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26u...
  • https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fpbs.at.cbsi.com%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26u...
1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fpbs.at.cbsi.com%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID&ld=1
Requested by
Host: at.cbsi.com
URL: https://at.cbsi.com/lib/dist/prod/bidbarrel-cbsnews.min.js?adaptive=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
9964ee8197977baaa2823ca42bac20e4e176ee26152562cbdcecc75600f187a3

Request headers

Referer
https://213.238.171.129.sslip.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
1487
content-type
text/html; charset=utf-8
date
Tue, 28 Nov 2023 01:53:00 GMT
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

cache-control
no-cache, no-store, must-revalidate
content-length
0
date
Tue, 28 Nov 2023 01:53:00 GMT
location
/sync?gdpr=&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fpbs.at.cbsi.com%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID&ld=1
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
3037
config.aps.amazon-adsystem.com/configs/ 		505 B
772 B 		Script
General
Check archive.org
Download Go to
Full URL
https://config.aps.amazon-adsystem.com/configs/3037
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.132.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-132-10.jfk52.r.cloudfront.net
Software
CloudFront /
Resource Hash
5802558528d108bab1a193203915735cf2e64d654b783f7ddfca797387707be7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://213.238.171.129.sslip.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 01:14:00 GMT
via
1.1 59e9110c0585d6ff81049f7a7fa9938e.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
JFK52-P2
age
2340
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
content-length
505
x-amz-cf-id
D6i-Qz5xqo6tKUAV2sIZVPV8VpTd2QIoLRftT2FSuRo5ADrBZWpISA==
config
c.amazon-adsystem.com/cdn/prod/ 		337 B
694 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=3037&u=https%3A%2F%2F213.238.171.129.sslip.io
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.40.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-40-125.jfk52.r.cloudfront.net
Software
Server /
Resource Hash
405f17efa15f9c112f7a11462f4c4bf38dd6b2da37e5c0cc5cccdb2aa95534a6

Request headers

accept-language
en-US,en;q=0.9
Referer
https://213.238.171.129.sslip.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 01:52:59 GMT
via
1.1 20292965cdbba1b959488426be2ef49e.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
JFK52-P3
x-cache
Miss from cloudfront
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://213.238.171.129.sslip.io
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
content-length
337
x-amz-cf-id
3vfzNMTtC7gvF9lJ18igS-SVbQ_aFDTtmwbdrCVBqV1QvEBSfPJqVg==
bid
aax.amazon-adsystem.com/e/dtb/ 		64 B
510 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=3037&u=https%3A%2F%2F213.238.171.129.sslip.io%2F&pid=cb8DZBAVLGVNW&cb=0&ws=1600x1200&v=23.1108.2350&t=1000&slots=%5B%7B%22sd%22%3A%22mpu-flex-top%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F8264%2Faw-cbsnews%2Fhome%2Fmpu-flex-top%22%7D%2C%7B%22sd%22%3A%22mpu-flex-inc2%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F8264%2Faw-cbsnews%2Fhome%2Fmpu-flex-inc2%22%7D%2C%7B%22sd%22%3A%22leader-plus-top%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x250%22%5D%2C%22sn%22%3A%22%2F8264%2Faw-cbsnews%2Fhome%2Fleader-plus-top%22%7D%2C%7B%22sd%22%3A%22mpu-flex-inc3%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F8264%2Faw-cbsnews%2Fhome%2Fmpu-flex-inc3%22%7D%2C%7B%22sd%22%3A%22leader-plus-inc2%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x250%22%5D%2C%22sn%22%3A%22%2F8264%2Faw-cbsnews%2Fhome%2Fleader-plus-inc2%22%7D%2C%7B%22sd%22%3A%22leader-plus-inc3%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x250%22%5D%2C%22sn%22%3A%22%2F8264%2Faw-cbsnews%2Fhome%2Fleader-plus-inc3%22%7D%2C%7B%22sd%22%3A%22mpu-flex-inc4%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F8264%2Faw-cbsnews%2Fhome%2Fmpu-flex-inc4%22%7D%2C%7B%22sd%22%3A%22leader-plus-inc4%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x250%22%5D%2C%22sn%22%3A%22%2F8264%2Faw-cbsnews%2Fhome%2Fleader-plus-inc4%22%7D%2C%7B%22sd%22%3A%22mpu-flex-inc5%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F8264%2Faw-cbsnews%2Fhome%2Fmpu-flex-inc5%22%7D%2C%7B%22sd%22%3A%22leader-plus-inc5%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x250%22%5D%2C%22sn%22%3A%22%2F8264%2Faw-cbsnews%2Fhome%2Fleader-plus-inc5%22%7D%2C%7B%22sd%22%3A%22mpu-flex-inc6%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F8264%2Faw-cbsnews%2Fhome%2Fmpu-flex-inc6%22%7D%5D&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.107.227 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-107-227.jfk50.r.cloudfront.net
Software
Server /
Resource Hash
d278491b1de51ad826d16be5ab27b1746999c02d45200f107218427e34eed798
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://213.238.171.129.sslip.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 01:53:00 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 7edae070a6a25cc68c970c1111701a20.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
JFK50-P6
x-amz-rid
PGY81N4451SNM6PX6TAM
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://213.238.171.129.sslip.io
access-control-allow-credentials
true
timing-allow-origin
*
content-length
64
x-amz-cf-id
c_VobzEy-VATNz3JTvJHaWc5QNDWfwvLK5TthSm7UdFynpp_JjbLNQ==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.40.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-40-125.jfk52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
en-US,en;q=0.9
Referer
https://213.238.171.129.sslip.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 01:53:01 GMT
x-amz-version-id
9yABOonr2HqHtwbarUcdbIqN0f4A8Qog
content-encoding
gzip
via
1.1 90707ba4ec932f1b72abfb5c4f1add2e.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK52-P3
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
last-modified
Tue, 29 Aug 2023 08:30:37 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Accept-Encoding,Origin
x-amz-cf-id
whPsV720uvN2tgekMuy-dYi2fersa2tWudVKmCffSuH8wMSVQEsHVA==
events
cbsnews.hb-api.omtrdc.net/api/v1/sessions/9a0623762b4ebe4f9f74588b7de91314c81d3eee66ac9949c59449b762eec2fa/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://cbsnews.hb-api.omtrdc.net/api/v1/sessions/9a0623762b4ebe4f9f74588b7de91314c81d3eee66ac9949c59449b762eec2fa/events
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
63.140.38.128 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ip-63-140-38-128.data.adobedc.net
Software
jag /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.cbsnews.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-headers
X-Adobe-AEP-Validation-Token, Content-Type, Content-Length, Host, Referer, User-Agent
access-control-allow-methods
POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, max-age=0, no-transform, private
content-length
2
content-type
text/plain; charset=UTF-8
date
Tue, 28 Nov 2023 01:52:59 GMT
server
jag
x-content-type-options
nosniff
x-xss-protection
1; mode=block
v2
mb.moatads.com/yi/ 		193 B
270 B 		Script
General
Check archive.org
Download Go to
Full URL
https://mb.moatads.com/yi/v2?ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K3%2BY%24%3D!%5Dx%24P%5Bh3MrI1%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-dBE63cnegzlATHhA%2BfHRT33aDaO73LuhfDBJf6raYEJYmkDpFPmliBNlAlwWxmRnpyWz&rs=1-TxbrCERvHCbFpA%3D%3D&sc=1&os=1-Xg%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=600&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&url=https%3A%2F%2F213.238.171.129.sslip.io%2F&pcode=cbsprebidheader506831276743&rx=516254264640&callback=MoatNadoAllJsonpRequest_5867385
Requested by
Host: z.moatads.com
URL: https://z.moatads.com/cbsprebidheader506831276743/moatheader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
129.80.46.219 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
a90a8d30e26dc731414ee12982dc525c0b7d83d858c5f018e74e0b5950026662

Request headers

accept-language
en-US,en;q=0.9
Referer
https://213.238.171.129.sslip.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 01:53:00 GMT
server
istio-envoy
etag
"b754a019dec9d3f5cecf85574f7fe6811058c254"
content-type
text/html; charset=UTF-8
cache-control
max-age=900
x-envoy-upstream-service-time
20
timing-allow-origin
*
content-length
193
n.js
mb.moatads.com/ 		55 B
131 B 		Script
General
Check archive.org
Download Go to
Full URL
https://mb.moatads.com/n.js?e=35&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K3%2BY%24%3D!%5Dx%24P%5Bh3MrI1%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-dBE63cnegzlATHhA%2BfHRT33aDaO73LuhfDBJf6raYEJYmkDpFPmliBNlAlwWxmRnpyWz&rs=1-TxbrCERvHCbFpA%3D%3D&sc=1&os=1-Xg%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=600&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&i=CBS_PREBID_HEADER1&hp=1&wf=1&pxm=2&sgs=3&bo=undefined&bp=undefined&bd=undefined&zMoatNotCnet=true&zMoatPT=Not%20Specified&zMoatFT=Not%20Specified&zMoatSZ=Not%20Specified&zMoatPS=Not%20Specified&zMoatSZPS=Not%20Specified&zMoatPTAT=Not%20Specified&zMoatPTATSECT=Not%20Specified&vb=17&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=11&f=0&j=&t=1701136380024&de=533219766368&rx=516254264640&m=0&ar=51bd715ca6c-clean&iw=479f042&q=1&cb=0&cu=1701136380024&ll=2&lm=0&ln=0&em=0&en=0&d=undefined%3Aundefined%3Aundefined%3Aundefined&cm=1&zGSRS=1&zGSRC=1&gu=https%3A%2F%2F213.238.171.129.sslip.io%2F&id=1&ii=4&zMoatOrigSlicer1=undefined&zMoatOrigSlicer2=undefined&dfp=true&la=undefined&gw=cbsprebidheader506831276743&fd=1&it=500&ti=0&ih=2&pe=1%3A1535%3A1609%3A2619%3A1787&jk=-1&jm=-1&fs=205853&na=851441563&cs=0&ord=1701136380024&jv=259160527&callback=DOMlessLLDcallback_5867385
Requested by
Host: z.moatads.com
URL: https://z.moatads.com/cbsprebidheader506831276743/moatheader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
129.80.46.219 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
3d2335302c75842a2e94f2de1019b2b83bb9da1f0261d0a9eb0e50a250b2afe6

Request headers

accept-language
en-US,en;q=0.9
Referer
https://213.238.171.129.sslip.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 01:53:00 GMT
server
istio-envoy
etag
"de79042a749f581fd79aca4dde7742e5e80c6305"
content-type
text/html; charset=UTF-8
cache-control
max-age=900
x-envoy-upstream-service-time
18
timing-allow-origin
*
content-length
55
n.js
mb.moatads.com/ 		58 B
236 B 		Script
General
Check archive.org
Download Go to
Full URL
https://mb.moatads.com/n.js?e=35&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K3%2BY%24%3D!%5Dx%24P%5Bh3MrI1%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-dBE63cnegzlATHhA%2BfHRT33aDaO73LuhfDBJf6raYEJYmkDpFPmliBNlAlwWxmRnpyWz&rs=1-TxbrCERvHCbFpA%3D%3D&sc=1&os=1-Xg%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=600&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&i=CBS_PREBID_HEADER1&hp=1&wf=1&pxm=2&sgs=3&bo=undefined&bp=undefined&bd=undefined&zMoatNotCnet=true&zMoatPT=Not%20Specified&zMoatFT=Not%20Specified&zMoatSZ=Not%20Specified&zMoatPS=Not%20Specified&zMoatSZPS=Not%20Specified&zMoatPTAT=Not%20Specified&zMoatPTATSECT=Not%20Specified&vb=17&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=11&f=0&j=&t=1701136380024&de=533219766368&rx=516254264640&m=0&ar=51bd715ca6c-clean&iw=479f042&q=2&cb=0&cu=1701136380024&ll=2&lm=0&ln=0&em=0&en=0&d=undefined%3Aundefined%3Aundefined%3Aundefined&cm=1&zGSRS=1&zGSRC=1&gu=https%3A%2F%2F213.238.171.129.sslip.io%2F&id=1&ii=4&zMoatOrigSlicer1=undefined&zMoatOrigSlicer2=undefined&dfp=true&la=undefined&gw=cbsprebidheader506831276743&fd=1&it=500&ti=0&ih=2&pe=1%3A1535%3A1609%3A2619%3A1787&jk=-1&jm=-1&fs=205853&na=1080515718&cs=0&callback=MoatDataJsonpRequest_5867385
Requested by
Host: z.moatads.com
URL: https://z.moatads.com/cbsprebidheader506831276743/moatheader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
129.80.46.219 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
622701ac890314e6cac9c7a0e85e9012d4144c71ba4a4ffdb492d712e2112455

Request headers

accept-language
en-US,en;q=0.9
Referer
https://213.238.171.129.sslip.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 01:53:00 GMT
server
istio-envoy
etag
"1340ebd6366821a2a28a23ad6221153bd7c57b72"
content-type
text/html; charset=UTF-8
cache-control
max-age=900
x-envoy-upstream-service-time
15
timing-allow-origin
*
content-length
58
iframe.html
z.moatads.com/hd09824092/ Frame 3305 		1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://z.moatads.com/hd09824092/iframe.html
Requested by
Host: z.moatads.com
URL: https://z.moatads.com/cbsprebidheader506831276743/moatheader.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.51.54.26 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-51-54-26.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
49d65831c7e98a7d885d223699a41198204329efff9d1904c8af71323f613d68

Request headers

Referer
https://213.238.171.129.sslip.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=1535
content-length
1374
content-type
text/html
date
Tue, 28 Nov 2023 01:53:00 GMT
etag
"4a9cbc2e5bc164313dace42a58bef141"
last-modified
Tue, 26 Jan 2021 22:41:39 GMT
server
AmazonS3
x-akamai-ew-subworker
8096267
x-amz-id-2
Ts31mWq0igKzVmS3zneiMQElIxSe1/L6H200gQzl12dPG+dSUw13fhC8wKDIY4bJdbArB/7RDl0=
x-amz-request-id
7E791E14983A45AA
videoplayback
r3---sn-vgqsrn66.googlevideo.com/ Frame 0C7C
Redirect Chain
  • https://dai.google.com/linear/pods/v1/p/Sid4xiTQTkCT1SLu6rjUSQ/256b38fd-8ed9-4188-8f15-081c15139a16:CBF2/289997/0/3/a2490d3c744cd6c7e5676ecfc6956ee9/1.ts
  • https://r3---sn-vgqsrn66.googlevideo.com/videoplayback?expire=1701222777&ei=-UdlZev7M9ejir4Pq52RmAQ&ip=0.0.0.0&gomv=google_1053790928596539081%2Cgoogle_3084581355319042694%2Cgoogle_8009495976067089...
224 KB
224 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://r3---sn-vgqsrn66.googlevideo.com/videoplayback?expire=1701222777&ei=-UdlZev7M9ejir4Pq52RmAQ&ip=0.0.0.0&gomv=google_1053790928596539081%2Cgoogle_3084581355319042694%2Cgoogle_8009495976067089511%2Cgoogle_9081477706638390454%2Cgoogle_4352406798680671331&goc=13&requiressl=yes&ogomt=-5100,-4100,-3100,-2100,-1100,-100&mime=video/MP2T&sgovp=gir%3Dyes%3Bitag%3D340%3Bxtags%3Dvc%3Davc%3Avccf%3Dmain%3Avfr%3D29.97%3Avsz%3D320x180%3Avtbr%3D160%3Bclen%3D614378%3Bdur%3D30030%3Blmt%3D1695731641307828&itag=340&nc=8264&ogoms=dRxwMlk6P2yVgO_OSlZjwg&faskm=468&fvskm=150&acao=yes&ogomk=hk1&gomt=100%2C7507%2C14765%2C22522%2C29030&sgoap=gir%3Dyes%3Bitag%3D340%3Bxtags%3Dac%3Daac%3Aaccf%3Dlc%3Aach%3D2%3Aasr%3D48000%3Aatbr%3D128%3Bclen%3D488599%3Bdur%3D30080%3Blmt%3D1695731620829872&ctier=L&source=dclk_video_ads&id=cfc512097d242da6&susc=dvc&xpc=Eghovf3BOnoBAQ==&sparams=expire,ei,ip,gomv,goc,requiressl,ogomt,mime,sgovp,itag,ogoms,faskm,fvskm,acao,ogomk,gomt,sgoap,ctier,source,id,susc,xpc&sig=ANLwegAwRQIhAJEk5Uyu8NEdEHhRw0gtGhRr_SqvdYIlkSmQlMoHqBrbAiBrq4RVrOyvacRS52IdWWOhbbSsVXUut72Fgb7CZg1XCw==&mh=N2&mip=2600:803:a88:1134::134&mm=34&mn=sn-vgqsrn66&ms=ltu&mt=1701135529&mv=u&mvi=3&pl=58&rmhost=r4---sn-vgqsrn66.googlevideo.com&shardbypass=md-default&smhost=r5---sn-vgqsrn67.googlevideo.com&lsparams=mh,mip,mm,mn,ms,mv,mvi,pl,rmhost,shardbypass,smhost&lsig=AM8Gb2swRgIhAPTrj7pKu19a4FWaKsZc1RW1J3p1xJy-EuDRjbS4H4V5AiEAg2NaSSR5Jf4nfDtmK0lvX1nCWXYbfPn9XEObj1WoSeU%3D&fvidshow=150&fvidskip=0&govp=slices%3D0-738%2C102660-205357&faudshow=234&faudskip=235&goap=slices%3D0-324818&ogomm=11000&cpn=JWs4_Y7ZQYiPFQgc
Protocol
H3
Server
2607:f8b0:4009:2e::8 Bolingbrook, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gvs 1.0 /
Resource Hash
e2d7d6e2becd91848d59ad86e8eae2df7af92fa377fdcc904883b475f4044551
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cbsnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

client-protocol
quic
date
Tue, 28 Nov 2023 01:53:00 GMT
x-content-type-options
nosniff
last-modified
Tue, 26 Sep 2023 12:34:01 GMT
server
gvs 1.0
vary
Origin
content-type
video/MP2T
access-control-allow-origin
null
access-control-expose-headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control
private, max-age=86097
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
null
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
expires
Tue, 28 Nov 2023 01:53:00 GMT

Redirect headers

date
Tue, 28 Nov 2023 01:53:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23
x-xss-protection
0
pragma
no-cache
x-frame-options
SAMEORIGIN
content-type
, text/html; charset=UTF-8, text/html; charset=UTF-8
access-control-allow-origin
https://www.cbsnews.com
location
https://r3---sn-vgqsrn66.googlevideo.com/videoplayback?expire=1701222777&ei=-UdlZev7M9ejir4Pq52RmAQ&ip=0.0.0.0&gomv=google_1053790928596539081%2Cgoogle_3084581355319042694%2Cgoogle_8009495976067089511%2Cgoogle_9081477706638390454%2Cgoogle_4352406798680671331&goc=13&requiressl=yes&ogomt=-5100,-4100,-3100,-2100,-1100,-100&mime=video/MP2T&sgovp=gir%3Dyes%3Bitag%3D340%3Bxtags%3Dvc%3Davc%3Avccf%3Dmain%3Avfr%3D29.97%3Avsz%3D320x180%3Avtbr%3D160%3Bclen%3D614378%3Bdur%3D30030%3Blmt%3D1695731641307828&itag=340&nc=8264&ogoms=dRxwMlk6P2yVgO_OSlZjwg&faskm=468&fvskm=150&acao=yes&ogomk=hk1&gomt=100%2C7507%2C14765%2C22522%2C29030&sgoap=gir%3Dyes%3Bitag%3D340%3Bxtags%3Dac%3Daac%3Aaccf%3Dlc%3Aach%3D2%3Aasr%3D48000%3Aatbr%3D128%3Bclen%3D488599%3Bdur%3D30080%3Blmt%3D1695731620829872&ctier=L&source=dclk_video_ads&id=cfc512097d242da6&susc=dvc&xpc=Eghovf3BOnoBAQ==&sparams=expire,ei,ip,gomv,goc,requiressl,ogomt,mime,sgovp,itag,ogoms,faskm,fvskm,acao,ogomk,gomt,sgoap,ctier,source,id,susc,xpc&sig=ANLwegAwRQIhAJEk5Uyu8NEdEHhRw0gtGhRr_SqvdYIlkSmQlMoHqBrbAiBrq4RVrOyvacRS52IdWWOhbbSsVXUut72Fgb7CZg1XCw==&mh=N2&mip=2600:803:a88:1134::134&mm=34&mn=sn-vgqsrn66&ms=ltu&mt=1701135529&mv=u&mvi=3&pl=58&rmhost=r4---sn-vgqsrn66.googlevideo.com&shardbypass=md-default&smhost=r5---sn-vgqsrn67.googlevideo.com&lsparams=mh,mip,mm,mn,ms,mv,mvi,pl,rmhost,shardbypass,smhost&lsig=AM8Gb2swRgIhAPTrj7pKu19a4FWaKsZc1RW1J3p1xJy-EuDRjbS4H4V5AiEAg2NaSSR5Jf4nfDtmK0lvX1nCWXYbfPn9XEObj1WoSeU%3D&fvidshow=150&fvidskip=0&govp=slices%3D0-738%2C102660-205357&faudshow=234&faudskip=235&goap=slices%3D0-324818&ogomm=11000&cpn=JWs4_Y7ZQYiPFQgc
access-control-expose-headers
Location
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Authorization
expires
Mon, 01 Jan 1990 00:00:00 GMT
bid
aax.amazon-adsystem.com/e/dtb/ 		23 B
468 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=3037&u=https%3A%2F%2F213.238.171.129.sslip.io%2F&pid=cb8DZBAVLGVNW&cb=1&ws=1600x1200&v=23.1108.2350&t=1000&slots=%5B%7B%22sd%22%3A%22omni-skybox-sticky%22%2C%22s%22%3A%5B%226x6%22%2C%225x5%22%5D%2C%22sn%22%3A%22%2F8264%2Faw-cbsnews%2Fhome%2Fomni-skybox-sticky%22%7D%5D&cfgv=1&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.107.227 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-107-227.jfk50.r.cloudfront.net
Software
Server /
Resource Hash
89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://213.238.171.129.sslip.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 01:53:00 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 7edae070a6a25cc68c970c1111701a20.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
JFK50-P6
x-amz-rid
SATFM3WFAGNAB9PDTHJK
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://213.238.171.129.sslip.io
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
L9Fn7j_1qC_wHOORqZEVCmcqd-Qzc3fJJiA0pnJzOoc2pIyJKkEUMw==
imp
g2.gumgum.com/hbid/ 		2 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?lt=1701136380613&to=600&aun=omni-skybox-sticky&pubcid=1d52d2c4-845a-4f00-9b64-9499dbcd08a9&gpid=%2F8264%2Faw-cbsnews%2Fhome%23omni-skybox-sticky&pv=16d9958c-0276-4513-9e31-7f26f6f277af&fp=0.5&fpc=USD&t=1tmfhkyc&pi=2&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2F213.238.171.129.sslip.io%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%228.20.0%22%7D&ogu=https%3A%2F%2Fwww.cbsnews.com%2F&ns=10035
Requested by
Host: at.cbsi.com
URL: https://at.cbsi.com/lib/dist/prod/bidbarrel-cbsnews.min.js?adaptive=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.45.224.4 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-45-224-4.compute-1.amazonaws.com
Software
nginx /
Resource Hash
c180a56cbc9fb69f4a1441f0186406d4b0392405ba4d34ddcc02814f86183cd5

Request headers

Referer
https://213.238.171.129.sslip.io/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Tue, 28 Nov 2023 01:53:00 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://213.238.171.129.sslip.io
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
expires
0
prebid
krk2.kargo.com/api/v1/ 		0
399 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://krk2.kargo.com/api/v1/prebid
Requested by
Host: at.cbsi.com
URL: https://at.cbsi.com/lib/dist/prod/bidbarrel-cbsnews.min.js?adaptive=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.243.45.130 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-243-45-130.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://213.238.171.129.sslip.io/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
content-type
text/plain

Response headers

pragma
no-cache
date
Tue, 28 Nov 2023 01:53:00 GMT
content-encoding
gzip
x-accel-expires
0
nbr
505
vary
Accept-Encoding
access-control-allow-origin
https://213.238.171.129.sslip.io
cache-control
no-cache, no-store, no-transform, must-revalidate, private, max-age=0
access-control-allow-credentials
true
expires
Thu, 01 Jan 1970 00:00:00 UTC
ads
securepubads.g.doubleclick.net/gampad/ 		90 KB
26 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=461099647270165&correlator=983107256284392&eid=31079660%2C31079668%2C31079525&output=ldjh&gdfp_req=1&vrg=202311090101&ptt=17&impl=fifs&us_privacy=1YNN&tfcd=0&iu_parts=8264%2Caw-cbsnews%2Chome&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F2&prev_iu_szs=320x50%7C300x250%7C11x11%2C728x90%7C970x250%7C970x66&fluid=height%2C0&ifi=1&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1701136380630&lmt=1701135726&adxs=820%2C436&adys=850%2C2187&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C1&ucis=1%7C2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2F213.238.171.129.sslip.io%2F&vis=1&psz=300x279%7C1600x81&msz=300x0%7C1600x81&fws=0%2C0&ohw=0%2C0&ga_vid=1519339156.1701136381&ga_sid=1701136381&ga_hid=1671805396&ga_fc=false&dlt=1701136372665&idt=1551&ppid=%242a%2404%24K7MYxRab2dZBNdxvuFcgQ.bN0sdHlyBkEIsJgAhOmYXIrcaavTcde&prev_scp=pos%3Dtop%26sl%3Dmpu-flex-top%253FT-1000%26amznbid%3D2%26amznp%3D2%26iid%3Dunit%253Dmpu-flex-top%257Cvguid%253D5dc0a850-f78c-4d7b-b045-444db5b3fd59%257Cpv%253D1%7Cpos%3Dtop%26sl%3Dleader-plus-top%253FT-1000%26amznbid%3D2%26amznp%3D2%26iid%3Dunit%253Dleader-plus-top%257Cvguid%253D5dc0a850-f78c-4d7b-b045-444db5b3fd59%257Cpv%253D1&cust_params=firstpg%3D1%26session%3Db%26subses%3D1%26pv%3D1%26device%3Ddesktop%26platform%3Dweb%26ptype%3Dfront_door%26cid%3Dfront-door-new-views%26env%3Dprod_alt%26vguid%3D5dc0a850-f78c-4d7b-b045-444db5b3fd59%26m_data%3D0%26m_safety%3Dsafe%26m_categories%3Dmoat_safe%26m_mv%3DnoHistData%26m_gv%3DnoHistData&adks=2919948434%2C670352218&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:809::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5cd24aa713f15b00ff07b0701f02c156dc4db118988b965e09e352bdec0ea180
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://213.238.171.129.sslip.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 01:53:01 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
26234
x-xss-protection
0
google-lineitem-id
4817195905,-1
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138247487539,-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://213.238.171.129.sslip.io
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		10 KB
5 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=461099647270165&correlator=477836350496490&eid=31079660%2C31079668%2C31079525&output=ldjh&gdfp_req=1&vrg=202311090101&ptt=17&impl=fifs&us_privacy=1YNN&tfcd=0&iu_parts=8264%2Caw-cbsnews%2Chome&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&ifi=3&sfv=1-0-40&ists=1&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1701136380674&lmt=1701135726&adxs=800&adys=10&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2F213.238.171.129.sslip.io%2F&vis=1&psz=1600x112&msz=1600x0&fws=0&ohw=0&ga_vid=1519339156.1701136381&ga_sid=1701136381&ga_hid=1671805396&ga_fc=false&dlt=1701136372665&idt=1551&ppid=%242a%2404%24K7MYxRab2dZBNdxvuFcgQ.bN0sdHlyBkEIsJgAhOmYXIrcaavTcde&prev_scp=sl%3Dintromercial%253FT-1000%26iid%3Dunit%253Dintromercial%257Cvguid%253D5dc0a850-f78c-4d7b-b045-444db5b3fd59%257Cpv%253D1&cust_params=firstpg%3D1%26session%3Db%26subses%3D1%26pv%3D1%26device%3Ddesktop%26platform%3Dweb%26ptype%3Dfront_door%26cid%3Dfront-door-new-views%26env%3Dprod_alt%26vguid%3D5dc0a850-f78c-4d7b-b045-444db5b3fd59%26m_data%3D0%26m_safety%3Dsafe%26m_categories%3Dmoat_safe%26m_mv%3DnoHistData%26m_gv%3DnoHistData&adks=3753261041&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:809::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c377d1f0f67136e0a6b321a5809ad2dfa7848d70294324e3dbe5cb30fdd6a387
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://213.238.171.129.sslip.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 01:53:00 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4888
x-xss-protection
0
google-lineitem-id
5553065413
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138332840103
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://213.238.171.129.sslip.io
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202311090101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4008:80b::2002 Bradenton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e09b04e03caf2ef5c2f3fc9f407b579c41b0f91012bdb0652d1c46418d78c8d8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://213.238.171.129.sslip.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 01:53:00 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12185
x-xss-protection
0
container.html
194b924f7110d37d1d41f6d5fbfd923d.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 02B8 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://194b924f7110d37d1d41f6d5fbfd923d.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4008:805::2001 Bradenton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://213.238.171.129.sslip.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 28 Nov 2023 01:53:01 GMT
expires
Wed, 27 Nov 2024 01:53:01 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
usermatch
usersync.getpublica.com/ Frame D7B7
Redirect Chain
  • https://eb2.3lift.com/getuid?gdpr=&cmp_cs=&us_privacy=1YNN&redir=https%3A%2F%2Fusersync.getpublica.com%2Fusermatch%3Fprovider%3Dtriplelift%26did%3De219d0ab-f15d-4205-bd2a-5edb3f41f205%26TripleliftI...
  • https://usersync.getpublica.com/usermatch?provider=triplelift&did=e219d0ab-f15d-4205-bd2a-5edb3f41f205&TripleliftID=1960977007445951021668
0
129 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.getpublica.com/usermatch?provider=triplelift&did=e219d0ab-f15d-4205-bd2a-5edb3f41f205&TripleliftID=1960977007445951021668
Requested by
Host: usersync.getpublica.com
URL: https://usersync.getpublica.com/usersync?gpdr=0&consent=&us_privacy=1YNN
Protocol
H2
Server
35.169.174.253 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-169-174-253.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://usersync.getpublica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Nov 2023 01:53:01 GMT
cache-control
private, no-cache, no-store, must-revalidate, proxy-revalidate
content-length
0
vary
Origin
expires
0

Redirect headers

location
https://usersync.getpublica.com/usermatch?provider=triplelift&did=e219d0ab-f15d-4205-bd2a-5edb3f41f205&TripleliftID=1960977007445951021668
date
Tue, 28 Nov 2023 01:53:00 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
usermatch
usersync.getpublica.com/ Frame D7B7
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=publica&redir=https%3A%2F%2Fusersync.getpublica.com%2Fusermatch%3Fprovider%3Dunruly%26did%3De219d0ab-f15d-4205-bd2a-5edb3f41f205%26uid%3D%5BRX_UUID%5D&gdpr=...
  • https://sync.1rx.io/usersync2/rmpssp?sub=publica&zcc=1&redir=https%3A%2F%2Fusersync.getpublica.com%2Fusermatch%3Fprovider%3Dunruly%26did%3De219d0ab-f15d-4205-bd2a-5edb3f41f205%26uid%3D%5BRX_UUID%5D...
  • https://sync.targeting.unrulymedia.com/csync/RX-6d7d368c-feeb-4b59-b1dc-1945c652496a-005?redir=https%3A%2F%2Fusersync.getpublica.com%2Fusermatch%3Fprovider%3Dunruly%26did%3De219d0ab-f15d-4205-bd2a-...
  • https://usersync.getpublica.com/usermatch?provider=unruly&did=e219d0ab-f15d-4205-bd2a-5edb3f41f205&uid=RX-6d7d368c-feeb-4b59-b1dc-1945c652496a-005&us_privacy=1YNN
0
129 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.getpublica.com/usermatch?provider=unruly&did=e219d0ab-f15d-4205-bd2a-5edb3f41f205&uid=RX-6d7d368c-feeb-4b59-b1dc-1945c652496a-005&us_privacy=1YNN
Requested by
Host: usersync.getpublica.com
URL: https://usersync.getpublica.com/usersync?gpdr=0&consent=&us_privacy=1YNN
Protocol
H2
Server
35.169.174.253 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-169-174-253.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://usersync.getpublica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Nov 2023 01:53:02 GMT
cache-control
private, no-cache, no-store, must-revalidate, proxy-revalidate
content-length
0
vary
Origin
expires
0

Redirect headers

Date
Tue, 28 Nov 2023 01:53:01 GMT
Server
Tengine
ETag
RX6d7d368cfeeb4b59b1dc1945c652496a005
Transfer-Encoding
chunked
P3P
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
Location
https://usersync.getpublica.com/usermatch?provider=unruly&did=e219d0ab-f15d-4205-bd2a-5edb3f41f205&uid=RX-6d7d368c-feeb-4b59-b1dc-1945c652496a-005&us_privacy=1YNN
Content-Type
text/html
Connection
keep-alive
usermatch
usersync.getpublica.com/ Frame D7B7
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58549/occ?uid=e219d0ab-f15d-4205-bd2a-5edb3f41f205&gdpr=&gdpr_consent=&gdpr=&us_privacy=1YNN&consent=
  • https://usersync.getpublica.com/usermatch?provider=yahoo&did=e219d0ab-f15d-4205-bd2a-5edb3f41f205&YahooID=y-Vzh18XVE2uHxVaYQi_nSPiW8Pz7vaIwBta_y5fM-~A
0
129 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.getpublica.com/usermatch?provider=yahoo&did=e219d0ab-f15d-4205-bd2a-5edb3f41f205&YahooID=y-Vzh18XVE2uHxVaYQi_nSPiW8Pz7vaIwBta_y5fM-~A
Requested by
Host: usersync.getpublica.com
URL: https://usersync.getpublica.com/usersync?gpdr=0&consent=&us_privacy=1YNN
Protocol
H2
Server
35.169.174.253 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-169-174-253.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://usersync.getpublica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Nov 2023 01:53:01 GMT
cache-control
private, no-cache, no-store, must-revalidate, proxy-revalidate
content-length
0
vary
Origin
expires
0

Redirect headers

location
https://usersync.getpublica.com/usermatch?provider=yahoo&did=e219d0ab-f15d-4205-bd2a-5edb3f41f205&YahooID=y-Vzh18XVE2uHxVaYQi_nSPiW8Pz7vaIwBta_y5fM-~A
date
Tue, 28 Nov 2023 01:53:00 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.87
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
usermatch
usersync.getpublica.com/ Frame D7B7
Redirect Chain
  • https://ib.adnxs.com/getuid?https://usersync.getpublica.com/usermatch?provider=appnexus&did=e219d0ab-f15d-4205-bd2a-5edb3f41f205&appnexusID=$UID&gdpr=&us_privacy=1YNN&consent=
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fusersync.getpublica.com%2Fusermatch%3Fprovider%3Dappnexus%26did%3De219d0ab-f15d-4205-bd2a-5edb3f41f205%26appnexusID%3D%24UID%26gdpr%3D%26us_pri...
  • https://usersync.getpublica.com/usermatch?provider=appnexus&did=e219d0ab-f15d-4205-bd2a-5edb3f41f205&appnexusID=3056755399233263756&gdpr=&us_privacy=1YNN&consent=
0
129 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.getpublica.com/usermatch?provider=appnexus&did=e219d0ab-f15d-4205-bd2a-5edb3f41f205&appnexusID=3056755399233263756&gdpr=&us_privacy=1YNN&consent=
Requested by
Host: usersync.getpublica.com
URL: https://usersync.getpublica.com/usersync?gpdr=0&consent=&us_privacy=1YNN
Protocol
H2
Server
35.169.174.253 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-169-174-253.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://usersync.getpublica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Nov 2023 01:53:01 GMT
cache-control
private, no-cache, no-store, must-revalidate, proxy-revalidate
content-length
0
vary
Origin
expires
0

Redirect headers

pragma
no-cache
date
Tue, 28 Nov 2023 01:53:00 GMT
an-x-request-uuid
86527c72-2323-4765-b41e-fbd02d7ea577
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://usersync.getpublica.com/usermatch?provider=appnexus&did=e219d0ab-f15d-4205-bd2a-5edb3f41f205&appnexusID=3056755399233263756&gdpr=&us_privacy=1YNN&consent=
x-proxy-origin
206.66.96.134; 206.66.96.134; 672.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
user-registering
ads.stickyadstv.com/ Frame D7B7 		43 B
659 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.stickyadstv.com/user-registering?dataProviderId=1297&userId=e219d0ab-f15d-4205-bd2a-5edb3f41f205&gdpr=&us_privacy=1YNN&consent=
Requested by
Host: usersync.getpublica.com
URL: https://usersync.getpublica.com/usersync?gpdr=0&consent=&us_privacy=1YNN
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
63.251.28.134 Secaucus, United States, ASN26558 (FREEWHEEL, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://usersync.getpublica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 28 Nov 2023 01:53:01 GMT
Server
nginx
Transfer-Encoding
chunked
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
x-sticky-vk
1701136381072035-180
xuid
eb2.3lift.com/ Frame 2B89
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=3658&xuid=b3c3d956-bdf4-48cc-a145-56097a595da9&dongle=0cfd&gdpr=0&gdpr_consent=
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=3658&xuid=b3c3d956-bdf4-48cc-a145-56097a595da9&dongle=0cfd&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fpbs.at.cbsi.com%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID&ld=1
Protocol
H2
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-type
image/gif
date
Tue, 28 Nov 2023 01:53:00 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
https://eb2.3lift.com/xuid?mid=3658&xuid=b3c3d956-bdf4-48cc-a145-56097a595da9&dongle=0cfd&gdpr=0&gdpr_consent=
date
Tue, 28 Nov 2023 01:53:00 GMT
server
Kestrel
content-length
251
ebda
eb2.3lift.com/ Frame 2B89
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MTk2MDk3NzAwNzQ0NTk1MTAyMTY2OA%3D%3D
  • https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fpbs.at.cbsi.com%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID&ld=1
Protocol
H2
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 01:53:00 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif

Redirect headers

pragma
no-cache
date
Tue, 28 Nov 2023 01:53:00 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
248
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
xuid
eb2.3lift.com/ Frame 2B89
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEOAAL1IguK21lsfUwGZNfAA&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEOAAL1IguK21lsfUwGZNfAA&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fpbs.at.cbsi.com%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID&ld=1
Protocol
H2
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-type
image/gif
date
Tue, 28 Nov 2023 01:53:00 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Tue, 28 Nov 2023 01:53:00 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEOAAL1IguK21lsfUwGZNfAA&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
332
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 2B89
Redirect Chain
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MTk2MDk3NzAwNzQ0NTk1MTAyMTY2OA%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MTk2MDk3NzAwNzQ0NTk1MTAyMTY2OA%3D%3D
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fpbs.at.cbsi.com%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID&ld=1
Protocol
H3
Server
142.250.64.226 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
mia07s57-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Nov 2023 01:53:00 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MTk2MDk3NzAwNzQ0NTk1MTAyMTY2OA%3D%3D
date
Tue, 28 Nov 2023 01:53:00 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
setuid
px.ads.linkedin.com/ Frame 2B89 		0
629 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=1960977007445951021668&dbredirect=true&gdpr=0&consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fpbs.at.cbsi.com%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID&ld=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 01:53:00 GMT
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: FDBE86453C7B405CBA123DCE4C949291 Ref B: PHL30EDGE0108 Ref C: 2023-11-28T01:53:00Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-ltx1
x-li-proto
http/2
content-length
0
x-li-uuid
AAYLLK2ypZd4HcL5JahDcw==
xuid
eb2.3lift.com/ Frame 2B89
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/1960977007445951021668?gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-hjr4rBNE2oTNp.XVdiq_eChOrXeZPLUgD8HKS5kigQ--~A&dongle=0883
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2662&xuid=y-hjr4rBNE2oTNp.XVdiq_eChOrXeZPLUgD8HKS5kigQ--~A&dongle=0883
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fpbs.at.cbsi.com%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID&ld=1
Protocol
H2
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-type
image/gif
date
Tue, 28 Nov 2023 01:53:01 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

date
Tue, 28 Nov 2023 01:53:01 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://eb2.3lift.com/xuid?mid=2662&xuid=y-hjr4rBNE2oTNp.XVdiq_eChOrXeZPLUgD8HKS5kigQ--~A&dongle=0883
content-length
0
sync
x.bidswitch.net/ Frame 2B89 		43 B
235 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=triplelift&user_id=1960977007445951021668&gdpr=0&gdpr_consent=${GDPR_CONSENT}
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fpbs.at.cbsi.com%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID&ld=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.211.178.172 North Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
172.178.211.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Tue, 28 Nov 2023 01:53:01 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
usersync.aspx
dis.criteo.com/dis/ Frame 2B89 		43 B
363 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=44&p=75&cp=triplelift&cu=1&gdpr=0&gdpr_consent=&us_privacy=&gpp=${GPP_STRING_28}&gpp_sid=&url=https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D2711%26xuid%3D%40%40CRITEO_USERID%40%40%26dongle%3D013b
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fpbs.at.cbsi.com%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID&ld=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.150 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Nov 2023 01:53:00 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
299885
expires
Tue, 28 Nov 2023 00:00:00 GMT
xuid
eb2.3lift.com/ Frame 2B89
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3335%26xuid%3D%24UID%26dongle%3D4d58%26gdpr=0%26gdpr_consent=
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Feb2.3lift.com%252Fxuid%253Fmid%253D3335%2526xuid%253D%2524UID%2526dongle%253D4d58%2526gdpr%3D0%2526gdpr_consent%3D
  • https://eb2.3lift.com/xuid?mid=3335&xuid=3056755399233263756&dongle=4d58&gdpr=0&gdpr_consent=
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=3335&xuid=3056755399233263756&dongle=4d58&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fpbs.at.cbsi.com%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID&ld=1
Protocol
H2
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-type
image/gif
date
Tue, 28 Nov 2023 01:53:00 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Tue, 28 Nov 2023 01:53:00 GMT
an-x-request-uuid
86f6802b-98b8-469d-9e0a-12d8fa4c88ed
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://eb2.3lift.com/xuid?mid=3335&xuid=3056755399233263756&dongle=4d58&gdpr=0&gdpr_consent=
x-proxy-origin
206.66.96.134; 206.66.96.134; 672.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
setuid
ib.adnxs.com/prebid/ Frame 2B89 		43 B
960 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/prebid/setuid?bidder=triplelift_native&gdpr=0&gdpr_consent=&uid=1960977007445951021668
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fpbs.at.cbsi.com%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID&ld=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.114 Brooklyn, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
672.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Nov 2023 01:53:00 GMT
an-x-request-uuid
cc3706da-7c6c-448a-8a49-945e33753905
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
206.66.96.134; 206.66.96.134; 672.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
setuid
pbs.at.cbsi.com/ Frame 2B89 		0
283 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbs.at.cbsi.com/setuid?bidder=triplelift&gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&f=b&uid=1960977007445951021668
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?gdpr=&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fpbs.at.cbsi.com%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D%24UID&ld=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.75.29.188 Ashburn, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-cache-hits
0
pragma
no-cache
date
Tue, 28 Nov 2023 01:53:00 GMT
via
1.1 varnish
x-served-by
cache-iad-kiad7000034-IAD
x-timer
S1701136381.795522,VS0,VE5
vary
Accept-Encoding
x-cache
MISS
content-type
text/html
cache-control
no-cache, no-store, must-revalidate
accept-ranges
bytes
content-length
0
expires
0
ads
securepubads.g.doubleclick.net/gampad/ 		46 KB
12 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=461099647270165&correlator=2194272094580230&eid=31079660%2C31079668%2C31079525&output=ldjh&gdfp_req=1&vrg=202311090101&ptt=17&impl=fifs&us_privacy=1YNN&tfcd=0&iu_parts=8264%2Caw-cbsnews%2Chome&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=320x50%7C300x250%7C11x11&fluid=height&ifi=4&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1701136380753&lmt=1701135726&adxs=820&adys=1828&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=2&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2F213.238.171.129.sslip.io%2F&vis=1&psz=300x279&msz=300x0&fws=0&ohw=0&ga_vid=1519339156.1701136381&ga_sid=1701136381&ga_hid=1671805396&ga_fc=false&dlt=1701136372665&idt=1551&ppid=%242a%2404%24K7MYxRab2dZBNdxvuFcgQ.bN0sdHlyBkEIsJgAhOmYXIrcaavTcde&prev_scp=category%3Dmore-top-stories%26pos%3Dinc%26strnativekey%3DQtuXKgEi762dWHfanZwHmxDy%26native%3Dtrad%2520direct%26sl%3Dmpu-flex-inc%253FLL%257CT-1000%26amznbid%3D2%26amznp%3D2%26iid%3Dunit%253Dmpu-flex-inc2%257Cvguid%253D5dc0a850-f78c-4d7b-b045-444db5b3fd59%257Cpv%253D1&cust_params=firstpg%3D1%26session%3Db%26subses%3D1%26pv%3D1%26device%3Ddesktop%26platform%3Dweb%26ptype%3Dfront_door%26cid%3Dfront-door-new-views%26env%3Dprod_alt%26vguid%3D5dc0a850-f78c-4d7b-b045-444db5b3fd59%26m_data%3D0%26m_safety%3Dsafe%26m_categories%3Dmoat_safe%26m_mv%3DnoHistData%26m_gv%3DnoHistData&adks=44282307&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:809::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
aec5da9cdb9e79a51a88df05c40fb806707c735235503b7b4a0a47ae81957af5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://213.238.171.129.sslip.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 01:53:01 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11789
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://213.238.171.129.sslip.io
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		82 KB
18 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=461099647270165&correlator=1257211291484685&eid=31079660%2C31079668%2C31079525&output=ldjh&gdfp_req=1&vrg=202311090101&ptt=17&impl=fifs&us_privacy=1YNN&tfcd=0&iu_parts=8264%2Caw-cbsnews%2Chome&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=320x50%7C300x250%7C11x11&fluid=height&ifi=5&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1701136380756&lmt=1701135726&adxs=1160&adys=2846&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=3&ucis=5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2F213.238.171.129.sslip.io%2F&vis=1&psz=300x279&msz=300x0&fws=0&ohw=0&ga_vid=1519339156.1701136381&ga_sid=1701136381&ga_hid=1671805396&ga_fc=false&dlt=1701136372665&idt=1551&ppid=%242a%2404%24K7MYxRab2dZBNdxvuFcgQ.bN0sdHlyBkEIsJgAhOmYXIrcaavTcde&prev_scp=category%3Disrael-gaza-war%26pos%3Dinc%26strnativekey%3DQtuXKgEi762dWHfanZwHmxDy%26native%3Dtrad%2520direct%26sl%3Dmpu-flex-inc%253FLL%257CT-1000%26amznbid%3D2%26amznp%3D2%26iid%3Dunit%253Dmpu-flex-inc3%257Cvguid%253D5dc0a850-f78c-4d7b-b045-444db5b3fd59%257Cpv%253D1&cust_params=firstpg%3D1%26session%3Db%26subses%3D1%26pv%3D1%26device%3Ddesktop%26platform%3Dweb%26ptype%3Dfront_door%26cid%3Dfront-door-new-views%26env%3Dprod_alt%26vguid%3D5dc0a850-f78c-4d7b-b045-444db5b3fd59%26m_data%3D0%26m_safety%3Dsafe%26m_categories%3Dmoat_safe%26m_mv%3DnoHistData%26m_gv%3DnoHistData&adks=44282306&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:809::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
273a73c9ca47f744f0362898c233679d982bb7aff18e52ed31e406512f85d97e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://213.238.171.129.sslip.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 01:53:01 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18399
x-xss-protection
0
google-lineitem-id
6409609095
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138453610355
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://213.238.171.129.sslip.io
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
videoplayback
r3---sn-vgqsrn66.googlevideo.com/ Frame 0C7C
Redirect Chain
  • https://dai.google.com/linear/pods/v1/p/Sid4xiTQTkCT1SLu6rjUSQ/256b38fd-8ed9-4188-8f15-081c15139a16:CBF2/289997/0/3/a2490d3c744cd6c7e5676ecfc6956ee9/2.ts
  • https://r3---sn-vgqsrn66.googlevideo.com/videoplayback?expire=1701222777&ei=-UdlZev7M9ejir4Pq52RmAQ&ip=0.0.0.0&gomv=google_1053790928596539081%2Cgoogle_3084581355319042694%2Cgoogle_8009495976067089...
227 KB
227 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://r3---sn-vgqsrn66.googlevideo.com/videoplayback?expire=1701222777&ei=-UdlZev7M9ejir4Pq52RmAQ&ip=0.0.0.0&gomv=google_1053790928596539081%2Cgoogle_3084581355319042694%2Cgoogle_8009495976067089511%2Cgoogle_9081477706638390454%2Cgoogle_4352406798680671331&goc=13&requiressl=yes&ogomt=-5100,-4100,-3100,-2100,-1100,-100&mime=video/MP2T&sgovp=gir%3Dyes%3Bitag%3D340%3Bxtags%3Dvc%3Davc%3Avccf%3Dmain%3Avfr%3D29.97%3Avsz%3D320x180%3Avtbr%3D160%3Bclen%3D614378%3Bdur%3D30030%3Blmt%3D1695731641307828&itag=340&nc=8264&ogoms=dRxwMlk6P2yVgO_OSlZjwg&faskm=468&fvskm=150&acao=yes&ogomk=hk1&gomt=100%2C7507%2C14765%2C22522%2C29030&sgoap=gir%3Dyes%3Bitag%3D340%3Bxtags%3Dac%3Daac%3Aaccf%3Dlc%3Aach%3D2%3Aasr%3D48000%3Aatbr%3D128%3Bclen%3D488599%3Bdur%3D30080%3Blmt%3D1695731620829872&ctier=L&source=dclk_video_ads&id=cfc512097d242da6&susc=dvc&xpc=Eghovf3BOnoBAQ==&sparams=expire,ei,ip,gomv,goc,requiressl,ogomt,mime,sgovp,itag,ogoms,faskm,fvskm,acao,ogomk,gomt,sgoap,ctier,source,id,susc,xpc&sig=ANLwegAwRQIhAJEk5Uyu8NEdEHhRw0gtGhRr_SqvdYIlkSmQlMoHqBrbAiBrq4RVrOyvacRS52IdWWOhbbSsVXUut72Fgb7CZg1XCw==&mh=N2&mip=2600:803:a88:1134::134&mm=34&mn=sn-vgqsrn66&ms=ltu&mt=1701135529&mv=u&mvi=3&pl=58&rmhost=r4---sn-vgqsrn66.googlevideo.com&shardbypass=md-default&smhost=r5---sn-vgqsrn67.googlevideo.com&lsparams=mh,mip,mm,mn,ms,mv,mvi,pl,rmhost,shardbypass,smhost&lsig=AM8Gb2swRgIhAPTrj7pKu19a4FWaKsZc1RW1J3p1xJy-EuDRjbS4H4V5AiEAg2NaSSR5Jf4nfDtmK0lvX1nCWXYbfPn9XEObj1WoSeU%3D&fvidshow=150&fvidskip=0&govp=slices%3D0-738%2C205358-307199&faudshow=235&faudskip=1&goap=slices%3D0-631%2C162803-324818&ogomm=16000&cpn=JWs4_Y7ZQYiPFQgc
Protocol
H3
Server
2607:f8b0:4009:2e::8 Bolingbrook, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gvs 1.0 /
Resource Hash
66986c476e0ca6bcb95c2427dd2ce792b98c2ff653ce85b022db41b6ca787b57
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cbsnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

client-protocol
quic
date
Tue, 28 Nov 2023 01:53:00 GMT
x-content-type-options
nosniff
last-modified
Tue, 26 Sep 2023 12:34:01 GMT
server
gvs 1.0
vary
Origin
content-type
video/MP2T
access-control-allow-origin
null
access-control-expose-headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control
private, max-age=86097
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
null
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
expires
Tue, 28 Nov 2023 01:53:00 GMT

Redirect headers

date
Tue, 28 Nov 2023 01:53:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23
x-xss-protection
0
pragma
no-cache
x-frame-options
SAMEORIGIN
content-type
, text/html; charset=UTF-8, text/html; charset=UTF-8
access-control-allow-origin
https://www.cbsnews.com
location
https://r3---sn-vgqsrn66.googlevideo.com/videoplayback?expire=1701222777&ei=-UdlZev7M9ejir4Pq52RmAQ&ip=0.0.0.0&gomv=google_1053790928596539081%2Cgoogle_3084581355319042694%2Cgoogle_8009495976067089511%2Cgoogle_9081477706638390454%2Cgoogle_4352406798680671331&goc=13&requiressl=yes&ogomt=-5100,-4100,-3100,-2100,-1100,-100&mime=video/MP2T&sgovp=gir%3Dyes%3Bitag%3D340%3Bxtags%3Dvc%3Davc%3Avccf%3Dmain%3Avfr%3D29.97%3Avsz%3D320x180%3Avtbr%3D160%3Bclen%3D614378%3Bdur%3D30030%3Blmt%3D1695731641307828&itag=340&nc=8264&ogoms=dRxwMlk6P2yVgO_OSlZjwg&faskm=468&fvskm=150&acao=yes&ogomk=hk1&gomt=100%2C7507%2C14765%2C22522%2C29030&sgoap=gir%3Dyes%3Bitag%3D340%3Bxtags%3Dac%3Daac%3Aaccf%3Dlc%3Aach%3D2%3Aasr%3D48000%3Aatbr%3D128%3Bclen%3D488599%3Bdur%3D30080%3Blmt%3D1695731620829872&ctier=L&source=dclk_video_ads&id=cfc512097d242da6&susc=dvc&xpc=Eghovf3BOnoBAQ==&sparams=expire,ei,ip,gomv,goc,requiressl,ogomt,mime,sgovp,itag,ogoms,faskm,fvskm,acao,ogomk,gomt,sgoap,ctier,source,id,susc,xpc&sig=ANLwegAwRQIhAJEk5Uyu8NEdEHhRw0gtGhRr_SqvdYIlkSmQlMoHqBrbAiBrq4RVrOyvacRS52IdWWOhbbSsVXUut72Fgb7CZg1XCw==&mh=N2&mip=2600:803:a88:1134::134&mm=34&mn=sn-vgqsrn66&ms=ltu&mt=1701135529&mv=u&mvi=3&pl=58&rmhost=r4---sn-vgqsrn66.googlevideo.com&shardbypass=md-default&smhost=r5---sn-vgqsrn67.googlevideo.com&lsparams=mh,mip,mm,mn,ms,mv,mvi,pl,rmhost,shardbypass,smhost&lsig=AM8Gb2swRgIhAPTrj7pKu19a4FWaKsZc1RW1J3p1xJy-EuDRjbS4H4V5AiEAg2NaSSR5Jf4nfDtmK0lvX1nCWXYbfPn9XEObj1WoSeU%3D&fvidshow=150&fvidskip=0&govp=slices%3D0-738%2C205358-307199&faudshow=235&faudskip=1&goap=slices%3D0-631%2C162803-324818&ogomm=16000&cpn=JWs4_Y7ZQYiPFQgc
access-control-expose-headers
Location
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Authorization
expires
Mon, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		31 KB
12 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=461099647270165&correlator=2878242457150244&eid=31079660%2C31079668%2C31079525&output=ldjh&gdfp_req=1&vrg=202311090101&ptt=17&impl=fifs&us_privacy=1YNN&tfcd=0&iu_parts=8264%2Caw-cbsnews%2Chome&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=6x6%7C5x5&ifi=6&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1701136380846&lmt=1701135726&adxs=797&adys=10&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=-600&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2F213.238.171.129.sslip.io%2F&vis=1&psz=1600x112&msz=1600x0&fws=0&ohw=0&ga_vid=1519339156.1701136381&ga_sid=1701136381&ga_hid=1671805396&ga_fc=false&dlt=1701136372665&idt=1551&ppid=%242a%2404%24K7MYxRab2dZBNdxvuFcgQ.bN0sdHlyBkEIsJgAhOmYXIrcaavTcde&prev_scp=pos%3Dsticky%26sl%3Domni-skybox-sticky%253FT-1000%26amznbid%3D2%26amznp%3D2%26iid%3Dunit%253Domni-skybox-sticky%257Cvguid%253D5dc0a850-f78c-4d7b-b045-444db5b3fd59%257Cpv%253D1&cust_params=firstpg%3D1%26session%3Db%26subses%3D1%26pv%3D1%26device%3Ddesktop%26platform%3Dweb%26ptype%3Dfront_door%26cid%3Dfront-door-new-views%26env%3Dprod_alt%26vguid%3D5dc0a850-f78c-4d7b-b045-444db5b3fd59%26m_data%3D0%26m_safety%3Dsafe%26m_categories%3Dmoat_safe%26m_mv%3DnoHistData%26m_gv%3DnoHistData&adks=1533326391&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:809::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2b4deeee8c622668eae11700ede39f55aec92cdd6bda3173b81f6e3e446e1e4c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://213.238.171.129.sslip.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 01:53:00 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12760
x-xss-protection
0
google-lineitem-id
6221094913
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138423088060
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://213.238.171.129.sslip.io
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
iframebuster.js
assets.bounceexchange.com/assets/bounce/ Frame 01C7 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.bounceexchange.com/assets/bounce/iframebuster.js
Requested by
Host: 213.238.171.129.sslip.io
URL: https://213.238.171.129.sslip.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.72.95 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
95.72.98.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
329c9c7026d1c9423b642686137df4cd4e720aecb0059ed286a5bb1b520b9fc9

Request headers

accept-language
en-US,en;q=0.9
Referer
https://213.238.171.129.sslip.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 15 Nov 2023 21:38:45 GMT
content-encoding
br
age
1052056
x-guploader-uploadid
ABPtcPp2USczV8Javz_aWFeY6rea4lPZRZCsuQUnWvs0CXGQB7xuQYifone-Kl7uLT9Ebe6MpAVQM8FeOpeARxrDv_vbiAH5zaRg
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
834
last-modified
Mon, 13 Nov 2023 15:33:19 GMT
server
UploadServer
etag
W/"e834a0cd12abffd04acda8e08953a77a"
vary
Accept-Encoding
x-goog-generation
1699889599065515
x-goog-hash
crc32c=PdRfKg==, md5=6DSgzRKr/9BKzajgiVOneg==
access-control-allow-origin
*
access-control-expose-headers
etag, Content-Type
cache-control
public,max-age=31536000
x-goog-stored-content-length
2317
accept-ranges
none
content-type
text/javascript; charset=UTF-8
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4008:800::2001 Bradenton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://213.238.171.129.sslip.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 01:53:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 28 Nov 2023 01:53:01 GMT
setuid
pbs.at.cbsi.com/
Redirect Chain
  • https://ads.yieldmo.com/pbsync?gdpr=&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fpbs.at.cbsi.com%2Fsetuid%3Fbidder%3Dyieldmo%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3...
  • https://pbs.at.cbsi.com/setuid?bidder=yieldmo&gpp=&gpp_sid=&f=i&uid=3FAkaVUEEkUN3KjKU0UN&gdpr=&gdpr_consent=&us_privacy=
86 B
471 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbs.at.cbsi.com/setuid?bidder=yieldmo&gpp=&gpp_sid=&f=i&uid=3FAkaVUEEkUN3KjKU0UN&gdpr=&gdpr_consent=&us_privacy=
Protocol
H2
Server
146.75.29.188 Ashburn, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language
en-US,en;q=0.9
Referer
https://213.238.171.129.sslip.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-cache-hits
0
pragma
no-cache
date
Tue, 28 Nov 2023 01:53:01 GMT
content-encoding
gzip
via
1.1 varnish
expires
0
x-timer
S1701136382.536133,VS0,VE6
x-cache
MISS
content-type
image/png
cache-control
no-cache, no-store, must-revalidate
accept-ranges
bytes
x-served-by
cache-iad-kiad7000034-IAD

Redirect headers

pragma
no-cache
date
Tue, 28 Nov 2023 01:53:01 GMT
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/json;charset=utf-8
location
https://pbs.at.cbsi.com/setuid?bidder=yieldmo&gpp=&gpp_sid=&f=i&uid=3FAkaVUEEkUN3KjKU0UN&gdpr=&gdpr_consent=&us_privacy=
access-control-allow-origin
*
access-control-allow-headers
Cache-Control, Pragma, *
content-length
0
view
securepubads.g.doubleclick.net/pcs/ Frame 6F97 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvULzvvonMh4_7MJPdYCVoOoxC326TMsS8jmH_wpXVXxeHpp7ZoLgxdLO_PC6fLv_M8YmbgNbmhX7pzoiXcw9em7MHAofQSqdCex7jrVjltyKLAZnZui46vOQ0PNpZUZEIi1zUOMnr-v2VdCFDMGmh2hOoZ2Rq60pV8fBk7v0TVyawV6MOxyax28DhAbkGOPVf8NpV5F90VGgMQG7EpdZ_gbg0o8NUWc6xbXn5m_rfppYd5tn7KWPRfdKSCZNcsoCB0mKsKvGFhqSBPRuTAGpArkyeeiaTg_bd2uEH0IV1gorvsXOH-ikKyIH6hQqUIfOldHescVS1kDvE10RuQfp9mgXrfC9NpcdG9GQIRGv4&sai=AMfl-YQtErXgdkQ8AbEBFRch4JgWOJ80pA8aU5jTFkdqOmkzCgYOuEihG9Zk9yH4evtYQcrgKR3qSnYEDpJdw6VUWLPqVkZ4hW70HSuNvEhF9tsD20_whuA6-IL-9JTo7RpN-4i9NFx_jWcN03REVZb_WhA&sig=Cg0ArKJSzIsYuzzHwA9UEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Requested by
Host: 213.238.171.129.sslip.io
URL: https://213.238.171.129.sslip.io/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:809::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://213.238.171.129.sslip.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 01:53:01 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
infolinks_main.js
resources.infolinks.com/js/ Frame 6F97 		4 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://resources.infolinks.com/js/infolinks_main.js
Requested by
Host: 213.238.171.129.sslip.io
URL: https://213.238.171.129.sslip.io/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0a2877d35b782162338bb95faedfa08559e23788db9d926e97da4d0efd2dbfc5

Request headers

accept-language
en-US,en;q=0.9
Referer
https://213.238.171.129.sslip.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 01:53:01 GMT
via
1.1 google
content-encoding
gzip
cf-cache-status
HIT
last-modified
Tue, 14 Nov 2023 15:31:57 GMT
server
cloudflare
age
8358
etag
W/"1045-60a1e7cae1276"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600
cf-ray
82cef98e581a8c51-EWR
expires
Tue, 28 Nov 2023 00:33:43 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 6F97 		202 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: 213.238.171.129.sslip.io
URL: https://213.238.171.129.sslip.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:821::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://213.238.171.129.sslip.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 01:53:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65070
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1700193896630564"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 28 Nov 2023 01:53:01 GMT
moatad.js
z.moatads.com/cbsdfp5832910442/ Frame 6F97 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://z.moatads.com/cbsdfp5832910442/moatad.js
Requested by
Host: 213.238.171.129.sslip.io
URL: https://213.238.171.129.sslip.io/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.51.54.26 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-51-54-26.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
6eadf9bc0090490438da45de316253bdebd58ad4908bb8d3676d512ef0ba83bb

Request headers

accept-language
en-US,en;q=0.9
Referer
https://213.238.171.129.sslip.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 01:53:01 GMT
content-encoding
gzip
last-modified
Tue, 31 Oct 2023 08:17:47 GMT
server
AmazonS3
x-amz-request-id
PGV5Y3BQVD7ZTNGV
etag
"12c0ac6164630b071f36af950d689cf8"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=31790
accept-ranges
bytes
content-length
3977
x-amz-id-2
l5mPv/1ny8JRWA8Wwp73GsNmvX0i7g5/oKKcRvZrzt40mhKDREcywUcUWes5eYAxu60I//xAhYc=
videoplayback
r3---sn-vgqsrn66.googlevideo.com/ Frame 0C7C
Redirect Chain
  • https://dai.google.com/linear/pods/v1/p/Sid4xiTQTkCT1SLu6rjUSQ/256b38fd-8ed9-4188-8f15-081c15139a16:CBF2/289997/0/3/a2490d3c744cd6c7e5676ecfc6956ee9/3.ts
  • https://r3---sn-vgqsrn66.googlevideo.com/videoplayback?expire=1701222777&ei=-UdlZev7M9ejir4Pq52RmAQ&ip=0.0.0.0&gomv=google_1053790928596539081%2Cgoogle_3084581355319042694%2Cgoogle_8009495976067089...
227 KB
227 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://r3---sn-vgqsrn66.googlevideo.com/videoplayback?expire=1701222777&ei=-UdlZev7M9ejir4Pq52RmAQ&ip=0.0.0.0&gomv=google_1053790928596539081%2Cgoogle_3084581355319042694%2Cgoogle_8009495976067089511%2Cgoogle_9081477706638390454%2Cgoogle_4352406798680671331&goc=13&requiressl=yes&ogomt=-5100,-4100,-3100,-2100,-1100,-100&mime=video/MP2T&sgovp=gir%3Dyes%3Bitag%3D340%3Bxtags%3Dvc%3Davc%3Avccf%3Dmain%3Avfr%3D29.97%3Avsz%3D320x180%3Avtbr%3D160%3Bclen%3D614378%3Bdur%3D30030%3Blmt%3D1695731641307828&itag=340&nc=8264&ogoms=dRxwMlk6P2yVgO_OSlZjwg&faskm=468&fvskm=150&acao=yes&ogomk=hk1&gomt=100%2C7507%2C14765%2C22522%2C29030&sgoap=gir%3Dyes%3Bitag%3D340%3Bxtags%3Dac%3Daac%3Aaccf%3Dlc%3Aach%3D2%3Aasr%3D48000%3Aatbr%3D128%3Bclen%3D488599%3Bdur%3D30080%3Blmt%3D1695731620829872&ctier=L&source=dclk_video_ads&id=cfc512097d242da6&susc=dvc&xpc=Eghovf3BOnoBAQ==&sparams=expire,ei,ip,gomv,goc,requiressl,ogomt,mime,sgovp,itag,ogoms,faskm,fvskm,acao,ogomk,gomt,sgoap,ctier,source,id,susc,xpc&sig=ANLwegAwRQIhAJEk5Uyu8NEdEHhRw0gtGhRr_SqvdYIlkSmQlMoHqBrbAiBrq4RVrOyvacRS52IdWWOhbbSsVXUut72Fgb7CZg1XCw==&mh=N2&mip=2600:803:a88:1134::134&mm=34&mn=sn-vgqsrn66&ms=ltu&mt=1701135529&mv=u&mvi=3&pl=58&rmhost=r4---sn-vgqsrn66.googlevideo.com&shardbypass=md-default&smhost=r5---sn-vgqsrn67.googlevideo.com&lsparams=mh,mip,mm,mn,ms,mv,mvi,pl,rmhost,shardbypass,smhost&lsig=AM8Gb2swRgIhAPTrj7pKu19a4FWaKsZc1RW1J3p1xJy-EuDRjbS4H4V5AiEAg2NaSSR5Jf4nfDtmK0lvX1nCWXYbfPn9XEObj1WoSeU%3D&fvidshow=150&fvidskip=0&govp=slices%3D0-738%2C307200-409663&faudshow=234&faudskip=236&goap=slices%3D0-631%2C162803-486666&ogomm=21000&cpn=JWs4_Y7ZQYiPFQgc
Protocol
H3
Server
2607:f8b0:4009:2e::8 Bolingbrook, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gvs 1.0 /
Resource Hash
e69e5a763c8b5cd21f2cbaa441fb935010ea926de8b6c6b1400f585bbf53d67a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cbsnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

client-protocol
quic
date
Tue, 28 Nov 2023 01:53:01 GMT
x-content-type-options
nosniff
last-modified
Tue, 26 Sep 2023 12:34:01 GMT
server
gvs 1.0
vary
Origin
content-type
video/MP2T
access-control-allow-origin
null
access-control-expose-headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control
private, max-age=86096
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
null
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
expires
Tue, 28 Nov 2023 01:53:01 GMT

Redirect headers

date
Tue, 28 Nov 2023 01:53:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23
x-xss-protection
0
pragma
no-cache
x-frame-options
SAMEORIGIN
content-type
, text/html; charset=UTF-8, text/html; charset=UTF-8
access-control-allow-origin
https://www.cbsnews.com
location
https://r3---sn-vgqsrn66.googlevideo.com/videoplayback?expire=1701222777&ei=-UdlZev7M9ejir4Pq52RmAQ&ip=0.0.0.0&gomv=google_1053790928596539081%2Cgoogle_3084581355319042694%2Cgoogle_8009495976067089511%2Cgoogle_9081477706638390454%2Cgoogle_4352406798680671331&goc=13&requiressl=yes&ogomt=-5100,-4100,-3100,-2100,-1100,-100&mime=video/MP2T&sgovp=gir%3Dyes%3Bitag%3D340%3Bxtags%3Dvc%3Davc%3Avccf%3Dmain%3Avfr%3D29.97%3Avsz%3D320x180%3Avtbr%3D160%3Bclen%3D614378%3Bdur%3D30030%3Blmt%3D1695731641307828&itag=340&nc=8264&ogoms=dRxwMlk6P2yVgO_OSlZjwg&faskm=468&fvskm=150&acao=yes&ogomk=hk1&gomt=100%2C7507%2C14765%2C22522%2C29030&sgoap=gir%3Dyes%3Bitag%3D340%3Bxtags%3Dac%3Daac%3Aaccf%3Dlc%3Aach%3D2%3Aasr%3D48000%3Aatbr%3D128%3Bclen%3D488599%3Bdur%3D30080%3Blmt%3D1695731620829872&ctier=L&source=dclk_video_ads&id=cfc512097d242da6&susc=dvc&xpc=Eghovf3BOnoBAQ==&sparams=expire,ei,ip,gomv,goc,requiressl,ogomt,mime,sgovp,itag,ogoms,faskm,fvskm,acao,ogomk,gomt,sgoap,ctier,source,id,susc,xpc&sig=ANLwegAwRQIhAJEk5Uyu8NEdEHhRw0gtGhRr_SqvdYIlkSmQlMoHqBrbAiBrq4RVrOyvacRS52IdWWOhbbSsVXUut72Fgb7CZg1XCw==&mh=N2&mip=2600:803:a88:1134::134&mm=34&mn=sn-vgqsrn66&ms=ltu&mt=1701135529&mv=u&mvi=3&pl=58&rmhost=r4---sn-vgqsrn66.googlevideo.com&shardbypass=md-default&smhost=r5---sn-vgqsrn67.googlevideo.com&lsparams=mh,mip,mm,mn,ms,mv,mvi,pl,rmhost,shardbypass,smhost&lsig=AM8Gb2swRgIhAPTrj7pKu19a4FWaKsZc1RW1J3p1xJy-EuDRjbS4H4V5AiEAg2NaSSR5Jf4nfDtmK0lvX1nCWXYbfPn9XEObj1WoSeU%3D&fvidshow=150&fvidskip=0&govp=slices%3D0-738%2C307200-409663&faudshow=234&faudskip=236&goap=slices%3D0-631%2C162803-486666&ogomm=21000&cpn=JWs4_Y7ZQYiPFQgc
access-control-expose-headers
Location
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Authorization
expires
Mon, 01 Jan 1990 00:00:00 GMT
i.js
tag.bounceexchange.com/4210/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tag.bounceexchange.com/4210/i.js
Requested by
Host: assets.bounceexchange.com
URL: https://assets.bounceexchange.com/assets/bounce/iframebuster.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.253.250 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
250.253.120.34.bc.googleusercontent.com
Software
istio-envoy /
Resource Hash
5a7f6a8f46af479ab93de0f6012b997456cfa01775f781bbb7b2d3dab7013869

Request headers

accept-language
en-US,en;q=0.9
Referer
https://213.238.171.129.sslip.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 01:52:54 GMT
content-encoding
gzip
via
1.1 google
age
7
x-envoy-upstream-service-time
0
x-region
us-central1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2283
server
istio-envoy
etag
1c19eee1545c55
vary
Accept-Encoding
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=60
timing-allow-origin
*
link
<https://assets.bounceexchange.com>; rel=dns-prefetch, <https://events.bouncex.net>; rel=dns-prefetch, <https://api.bounceexchange.com>; rel=preconnect
view
securepubads.g.doubleclick.net/pcs/ Frame 01C7 		0
26 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssrCHWUxsF0QpL588f4Eg2PCXIsFxevruSt4ORKkW0eeu41tJSxj4i5UjkI3cBhORc27wBsqZxw_ehnhIesww66BKitJiSwwDmjF0RcwcRd-qCxqQbL-7pL28F-ZIqkkn7WXfHOCspfIpDVK_DswapmmRu4NtaBjfZfKJ35s_bsfK87szbbKDB8rWwhoKe5jNw56VjyFc6OxeHDDm5O8zO2BeHNjDXps0ZbsWjRj3t6YVFrTnRpij9vrmWM3j93ZLmwCp6UlSwbcwZLhFO5BqQQ3ZoCKGgtyM-W4D5O7_aOU04vUuL2SJvx0FgNT1brT0JUXDyqurW56NOuUIoUIdP13XRw&sai=AMfl-YT0TjhvZKs_0zG3b2nFtDC1pPABlL-aCg_2hRUQOPAB7lZ6OFFx3isVKNS6Bs4f7u8jwgnt0rc9X48U598sj4tcdkeLxl-v98LxFonOuUj3wimFTzYaNrYjRLlQ3oQFQzB9G6wV689-gNuN2Ujz_g&sig=Cg0ArKJSzHwy50ljbrnuEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Requested by
Host: 213.238.171.129.sslip.io
URL: https://213.238.171.129.sslip.io/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:809::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://213.238.171.129.sslip.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 01:53:01 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012310301456000/ Frame 1EF8 		196 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012310301456000/amp4ads-v0.mjs
Requested by
Host: cdn.confiant-integrations.net
URL: https://cdn.confiant-integrations.net/gptprebidnative/202310231203/wrap.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:809::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c6077711ce3174050ccebe6559eb5f0e251942c2cad21900d1c3ef316065565b
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://213.238.171.129.sslip.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Sat, 25 Nov 2023 04:44:03 GMT
age
248938
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56081
x-xss-protection
0
server
sffe
etag
"6a17d296884b026a"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sun, 24 Nov 2024 04:44:03 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012310301456000/v0/ Frame 1EF8 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012310301456000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: cdn.confiant-integrations.net
URL: https://cdn.confiant-integrations.net/gptprebidnative/202310231203/wrap.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:809::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b53b6ad23b258ce11eed97786741510819a369348afcf1260856fe3041fc33de
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://213.238.171.129.sslip.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 27 Nov 2023 18:07:46 GMT
age
27915
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5225
x-xss-protection
0
server
sffe
etag
"0b7142e00666043e"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 26 Nov 2024 18:07:46 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012310301456000/v0/ Frame 1EF8 		95 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012310301456000/v0/amp-analytics-0.1.mjs
Requested by
Host: cdn.confiant-integrations.net
URL: https://cdn.confiant-integrations.net/gptprebidnative/202310231203/wrap.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:809::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3907cc5ed9d4a0cdb316d069614220b55fccd5624ac173592a7a4c2c3aae0636
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://213.238.171.129.sslip.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 27 Nov 2023 18:07:46 GMT
age
27915
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29077
x-xss-protection
0
server
sffe
etag
"7b1f1965b6cd6fda"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 26 Nov 2024 18:07:46 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012310301456000/v0/ Frame 1EF8 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012310301456000/v0/amp-fit-text-0.1.mjs
Requested by
Host: cdn.confiant-integrations.net
URL: https://cdn.confiant-integrations.net/gptprebidnative/202310231203/wrap.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:809::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
516f5e4c2dc5c69f3e1707e76695f866f8e62468aca15c1a9ddb165eb684f6f0
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://213.238.171.129.sslip.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 27 Nov 2023 18:07:46 GMT
age
27915
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1911
x-xss-protection
0
server
sffe
etag
"5b0a82507b260c6e"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 26 Nov 2024 18:07:46 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012310301456000/v0/ Frame 1EF8 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012310301456000/v0/amp-form-0.1.mjs
Requested by
Host: cdn.confiant-integrations.net
URL: https://cdn.confiant-integrations.net/gptprebidnative/202310231203/wrap.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:809::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
18ebc36644e10f87e20812c15e329c1b25848c62cd6cdfe74427cdf8995bc3a9
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://213.238.171.129.sslip.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Thu, 23 Nov 2023 21:20:22 GMT
age
361959
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12952
x-xss-protection
0
server
sffe
etag
"9817e561a46c70fa"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Fri, 22 Nov 2024 21:20:22 GMT
truncated
/ Frame 1EF8 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4d65758b691bf89ab1320b4255c63edf50700ebace2d51255d0cd85fe58aa5d4

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type
image/png
pixel
protected-by.clarium.io/ 		68 B
244 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://protected-by.clarium.io/pixel?tag=wt_Nk5BR0VIUFFUSU1jaVp5b0xyVUlEUVpsbXVzLzEzMTQxNDA0OTozMDB4MjUw&v=5&s=v31hg9q2dap&h=213.238.171.129.sslip.io&cb=4725157&d=eyJ3aCI6Ik5rNUJSMFZJVUZGVVNVMWphVnA1YjB4eVZVbEVVVnBzYlhWekx6RXpNVFF4TkRBME9Ub3pNREI0TWpVdyIsIndkIjp7Im8iOjEzMTQxNDA0OSwidyI6IjMwMCIsImgiOiIyNTAifSwid3IiOjJ9&id=eyJkZnAiOnsiYWQiOjI1MzY1ODQ5LCJjIjpudWxsLCJsIjowLCJvIjoxMzE0MTQwNDksIkEiOiIvODI2NC9hdy1jYnNuZXdzL2hvbWUiLCJ5Ijo4NjAwOCwiY28iOjAsInMiOiJtcHUtZmxleC1pbmMyIn19
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
184.73.244.76 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-184-73-244-76.compute-1.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://213.238.171.129.sslip.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-type
image/png
pragma
no-cache
date
Tue, 28 Nov 2023 01:53:01 GMT
cache-control
no-store, no-cache, must-revalidate, max-age=0
server
nginx/1.18.0 (Ubuntu)
expires
Sat, 26 Jul 1997 05:00:00 GMT
10700676183138206069
tpc.googlesyndication.com/simgad/ Frame 1EF8 		59 KB
60 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/10700676183138206069?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qlQ0kyucOYCqTQpBjRv-FmsnJsOwQ
Requested by
Host: 213.238.171.129.sslip.io
URL: https://213.238.171.129.sslip.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4008:800::2001 Bradenton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e3815b35d86be4555c82c45b8a08a212efa15208be89f50b5333d41c0bd394e3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://213.238.171.129.sslip.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 27 Nov 2023 09:09:38 GMT
x-content-type-options
nosniff
age
60203
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60653
x-xss-protection
0
last-modified
Thu, 10 Nov 2022 05:00:23 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 26 Nov 2024 09:09:38 GMT
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 1EF8 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: 213.238.171.129.sslip.io
URL: https://213.238.171.129.sslip.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4008:800::2001 Bradenton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://213.238.171.129.sslip.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 27 Nov 2023 21:16:35 GMT
x-content-type-options
nosniff
server
cafe
age
16586
etag
14819457070020093239
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2502
x-xss-protection
0
expires
Tue, 28 Nov 2023 21:16:35 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 1EF8 		295 B
399 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: 213.238.171.129.sslip.io
URL: https://213.238.171.129.sslip.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4008:800::2001 Bradenton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://213.238.171.129.sslip.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 27 Nov 2023 21:47:02 GMT
x-content-type-options
nosniff
server
cafe
age
14759
etag
426692510519060060
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Tue, 28 Nov 2023 21:47:02 GMT
l
www.google.com/ads/measurement/ Frame 1EF8 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTGb1Yd--Z36FO-sILE6txmB4WTQjdbLIvtNB74ibCZ9UKpeNqJeemSBxHCa2jf_q0DbULgtDR9enj04Pp_AYN-OYJSPw
Requested by
Host: 213.238.171.129.sslip.io
URL: https://213.238.171.129.sslip.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4008:805::2004 Bradenton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://213.238.171.129.sslip.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers
pixel.gif
px.moatads.com/ 		43 B
251 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=17&i=CBS_PREBID_HEADER1&hp=1&zMoatAdUnit1=aw-cbsnews&zMoatAdUnit2=home&wf=1&ra=3&pxm=2&sgs=3&vb=17&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=11&f=0&j=&t=1701136380024&de=447155191814&rx=516254264640&m=0&ar=51bd715ca6c-clean&iw=479f042&q=3&cb=0&cu=1701136380024&ll=2&lm=0&ln=0&em=0&en=0&d=25365849%3A131414049%3A230434329%3A138290860826&cm=1&zMoatAType=content_feature&zMoatGAMSize=300x250&zGSRS=1&zGSRC=1&gu=https%3A%2F%2F213.238.171.129.sslip.io%2F&id=1&ii=4&bo=aw-cbsnews&bd=home&zMoatOrigSlicer1=undefined&zMoatOrigSlicer2=undefined&gw=cbsprebidheader506831276743&fd=1&it=500&zMoatpos=inc&zMoatsl=mpu-flex-inc%3FLL%7CT-1000&zMoatptype=front_door&ti=0&ih=2&pe=1%3A1535%3A1609%3A2619%3A1787&jk=-1&jm=-1&fs=205853&na=167934773&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.51.54.26 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-51-54-26.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-US,en;q=0.9
Referer
https://213.238.171.129.sslip.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Nov 2023 01:53:01 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Tue, 28 Nov 2023 01:53:01 GMT
frame_content.js
resources.infolinks.com/js/1895.006-3.034/ Frame 6F97 		2 KB
670 B 		Script
General
Check archive.org
Download Go to
Full URL
https://resources.infolinks.com/js/1895.006-3.034/frame_content.js
Requested by
Host: 213.238.171.129.sslip.io
URL: https://213.238.171.129.sslip.io/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cc3a41863d92b22799ff23c52e2173e80b13ebc75b9144151ea105cd52b59de5

Request headers

accept-language
en-US,en;q=0.9
Referer
https://213.238.171.129.sslip.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 01:53:01 GMT
via
1.1 google
content-encoding
gzip
cf-cache-status
HIT
last-modified
Tue, 07 Nov 2023 17:45:05 GMT
server
cloudflare
age
14005
etag
W/"96d-6099387e645f0"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2592000
cf-ray
82cef98f59858c51-EWR
expires
Wed, 27 Dec 2023 21:59:36 GMT
/
track2.adpredictive.com/ Frame 806D 		38 B
143 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://track2.adpredictive.com/?event=impression&clientname=Viacom&adpcampaign=OOAlwaysOn&cachebuster=578306533&adunit=/8264/aw-cbsnews/home&lineitemid=6409609095&adid=25477209&orderid=3238758707&creativeid=138453610355&idadunit=23206089&deviceid=&pixelid=76
Requested by
Host: 213.238.171.129.sslip.io
URL: https://213.238.171.129.sslip.io/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.85.148.229 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-85-148-229.compute-1.amazonaws.com
Software
/
Resource Hash
84351bbb9fbc6ff809cc59019a0938f914a60b99e1e81a97e6999a0e6b6fb962

Request headers

accept-language
en-US,en;q=0.9
Referer
https://213.238.171.129.sslip.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 01:53:01 GMT
content-length
38
apigw-requestid
PFgvpgbWIAMEPvg=
content-type
text/plain; charset=utf-8
view
securepubads.g.doubleclick.net/pcs/ Frame 806D 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsubJv496AEYq0R5miyxc7v5LsAJ3QU5osIYDsGCNu1WFxivJ_iOTI-pdT9-KdkfswZnz-H0VoX93TVy9whSBSIhmn1xlWqlVmtaj7PbYnF0X3T7O-E-iyKxKIF6A37khobo7_DVBjcoM8OWPmwf620OSbwzv6SVpik4a5gSSDsMrXkA9PxYmJGv7NtU8Km8QOQCdnhWbjV3LOuWkaxUhJ9jtRfAglD-pn0LmPpcw-x7X3PxxjjFkivVGnLmFwdSSQs-RC9yLWhNgYxBPc8Un9dHuQkxDpujFddII5CE0kLiPyVANOVRrVSuGGM2pJGNuX0QgmAP4BuxidumsfnfWPLvaAi3mmjG079GPyaTEJns6iihz5-LTV2UPPIN5zFI-K8UxmG9kWowMT7DEQ7l4Uw&sai=AMfl-YRIzV_J0rk_8a5siZmeEWOea4Ax0JbkYuQuGpzzp-cyAEg2LByH3nNtyB7v1Oz5zeRrsmEkPNHc3WrTUeK97WfzoFTX6al4_zzb1Uy9v-1TrclfM3ewMd5uNtsC8Ru3dVR0E5i6TMr6yx-so67Z8w&sig=Cg0ArKJSzKmFZIs8al0qEAE&uach_m=%5BUACH%5D&adurl=
Requested by
Host: 213.238.171.129.sslip.io
URL: https://213.238.171.129.sslip.io/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:809::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://213.238.171.129.sslip.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 01:53:01 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 806D 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js
Requested by
Host: 213.238.171.129.sslip.io
URL: https://213.238.171.129.sslip.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4008:800::2001 Bradenton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://213.238.171.129.sslip.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 27 Nov 2023 04:22:52 GMT
content-encoding
br
x-content-type-options
nosniff
age
77409
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 11 Dec 2023 04:22:52 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 806D 		202 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: 213.238.171.129.sslip.io
URL: https://213.238.171.129.sslip.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:821::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://213.238.171.129.sslip.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 01:53:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65070
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1700193896630564"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 28 Nov 2023 01:53:01 GMT
moatad.js
z.moatads.com/cbsdfp5832910442/ Frame 806D 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://z.moatads.com/cbsdfp5832910442/moatad.js
Requested by
Host: 213.238.171.129.sslip.io
URL: https://213.238.171.129.sslip.io/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.51.54.26 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-51-54-26.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
6eadf9bc0090490438da45de316253bdebd58ad4908bb8d3676d512ef0ba83bb

Request headers

accept-language
en-US,en;q=0.9
Referer
https://213.238.171.129.sslip.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 01:53:01 GMT
content-encoding
gzip
last-modified
Tue, 31 Oct 2023 08:17:47 GMT
server
AmazonS3
x-amz-request-id
PGV5Y3BQVD7ZTNGV
etag
"12c0ac6164630b071f36af950d689cf8"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=31790
accept-ranges
bytes
content-length
3977
x-amz-id-2
l5mPv/1ny8JRWA8Wwp73GsNmvX0i7g5/oKKcRvZrzt40mhKDREcywUcUWes5eYAxu60I//xAhYc=
16382821445716563204
tpc.googlesyndication.com/simgad/ Frame 806D 		29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/16382821445716563204
Requested by
Host: 213.238.171.129.sslip.io
URL: https://213.238.171.129.sslip.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4008:800::2001 Bradenton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d72937213cadbbac047a88ef3944b4d3b8ff8ae47065edf2d5e4c9a3463a3350
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://213.238.171.129.sslip.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 27 Nov 2023 17:00:43 GMT
x-content-type-options
nosniff
age
31938
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29224
x-xss-protection
0
last-modified
Thu, 09 Nov 2023 19:11:16 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 26 Nov 2024 17:00:43 GMT
l
www.google.com/ads/measurement/ Frame 806D 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTH5x4MtRr1WKoL2V-NbpkNtKF1ZHH6NlaeMlzCiNODcWIxnbWf70M3Cv0wVtGUsJIEEmiPO7ZzNY0R8VQCzt1189NTVQ
Requested by
Host: 213.238.171.129.sslip.io
URL: https://213.238.171.129.sslip.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4008:805::2004 Bradenton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://213.238.171.129.sslip.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers
view
securepubads.g.doubleclick.net/pcs/ Frame 51CA 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstfg7ZkokHCdHmUN2-PoPfYrIwP2ve9Rs41KhXdCeG-DbXnqbQJj0_Nh2I7ntqhNvAbZdvMZrJaf5H9ARjo4txN78zHOlF5WVc5PVvBSCWfk8TJcJpNmeJZUXT8L-sxd47RDLDVbPHlcUgHoT5SeWP62M5cp36w0-FQQNsdfTl-KaOVPHkkBp1HrLEQ7nBjPYk-NqDt3cdZT9Dstv7glRBDa7w2UnvjLHd9bx470g6DhUKUSTllGDQo3OnL7hDEAuQExF3G9d69WlEYIbHhsdCFJyJnM7tZerthinhhBi-2I9KC6ETUWUhHQY039-7J5ZX9KmPVua69qBR9UukNvfkcYksjgf3RcYsBvUTqGmaEA9AoksWFsA&sai=AMfl-YTjCW3X4CZl4TrJtOpkro_0jY2-YTnxMn7BuB4gqx9dPY2RXhpoNE0tzkFpjCBTbUjTnZVgaiDpa1BMqOZqTtzJ5T1q8yZsv9IoKBrL-88CsM_k76g2F_66fsn8Wjyx3-HaSZ1Twl8TXbneWn8ILw&sig=Cg0ArKJSzMsoqMAsGGL4EAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Requested by
Host: 213.238.171.129.sslip.io
URL: https://213.238.171.129.sslip.io/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:809::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://213.238.171.129.sslip.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 01:53:01 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 51CA 		202 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: 213.238.171.129.sslip.io
URL: https://213.238.171.129.sslip.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:821::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://213.238.171.129.sslip.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 01:53:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65070
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1700193896630564"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 28 Nov 2023 01:53:01 GMT
moatad.js
z.moatads.com/cbsdfp5832910442/ Frame 51CA 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://z.moatads.com/cbsdfp5832910442/moatad.js
Requested by
Host: 213.238.171.129.sslip.io
URL: https://213.238.171.129.sslip.io/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.51.54.26 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-51-54-26.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
6eadf9bc0090490438da45de316253bdebd58ad4908bb8d3676d512ef0ba83bb

Request headers

accept-language
en-US,en;q=0.9
Referer
https://213.238.171.129.sslip.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 01:53:01 GMT
content-encoding
gzip
last-modified
Tue, 31 Oct 2023 08:17:47 GMT
server
AmazonS3
x-amz-request-id
PGV5Y3BQVD7ZTNGV
etag
"12c0ac6164630b071f36af950d689cf8"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=31790
accept-ranges
bytes
content-length
3977
x-amz-id-2
l5mPv/1ny8JRWA8Wwp73GsNmvX0i7g5/oKKcRvZrzt40mhKDREcywUcUWes5eYAxu60I//xAhYc=
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012310301456000/ Frame 49FD 		196 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012310301456000/amp4ads-v0.mjs
Requested by
Host: cdn.confiant-integrations.net
URL: https://cdn.confiant-integrations.net/gptprebidnative/202310231203/wrap.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:809::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c6077711ce3174050ccebe6559eb5f0e251942c2cad21900d1c3ef316065565b
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://213.238.171.129.sslip.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Sat, 25 Nov 2023 04:44:03 GMT
age
248938
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56081
x-xss-protection
0
server
sffe
etag
"6a17d296884b026a"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sun, 24 Nov 2024 04:44:03 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012310301456000/v0/ Frame 49FD 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012310301456000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: cdn.confiant-integrations.net
URL: https://cdn.confiant-integrations.net/gptprebidnative/202310231203/wrap.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:809::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b53b6ad23b258ce11eed97786741510819a369348afcf1260856fe3041fc33de
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://213.238.171.129.sslip.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 27 Nov 2023 18:07:46 GMT
age
27915
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5225
x-xss-protection
0
server
sffe
etag
"0b7142e00666043e"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 26 Nov 2024 18:07:46 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012310301456000/v0/ Frame 49FD 		95 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012310301456000/v0/amp-analytics-0.1.mjs
Requested by
Host: cdn.confiant-integrations.net
URL: https://cdn.confiant-integrations.net/gptprebidnative/202310231203/wrap.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:809::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3907cc5ed9d4a0cdb316d069614220b55fccd5624ac173592a7a4c2c3aae0636
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://213.238.171.129.sslip.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 27 Nov 2023 18:07:46 GMT
age
27915
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29077
x-xss-protection
0
server
sffe
etag
"7b1f1965b6cd6fda"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 26 Nov 2024 18:07:46 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012310301456000/v0/ Frame 49FD 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012310301456000/v0/amp-fit-text-0.1.mjs
Requested by
Host: cdn.confiant-integrations.net
URL: https://cdn.confiant-integrations.net/gptprebidnative/202310231203/wrap.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:809::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
516f5e4c2dc5c69f3e1707e76695f866f8e62468aca15c1a9ddb165eb684f6f0
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://213.238.171.129.sslip.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 27 Nov 2023 18:07:46 GMT
age
27915
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1911
x-xss-protection
0
server
sffe
etag
"5b0a82507b260c6e"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 26 Nov 2024 18:07:46 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012310301456000/v0/ Frame 49FD 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012310301456000/v0/amp-form-0.1.mjs
Requested by
Host: cdn.confiant-integrations.net
URL: https://cdn.confiant-integrations.net/gptprebidnative/202310231203/wrap.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:809::2001 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
18ebc36644e10f87e20812c15e329c1b25848c62cd6cdfe74427cdf8995bc3a9
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://213.238.171.129.sslip.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Thu, 23 Nov 2023 21:20:22 GMT
age
361959
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12952
x-xss-protection
0
server
sffe
etag
"9817e561a46c70fa"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Fri, 22 Nov 2024 21:20:22 GMT
css
fonts.googleapis.com/ Frame 49FD 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto%3A400%2C500
Requested by
Host: cdn.confiant-integrations.net
URL: https://cdn.confiant-integrations.net/gptprebidnative/202310231203/wrap.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4008:809::200a Bradenton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
f8238cdd1cc6032f1c34cf7e559b55a936097f78cc8839628e5cc39a6fc3f390
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://213.238.171.129.sslip.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 28 Nov 2023 01:53:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 01:45:26 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 28 Nov 2023 01:53:01 GMT
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 49FD 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: cdn.confiant-integrations.net
URL: https://cdn.confiant-integrations.net/gptprebidnative/202310231203/wrap.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4008:800::2001 Bradenton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://213.238.171.129.sslip.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 27 Nov 2023 21:16:35 GMT
x-content-type-options
nosniff
server
cafe
age
16586
etag
14819457070020093239
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2502
x-xss-protection
0
expires
Tue, 28 Nov 2023 21:16:35 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 49FD 		295 B
319 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: cdn.confiant-integrations.net
URL: https://cdn.confiant-integrations.net/gptprebidnative/202310231203/wrap.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4008:800::2001 Bradenton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://213.238.171.129.sslip.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 27 Nov 2023 21:47:02 GMT
x-content-type-options
nosniff
server
cafe
age
14759
etag
426692510519060060
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Tue, 28 Nov 2023 21:47:02 GMT
pixel
protected-by.clarium.io/ Frame 51CA 		68 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://protected-by.clarium.io/pixel?tag=wt_Nk5BR0VIUFFUSU1jaVp5b0xyVUlEUVpsbXVzLzI0MDE1ODA4NjQ6MTF4MTE=&v=5&s=v31hg9q2dfq&id=eyJkZnAiOnsiYWQiOjQ2MzA1ODc3NzksImMiOjEzODI0NzQ4NzUzOSwibCI6NDgxNzE5NTkwNSwibyI6MjQwMTU4MDg2NCwiQSI6Ii84MjY0L2F3LWNic25ld3MvaG9tZSIsInkiOjAsImNvIjowLCJzIjoibXB1LWZsZXgtdG9wIn19&cb=9309296&h=213.238.171.129.sslip.io&d=eyJ3aCI6Ik5rNUJSMFZJVUZGVVNVMWphVnA1YjB4eVZVbEVVVnBzYlhWekx6STBNREUxT0RBNE5qUTZNVEY0TVRFPSIsIndkIjp7Im8iOjI0MDE1ODA4NjQsInciOiIxMSIsImgiOiIxMSJ9LCJ3ciI6Mn0=
Requested by
Host: 213.238.171.129.sslip.io
URL: https://213.238.171.129.sslip.io/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
184.73.244.76 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-184-73-244-76.compute-1.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://213.238.171.129.sslip.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-type
image/png
pragma
no-cache
date
Tue, 28 Nov 2023 01:53:01 GMT
cache-control
no-store, no-cache, must-revalidate, max-age=0
server
nginx/1.18.0 (Ubuntu)
expires
Sat, 26 Jul 1997 05:00:00 GMT
pixel
protected-by.clarium.io/ 		68 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://protected-by.clarium.io/pixel?tag=wt_Nk5BR0VIUFFUSU1jaVp5b0xyVUlEUVpsbXVzLzEzMTQxNDA0OTo5NzB4MjUw&v=5&s=v31hg9q2dhr&h=213.238.171.129.sslip.io&cb=9677213&d=eyJ3aCI6Ik5rNUJSMFZJVUZGVVNVMWphVnA1YjB4eVZVbEVVVnBzYlhWekx6RXpNVFF4TkRBME9UbzVOekI0TWpVdyIsIndkIjp7Im8iOjEzMTQxNDA0OSwidyI6Ijk3MCIsImgiOiIyNTAifSwid3IiOjJ9&id=eyJkZnAiOnsiYWQiOjI1MzY1ODQ5LCJjIjpudWxsLCJsIjowLCJvIjoxMzE0MTQwNDksIkEiOiIvODI2NC9hdy1jYnNuZXdzL2hvbWUiLCJ5Ijo4NjAwOCwiY28iOjAsInMiOiJsZWFkZXItcGx1cy10b3AifX0%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
184.73.244.76 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-184-73-244-76.compute-1.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://213.238.171.129.sslip.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-type
image/png
pragma
no-cache
date
Tue, 28 Nov 2023 01:53:01 GMT
cache-control
no-store, no-cache, must-revalidate, max-age=0
server
nginx/1.18.0 (Ubuntu)
expires
Sat, 26 Jul 1997 05:00:00 GMT
l
www.google.com/ads/measurement/ Frame 49FD 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSFgLMI3ckQ19cDCQKhVrvsbOE5KwNHr5tId8cgkMnBEzWn2zPXy4teOYTMBNNmF7ot0i9XLEKA-nESrdO05UmK_2MyhQ
Requested by
Host: 213.238.171.129.sslip.io
URL: https://213.238.171.129.sslip.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4008:805::2004 Bradenton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://213.238.171.129.sslip.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers
14763004658117789537
tpc.googlesyndication.com/simgad/14198825039123649057/ Frame 49FD 		33 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/14198825039123649057/14763004658117789537?w=600&h=314&tw=1&q=75
Requested by
Host: 213.238.171.129.sslip.io
URL: https://213.238.171.129.sslip.io/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4008:800::2001 Bradenton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e82bee0fd2520f23b90137eb06b49093d5c1b23fed7b0015dd73294afd4df0a1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://213.238.171.129.sslip.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 27 Nov 2023 20:14:33 GMT
x-content-type-options
nosniff
age
20308
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33776
x-xss-protection
0
last-modified
Mon, 27 Nov 2023 06:54:36 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 26 Nov 2024 20:14:33 GMT
14763004658117789537
tpc.googlesyndication.com/simgad/12059547806966864958/ Frame 49FD 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/12059547806966864958/14763004658117789537?w=100&h=100&tw=1&q=75
Requested by
Host: 213.238.171.129.sslip.io
URL: https://213.238.171.129.sslip.io/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4008:800::2001 Bradenton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b418459fdad4878ac0bf54ac48eef7cccc94be6592776ab1e0e06a18ee22a82e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://213.238.171.129.sslip.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 27 Nov 2023 11:00:34 GMT
x-content-type-options
nosniff
age
53547
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3996
x-xss-protection
0
last-modified
Tue, 24 Oct 2023 07:13:35 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 26 Nov 2024 11:00:34 GMT
truncated
/ Frame 49FD 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
81a838cf54551298811c3604f3fb407cc010b670f299f4788f4cfb5a18ebd444

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 806D 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0fef407f224001c6ded11c26d9ae9f4bddf311e48124dbdb2dc778faa3b2a676

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 6F97 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0c5bfc3afde8642085ce224ff3b4908aa551569dba9dd8c31a1d6b2c38ba3a91

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type
image/png
pixel.gif
px.moatads.com/ 		43 B
251 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=17&i=CBS_PREBID_HEADER1&hp=1&zMoatAdUnit1=aw-cbsnews&zMoatAdUnit2=home&wf=1&ra=3&pxm=2&sgs=3&vb=17&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=11&f=0&j=&t=1701136380024&de=677258060005&rx=516254264640&m=0&ar=51bd715ca6c-clean&iw=479f042&q=4&cb=0&cu=1701136380024&ll=2&lm=0&ln=0&em=0&en=0&d=25365849%3A131414049%3A211999089%3A62071920009&cm=1&zMoatAType=content_feature&zMoatGAMSize=970x250&zGSRS=1&zGSRC=1&gu=https%3A%2F%2F213.238.171.129.sslip.io%2F&id=1&ii=4&bo=aw-cbsnews&bd=home&zMoatOrigSlicer1=undefined&zMoatOrigSlicer2=undefined&gw=cbsprebidheader506831276743&fd=1&it=500&zMoatpos=top&zMoatsl=leader-plus-top%3FT-1000&zMoatptype=front_door&ti=0&ih=2&pe=1%3A1535%3A1609%3A2619%3A1787&jk=-1&jm=-1&fs=205853&na=625280309&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.51.54.26 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-51-54-26.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-US,en;q=0.9
Referer
https://213.238.171.129.sslip.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Nov 2023 01:53:01 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Tue, 28 Nov 2023 01:53:01 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 450B 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4008:800::2001 Bradenton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://213.238.171.129.sslip.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
age
589781
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 21 Nov 2023 06:03:20 GMT
expires
Wed, 20 Nov 2024 06:03:20 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 4175 		829 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4008:805::2004 Bradenton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
2e350091b637b736dc2f946dca8d482ec67a0a389ed267b2079e61231bd5d332
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-tabZB9DSyRTeRJ979R-REA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://213.238.171.129.sslip.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-tabZB9DSyRTeRJ979R-REA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 28 Nov 2023 01:53:01 GMT
expires
Tue, 28 Nov 2023 01:53:01 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
setuid
pbs.at.cbsi.com/
Redirect Chain
  • https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&redirect=https%3A%2F%2Fpbs.at.cbsi.com%2Fsetuid%3Fbidder%3Dmedianet%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid...
  • https://pbs.at.cbsi.com/setuid?bidder=medianet&gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&f=i&uid=3441379825658219000V10
86 B
559 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbs.at.cbsi.com/setuid?bidder=medianet&gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&f=i&uid=3441379825658219000V10
Protocol
H2
Server
146.75.29.188 Ashburn, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language
en-US,en;q=0.9
Referer
https://213.238.171.129.sslip.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-cache-hits
0
pragma
no-cache
date
Tue, 28 Nov 2023 01:53:02 GMT
content-encoding
gzip
via
1.1 varnish
expires
0
x-timer
S1701136382.271987,VS0,VE5
x-cache
MISS
content-type
image/png
cache-control
no-cache, no-store, must-revalidate
accept-ranges
bytes
x-served-by
cache-iad-kiad7000034-IAD

Redirect headers

pragma
no-cache
strict-transport-security
max-age=86400 ; includeSubDomains, max-age=604800
date
Tue, 28 Nov 2023 01:53:02 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
location
https://pbs.at.cbsi.com/setuid?bidder=medianet&gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&f=i&uid=3441379825658219000V10
content-type
text/html
cache-control
max-age=0, no-cache, no-store
content-length
154
x-mnet-hl2
E
expires
Tue, 28 Nov 2023 01:53:02 GMT
serve.js.php
trends.revcontent.com/ Frame 51CA 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://trends.revcontent.com/serve.js.php?w=103755&t=rc_370&c=1701136381696&width=1600&referer=https://213.238.171.129.sslip.io/&is_blocked=false
Requested by
Host: 213.238.171.129.sslip.io
URL: https://213.238.171.129.sslip.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
184.72.178.21 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-184-72-178-21.compute-1.amazonaws.com
Software
envoy /
Resource Hash
041e427d7ea306384af6e1e8c2fc570c617b9bde92a42f58eaf9dc1c18234cbb
Security Headers
Name Value
Strict-Transport-Security max-age=931536000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://213.238.171.129.sslip.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-rc-region
us-east-1a
date
Tue, 28 Nov 2023 01:53:01 GMT
strict-transport-security
max-age=931536000; includeSubDomains
content-encoding
gzip
server
envoy
vary
Origin
content-type
application/javascript; charset=utf-8
x-envoy-upstream-service-time
5
runtime_8b30b4890203fd4144c54b9ffd765f5e.br.js
assets.bounceexchange.com/assets/smart-tag/versioned/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.bounceexchange.com/assets/smart-tag/versioned/runtime_8b30b4890203fd4144c54b9ffd765f5e.br.js
Requested by
Host: tag.bounceexchange.com
URL: https://tag.bounceexchange.com/4210/i.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.72.95 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
95.72.98.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
c4fad867557fa65e1a778e915c0b4ed0cd1bbb4443452c8943e5cec6504311e7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://213.238.171.129.sslip.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 13 Nov 2023 23:37:04 GMT
content-encoding
br
age
1217757
x-guploader-uploadid
ABPtcPqnKD7CUsu6sxa-VOrJIgV4E8nVhUv0o1gZXGe3F4tR-BQ8M5JnKx868l1puz21piT8qUh2JkwLKdPTEJZvQWpqHWwj3TrC
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
br
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1317
last-modified
Mon, 13 Nov 2023 15:33:51 GMT
server
UploadServer
etag
"dbc90523c425a5d782995c1a39051881"
x-goog-generation
1699889631731187
x-goog-hash
crc32c=Xs/EYg==, md5=28kFI8QlpdeCmVwaOQUYgQ==
access-control-allow-origin
*
access-control-expose-headers
etag, Content-Type
cache-control
public,max-age=31536000
x-goog-stored-content-length
1317
accept-ranges
bytes
content-type
text/javascript
ice.js
resources.infolinks.com/js/1895.006-3.034/ 		187 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://resources.infolinks.com/js/1895.006-3.034/ice.js
Requested by
Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1895.006-3.034/frame_content.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
54eacec863498628814d62c486eca8cd1c580c77a4dda865b5941006e40c6e66

Request headers

accept-language
en-US,en;q=0.9
Referer
https://213.238.171.129.sslip.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 01:53:01 GMT
via
1.1 google
content-encoding
gzip
cf-cache-status
HIT
last-modified
Tue, 07 Nov 2023 17:45:04 GMT
server
cloudflare
age
2646
etag
W/"2ede2-6099387db510d"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2592000
cf-ray
82cef9923d1a8c51-EWR
expires
Thu, 28 Dec 2023 01:08:55 GMT
frame_inplace.js
resources.infolinks.com/js/1895.006-3.034/ Frame 6F97 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://resources.infolinks.com/js/1895.006-3.034/frame_inplace.js
Requested by
Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1895.006-3.034/frame_content.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
851aab34e9b9e9c6252ed4a0bd57b30a79795aacdc7e036d7e824ed9e69b2807

Request headers

accept-language
en-US,en;q=0.9
Referer
https://213.238.171.129.sslip.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 01:53:01 GMT
via
1.1 google
content-encoding
gzip
cf-cache-status
HIT
last-modified
Tue, 07 Nov 2023 17:45:05 GMT
server
cloudflare
age
2758
etag
W/"baa-6099387e6d293"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2592000
cf-ray
82cef9925d4a8c51-EWR
expires
Thu, 28 Dec 2023 01:07:03 GMT
truncated
/ Frame 51CA 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
13d6c7421a5226dba282844559ceb253919842859ca3383290b10444023036e1

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type
image/png
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 49FD 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4008:806::2003 Bradenton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://213.238.171.129.sslip.io
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 21:50:20 GMT
x-content-type-options
nosniff
age
446562
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15920
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:45 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 21 Nov 2024 21:50:20 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 49FD 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4008:806::2003 Bradenton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://213.238.171.129.sslip.io
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 04:32:54 GMT
x-content-type-options
nosniff
age
336008
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 23 Nov 2024 04:32:54 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 806D 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstv4y8vTateGRLRWQeldXSbUFJIwPsZuPpkCYKxy0AayY4MMYzztp8YkeX2GgtJIJ9URLuY2iz39a2vJeJPTFgmH7dCrb8Ar03P7IJUvyQdFlGLEf-zAD0o-WsBswHLfYSA93orCFHfAMzVTjZX4Obb7xCrCUFXc_Nbd2mX8ZnjrL7Ij1qIxFc-u_TN13a_nFfkRlt_MUtLszk0rqYDZsg1ts8Tm-cHAWziLYnmoMBHS5dFBpKmsglQ_poTn3fyDBJguJdEkc_N2Ygdlr64Bmqsp2e-GjcY33HjWWUxRKsC600KBvEtAxE0S1DOy4ohT59FIWXxQzi8l9aIdmN9StD1d7N3DkUWN8RoM_694UShCujJXVn7&sai=AMfl-YSj6JJp5WZJQKaSDIIo1tExRdXySbgpYVOgYZt_04Q_mBKb1l6kahcpINbUxQqcxR8r_XaAJuR4bvt7ZRJIgM6oyMi5axVYPNo-kBHYzaJfgRPR6d3W3tNAoXgzkno5-I-_P_NB33awER44L1CNUQ&sig=Cg0ArKJSzEHHK1QMvmdaEAE&uach_m=%5BUACH%5D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:809::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://213.238.171.129.sslip.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 01:53:01 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Tue, 28 Nov 2023 01:53:01 GMT
v2
mb.moatads.com/s/ 		124 B
224 B 		Script
General
Check archive.org
Download Go to
Full URL
https://mb.moatads.com/s/v2?url=https%3A%2F%2F213.238.171.129.sslip.io%2F&pcode=cbsprebidheader506831276743&ord=1701136380024&jv=460759335&callback=BrandSafetyNadoscallback_5867385
Requested by
Host: z.moatads.com
URL: https://z.moatads.com/cbsprebidheader506831276743/moatheader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
129.80.46.219 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
e27ed4fdf3cfcc7a811bb9e700f00dd4625da85a5913b30e36be9bd4b4f2b6a9

Request headers

accept-language
en-US,en;q=0.9
Referer
https://213.238.171.129.sslip.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 01:53:01 GMT
server
istio-envoy
etag
"134d86a1e06a5cac85cf8cf573642151d7cd8d20"
content-type
text/html; charset=UTF-8
cache-control
max-age=900
x-envoy-upstream-service-time
38
timing-allow-origin
*
content-length
124
pixel.gif
px.moatads.com/ Frame 806D 		43 B
251 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=0&d=CBSDFPCW2%3A23205969%3A23206089%3A-&de=349447735965&t=1701136381922&i=MOAT_FEATHER_DEBUG1&gw=cbsdfp5832910442&cm=10&f=0&bq=0&ar=51bd715ca6c-clean&iw=3dd6068&dMoatOQs=moatClientLevel1%3D25477209%26moatClientLevel2%3D3238758707%26moatClientLevel3%3D6409609095%26moatClientLevel4%3D138453610355%26moatClientSlicer1%3D23205969%26moatClientSlicer2%3D23206089%26zMoatHBS%3D%26zMoatMSafety%3Dsafe%26zMoatMGV%3DnoHistData%26zMoatMData%3D0%26zMoatPS%3Dinc%26zMoatSECT%3D%26zMoatSL%3Dmpu-flex-inc%3FLL%7CT-1000%26zMoatFT%3D%26zMoatPT%3Dfront_door%26zMoatH%3D250%26zMoatW%3D300%26zMoatSN%3Db%26zMoatHBB%3D%26zMoatVGUID%3D5dc0a850-f78c-4d7b-b045-444db5b3fd59%26zMoatAID%3D%26zMoatMMV%3DnoHistData%26zMoatAdUnitPath%3D%2F8264%2Faw-cbsnews%2Fhome%26refresh%3D1&fq=1&sy=1&gh=0&wb=0&g=0&na=2002079917&cs=0
Requested by
Host: 213.238.171.129.sslip.io
URL: https://213.238.171.129.sslip.io/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.51.54.26 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-51-54-26.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-US,en;q=0.9
Referer
https://213.238.171.129.sslip.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Nov 2023 01:53:01 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Tue, 28 Nov 2023 01:53:01 GMT
pixel.gif
cbsdfp5832910442.s.moatpixel.com/ 		43 B
251 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cbsdfp5832910442.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=0&fi=0&apd=260&ui=0&uit=0&h=0&th=-1&s=0&ts=-1&bfa=1&d=213.238.171.129.sslip.io&L1id=25477209&L2id=3238758707&L3id=6409609095&L4id=138453610355&S1id=23205969&S2id=23206089&ord=1701136380024&r=532056895922&t=meas&os=0&fi2=0&div1=0&ait=0&url=https%253A%252F%252F213.238.171.129.sslip.io%252F&mobile=0&click=0&initW=300&initH=250&initSRE=0.0390625&zMoatVGUID=5dc0a850-f78c-4d7b-b045-444db5b3fd59&zMoatPS=inc&zMoatCURL=213.238.171.129.sslip.io&zMoatSL=mpu-flex-inc%3FLL%7CT-1000&zMoatPT=front_door&bedc=1&q=1&nu=0&ib=0&dc=0&ob=0&oh=0&lt=1&ab=0&n=1&nm=1&sp=0&pt=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.109.123 London, United Kingdom, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-109-123.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-US,en;q=0.9
Referer
https://213.238.171.129.sslip.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Nov 2023 01:53:02 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Tue, 28 Nov 2023 01:53:02 GMT
pixel.gif
cbsdfp5832910442.s.moatpixel.com/ 		43 B
251 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cbsdfp5832910442.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=0&fi=0&apd=260&ui=0&uit=0&h=0&th=-1&s=0&ts=-1&bfa=1&d=213.238.171.129.sslip.io&L1id=25477209&L2id=3238758707&L3id=6409609095&L4id=138453610355&S1id=23205969&S2id=23206089&ord=1701136380024&r=532056895922&t=nht&os=0&fi2=0&div1=0&ait=0&url=https%253A%252F%252F213.238.171.129.sslip.io%252F&mobile=0&click=0&initW=300&initH=250&initSRE=0.0390625&zMoatVGUID=5dc0a850-f78c-4d7b-b045-444db5b3fd59&zMoatPS=inc&zMoatCURL=213.238.171.129.sslip.io&zMoatSL=mpu-flex-inc%3FLL%7CT-1000&zMoatPT=front_door&bedc=1&q=2&nu=0&ib=0&dc=0&ob=0&oh=0&lt=1&ab=0&n=1&nm=1&sp=0&pt=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.109.123 London, United Kingdom, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-109-123.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-US,en;q=0.9
Referer
https://213.238.171.129.sslip.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Nov 2023 01:53:02 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Tue, 28 Nov 2023 01:53:02 GMT
pixel.gif
cbsdfp5832910442.s.moatpixel.com/ 		43 B
251 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cbsdfp5832910442.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=0&fi=0&apd=260&ui=0&uit=0&h=0&th=-1&s=0&ts=-1&bfa=1&d=213.238.171.129.sslip.io&L1id=25477209&L2id=3238758707&L3id=6409609095&L4id=138453610355&S1id=23205969&S2id=23206089&ord=1701136380024&r=532056895922&t=bs&os=0&fi2=0&div1=0&ait=0&url=https%253A%252F%252F213.238.171.129.sslip.io%252F&mobile=0&click=0&initW=300&initH=250&initSRE=0.0390625&zMoatVGUID=5dc0a850-f78c-4d7b-b045-444db5b3fd59&zMoatPS=inc&zMoatCURL=213.238.171.129.sslip.io&zMoatSL=mpu-flex-inc%3FLL%7CT-1000&zMoatPT=front_door&bedc=1&q=3&nu=0&ib=0&dc=0&ob=0&oh=0&lt=1&ab=0&n=1&nm=1&sp=0&pt=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.109.123 London, United Kingdom, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-109-123.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-US,en;q=0.9
Referer
https://213.238.171.129.sslip.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Nov 2023 01:53:02 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Tue, 28 Nov 2023 01:53:02 GMT
pixel.gif
cbsdfp5832910442.s.moatpixel.com/ 		43 B
251 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cbsdfp5832910442.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=0&fi=0&apd=56&ui=0&uit=0&h=0&th=-1&s=0&ts=-1&bfa=1&d=213.238.171.129.sslip.io&L1id=25365849&L2id=131414049&L3id=230434329&L4id=138290860826&S1id=aw-cbsnews&S2id=home&ord=1701136380024&r=447155191814&t=meas&os=0&fi2=0&div1=0&ait=0&url=https%253A%252F%252F213.238.171.129.sslip.io%252F&mobile=0&click=0&initW=300&initH=250&initSRE=0.0390625&zMoatCURL=213.238.171.129.sslip.io&bedc=1&q=1&nu=0&ib=0&dc=0&ob=0&oh=0&lt=1&ab=0&n=1&nm=1&sp=0&pt=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.109.123 London, United Kingdom, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-109-123.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-US,en;q=0.9
Referer
https://213.238.171.129.sslip.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Nov 2023 01:53:02 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Tue, 28 Nov 2023 01:53:02 GMT
pixel.gif
cbsdfp5832910442.s.moatpixel.com/ 		43 B
251 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cbsdfp5832910442.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=0&fi=0&apd=56&ui=0&uit=0&h=0&th=-1&s=0&ts=-1&bfa=1&d=213.238.171.129.sslip.io&L1id=25365849&L2id=131414049&L3id=230434329&L4id=138290860826&S1id=aw-cbsnews&S2id=home&ord=1701136380024&r=447155191814&t=nht&os=0&fi2=0&div1=0&ait=0&url=https%253A%252F%252F213.238.171.129.sslip.io%252F&mobile=0&click=0&initW=300&initH=250&initSRE=0.0390625&zMoatCURL=213.238.171.129.sslip.io&bedc=1&q=2&nu=0&ib=0&dc=0&ob=0&oh=0&lt=1&ab=0&n=1&nm=1&sp=0&pt=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.109.123 London, United Kingdom, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-109-123.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-US,en;q=0.9
Referer
https://213.238.171.129.sslip.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Nov 2023 01:53:02 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Tue, 28 Nov 2023 01:53:02 GMT
pixel.gif
cbsdfp5832910442.s.moatpixel.com/ 		43 B
251 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cbsdfp5832910442.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=0&fi=0&apd=56&ui=0&uit=0&h=0&th=-1&s=0&ts=-1&bfa=1&d=213.238.171.129.sslip.io&L1id=25365849&L2id=131414049&L3id=230434329&L4id=138290860826&S1id=aw-cbsnews&S2id=home&ord=1701136380024&r=447155191814&t=bs&os=0&fi2=0&div1=0&ait=0&url=https%253A%252F%252F213.238.171.129.sslip.io%252F&mobile=0&click=0&initW=300&initH=250&initSRE=0.0390625&zMoatCURL=213.238.171.129.sslip.io&bedc=1&q=3&nu=0&ib=0&dc=0&ob=0&oh=0&lt=1&ab=0&n=1&nm=1&sp=0&pt=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.109.123 London, United Kingdom, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-109-123.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-US,en;q=0.9
Referer
https://213.238.171.129.sslip.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Nov 2023 01:53:02 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Tue, 28 Nov 2023 01:53:02 GMT
pixel.gif
cbsdfp5832910442.s.moatpixel.com/ 		43 B
251 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cbsdfp5832910442.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=0&fi=0&apd=316&ui=0&uit=0&h=0&th=-1&s=0&ts=-1&bfa=1&d=213.238.171.129.sslip.io&L1id=25477209&L2id=3238758707&L3id=6409609095&L4id=138453610355&S1id=23205969&S2id=23206089&ord=1701136380024&r=532056895922&t=hdn&os=0&fi2=0&div1=0&ait=0&url=https%253A%252F%252F213.238.171.129.sslip.io%252F&mobile=0&click=0&initW=300&initH=250&initSRE=0.0390625&zMoatVGUID=5dc0a850-f78c-4d7b-b045-444db5b3fd59&zMoatPS=inc&zMoatCURL=213.238.171.129.sslip.io&zMoatSL=mpu-flex-inc%3FLL%7CT-1000&zMoatPT=front_door&bedc=1&q=4&nu=0&ib=0&dc=0&ob=0&oh=0&lt=1&ab=0&n=0&nm=1&sp=0&pt=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.109.123 London, United Kingdom, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-109-123.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-US,en;q=0.9
Referer
https://213.238.171.129.sslip.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Nov 2023 01:53:02 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Tue, 28 Nov 2023 01:53:02 GMT
pixel.gif
px.moatads.com/ 		43 B
251 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&zMoatAdUnit1=aw-cbsnews&zMoatAdUnit2=home&wf=1&ra=3&pxm=2&sgs=3&vb=17&kq=1&lo=1&uk=null&pk=1&wk=1&rk=1&tk=0&ak=https%3A%2F%2Ftpc.googlesyndication.com%2Fsimgad%2F10700676183138206069%3Fsqp%3D4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4%26rs%3DAOga4qlQ0kyucOYCqTQpBjRv-FmsnJsOwQ&i=CBS_PREBID_HEADER1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K3%2BY%24%3D!%5Dx%24P%5Bh3MrI1%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-dBE63cnegzlATHhA%2BfHRT33aDaO73LuhfDBJf6raYEJYmkDpFPmliBNlAlwWxmRnpyWz&rs=1-TxbrCERvHCbFpA%3D%3D&sc=1&os=1-Xg%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=600&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&vf=1&vg=100&bq=11&zMoatpos=inc&zMoatsl=mpu-flex-inc%3FLL%7CT-1000&zMoatptype=front_door&g=0&h=250&w=300&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&rm=1&fy=0&gp=0&zGSRS=1&zGSRC=1&gu=https%3A%2F%2F213.238.171.129.sslip.io%2F&id=1&ii=4&f=0&j=&t=1701136380024&de=447155191814&rx=516254264640&cu=1701136380024&m=1967&ar=51bd715ca6c-clean&iw=479f042&cb=0&rd=0&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=14430&le=1&lf=180&lg=0&lh=53&ch=0&vv=1&vw=1%3A0%3A0&vp=0&vx=0%3A-%3A-&pe=1%3A1535%3A1609%3A2619%3A1787&as=0&ag=0&an=0&gf=0&gg=0&ix=0&ic=0&pg=0&pf=0&ib=1&cc=0&bw=0&bx=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=56&cd=0&ah=56&am=0&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=25365849%3A131414049%3A230434329%3A138290860826&cm=1&bo=aw-cbsnews&bd=home&gw=cbsprebidheader506831276743&zMoatOrigSlicer1=undefined&zMoatOrigSlicer2=undefined&zMoatAType=content_feature&zMoatGAMSize=300x250&hv=Standard%20Image%20Ad%20finding%20&ab=1&fd=1&kt=strict&it=500&oq=0&ot=0&zMoatJS=3%3A-&ti=0&ih=2&jk=3&jm=-1&tc=0&fs=205853&na=527180295&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.51.54.26 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-51-54-26.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-US,en;q=0.9
Referer
https://213.238.171.129.sslip.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Nov 2023 01:53:02 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Tue, 28 Nov 2023 01:53:02 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame 1EF8
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Protocol
H2
Server
2607:f8b0:4008:80a::2002 Bradenton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Redirect headers

date
Tue, 28 Nov 2023 01:53:02 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pixel.gif
cbsdfp5832910442.s.moatpixel.com/ 		43 B
251 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cbsdfp5832910442.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=0&fi=0&apd=83&ui=0&uit=0&h=0&th=-1&s=0&ts=-1&bfa=1&d=213.238.171.129.sslip.io&L1id=25365849&L2id=131414049&L3id=230434329&L4id=138290860826&S1id=aw-cbsnews&S2id=home&ord=1701136380024&r=447155191814&t=hdn&os=0&fi2=0&div1=0&ait=0&url=https%253A%252F%252F213.238.171.129.sslip.io%252F&mobile=0&click=0&initW=300&initH=250&initSRE=0.0390625&zMoatCURL=213.238.171.129.sslip.io&bedc=1&q=4&nu=0&ib=0&dc=0&ob=0&oh=0&lt=1&ab=0&n=0&nm=1&sp=0&pt=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.109.123 London, United Kingdom, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-109-123.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-US,en;q=0.9
Referer
https://213.238.171.129.sslip.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Nov 2023 01:53:02 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Tue, 28 Nov 2023 01:53:02 GMT
10700676183138206069
tpc.googlesyndication.com/simgad/ Frame 1EF8 		59 KB
59 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/10700676183138206069?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qlQ0kyucOYCqTQpBjRv-FmsnJsOwQ
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012310301456000/amp4ads-v0.mjs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4008:800::2001 Bradenton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e3815b35d86be4555c82c45b8a08a212efa15208be89f50b5333d41c0bd394e3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://213.238.171.129.sslip.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 27 Nov 2023 09:09:38 GMT
x-content-type-options
nosniff
age
60204
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60653
x-xss-protection
0
last-modified
Thu, 10 Nov 2022 05:00:23 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 26 Nov 2024 09:09:38 GMT
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 1EF8 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012310301456000/amp4ads-v0.mjs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4008:800::2001 Bradenton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://213.238.171.129.sslip.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 27 Nov 2023 21:16:35 GMT
x-content-type-options
nosniff
server
cafe
age
16587
etag
14819457070020093239
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2502
x-xss-protection
0
expires
Tue, 28 Nov 2023 21:16:35 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 1EF8 		295 B
319 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012310301456000/amp4ads-v0.mjs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4008:800::2001 Bradenton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://213.238.171.129.sslip.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 27 Nov 2023 21:47:02 GMT
x-content-type-options
nosniff
server
cafe
age
14760
etag
426692510519060060
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Tue, 28 Nov 2023 21:47:02 GMT
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 49FD 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012310301456000/amp4ads-v0.mjs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4008:800::2001 Bradenton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://213.238.171.129.sslip.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 27 Nov 2023 21:16:35 GMT
x-content-type-options
nosniff
server
cafe
age
16587
etag
14819457070020093239
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2502
x-xss-protection
0
expires
Tue, 28 Nov 2023 21:16:35 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 49FD 		295 B
319 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012310301456000/amp4ads-v0.mjs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4008:800::2001 Bradenton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://213.238.171.129.sslip.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 27 Nov 2023 21:47:02 GMT
x-content-type-options
nosniff
server
cafe
age
14760
etag
426692510519060060
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Tue, 28 Nov 2023 21:47:02 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 4175 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202311090101&jk=461099647270165&rc=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4008:80b::2002 Bradenton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers
main-v2_66377c5541a9d3e9bad770a1fd4c102b.br.js
assets.bounceexchange.com/assets/smart-tag/versioned/ 		451 KB
101 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.bounceexchange.com/assets/smart-tag/versioned/main-v2_66377c5541a9d3e9bad770a1fd4c102b.br.js
Requested by
Host: tag.bounceexchange.com
URL: https://tag.bounceexchange.com/4210/i.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.72.95 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
95.72.98.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
06284ce8c02db78ae44d253b12fd9a861f665d65eeaabf5658e96ce3bc108863

Request headers

accept-language
en-US,en;q=0.9
Referer
https://213.238.171.129.sslip.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 18:23:14 GMT
content-encoding
br
age
631788
x-guploader-uploadid
ABPtcPobvUZ75bWsB7Xar5E3Q4ziS8chOWw7hRUwA9iMbISvrrydpFSL2qoASs_temL75zT-qVWo072VKADqRbrENl-1Jg
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
br
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
102996
last-modified
Mon, 20 Nov 2023 18:23:08 GMT
server
UploadServer
etag
"4a844b3448c75fabdccf5561cc60057d"
x-goog-generation
1700504588086774
x-goog-hash
crc32c=6w259w==, md5=SoRLNEjHX6vcz1VhzGAFfQ==
access-control-allow-origin
*
access-control-expose-headers
etag, Content-Type
cache-control
public,max-age=31536000
x-goog-stored-content-length
102996
accept-ranges
bytes
content-type
text/javascript
view
securepubads.g.doubleclick.net/pcs/ Frame 51CA 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssYibxVS0jGUj7cl-DAVU6SBHh1oLgb5OtGijzFNI5niq0NYRMpjgnHx9jXkf0jxTASTSBBDziTKq17ovuPt6J24-YFx24vAIswgwRbeOwBlB9oe7JfLaLcllTrS5yWFlqBKWc8sqoJgBP_FzqPsDdWhvOcDnZLkdBykGo2bCP0a66EYlCNE5wohyKtt_NgXzHdkjcvRgUESonyodNkjcnPV_KmyNLJZjwI97E3opEUBTHJ9jFVJmUMRdM_yBunPzqi4NxaFQVgU3r-M0yeRUr9zdgAfWMIoN-eulGAbylRrurkOqBD9MNGChtZMsTSRWzmlV_4z0yY05Hw4rKdYccjTw5x5bQ3UYiQLDA_F96jVpPAIcNoC7LW&sai=AMfl-YRFj83pt0o8wkTHzWoQI6uNB5kqzsYBoPZQ5wiK2reBcI26Hrgdlpws6pDvZmhxMUI1bF6bLZdgQRFNvIVIBqo2KVS38wVFxMhYnvSPdyhYRcF6dYAJmAeMx9C6l18mIVabi0XQYYO4jsIOeYm52A&sig=Cg0ArKJSzEx9ilY4YfYCEAE&uach_m=%5BUACH%5D&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:809::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://213.238.171.129.sslip.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 01:53:02 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Tue, 28 Nov 2023 01:53:02 GMT
GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js
pagead2.googlesyndication.com/bg/ Frame 450B 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4008:80b::2002 Bradenton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 01:52:21 GMT
content-encoding
br
x-content-type-options
nosniff
age
41
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15296
x-xss-protection
0
last-modified
Mon, 06 Nov 2023 16:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 27 Nov 2024 01:52:21 GMT
serve.js.php
trends.revcontent.com/ Frame 51CA 		772 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://trends.revcontent.com/serve.js.php?c=1701136381696&is_blocked=false&t=rc_370&w=103755&width=1600&site_url=https%3A%2F%2F213.238.171.129.sslip.io%2F&referer=https%3A%2F%2F213.238.171.129.sslip.io%2F&skip_iab=true
Requested by
Host: trends.revcontent.com
URL: https://trends.revcontent.com/serve.js.php?w=103755&t=rc_370&c=1701136381696&width=1600&referer=https://213.238.171.129.sslip.io/&is_blocked=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
184.72.178.21 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-184-72-178-21.compute-1.amazonaws.com
Software
envoy /
Resource Hash
f8f6ac995517b39fc2b2507b9cc7955a7b7475ae3c12827fd40a9c7189c55aef
Security Headers
Name Value
Strict-Transport-Security max-age=931536000; includeSubDomains

Request headers

Referer
https://213.238.171.129.sslip.io/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-rc-region
us-east-1a
date
Tue, 28 Nov 2023 01:53:02 GMT
strict-transport-security
max-age=931536000; includeSubDomains
server
envoy
vary
Origin
content-type
application/javascript; charset=utf-8
access-control-allow-origin
https://213.238.171.129.sslip.io
access-control-allow-credentials
true
x-envoy-upstream-service-time
8
content-length
772
manage
router.infolinks.com/usync/ Frame A0B7 		0
66 B 		Document
General
Check archive.org
Download Go to
Full URL
https://router.infolinks.com/usync/manage?pid=3306660&wsid=0&pdom=213.238.171.129.sslip.io&purl=https%3A%2F%2F213.238.171.129.sslip.io%2F&usprivacy=1YNN
Requested by
Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1895.006-3.034/ice.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://213.238.171.129.sslip.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cf-cache-status
DYNAMIC
cf-ray
82cef994f8a18c51-EWR
content-length
0
date
Tue, 28 Nov 2023 01:53:02 GMT
server
cloudflare
via
1.1 google
view
securepubads.g.doubleclick.net/pcs/ Frame 6F97 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstvhFj_Q2zBpnpHIEwo_R9Xluu7oel8GR7YeBjQCkjOezq77677oa6CUMbgXCE0tlrogh47Ig7ErqbTbjgdqXAbdYrnlZ4dMFKQs1ahLIJ_0fHFESitRYv2-Z6b90SkANSw76PCEcIsEs7YOkAyWFbg6rIJ7b53i1zdHLcaw7k2cE1v743cbn5ClSHjShoEpK0yh36xhIZ3ski7jfZvzbYC0T2RWK0AYS8rFij_cwnbiUgu7stmwL2XncmhUitt-JbCwDMOFxwq8TJtvZMDgJZ_d941w7D4CmuZimn8MJc0l5po20JMUs6mQSXJiFEDkyLc2mtTfTHjMTGuLiYhnHUhF88&sai=AMfl-YSLeFcwApTIj3iQpoUosjKJWl9ab2YiblVNryHYAZrsMR-pld1Yc2TWEeC8edSdkU4PH7gBJlUiNaUl249FZpmLC_eKrrNOAXqXFTbnpqzlVY3mR9SmK77PyvRShTNdhvMazykm2noL7gA7OWoZBIk&sig=Cg0ArKJSzC7VfVQuxTT7EAE&uach_m=%5BUACH%5D&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:809::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://213.238.171.129.sslip.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 01:53:02 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Tue, 28 Nov 2023 01:53:02 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 1EF8 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CBLw2_EdlZfujNLWNhcIP0M-zqALtoaSgdLjG_L2yEGQQASDMka4iYMkGoAGCwpXLA8gBAuACAKgDAcgDCKoErAJP0MKm95EXbI_xZkqSu1WRLm7_MGSZV6D-Geb-l5YMxiFeB50eZyYxp5euSEeiEsi8PW5ruh00pVzLxlLS3XsNgv2e044-JIvv-b0gTSVL5q7BbtqE5mCbcKg3qi5uc92jAU7EDoNKefWxvG4hQexugEI0e6Hdy5HzNDbmWOh7OnhHIvTLX0VPziEdg10rMoCKrxwuBOxEM55TFi7N_iqGdLjAxu-iTxxS0jhTbyNHjk7pre3-yW9zprH74v2CoK9LpeSzjYgukJmrxF8HxrhrUTeQtsLAkgzd-kcLzfPde7m2ygCRwB3FxXKU3vVuZCYB2M83oRKZ2Od_CbGHV4u8fQ1c0a91_dIgCmQzc25W1H_tdlPYqCM7xFnAYejAq86AyYnWgE8eQMXpaEnABObhivOaAuAEAYgF3by8yweSBQQIBBgBkgUECAUYBKAGAoAH5r3qNKgH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4b2AcB8gcEEMrrBtIIFAiAYRABGB0yAooCOgKAQEi9_cE6mgkraHR0cHM6Ly9nby50aGV4dHJlbWV4cGVyaWVuY2UuY29tL2hvbGlkYXlzL4AKA8gLAaIMECoOCgzktLEC7rWxArW4sQLaDBEKCxDA7aPEyZObrdoBEgIBA-INEwiIvMbtyuWCAxW1RkECHdDnDCXYEw3QFQGAFwGyFx4KHAgAEhRwdWItOTUxNDk3MTc3NDQwMjE2Mxix6BY&sigh=aQ8nwIqhAXc&uach_m=%5B%5D&ase=2&nis=5&cid=CAQSTQDICaaND6yyxaOVWiLxKyQ-ZRgMBclujrl1GJwnLY5mEOVHZHwXT5wLsrYyVGrU22_-F6LvU_y_gvA_RxmQzVtuo94SoOx02ueULKpFGAE&cbvp=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:809::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://213.238.171.129.sslip.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers
onsite-v2_5631bf90701659009118a89f964ae570.br.js
assets.bounceexchange.com/assets/smart-tag/versioned/ 		16 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.bounceexchange.com/assets/smart-tag/versioned/onsite-v2_5631bf90701659009118a89f964ae570.br.js
Requested by
Host: assets.bounceexchange.com
URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/main-v2_66377c5541a9d3e9bad770a1fd4c102b.br.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.72.95 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
95.72.98.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
eddc11d8be0ae5311acc08d5f2ebe7ff9426384f6408ecbb56abbd7fb5e03743

Request headers

accept-language
en-US,en;q=0.9
Referer
https://213.238.171.129.sslip.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 11:26:15 GMT
content-encoding
br
age
916007
x-guploader-uploadid
ADPycdser_3wwG-fCoa6_DP1JzdOVboBavtlDcEaGHfEk37HY2pLzNKlbvKNQtXug-tusStvnBouQ7nRLm5DARC0AE0RC8R_9RgV
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
br
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4962
last-modified
Mon, 18 Sep 2023 15:23:53 GMT
server
UploadServer
etag
"801d41813e7b11c4986b4ca00307283b"
x-goog-generation
1695050633424590
x-goog-hash
crc32c=+KL22A==, md5=gB1BgT57EcSYa0ygAwcoOw==
access-control-allow-origin
*
access-control-expose-headers
etag, Content-Type
cache-control
public,max-age=31536000
x-goog-stored-content-length
4962
accept-ranges
bytes
content-type
text/javascript
ads-v2_edfd761442efc667ac2ab2aa94495562.br.js
assets.bounceexchange.com/assets/smart-tag/versioned/ 		168 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.bounceexchange.com/assets/smart-tag/versioned/ads-v2_edfd761442efc667ac2ab2aa94495562.br.js
Requested by
Host: assets.bounceexchange.com
URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/main-v2_66377c5541a9d3e9bad770a1fd4c102b.br.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.72.95 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
95.72.98.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
52a5a3f0cd1e0e4da77558156ca80a6e9a453eb625a5c92f8e187230222539d6

Request headers

accept-language
en-US,en;q=0.9
Referer
https://213.238.171.129.sslip.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 20 Nov 2023 18:23:04 GMT
content-encoding
br
age
631798
x-guploader-uploadid
ABPtcPoxvVbhgVq70YV4FXN-SmRsrcJqhURy7fKR_3xeOL6jW0aAT-4u_EMu0P6cuZG3hFQRRPwMoh8jlPuEHMpTtdTACx28PD5C
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
br
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
37640
last-modified
Mon, 20 Nov 2023 18:22:57 GMT
server
UploadServer
etag
"55119df7b5fb14286abb1f4157bb84e4"
x-goog-generation
1700504577077636
x-goog-hash
crc32c=2Dc9YA==, md5=VRGd97X7FChqux9BV7uE5A==
access-control-allow-origin
*
access-control-expose-headers
etag, Content-Type
cache-control
public,max-age=31536000
x-goog-stored-content-length
37640
accept-ranges
bytes
content-type
text/javascript
adview
securepubads.g.doubleclick.net/pagead/ Frame 49FD 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CW1Oq_EdlZYr5Mc3_mLAPm4SYqAa78oy8dJqK0cizEtSEu_uaAhABIMyRriJgyQagAZH3v4gDyAEJ4AIAqAMByAMKqgS8Ak_Qpm5JGKZn4eBDtCYXs_fihQa3CKl4c6lJ7vwQGq3AIOHbiNz77MFA2aJ-FClav3gtlMPK8iAke9M64iwP7_6SdGhkH_I7f6lIesEQkrMUZ1ZYOe3739PcdoEySJDI8VDNdNPOcIjc6V2qIo8EZOSjEd58w9ejvTDyEkdN0TRqADNGMC5tcPNI8BhFtQ2FfO9w8_EVOLZCTpF6KH5Euo7wiEqIe0MbB_yjtYfbZhzKp1MLF27eSGAjUmpUydevr6yOAjpdaGEW8eHiv74v52fJf7s3QuGx-jKmVDqfSxCEw4E4YwqJAvIZdYdfyjdyk5gcDxsSh9aXlZSGmXG8mznA3QwkHqgddCJ3qPF9Zv7e-oFaa4Smprzyneo-cA8GAnt_UgKf0N8RdSfKwzx-68YY6Z5UZfi8VIgBjIbABPCdzMXaBOAEAYgFj8z3xE2SBQQIBBgBkgUECAUYBKAGLoAH14jAd6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4b2AcA8gcEEIauBdIIFAiAYRABGB0yAooCOgKAQEi9_cE6mgkcaHR0cHM6Ly9iYWxib2FzdGFwaG91c2UuY29tL4AKA8gLAaIMGCoWChTktLEC7rWxArW4sQLktLEC7rWxAtoMEQoLENCcwNjp8Kns4QESAgED4g0TCJeew-3K5YIDFc0_BgAdGwIGZbgT5APYEwvQFQGAFwGyFx4KHAgAEhRwdWItOTUxNDk3MTc3NDQwMjE2Mxix6BY&sigh=Pp0pit4Igxg&uach_m=%5B%5D&ase=2&nis=5&cid=CAQSTQDICaaNfYzKHdisIjXaZdobLFRhYTzpgszgj8qpzw14ub42sgdxyTsD94RZj_hLaJq-87CtlJQWKl-MQfspzpTH0_RJymX6iEvhmEsRGAE&template_id=484&cbvp=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:809::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://213.238.171.129.sslip.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers
setuid
pbs.at.cbsi.com/
Redirect Chain
  • https://bh.contextweb.com/rtset?pid=561205&ev=1&rurl=https%3A%2F%2Fpbs.at.cbsi.com%2Fsetuid%3Fbidder%3Dpulsepoint%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Di%26uid%3D%...
  • https://pbs.at.cbsi.com/setuid?bidder=pulsepoint&gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&f=i&uid=mG0tKx3rnDkV&ev=1&pid=561205
86 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbs.at.cbsi.com/setuid?bidder=pulsepoint&gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&f=i&uid=mG0tKx3rnDkV&ev=1&pid=561205
Protocol
H2
Server
146.75.29.188 Ashburn, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language
en-US,en;q=0.9
Referer
https://213.238.171.129.sslip.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-cache-hits
0
pragma
no-cache
date
Tue, 28 Nov 2023 01:53:02 GMT
content-encoding
gzip
via
1.1 varnish
expires
0
x-timer
S1701136383.536756,VS0,VE4
x-cache
MISS
content-type
image/png
cache-control
no-cache, no-store, must-revalidate
accept-ranges
bytes
x-served-by
cache-iad-kiad7000034-IAD

Redirect headers

strict-transport-security
max-age=15768000
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(10.0.14)
content-language
en-US
location
https://pbs.at.cbsi.com/setuid?bidder=pulsepoint&gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&f=i&uid=mG0tKx3rnDkV&ev=1&pid=561205
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-74c7cffc45-4ds5j
expires
-1
delivery.js
assets.revcontent.com/master/ Frame 51CA 		162 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.revcontent.com/master/delivery.js
Requested by
Host: 213.238.171.129.sslip.io
URL: https://213.238.171.129.sslip.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.93.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-93-31.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
69848d17f84889ee20b38a8ec02d1f7502ed0b3ae5352b9533a4cefd6bbe11d4

Request headers

accept-language
en-US,en;q=0.9
Referer
https://213.238.171.129.sslip.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 27 Nov 2023 03:03:54 GMT
content-encoding
gzip
via
1.1 4c1a2d98b0820f90f630f0721b0b6538.cloudfront.net (CloudFront)
last-modified
Mon, 06 Nov 2023 20:47:51 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P8
age
82149
x-amz-server-side-encryption
AES256
etag
W/"d639888467d34e28bf15173204590f92"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public,max-age=60
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
jxh7LdVQdj0nktbXso0ZnkG1Mn7LrqJI5mLQB6nPyAZp3hh6XBuOcg==
jquery-3.5.1.min.js
assets.bounceexchange.com/assets/bounce/ 		87 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.bounceexchange.com/assets/bounce/jquery-3.5.1.min.js
Requested by
Host: assets.bounceexchange.com
URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/main-v2_66377c5541a9d3e9bad770a1fd4c102b.br.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.72.95 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
95.72.98.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://213.238.171.129.sslip.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 20:33:11 GMT
content-encoding
br
age
883191
x-guploader-uploadid
ABPtcPqB-GXTTpBOow9ObLIfM_9LvZw1FgVWylP9nVW67LLlgovOTZ6WaQ77r3xvKPmdBYw0KVEB-hWt9o6OKvYgAr7tGtUpNnf9
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31570
last-modified
Mon, 13 Nov 2023 15:33:16 GMT
server
UploadServer
etag
W/"dc5e7f18c8d36ac1d3d4753a87c98d0a"
vary
Accept-Encoding
x-goog-generation
1699889596415470
x-goog-hash
crc32c=W9o9Ng==, md5=3F5/GMjTasHT1HU6h8mNCg==
access-control-allow-origin
*
access-control-expose-headers
etag, Content-Type
cache-control
public,max-age=31536000
x-goog-stored-content-length
89476
accept-ranges
none
content-type
text/javascript; charset=UTF-8
local_storage_frame17.min.html
assets.bounceexchange.com/assets/bounce/ Frame 7FC9 		2 KB
969 B 		Document
General
Check archive.org
Download Go to
Full URL
https://assets.bounceexchange.com/assets/bounce/local_storage_frame17.min.html
Requested by
Host: assets.bounceexchange.com
URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/main-v2_66377c5541a9d3e9bad770a1fd4c102b.br.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.72.95 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
95.72.98.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
f4fc114373da7e63fade04d84f7f1cfb5b31632246f33b10f3b7b275b85e6dd6

Request headers

Referer
https://213.238.171.129.sslip.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
none
access-control-allow-origin
*
access-control-expose-headers
etag Content-Type
age
1007549
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public,max-age=31536000
content-encoding
br
content-length
938
content-type
text/html; charset=UTF-8
date
Thu, 16 Nov 2023 10:00:33 GMT
etag
W/"fc893948c3efc689b5b19d8a77958e23"
last-modified
Mon, 13 Nov 2023 15:33:15 GMT
server
UploadServer
vary
Accept-Encoding
x-goog-generation
1699889595090550
x-goog-hash
crc32c=kX4cqg== md5=/Ik5SMPvxom1sZ2Kd5WOIw==
x-goog-metageneration
1
x-goog-storage-class
MULTI_REGIONAL
x-goog-stored-content-encoding
identity
x-goog-stored-content-length
2408
x-guploader-uploadid
ABPtcPpiHAUPFdz0Zy1aAnQaV7Hqombn4aHBK7gxyzjT6eGWaskt2mtsU-3UrgXqcpCaihzwoguY5cCmCPxuFw2S-uUVxg
pwt.js
ads.pubmatic.com/AdServer/js/pwt/160835/4933/ Frame 51CA 		222 KB
67 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/pwt/160835/4933/pwt.js
Requested by
Host: 213.238.171.129.sslip.io
URL: https://213.238.171.129.sslip.io/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.51.53.13 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-51-53-13.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
6b30722487e92833baf8f01d6b2d2fed4e459d7cd42dc81ac1a80d8d08b9450e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://213.238.171.129.sslip.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 01:53:02 GMT
content-encoding
gzip
last-modified
Sat, 29 Apr 2023 00:25:40 GMT
server
Apache
vary
Accept-Encoding
content-type
application/javascript
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=68517
accept-ranges
bytes
content-length
68444
expires
Tue, 28 Nov 2023 20:54:59 GMT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 4C7D 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&predirect=https%3A%2F%2Fpbs.at.cbsi.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D
Requested by
Host: at.cbsi.com
URL: https://at.cbsi.com/lib/dist/prod/bidbarrel-cbsnews.min.js?adaptive=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.51.53.13 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-51-53-13.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Referer
https://213.238.171.129.sslip.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=96041
content-encoding
gzip
content-length
5622
content-type
text/html
date
Tue, 28 Nov 2023 01:53:02 GMT
expires
Wed, 29 Nov 2023 04:33:43 GMT
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
init1.js
api.bounceexchange.com/bounce/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://api.bounceexchange.com/bounce/init1.js?wklzs=478&wklz=C4ewVgigvAZgrgOwMbAJYgQMhQZygRgHYAGffAZgDZyAOAJkroBZNgAvEKS44zAdwCmAIxypgAgPqoAJlCZ18vAE4CcIADZw0GAt2IAPfHR6YVMAUpVKo2AIbr1qBAHMJcJeqgALYMAAOOACk5ACCgXQAYuERCuQAdHS0cUT4yXQAnHE4OI5+cejRmABuqKLAEkggIADWqAJQgYQAQuF06n6twWF0dD7+QXQArKHhg5GjkbEJSSlpmdm5+SATUT3hAMKtSp0ja3ubPQL6OyFEpBQ0+PRMJI0AIthVtfWNLT3SMietZMSD3PjpajkHqEGiEfCUGidOgHOglaQnM5kKi0BikeTEe7FWxKHAAbXhAhAEj86lsAE8nM4ALqwew4ASPGp1CSgYlkpTOeowemMoR+KC8AT+KB4gBEOLQSHUAjFABoxUhbOJnCAlOSxdTMH5gHhHgBbUmoWzISQwMnOGxFLy2KBAA
Requested by
Host: assets.bounceexchange.com
URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/main-v2_66377c5541a9d3e9bad770a1fd4c102b.br.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.8.32 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
32.8.111.34.bc.googleusercontent.com
Software
/
Resource Hash
86daa34e3161d6772c000d61217a2845e368089cec3769d625d2a7534bbfd117

Request headers

accept-language
en-US,en;q=0.9
Referer
https://213.238.171.129.sslip.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Nov 2023 01:53:02 GMT
content-encoding
gzip
via
1.1 google
last-modified
Tue, 28 Nov 2023 01:53:02 GMT
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
p3p
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
10
timing-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
0
generate_204
tpc.googlesyndication.com/ Frame 450B 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?-vBbrQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4008:800::2001 Bradenton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 01:53:02 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame E160 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&predirect=https%3A%2F%2Fpbs.at.cbsi.com%2Fsetuid%3Fbidder%3Dgroupm%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D
Requested by
Host: at.cbsi.com
URL: https://at.cbsi.com/lib/dist/prod/bidbarrel-cbsnews.min.js?adaptive=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.51.53.13 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-51-53-13.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Referer
https://213.238.171.129.sslip.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=96041
content-encoding
gzip
content-length
5622
content-type
text/html
date
Tue, 28 Nov 2023 01:53:02 GMT
expires
Wed, 29 Nov 2023 04:33:43 GMT
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
PugMaster
image6.pubmatic.com/AdServer/ Frame 4C7D 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=45285419&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1YNN
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&predirect=https%3A%2F%2Fpbs.at.cbsi.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.81 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
ec1102ae3d8170ff18eba852fab7da32848ab42489ae990c5916fcb7c199efd3

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
date
Tue, 28 Nov 2023 01:53:01 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
/
trends.revcontent.com/api/demand/ Frame 51CA 		602 B
869 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://trends.revcontent.com/api/demand/?w=103755
Requested by
Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
184.72.178.21 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-184-72-178-21.compute-1.amazonaws.com
Software
envoy /
Resource Hash
4c09e2914c4899cc46faf6c2d15155322cdbc8beb68f17294f24870f36c7e876
Security Headers
Name Value
Strict-Transport-Security max-age=931536000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://213.238.171.129.sslip.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-rc-region
us-east-1a
date
Tue, 28 Nov 2023 01:53:02 GMT
strict-transport-security
max-age=931536000; includeSubDomains
server
envoy
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://213.238.171.129.sslip.io
access-control-allow-credentials
true
x-envoy-upstream-service-time
3
content-length
602
sync
trends.revcontent.com/ Frame 51CA 		62 B
568 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://trends.revcontent.com/sync
Requested by
Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
184.72.178.21 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-184-72-178-21.compute-1.amazonaws.com
Software
envoy /
Resource Hash
946a743e6776ac66bd06edadf992553fd5e927988945bbd8084f422068caf121

Request headers

accept-language
en-US,en;q=0.9
Referer
https://213.238.171.129.sslip.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-rc-region
us-east-1a
date
Tue, 28 Nov 2023 01:53:02 GMT
server
envoy
etag
"c05d7403-cd52-4123-ac38-2cc509907d34"
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers
content-type
application/json
access-control-allow-origin
https://213.238.171.129.sslip.io
p3p
CP="NOI DSP COR NID ADM DEV OUR NOR CNT"
cache-control
max-age=600, private, s-maxage=0, stale-while-revalidate=1800
access-control-allow-credentials
true
x-envoy-upstream-service-time
3
content-length
62
cm
u.openx.net/w/1.0/ Frame 40D1
Redirect Chain
  • https://u.openx.net/w/1.0/cm?id=891039ac-a916-42bb-a651-4be9e3b201da&ph=a3aece0c-9e80-4316-8deb-faf804779bd1&gdpr=&gdpr_consent=&r=https%3A%2F%2Fpbs.at.cbsi.com%2Fsetuid%3Fbidder%3Dopenx%26gdpr%3D%...
  • https://u.openx.net/w/1.0/cm?cc=1&id=891039ac-a916-42bb-a651-4be9e3b201da&ph=a3aece0c-9e80-4316-8deb-faf804779bd1&gdpr=&gdpr_consent=&r=https%3A%2F%2Fpbs.at.cbsi.com%2Fsetuid%3Fbidder%3Dopenx%26gdp...
895 B
892 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/cm?cc=1&id=891039ac-a916-42bb-a651-4be9e3b201da&ph=a3aece0c-9e80-4316-8deb-faf804779bd1&gdpr=&gdpr_consent=&r=https%3A%2F%2Fpbs.at.cbsi.com%2Fsetuid%3Fbidder%3Dopenx%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D
Requested by
Host: at.cbsi.com
URL: https://at.cbsi.com/lib/dist/prod/bidbarrel-cbsnews.min.js?adaptive=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
1a98e3aecf83fb7e4cb7adf2b1067c2194c206f7ea7e4697448bff8f7c65ef51

Request headers

Referer
https://213.238.171.129.sslip.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
558
content-type
text/html
date
Tue, 28 Nov 2023 01:53:03 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Tue, 28 Nov 2023 01:53:03 GMT
location
https://u.openx.net/w/1.0/cm?cc=1&id=891039ac-a916-42bb-a651-4be9e3b201da&ph=a3aece0c-9e80-4316-8deb-faf804779bd1&gdpr=&gdpr_consent=&r=https%3A%2F%2Fpbs.at.cbsi.com%2Fsetuid%3Fbidder%3Dopenx%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
via
1.1 google
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 5D53 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156512
Requested by
Host: assets.bounceexchange.com
URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/ads-v2_edfd761442efc667ac2ab2aa94495562.br.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.51.53.13 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-51-53-13.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Referer
https://213.238.171.129.sslip.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=96041
content-encoding
gzip
content-length
5622
content-type
text/html
date
Tue, 28 Nov 2023 01:53:02 GMT
expires
Wed, 29 Nov 2023 04:33:43 GMT
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame 9FF1
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=20986&endpoint=us-east
  • https://eus.rubiconproject.com/usync.html?p=20986&endpoint=us-east
281 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=20986&endpoint=us-east
Requested by
Host: assets.bounceexchange.com
URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/ads-v2_edfd761442efc667ac2ab2aa94495562.br.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.110.250.70 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-110-250-70.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://213.238.171.129.sslip.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Tue, 28 Nov 2023 01:53:03 GMT
ETag
"280525-119-60930cbd3cec0"
Last-Modified
Thu, 02 Nov 2023 19:57:23 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Tue, 28 Nov 2023 01:53:03 GMT
location
https://eus.rubiconproject.com/usync.html?p=20986&endpoint=us-east
server
AkamaiGHost
contextual
contextual-analytics.wunderkind.co/api/ 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://contextual-analytics.wunderkind.co/api/contextual?url=https%3A%2F%2Fwww.cbsnews.com%2F&website_id=4210
Requested by
Host: assets.bounceexchange.com
URL: https://assets.bounceexchange.com/assets/bounce/jquery-3.5.1.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.8.32 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
32.8.111.34.bc.googleusercontent.com
Software
/
Resource Hash
b488673b52c519f8bf7df045354cac567a136756977fb2077b243bd0bcb7683c

Request headers

Accept
*/*
Referer
https://213.238.171.129.sslip.io/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-origin
https://213.238.171.129.sslip.io
date
Tue, 28 Nov 2023 01:53:03 GMT
via
1.1 google
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1091
content-type
application/json
visit
events.bouncex.net/track.gif/ 		42 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events.bouncex.net/track.gif/visit?wklz=G4SwziAuBcCuYFMBOBDA5ggdpAvAWQHsAvEAG1JQFIAmAMQFYA6ABhuYAoB1ETAEwIDuYNgDkAKmwCMzFpQDMAITbdMANgAs8pdWYAPDQEo2AQQAOp0gk4IARgGkoNBnIDsjOarbs7ACTF4AGRoAYTZSEABrBDYAcQQAYwiCIx1ggAskAgBbaLpJSQBOFkZVZnUmSXoCtgBlFAAzFCQQJ3pXd1UAMlAIGCQEeuR+pBxu8ChoCj4eNFN0BFgkUhw0yEhTYWo24xp6Ol26akk5Rmo5AA5GSRdJK+oisDBw00YQAgPaMd7ofrACUlgkDemF0OEkpWYXwmv3+gOBAE8wTpIT0JvF4JBssAmiAUDZLGAcJQXNpqKBeAgCAB9CwoeEzGjUeQ7ajURqkRCM4kAEShMHiBAIERACCJJMZvBAvC5chZR2k9FKhVUcjkrJc5xuqnOXOooVZ5JlxmuzHyHgu1HOZy2chCjPqwEgRpNZpVVrtrJQ71ZzNYesZpFMRsZq3Wm22Hw+RxOZ0u11uknujEez1e3r2tF1+uoKE2TNlfuzwFMwGdHuo0p9solWcZSGDPsb2fijudLlNxzdTP9rIglfzxgAtJJy2h4vWq8ZVN3s1kjYWA63Jy7Oxby6XJ8SlC5uTzOvBkPNsNAbJkhMgcOlMjl94hUBhj8BkBACJgwYViqVylcqrfDw+YFpSB6gIJAshwFR+CEKRIQPe8sBgClQHiBBIHhUxRQpMAIkxUxOnRMBMRyJBoDSXMBUwJ8kEgBBeBwSEMAIaABVgbAkHhAUKRwABVGpOkY5iCFYyB2M4hA5B4mpjH4ylBOE9jMBQHIeMwKBaNqSAUBosAZKY-o0GBHARAATV0n4EAM19FOUkQEAENhjNAiIzPiKBEVs+ydEcpBnIE0wCEIlBSDEsEO3OFzXyBTAEJCkRpKyAguMhARbF6BApRwdQjhRcYgToldzStK01TaTokJAFCMvyZhFVNAoVTVagNS1cK5gwUA7KqzpEAAR1gLBKroyF4nCBCgRyQKslMMF21dC1zgKeh8NG7AUFMEAqJfN9NLQOQyoQZDMO6oSkBQnAUpsToj1wOCgA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.8.32 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
32.8.111.34.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://213.238.171.129.sslip.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Nov 2023 01:53:03 GMT
via
1.1 google
content-type
image/gif
cache-control
private, no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
1
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
expires
Tue, 01 Jan 2001 00:00:00 GMT
pageview
events.bouncex.net/track.gif/ 		42 B
174 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events.bouncex.net/track.gif/pageview?wklz=A4Qw5gpgbglhDuAuArgJwDYF4AWAXXwAzgKQDMAgsQEwBi1NVAjKQHRWkAcLjA7I91QCcLQoXQxgLGAHt6AMlCRYCRAGNkhXNIC2UEKhggARugiFMxHgCFqVWABMI0gPrB0IAJ4wAdmFtlKKioAMxB0Qgh-HgARBXBoOCRVaWkAazhCGAAvCEwmKjilRLUQb2lvGFUwnHwiAPp6eCaWVSNCbwRCFp15RQSVZLS4Zy0Xd1RITFDwiEL+pJT0iBGPYFzSN0I55QWh5cyczEZGQVI5ZO1gNUvMAAZznSvcVWC7h8uUQmAj96uwYG+9wuRE+V00Bl8RwAmgA5GFybTSRxveAQNowXAQGD2TAAFiY91gmVw2KOPFux1IADZOFQOOwqABWM6OWCqLE4463RlUimCGmkII8Dh8KkcbaJUmMOQRACOyAg3nZUvO4kV+Bg2jMuBAN14FOYNPpHEEPFVcG8OuAMCgEFQmXKmB1YBZCXZmHsMukaHdqKMcnilswGjtQA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.8.32 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
32.8.111.34.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://213.238.171.129.sslip.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Nov 2023 01:53:03 GMT
via
1.1 google
content-type
image/gif
cache-control
private, no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
0
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
expires
Tue, 01 Jan 2001 00:00:00 GMT
pixel_sync
trends.revcontent.com/cm/ Frame 51CA
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=revcontent&rev_dt=1701136382928
  • https://x.bidswitch.net/ul_cb/sync?ssp=revcontent&rev_dt=1701136382928
  • https://r.bidswitch.net/sync?bidswitch_ssp_id=revcontent&bsw_custom_parameter=23bd3352-e7fa-4d20-94b7-7e3199ca7991
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3205&partner_device_id=23bd3352-e7fa-4d20-94b7-7e3199ca7991&partner_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D393%26user_id%3D0%26ssp%...
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=729b67a9-636b-43b1-a134-cfcfdcf9e9d7%252Chttps%25253A%25252F%25252Fx.bidswitch.net%25252Fsync%25253Fdsp_id%25253D393%2525...
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=b3c3d956-bdf4-48cc-a145-56097a595da9&ttd_puid=729b67a9-636b-43b1-a134-cfcfdcf9e9d7%2Chttps%253A%252F%252Fx.bidswitch.net%...
  • https://x.bidswitch.net/sync?dsp_id=393&user_id=0&ssp=revcontent&bsw_param=23bd3352-e7fa-4d20-94b7-7e3199ca7991
  • https://trends.revcontent.com/cm/pixel_sync?bidder=118&bidder_uid=23bd3352-e7fa-4d20-94b7-7e3199ca7991&callback=dspCMCallback
90 B
90 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trends.revcontent.com/cm/pixel_sync?bidder=118&bidder_uid=23bd3352-e7fa-4d20-94b7-7e3199ca7991&callback=dspCMCallback
Protocol
H2
Server
184.72.178.21 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-184-72-178-21.compute-1.amazonaws.com
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://213.238.171.129.sslip.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-rc-region
us-east-1a
date
Tue, 28 Nov 2023 01:53:03 GMT
x-envoy-upstream-service-time
4
server
envoy
content-length
90
vary
Origin
content-type
application/javascript; charset=utf-8

Redirect headers

Location
//trends.revcontent.com/cm/pixel_sync?bidder=118&bidder_uid=23bd3352-e7fa-4d20-94b7-7e3199ca7991&callback=dspCMCallback
Date
Tue, 28 Nov 2023 01:53:03 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
pixel_sync
trends.revcontent.com/cm/ Frame 51CA
Redirect Chain
  • https://rtb.mfadsrvr.com/sync?ssp=revcontent&ssp_user_id=e97628e26d3c434fad95a367613dfeec&rev_dt=1701136382929
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=revcontent&ssp_user_id=e97628e26d3c434fad95a367613dfeec&rev_dt=1701136382929
  • https://trends.revcontent.com/cm/pixel_sync?exchange_uid=e97628e26d3c434fad95a367613dfeec&bidder=154&bidder_uid=2221df48-ba2a-4d32-9085-697f6bcb030f&callback=dspCMCallback
90 B
90 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trends.revcontent.com/cm/pixel_sync?exchange_uid=e97628e26d3c434fad95a367613dfeec&bidder=154&bidder_uid=2221df48-ba2a-4d32-9085-697f6bcb030f&callback=dspCMCallback
Protocol
H2
Server
184.72.178.21 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-184-72-178-21.compute-1.amazonaws.com
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://213.238.171.129.sslip.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-rc-region
us-east-1a
date
Tue, 28 Nov 2023 01:53:03 GMT
x-envoy-upstream-service-time
3
server
envoy
content-length
90
vary
Origin
content-type
application/javascript; charset=utf-8

Redirect headers

location
//trends.revcontent.com/cm/pixel_sync?exchange_uid=e97628e26d3c434fad95a367613dfeec&bidder=154&bidder_uid=2221df48-ba2a-4d32-9085-697f6bcb030f&callback=dspCMCallback
date
Tue, 28 Nov 2023 01:53:03 GMT
cache-control
no-cache, no-store, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
pixel_sync
trends.revcontent.com/cm/ Frame 51CA
Redirect Chain
  • https://b1sync.zemanta.com/usersync/revcontent/?puid=e97628e26d3c434fad95a367613dfeec&cb=https%3A%2F%2Ftrends.revcontent.com%2Fcm%2Fpixel_sync%3Fexchange_uid%3De97628e26d3c434fad95a367613dfeec_2%26...
  • https://b1sync.zemanta.com/usersync/revcontent/?cb=https%3A%2F%2Ftrends.revcontent.com%2Fcm%2Fpixel_sync%3Fexchange_uid%3De97628e26d3c434fad95a367613dfeec_2%26bidder%3D3%26bidder_uid%3D__ZUID__%26c...
  • https://trends.revcontent.com/cm/pixel_sync?exchange_uid=e97628e26d3c434fad95a367613dfeec_2&bidder=3&bidder_uid=W4l2hieW1Pe-3sxK-lnb&callback=dspCMCallback
72 B
72 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trends.revcontent.com/cm/pixel_sync?exchange_uid=e97628e26d3c434fad95a367613dfeec_2&bidder=3&bidder_uid=W4l2hieW1Pe-3sxK-lnb&callback=dspCMCallback
Protocol
H2
Server
184.72.178.21 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-184-72-178-21.compute-1.amazonaws.com
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://213.238.171.129.sslip.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-rc-region
us-east-1a
date
Tue, 28 Nov 2023 01:53:03 GMT
x-envoy-upstream-service-time
9
server
envoy
content-length
72
vary
Origin
content-type
application/javascript; charset=utf-8

Redirect headers

Pragma
no-cache
Date
Tue, 28 Nov 2023 01:53:03 GMT
Content-Type
text/html; charset=utf-8
Location
https://trends.revcontent.com/cm/pixel_sync?exchange_uid=e97628e26d3c434fad95a367613dfeec_2&bidder=3&bidder_uid=W4l2hieW1Pe-3sxK-lnb&callback=dspCMCallback
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
190
Expires
Thu, 01 Dec 1994 16:00:00 GMT
p2
sb.scorecardresearch.com/ Frame 0C7C
Redirect Chain
  • https://sb.scorecardresearch.com/p?c1=19&c2=3005086&ns_ap_an=CBSNewsBrowser&ns_ap_pn=js&ns_ap_pv=5&c12=_&name=foreground&ns_ap_ec=1&ns_ap_ev=start&ns_ap_device=Win32&ns_ap_id=1701136382950&ns_ap_cs...
  • https://sb.scorecardresearch.com/p2?c1=19&c2=3005086&ns_ap_an=CBSNewsBrowser&ns_ap_pn=js&ns_ap_pv=5&c12=_&name=foreground&ns_ap_ec=1&ns_ap_ev=start&ns_ap_device=Win32&ns_ap_id=1701136382950&ns_ap_c...
43 B
299 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/p2?c1=19&c2=3005086&ns_ap_an=CBSNewsBrowser&ns_ap_pn=js&ns_ap_pv=5&c12=_&name=foreground&ns_ap_ec=1&ns_ap_ev=start&ns_ap_device=Win32&ns_ap_id=1701136382950&ns_ap_csf=1&ns_ap_bi=unknown&ns_ap_pfm=webbrowser&ns_ap_pfv=Chrome%20119.0.6045.159&ns_ap_ver=*null&ns_ap_sv=7.5.0.200713&ns_ap_bv=7.5.0.200713&ns_ap_smv=6.4&ns_type=view&ns_ap_gs=1701136377936&ns_ts=1701136377936&ns_ap_cfg=1110101-110-3C-7D0-A-1F-1E-1E-12C-A&ns_ap_env=0-0-2&ns_ap_ut=60000&ns_ap_ar=unknown&ns_ap_cs=1&ns_ap_fg=1&ns_ap_dft=0&ns_ap_dbt=0&ns_ap_dit=0&ns_ap_as=1&ns_ap_das=0&ns_ap_usage=0&ns_radio=unknown&cs_ucfr=&ns_ap_install=1701136377936&ns_ap_ft=0&ns_ap_bt=0&ns_ap_it=0&ns_ap_res=300x169&ns_ap_sd=1600x1200&ns_ap_po=0x0&ns_ap_lang=en-US&ns_ap_jb=unknown&ns_c=UTF-8&c7=https%3A%2F%2Fwww.cbsnews.com%2Fembed%2Fvideo%2F%3Fv%3D5659e73acd91751548aa89950cf015b01701135726%26usprivacy%3Dnull%23tVhrU%252BM6Ev0rlKsmH7Yw8fvBVGo2JGGWvVzIJTC1VYRyyZbsaPBrJTshMPnv25LtxIGZuvvh3nkgudVqqVut00e8KaiuijJFW%252BW8YjU5VSifFGmKSk7DlCjnMUo5SDFZ0wg%252BocOfYYJyqqwpJoVy%252FqbQimRcOX98U6ptKXRSuiagQDH0LdMydCdy1NjWXNVyIqKGOo5U5DhGjC1d800DdLPy5Y7EV2KGn20W1et%252Fq%252F%252F8tqVhQJLXxcN8vrKmKb5Bs%252B%252F%252FFtoFownNZ5hWtMhhSs1ByNM6gX4U8pxshKCilfBAmVwsTm5AdHLd7AuTZ5BCJ67T9FdKEcqLnEYovf%252BFQkUzwiuUlcq5bumO73qa%252FAP2a4aajan64esahSQFO%252B30tPnMYQsQqQwlhItYchGBVVWV%252FHw5XA4R56TixlnrFKxX0egsKrLlcFWHyyFdDtlyaGiGuRzq%252BnKoOcuhpbuu7hJNJY5HVAtFSPWRRVTTtkzX8TQnjuLlsFrVWZgjmi6HjqW9mI62HMZGjOzIRp5hWFZsW9gJiWmHBiFmqJMQLYfPZItYpbbbUXnFCMpU3Te0F13ztLPvZfJlPbId2yeuiSLs666t25aHkOf7thbFmm6HGri%252F%252Bpmf%252Bt%252Frp2542otrgKO%252BFfvYDH3TisMIebEbEssMPTcyQ830hMZf5OjuVCkZXB2yeWDpkcfCslpz6XFjvXO%252Bcbuoq%252BVwDa7acB6O5REv1k2LeAayXC32TGw7BiYkgkPJEK8IC3T9LDNr73Aze6thRM%252BSokhS0lhPaU4QRHSV8uWQrEkOiy0otl7o%252FR%252F3z5N7fXFdO%252Bz7w%252BKPzvyRbePvdaVbKy5YhipYC5VlCndRXKPl8EXNSpI83F2DRv0uqpvN5nhtAUXLoQAjfpWVhbC%252BxzSAMRpJABPJqCFk2WboqrbtmaoVOqHqWThUHQIHaht65GveEcqoMjNarFtRwhCLVgCjj2LwpMWgrnsi9Z4gHRCDaN%252BLpW9Q1geWvpWLbTP42B%252B9bk2gNG1XUQ%252Br9HbzBFlHSsoLDBYAgThBXMKkLvZPkgw20AzUJWQn5%252FuIgOVxFIHkIi2i5z068QdO2KIOecRoSPBenZdFzgvW6a3Iy3hKYlSn4sy0U%252FirSOnFQWr6p5Z9avswgLCIfbwRPyE%252Fgw2tVoH4%252FOvz9gsAbLwJIk7x6O3Q331u%252BuukFgOy2Q0aGX8dvYmyCBeL01fSiWGDAeVBiiowJNvdoOZByegaRVuY0nT66j8dBsdUVFbFyISS0VMG3Ak2BcO826dM0t3gLc7ADGIo47vPooatmVCHeDwfBcyNNdc9W5%252FFm4xlZzmB%252BCC8HCaAfl8%252BuD9APN%252BMbEMzdX0QITEqfu4GcYqS0SfjAmVRCA3JIgYNrhiGhqdVKRs5BrRANHGI5Ng2j6DJazkBkYoOMlKxkQ7IPTisVbIibvufzPFXecDT8dVkMb4Kbopv8%252FHVdFCuWT56vBvfTG9%252FfxpAmpajdYZKXawJJ2sNeG%252Fz67Kn%252FFlEhgMrgYAlZPQG6BEIr4Q4pwRSNw8a2WiuTbSJ6Y6nqqFNLNWaXbrq%252BNKw1YvZxeRCd6aXnj0bHOfHh8xYAayM5BGAM5%252BMS%252Fj3DocGpWBGME00zUZ6B90ecUOxRm9NuxvAGpVAwNGGhIOf5d0vkyuha4jG19vbr9ez4OpmcX83G%252F8efLuazm6Dm9ubyezpQz41XQmG%252B%252FyAxOpni3Kq9K6LGGwCspfzVyHsh2Y%252FdNi%252BNNo4IPB7v305tXXgaNovVborJFAFLtHRpH10Dz40UZYVuQ1sj83uQFwxFD3TPBFBgDPjUcGI7EO1gwVszXMAaa0GsW%252FakxXg67Ss7v6bKkY6gpjzgFdBIiC%252BhWmQoDJAAopvlsPxXqdkrdG9JBJxWke6uZfw6t3CYstJQ8Cjos4rRgWDfIT6EKbgSErFDAHMO4Hgl9CZdTWhhe%252B45lBQ7%252BocF5v8CEViQjCX5Oe4mhpnUMVZM2E5%252FEIaAj4S21IfFgNIoionbCSJANy%252F5pDGgttJZv9zpBbsv36Zs6IkrNr%252BRsQ5G5ZLMLIdU3cx0Crf8nXDNJHpKDtwECAFSbIMR1aRZCv6IFsVuOEKJMcyPG2tjgmqakawGgkqDvXrtHuogFNQwkQ5PLwWRGUqKXSAswiuA4RjBRUngkcRiRoGsp8mInVsG7jGu1SifJYjeErhtgBDjGiUEhkQ4mmu5Rue6gGTVS3iO6pvYVONbBcigH0jjuzDlHkdTmENER5N91TNU3XrRHfPNe1cNw5q3YNlTz3UkxBImdiP%252FD49MSwoFJKRnDR8rRs6GZzAbQBhIbPpYLILV16B10HrtNI9C9vhw9OQ8ilZi31KZEk6hZiBgQAXQBngcCBB3r%252FgQPQvKhjaY6MrVZ%252BagUUT%252Fc5Mz0prXZQI4CPCK0BMpeV3Ms56CMQT%252Fquu7WFV14mh%252Blg3VA3iGBMPaZp8lFQ9VtZfpAb60y4iXoXi9UYzKi6k1W7hVj5IOz9ChnI8b1FGbqC9RU1VOsRp%252F8ico2olU64vfP9k%252BEBuFcnYJJfkH2NG4LgwYtv9%252BAfhFW7F4oxav6XVYH4QtCuey4Eu3NPu1wHHQf%252Fx48fBOaE7ZwC%252BbHvXVBMwRbsXXgMPMPgMJCFPJmlR41uWNMelTU3dMIB125eXtutrY8vXptb0n2NchBDrRETpHUIrLUQrLUb3AtVh9D8EGv4ZMMP1Rseg27e0a9w6Dk3r60Ria%252F%252F3DwSltM7EDkkurgPQHgE%252Bgv3QtKcrg7ETuIYpmhdcXoo24UgWSsQSR%252FT%252FJITErD9VbJ9Fu93%252FAA%253D%253D&ns_cut=c8%3Dcbs%2520news%2520-%2520breaking%2520news%252C%252024%252F7%2520live
Protocol
H2
Server
18.161.34.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-161-34-34.bos50.r.cloudfront.net
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cbsnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 01:53:03 GMT
via
1.1 b578b4642a9dfde97459f07330d190d4.cloudfront.net (CloudFront)
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
BOS50-P2
x-cache
Miss from cloudfront
content-type
image/gif
content-length
43
x-amz-cf-id
un_qX81yVoVZhQxt3uBUZqZibqp2a6Y11TC4XJtLv0TzfUmxoJqZ1A==

Redirect headers

date
Tue, 28 Nov 2023 01:53:03 GMT
via
1.1 b578b4642a9dfde97459f07330d190d4.cloudfront.net (CloudFront)
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
BOS50-P2
x-cache
Miss from cloudfront
location
/p2?c1=19&c2=3005086&ns_ap_an=CBSNewsBrowser&ns_ap_pn=js&ns_ap_pv=5&c12=_&name=foreground&ns_ap_ec=1&ns_ap_ev=start&ns_ap_device=Win32&ns_ap_id=1701136382950&ns_ap_csf=1&ns_ap_bi=unknown&ns_ap_pfm=webbrowser&ns_ap_pfv=Chrome%20119.0.6045.159&ns_ap_ver=*null&ns_ap_sv=7.5.0.200713&ns_ap_bv=7.5.0.200713&ns_ap_smv=6.4&ns_type=view&ns_ap_gs=1701136377936&ns_ts=1701136377936&ns_ap_cfg=1110101-110-3C-7D0-A-1F-1E-1E-12C-A&ns_ap_env=0-0-2&ns_ap_ut=60000&ns_ap_ar=unknown&ns_ap_cs=1&ns_ap_fg=1&ns_ap_dft=0&ns_ap_dbt=0&ns_ap_dit=0&ns_ap_as=1&ns_ap_das=0&ns_ap_usage=0&ns_radio=unknown&cs_ucfr=&ns_ap_install=1701136377936&ns_ap_ft=0&ns_ap_bt=0&ns_ap_it=0&ns_ap_res=300x169&ns_ap_sd=1600x1200&ns_ap_po=0x0&ns_ap_lang=en-US&ns_ap_jb=unknown&ns_c=UTF-8&c7=https%3A%2F%2Fwww.cbsnews.com%2Fembed%2Fvideo%2F%3Fv%3D5659e73acd91751548aa89950cf015b01701135726%26usprivacy%3Dnull%23tVhrU%252BM6Ev0rlKsmH7Yw8fvBVGo2JGGWvVzIJTC1VYRyyZbsaPBrJTshMPnv25LtxIGZuvvh3nkgudVqqVut00e8KaiuijJFW%252BW8YjU5VSifFGmKSk7DlCjnMUo5SDFZ0wg%252BocOfYYJyqqwpJoVy%252FqbQimRcOX98U6ptKXRSuiagQDH0LdMydCdy1NjWXNVyIqKGOo5U5DhGjC1d800DdLPy5Y7EV2KGn20W1et%252Fq%252F%252F8tqVhQJLXxcN8vrKmKb5Bs%252B%252F%252FFtoFownNZ5hWtMhhSs1ByNM6gX4U8pxshKCilfBAmVwsTm5AdHLd7AuTZ5BCJ67T9FdKEcqLnEYovf%252BFQkUzwiuUlcq5bumO73qa%252FAP2a4aajan64esahSQFO%252B30tPnMYQsQqQwlhItYchGBVVWV%252FHw5XA4R56TixlnrFKxX0egsKrLlcFWHyyFdDtlyaGiGuRzq%252BnKoOcuhpbuu7hJNJY5HVAtFSPWRRVTTtkzX8TQnjuLlsFrVWZgjmi6HjqW9mI62HMZGjOzIRp5hWFZsW9gJiWmHBiFmqJMQLYfPZItYpbbbUXnFCMpU3Te0F13ztLPvZfJlPbId2yeuiSLs666t25aHkOf7thbFmm6HGri%252F%252Bpmf%252Bt%252Frp2542otrgKO%252BFfvYDH3TisMIebEbEssMPTcyQ830hMZf5OjuVCkZXB2yeWDpkcfCslpz6XFjvXO%252Bcbuoq%252BVwDa7acB6O5REv1k2LeAayXC32TGw7BiYkgkPJEK8IC3T9LDNr73Aze6thRM%252BSokhS0lhPaU4QRHSV8uWQrEkOiy0otl7o%252FR%252F3z5N7fXFdO%252Bz7w%252BKPzvyRbePvdaVbKy5YhipYC5VlCndRXKPl8EXNSpI83F2DRv0uqpvN5nhtAUXLoQAjfpWVhbC%252BxzSAMRpJABPJqCFk2WboqrbtmaoVOqHqWThUHQIHaht65GveEcqoMjNarFtRwhCLVgCjj2LwpMWgrnsi9Z4gHRCDaN%252BLpW9Q1geWvpWLbTP42B%252B9bk2gNG1XUQ%252Br9HbzBFlHSsoLDBYAgThBXMKkLvZPkgw20AzUJWQn5%252FuIgOVxFIHkIi2i5z068QdO2KIOecRoSPBenZdFzgvW6a3Iy3hKYlSn4sy0U%252FirSOnFQWr6p5Z9avswgLCIfbwRPyE%252Fgw2tVoH4%252FOvz9gsAbLwJIk7x6O3Q331u%252BuukFgOy2Q0aGX8dvYmyCBeL01fSiWGDAeVBiiowJNvdoOZByegaRVuY0nT66j8dBsdUVFbFyISS0VMG3Ak2BcO826dM0t3gLc7ADGIo47vPooatmVCHeDwfBcyNNdc9W5%252FFm4xlZzmB%252BCC8HCaAfl8%252BuD9APN%252BMbEMzdX0QITEqfu4GcYqS0SfjAmVRCA3JIgYNrhiGhqdVKRs5BrRANHGI5Ng2j6DJazkBkYoOMlKxkQ7IPTisVbIibvufzPFXecDT8dVkMb4Kbopv8%252FHVdFCuWT56vBvfTG9%252FfxpAmpajdYZKXawJJ2sNeG%252Fz67Kn%252FFlEhgMrgYAlZPQG6BEIr4Q4pwRSNw8a2WiuTbSJ6Y6nqqFNLNWaXbrq%252BNKw1YvZxeRCd6aXnj0bHOfHh8xYAayM5BGAM5%252BMS%252Fj3DocGpWBGME00zUZ6B90ecUOxRm9NuxvAGpVAwNGGhIOf5d0vkyuha4jG19vbr9ez4OpmcX83G%252F8efLuazm6Dm9ubyezpQz41XQmG%252B%252FyAxOpni3Kq9K6LGGwCspfzVyHsh2Y%252FdNi%252BNNo4IPB7v305tXXgaNovVborJFAFLtHRpH10Dz40UZYVuQ1sj83uQFwxFD3TPBFBgDPjUcGI7EO1gwVszXMAaa0GsW%252FakxXg67Ss7v6bKkY6gpjzgFdBIiC%252BhWmQoDJAAopvlsPxXqdkrdG9JBJxWke6uZfw6t3CYstJQ8Cjos4rRgWDfIT6EKbgSErFDAHMO4Hgl9CZdTWhhe%252B45lBQ7%252BocF5v8CEViQjCX5Oe4mhpnUMVZM2E5%252FEIaAj4S21IfFgNIoionbCSJANy%252F5pDGgttJZv9zpBbsv36Zs6IkrNr%252BRsQ5G5ZLMLIdU3cx0Crf8nXDNJHpKDtwECAFSbIMR1aRZCv6IFsVuOEKJMcyPG2tjgmqakawGgkqDvXrtHuogFNQwkQ5PLwWRGUqKXSAswiuA4RjBRUngkcRiRoGsp8mInVsG7jGu1SifJYjeErhtgBDjGiUEhkQ4mmu5Rue6gGTVS3iO6pvYVONbBcigH0jjuzDlHkdTmENER5N91TNU3XrRHfPNe1cNw5q3YNlTz3UkxBImdiP%252FD49MSwoFJKRnDR8rRs6GZzAbQBhIbPpYLILV16B10HrtNI9C9vhw9OQ8ilZi31KZEk6hZiBgQAXQBngcCBB3r%252FgQPQvKhjaY6MrVZ%252BagUUT%252Fc5Mz0prXZQI4CPCK0BMpeV3Ms56CMQT%252Fquu7WFV14mh%252Blg3VA3iGBMPaZp8lFQ9VtZfpAb60y4iXoXi9UYzKi6k1W7hVj5IOz9ChnI8b1FGbqC9RU1VOsRp%252F8ico2olU64vfP9k%252BEBuFcnYJJfkH2NG4LgwYtv9%252BAfhFW7F4oxav6XVYH4QtCuey4Eu3NPu1wHHQf%252Fx48fBOaE7ZwC%252BbHvXVBMwRbsXXgMPMPgMJCFPJmlR41uWNMelTU3dMIB125eXtutrY8vXptb0n2NchBDrRETpHUIrLUQrLUb3AtVh9D8EGv4ZMMP1Rseg27e0a9w6Dk3r60Ria%252F%252F3DwSltM7EDkkurgPQHgE%252Bgv3QtKcrg7ETuIYpmhdcXoo24UgWSsQSR%252FT%252FJITErD9VbJ9Fu93%252FAA%253D%253D&ns_cut=c8%3Dcbs%2520news%2520-%2520breaking%2520news%252C%252024%252F7%2520live
content-length
0
x-amz-cf-id
aSpLl3HAiIdkYPnDoQLrC5DBd3efNc1Bo5OKxgWnOehiQWhxKS9e1Q==
p2
sb.scorecardresearch.com/ Frame 0C7C
Redirect Chain
  • https://sb.scorecardresearch.com/p?c1=19&c2=3005086&ns_ap_an=CBSNewsBrowser&ns_ap_pn=js&ns_ap_pv=5&c12=_&name=foreground&ns_ap_ec=2&ns_ap_ev=hidden&ns_ap_device=Win32&ns_ap_id=1701136382950&ns_ap_b...
  • https://sb.scorecardresearch.com/p2?c1=19&c2=3005086&ns_ap_an=CBSNewsBrowser&ns_ap_pn=js&ns_ap_pv=5&c12=_&name=foreground&ns_ap_ec=2&ns_ap_ev=hidden&ns_ap_device=Win32&ns_ap_id=1701136382950&ns_ap_...
43 B
299 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/p2?c1=19&c2=3005086&ns_ap_an=CBSNewsBrowser&ns_ap_pn=js&ns_ap_pv=5&c12=_&name=foreground&ns_ap_ec=2&ns_ap_ev=hidden&ns_ap_device=Win32&ns_ap_id=1701136382950&ns_ap_bi=unknown&ns_ap_pfm=webbrowser&ns_ap_pfv=Chrome%20119.0.6045.159&ns_ap_ver=*null&ns_ap_sv=7.5.0.200713&ns_ap_bv=7.5.0.200713&ns_ap_smv=6.4&ns_type=hidden&ns_ts=1701136379323&ns_ap_env=0-0-2&ns_st_sv=7.5.0.200713&ns_st_smv=6.4&ns_st_it=c&ns_st_id=1701136377939&ns_st_ec=1&ns_st_cn=1&ns_st_ev=play&ns_st_sp=1&ns_st_sc=1&ns_st_ppc=1&ns_st_apc=1&ns_st_spc=1&ns_st_dppc=1&ns_st_dapc=1&ns_st_dspc=1&ns_st_psq=1&ns_st_asq=1&ns_st_sq=1&ns_st_po=0&ns_st_lda=0&ns_st_ldw=0&ns_st_ldo=0&ns_st_hd=10001&ns_st_mp=%40cbsinteractive%2Favia-js&ns_st_mv=2.17.0&ns_st_cl=0&ns_st_pn=1&ns_st_tp=0&ns_st_ct=vc13&ns_st_li=1&ns_st_ty=video&ns_st_ci=9mwStzqtXKyib_egzSUPPh4DldNaEjJ2&ns_ap_ar=unknown&ns_ap_cs=1&ns_radio=unknown&ns_st_pt=0&ns_st_ipt=0&ns_st_iap=0&ns_st_iet=0&ns_st_iupc=0&ns_st_iupa=0&ns_st_ilpc=0&ns_st_ilpa=0&ns_st_ibc=0&ns_st_ibt=0&ns_st_itpc=0&ns_st_icpc=0&ns_st_cfg=111110001-5-4b0-3-5&c3=CBSNewsBrowser&c4=CBSNews.com&c6=LiveTV-CBSN%20Live&ns_st_ce=1&ns_st_ia=1&ns_st_pu=cbsnews&ns_st_st=CBSNews.com&ns_st_pr=*null&ns_st_sn=*null&ns_st_en=*null&ns_st_ep=*null&ns_st_ge=news&ns_st_dskc=0&ns_st_dska=0&ns_st_skd=0&ns_st_dskt=0&ns_st_dpc=0&cs_ucfr=&ns_ap_res=300x169&ns_ap_sd=1600x1200&ns_ap_po=0x0&ns_ap_lang=en-US&ns_c=UTF-8&ns_st_lt=1384&ns_st_br=0&ns_st_rt=100&ns_st_vo=100&ns_st_pb=1&ns_st_dpt=0&ns_st_ap=0&ns_st_dap=0&ns_st_et=0&ns_st_det=0&ns_st_upc=0&ns_st_dupc=0&ns_st_upa=0&ns_st_dupa=0&ns_st_lpc=0&ns_st_dlpc=0&ns_st_lpa=0&ns_st_dlpa=0&ns_st_bc=0&ns_st_dbc=0&ns_st_bt=0&ns_st_dbt=0&ns_st_bp=0&ns_st_dtpc=0&ns_st_dcpc=0&ns_st_skc=0&ns_st_ska=0&ns_st_skt=0&ns_st_pc=0&ns_st_pp=0&ns_st_pa=0&ns_cut=c7%3Dhttps%253A%252F%252Fwww.cbsnews.com%252Fembed%252Fvideo%252F%253Fv%253D5659e73acd91751548aa89950cf015b01701135726%2526usprivacy%253Dnull%2523tVhrU%25252BM6Ev0rlKsmH7Yw8fvBVGo2JGGWvVzIJTC1VYRyyZbsaPBrJTshMPnv25LtxIGZuvvh3nkgudVqqVut00e8KaiuijJFW%25252BW8YjU5VSifFGmKSk7DlCjnMUo5SDFZ0wg%25252BocOfYYJyqqwpJoVy%25252FqbQimRcOX98U6ptKXRSuiagQDH0LdMydCdy1NjWXNVyIqKGOo5U5DhGjC1d800DdLPy5Y7EV2KGn20W1et%25252Fq%25252F%25252F8tqVhQJLXxcN8vrKmKb5Bs%25252B%25252F%25252FFtoFownNZ5hWtMhhSs1ByNM6gX4U8pxshKCilfBAmVwsTm5AdHLd7AuTZ5BCJ67T9FdKEcqLnEYovf%25252BFQkUzwiuUlcq5bumO73qa%25252FAP2a4aajan64esahSQFO%25252B30tPnMYQsQqQwlhItYchGBVVWV%25252FHw5XA4R56TixlnrFKxX0egsKrLlcFWHyyFdDtlyaGiGuRzq%25252BnKoOcuhpbuu7hJNJY5HVAtFSPWRRVTTtkzX8TQnjuLlsFrVWZgjmi6HjqW9mI62HMZGjOzIRp5hWFZsW9gJiWmHBiFmqJMQLYfPZItYpbbbUXnFCMpU3Te0F13ztLPvZfJlPbId2yeuiSLs666t25aHkOf7thbFmm6HGri%25252F%25252Bpmf%25252Bt%25252Frp2542otrgKO%25252BFfvYDH3TisMIebEbEssMPTcyQ830hMZf5OjuVCkZXB2yeWDpkcfCslpz6XFjvXO%25252Bcbuoq%25252BVwDa7acB6O5REv1k2LeAayXC32TGw7BiYkgkPJEK8IC3T9LDNr73Aze6thRM%25252BSokhS0lhPaU4QRHSV8uWQrEkOiy0otl7o%25252FR%25252F3z5N7fXFdO%25252Bz7w%25252BKPzvyRbePvdaVbKy5YhipYC5VlCndRXKPl8EXNSpI83F2DRv0uqpvN5nhtAUXLoQAjfpWVhbC%25252BxzSAMRpJABPJqCFk2WboqrbtmaoVOqHqWThUHQIHaht65GveEcqoMjNarFtRwhCLVgCjj2LwpMWgrnsi9Z4gHRCDaN%25252BLpW9Q1geWvpWLbTP42B%25252B9bk2gNG1XUQ%25252Br9HbzBFlHSsoLDBYAgThBXMKkLvZPkgw20AzUJWQn5%25252FuIgOVxFIHkIi2i5z068QdO2KIOecRoSPBenZdFzgvW6a3Iy3hKYlSn4sy0U%25252FirSOnFQWr6p5Z9avswgLCIfbwRPyE%25252Fgw2tVoH4%25252FOvz9gsAbLwJIk7x6O3Q331u%25252BuukFgOy2Q0aGX8dvYmyCBeL01fSiWGDAeVBiiowJNvdoOZByegaRVuY0nT66j8dBsdUVFbFyISS0VMG3Ak2BcO826dM0t3gLc7ADGIo47vPooatmVCHeDwfBcyNNdc9W5%25252FFm4xlZzmB%25252BCC8HCaAfl8%25252BuD9APN%25252BMbEMzdX0QITEqfu4GcYqS0SfjAmVRCA3JIgYNrhiGhqdVKRs5BrRANHGI5Ng2j6DJazkBkYoOMlKxkQ7IPTisVbIibvufzPFXecDT8dVkMb4Kbopv8%25252FHVdFCuWT56vBvfTG9%25252FfxpAmpajdYZKXawJJ2sNeG%25252Fz67Kn%25252FFlEhgMrgYAlZPQG6BEIr4Q4pwRSNw8a2WiuTbSJ6Y6nqqFNLNWaXbrq%25252BNKw1YvZxeRCd6aXnj0bHOfHh8xYAayM5BGAM5%25252BMS%25252Fj3DocGpWBGME00zUZ6B90ecUOxRm9NuxvAGpVAwNGGhIOf5d0vkyuha4jG19vbr9ez4OpmcX83G%25252F8efLuazm6Dm9ubyezpQz41XQmG%25252B%25252FyAxOpni3Kq9K6LGGwCspfzVyHsh2Y%25252FdNi%25252BNNo4IPB7v305tXXgaNovVborJFAFLtHRpH10Dz40UZYVuQ1sj83uQFwxFD3TPBFBgDPjUcGI7EO1gwVszXMAaa0GsW%25252F
Protocol
H2
Server
18.161.34.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-161-34-34.bos50.r.cloudfront.net
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cbsnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 01:53:03 GMT
via
1.1 b578b4642a9dfde97459f07330d190d4.cloudfront.net (CloudFront)
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
BOS50-P2
x-cache
Miss from cloudfront
content-type
image/gif
content-length
43
x-amz-cf-id
TAHXS_cAkKbWZIT3DoKc7YxrPqEe70WlVxo7059E4l1LarLbccNXNg==

Redirect headers

date
Tue, 28 Nov 2023 01:53:03 GMT
via
1.1 b578b4642a9dfde97459f07330d190d4.cloudfront.net (CloudFront)
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
BOS50-P2
x-cache
Miss from cloudfront
location
/p2?c1=19&c2=3005086&ns_ap_an=CBSNewsBrowser&ns_ap_pn=js&ns_ap_pv=5&c12=_&name=foreground&ns_ap_ec=2&ns_ap_ev=hidden&ns_ap_device=Win32&ns_ap_id=1701136382950&ns_ap_bi=unknown&ns_ap_pfm=webbrowser&ns_ap_pfv=Chrome%20119.0.6045.159&ns_ap_ver=*null&ns_ap_sv=7.5.0.200713&ns_ap_bv=7.5.0.200713&ns_ap_smv=6.4&ns_type=hidden&ns_ts=1701136379323&ns_ap_env=0-0-2&ns_st_sv=7.5.0.200713&ns_st_smv=6.4&ns_st_it=c&ns_st_id=1701136377939&ns_st_ec=1&ns_st_cn=1&ns_st_ev=play&ns_st_sp=1&ns_st_sc=1&ns_st_ppc=1&ns_st_apc=1&ns_st_spc=1&ns_st_dppc=1&ns_st_dapc=1&ns_st_dspc=1&ns_st_psq=1&ns_st_asq=1&ns_st_sq=1&ns_st_po=0&ns_st_lda=0&ns_st_ldw=0&ns_st_ldo=0&ns_st_hd=10001&ns_st_mp=%40cbsinteractive%2Favia-js&ns_st_mv=2.17.0&ns_st_cl=0&ns_st_pn=1&ns_st_tp=0&ns_st_ct=vc13&ns_st_li=1&ns_st_ty=video&ns_st_ci=9mwStzqtXKyib_egzSUPPh4DldNaEjJ2&ns_ap_ar=unknown&ns_ap_cs=1&ns_radio=unknown&ns_st_pt=0&ns_st_ipt=0&ns_st_iap=0&ns_st_iet=0&ns_st_iupc=0&ns_st_iupa=0&ns_st_ilpc=0&ns_st_ilpa=0&ns_st_ibc=0&ns_st_ibt=0&ns_st_itpc=0&ns_st_icpc=0&ns_st_cfg=111110001-5-4b0-3-5&c3=CBSNewsBrowser&c4=CBSNews.com&c6=LiveTV-CBSN%20Live&ns_st_ce=1&ns_st_ia=1&ns_st_pu=cbsnews&ns_st_st=CBSNews.com&ns_st_pr=*null&ns_st_sn=*null&ns_st_en=*null&ns_st_ep=*null&ns_st_ge=news&ns_st_dskc=0&ns_st_dska=0&ns_st_skd=0&ns_st_dskt=0&ns_st_dpc=0&cs_ucfr=&ns_ap_res=300x169&ns_ap_sd=1600x1200&ns_ap_po=0x0&ns_ap_lang=en-US&ns_c=UTF-8&ns_st_lt=1384&ns_st_br=0&ns_st_rt=100&ns_st_vo=100&ns_st_pb=1&ns_st_dpt=0&ns_st_ap=0&ns_st_dap=0&ns_st_et=0&ns_st_det=0&ns_st_upc=0&ns_st_dupc=0&ns_st_upa=0&ns_st_dupa=0&ns_st_lpc=0&ns_st_dlpc=0&ns_st_lpa=0&ns_st_dlpa=0&ns_st_bc=0&ns_st_dbc=0&ns_st_bt=0&ns_st_dbt=0&ns_st_bp=0&ns_st_dtpc=0&ns_st_dcpc=0&ns_st_skc=0&ns_st_ska=0&ns_st_skt=0&ns_st_pc=0&ns_st_pp=0&ns_st_pa=0&ns_cut=c7%3Dhttps%253A%252F%252Fwww.cbsnews.com%252Fembed%252Fvideo%252F%253Fv%253D5659e73acd91751548aa89950cf015b01701135726%2526usprivacy%253Dnull%2523tVhrU%25252BM6Ev0rlKsmH7Yw8fvBVGo2JGGWvVzIJTC1VYRyyZbsaPBrJTshMPnv25LtxIGZuvvh3nkgudVqqVut00e8KaiuijJFW%25252BW8YjU5VSifFGmKSk7DlCjnMUo5SDFZ0wg%25252BocOfYYJyqqwpJoVy%25252FqbQimRcOX98U6ptKXRSuiagQDH0LdMydCdy1NjWXNVyIqKGOo5U5DhGjC1d800DdLPy5Y7EV2KGn20W1et%25252Fq%25252F%25252F8tqVhQJLXxcN8vrKmKb5Bs%25252B%25252F%25252FFtoFownNZ5hWtMhhSs1ByNM6gX4U8pxshKCilfBAmVwsTm5AdHLd7AuTZ5BCJ67T9FdKEcqLnEYovf%25252BFQkUzwiuUlcq5bumO73qa%25252FAP2a4aajan64esahSQFO%25252B30tPnMYQsQqQwlhItYchGBVVWV%25252FHw5XA4R56TixlnrFKxX0egsKrLlcFWHyyFdDtlyaGiGuRzq%25252BnKoOcuhpbuu7hJNJY5HVAtFSPWRRVTTtkzX8TQnjuLlsFrVWZgjmi6HjqW9mI62HMZGjOzIRp5hWFZsW9gJiWmHBiFmqJMQLYfPZItYpbbbUXnFCMpU3Te0F13ztLPvZfJlPbId2yeuiSLs666t25aHkOf7thbFmm6HGri%25252F%25252Bpmf%25252Bt%25252Frp2542otrgKO%25252BFfvYDH3TisMIebEbEssMPTcyQ830hMZf5OjuVCkZXB2yeWDpkcfCslpz6XFjvXO%25252Bcbuoq%25252BVwDa7acB6O5REv1k2LeAayXC32TGw7BiYkgkPJEK8IC3T9LDNr73Aze6thRM%25252BSokhS0lhPaU4QRHSV8uWQrEkOiy0otl7o%25252FR%25252F3z5N7fXFdO%25252Bz7w%25252BKPzvyRbePvdaVbKy5YhipYC5VlCndRXKPl8EXNSpI83F2DRv0uqpvN5nhtAUXLoQAjfpWVhbC%25252BxzSAMRpJABPJqCFk2WboqrbtmaoVOqHqWThUHQIHaht65GveEcqoMjNarFtRwhCLVgCjj2LwpMWgrnsi9Z4gHRCDaN%25252BLpW9Q1geWvpWLbTP42B%25252B9bk2gNG1XUQ%25252Br9HbzBFlHSsoLDBYAgThBXMKkLvZPkgw20AzUJWQn5%25252FuIgOVxFIHkIi2i5z068QdO2KIOecRoSPBenZdFzgvW6a3Iy3hKYlSn4sy0U%25252FirSOnFQWr6p5Z9avswgLCIfbwRPyE%25252Fgw2tVoH4%25252FOvz9gsAbLwJIk7x6O3Q331u%25252BuukFgOy2Q0aGX8dvYmyCBeL01fSiWGDAeVBiiowJNvdoOZByegaRVuY0nT66j8dBsdUVFbFyISS0VMG3Ak2BcO826dM0t3gLc7ADGIo47vPooatmVCHeDwfBcyNNdc9W5%25252FFm4xlZzmB%25252BCC8HCaAfl8%25252BuD9APN%25252BMbEMzdX0QITEqfu4GcYqS0SfjAmVRCA3JIgYNrhiGhqdVKRs5BrRANHGI5Ng2j6DJazkBkYoOMlKxkQ7IPTisVbIibvufzPFXecDT8dVkMb4Kbopv8%25252FHVdFCuWT56vBvfTG9%25252FfxpAmpajdYZKXawJJ2sNeG%25252Fz67Kn%25252FFlEhgMrgYAlZPQG6BEIr4Q4pwRSNw8a2WiuTbSJ6Y6nqqFNLNWaXbrq%25252BNKw1YvZxeRCd6aXnj0bHOfHh8xYAayM5BGAM5%25252BMS%25252Fj3DocGpWBGME00zUZ6B90ecUOxRm9NuxvAGpVAwNGGhIOf5d0vkyuha4jG19vbr9ez4OpmcX83G%25252F8efLuazm6Dm9ubyezpQz41XQmG%25252B%25252FyAxOpni3Kq9K6LGGwCspfzVyHsh2Y%25252FdNi%25252BNNo4IPB7v305tXXgaNovVborJFAFLtHRpH10Dz40UZYVuQ1sj83uQFwxFD3TPBFBgDPjUcGI7EO1gwVszXMAaa0GsW%25252F
content-length
0
x-amz-cf-id
ezIP5a9cuV8HuZAe6bavZcmZq0Z11ebO0_DGLMMkgFM4yKmQp4nkFQ==
dcm
s.amazon-adsystem.com/ Frame E35F
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=3b882453-6770-4785-baf8-a598533c054a&id=C5B20BED-E183-402B-A22C-83D5EF22CB2C&redir=true&gdpr=0&gdpr_consent=
  • https://s.amazon-adsystem.com/dcm?pid=3b882453-6770-4785-baf8-a598533c054a&id=C5B20BED-E183-402B-A22C-83D5EF22CB2C&redir=true&gdpr=0&gdpr_consent=&dcc=t
43 B
855 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/dcm?pid=3b882453-6770-4785-baf8-a598533c054a&id=C5B20BED-E183-402B-A22C-83D5EF22CB2C&redir=true&gdpr=0&gdpr_consent=&dcc=t
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&predirect=https%3A%2F%2Fpbs.at.cbsi.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Tue, 28 Nov 2023 01:53:03 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
EMF8SG5EV93Q1V9Y6GWM

Redirect headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Date
Tue, 28 Nov 2023 01:53:03 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Location
https://s.amazon-adsystem.com/dcm?pid=3b882453-6770-4785-baf8-a598533c054a&id=C5B20BED-E183-402B-A22C-83D5EF22CB2C&redir=true&gdpr=0&gdpr_consent=&dcc=t
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
SC2E6WFR3SC51VGY4A1Y
Pug
simage2.pubmatic.com/AdServer/ Frame 505A
Redirect Chain
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=3056755399233263756&gdpr=0&gdpr_consent=
42 B
448 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=3056755399233263756&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&predirect=https%3A%2F%2Fpbs.at.cbsi.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 27 Nov 2023 16:59:27 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
access-control-allow-origin
*
an-x-request-uuid
9168d4aa-c24c-4373-8c81-8a75ff59dffe
cache-control
no-store, no-cache, private
content-length
0
content-type
text/html; charset=utf-8
date
Tue, 28 Nov 2023 01:53:02 GMT
expires
Sat, 15 Nov 2008 16:00:00 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=3056755399233263756&gdpr=0&gdpr_consent=
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
pragma
no-cache
server
nginx/1.21.3
x-proxy-origin
206.66.96.134; 206.66.96.134; 672.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
x-xss-protection
0
setuid
pbs.at.cbsi.com/ Frame 1240 		0
635 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pbs.at.cbsi.com/setuid?bidder=pubmatic&gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&f=b&uid=C5B20BED-E183-402B-A22C-83D5EF22CB2C
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&predirect=https%3A%2F%2Fpbs.at.cbsi.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.75.29.188 Ashburn, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
no-cache, no-store, must-revalidate
content-length
0
content-type
text/html
date
Tue, 28 Nov 2023 01:53:02 GMT
expires
0
pragma
no-cache
vary
Accept-Encoding
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-iad-kiad7000034-IAD
x-timer
S1701136383.981158,VS0,VE3
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 4C7D
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=xbIL7eGDQCuiLIPV7yLLLA%3D%3D&gdpr=0&gdpr_consent=
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Protocol
H2
Server
23.51.53.13 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-51-53-13.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 01:53:03 GMT
content-encoding
gzip
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
server
Apache
vary
Accept-Encoding
content-type
text/html
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=96040
accept-ranges
bytes
content-length
5622
expires
Wed, 29 Nov 2023 04:33:43 GMT

Redirect headers

pragma
no-cache
date
Tue, 28 Nov 2023 01:53:03 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
receive
pixel.tapad.com/idsync/ex/ Frame 4C7D
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3371&partner_device_id=C5B20BED-E183-402B-A22C-83D5EF22CB2C
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3371&partner_device_id=C5B20BED-E183-402B-A22C-83D5EF22CB2C
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=729b67a9-636b-43b1-a134-cfcfdcf9e9d7%252C%252C&gdpr=0&gdpr_consent=
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=b3c3d956-bdf4-48cc-a145-56097a595da9&ttd_puid=729b67a9-636b-43b1-a134-cfcfdcf9e9d7%2C%2C
95 B
124 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=b3c3d956-bdf4-48cc-a145-56097a595da9&ttd_puid=729b67a9-636b-43b1-a134-cfcfdcf9e9d7%2C%2C
Protocol
H3
Server
34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
62.113.111.34.bc.googleusercontent.com
Software
Jetty(11.0.13) /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 01:53:03 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
content-type
image/png
access-control-allow-origin
*
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95

Redirect headers

location
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=b3c3d956-bdf4-48cc-a145-56097a595da9&ttd_puid=729b67a9-636b-43b1-a134-cfcfdcf9e9d7%2C%2C
date
Tue, 28 Nov 2023 01:53:03 GMT
server
Kestrel
content-length
359
FZt5psomz79DGe~O1V5PkX7S8-NVJIdw0INR-k~Duu9c36GyIDyElf4y8fa2~-9InNSq4BCadyu-8tQSiIkaVleT~Yh8GI4ocNSeo4~API4DJEsYNIMg2sPMMXvjcckTUFy53ZYw3gzv35jSAchydRkSr2XFgqe-kzzlKTlv1VT7-TlAc0PcX7nFzbKlHypwbpU3A...
us01.z.antigena.com/l/ Frame 4C7D 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us01.z.antigena.com/l/FZt5psomz79DGe~O1V5PkX7S8-NVJIdw0INR-k~Duu9c36GyIDyElf4y8fa2~-9InNSq4BCadyu-8tQSiIkaVleT~Yh8GI4ocNSeo4~API4DJEsYNIMg2sPMMXvjcckTUFy53ZYw3gzv35jSAchydRkSr2XFgqe-kzzlKTlv1VT7-TlAc0PcX7nFzbKlHypwbpU3AWUAJgUx%20C5B20BED-E183-402B-A22C-83D5EF22CB2C&rnd=RND
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
40.76.134.238 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers
xuid
eb2.3lift.com/ Frame 4C7D 		37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=7976&xuid=C5B20BED-E183-402B-A22C-83D5EF22CB2C&dongle=u6nf&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.223.22.214 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-type
image/gif
date
Tue, 28 Nov 2023 01:53:02 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
Pug
image2.pubmatic.com/AdServer/ Frame 4C7D
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=QzVCMjBCRUQtRTE4My00MDJCLUEyMkMtODNENUVGMjJDQjJD&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Tue, 28 Nov 2023 01:53:02 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Tue, 28 Nov 2023 01:53:03 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 4C7D
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEJliGf-ehooLfXpl0kxSe8Q&google_cver=1
42 B
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEJliGf-ehooLfXpl0kxSe8Q&google_cver=1
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Mon, 27 Nov 2023 16:31:56 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Tue, 28 Nov 2023 01:53:03 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEJliGf-ehooLfXpl0kxSe8Q&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 4C7D
Redirect Chain
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:3632AF9873274782B2743660ED8B6F3C
42 B
321 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:3632AF9873274782B2743660ED8B6F3C
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Tue, 28 Nov 2023 01:53:03 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

date
Tue, 28 Nov 2023 01:53:03 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:3632AF9873274782B2743660ED8B6F3C
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Mon, 27 Nov 2023 01:53:03 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 4C7D
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=b3c3d956-bdf4-48cc-a145-56097a595da9&gdpr=0&gdpr_consent=
42 B
395 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=b3c3d956-bdf4-48cc-a145-56097a595da9&gdpr=0&gdpr_consent=
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Tue, 28 Nov 2023 01:53:01 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=b3c3d956-bdf4-48cc-a145-56097a595da9&gdpr=0&gdpr_consent=
date
Tue, 28 Nov 2023 01:53:02 GMT
server
Kestrel
content-length
355
SPug
image4.pubmatic.com/AdServer/ Frame 4C7D
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=C5B20BED-E183-402B-A22C-83D5EF22CB2C&redir=true&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-Sdgb2kxE2uWtR6MQurjheKV9rYSkE2o-~A&gdpr=0
0
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-Sdgb2kxE2uWtR6MQurjheKV9rYSkE2o-~A&gdpr=0
Protocol
H2
Server
162.248.18.34 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 01:53:02 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-Sdgb2kxE2uWtR6MQurjheKV9rYSkE2o-~A&gdpr=0
date
Tue, 28 Nov 2023 01:53:02 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.87
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
C5B20BED-E183-402B-A22C-83D5EF22CB2C
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 4C7D 		43 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/C5B20BED-E183-402B-A22C-83D5EF22CB2C?gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:4e9:5a07:afa7:1461:468e:7e6f Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 01:53:02 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
Pug
simage2.pubmatic.com/AdServer/ Frame 4C7D
Redirect Chain
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=C5B20BED-E183-402B-A22C-83D5EF22CB2C&gdpr=0&gdpr_consent=
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=20cbfb7ac26f239f&is_secure=true&networkId=17100&version=1&nuid=C5B20BED-E183-402B-A22C-83D5EF22CB2C&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAACL5QUjZaaMgNztonrAAAAAAA&expiration=1701222783&nuid=C5B20BED-E183-402B-A22C-83D5EF22CB2C&...
42 B
375 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAACL5QUjZaaMgNztonrAAAAAAA&expiration=1701222783&nuid=C5B20BED-E183-402B-A22C-83D5EF22CB2C&is_secure=true&gdpr_consent=&gdpr=0
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Mon, 27 Nov 2023 16:58:11 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Tue, 28 Nov 2023 01:53:03 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAACL5QUjZaaMgNztonrAAAAAAA&expiration=1701222783&nuid=C5B20BED-E183-402B-A22C-83D5EF22CB2C&is_secure=true&gdpr_consent=&gdpr=0
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
Pug
simage2.pubmatic.com/AdServer/ Frame 4C7D
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_cons...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=cbfa431b-c3f4-455e-ae13-376871c80544&gdpr=0&gdpr_consent=
1 B
335 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=cbfa431b-c3f4-455e-ae13-376871c80544&gdpr=0&gdpr_consent=
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Tue, 28 Nov 2023 01:53:03 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=cbfa431b-c3f4-455e-ae13-376871c80544&gdpr=0&gdpr_consent=
Date
Tue, 28 Nov 2023 01:53:03 GMT
Connection
keep-alive
X-CI-RTID
5230bab2-1a27-460a-84bd-1a78da567ddb
Content-Length
205
Content-Type
text/html; charset=utf-8
/
trends.revcontent.com/api/delivery/ Frame 51CA 		7 KB
4 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://trends.revcontent.com/api/delivery/?is_blocked=undefined&w=103755&width=11&rev_allow_cookies=1&site_url=https%3A%2F%2F213.238.171.129.sslip.io%2F&icr_url=&referer=https%3A%2F%2F213.238.171.129.sslip.io%2F&va=0&user_uuid=c05d7403-cd52-4123-ac38-2cc509907d34&time=1701136382961&up=pc&bn=chrome&bv=119&widget_width=11&style_id=0&an=false
Requested by
Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
184.72.178.21 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-184-72-178-21.compute-1.amazonaws.com
Software
envoy /
Resource Hash
082d27c2641584658558db21fff166e4162d54b2f20df1d3026626f68c4c0882
Security Headers
Name Value
Strict-Transport-Security max-age=931536000; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://213.238.171.129.sslip.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-rc-region
us-east-1a
date
Tue, 28 Nov 2023 01:53:03 GMT
strict-transport-security
max-age=931536000; includeSubDomains
content-encoding
gzip
server
envoy
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://213.238.171.129.sslip.io
access-control-allow-credentials
true
x-envoy-upstream-service-time
212
setuid
pbs.at.cbsi.com/ Frame 40D1 		0
879 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbs.at.cbsi.com/setuid?bidder=openx&gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&f=b&uid=fdfbce4d-8b7b-07db-2d9a-e900be1b1572
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=891039ac-a916-42bb-a651-4be9e3b201da&ph=a3aece0c-9e80-4316-8deb-faf804779bd1&gdpr=&gdpr_consent=&r=https%3A%2F%2Fpbs.at.cbsi.com%2Fsetuid%3Fbidder%3Dopenx%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.75.29.188 Ashburn, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-cache-hits
0
pragma
no-cache
date
Tue, 28 Nov 2023 01:53:03 GMT
via
1.1 varnish
x-served-by
cache-iad-kiad7000034-IAD
x-timer
S1701136383.197996,VS0,VE4
vary
Accept-Encoding
x-cache
MISS
content-type
text/html
cache-control
no-cache, no-store, must-revalidate
accept-ranges
bytes
content-length
0
expires
0
sd
us-u.openx.net/w/1.0/ Frame 40D1
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D
  • https://sync-tm.everesttech.net/ct/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D&_test=ZWVH-wAC4Qn2aQBH
  • https://us-u.openx.net/w/1.0/sd?id=537148856&val=ZWVH-wAC4Qn2aQBH&_test=ZWVH-wAC4Qn2aQBH
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537148856&val=ZWVH-wAC4Qn2aQBH&_test=ZWVH-wAC4Qn2aQBH
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=891039ac-a916-42bb-a651-4be9e3b201da&ph=a3aece0c-9e80-4316-8deb-faf804779bd1&gdpr=&gdpr_consent=&r=https%3A%2F%2Fpbs.at.cbsi.com%2Fsetuid%3Fbidder%3Dopenx%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Nov 2023 01:53:03 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

x-served-by
cache-ewr18143-EWR
pragma
no-cache
date
Tue, 28 Nov 2023 01:53:03 GMT
via
1.1 varnish
server
Varnish
x-timer
S1701136383.375547,VS0,VE0
x-cache
HIT
location
https://us-u.openx.net/w/1.0/sd?id=537148856&val=ZWVH-wAC4Qn2aQBH&_test=ZWVH-wAC4Qn2aQBH
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
50e227c6-a248-a67b-77c1-3fe0c0171ab6
pr-bh.ybp.yahoo.com/sync/openx/ Frame 40D1 		43 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/openx/50e227c6-a248-a67b-77c1-3fe0c0171ab6?gdpr=0
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=891039ac-a916-42bb-a651-4be9e3b201da&ph=a3aece0c-9e80-4316-8deb-faf804779bd1&gdpr=&gdpr_consent=&r=https%3A%2F%2Fpbs.at.cbsi.com%2Fsetuid%3Fbidder%3Dopenx%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:4e9:5a07:afa7:1461:468e:7e6f Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-US,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 01:53:03 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
dcm
s.amazon-adsystem.com/ Frame 40D1 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=6e1b1225-4dd8-4d7d-b277-465574a27014&id=9cf33dff-2e4e-8fc8-8618-ab8257731c1f
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=891039ac-a916-42bb-a651-4be9e3b201da&ph=a3aece0c-9e80-4316-8deb-faf804779bd1&gdpr=&gdpr_consent=&r=https%3A%2F%2Fpbs.at.cbsi.com%2Fsetuid%3Fbidder%3Dopenx%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 28 Nov 2023 01:53:03 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
B0TT5VS483DDVA9VSCCE
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 40D1
Redirect Chain
  • https://match.adsrvr.org/track/cmf/openx?oxid=c4254182-32e4-3432-4616-29153f40d7ff&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=b3c3d956-bdf4-48cc-a145-56097a595da9&ttd_puid=c4254182-32e4-3432-4616-29153f40d7ff&gdpr=0&gdpr_consent=
43 B
323 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072971&val=b3c3d956-bdf4-48cc-a145-56097a595da9&ttd_puid=c4254182-32e4-3432-4616-29153f40d7ff&gdpr=0&gdpr_consent=
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=891039ac-a916-42bb-a651-4be9e3b201da&ph=a3aece0c-9e80-4316-8deb-faf804779bd1&gdpr=&gdpr_consent=&r=https%3A%2F%2Fpbs.at.cbsi.com%2Fsetuid%3Fbidder%3Dopenx%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Nov 2023 01:53:03 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?id=537072971&val=b3c3d956-bdf4-48cc-a145-56097a595da9&ttd_puid=c4254182-32e4-3432-4616-29153f40d7ff&gdpr=0&gdpr_consent=
date
Tue, 28 Nov 2023 01:53:03 GMT
server
Kestrel
content-length
335
pixel
cm.g.doubleclick.net/ Frame 40D1 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZTg0YTkyNDgtZmI5My02YTk2LTUzZjYtNzNhY2Y1YTIxOTlm
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=891039ac-a916-42bb-a651-4be9e3b201da&ph=a3aece0c-9e80-4316-8deb-faf804779bd1&gdpr=&gdpr_consent=&r=https%3A%2F%2Fpbs.at.cbsi.com%2Fsetuid%3Fbidder%3Dopenx%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.64.226 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
mia07s57-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Nov 2023 01:53:03 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 40D1
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEPs7HiI045iKqSzrs9N487M&google_cver=1
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEPs7HiI045iKqSzrs9N487M&google_cver=1
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=891039ac-a916-42bb-a651-4be9e3b201da&ph=a3aece0c-9e80-4316-8deb-faf804779bd1&gdpr=&gdpr_consent=&r=https%3A%2F%2Fpbs.at.cbsi.com%2Fsetuid%3Fbidder%3Dopenx%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Nov 2023 01:53:03 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 28 Nov 2023 01:53:03 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEPs7HiI045iKqSzrs9N487M&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
defaultWidget~feedWidget.delivery.js
assets.revcontent.com/master/ Frame 51CA 		30 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.revcontent.com/master/defaultWidget~feedWidget.delivery.js
Requested by
Host: 213.238.171.129.sslip.io
URL: https://213.238.171.129.sslip.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.93.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-93-31.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a4de1e27f83eb7660e650f61a7b3cae568fff6554aabf2ece6acaaa943814bbb

Request headers

accept-language
en-US,en;q=0.9
Referer
https://213.238.171.129.sslip.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 27 Nov 2023 10:16:27 GMT
content-encoding
br
via
1.1 4c1a2d98b0820f90f630f0721b0b6538.cloudfront.net (CloudFront)
last-modified
Mon, 06 Nov 2023 20:47:51 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P8
age
56197
x-amz-server-side-encryption
AES256
etag
W/"5bfc015a2c2bfed2e72c706157a02719"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public,max-age=60
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
fZ9_h5vG5sf38eAOm7uQbgBdpn6CSIfdvC6NscTOHOeqhFY8i-ehpA==
defaultWidget.delivery.js
assets.revcontent.com/master/ Frame 51CA 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.revcontent.com/master/defaultWidget.delivery.js
Requested by
Host: 213.238.171.129.sslip.io
URL: https://213.238.171.129.sslip.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.93.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-93-31.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3e71743cd43c2c0a7a7f36b8bedfce83dbc5f236335f1ebaaa929e899bff63d2

Request headers

accept-language
en-US,en;q=0.9
Referer
https://213.238.171.129.sslip.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 27 Nov 2023 07:17:51 GMT
content-encoding
gzip
via
1.1 4c1a2d98b0820f90f630f0721b0b6538.cloudfront.net (CloudFront)
last-modified
Mon, 06 Nov 2023 20:47:51 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P8
age
66913
x-amz-server-side-encryption
AES256
etag
W/"07a3ccabfac913531a4ddb7cb2462b8d"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public,max-age=60
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
3zx36sdzGvmXJAjPXEaxduH7UpJfEVJzTE0S7Od2p-5Ag6bAwEA_IA==
/
img.revcontent.com/ Frame 51CA 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.revcontent.com/?url=https://cdn.revcontent.com/assets/img/full_color.png&static=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.63.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-63-110.ewr53.r.cloudfront.net
Software
envoy /
Resource Hash
94d3b3f21c82e9004e1a95aba77f256573a3406d0782d451d50ac8e4bb4df7c5

Request headers

accept-language
en-US,en;q=0.9
Referer
https://213.238.171.129.sslip.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-rc-region
us-east-1a
date
Tue, 03 Oct 2023 17:55:57 GMT
via
1.1 8ab0aef6448b5ee7c8ac1a76da988556.cloudfront.net (CloudFront)
last-modified
Thu, 01 Jun 2023 15:43:57 GMT
server
envoy
x-amz-cf-pop
EWR53-C1
age
4780626
etag
"a798d6ed9b193888fbc8a4a5bd7b51c236f8aa33"
x-cache
Hit from cloudfront
content-type
image/png
x-envoy-upstream-service-time
22
alt-svc
h3=":443"; ma=86400
content-length
1351
x-amz-cf-id
DCCchdpObBSeXjmamut23qZ-Whx0fDWIbsMhFokHMOBr9sEM5m32Nw==
PublicoHeadline-Bold.woff2
cbsnews4.cbsistatic.com/fly/bundles/cbsnewscontent/fonts/PublicoHeadline-Bold/ Frame 51CA 		0
0
activeview
pagead2.googlesyndication.com/pcs/ Frame 51CA 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuSc2SM5imlRTilbF4R-kTk1oTMXguEi8KzY1Db6JkDlXr83EXnEDE-Bz3_2fb5xZSfsdon9KXiYx8R6fK_Qyhc70p2VYqjreq1TZh38PEI1bsUUek3B9mdxgrt36NpQlh4eMOd1_kxQQ&sig=Cg0ArKJSzMW072kiqLAfEAE&id=lidar2&mcvt=1005&p=850,964,1150,1264&mtos=1005,1005,1005,1005,1005&tos=1005,0,0,0,0&v=20231116&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=2919948434&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1701136381383&rpt=772&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4008:80b::2002 Bradenton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://213.238.171.129.sslip.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Nov 2023 01:53:03 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 6F97 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss_cw8okGqFwoF3lFs4lVmGA27rBnoO2nWC0N0mLOe67PR91MIfLbGX75dC4QT716gdVWuxqyLnjKK1X2wtGMba-Hm1M-hW8w52rIOvD8M2GG0OvN66XLBvCGmpCyZy2u1uCdx2BtB_bQ&sig=Cg0ArKJSzF__VUmQlNP0EAE&id=lidar2&mcvt=1023&p=10,797,16,803&mtos=1023,1023,1023,1023,1023&tos=1023,0,0,0,0&v=20231116&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=1533326391&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1701136381018&rpt=1203&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4008:80b::2002 Bradenton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://213.238.171.129.sslip.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Nov 2023 01:53:03 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202311090101&jk=461099647270165&bg=!sbKlsv3NAAZxrfrxUa07ADQBe5WfOLzrPwA8No7KOA41N75lpKYk7tVgv7D88-h8XeJMlfdW-ReXnEW6OlVkE9KPSkQRAgAAAVlSAAAAA2gBBwoAdk3FKY3DhkYB2I-UzEEsMqcYHwW98ivS_Af8XzTU4cWQPtDgsScOERVccjr17TyOCU10CjTwfmo3dHr0VlJ12sCnZ8S9pStKSq4UPaOWiMIIRng17S9mPoEQVdtKtZjoaIzLBRo4QXHrO0gs3yyggpRpfw84ekyZAs_ZSmuQRmZbTM7PGcylfJaSMc3INh5UamPwYoOBocO2hAiJkmUVyU-HjuquBSRfsZwZZxvWqbCLlEg86Zw9BFTKfJcSPOG9iajLpaRxD7m58OZOcVSWp15Q3mT1A8iGN6u4vgFJjQYERGvrd-bBjmis_j-OLOVYkyt1XKYBNbF7LN472z-NLj-RMU8Mdv_nqqhSQI6i1soqMFUmbweolClJup6lX0d7ZPbc1D2EF8gyh1xoLNwVyKR5qkQzlfqdLr0DMPonhjZUhxasCyOwHKA80XpxuId_R-wwkJAn05QfTbp2ia4Mwa6-0sb64bI1QaGTs3DXuDR3f2BrWeD_cr_LLzn9msAaEYDklsdiz5VXKMtk8cm3oZpa-Wii4NyrG9WmhPIAPiKpKNVDOgHUqY9N9D_dnkeNaByuuTj_6wSLAD3pyoJ0BgcaPmygd6iBYpi-j_TX3HTBditfX_lLElXjWOKzEE5eqozMk4BGxrNZFMyLuKmh3ehtlFsVB3rs-fO95mNr9U15N13hmwW37_xjAN4VUfQ41qwzgjzeoqTgX6FUF6XaUK5E6IDJKcs29mhfiBudDKzjkXPcawXbvkaDAOr7ywonZDo-V26mfm5KsXDvg-fn17OJEP5RTRaWCQ4p6IePlUYkyetBxKLevmSz9IdQIKm1cTOUhxztUtOZovH1PKn4o9ifVT_2w8byUX2cmriVYbKy0wwVYBTIGf_TP8-tSNaaVtoD3i8sJ7zExmWCG6865YmonCW4VYwc5Iv8eCAi8zDjMTbu1xAvPr9O9z97J_G9tPiJ5mmxjx3XJbBpYD0OfS7NXeu3Kzui594e7C38qvICFFZQauf9nHKsHBEw-yNLptnI9nQ45mKLF9iTv48sSMT1BV4ugHNwFumzPvweyD7nPRkCiLMuoe-Yu21kI9bqJWkomcTZYCj5wM4V7Q1psjcUZZAn-OAPYg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4008:80b::2002 Bradenton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://213.238.171.129.sslip.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers
ProximaNova-Bold.woff2
www.cbsnews.com/bundles/cbsnewscontent/fonts/ProximaNova-Bold/ Frame 51CA 		24 KB
25 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.cbsnews.com/bundles/cbsnewscontent/fonts/ProximaNova-Bold/ProximaNova-Bold.woff2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.37.188 New York, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
299f93b4e8a74d0880cd959ff3d27c2a0b4d061d241d6ecf79cfcedfb15360a2
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://213.238.171.129.sslip.io/
Origin
https://213.238.171.129.sslip.io
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
date
Tue, 28 Nov 2023 01:53:03 GMT
x-content-type-options
nosniff
via
1.1 varnish
age
2922606
x-device
desktop
x-xss-protection
1; mode=block
content-length
24720
last-modified
Mon, 23 Oct 2023 18:30:39 GMT
x-edge-forwarded-proto
https
etag
"6536bbcf-6090"
vary
X-Device, X-Edge-Forwarded-Proto
access-control-allow-methods
GET
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=5184000s
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 24 Oct 2024 06:02:58 GMT
ProximaNova-Regular.woff2
www.cbsnews.com/bundles/cbsnewscontent/fonts/ProximaNova-Regular/ Frame 51CA 		26 KB
27 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.cbsnews.com/bundles/cbsnewscontent/fonts/ProximaNova-Regular/ProximaNova-Regular.woff2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.37.188 New York, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
25cc1a8d371ebecb108a5e0ebe87b23142b9eb66fc3410cf3edb9b58e61fc561
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://213.238.171.129.sslip.io/
Origin
https://213.238.171.129.sslip.io
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
date
Tue, 28 Nov 2023 01:53:03 GMT
x-content-type-options
nosniff
via
1.1 varnish
age
661197
x-device
desktop
x-xss-protection
1; mode=block
content-length
26984
last-modified
Fri, 17 Nov 2023 13:10:36 GMT
x-edge-forwarded-proto
https
etag
"6557664c-6968"
vary
X-Device, X-Edge-Forwarded-Proto
access-control-allow-methods
GET
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=5184000s
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 19 Nov 2024 10:13:06 GMT
654cd12e6c37c8-56348626.jpg
images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_225,w_300,c_fill,g_faces:auto/pg_1/https://media.revcontent.com/content/images/ Frame 51CA 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.revcontent.com/revcontent/image/fetch/f_jpg,q_50,h_225,w_300,c_fill,g_faces:auto/pg_1/https://media.revcontent.com/content/images/654cd12e6c37c8-56348626.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.85.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-85-112.iad12.r.cloudfront.net
Software
Cloudinary /
Resource Hash
d139a56a0aec7d930023b1d1c1854a3d845f355cff43d4f877a6ea6315e6daf2
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://213.238.171.129.sslip.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security
max-age=604800
date
Fri, 24 Nov 2023 12:17:05 GMT
x-content-type-options
nosniff
via
1.1 0fd782cbc1c3c43778f2ac89b2bfb444.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD12-P2
age
308158
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
9876
last-modified
Fri, 10 Nov 2023 01:52:14 GMT
server
Cloudinary
etag
"26d4a13b3179814e7ed4c44865f4ff84"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
cache-control
public, no-transform, immutable, max-age=604800
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
uy3kJhqMha0vltCFP1gTt5mVEdY9n1qd0EE6_2iIk6W2qTkStN7g2Q==
usync.js
eus.rubiconproject.com/ Frame 9FF1 		46 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=20986&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.110.250.70 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-110-250-70.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
2a8c6a59229a961cbc8237de7e4c69299ae3f7f3681be2cc564d124da199b4c9

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=20986&endpoint=us-east
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Tue, 28 Nov 2023 01:53:03 GMT
Content-Encoding
gzip
Last-Modified
Mon, 27 Nov 2023 08:33:47 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=24080
Connection
keep-alive
Content-Length
13229
Expires
Tue, 28 Nov 2023 08:34:23 GMT
setuid
pbs.at.cbsi.com/
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-cbsi&gdpr=&gdpr_consent=&us_privacy=
  • https://pbs.at.cbsi.com/setuid?bidder=rubicon&uid=LPHOOFP5-1H-KTTM
86 B
934 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbs.at.cbsi.com/setuid?bidder=rubicon&uid=LPHOOFP5-1H-KTTM
Protocol
H2
Server
146.75.29.188 Ashburn, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language
en-US,en;q=0.9
Referer
https://213.238.171.129.sslip.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-cache-hits
0
pragma
no-cache
date
Tue, 28 Nov 2023 01:53:03 GMT
content-encoding
gzip
via
1.1 varnish
expires
0
x-timer
S1701136384.656595,VS0,VE5
x-cache
MISS
content-type
image/png
cache-control
no-cache, no-store, must-revalidate
accept-ranges
bytes
x-served-by
cache-iad-kiad7000034-IAD

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://pbs.at.cbsi.com/setuid?bidder=rubicon&uid=LPHOOFP5-1H-KTTM
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
2fcb300b847bad3e7dd1184ec8a1c2f5
Expires
0
csi
csi.gstatic.com/ Frame 0C7C 		0
234 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~lphoobhw&c=4265295919116&slotId=2132647959558&eee=missing-element&bi=missing-id&met.4=vil.lphooez0&vast_v=4.0&icc=0&vmfc=5&vhc=0&lima_p_ich=0&lima_p_icu=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3_dai_debug.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:402a:80b::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cbsnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Nov 2023 01:53:04 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
events
cbsnews.hb-api.omtrdc.net/api/v1/sessions/9a0623762b4ebe4f9f74588b7de91314c81d3eee66ac9949c59449b762eec2fa/ Frame 0C7C 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cbsnews.hb-api.omtrdc.net/api/v1/sessions/9a0623762b4ebe4f9f74588b7de91314c81d3eee66ac9949c59449b762eec2fa/events
Requested by
Host: tealium.cbsnews.com
URL: https://tealium.cbsnews.com/site/prod/utag.js?v=202309221625
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
63.140.38.128 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ip-63-140-38-128.data.adobedc.net
Software
jag /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.cbsnews.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-type
application/json

Response headers

access-control-allow-origin
*
date
Tue, 28 Nov 2023 01:53:03 GMT
cache-control
no-cache, no-store, max-age=0, no-transform, private
x-content-type-options
nosniff
server
jag
x-xss-protection
1; mode=block
ip-sync
beacons-ipv4.extremereach.io/ Frame 0C7C
Redirect Chain
  • https://beacons.extremereach.io/cp-imp?cid=324718&creative_id=45073534&line_item=15820651&companion_id=0&er_ts=1701135779&vv=2.0&gpp=[GPPSTRING]&gpp_sid=[GPPSECTIONID]&hasIpSync=1&
  • https://beacons-ipv4.extremereach.io/ip-sync?fp=044f0aed82c2
35 B
365 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacons-ipv4.extremereach.io/ip-sync?fp=044f0aed82c2
Protocol
H2
Server
18.233.185.233 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-233-185-233.compute-1.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cbsnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 28 Nov 2023 01:53:03 GMT
content-type
image/gif
content-length
35
p3p
CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"

Redirect headers

location
https://beacons-ipv4.extremereach.io/ip-sync?fp=044f0aed82c2
access-control-allow-origin
*
date
Tue, 28 Nov 2023 01:53:03 GMT
content-length
0
p3p
CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
4446666b51119eec158546fe15f2127b0df720b2
general-ipv4.telemetry.tataritv.com/ Frame 0C7C 		43 B
397 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://general-ipv4.telemetry.tataritv.com/4446666b51119eec158546fe15f2127b0df720b2?isci=NFWTHLV130H&mediaplan=nutrafol_PARA_EYEQ_PLUS_F2554_OTT_4Q23&vendor=EyeQ&placement_group=nutrafol_PARA_EYEQ_PLUS_F2554_OTT_4Q23_30&advertiser_id=166756&mediaplan_id=324718&vendor_id=106487&placement_group_id=G15815697&creative_id=45073534&referrer=https%3A%2F%2F213.238.171.129.sslip.io%2F&session=1558035635&device_id=00000000-0000-0000-0000-000000000000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.139.47.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-139-47-20.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cbsnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 27 Nov 2023 03:26:19 GMT
via
1.1 b0e346c8169b4f8b2ad260265d95ff1a.cloudfront.net (CloudFront)
last-modified
Fri, 21 Oct 2022 22:24:16 GMT
server
AmazonS3
x-amz-cf-pop
JFK50-P1
age
80805
x-amz-server-side-encryption
AES256
etag
"fb02f374b8f73825415db1bccd4bd76d"
x-cache
Hit from cloudfront
content-type
image/gif
accept-ranges
bytes
content-length
43
x-amz-cf-id
K4vL8VEn6A85M_o_pYQjjROA-UjafMwMDilYLWqrtgFCYLA-7CldAQ==
4446666b51119eec158546fe15f2127b0df720b2
general-ipv6.telemetry.tataritv.com/ Frame 0C7C 		43 B
387 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://general-ipv6.telemetry.tataritv.com/4446666b51119eec158546fe15f2127b0df720b2?isci=NFWTHLV130H&mediaplan=nutrafol_PARA_EYEQ_PLUS_F2554_OTT_4Q23&vendor=EyeQ&placement_group=nutrafol_PARA_EYEQ_PLUS_F2554_OTT_4Q23_30&advertiser_id=166756&mediaplan_id=324718&vendor_id=106487&placement_group_id=G15815697&creative_id=45073534&referrer=https%3A%2F%2F213.238.171.129.sslip.io%2F&session=1558035635&device_id=00000000-0000-0000-0000-000000000000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21da:ea00:1f:439:80c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cbsnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 27 Nov 2023 10:15:29 GMT
via
1.1 c9bef6d423a5d23e0ca5e2af8503331c.cloudfront.net (CloudFront)
last-modified
Fri, 21 Oct 2022 22:24:16 GMT
server
AmazonS3
x-amz-cf-pop
EWR53-C1
age
56255
x-amz-server-side-encryption
AES256
etag
"fb02f374b8f73825415db1bccd4bd76d"
x-cache
Hit from cloudfront
content-type
image/gif
accept-ranges
bytes
content-length
43
x-amz-cf-id
DK_cdA6yeX9gepPM5QpPnBAdX1ag_CHqrGuCDQ8CRtvlZOiLzWXprw==
events
tvp.tv/tracking/ Frame 0C7C 		0
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tvp.tv/tracking/events?data=AQkAAQMBwO8EAo7tBQMABPKfqtYMBQE4MzRkM2RiZC05N2M1LTRjMDUtOWY3NS1hNjM2MTRmZWEyYrMGAAcACAEAamF2YS5tYXRoLkJpZ0RlY2ltYewBAx3iDA==&account_id=BA29
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.137.65.67 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-137-65-67.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cbsnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 01:53:03 GMT
content-length
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
1
7f077.v.fwmrm.net/ad/l/ Frame 0C7C 		0
373 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://7f077.v.fwmrm.net/ad/l/1?s=wa01f&n=520311%3B520311%3B82125%3B174975%3B376521%3B379619%3B381963%3B382114%3B384777%3B386329%3B505334%3B510839%3B511664%3B512029%3B515123%3B516274%3B511939%3B511940%3B512166%3B512167%3B512188%3B515219%3B516328%3B516374%3B516584%3B516830%3B516834%3B516869%3B517365%3B517375%3B518308%3B519114%3B519346%3B519611%3B519629%3B520024%3B520177%3B523319%3B524796%3B524880%3B524990%3B525748%3B527997%3B529333&t=1701136375506120108&f=201588736&r=520311&adid=74083268&reid=487553238&arid=0&auid=&cn=defaultImpression&et=i&_cc=74083268,487553238,,74661.88889.89072.89861.112515.112566.,1701136377,1&tpos=0&iw=&uxnw=&uxss=&uxct=&metr=1023&init=1&asid=319189727&ssid=16482265&vcid2=8e0c903c-a61e-45e0-b213-85a070ca3d62
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f16:e61:3f00:93d2:52b:cea6:7db8 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cbsnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 28 Nov 2023 01:53:03 GMT
Content-Type
text/html
P3P
policyref="https://www.freewheel.tv/w3c/p3p.xml",CP="ALL DSP COR NID"
Cache-Control
no-store
Connection
keep-alive
Keep-Alive
timeout=300
Content-Length
0
Expires
0
events
tvp.tv/tracking/ Frame 0C7C 		0
105 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tvp.tv/tracking/events?data=AQkAAQIBwO8EAo7tBQMABPKfqtYMBQE4MzRkM2RiZC05N2M1LTRjMDUtOWY3NS1hNjM2MTRmZWEyYrMGAAcACAA=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.137.65.67 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-137-65-67.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cbsnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 01:53:03 GMT
content-length
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
duration
beacons.extremereach.io/ Frame 0C7C 		35 B
365 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacons.extremereach.io/duration?cid=324718&creative_id=45073534&line_item=15820651&companion_id=0&er_ts=1701135779&vv=2.0&gpp=[GPPSTRING]&gpp_sid=[GPPSECTIONID]&percent=0&
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:66e7:fb11:7ec0:2f52:a755:95b0 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cbsnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 28 Nov 2023 01:53:03 GMT
content-type
image/gif
content-length
35
p3p
CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
ads
securepubads.g.doubleclick.net/gampad/ Frame 0C7C 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?callback=googletag.impl.pubads.setAdContentsBySlotForSync&correlator=426837140&cust_params=dai%3Dnondfp&eid=27390643%2C27390448%2C27390389%2C27390514%2C27390177&enc_prev_ius=%2F0%2F1&gdfp_req=1&impl=ss&iu_parts=316197315%2C373809&output=json_html&prev_iu_szs=1x1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:809::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cbsnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 01:53:03 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20931
x-xss-protection
0
google-lineitem-id
121862315
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
58474115675
content-type
text/javascript; charset=UTF-8
cache-control
no-cache, must-revalidate
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
UyZZdiKeKrM
dai.google.com/view/p/service/linear/impression/stream/256b38fd-8ed9-4188-8f15-081c15139a16:CBF2/network/8264/event/Sid4xiTQTkCT1SLu6rjUSQ/media/tvp_AA11D13065/stream_ad_id/ Frame 0C7C 		0
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dai.google.com/view/p/service/linear/impression/stream/256b38fd-8ed9-4188-8f15-081c15139a16:CBF2/network/8264/event/Sid4xiTQTkCT1SLu6rjUSQ/media/tvp_AA11D13065/stream_ad_id/UyZZdiKeKrM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4008:805::200e Bradenton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cbsnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Nov 2023 01:53:03 GMT
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
access-control-allow-origin
*
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-headers
Authorization
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
expires
Mon, 01 Jan 1990 00:00:00 GMT
1
7f077.v.fwmrm.net/ad/l/ Frame 0C7C 		0
373 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://7f077.v.fwmrm.net/ad/l/1?s=wa01f&n=520311%3B520311%3B82125%3B174975%3B376521%3B379619%3B381963%3B382114%3B384777%3B386329%3B505334%3B510839%3B511664%3B512029%3B515123%3B516274%3B511939%3B511940%3B512166%3B512167%3B512188%3B515219%3B516328%3B516374%3B516584%3B516830%3B516834%3B516869%3B517365%3B517375%3B518308%3B519114%3B519346%3B519611%3B519629%3B520024%3B520177%3B523319%3B524796%3B524880%3B524990%3B525748%3B527997%3B529333&t=1701136375506120108&f=201588736&r=520311&adid=74083268&reid=487553238&arid=0&auid=&cn=_mute&et=s&_cc=&tpos=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f16:e61:3f00:93d2:52b:cea6:7db8 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cbsnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 28 Nov 2023 01:53:03 GMT
Content-Type
text/html
P3P
policyref="https://www.freewheel.tv/w3c/p3p.xml",CP="ALL DSP COR NID"
Cache-Control
no-store
Connection
keep-alive
Keep-Alive
timeout=300
Content-Length
0
Expires
0
events
cbsnews.hb-api.omtrdc.net/api/v1/sessions/9a0623762b4ebe4f9f74588b7de91314c81d3eee66ac9949c59449b762eec2fa/ Frame 0C7C 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cbsnews.hb-api.omtrdc.net/api/v1/sessions/9a0623762b4ebe4f9f74588b7de91314c81d3eee66ac9949c59449b762eec2fa/events
Requested by
Host: tealium.cbsnews.com
URL: https://tealium.cbsnews.com/site/prod/utag.js?v=202309221625
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
63.140.38.128 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ip-63-140-38-128.data.adobedc.net
Software
jag /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.cbsnews.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-type
application/json

Response headers

access-control-allow-origin
*
date
Tue, 28 Nov 2023 01:53:02 GMT
cache-control
no-cache, no-store, max-age=0, no-transform, private
x-content-type-options
nosniff
server
jag
x-xss-protection
1; mode=block
p
sb.scorecardresearch.com/ Frame 0C7C 		43 B
392 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/p?c1=19&c2=3005086&ns_ap_an=CBSNewsBrowser&ns_ap_pn=js&ns_ap_pv=5&c12=_&name=foreground&ns_ap_ec=3&ns_ap_ev=hidden&ns_ap_device=Win32&ns_ap_id=1701136382950&ns_ap_bi=unknown&ns_ap_pfm=webbrowser&ns_ap_pfv=Chrome%20119.0.6045.159&ns_ap_ver=*null&ns_ap_sv=7.5.0.200713&ns_ap_bv=7.5.0.200713&ns_ap_smv=6.4&ns_type=hidden&ns_ts=1701136383520&ns_ap_env=0-0-2&ns_st_sv=7.5.0.200713&ns_st_smv=6.4&ns_st_it=c&ns_st_id=1701136377939&ns_st_ec=2&ns_st_cn=1&ns_st_ev=end&ns_st_sp=1&ns_st_sc=1&ns_st_ppc=1&ns_st_apc=1&ns_st_spc=1&ns_st_dppc=0&ns_st_dapc=0&ns_st_dspc=0&ns_st_psq=1&ns_st_asq=1&ns_st_sq=1&ns_st_po=4197&ns_st_lda=0&ns_st_ldw=0&ns_st_ldo=0&ns_st_hd=-1&ns_st_mp=%40cbsinteractive%2Favia-js&ns_st_mv=2.17.0&ns_st_cl=0&ns_st_pn=1&ns_st_tp=0&ns_st_ct=vc13&ns_st_li=1&ns_st_ty=video&ns_st_ci=9mwStzqtXKyib_egzSUPPh4DldNaEjJ2&ns_ap_ar=unknown&ns_ap_cs=1&ns_radio=unknown&ns_st_pt=4197&ns_st_ipt=4197&ns_st_iap=4197&ns_st_iet=4197&ns_st_iupc=4197&ns_st_iupa=4197&ns_st_ilpc=4197&ns_st_ilpa=4197&ns_st_ibc=0&ns_st_ibt=0&ns_st_itpc=1&ns_st_icpc=1&ns_st_ae=1&ns_st_cfg=111110001-5-4b0-3-5&c3=CBSNewsBrowser&c4=CBSNews.com&c6=LiveTV-CBSN%20Live&ns_st_ce=1&ns_st_ia=1&ns_st_pu=cbsnews&ns_st_st=CBSNews.com&ns_st_pr=*null&ns_st_sn=*null&ns_st_en=*null&ns_st_ep=*null&ns_st_ge=news&ns_st_dskc=0&ns_st_dska=0&ns_st_skd=0&ns_st_dskt=0&ns_st_dpc=0&cs_ucfr=&ns_ap_res=300x169&ns_ap_sd=1600x1200&ns_ap_po=0x0&ns_ap_lang=en-US&ns_c=UTF-8&ns_st_br=0&ns_st_rt=100&ns_st_vo=100&ns_st_dpt=4197&ns_st_ap=4197&ns_st_dap=4197&ns_st_et=4197&ns_st_det=4197&ns_st_upc=4197&ns_st_dupc=4197&ns_st_upa=4197&ns_st_dupa=4197&ns_st_lpc=4197&ns_st_dlpc=4197&ns_st_lpa=4197&ns_st_dlpa=4197&ns_st_bc=0&ns_st_dbc=0&ns_st_bt=0&ns_st_dbt=0&ns_st_bp=0&ns_st_dtpc=1&ns_st_dcpc=1&ns_st_skc=0&ns_st_ska=0&ns_st_skt=0&ns_st_pc=0&ns_st_pp=0&ns_st_pa=4197&ns_cut=c7%3Dhttps%253A%252F%252Fwww.cbsnews.com%252Fembed%252Fvideo%252F%253Fv%253D5659e73acd91751548aa89950cf015b01701135726%2526usprivacy%253Dnull%2523tVhrU%25252BM6Ev0rlKsmH7Yw8fvBVGo2JGGWvVzIJTC1VYRyyZbsaPBrJTshMPnv25LtxIGZuvvh3nkgudVqqVut00e8KaiuijJFW%25252BW8YjU5VSifFGmKSk7DlCjnMUo5SDFZ0wg%25252BocOfYYJyqqwpJoVy%25252FqbQimRcOX98U6ptKXRSuiagQDH0LdMydCdy1NjWXNVyIqKGOo5U5DhGjC1d800DdLPy5Y7EV2KGn20W1et%25252Fq%25252F%25252F8tqVhQJLXxcN8vrKmKb5Bs%25252B%25252F%25252FFtoFownNZ5hWtMhhSs1ByNM6gX4U8pxshKCilfBAmVwsTm5AdHLd7AuTZ5BCJ67T9FdKEcqLnEYovf%25252BFQkUzwiuUlcq5bumO73qa%25252FAP2a4aajan64esahSQFO%25252B30tPnMYQsQqQwlhItYchGBVVWV%25252FHw5XA4R56TixlnrFKxX0egsKrLlcFWHyyFdDtlyaGiGuRzq%25252BnKoOcuhpbuu7hJNJY5HVAtFSPWRRVTTtkzX8TQnjuLlsFrVWZgjmi6HjqW9mI62HMZGjOzIRp5hWFZsW9gJiWmHBiFmqJMQLYfPZItYpbbbUXnFCMpU3Te0F13ztLPvZfJlPbId2yeuiSLs666t25aHkOf7thbFmm6HGri%25252F%25252Bpmf%25252Bt%25252Frp2542otrgKO%25252BFfvYDH3TisMIebEbEssMPTcyQ830hMZf5OjuVCkZXB2yeWDpkcfCslpz6XFjvXO%25252Bcbuoq%25252BVwDa7acB6O5REv1k2LeAayXC32TGw7BiYkgkPJEK8IC3T9LDNr73Aze6thRM%25252BSokhS0lhPaU4QRHSV8uWQrEkOiy0otl7o%25252FR%25252F3z5N7fXFdO%25252Bz7w%25252BKPzvyRbePvdaVbKy5YhipYC5VlCndRXKPl8EXNSpI83F2DRv0uqpvN5nhtAUXLoQAjfpWVhbC%25252BxzSAMRpJABPJqCFk2WboqrbtmaoVOqHqWThUHQIHaht65GveEcqoMjNarFtRwhCLVgCjj2LwpMWgrnsi9Z4gHRCDaN%25252BLpW9Q1geWvpWLbTP42B%25252B9bk2gNG1XUQ%25252Br9HbzBFlHSsoLDBYAgThBXMKkLvZPkgw20AzUJWQn5%25252FuIgOVxFIHkIi2i5z068QdO2KIOecRoSPBenZdFzgvW6a3Iy3hKYlSn4sy0U%25252FirSOnFQWr6p5Z9avswgLCIfbwRPyE%25252Fgw2tVoH4%25252FOvz9gsAbLwJIk7x6O3Q331u%25252BuukFgOy2Q0aGX8dvYmyCBeL01fSiWGDAeVBiiowJNvdoOZByegaRVuY0nT66j8dBsdUVFbFyISS0VMG3Ak2BcO826dM0t3gLc7ADGIo47vPooatmVCHeDwfBcyNNdc9W5%25252FFm4xlZzmB%25252BCC8HCaAfl8%25252BuD9APN%25252BMbEMzdX0QITEqfu4GcYqS0SfjAmVRCA3JIgYNrhiGhqdVKRs5BrRANHGI5Ng2j6DJazkBkYoOMlKxkQ7IPTisVbIibvufzPFXecDT8dVkMb4Kbopv8%25252FHVdFCuWT56vBvfTG9%25252FfxpAmpajdYZKXawJJ2sNeG%25252Fz67Kn%25252FFlEhgMrgYAlZPQG6BEIr4Q4pwRSNw8a2WiuTbSJ6Y6nqqFNLNWaXbrq%25252BNKw1YvZxeRCd6aXnj0bHOfHh8xYAayM5BGAM5%25252BMS%25252Fj3DocGpWBGME00zUZ6B90ecUOxRm9NuxvAGpVAwNGGhIOf5d0vkyuha4jG19vbr9ez4OpmcX83G%25252F8efLuazm6Dm9ubyezpQz41XQmG%25252B%25252FyAxOpni3Kq9K6LGGwCspfzVyHsh2Y%25252FdNi%25252BNNo4IPB7v305tXXgaNovVborJFAFLtHRpH10Dz40UZYVuQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.161.34.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-161-34-34.bos50.r.cloudfront.net
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cbsnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 01:53:03 GMT
via
1.1 b578b4642a9dfde97459f07330d190d4.cloudfront.net (CloudFront)
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
BOS50-P2
x-cache
Miss from cloudfront
content-type
image/gif
content-length
43
x-amz-cf-id
dy9pUV978CZ2G6uNiBK00vOObTtu0UG6tEUXz_Msu99yC57tVopshA==
p
sb.scorecardresearch.com/ Frame 0C7C 		43 B
392 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/p?c1=19&c2=3005086&ns_ap_an=CBSNewsBrowser&ns_ap_pn=js&ns_ap_pv=5&c12=_&name=foreground&ns_ap_ec=4&ns_ap_ev=hidden&ns_ap_device=Win32&ns_ap_id=1701136382950&ns_ap_bi=unknown&ns_ap_pfm=webbrowser&ns_ap_pfv=Chrome%20119.0.6045.159&ns_ap_ver=*null&ns_ap_sv=7.5.0.200713&ns_ap_bv=7.5.0.200713&ns_ap_smv=6.4&ns_type=hidden&ns_ts=1701136383521&ns_ap_env=0-0-2&ns_st_sv=7.5.0.200713&ns_st_smv=6.4&ns_st_it=c&ns_st_id=1701136377939&ns_st_ec=3&ns_st_cn=2&ns_st_ev=play&ns_st_sp=1&ns_st_sc=2&ns_st_ppc=1&ns_st_apc=1&ns_st_spc=1&ns_st_dppc=0&ns_st_dapc=1&ns_st_dspc=1&ns_st_psq=2&ns_st_asq=1&ns_st_sq=1&ns_st_po=0&ns_st_lda=0&ns_st_ldw=0&ns_st_ldo=0&ns_st_hd=10000&ns_st_mp=%40cbsinteractive%2Favia-js&ns_st_mv=2.17.0&ns_st_cl=30000&ns_st_pn=1&ns_st_tp=1&ns_st_ct=va21&ns_st_ad=1&ns_st_li=1&ns_st_ty=video&ns_st_ci=0&ns_ap_ar=unknown&ns_ap_cs=1&ns_radio=unknown&ns_st_pt=0&ns_st_ipt=0&ns_st_iap=0&ns_st_iet=0&ns_st_iupc=0&ns_st_iupa=0&ns_st_ilpc=0&ns_st_ilpa=0&ns_st_ibc=0&ns_st_ibt=0&ns_st_itpc=0&ns_st_icpc=0&ns_st_ae=1&ns_st_cfg=111110001-5-4b0-3-5&ns_st_rcn=0&ns_st_cpo=0&c3=*null&c4=*null&c6=*null&ns_st_an=1&ns_st_pu=*null&ns_st_st=*null&ns_st_pr=*null&ns_st_sn=*null&ns_st_en=*null&ns_st_ep=*null&ns_st_ami=74083268.139895124023040&ns_st_dskc=0&ns_st_dska=0&ns_st_skd=0&ns_st_dskt=0&ns_st_dpc=0&cs_ucfr=&ns_ap_res=300x169&ns_ap_sd=1600x1200&ns_ap_po=0x0&ns_ap_lang=en-US&ns_c=UTF-8&ns_st_br=0&ns_st_rt=100&ns_st_vo=100&ns_st_dpt=0&ns_st_ap=0&ns_st_dap=0&ns_st_et=0&ns_st_det=0&ns_st_upc=0&ns_st_dupc=0&ns_st_upa=0&ns_st_dupa=0&ns_st_lpc=0&ns_st_dlpc=0&ns_st_lpa=0&ns_st_dlpa=0&ns_st_bc=0&ns_st_dbc=0&ns_st_bt=0&ns_st_dbt=0&ns_st_bp=0&ns_st_dtpc=0&ns_st_dcpc=0&ns_st_skc=0&ns_st_ska=0&ns_st_skt=0&ns_st_pc=0&ns_st_pp=0&ns_st_pa=4197&ns_cut=c7%3Dhttps%253A%252F%252Fwww.cbsnews.com%252Fembed%252Fvideo%252F%253Fv%253D5659e73acd91751548aa89950cf015b01701135726%2526usprivacy%253Dnull%2523tVhrU%25252BM6Ev0rlKsmH7Yw8fvBVGo2JGGWvVzIJTC1VYRyyZbsaPBrJTshMPnv25LtxIGZuvvh3nkgudVqqVut00e8KaiuijJFW%25252BW8YjU5VSifFGmKSk7DlCjnMUo5SDFZ0wg%25252BocOfYYJyqqwpJoVy%25252FqbQimRcOX98U6ptKXRSuiagQDH0LdMydCdy1NjWXNVyIqKGOo5U5DhGjC1d800DdLPy5Y7EV2KGn20W1et%25252Fq%25252F%25252F8tqVhQJLXxcN8vrKmKb5Bs%25252B%25252F%25252FFtoFownNZ5hWtMhhSs1ByNM6gX4U8pxshKCilfBAmVwsTm5AdHLd7AuTZ5BCJ67T9FdKEcqLnEYovf%25252BFQkUzwiuUlcq5bumO73qa%25252FAP2a4aajan64esahSQFO%25252B30tPnMYQsQqQwlhItYchGBVVWV%25252FHw5XA4R56TixlnrFKxX0egsKrLlcFWHyyFdDtlyaGiGuRzq%25252BnKoOcuhpbuu7hJNJY5HVAtFSPWRRVTTtkzX8TQnjuLlsFrVWZgjmi6HjqW9mI62HMZGjOzIRp5hWFZsW9gJiWmHBiFmqJMQLYfPZItYpbbbUXnFCMpU3Te0F13ztLPvZfJlPbId2yeuiSLs666t25aHkOf7thbFmm6HGri%25252F%25252Bpmf%25252Bt%25252Frp2542otrgKO%25252BFfvYDH3TisMIebEbEssMPTcyQ830hMZf5OjuVCkZXB2yeWDpkcfCslpz6XFjvXO%25252Bcbuoq%25252BVwDa7acB6O5REv1k2LeAayXC32TGw7BiYkgkPJEK8IC3T9LDNr73Aze6thRM%25252BSokhS0lhPaU4QRHSV8uWQrEkOiy0otl7o%25252FR%25252F3z5N7fXFdO%25252Bz7w%25252BKPzvyRbePvdaVbKy5YhipYC5VlCndRXKPl8EXNSpI83F2DRv0uqpvN5nhtAUXLoQAjfpWVhbC%25252BxzSAMRpJABPJqCFk2WboqrbtmaoVOqHqWThUHQIHaht65GveEcqoMjNarFtRwhCLVgCjj2LwpMWgrnsi9Z4gHRCDaN%25252BLpW9Q1geWvpWLbTP42B%25252B9bk2gNG1XUQ%25252Br9HbzBFlHSsoLDBYAgThBXMKkLvZPkgw20AzUJWQn5%25252FuIgOVxFIHkIi2i5z068QdO2KIOecRoSPBenZdFzgvW6a3Iy3hKYlSn4sy0U%25252FirSOnFQWr6p5Z9avswgLCIfbwRPyE%25252Fgw2tVoH4%25252FOvz9gsAbLwJIk7x6O3Q331u%25252BuukFgOy2Q0aGX8dvYmyCBeL01fSiWGDAeVBiiowJNvdoOZByegaRVuY0nT66j8dBsdUVFbFyISS0VMG3Ak2BcO826dM0t3gLc7ADGIo47vPooatmVCHeDwfBcyNNdc9W5%25252FFm4xlZzmB%25252BCC8HCaAfl8%25252BuD9APN%25252BMbEMzdX0QITEqfu4GcYqS0SfjAmVRCA3JIgYNrhiGhqdVKRs5BrRANHGI5Ng2j6DJazkBkYoOMlKxkQ7IPTisVbIibvufzPFXecDT8dVkMb4Kbopv8%25252FHVdFCuWT56vBvfTG9%25252FfxpAmpajdYZKXawJJ2sNeG%25252Fz67Kn%25252FFlEhgMrgYAlZPQG6BEIr4Q4pwRSNw8a2WiuTbSJ6Y6nqqFNLNWaXbrq%25252BNKw1YvZxeRCd6aXnj0bHOfHh8xYAayM5BGAM5%25252BMS%25252Fj3DocGpWBGME00zUZ6B90ecUOxRm9NuxvAGpVAwNGGhIOf5d0vkyuha4jG19vbr9ez4OpmcX83G%25252F8efLuazm6Dm9ubyezpQz41XQmG%25252B%25252FyAxOpni3Kq9K6LGGwCspfzVyHsh2Y%25252FdNi%25252BNNo4IPB7v305tXXgaNovVborJFAFLtHRpH10Dz40UZYVuQ1sj83uQFwxFD3TPBFBgDPjUcGI7EO1gwVszXMAaa0GsW%25252FakxXg67Ss7v6bKkY6gpjzgFdBIiC%
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.161.34.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-161-34-34.bos50.r.cloudfront.net
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cbsnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 01:53:03 GMT
via
1.1 b578b4642a9dfde97459f07330d190d4.cloudfront.net (CloudFront)
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
BOS50-P2
x-cache
Miss from cloudfront
content-type
image/gif
content-length
43
x-amz-cf-id
3e3EdQ-W1k5xlNU0h40wUMEyu9DQQ0Lfc4vrFEo-8V48xkt02CE_3g==
truncated
/ Frame 0C7C 		525 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
73696236febdff580a8ab4e5c222fa67ccb3c73adc76bc6a01526d90adc8598a

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 0C7C 		221 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
87b08df9709c965081be45fd99f5003775fadebac9dc5780c00af359b0639bc6

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 0C7C 		458 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
11374a19dd4c01bbe84753a1d3e1803e2fb052d5c6281e220d37b4e899d4cc7c

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type
image/svg+xml
343641.m3u8
dai.google.com/linear/hls/pa/event/Sid4xiTQTkCT1SLu6rjUSQ/stream/256b38fd-8ed9-4188-8f15-081c15139a16:CBF2/variant/a2490d3c744cd6c7e5676ecfc6956ee9/bandwidth/ Frame 0C7C 		4 KB
405 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dai.google.com/linear/hls/pa/event/Sid4xiTQTkCT1SLu6rjUSQ/stream/256b38fd-8ed9-4188-8f15-081c15139a16:CBF2/variant/a2490d3c744cd6c7e5676ecfc6956ee9/bandwidth/343641.m3u8
Requested by
Host: www.cbsnews.com
URL: https://www.cbsnews.com/fly/bundles/cbsnewscore/js-build/polyfills/hls.min.js?v=5659e73acd91751548aa89950cf015b0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4008:805::200e Bradenton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
90e0bc30abe894653035a84fb54775977eb93778058d9096cab921d535fdcb19
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cbsnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Nov 2023 01:53:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
content-type
application/x-mpegURL; charset=UTF-8
access-control-allow-origin
https://www.cbsnews.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-disposition
inline; filename="variant.m3u8"
access-control-allow-headers
Authorization
content-length
382
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 01 Jan 1990 00:00:00 GMT
khaos.json
token.rubiconproject.com/ Frame 9FF1 		7 B
810 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?us_privacy=1YNN
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
b5ba23d75d0dcd35432b720d73e3149b
Expires
0
events
cbsnews.hb-api.omtrdc.net/api/v1/sessions/9a0623762b4ebe4f9f74588b7de91314c81d3eee66ac9949c59449b762eec2fa/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://cbsnews.hb-api.omtrdc.net/api/v1/sessions/9a0623762b4ebe4f9f74588b7de91314c81d3eee66ac9949c59449b762eec2fa/events
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
63.140.38.128 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ip-63-140-38-128.data.adobedc.net
Software
jag /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.cbsnews.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-headers
X-Adobe-AEP-Validation-Token, Content-Type, Content-Length, Host, Referer, User-Agent
access-control-allow-methods
POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, max-age=0, no-transform, private
content-length
2
content-type
text/plain; charset=UTF-8
date
Tue, 28 Nov 2023 01:53:03 GMT
server
jag
x-content-type-options
nosniff
x-xss-protection
1; mode=block
events
cbsnews.hb-api.omtrdc.net/api/v1/sessions/9a0623762b4ebe4f9f74588b7de91314c81d3eee66ac9949c59449b762eec2fa/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://cbsnews.hb-api.omtrdc.net/api/v1/sessions/9a0623762b4ebe4f9f74588b7de91314c81d3eee66ac9949c59449b762eec2fa/events
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
63.140.38.128 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ip-63-140-38-128.data.adobedc.net
Software
jag /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.cbsnews.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-headers
X-Adobe-AEP-Validation-Token, Content-Type, Content-Length, Host, Referer, User-Agent
access-control-allow-methods
POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, max-age=0, no-transform, private
content-length
2
content-type
text/plain; charset=UTF-8
date
Tue, 28 Nov 2023 01:53:03 GMT
server
jag
x-content-type-options
nosniff
x-xss-protection
1; mode=block
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2F213.238.171.129.sslip.io%2F&domain=213.238.171.129.sslip.io&cw=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::c , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://213.238.171.129.sslip.io
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://213.238.171.129.sslip.io
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Tue, 28 Nov 2023 01:53:03 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
271814
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
sid
mug.criteo.com/
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2F213.238.171.129.sslip.io%2F&domain=213.238.171.129.sslip.io&cw=1&lsw=1
  • https://mug.criteo.com/sid?cpp=W9A41nx2THpOTDVqdis4SDNVbXc5NEVoYzZiR1BjcElhVTQ1VXZnRUJENlRMWUp4NUVNOC9jK2RTcXlkUzAxTXdKaElpd1ZDR3JjOEs2Z2g5NUQ3R3JlcTZabGRZa2t0SUd5cFkwZ2tBSVVWQS9CLzhQTFVUWlBpWkp3ZF...
357 B
647 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=W9A41nx2THpOTDVqdis4SDNVbXc5NEVoYzZiR1BjcElhVTQ1VXZnRUJENlRMWUp4NUVNOC9jK2RTcXlkUzAxTXdKaElpd1ZDR3JjOEs2Z2g5NUQ3R3JlcTZabGRZa2t0SUd5cFkwZ2tBSVVWQS9CLzhQTFVUWlBpWkp3ZFJXNDhkUEtPenI4Zmd3bi9KbVZXSFVTVkc2M2E5V3JvUlNaWkVEZFFTMFExMEs3NUh3MUpuZWtkcWgyWGwwS3k0UEpLc2w1SHpMby9vZSs5b0tzRnNZTDNkcXQxWXF2VnpSSFkwYmdscU5VNUk3YzZiSkJNa294Syt4TmpzTkRDUFl5ZDVFWjNafA&cppv=2
Protocol
H2
Server
74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
868639d5c4a1a9546a8943942ab229e25f52199335ad6190cf93cdda614536a6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://213.238.171.129.sslip.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Nov 2023 01:53:03 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1169546
expires
0

Redirect headers

pragma
no-cache
date
Tue, 28 Nov 2023 01:53:03 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
access-control-allow-methods
GET
access-control-allow-origin
https://213.238.171.129.sslip.io
location
https://mug.criteo.com/sid?cpp=W9A41nx2THpOTDVqdis4SDNVbXc5NEVoYzZiR1BjcElhVTQ1VXZnRUJENlRMWUp4NUVNOC9jK2RTcXlkUzAxTXdKaElpd1ZDR3JjOEs2Z2g5NUQ3R3JlcTZabGRZa2t0SUd5cFkwZ2tBSVVWQS9CLzhQTFVUWlBpWkp3ZFJXNDhkUEtPenI4Zmd3bi9KbVZXSFVTVkc2M2E5V3JvUlNaWkVEZFFTMFExMEs3NUh3MUpuZWtkcWgyWGwwS3k0UEpLc2w1SHpMby9vZSs5b0tzRnNZTDNkcXQxWXF2VnpSSFkwYmdscU5VNUk3YzZiSkJNa294Syt4TmpzTkRDUFl5ZDVFWjNafA&cppv=2
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
470196
content-length
0
expires
0
envelope
api.rlcdn.com/api/identity/ 		0
0
videoplayback
r3---sn-vgqsrn66.googlevideo.com/ Frame 0C7C
Redirect Chain
  • https://dai.google.com/linear/pods/v1/p/Sid4xiTQTkCT1SLu6rjUSQ/256b38fd-8ed9-4188-8f15-081c15139a16:CBF2/289997/0/3/a2490d3c744cd6c7e5676ecfc6956ee9/4.ts
  • https://r3---sn-vgqsrn66.googlevideo.com/videoplayback?expire=1701222777&ei=-UdlZev7M9ejir4Pq52RmAQ&ip=0.0.0.0&gomv=google_1053790928596539081%2Cgoogle_3084581355319042694%2Cgoogle_8009495976067089...
221 KB
221 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://r3---sn-vgqsrn66.googlevideo.com/videoplayback?expire=1701222777&ei=-UdlZev7M9ejir4Pq52RmAQ&ip=0.0.0.0&gomv=google_1053790928596539081%2Cgoogle_3084581355319042694%2Cgoogle_8009495976067089511%2Cgoogle_9081477706638390454%2Cgoogle_4352406798680671331&goc=13&requiressl=yes&ogomt=-5100,-4100,-3100,-2100,-1100,-100&mime=video/MP2T&sgovp=gir%3Dyes%3Bitag%3D340%3Bxtags%3Dvc%3Davc%3Avccf%3Dmain%3Avfr%3D29.97%3Avsz%3D320x180%3Avtbr%3D160%3Bclen%3D614378%3Bdur%3D30030%3Blmt%3D1695731641307828&itag=340&nc=8264&ogoms=dRxwMlk6P2yVgO_OSlZjwg&faskm=468&fvskm=150&acao=yes&ogomk=hk1&gomt=100%2C7507%2C14765%2C22522%2C29030&sgoap=gir%3Dyes%3Bitag%3D340%3Bxtags%3Dac%3Daac%3Aaccf%3Dlc%3Aach%3D2%3Aasr%3D48000%3Aatbr%3D128%3Bclen%3D488599%3Bdur%3D30080%3Blmt%3D1695731620829872&ctier=L&source=dclk_video_ads&id=cfc512097d242da6&susc=dvc&xpc=Eghovf3BOnoBAQ==&sparams=expire,ei,ip,gomv,goc,requiressl,ogomt,mime,sgovp,itag,ogoms,faskm,fvskm,acao,ogomk,gomt,sgoap,ctier,source,id,susc,xpc&sig=ANLwegAwRQIhAJEk5Uyu8NEdEHhRw0gtGhRr_SqvdYIlkSmQlMoHqBrbAiBrq4RVrOyvacRS52IdWWOhbbSsVXUut72Fgb7CZg1XCw==&mh=N2&mip=2600:803:a88:1134::134&mm=34&mn=sn-vgqsrn66&ms=ltu&mt=1701135529&mv=u&mvi=3&pl=58&rmhost=r4---sn-vgqsrn66.googlevideo.com&shardbypass=md-default&smhost=r5---sn-vgqsrn67.googlevideo.com&lsparams=mh,mip,mm,mn,ms,mv,mvi,pl,rmhost,shardbypass,smhost&lsig=AM8Gb2swRgIhAPTrj7pKu19a4FWaKsZc1RW1J3p1xJy-EuDRjbS4H4V5AiEAg2NaSSR5Jf4nfDtmK0lvX1nCWXYbfPn9XEObj1WoSeU%3D&fvidshow=150&fvidskip=0&govp=slices%3D0-738%2C409664-507995&faudshow=235&faudskip=2&goap=slices%3D0-631%2C324819-486666&ogomm=26000&cpn=JWs4_Y7ZQYiPFQgc
Protocol
H3
Server
2607:f8b0:4009:2e::8 Bolingbrook, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gvs 1.0 /
Resource Hash
98dcc25e38ec758895e96d49d11b3797f0d0ccc3ced2a65ec17ac0e4ea5e84a9
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cbsnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

client-protocol
quic
date
Tue, 28 Nov 2023 01:53:03 GMT
x-content-type-options
nosniff
last-modified
Tue, 26 Sep 2023 12:34:01 GMT
server
gvs 1.0
vary
Origin
content-type
video/MP2T
access-control-allow-origin
null
access-control-expose-headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control
private, max-age=86094
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
null
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
expires
Tue, 28 Nov 2023 01:53:03 GMT

Redirect headers

date
Tue, 28 Nov 2023 01:53:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23
x-xss-protection
0
pragma
no-cache
x-frame-options
SAMEORIGIN
content-type
, text/html; charset=UTF-8, text/html; charset=UTF-8
access-control-allow-origin
https://www.cbsnews.com
location
https://r3---sn-vgqsrn66.googlevideo.com/videoplayback?expire=1701222777&ei=-UdlZev7M9ejir4Pq52RmAQ&ip=0.0.0.0&gomv=google_1053790928596539081%2Cgoogle_3084581355319042694%2Cgoogle_8009495976067089511%2Cgoogle_9081477706638390454%2Cgoogle_4352406798680671331&goc=13&requiressl=yes&ogomt=-5100,-4100,-3100,-2100,-1100,-100&mime=video/MP2T&sgovp=gir%3Dyes%3Bitag%3D340%3Bxtags%3Dvc%3Davc%3Avccf%3Dmain%3Avfr%3D29.97%3Avsz%3D320x180%3Avtbr%3D160%3Bclen%3D614378%3Bdur%3D30030%3Blmt%3D1695731641307828&itag=340&nc=8264&ogoms=dRxwMlk6P2yVgO_OSlZjwg&faskm=468&fvskm=150&acao=yes&ogomk=hk1&gomt=100%2C7507%2C14765%2C22522%2C29030&sgoap=gir%3Dyes%3Bitag%3D340%3Bxtags%3Dac%3Daac%3Aaccf%3Dlc%3Aach%3D2%3Aasr%3D48000%3Aatbr%3D128%3Bclen%3D488599%3Bdur%3D30080%3Blmt%3D1695731620829872&ctier=L&source=dclk_video_ads&id=cfc512097d242da6&susc=dvc&xpc=Eghovf3BOnoBAQ==&sparams=expire,ei,ip,gomv,goc,requiressl,ogomt,mime,sgovp,itag,ogoms,faskm,fvskm,acao,ogomk,gomt,sgoap,ctier,source,id,susc,xpc&sig=ANLwegAwRQIhAJEk5Uyu8NEdEHhRw0gtGhRr_SqvdYIlkSmQlMoHqBrbAiBrq4RVrOyvacRS52IdWWOhbbSsVXUut72Fgb7CZg1XCw==&mh=N2&mip=2600:803:a88:1134::134&mm=34&mn=sn-vgqsrn66&ms=ltu&mt=1701135529&mv=u&mvi=3&pl=58&rmhost=r4---sn-vgqsrn66.googlevideo.com&shardbypass=md-default&smhost=r5---sn-vgqsrn67.googlevideo.com&lsparams=mh,mip,mm,mn,ms,mv,mvi,pl,rmhost,shardbypass,smhost&lsig=AM8Gb2swRgIhAPTrj7pKu19a4FWaKsZc1RW1J3p1xJy-EuDRjbS4H4V5AiEAg2NaSSR5Jf4nfDtmK0lvX1nCWXYbfPn9XEObj1WoSeU%3D&fvidshow=150&fvidskip=0&govp=slices%3D0-738%2C409664-507995&faudshow=235&faudskip=2&goap=slices%3D0-631%2C324819-486666&ogomm=26000&cpn=JWs4_Y7ZQYiPFQgc
access-control-expose-headers
Location
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Authorization
expires
Mon, 01 Jan 1990 00:00:00 GMT
magnite-sync
ssp.wknd.ai/ Frame 9FF1
Redirect Chain
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=20986&us_privacy=1YNN&khaos=LPHOOFP5-1H-KTTM
  • https://ssp.wknd.ai/magnite-sync?uid=LPHOOFP5-1H-KTTM&us_privacy=1YNN
0
200 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssp.wknd.ai/magnite-sync?uid=LPHOOFP5-1H-KTTM&us_privacy=1YNN
Protocol
H2
Server
34.117.4.53 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
53.4.117.34.bc.googleusercontent.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 01:53:04 GMT
via
1.1 google
x-envoy-upstream-service-time
0
server
istio-envoy
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://ssp.wknd.ai/magnite-sync?uid=LPHOOFP5-1H-KTTM&us_privacy=1YNN
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
0190a17a18f2299b1b85aeb1793e601c
Expires
0
page-view
yeet.revcontent.com/yeet/events/ Frame 51CA 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://yeet.revcontent.com/yeet/events/page-view
Requested by
Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
184.72.178.21 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-184-72-178-21.compute-1.amazonaws.com
Software
envoy /
Resource Hash

Request headers

Referer
https://213.238.171.129.sslip.io/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
application/json

Response headers

x-rc-region
us-east-1a
access-control-allow-origin
https://213.238.171.129.sslip.io
date
Tue, 28 Nov 2023 01:53:03 GMT
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
server
envoy
vary
Origin
widget-loaded
yeet.revcontent.com/yeet/events/ Frame 51CA 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://yeet.revcontent.com/yeet/events/widget-loaded
Requested by
Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
184.72.178.21 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-184-72-178-21.compute-1.amazonaws.com
Software
envoy /
Resource Hash

Request headers

Referer
https://213.238.171.129.sslip.io/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
application/json

Response headers

x-rc-region
us-east-1a
access-control-allow-origin
https://213.238.171.129.sslip.io
date
Tue, 28 Nov 2023 01:53:03 GMT
access-control-allow-credentials
true
x-envoy-upstream-service-time
4
server
envoy
vary
Origin
pixel
cm.g.doubleclick.net/ Frame 9FF1
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n&us_privacy=1YNN
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NTQxZmRkZTcyMGMxNjM2ZjNjZGEwNTU3Mzk0ODAzMTViMDliN2Q2ZA&us_privacy=1YNN
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NTQxZmRkZTcyMGMxNjM2ZjNjZGEwNTU3Mzk0ODAzMTViMDliN2Q2ZA&us_privacy=1YNN
Protocol
H3
Server
142.250.64.226 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
mia07s57-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Nov 2023 01:53:03 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NTQxZmRkZTcyMGMxNjM2ZjNjZGEwNTU3Mzk0ODAzMTViMDliN2Q2ZA&us_privacy=1YNN
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
ffef7c53154b04a892ce1f9531c32cb1
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
ecm3
s.amazon-adsystem.com/ Frame 9FF1
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=a9us&us_privacy=1YNN
  • https://s.amazon-adsystem.com/ecm3?id=LPHOOFP5-1H-KTTM&ex=d-rubiconproject.com&status=ok&us_privacy=1YNN
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=LPHOOFP5-1H-KTTM&ex=d-rubiconproject.com&status=ok&us_privacy=1YNN
Protocol
HTTP/1.1
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 28 Nov 2023 01:53:03 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
Q53QC9SA2G427RS4RHQZ
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://s.amazon-adsystem.com/ecm3?id=LPHOOFP5-1H-KTTM&ex=d-rubiconproject.com&status=ok&us_privacy=1YNN
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
19c1ac3b9706c83a73951eba4d239689
Expires
0
setuid
px.ads.linkedin.com/ Frame 9FF1
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584&us_privacy=1YNN
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LPHOOFP5-1H-KTTM&us_privacy=1YNN
0
144 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LPHOOFP5-1H-KTTM&us_privacy=1YNN
Protocol
H2
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 01:53:03 GMT
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: 3ECCBD44534443C29E82C6DCC674F73E Ref B: PHL30EDGE0108 Ref C: 2023-11-28T01:53:03Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-ltx1
x-li-proto
http/2
content-length
0
x-li-uuid
AAYLLK3gbmLhYcJnO6Vzvg==

Redirect headers

Location
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LPHOOFP5-1H-KTTM&us_privacy=1YNN
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
a0d1cefc91c6f8b22fd2adf3abe06a61
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
dcm
aax-eu.amazon-adsystem.com/s/ Frame 9FF1 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&us_privacy=1YNN
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.115.255 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 28 Nov 2023 01:53:04 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
FYZTR7174T75EP9D2J4A
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame 9FF1
Redirect Chain
  • https://match.adsrvr.org/track/cmf/rubicon?us_privacy=1YNN
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=b3c3d956-bdf4-48cc-a145-56097a595da9&gdpr=0&gdpr_consent=&expires=30
42 B
723 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=b3c3d956-bdf4-48cc-a145-56097a595da9&gdpr=0&gdpr_consent=&expires=30
Protocol
HTTP/1.1
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
0190a17a18f2299b1b85aeb1793e601c
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

location
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=b3c3d956-bdf4-48cc-a145-56097a595da9&gdpr=0&gdpr_consent=&expires=30
date
Tue, 28 Nov 2023 01:53:03 GMT
server
Kestrel
content-length
289
tap.php
pixel.rubiconproject.com/ Frame 9FF1
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&us_privacy=1YNN
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEFvoqs4mGh6lc_NqUy0E5GY&google_cver=1
42 B
723 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEFvoqs4mGh6lc_NqUy0E5GY&google_cver=1
Protocol
HTTP/1.1
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
0228ab361cece0438ff9eb16e4e5890e
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Tue, 28 Nov 2023 01:53:03 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEFvoqs4mGh6lc_NqUy0E5GY&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame 9FF1
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1&us_privacy=1YNN
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/7vhIuibG-UmNrsMUjsPRqMn5EUdSAgOZEtemQ7w0kco?csrc=&us_privacy=1YNN
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-.8AOSQlE2oJSSBBw158OOVdU7DkP7G3ZaAktCg--~A
42 B
723 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-.8AOSQlE2oJSSBBw158OOVdU7DkP7G3ZaAktCg--~A
Protocol
HTTP/1.1
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
29af2665c43893332e84c235bac366c1
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date
Tue, 28 Nov 2023 01:53:03 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-.8AOSQlE2oJSSBBw158OOVdU7DkP7G3ZaAktCg--~A
content-length
0
pixel
cm.g.doubleclick.net/ Frame 9FF1
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470&us_privacy=1YNN
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TFBIT09GUDUtMUgtS1RUTQ==&us_privacy=1YNN
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEOxFMY60ZNwzXLGVnL023Wc&google_cver=1
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFBIT09GUDUtMUgtS1RUTQ==&google_push=
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFBIT09GUDUtMUgtS1RUTQ==&google_push=
Protocol
H3
Server
142.250.64.226 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
mia07s57-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Nov 2023 01:53:04 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFBIT09GUDUtMUgtS1RUTQ==&google_push=
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
19ea072139d67f7022c6e463249c998e
Expires
0
ecm3
s.amazon-adsystem.com/ Frame 9FF1
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&us_privacy=1YNN
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=tNBuy_M_Tc-PHYErDrycrQ&rk=usync-na
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=tNBuy_M_Tc-PHYErDrycrQ
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=tNBuy_M_Tc-PHYErDrycrQ
Protocol
HTTP/1.1
Server
52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 28 Nov 2023 01:53:03 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
4WAV5GGV6YMC73C6CV0Y
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=tNBuy_M_Tc-PHYErDrycrQ
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
0190a17a18f2299b1b85aeb1793e601c
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 9FF1
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp&us_privacy=1YNN
  • https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp&us_privacy=1YNN&_bee_ppp=1
  • https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AADX-E7KypAAABKsoCMXRw&expires=30
42 B
723 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AADX-E7KypAAABKsoCMXRw&expires=30
Protocol
HTTP/1.1
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
966e54b6201ecd300c4db0efc0f5781a
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

location
https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AADX-E7KypAAABKsoCMXRw&expires=30
Date
Tue, 28 Nov 2023 01:53:04 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
magnite
prebid.a-mo.net/setuid/ Frame 9FF1
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-adaptmx&us_privacy=1YNN
  • https://prebid.a-mo.net/setuid/magnite?uid=LPHOOFP5-1H-KTTM&us_privacy=1YNN
0
451 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid.a-mo.net/setuid/magnite?uid=LPHOOFP5-1H-KTTM&us_privacy=1YNN
Protocol
H2
Server
147.28.129.37 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 01:53:03 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
2
server
envoy
vary
Accept-Encoding

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://prebid.a-mo.net/setuid/magnite?uid=LPHOOFP5-1H-KTTM&us_privacy=1YNN
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
0228ab361cece0438ff9eb16e4e5890e
Expires
0
ProfilesEngineServlet
sync1.intentiq.com/profiles_engine/ Frame 9FF1
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=primis&us_privacy=1YNN
  • https://live.primis.tech/live/liveCS.php?source=external&advId=100&advUuid=LPHOOFP5-1H-KTTM&us_privacy=1YNN
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=LPHOOFP5-1H-KTTM
  • https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=LPHOOFP5-1H-KTTM&ckls=true&ci=idYH9spGbC&nc=false&trid=-707287314
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=LPHOOFP5-1H-KTTM&ckls=true&ci=idYH9spGbC&nc=false&trid=-707287314
Protocol
H2
Server
18.173.219.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-219-51.jfk52.r.cloudfront.net
Software
Apache-Coyote/1.1 /
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Nov 2023 01:53:04 GMT
via
1.1 1ecf1db0c771b8f74edd4bd269377c1e.cloudfront.net (CloudFront)
server
Apache-Coyote/1.1
x-amz-cf-pop
JFK52-P1
x-cache
Miss from cloudfront
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=86400
content-length
43
x-amz-cf-id
JEJWZLjTNrFa7hxIh-fLmuiKVxRQvOjks9XCRvByNtkzh5nzH-p6vw==
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 28 Nov 2023 01:53:04 GMT
via
1.1 1c4cb605a68bbe1d1bbce1a363445388.cloudfront.net (CloudFront)
server
Apache-Coyote/1.1
x-amz-cf-pop
BOS50-C2
x-cache
Miss from cloudfront
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
location
https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=793790479&3rddpi=1725065545&3rdpcid=LPHOOFP5-1H-KTTM&ckls=true&ci=idYH9spGbC&nc=false&trid=-707287314
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
patent
https://www.almondnet.com/ip
alt-svc
h3=":443"; ma=86400
content-length
43
x-amz-cf-id
tet4X3xPmpAH4lh08ihru-rC8fjuzhIzmphOCpiirhyGQ0LMLswZ0Q==
expires
Thu, 01 Jan 1970 00:00:00 GMT
setuid
ib.adnxs.com/prebid/ Frame 9FF1
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-apn&us_privacy=1YNN
  • https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=LPHOOFP5-1H-KTTM&us_privacy=1YNN
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=LPHOOFP5-1H-KTTM&us_privacy=1YNN
Protocol
H2
Server
68.67.160.114 Brooklyn, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
672.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Nov 2023 01:53:03 GMT
an-x-request-uuid
19493e28-1463-4225-9626-8a7f7487db17
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
206.66.96.134; 206.66.96.134; 672.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://ib.adnxs.com/prebid/setuid?bidder=rubicon&uid=LPHOOFP5-1H-KTTM&us_privacy=1YNN
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
0228ab361cece0438ff9eb16e4e5890e
Expires
0
pixel
capi.connatix.com/us/ Frame 9FF1
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=19564&us_privacy=1YNN
  • https://capi.connatix.com/us/pixel?puid=LPHOOFP5-1H-KTTM&pId=11&gdpr=&gdpr_consent=&us_privacy=&us_privacy=1YNN
  • https://capi.connatix.com/us/pixel?puid=LPHOOFP5-1H-KTTM&pId=11&gdpr=&gdpr_consent=&us_privacy=&us_privacy=1YNN&final=true
82 B
82 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://capi.connatix.com/us/pixel?puid=LPHOOFP5-1H-KTTM&pId=11&gdpr=&gdpr_consent=&us_privacy=&us_privacy=1YNN&final=true
Protocol
H2
Server
104.18.41.104 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 01:53:04 GMT
cf-cache-status
DYNAMIC
server
cloudflare
surrogate-control
no-cache, no-store, must-revalidate, max-age=0
vary
Accept-Encoding
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate, max-age=0
cf-ray
82cef9a0a8344cb1-PHL
access-control-allow-headers
x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
alt-svc
h3=":443"; ma=86400

Redirect headers

date
Tue, 28 Nov 2023 01:53:04 GMT
cf-cache-status
DYNAMIC
server
cloudflare
location
https://capi.connatix.com/us/pixel?puid=LPHOOFP5-1H-KTTM&pId=11&gdpr=&gdpr_consent=&us_privacy=&us_privacy=1YNN&final=true
cache-control
no-cache, no-store, must-revalidate, max-age=0
cf-ray
82cef9a05ecb4cb1-PHL
access-control-allow-headers
x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
content-length
0
alt-svc
h3=":443"; ma=86400
receive
pixel.tapad.com/idsync/ex/ Frame 9FF1
Redirect Chain
  • https://token.rubiconproject.com/token?pid=37556&a=1&us_privacy=1YNN
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3355&partner_device_id=LPHOOFP5-1H-KTTM&us_privacy=1YNN
95 B
124 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=3355&partner_device_id=LPHOOFP5-1H-KTTM&us_privacy=1YNN
Protocol
H3
Server
34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
62.113.111.34.bc.googleusercontent.com
Software
Jetty(11.0.13) /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 01:53:04 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
content-type
image/png
access-control-allow-origin
*
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95

Redirect headers

Location
https://pixel.tapad.com/idsync/ex/receive?partner_id=3355&partner_device_id=LPHOOFP5-1H-KTTM&us_privacy=1YNN
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
29af2665c43893332e84c235bac366c1
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cksync
hb.yahoo.net/ Frame 9FF1
Redirect Chain
  • https://token.rubiconproject.com/token?pid=26594&us_privacy=1YNN
  • https://ups.analytics.yahoo.com/ups/58160/sync?_origin=1&uid=LPHOOFP5-1H-KTTM&redir=true&us_privacy=1YNN
  • https://ups.analytics.yahoo.com/ups/58824/sync?_origin=0&dpid=58160&ovsid=LPHOOFP5-1H-KTTM&redir=true&us_privacy=1YNN
  • https://hb.yahoo.net/cksync?cs=63&axid_e=eS1kcXBiSFFoRTJ1RVhuTVVQZGh4amNudVB4M1F1M25Ken5B&ovsid=LPHOOFP5-1H-KTTM&dpid=58160&us_privacy=1YNN
53 B
647 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hb.yahoo.net/cksync?cs=63&axid_e=eS1kcXBiSFFoRTJ1RVhuTVVQZGh4amNudVB4M1F1M25Ken5B&ovsid=LPHOOFP5-1H-KTTM&dpid=58160&us_privacy=1YNN
Protocol
H2
Server
104.77.153.27 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-77-153-27.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
9d96b2fe2d8d4a398a846ebee84e5e70ec37e0fc613b3e2a5aaa81b1bf2d8470
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains, max-age=604800

Request headers

accept-language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=86400 ; includeSubDomains, max-age=604800
date
Tue, 28 Nov 2023 01:53:04 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
53
x-mnet-hl2
E
expires
Tue, 28 Nov 2023 01:53:04 GMT

Redirect headers

location
https://hb.yahoo.net/cksync?cs=63&axid_e=eS1kcXBiSFFoRTJ1RVhuTVVQZGh4amNudVB4M1F1M25Ken5B&ovsid=LPHOOFP5-1H-KTTM&dpid=58160&us_privacy=1YNN
date
Tue, 28 Nov 2023 01:53:04 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.87
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
page-view
yeet.revcontent.com/yeet/events/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://yeet.revcontent.com/yeet/events/page-view
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
184.72.178.21 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-184-72-178-21.compute-1.amazonaws.com
Software
envoy /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://213.238.171.129.sslip.io
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
POST
access-control-allow-origin
https://213.238.171.129.sslip.io
content-length
0
date
Tue, 28 Nov 2023 01:53:03 GMT
server
envoy
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers
x-envoy-upstream-service-time
2
x-rc-region
us-east-1a
widget-loaded
yeet.revcontent.com/yeet/events/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://yeet.revcontent.com/yeet/events/widget-loaded
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
184.72.178.21 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-184-72-178-21.compute-1.amazonaws.com
Software
envoy /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://213.238.171.129.sslip.io
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
POST
access-control-allow-origin
https://213.238.171.129.sslip.io
content-length
0
date
Tue, 28 Nov 2023 01:53:03 GMT
server
envoy
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers
x-envoy-upstream-service-time
3
x-rc-region
us-east-1a
sid
mug.criteo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=W9A41nx2THpOTDVqdis4SDNVbXc5NEVoYzZiR1BjcElhVTQ1VXZnRUJENlRMWUp4NUVNOC9jK2RTcXlkUzAxTXdKaElpd1ZDR3JjOEs2Z2g5NUQ3R3JlcTZabGRZa2t0SUd5cFkwZ2tBSVVWQS9CLzhQTFVUWlBpWkp3ZFJXNDhkUEtPenI4Zmd3bi9KbVZXSFVTVkc2M2E5V3JvUlNaWkVEZFFTMFExMEs3NUh3MUpuZWtkcWgyWGwwS3k0UEpLc2w1SHpMby9vZSs5b0tzRnNZTDNkcXQxWXF2VnpSSFkwYmdscU5VNUk3YzZiSkJNa294Syt4TmpzTkRDUFl5ZDVFWjNafA&cppv=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
null
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Tue, 28 Nov 2023 01:53:03 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
395609
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
pixel.gif
cbsdfp5832910442.s.moatpixel.com/ 		43 B
251 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cbsdfp5832910442.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=95&fi=1&apd=189&ui=0&uit=0&h=0&th=-1&s=0&ts=-1&bfa=1&d=213.238.171.129.sslip.io&L1id=4630587779&L2id=2401580864&L3id=4817195905&L4id=138247487539&S1id=23205969&S2id=23206089&ord=1701136380024&r=258842884772&t=meas&os=1&fi2=0&div1=0&ait=0&url=https%253A%252F%252F213.238.171.129.sslip.io%252F&mobile=0&click=0&initW=282&initH=211&initSRE=0.030990625&zMoatVGUID=5dc0a850-f78c-4d7b-b045-444db5b3fd59&zMoatPS=top&zMoatCURL=213.238.171.129.sslip.io&zMoatSL=mpu-flex-top%3FT-1000&zMoatPT=front_door&bedc=1&q=1&nu=0&ib=0&dc=0&ob=0&oh=0&lt=1&ab=0&n=1&nm=1&sp=0&pt=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.109.123 London, United Kingdom, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-109-123.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-US,en;q=0.9
Referer
https://213.238.171.129.sslip.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Nov 2023 01:53:04 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Tue, 28 Nov 2023 01:53:04 GMT
pixel.gif
cbsdfp5832910442.s.moatpixel.com/ 		43 B
251 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cbsdfp5832910442.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=95&fi=1&apd=189&ui=0&uit=0&h=0&th=-1&s=0&ts=-1&bfa=1&d=213.238.171.129.sslip.io&L1id=4630587779&L2id=2401580864&L3id=4817195905&L4id=138247487539&S1id=23205969&S2id=23206089&ord=1701136380024&r=258842884772&t=fv&os=1&fi2=0&div1=0&ait=0&url=https%253A%252F%252F213.238.171.129.sslip.io%252F&mobile=0&click=0&initW=282&initH=211&initSRE=0.030990625&zMoatVGUID=5dc0a850-f78c-4d7b-b045-444db5b3fd59&zMoatPS=top&zMoatCURL=213.238.171.129.sslip.io&zMoatSL=mpu-flex-top%3FT-1000&zMoatPT=front_door&bedc=1&q=2&nu=0&ib=0&dc=0&ob=0&oh=0&lt=1&ab=0&n=1&nm=1&sp=0&pt=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.109.123 London, United Kingdom, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-109-123.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-US,en;q=0.9
Referer
https://213.238.171.129.sslip.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Nov 2023 01:53:04 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Tue, 28 Nov 2023 01:53:04 GMT
pixel.gif
cbsdfp5832910442.s.moatpixel.com/ 		43 B
251 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cbsdfp5832910442.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=95&fi=1&apd=189&ui=0&uit=0&h=0&th=-1&s=0&ts=-1&bfa=1&d=213.238.171.129.sslip.io&L1id=4630587779&L2id=2401580864&L3id=4817195905&L4id=138247487539&S1id=23205969&S2id=23206089&ord=1701136380024&r=258842884772&t=nht&os=1&fi2=0&div1=0&ait=0&url=https%253A%252F%252F213.238.171.129.sslip.io%252F&mobile=0&click=0&initW=282&initH=211&initSRE=0.030990625&zMoatVGUID=5dc0a850-f78c-4d7b-b045-444db5b3fd59&zMoatPS=top&zMoatCURL=213.238.171.129.sslip.io&zMoatSL=mpu-flex-top%3FT-1000&zMoatPT=front_door&bedc=1&q=3&nu=0&ib=0&dc=0&ob=0&oh=0&lt=1&ab=0&n=1&nm=1&sp=0&pt=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.109.123 London, United Kingdom, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-109-123.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-US,en;q=0.9
Referer
https://213.238.171.129.sslip.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Nov 2023 01:53:04 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Tue, 28 Nov 2023 01:53:04 GMT
pixel.gif
cbsdfp5832910442.s.moatpixel.com/ 		43 B
251 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cbsdfp5832910442.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=95&fi=1&apd=189&ui=0&uit=0&h=0&th=-1&s=0&ts=-1&bfa=1&d=213.238.171.129.sslip.io&L1id=4630587779&L2id=2401580864&L3id=4817195905&L4id=138247487539&S1id=23205969&S2id=23206089&ord=1701136380024&r=258842884772&t=bs&os=1&fi2=0&div1=0&ait=0&url=https%253A%252F%252F213.238.171.129.sslip.io%252F&mobile=0&click=0&initW=282&initH=211&initSRE=0.030990625&zMoatVGUID=5dc0a850-f78c-4d7b-b045-444db5b3fd59&zMoatPS=top&zMoatCURL=213.238.171.129.sslip.io&zMoatSL=mpu-flex-top%3FT-1000&zMoatPT=front_door&bedc=1&q=4&nu=0&ib=0&dc=0&ob=0&oh=0&lt=1&ab=0&n=1&nm=1&sp=0&pt=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.109.123 London, United Kingdom, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-109-123.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-US,en;q=0.9
Referer
https://213.238.171.129.sslip.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Nov 2023 01:53:04 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Tue, 28 Nov 2023 01:53:04 GMT
pixel.gif
cbsdfp5832910442.s.moatpixel.com/ 		43 B
251 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cbsdfp5832910442.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=117&fi=1&apd=211&ui=0&uit=0&h=0&th=-1&s=0&ts=-1&bfa=1&d=213.238.171.129.sslip.io&L1id=4630587779&L2id=2401580864&L3id=4817195905&L4id=138247487539&S1id=23205969&S2id=23206089&ord=1701136380024&r=258842884772&t=hdn&os=1&fi2=0&div1=0&ait=0&url=https%253A%252F%252F213.238.171.129.sslip.io%252F&mobile=0&click=0&initW=282&initH=211&initSRE=0.030990625&zMoatVGUID=5dc0a850-f78c-4d7b-b045-444db5b3fd59&zMoatPS=top&zMoatCURL=213.238.171.129.sslip.io&zMoatSL=mpu-flex-top%3FT-1000&zMoatPT=front_door&bedc=1&q=5&nu=0&ib=0&dc=0&ob=0&oh=0&lt=1&ab=0&n=0&nm=1&sp=0&pt=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.109.123 London, United Kingdom, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-109-123.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-US,en;q=0.9
Referer
https://213.238.171.129.sslip.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Nov 2023 01:53:04 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Tue, 28 Nov 2023 01:53:04 GMT
b
sb.scorecardresearch.com/ 		0
319 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b?c1=2&c2=3005086&c7=https%3A%2F%2Fwww.cbsnews.com%2F&c8=CBS%20News%20-%20Breaking%20news%2C%2024%2F7%20live%20streaming%20news%20%26%20top%20stories&c9=&comscorekw=CBSNewsHome&ns__t=1701136384145&ns_c=UFT-8&
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.161.34.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-161-34-34.bos50.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://213.238.171.129.sslip.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 01:53:04 GMT
via
1.1 b578b4642a9dfde97459f07330d190d4.cloudfront.net (CloudFront)
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
BOS50-P2
x-amz-cf-id
7vchRnKIrfj9r-8ju3ZRb1w7QHJqpfhurL2mHGwhtIK0NQAQ6wWBsg==
x-cache
Miss from cloudfront
2628570003.js
cdn.optimizely.com/js/ 		274 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.optimizely.com/js/2628570003.js
Requested by
Host: www.cbsnews.com
URL: https://www.cbsnews.com/fly/bundles/cbsnewscore/js-build/main.js?v=5659e73acd91751548aa89950cf015b0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:1c00:49e::13b8 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a6380b6e9a97837e4d7e419dcdd2e317372f2fcc996491ff73a7b3839fad99bf
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://213.238.171.129.sslip.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-meta-pci_enabled
False
x-amz-version-id
k_189Yzocx14kd.wvbWFJUoubq75Sldc
content-encoding
gzip
date
Tue, 28 Nov 2023 01:53:04 GMT
strict-transport-security
max-age=15768000
x-amz-request-id
C4PMZ0K7MF0R74BP
x-amz-server-side-encryption
AES256
x-amz-meta-revision
3669
x-amz-replication-status
PENDING
server-timing
cdn-cache; desc=HIT, edge; dur=1, cdn;desc="AkamaiION";dur=0,rtt;desc="16";dur=0,cdnip;desc="2600:141b:1c00:49e::13b8";dur=0,cdnmap;desc="a5048.dsca.akamaiedge.net";dur=0,proto;desc="h2";dur=0, ak_p; desc="1701136384249_388787785_507099085_32_2330_16_40_146";dur=1
content-length
86726
x-amz-id-2
0WqU5TwhzlHrCLrcYbnK8yOzuLPIeBLKyDAyouieQzzAMF1oKAD7VxfLf0u4p797SMYK9HD3L5M=
last-modified
Wed, 28 Jun 2023 21:49:12 GMT
server
AmazonS3
etag
"c8028c2dd5c05c97c449ccabbc91efe6"
vary
Accept-Encoding
access-control-max-age
86400
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
access-control-allow-methods
GET, HEAD
access-control-expose-headers
x-amz-meta-revision
cache-control
max-age=120
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
*
chartbeat_mab.js
static.chartbeat.com/js/ 		23 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.chartbeat.com/js/chartbeat_mab.js
Requested by
Host: www.cbsnews.com
URL: https://www.cbsnews.com/fly/bundles/cbsnewscore/js-build/main.js?v=5659e73acd91751548aa89950cf015b0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:24f1:d600:18:1fcd:353:c61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
cb83af0eec1fb71fb35196225c4a4a8964b7e47b52f9a85679c808907abd2b09

Request headers

accept-language
en-US,en;q=0.9
Referer
https://213.238.171.129.sslip.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 27 Nov 2023 22:00:36 GMT
content-encoding
gzip
via
1.1 eabcac050cde7358c94fc7ecf124ea4a.cloudfront.net (CloudFront)
last-modified
Thu, 16 Nov 2023 02:00:31 GMT
server
nginx
x-amz-cf-pop
JFK50-P4
age
13948
etag
W/"655577bf-5df1"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
cache-control
max-age=86400
cross-origin-resource-policy
cross-origin
x-amz-cf-id
yqfEH1g9HwQq7Gts-0bnLC75zi9NDesJ3hBuoCuklW-MHE5xByd7hw==
expires
Tue, 28 Nov 2023 22:00:36 GMT
a2628570003.html
a2628570003.cdn.optimizely.com/client_storage/ Frame 4C72 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://a2628570003.cdn.optimizely.com/client_storage/a2628570003.html
Requested by
Host: cdn.optimizely.com
URL: https://cdn.optimizely.com/js/2628570003.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.87.37.119 Lithia Springs, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-87-37-119.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
5eb4ecdbfd71806a8d53f0d71206cb2f6f4045808a18ad2b10434a9ffdf40a5c
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://213.238.171.129.sslip.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=120
content-encoding
gzip
content-length
776
content-type
text/html; charset=utf-8
date
Tue, 28 Nov 2023 01:53:04 GMT
etag
"8b34f46992c61e4c8960702515169ec1"
last-modified
Tue, 14 Nov 2023 20:51:08 GMT
server
AmazonS3
server-timing
cdn-cache; desc=HIT edge; dur=1 cdn;desc="AkamaiION";dur=0,rtt;desc="32";dur=0,cdnip;desc="184.87.37.119";dur=0,cdnmap;desc="a4343.a.akamaiedge.net";dur=0,proto;desc="h2";dur=0 ak_p; desc="1701136384574_389606439_1201557460_21_1713_32_46_255";dur=1
strict-transport-security
max-age=15768000
vary
Accept-Encoding
x-akamai-transformed
9 - 0 pmb=mRUM,2
x-amz-id-2
L3jrt5Yoc8wrZUWQgIfpsus73HIk4ex0JL/sIa3HhrR2xU6Bo0B8BijgPpzOMQvvIbqM9t+doY4=
x-amz-meta-pci_enabled
False
x-amz-replication-status
COMPLETED
x-amz-request-id
MXDY5XRXACQVWTKW
x-amz-server-side-encryption
AES256
x-amz-version-id
To62uO9nUhsAjeI0i941M45r3g1biQJJ
/
mab.chartbeat.com/mab_strategy/headline_testing/get_strategy/ 		166 B
496 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mab.chartbeat.com/mab_strategy/headline_testing/get_strategy/?host=cbsnews.com&domain=213.238.171.129.sslip.io&path=%2F
Requested by
Host: static.chartbeat.com
URL: https://static.chartbeat.com/js/chartbeat_mab.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42::714 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
56553a8283eddb6fcb23fd87c8fdca1a62b81166c8203e960a6a1d9a262839fa

Request headers

accept-language
en-US,en;q=0.9
Referer
https://213.238.171.129.sslip.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-cache-hits
0
date
Tue, 28 Nov 2023 01:53:04 GMT
content-encoding
gzip
via
1.1 varnish (Varnish/6.0), 1.1 varnish
age
0
x-cache
MISS
cross-origin-resource-policy
cross-origin
content-length
143
x-served-by
cache-ewr18172-EWR
x-timer
S1701136385.602901,VS0,VE29
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, s-maxage=0
accept-ranges
bytes
expires
Sun, 26 Nov 2023 01:53:04 GMT
chartbeat_video.js
static.chartbeat.com/js/ 		70 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.chartbeat.com/js/chartbeat_video.js
Requested by
Host: www.cbsnews.com
URL: https://www.cbsnews.com/fly/bundles/cbsnewscore/js-build/main.js?v=5659e73acd91751548aa89950cf015b0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:24f1:d600:18:1fcd:353:c61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
ff18779bb7f76122171e9faa51b7af30bc0239d361c926489b02032bb5bccb54

Request headers

accept-language
en-US,en;q=0.9
Referer
https://213.238.171.129.sslip.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 27 Nov 2023 22:00:20 GMT
content-encoding
gzip
via
1.1 eabcac050cde7358c94fc7ecf124ea4a.cloudfront.net (CloudFront)
last-modified
Thu, 16 Nov 2023 02:00:16 GMT
server
nginx
x-amz-cf-pop
JFK50-P4
age
13964
etag
W/"655577b0-1197e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
cache-control
max-age=86400
cross-origin-resource-policy
cross-origin
x-amz-cf-id
M5X7RRZ45tXsfxskJroFRqRhXsoktyECMACyxYXvJvDJ2cVsxrmoOA==
expires
Tue, 28 Nov 2023 22:00:20 GMT
ping
ping.chartbeat.net/ 		43 B
201 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ping.chartbeat.net/ping?h=cbsnews.com&p=%2F&u=Clo2UE60BNZBeJbDD&d=213.238.171.129.sslip.io&g=64660&g0=page-front-door%2Cedition-us%2Cus-frontdoor&g1=No%20Author&g4=front_door&n=1&f=00001&c=0&x=0&m=0&y=14545&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&PA=https%3A%2F%2F213.238.171.129.sslip.io%2F&b=2618&t=BP7j61qyC7qC-HzekDLYkGxNizTg&V=141&i=CBS%20News%20-%20Breaking%20news%2C%2024%2F7%20live%20streaming%20news%20%26%20top%20stories&tz=600&sn=1&sv=Dj3zK_D5H3VFDIirOJCVDBPPBapzh2&sd=1&im=067b2fd3&_
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.234.94.35 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-234-94-35.compute-1.amazonaws.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-US,en;q=0.9
Referer
https://213.238.171.129.sslip.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Tue, 28 Nov 2023 01:53:04 GMT
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-length
43
expires
0
v2dct7QSPycqlji17HhQJwi0MtrZ5V7i9ctT0h1hlUQXDRaBEpmYI3aE
uninterestedquarter.com/ 		68 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://uninterestedquarter.com/v2dct7QSPycqlji17HhQJwi0MtrZ5V7i9ctT0h1hlUQXDRaBEpmYI3aE
Requested by
Host: www.cbsnews.com
URL: https://www.cbsnews.com/fly/bundles/cbsnewscore/js-build/main.js?v=5659e73acd91751548aa89950cf015b0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:9ed6::1 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
13af0e6f4fa0a67f98f00083727180c3c26c634565736a0503df47cea3045a8d
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://213.238.171.129.sslip.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; preload
content-encoding
br
via
1.1 google
date
Tue, 28 Nov 2023 01:53:04 GMT
x-datacenter
gce-us-east1
etag
"099f9540d48ada91ed4f73edde3c1ab025164699c84586ab6220340de7b6d9c2"
x-buildname
hoothoot
vary
Accept-Encoding, Accept-Language
x-hostname
fen-hoothoot-us-east1-spot-wndx
content-type
text/javascript; charset=utf-8
cache-control
private, must-revalidate, max-age=21600
x-buildnumber
1072352451
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cbsint_a10ef_cbsnews.js
cdn-magiclinks.trackonomics.net/client/static/v2/ 		114 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-magiclinks.trackonomics.net/client/static/v2/cbsint_a10ef_cbsnews.js
Requested by
Host: www.cbsnews.com
URL: https://www.cbsnews.com/fly/bundles/cbsnewscore/js-build/main.responsive.js?v=5659e73acd91751548aa89950cf015b0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21ea:1200:1d:8c8c:47c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache/2.4.34 (Amazon) OpenSSL/1.0.2k-fips PHP/7.2.8 /
Resource Hash
42443a15df22d1769aca204e5ba7217e8e4474db675d06aac8275f49b2bc600a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://213.238.171.129.sslip.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 27 Nov 2023 06:57:05 GMT
content-encoding
gzip
via
1.1 04d5f6961d9b76b97c908d8ed9816378.cloudfront.net (CloudFront)
last-modified
Tue, 15 Nov 2022 12:07:14 GMT
server
Apache/2.4.34 (Amazon) OpenSSL/1.0.2k-fips PHP/7.2.8
x-amz-cf-pop
EWR50-C1
age
68159
etag
W/"1c84a-5ed81324e2070"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
access-control-allow-origin
*
x-amz-cf-id
CDx97yaXOphgqAUmVw2iPvsKh53H8J26Sp8Nf9JCNk3utl3OsJleVQ==
skeleton.gif
static.adsafeprotected.com/ 		43 B
483 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.adsafeprotected.com/skeleton.gif?adslot=mrjqx_728x90_
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:247b:6c00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

accept-language
en-US,en;q=0.9
Referer
https://213.238.171.129.sslip.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 23 Jul 2023 08:00:59 GMT
x-amz-version-id
iiN8XkcmZQdDIQeKkzAiegPwcD.5WPja
via
1.1 38385695b10551583d750b943a475982.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK52-P2
age
11037126
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
43
last-modified
Mon, 17 Aug 2020 23:55:15 GMT
server
AmazonS3
etag
"45cf913e5d9d3c9b2058033056d3dd23"
content-type
image/gif
cache-control
max-age=315360000
accept-ranges
bytes
x-amz-cf-id
vK-tPh7monGTEa4F1uBGEuvzAfWAmPj7EEUZIAc8EhlOD8S3nR_zkg==
vcpm-event
yeet.revcontent.com/yeet/events/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://yeet.revcontent.com/yeet/events/vcpm-event
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
184.72.178.21 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-184-72-178-21.compute-1.amazonaws.com
Software
envoy /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://213.238.171.129.sslip.io
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
POST
access-control-allow-origin
https://213.238.171.129.sslip.io
content-length
0
date
Tue, 28 Nov 2023 01:53:04 GMT
server
envoy
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers
x-envoy-upstream-service-time
4
x-rc-region
us-east-1a
vcpm-event
yeet.revcontent.com/yeet/events/ Frame 51CA 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://yeet.revcontent.com/yeet/events/vcpm-event
Requested by
Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
184.72.178.21 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-184-72-178-21.compute-1.amazonaws.com
Software
envoy /
Resource Hash

Request headers

Referer
https://213.238.171.129.sslip.io/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
application/json

Response headers

x-rc-region
us-east-1a
access-control-allow-origin
https://213.238.171.129.sslip.io
date
Tue, 28 Nov 2023 01:53:04 GMT
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
server
envoy
vary
Origin
vcpm-event
yeet.revcontent.com/yeet/events/ Frame 51CA 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://yeet.revcontent.com/yeet/events/vcpm-event
Requested by
Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
184.72.178.21 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-184-72-178-21.compute-1.amazonaws.com
Software
envoy /
Resource Hash

Request headers

Referer
https://213.238.171.129.sslip.io/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
application/json

Response headers

x-rc-region
us-east-1a
access-control-allow-origin
https://213.238.171.129.sslip.io
date
Tue, 28 Nov 2023 01:53:04 GMT
access-control-allow-credentials
true
x-envoy-upstream-service-time
3
server
envoy
vary
Origin
vcpm-event
yeet.revcontent.com/yeet/events/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://yeet.revcontent.com/yeet/events/vcpm-event
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
184.72.178.21 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-184-72-178-21.compute-1.amazonaws.com
Software
envoy /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://213.238.171.129.sslip.io
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
POST
access-control-allow-origin
https://213.238.171.129.sslip.io
content-length
0
date
Tue, 28 Nov 2023 01:53:04 GMT
server
envoy
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers
x-envoy-upstream-service-time
5
x-rc-region
us-east-1a
8b41061a96d2f8ffeaddf79d1afe775b4d8af9400d1
wellgroomedhydrant.com/b88e0e802/ 		295 B
322 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://wellgroomedhydrant.com/b88e0e802/8b41061a96d2f8ffeaddf79d1afe775b4d8af9400d1
Requested by
Host: uninterestedquarter.com
URL: https://uninterestedquarter.com/v2dct7QSPycqlji17HhQJwi0MtrZ5V7i9ctT0h1hlUQXDRaBEpmYI3aE
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:1901:0:809c::1 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software
/
Resource Hash
98be4a756625b3e9907d50abee5144882dcc6a3573ec3a416f3352fa625cf531
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

Referer
https://213.238.171.129.sslip.io/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

strict-transport-security
max-age=15724800; preload
date
Tue, 28 Nov 2023 01:53:04 GMT
via
1.1 google
x-buildnumber
1072352451
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
295
x-datacenter
gce-us-east1
x-buildname
hoothoot
vary
Accept-Encoding, Origin
access-control-allow-methods
POST, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://213.238.171.129.sslip.io
x-hostname
fen-hoothoot-us-east1-spot-wndx
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
expires
Tue, 28 Nov 2023 01:53:03 GMT
SPug
simage4.pubmatic.com/AdServer/ Frame 4C7D 		0
128 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=0&gdpr=0&gdpr_consent=&us_privacy=1YNN
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&predirect=https%3A%2F%2Fpbs.at.cbsi.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.248.18.34 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 01:53:04 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
8101dad300a506e310e4773ebff56692c7110ca91a6
wellgroomedhydrant.com/2d7d64c9b/ 		3 B
29 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://wellgroomedhydrant.com/2d7d64c9b/8101dad300a506e310e4773ebff56692c7110ca91a6
Requested by
Host: uninterestedquarter.com
URL: https://uninterestedquarter.com/v2dct7QSPycqlji17HhQJwi0MtrZ5V7i9ctT0h1hlUQXDRaBEpmYI3aE
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:1901:0:809c::1 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software
/
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

Referer
https://213.238.171.129.sslip.io/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

strict-transport-security
max-age=15724800; preload
date
Tue, 28 Nov 2023 01:53:05 GMT
via
1.1 google
x-buildnumber
1072352451
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3
x-datacenter
gce-us-east1
x-buildname
hoothoot
vary
Accept-Encoding, Origin
access-control-allow-methods
POST, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://213.238.171.129.sslip.io
x-hostname
fen-hoothoot-us-east1-spot-wndx
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
expires
Tue, 28 Nov 2023 01:53:04 GMT
pixel.gif
cbsdfp5832910442.s.moatpixel.com/ 		43 B
251 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cbsdfp5832910442.s.moatpixel.com/pixel.gif?m=1&iv=1&tuv=1061&tet=1168&fi=1&apd=1262&ui=0&uit=0&h=0&th=-1&s=0&ts=-1&bfa=1&d=213.238.171.129.sslip.io&L1id=4630587779&L2id=2401580864&L3id=4817195905&L4id=138247487539&S1id=23205969&S2id=23206089&ord=1701136380024&r=258842884772&t=iv&os=1&fi2=0&div1=1&ait=0&url=https%253A%252F%252F213.238.171.129.sslip.io%252F&mobile=0&click=0&initW=282&initH=211&initSRE=0.030990625&zMoatVGUID=5dc0a850-f78c-4d7b-b045-444db5b3fd59&zMoatPS=top&zMoatCURL=213.238.171.129.sslip.io&zMoatSL=mpu-flex-top%3FT-1000&zMoatPT=front_door&bedc=1&q=6&nu=0&ib=0&dc=0&ob=0&oh=0&lt=1&ab=0&n=0&nm=1&sp=0&pt=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.109.123 London, United Kingdom, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-109-123.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-US,en;q=0.9
Referer
https://213.238.171.129.sslip.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Nov 2023 01:53:05 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Tue, 28 Nov 2023 01:53:05 GMT
events
logx.optimizely.com/v1/ 		0
667 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://logx.optimizely.com/v1/events
Requested by
Host: cdn.optimizely.com
URL: https://cdn.optimizely.com/js/2628570003.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
3.94.12.39 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-94-12-39.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://213.238.171.129.sslip.io/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Tue, 28 Nov 2023 01:53:05 GMT
Via
1.1 google
server
istio-envoy
access-control-allow-methods
POST,OPTIONS
Content-Type
text/plain
access-control-allow-origin
https://213.238.171.129.sslip.io
access-control-expose-headers
X-Requested-With,Content-Type,Accept,Origin,X-App-Trace-Id
access-control-allow-credentials
true
x-envoy-upstream-service-time
7
Connection
keep-alive
timing-allow-origin
*
access-control-allow-headers
X-Requested-With,Content-Type,Accept,Origin,X-App-Trace-Id,X-Optimizely-Strict
Alt-Svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-request-id
72d9e25b-90de-4623-b6d2-a304a92900a6
PugMaster
image6.pubmatic.com/AdServer/ Frame 4C7D 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=33578205&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1YNN
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&predirect=https%3A%2F%2Fpbs.at.cbsi.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.81 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
697958b7719fabe6d935565b9693adba55b2fae12a9d0b262c630aa13d1e5769

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Tue, 28 Nov 2023 01:53:04 GMT
content-length
1741
content-type
text/html; charset=UTF-8
PugMaster
image6.pubmatic.com/AdServer/ Frame E160 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=44294950&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1YNN
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&predirect=https%3A%2F%2Fpbs.at.cbsi.com%2Fsetuid%3Fbidder%3Dgroupm%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.81 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
697958b7719fabe6d935565b9693adba55b2fae12a9d0b262c630aa13d1e5769

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Tue, 28 Nov 2023 01:53:04 GMT
content-length
1741
content-type
text/html; charset=UTF-8
Pug
image2.pubmatic.com/AdServer/ Frame C859
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFEWC1FN0t5cEFBQUJLc29DTVhSdw&gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Csyn%2Cpp%2Cpm&bee_sync_current_partner=adx&b...
  • https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Csyn%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
  • https://rtb-csync.smartadserver.com/redir?partneruserid=AADX-E7KypAAABKsoCMXRw&partnerid=127&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dsyn%252Cpp%252C...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=syn%2Cpp%2Cpm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=2&userid=5490910651018334647&gdpr=0&gdpr_consent=
  • https://sync.technoratimedia.com/services?uid=AADX-E7KypAAABKsoCMXRw&srv=cs&pid=73&cb=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26userid%3D5490910651018334647%26gdpr%3D0%26gdpr_cons...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&userid=5490910651018334647&gdpr=0&gdpr_consent=&bee_sync_partners=pp%2Cpm&bee_sync_current_partner=syn&bee_sync_initiator=adx&bee_sync_hop_count=3
  • https://bh.contextweb.com/bh/rtset?ev=AADX-E7KypAAABKsoCMXRw&do=add&pid=558502&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26userid%3D5490910651018334647%26gdpr%3D0%26bee_sync_pa...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&userid=5490910651018334647&gdpr=0&bee_sync_partners=pm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=4&ev=AADX-E7KypAAABKsoCMXR...
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AADX-E7KypAAABKsoCMXRw&gdpr=0
42 B
280 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AADX-E7KypAAABKsoCMXRw&gdpr=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&predirect=https%3A%2F%2Fpbs.at.cbsi.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 27 Nov 2023 16:56:31 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Length
0
Date
Tue, 28 Nov 2023 01:53:06 GMT
Server
gunicorn
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AADX-E7KypAAABKsoCMXRw&gdpr=0
strict-transport-security
max-age=2592000; includeSubDomains
141
match.deepintent.com/usersync/ Frame 1B85 		0
340 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&predirect=https%3A%2F%2Fpbs.at.cbsi.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.18.47.7 Miami, United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
Software
b /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

content-length
0
content-type
image/gif
date
Tue, 28 Nov 2023 01:53:05 GMT
p3p
policyref='http://cdn.deepintent.com/p3p.xml', CP='NON CUR DEV TAI'
server
b
b9pj45k4
sync-tm.everesttech.net/upi/pid/ Frame CF08 		85 B
258 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&predirect=https%3A%2F%2Fpbs.at.cbsi.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Jetty(9.4.35.v20201120) /
Resource Hash
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
no-cache
content-length
85
content-type
image/png
date
Tue, 28 Nov 2023 01:53:05 GMT
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
pragma
no-cache
server
Jetty(9.4.35.v20201120)
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-ewr18143-EWR
x-timer
S1701136386.951635,VS0,VE8
Pug
image2.pubmatic.com/AdServer/ Frame 82AD
Redirect Chain
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=59c70eXaPdb80z-C4dYg1-GDO9P8hz3StdZYLk-d
42 B
416 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=59c70eXaPdb80z-C4dYg1-GDO9P8hz3StdZYLk-d
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&predirect=https%3A%2F%2Fpbs.at.cbsi.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Tue, 28 Nov 2023 01:53:06 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
date
Tue, 28 Nov 2023 01:53:06 GMT
expires
Fri, 04 Aug 1978 12:00:00 GMT
location
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=59c70eXaPdb80z-C4dYg1-GDO9P8hz3StdZYLk-d
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
pragma
no-cache
strict-transport-security
max-age=86400
Pug
simage2.pubmatic.com/AdServer/ Frame 3AB8
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=&us_privacy=
  • https://dsp.nrich.ai/bidswitch/sync?bidswitch_ssp_id=pubmatic&bsw_custom_parameter=23bd3352-e7fa-4d20-94b7-7e3199ca7991&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=
  • https://x.bidswitch.net/sync?dsp_id=283&user_id=696a9e81-e116-44fd-bcc5-1e5ae32870f9&expires=1&user_group=2&ssp=pubmatic&bsw_param=23bd3352-e7fa-4d20-94b7-7e3199ca7991&gdpr=0&gdpr_consent=&gdpr_pd=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=23bd3352-e7fa-4d20-94b7-7e3199ca7991&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=
1 B
166 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=23bd3352-e7fa-4d20-94b7-7e3199ca7991&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&predirect=https%3A%2F%2Fpbs.at.cbsi.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
1
content-type
text/html; charset=utf-8
date
Tue, 28 Nov 2023 01:53:05 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
Date
Tue, 28 Nov 2023 01:53:06 GMT
Location
//simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=23bd3352-e7fa-4d20-94b7-7e3199ca7991&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=
Server
nginx
Pug
simage2.pubmatic.com/AdServer/ Frame 8126
Redirect Chain
  • https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
  • https://cm.adgrx.com/bridge.gif?AG_PID=pubmatic&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=df9238f6-8d90-11ee-a05a-06905cfe2b77
42 B
470 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=df9238f6-8d90-11ee-a05a-06905cfe2b77
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&predirect=https%3A%2F%2Fpbs.at.cbsi.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Tue, 28 Nov 2023 01:53:06 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, proxy-revalidate
content-length
0
content-type
image/gif
date
Tue, 28 Nov 2023 01:53:06 GMT
expires
Thu, 23 Sep 2004 17:42:04 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=df9238f6-8d90-11ee-a05a-06905cfe2b77
p3p
CP="NOI OTC OTP OUR NOR"
pragma
no-cache
server
Cowboy
x-realserver-nx
lga-delivery-4
setuid
pbs.at.cbsi.com/ Frame 53A0 		0
861 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pbs.at.cbsi.com/setuid?bidder=pubmatic&gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&f=b&uid=C5B20BED-E183-402B-A22C-83D5EF22CB2C
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&predirect=https%3A%2F%2Fpbs.at.cbsi.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.75.29.188 Ashburn, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
no-cache, no-store, must-revalidate
content-length
0
content-type
text/html
date
Tue, 28 Nov 2023 01:53:05 GMT
expires
0
pragma
no-cache
vary
Accept-Encoding
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-iad-kiad7000034-IAD
x-timer
S1701136386.950741,VS0,VE3
insync
thrtle.com/ Frame 4C7D
Redirect Chain
  • https://thrtle.com/insync?vxii_pid=10067&vxii_pdid=C5B20BED-E183-402B-A22C-83D5EF22CB2C&gdpr=0&gdpr_consent=
  • https://thrtle.com/insync?gdpr=0&gdpr_consent=&vxii_pdid=C5B20BED-E183-402B-A22C-83D5EF22CB2C&vxii_pid=12&vxii_pid1=10067&vxii_rcid=1500a741-4ae0-4226-bfd2-6ca021799ff2
43 B
295 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://thrtle.com/insync?gdpr=0&gdpr_consent=&vxii_pdid=C5B20BED-E183-402B-A22C-83D5EF22CB2C&vxii_pid=12&vxii_pid1=10067&vxii_rcid=1500a741-4ae0-4226-bfd2-6ca021799ff2
Protocol
H2
Server
52.70.29.196 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-70-29-196.compute-1.amazonaws.com
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

p3p
CP="NOI OUR BUS UNI COM NAV"
date
Tue, 28 Nov 2023 01:53:06 GMT
content-length
43
content-type
image/gif

Redirect headers

location
https://thrtle.com/insync?gdpr=0&gdpr_consent=&vxii_pdid=C5B20BED-E183-402B-A22C-83D5EF22CB2C&vxii_pid=12&vxii_pid1=10067&vxii_rcid=1500a741-4ae0-4226-bfd2-6ca021799ff2
date
Tue, 28 Nov 2023 01:53:06 GMT
content-type
text/html; charset=utf-8
content-length
211
p3p
CP="NOI OUR BUS UNI COM NAV"
sd
us-u.openx.net/w/1.0/ Frame 4C7D 		43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=540245193&val=C5B20BED-E183-402B-A22C-83D5EF22CB2C&gdpr=0&gdpr_consent=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Nov 2023 01:53:05 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT
Martin
crb.kargo.com/api/v1/dsync/ Frame 4C7D 		43 B
359 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://crb.kargo.com/api/v1/dsync/Martin?exid=C5B20BED-E183-402B-A22C-83D5EF22CB2C&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.169.162.91 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-169-162-91.compute-1.amazonaws.com
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Nov 2023 01:53:06 GMT
x-accel-expires
0
vary
Origin
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 UTC
sync
sync.bfmio.com/ Frame 4C7D 		0
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.bfmio.com/sync?pid=187&uid=C5B20BED-E183-402B-A22C-83D5EF22CB2C&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.3.119.146 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-3-119-146.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Connection
keep-alive
Date
Tue, 28 Nov 2023 01:53:06 GMT
CookieSyncPubMatic&gdpr=0&gdpr_consent=
rtb.adentifi.com/ Frame 4C7D 		0
287 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.adentifi.com/CookieSyncPubMatic&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.54.71.185 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-54-71-185.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 01:53:06 GMT
sn.ashx
pmp.mxptint.net/ Frame 4C7D
Redirect Chain
  • https://pmp.mxptint.net/sn.ashx?&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjc0NCZ0bD0xNTc2ODAw&piggybackCookie=R33645_10CD5156D_C2563653&r=https://pmp.mxptint.net/sn.ashx?ak=1
  • https://pmp.mxptint.net/sn.ashx?ak=1
43 B
266 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pmp.mxptint.net/sn.ashx?ak=1
Protocol
HTTP/1.1
Server
38.98.69.175 North Bergen, United States, ASN174 (COGENT-174, US),
Reverse DNS
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
Security Headers
Name Value
Strict-Transport-Security max-age=-384141186; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Expires
-1
Pragma
no-cache
Date
Tue, 28 Nov 2023 01:53:06 GMT
Cache-Control
no-cache
Strict-Transport-Security
max-age=-384141186; includeSubDomains
Content-Length
43
Content-Type
image/gif

Redirect headers

location
https://pmp.mxptint.net/sn.ashx?ak=1
date
Tue, 28 Nov 2023 01:53:05 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Pug
image2.pubmatic.com/AdServer/ Frame 4C7D
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=3&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=e7aec9d5-d48a-43eb-98ec-eba6db98bb60-65654802-5553&gdpr=0&gdpr_consent=
42 B
343 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=e7aec9d5-d48a-43eb-98ec-eba6db98bb60-65654802-5553&gdpr=0&gdpr_consent=
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Tue, 28 Nov 2023 01:53:05 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Tue, 28 Nov 2023 01:53:05 GMT
server
A
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=e7aec9d5-d48a-43eb-98ec-eba6db98bb60-65654802-5553&gdpr=0&gdpr_consent=
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 4C7D
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2635919596870554906&gdpr=0&gdpr_consent=&us_privacy=
1 B
200 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2635919596870554906&gdpr=0&gdpr_consent=&us_privacy=
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Tue, 28 Nov 2023 01:53:05 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2635919596870554906&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Tue, 28 Nov 2023 01:53:05 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
insync
thrtle.com/ Frame E160
Redirect Chain
  • https://thrtle.com/insync?vxii_pid=10067&vxii_pdid=C5B20BED-E183-402B-A22C-83D5EF22CB2C&gdpr=0&gdpr_consent=
  • https://thrtle.com/insync?gdpr=0&gdpr_consent=&vxii_pdid=C5B20BED-E183-402B-A22C-83D5EF22CB2C&vxii_pid=12&vxii_pid1=10067&vxii_rcid=5db749de-7e40-408b-8e19-2b63c386ee6a
43 B
295 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://thrtle.com/insync?gdpr=0&gdpr_consent=&vxii_pdid=C5B20BED-E183-402B-A22C-83D5EF22CB2C&vxii_pid=12&vxii_pid1=10067&vxii_rcid=5db749de-7e40-408b-8e19-2b63c386ee6a
Protocol
H2
Server
52.70.29.196 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-70-29-196.compute-1.amazonaws.com
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

p3p
CP="NOI OUR BUS UNI COM NAV"
date
Tue, 28 Nov 2023 01:53:06 GMT
content-length
43
content-type
image/gif

Redirect headers

location
https://thrtle.com/insync?gdpr=0&gdpr_consent=&vxii_pdid=C5B20BED-E183-402B-A22C-83D5EF22CB2C&vxii_pid=12&vxii_pid1=10067&vxii_rcid=5db749de-7e40-408b-8e19-2b63c386ee6a
date
Tue, 28 Nov 2023 01:53:06 GMT
content-type
text/html; charset=utf-8
content-length
211
p3p
CP="NOI OUR BUS UNI COM NAV"
sd
us-u.openx.net/w/1.0/ Frame E160 		43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=540245193&val=C5B20BED-E183-402B-A22C-83D5EF22CB2C&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&predirect=https%3A%2F%2Fpbs.at.cbsi.com%2Fsetuid%3Fbidder%3Dgroupm%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Nov 2023 01:53:05 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT
Martin
crb.kargo.com/api/v1/dsync/ Frame E160 		43 B
358 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://crb.kargo.com/api/v1/dsync/Martin?exid=C5B20BED-E183-402B-A22C-83D5EF22CB2C&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&predirect=https%3A%2F%2Fpbs.at.cbsi.com%2Fsetuid%3Fbidder%3Dgroupm%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.169.162.91 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-169-162-91.compute-1.amazonaws.com
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Nov 2023 01:53:06 GMT
x-accel-expires
0
vary
Origin
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 UTC
sync
sync.bfmio.com/ Frame E160 		0
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.bfmio.com/sync?pid=187&uid=C5B20BED-E183-402B-A22C-83D5EF22CB2C&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&predirect=https%3A%2F%2Fpbs.at.cbsi.com%2Fsetuid%3Fbidder%3Dgroupm%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.3.119.146 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-3-119-146.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Connection
keep-alive
Date
Tue, 28 Nov 2023 01:53:05 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 255E
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=
  • https://bh.contextweb.com/bh/rtset?ev=AADX-E7KypAAABKsoCMXRw&do=add&pid=558502&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26gdpr_consent%3D%26bee_sync_partners%3Dsas%252Csyn%252...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Csyn%2Cpm&bee_sync_current_partner=pp&bee_sync_initiator=pm&bee_sync_hop_count=1&ev=AADX-E7KypAAABKsoCMXRw&pid=558...
  • https://rtb-csync.smartadserver.com/redir?partneruserid=AADX-E7KypAAABKsoCMXRw&partnerid=127&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26gdpr%3D0%26bee_sync_partners%3Dsyn%...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&gdpr=0&bee_sync_partners=syn%2Cpm&bee_sync_current_partner=sas&bee_sync_initiator=pm&bee_sync_hop_count=2&userid=4050266413919326501&gdpr=0&gdpr_consent=
  • https://sync.technoratimedia.com/services?uid=AADX-E7KypAAABKsoCMXRw&srv=cs&pid=73&cb=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26gdpr%3D0%26userid%3D4050266413919326501%26gdpr%3D0%...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&gdpr=0&userid=4050266413919326501&gdpr=0&gdpr_consent=&bee_sync_partners=pm&bee_sync_current_partner=syn&bee_sync_initiator=pm&bee_sync_hop_count=3
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AADX-E7KypAAABKsoCMXRw&gdpr=0&gdpr_consent=
42 B
280 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AADX-E7KypAAABKsoCMXRw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&predirect=https%3A%2F%2Fpbs.at.cbsi.com%2Fsetuid%3Fbidder%3Dgroupm%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Tue, 28 Nov 2023 01:53:06 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Length
0
Date
Tue, 28 Nov 2023 01:53:06 GMT
Server
gunicorn
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AADX-E7KypAAABKsoCMXRw&gdpr=0&gdpr_consent=
strict-transport-security
max-age=2592000; includeSubDomains
CookieSyncPubMatic&gdpr=0&gdpr_consent=
rtb.adentifi.com/ Frame E160 		0
286 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.adentifi.com/CookieSyncPubMatic&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&predirect=https%3A%2F%2Fpbs.at.cbsi.com%2Fsetuid%3Fbidder%3Dgroupm%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.54.71.185 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-54-71-185.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 01:53:06 GMT
141
match.deepintent.com/usersync/ Frame B021 		0
244 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&predirect=https%3A%2F%2Fpbs.at.cbsi.com%2Fsetuid%3Fbidder%3Dgroupm%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.18.47.7 Miami, United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
Software
b /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

content-length
0
content-type
image/gif
date
Tue, 28 Nov 2023 01:53:05 GMT
p3p
policyref='http://cdn.deepintent.com/p3p.xml', CP='NON CUR DEV TAI'
server
b
sn.ashx
pmp.mxptint.net/ Frame E160
Redirect Chain
  • https://pmp.mxptint.net/sn.ashx?&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjc0NCZ0bD0xNTc2ODAw&piggybackCookie=R33647_10CD5156D_C2BC8FA1&r=https://pmp.mxptint.net/sn.ashx?ak=1
  • https://pmp.mxptint.net/sn.ashx?ak=1
43 B
266 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pmp.mxptint.net/sn.ashx?ak=1
Protocol
HTTP/1.1
Server
38.98.69.175 North Bergen, United States, ASN174 (COGENT-174, US),
Reverse DNS
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
Security Headers
Name Value
Strict-Transport-Security max-age=-384141186; includeSubDomains

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Expires
-1
Pragma
no-cache
Date
Tue, 28 Nov 2023 01:53:05 GMT
Cache-Control
no-cache
Strict-Transport-Security
max-age=-384141186; includeSubDomains
Content-Length
43
Content-Type
image/gif

Redirect headers

location
https://pmp.mxptint.net/sn.ashx?ak=1
date
Mon, 27 Nov 2023 16:58:37 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
b9pj45k4
sync-tm.everesttech.net/upi/pid/ Frame F149 		85 B
144 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&predirect=https%3A%2F%2Fpbs.at.cbsi.com%2Fsetuid%3Fbidder%3Dgroupm%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Jetty(9.4.35.v20201120) /
Resource Hash
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
no-cache
content-length
85
content-type
image/png
date
Tue, 28 Nov 2023 01:53:05 GMT
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
pragma
no-cache
server
Jetty(9.4.35.v20201120)
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-ewr18143-EWR
x-timer
S1701136386.980936,VS0,VE8
Pug
image2.pubmatic.com/AdServer/ Frame 8306
Redirect Chain
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=-MBYFvrNXhHjxFxG-ZFDQviUCkDjxwtA-ZbrWxBl
42 B
426 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=-MBYFvrNXhHjxFxG-ZFDQviUCkDjxwtA-ZbrWxBl
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&predirect=https%3A%2F%2Fpbs.at.cbsi.com%2Fsetuid%3Fbidder%3Dgroupm%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 27 Nov 2023 16:57:40 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
date
Tue, 28 Nov 2023 01:53:06 GMT
expires
Fri, 04 Aug 1978 12:00:00 GMT
location
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=-MBYFvrNXhHjxFxG-ZFDQviUCkDjxwtA-ZbrWxBl
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
pragma
no-cache
strict-transport-security
max-age=86400
Pug
simage2.pubmatic.com/AdServer/ Frame A823
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=&us_privacy=
  • https://rtb.adstanding.com/ssp/bidswitch/cookie?bidswitch_ssp_id=pubmatic&bidswitch_custom_parameter=23bd3352-e7fa-4d20-94b7-7e3199ca7991
  • https://x.bidswitch.net/sync?dsp_id=317&user_id=b97de1766730b2aa23de4eb09dd810a9&expires=30&ssp=pubmatic&bsw_param=23bd3352-e7fa-4d20-94b7-7e3199ca7991
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=23bd3352-e7fa-4d20-94b7-7e3199ca7991&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=
1 B
185 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=23bd3352-e7fa-4d20-94b7-7e3199ca7991&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&predirect=https%3A%2F%2Fpbs.at.cbsi.com%2Fsetuid%3Fbidder%3Dgroupm%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
1
content-type
text/html; charset=utf-8
date
Tue, 28 Nov 2023 01:53:04 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
Date
Tue, 28 Nov 2023 01:53:06 GMT
Location
//simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=23bd3352-e7fa-4d20-94b7-7e3199ca7991&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=
Server
nginx
Pug
simage2.pubmatic.com/AdServer/ Frame A676
Redirect Chain
  • https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
  • https://cm.adgrx.com/bridge.gif?AG_PID=pubmatic&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=df9238f6-8d90-11ee-a05a-06905cfe2b77
42 B
243 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=df9238f6-8d90-11ee-a05a-06905cfe2b77
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&predirect=https%3A%2F%2Fpbs.at.cbsi.com%2Fsetuid%3Fbidder%3Dgroupm%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Tue, 28 Nov 2023 01:53:05 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, proxy-revalidate
content-length
0
content-type
image/gif
date
Tue, 28 Nov 2023 01:53:06 GMT
expires
Thu, 23 Sep 2004 17:42:04 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=df9238f6-8d90-11ee-a05a-06905cfe2b77
p3p
CP="NOI OTC OTP OUR NOR"
pragma
no-cache
server
Cowboy
x-realserver-nx
lga-delivery-4
Pug
image2.pubmatic.com/AdServer/ Frame E160
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=3&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=e7aec9d5-d48a-43eb-98ec-eba6db98bb60-65654802-5553&gdpr=0&gdpr_consent=
42 B
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=e7aec9d5-d48a-43eb-98ec-eba6db98bb60-65654802-5553&gdpr=0&gdpr_consent=
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Tue, 28 Nov 2023 01:53:06 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Tue, 28 Nov 2023 01:53:05 GMT
server
A
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=e7aec9d5-d48a-43eb-98ec-eba6db98bb60-65654802-5553&gdpr=0&gdpr_consent=
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame E160
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2852092378984338714&gdpr=0&gdpr_consent=&us_privacy=
1 B
280 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2852092378984338714&gdpr=0&gdpr_consent=&us_privacy=
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Tue, 28 Nov 2023 01:53:04 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2852092378984338714&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Tue, 28 Nov 2023 01:53:05 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
setuid
pbs.at.cbsi.com/ Frame C797 		0
938 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pbs.at.cbsi.com/setuid?bidder=groupm&gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&f=b&uid=C5B20BED-E183-402B-A22C-83D5EF22CB2C
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&predirect=https%3A%2F%2Fpbs.at.cbsi.com%2Fsetuid%3Fbidder%3Dgroupm%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.75.29.188 Ashburn, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
no-cache, no-store, must-revalidate
content-length
0
content-type
text/html
date
Tue, 28 Nov 2023 01:53:05 GMT
expires
0
pragma
no-cache
vary
Accept-Encoding
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-iad-kiad7000034-IAD
x-timer
S1701136386.980047,VS0,VE5
PugMaster
image6.pubmatic.com/AdServer/ Frame 5D53 		4 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=79893009&p=156512&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1YNN
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156512
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.81 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
15f583457aaf3de15a556c74792fc7061d26a13b15d04c8bdcd3b6231018911a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
date
Tue, 28 Nov 2023 01:53:05 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Pug
simage2.pubmatic.com/AdServer/ Frame DEDF
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:f9Ti3QeA1R7NhE5&gdpr=0&gdpr_consent=
42 B
300 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:f9Ti3QeA1R7NhE5&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156512
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 27 Nov 2023 16:57:40 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Date
Tue, 28 Nov 2023 01:53:05 GMT
Expires
Fri, 01 Jan 1990 00:00:00 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:f9Ti3QeA1R7NhE5&gdpr=0&gdpr_consent=
Pragma
no-cache
Server
PingMatch/v2.0.30-795-gb641a57#rel-ec2-master i-0b833971c6150453a@us-east-1b@dxedge-app-us-east-1-prod-asg
Strict-Transport-Security
max-age=2592000; includeSubDomains
Pug
image2.pubmatic.com/AdServer/ Frame EF5C
Redirect Chain
  • https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=1797288128071551211
42 B
274 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=1797288128071551211
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156512
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 27 Nov 2023 16:59:30 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Content-Length
0
Date
Tue, 28 Nov 2023 01:53:06 GMT
Location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=1797288128071551211
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Server
Jetty(9.4.51.v20230217)
i.match
s.tribalfusion.com/z/ Frame 7183
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATI...
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMA...
43 B
414 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156512
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache private
cf-cache-status
DYNAMIC
cf-ray
82cef9ae189019e7-EWR
content-length
43
content-type
image/gif; charset=utf-8
date
Tue, 28 Nov 2023 01:53:06 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
p3p
CP="NOI DEVo TAIa OUR BUS"
pragma
no-cache
server
cloudflare
x-function
302

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache private
cf-cache-status
DYNAMIC
cf-ray
82cef9ad7fc219e7-EWR
content-type
text/html
date
Tue, 28 Nov 2023 01:53:06 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
p3p
CP="NOI DEVo TAIa OUR BUS"
pragma
no-cache
server
cloudflare
x-function
206
x-reuse-index
456
Pug
simage2.pubmatic.com/AdServer/ Frame 47BE
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=hhtuxYqsW2NjryUO9oBqpM5CYIY&gdpr=0&gdpr_consent=
42 B
299 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=hhtuxYqsW2NjryUO9oBqpM5CYIY&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156512
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Tue, 28 Nov 2023 01:53:05 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Length
188
Content-Type
text/html; charset=utf-8
Date
Tue, 28 Nov 2023 01:53:06 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=hhtuxYqsW2NjryUO9oBqpM5CYIY&gdpr=0&gdpr_consent=
usersync.aspx
dis.criteo.com/dis/ Frame C655 		43 B
362 B 		Document
General
Check archive.org
Download Go to
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156512
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.150 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-cache
content-type
image/gif
cross-origin-resource-policy
cross-origin
date
Tue, 28 Nov 2023 01:53:05 GMT
expires
Tue, 28 Nov 2023 00:00:00 GMT
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
537044
strict-transport-security
max-age=31536000; preload;
x-errorlevel
0
pbmtc.gif
beacon.lynx.cognitivlabs.com/ Frame FF71
Redirect Chain
  • https://beacon.lynx.cognitivlabs.com/pbmtc.gif?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0xJnR5cGU9MSZjb2RlPTM0MzkmdGw9MTI5NjAw&piggybackCookie=$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0xJnR5cGU9MSZjb2RlPTM0MzkmdGw9MTI5NjAw&piggybackCookie=8b9b8f6c-c210-4107-bc4e-30b9bd3223d8&r=https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=$...
  • https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=C5B20BED-E183-402B-A22C-83D5EF22CB2C
42 B
489 B 		Document
General
Check archive.org
Download Go to
Full URL
https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=C5B20BED-E183-402B-A22C-83D5EF22CB2C
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156512
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.206.205.175 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-206-205-175.compute-1.amazonaws.com
Software
Kestrel /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Connection
keep-alive
Content-Length
42
Content-Type
image/gif
Date
Tue, 28 Nov 2023 01:53:06 GMT
Server
Kestrel

Redirect headers

cache-control
no-store, no-cache, private
date
Mon, 27 Nov 2023 16:31:59 GMT
location
https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=C5B20BED-E183-402B-A22C-83D5EF22CB2C
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
Pug
image2.pubmatic.com/AdServer/ Frame 3821
Redirect Chain
  • https://t.adx.opera.com/pub/sync?pubid=pub8730968190912
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPUb921b702034e445fae22937cc7b7fd4c
42 B
425 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPUb921b702034e445fae22937cc7b7fd4c
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156512
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Tue, 28 Nov 2023 01:53:05 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With
access-control-allow-methods
POST, GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
content-length
166
content-type
text/html; charset=utf-8
date
Tue, 28 Nov 2023 01:53:06 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPUb921b702034e445fae22937cc7b7fd4c
pragma
no-cache
server
Tengine
Pug
simage2.pubmatic.com/AdServer/ Frame 541D
Redirect Chain
  • https://b1sync.zemanta.com/usersync/pubmatic/?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDMmdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDMmdGw9MTI5NjAw&piggybackCookie=uid:W4l2hieW1Pe-3sxK-lnb&gdpr=0&gdpr_consent=&gdpr=0
42 B
279 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDMmdGw9MTI5NjAw&piggybackCookie=uid:W4l2hieW1Pe-3sxK-lnb&gdpr=0&gdpr_consent=&gdpr=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156512
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Tue, 28 Nov 2023 01:53:04 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Cache-Control
no-cache, no-store, must-revalidate
Content-Length
196
Content-Type
text/html; charset=utf-8
Date
Tue, 28 Nov 2023 01:53:06 GMT
Expires
Thu, 01 Dec 1994 16:00:00 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDMmdGw9MTI5NjAw&piggybackCookie=uid:W4l2hieW1Pe-3sxK-lnb&gdpr=0&gdpr_consent=&gdpr=0
P3p
CP="We do not support P3P header."
Pragma
no-cache
pubmatic
ad.mrtnsvr.com/sync/ Frame A316 		0
0
Pug
simage2.pubmatic.com/AdServer/ Frame AE5D
Redirect Chain
  • https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token}
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
0
74 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156512
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Tue, 28 Nov 2023 01:53:06 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
date
Tue, 28 Nov 2023 01:53:06 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
server
_
Pug
simage2.pubmatic.com/AdServer/ Frame C0A3
Redirect Chain
  • https://ums.acuityplatform.com/tum?umid=6
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=857602416520
42 B
208 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=857602416520
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156512
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Tue, 28 Nov 2023 01:53:04 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Access-Control-Allow-Origin
*
Content-Length
0
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=857602416520
cm
ipac.ctnsnet.com/int/ Frame B1F9 		43 B
369 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156512
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.193.173 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
173.193.186.35.bc.googleusercontent.com
Software
Apache-Coyote/1.1 /
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
43
content-type
image/gif
date
Tue, 28 Nov 2023 01:53:05 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
CP="NOI DSP COR NID CUR OUR NOR"
pragma
no-cache
server
Apache-Coyote/1.1
via
1.1 google
Pug
image2.pubmatic.com/AdServer/ Frame B6BF
Redirect Chain
  • https://gocm.c.appier.net/pubmatic
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=KddlgywiDrGjqcCcAkhlZQ
42 B
279 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=KddlgywiDrGjqcCcAkhlZQ
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156512
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 27 Nov 2023 16:47:15 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

accept-ch
Sec-CH-UA-Model,Sec-CH-UA-Platform-Version
cache-control
no-store
content-length
153
content-type
text/html; charset=utf-8
date
Tue, 28 Nov 2023 01:53:06 GMT
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=KddlgywiDrGjqcCcAkhlZQ
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
nginx
Pug
simage2.pubmatic.com/AdServer/ Frame BA0C
Redirect Chain
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=
  • https://ad.turn.com/r/cs?pid=45&rndcb=6960745698
  • https://sync.1rx.io/usersync/turn/2780034784946410778?dspret=1&gdpr=&gdpr_consent=&us_privacy=
  • https://sync.targeting.unrulymedia.com/csync/RX-6d7d368c-feeb-4b59-b1dc-1945c652496a-005?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-6d7d368c-feeb-4b59-b1dc-1945c652496a-005
42 B
334 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-6d7d368c-feeb-4b59-b1dc-1945c652496a-005
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156512
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 27 Nov 2023 16:59:30 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Type
text/html
Date
Tue, 28 Nov 2023 01:53:06 GMT
ETag
RX6d7d368cfeeb4b59b1dc1945c652496a005
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-6d7d368c-feeb-4b59-b1dc-1945c652496a-005
P3P
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
Server
Tengine
Transfer-Encoding
chunked
Pug
simage2.pubmatic.com/AdServer/ Frame 5085
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:0e2f6565-4802-4400-88b1-07b19da69a18&gdpr=0&gdpr_consent=
42 B
210 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:0e2f6565-4802-4400-88b1-07b19da69a18&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156512
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Tue, 28 Nov 2023 01:53:05 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
Content-Type
image/gif
Date
Tue, 28 Nov 2023 01:53:06 GMT
Expires
Tue, 28 Nov 2023 01:53:05 GMT
Keep-Alive
timeout=360
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server
MT3 1143 599e619 master iad iad-pixel-x18 config_version:"418"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:0e2f6565-4802-4400-88b1-07b19da69a18&gdpr=0&gdpr_consent=
cookiesync
core.iprom.net/ Frame B7F0 		43 B
277 B 		Document
General
Check archive.org
Download Go to
Full URL
https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156512
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.5.165.20 , Slovenia, ASN44968 (IPROM-AS, SI),
Reverse DNS
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Connection
close
Content-Length
43
Content-Type
image/gif
Date
Tue, 28 Nov 2023 01:53:06 GMT
Vary
Accept-Encoding
X-adserver-worker
avatar-1404233df59e@version_1.577
X-core-time
0ms
X-server-arch
v2
pub
matching.truffle.bid/sync/ Frame 6DD5 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156512
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
162.55.120.196 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.196.120.55.162.clients.your-server.de
Software
nginx/1.23.3 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Connection
keep-alive
Date
Tue, 28 Nov 2023 01:53:06 GMT
Server
nginx/1.23.3
Strict-Transport-Security
max-age=15768000
Pug
simage2.pubmatic.com/AdServer/ Frame D0BE
Redirect Chain
  • https://px.owneriq.net/epm?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=$UID
  • https://px.owneriq.net/ecc?redir=https%3a%2f%2fsimage2.pubmatic.com%2fAdServer%2fPug%3fvcode%3dbz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw%26piggybackCookie%3dQ7544227861187578966&uid=Q754422786118757...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=Q7544227861187578966
42 B
95 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=Q7544227861187578966
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156512
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Tue, 28 Nov 2023 01:53:06 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Cache-Control
max-age=41671
Connection
keep-alive
Content-Length
154
Content-Type
text/html
Date
Tue, 28 Nov 2023 01:53:07 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=Q7544227861187578966
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server
Apache/2.4.6 (CentOS)
Vary
Accept-Encoding
X-Powered-By
PHP/7.3.33
Pug
simage2.pubmatic.com/AdServer/ Frame C4A8
Redirect Chain
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:3632AF9873274782B2743660ED8B6F3C&gdpr=0&gdpr_consent=
1 B
53 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:3632AF9873274782B2743660ED8B6F3C&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156512
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
1
content-type
text/html; charset=utf-8
date
Tue, 28 Nov 2023 01:53:06 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
cache-control
no-cache
content-length
142
content-type
text/html
date
Tue, 28 Nov 2023 01:53:06 GMT
expires
Mon, 27 Nov 2023 01:53:06 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:3632AF9873274782B2743660ED8B6F3C&gdpr=0&gdpr_consent=
server
openresty
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
syncMe
synchroscript.deliveryengine.adswizz.com/ Frame 5D53 		0
363 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://synchroscript.deliveryengine.adswizz.com/syncMe?partnerDomain=mrtnsvr.com&idType=cookie&partnerUserId=C5B20BED-E183-402B-A22C-83D5EF22CB2C&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.248.28.79 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-248-28-79.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 01:53:05 GMT
x-clacks-overhead
GNU Terry Pratchett
x-adswizz-request-id
1271739f-e519-4cab-90dd-d68ec1cb2312
Connection
keep-alive
Content-Length
0
x-application-context
application:production
db_sync
px.ads.linkedin.com/ Frame 5D53
Redirect Chain
  • https://idsync.rlcdn.com/712188.gif?partner_uid=C5B20BED-E183-402B-A22C-83D5EF22CB2C&gdpr=0&gdpr_consent=
  • https://pippio.com/api/sync?pid=5324&it=1&iv=934558ece05fbab7c82a85187a865988412eeae7b7d6bee9e972f54608af64f6791426b5417dce21&_=2
  • https://px.ads.linkedin.com/db_sync?pid=10339&puuid=934558ece05fbab7c82a85187a865988412eeae7b7d6bee9e972f54608af64f6791426b5417dce21&rand=00814687
0
143 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/db_sync?pid=10339&puuid=934558ece05fbab7c82a85187a865988412eeae7b7d6bee9e972f54608af64f6791426b5417dce21&rand=00814687
Protocol
H2
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 01:53:05 GMT
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: 055EE619153C4A619C3CD345D4ACC096 Ref B: PHL30EDGE0108 Ref C: 2023-11-28T01:53:06Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-ltx1
x-li-proto
http/2
content-length
0
x-li-uuid
AAYLLK4FnfzW1sUN60FqXw==

Redirect headers

date
Tue, 28 Nov 2023 01:53:06 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://px.ads.linkedin.com/db_sync?pid=10339&puuid=934558ece05fbab7c82a85187a865988412eeae7b7d6bee9e972f54608af64f6791426b5417dce21&rand=00814687
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
gdpr_consent=
bcp.crwdcntrl.net/map/c=14701/tp=MTAI/tpid=C5B20BED-E183-402B-A22C-83D5EF22CB2C/gdpr=0/ Frame 5D53 		49 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bcp.crwdcntrl.net/map/c=14701/tp=MTAI/tpid=C5B20BED-E183-402B-A22C-83D5EF22CB2C/gdpr=0/gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.88.134.208 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-88-134-208.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Nov 2023 01:53:06 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.40.6.47
content-length
49
expires
0
receive
pixel.tapad.com/idsync/ex/ Frame 5D53 		95 B
124 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=3203&partner_device_id=C5B20BED-E183-402B-A22C-83D5EF22CB2C&gdpr=0&gdpr_consent=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
62.113.111.34.bc.googleusercontent.com
Software
Jetty(11.0.13) /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 01:53:06 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
content-type
image/png
access-control-allow-origin
*
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95
Pug
simage2.pubmatic.com/AdServer/ Frame 5D53
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=6830002172029342515
42 B
241 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=6830002172029342515
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Tue, 28 Nov 2023 01:53:05 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Tue, 28 Nov 2023 01:53:06 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=6830002172029342515
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
Pug
simage2.pubmatic.com/AdServer/ Frame 5D53
Redirect Chain
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:a6fb5414-ac15-4a40-861c-4402e80f71ac&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
42 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:a6fb5414-ac15-4a40-861c-4402e80f71ac&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Tue, 28 Nov 2023 01:53:06 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:a6fb5414-ac15-4a40-861c-4402e80f71ac&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Date
Tue, 28 Nov 2023 01:53:06 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=5, max=3000
Content-Length
0
P3P
policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"
pixel.gif
px.moatads.com/ 		43 B
251 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=9&q=0&hp=1&zMoatAdUnit1=aw-cbsnews&zMoatAdUnit2=home&wf=1&ra=3&pxm=2&sgs=3&vb=17&kq=1&lo=1&uk=null&pk=1&wk=1&rk=1&tk=0&ak=-&i=CBS_PREBID_HEADER1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K3%2BY%24%3D!%5Dx%24P%5Bh3MrI1%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-dBE63cnegzlATHhA%2BfHRT33aDaO73LuhfDBJf6raYEJYmkDpFPmliBNlAlwWxmRnpyWz&rs=1-TxbrCERvHCbFpA%3D%3D&sc=1&os=1-Xg%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=600&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&vf=1&vg=100&bq=11&zMoatpos=inc&zMoatsl=mpu-flex-inc%3FLL%7CT-1000&zMoatptype=front_door&g=1&h=250&w=300&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&rm=1&fy=0&gp=0&zGSRS=1&zGSRC=1&gu=https%3A%2F%2F213.238.171.129.sslip.io%2F&id=1&ii=4&f=0&j=&t=1701136380024&de=447155191814&rx=516254264640&cu=1701136380024&m=7244&ar=51bd715ca6c-clean&iw=479f042&cb=0&rd=0&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=14545&le=1&lf=180&lg=0&lh=53&ch=0&vv=1&vw=1%3A0%3A0&vp=0&vx=0%3A-%3A-&pe=1%3A1535%3A1609%3A2619%3A1787&as=0&ag=0&an=0&gf=0&gg=0&ix=0&ic=0&aj=0&pg=0&pf=0&ib=1&cc=0&bw=0&bx=0&dj=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=5133&cd=56&ah=5133&am=56&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=25365849%3A131414049%3A230434329%3A138290860826&cm=1&bo=aw-cbsnews&bd=home&gw=cbsprebidheader506831276743&zMoatOrigSlicer1=undefined&zMoatOrigSlicer2=undefined&zMoatAType=content_feature&zMoatGAMSize=300x250&hv=Standard%20Image%20Ad%20finding%20&ab=1&fd=1&kt=strict&it=500&oq=0&ot=0&zMoatJS=3%3A-&ti=0&ih=2&jk=4&jm=-1&tc=0&fs=205853&na=1685941345&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.51.54.26 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-51-54-26.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-US,en;q=0.9
Referer
https://213.238.171.129.sslip.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Nov 2023 01:53:07 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Tue, 28 Nov 2023 01:53:07 GMT
i.png
trx-hub.com/i/m/ 		128 B
464 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trx-hub.com/i/m/i.png?q=N4IghgLhBOD6BmB7aB3M0AmBLAdgcxAC5gBfAGhAFsBTCMDSMI0iiLS3A48kAV2gA2AZ2Y9IMWGAAOU6jgyiKUsHmqwYYAMbUiAbVBDE-bURAALKFKGEA9DYBMARgDMAOnvOAHK8cB2Rz72AJyuQkICWFKuWIg2IBTQ1PDU0InQpvHgUHBIqOjY+KIkALoUmrxCEIiUsDR0iiCaEXIQ6uw6hCD2AAweALSOjn32ngAq3Y6EAKzOhN2+rp4jAFqZyqptEAIdIADCAEIAygAEAHLUKELHfcf7iWAA1pzHOBdCZMf2ACw2vscRADdqMdKvcOPgXm9jgAyY5VKQgqrQLDUEQULBYBSdDEYPwTFwANi8viWnnoBAo1CBOFaEAAnrJTOwpIkwjEcJlypVqilYJjTJoAEZCXCtMCObpJWBCoSvS6czFSRwC4WiyQSpIKjBSewq2VvEAkIA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.214.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-214-129.ewr50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a4d450d9f67e06c84c82a9a8c58cfc96fd91795b935201dace82e858732ddea6

Request headers

accept-language
en-US,en;q=0.9
Referer
https://213.238.171.129.sslip.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 27 Nov 2023 08:06:14 GMT
via
1.1 759533d02225fb7e951ea4dc2b01fd48.cloudfront.net (CloudFront)
last-modified
Mon, 24 Aug 2020 04:40:25 GMT
server
AmazonS3
x-amz-cf-pop
EWR50-C1
age
64014
etag
"90eb1bf3b49429bde87a3b5f0b53e6a5"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
128
x-amz-cf-id
n97LJfjMftaov3DSJISZ4RcJqFuBzI1LpY79bCZ6XrdM8vNo274gTw==
SPug
simage4.pubmatic.com/AdServer/ Frame 4C7D 		0
128 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=0&gdpr=0&gdpr_consent=&us_privacy=1YNN
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&predirect=https%3A%2F%2Fpbs.at.cbsi.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.248.18.34 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 01:53:07 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
id3-events.json
dai.google.com/linear/hls/pa/event/Sid4xiTQTkCT1SLu6rjUSQ/stream/256b38fd-8ed9-4188-8f15-081c15139a16:CBF2/ Frame 0C7C 		106 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://dai.google.com/linear/hls/pa/event/Sid4xiTQTkCT1SLu6rjUSQ/stream/256b38fd-8ed9-4188-8f15-081c15139a16:CBF2/id3-events.json
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3_dai_debug.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4008:805::200e Bradenton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
f8b8137031a6e1e77e08b41b8abde91c9af330b6d9e99fc0431b50ddd5951d76
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cbsnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Nov 2023 01:53:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.cbsnews.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-disposition
attachment; filename="id3-events.json"
access-control-allow-headers
Authorization
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
expires
Mon, 01 Jan 1990 00:00:00 GMT
SPug
simage4.pubmatic.com/AdServer/ Frame E160 		0
48 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=0&gdpr=0&gdpr_consent=&us_privacy=1YNN
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&predirect=https%3A%2F%2Fpbs.at.cbsi.com%2Fsetuid%3Fbidder%3Dgroupm%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.248.18.34 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 01:53:07 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
SPug
simage4.pubmatic.com/AdServer/ Frame 5D53 		0
48 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=156512&gdpr=0&gdpr_consent=&us_privacy=1YNN
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156512
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.248.18.34 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 01:53:07 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
doppler.b29058ac.min.js
doppler-config.cbsivideo.com/
Redirect Chain
  • https://doppler-config.cbsivideo.com/doppler.js
  • https://doppler-config.cbsivideo.com/doppler.b29058ac.min.js
66 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://doppler-config.cbsivideo.com/doppler.b29058ac.min.js
Protocol
H2
Server
2a04:4e42:46::444 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
36f9d07f3ece059f8c9eee159a9c1d1380b52823197f5e0f4391f754c5aedc14

Request headers

accept-language
en-US,en;q=0.9
Referer
https://213.238.171.129.sslip.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-cache-hits
42
date
Tue, 28 Nov 2023 01:53:08 GMT
content-encoding
gzip
via
1.1 varnish
x-continent-code
NA
x-amz-request-id
9401DKY4RVWHXD99
age
836
x-amz-server-side-encryption
AES256
x-cache
HIT
x-asn
701
content-length
20502
x-amz-id-2
hFf//0E1zbrmo86Z/4QBuK9D8wYLxUcDovh85nKX2Trjp2JUAJtMnFb4O0OHriAuuY+pniHfqJ0=
x-served-by
cache-lga21956-LGA
last-modified
Wed, 25 Oct 2023 19:49:31 GMT
server
AmazonS3
x-timer
S1701136389.874180,VS0,VE0
etag
"9606f0cf6808484d348daec2a24b85f3"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
x-asn,x-continent-code,x-country-code,x-subdiv-code
cache-control
public, max-age=1209600, immutable
accept-ranges
bytes
x-country-code
US
x-subdiv-code
NY

Redirect headers

x-cache-hits
0
date
Tue, 28 Nov 2023 01:53:08 GMT
via
1.1 varnish
x-continent-code
NA
x-cache
HIT
x-asn
701
content-length
0
x-served-by
cache-lga21956-LGA
server
Varnish
x-timer
S1701136389.806610,VS0,VE0
location
https://doppler-config.cbsivideo.com/doppler.b29058ac.min.js
access-control-allow-origin
*
access-control-expose-headers
x-asn,x-continent-code,x-country-code,x-subdiv-code
cache-control
public, max-age=600, must-revalidate
accept-ranges
bytes
x-country-code
US
retry-after
0
x-subdiv-code
NY
343641.m3u8
dai.google.com/linear/hls/pa/event/Sid4xiTQTkCT1SLu6rjUSQ/stream/256b38fd-8ed9-4188-8f15-081c15139a16:CBF2/variant/a2490d3c744cd6c7e5676ecfc6956ee9/bandwidth/ Frame 0C7C 		4 KB
405 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dai.google.com/linear/hls/pa/event/Sid4xiTQTkCT1SLu6rjUSQ/stream/256b38fd-8ed9-4188-8f15-081c15139a16:CBF2/variant/a2490d3c744cd6c7e5676ecfc6956ee9/bandwidth/343641.m3u8
Requested by
Host: www.cbsnews.com
URL: https://www.cbsnews.com/fly/bundles/cbsnewscore/js-build/polyfills/hls.min.js?v=5659e73acd91751548aa89950cf015b0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4008:805::200e Bradenton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
90e0bc30abe894653035a84fb54775977eb93778058d9096cab921d535fdcb19
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cbsnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Nov 2023 01:53:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
content-type
application/x-mpegURL; charset=UTF-8
access-control-allow-origin
https://www.cbsnews.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-disposition
inline; filename="variant.m3u8"
access-control-allow-headers
Authorization
content-length
382
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 01 Jan 1990 00:00:00 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame E160 		577 B
844 B 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=12480599&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1YNN
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&predirect=https%3A%2F%2Fpbs.at.cbsi.com%2Fsetuid%3Fbidder%3Dgroupm%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
8.28.7.81 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
707df400f6dc3ea04d0f75a742469b3e74bde5e297886b2dd7b1b4cc40b71766

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Tue, 28 Nov 2023 01:53:08 GMT
content-length
577
content-type
text/html; charset=UTF-8
setuid
pbs.at.cbsi.com/ Frame D305 		0
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://pbs.at.cbsi.com/setuid?bidder=groupm&gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&f=b&uid=C5B20BED-E183-402B-A22C-83D5EF22CB2C
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=&predirect=https%3A%2F%2Fpbs.at.cbsi.com%2Fsetuid%3Fbidder%3Dgroupm%26gdpr%3D%26gdpr_consent%3D%26us_privacy%3D%26gpp%3D%26gpp_sid%3D%26f%3Db%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.75.29.188 Ashburn, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
no-cache, no-store, must-revalidate
content-length
0
content-type
text/html
date
Tue, 28 Nov 2023 01:53:09 GMT
expires
0
pragma
no-cache
vary
Accept-Encoding
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-iad-kiad7000034-IAD
x-timer
S1701136389.047842,VS0,VE3
/
bpi.rtactivate.com/tag/ Frame E160 		43 B
109 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bpi.rtactivate.com/tag/?id=20909&user_id=C5B20BED-E183-402B-A22C-83D5EF22CB2C&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
107.23.110.3 -, , ASN (),
Reverse DNS
Software
awselb/2.0 /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 01:53:09 GMT
server
awselb/2.0
content-length
43
content-type
image/gif
2361.gif
p.alcmpn.com/em/173/111/ Frame E160
Redirect Chain
  • https://i.liadm.com/s/75145?bidder_id=195755&bidder_uuid=C5B20BED-E183-402B-A22C-83D5EF22CB2C
  • https://he.lijit.com/merge?pid=8105&event_type=email&lc_md5=ea850f47c7f0334a37803d054e22987d&lc_sha1=6fb1efc025eb6ace05e6290bdbc20873962b48fc&lc_sha256=aec929b7c650316e9d46992c3ad4a2f2d27455c5fd8a3...
  • https://he.lijit.com/merge?dnr=1&pid=8105&lc_md5=ea850f47c7f0334a37803d054e22987d&uc_md5=&lc_sha1=6fb1efc025eb6ace05e6290bdbc20873962b48fc&uc_sha1=&lc_sha256=aec929b7c650316e9d46992c3ad4a2f2d27455c...
  • https://p.alcmpn.com/em/173/111/2361.gif?bid=6fb1efc025eb6ace05e6290bdbc20873962b48fc&gid=ea850f47c7f0334a37803d054e22987d&eid=aec929b7c650316e9d46992c3ad4a2f2d27455c5fd8a328b47e3b2182ffc92dd
64 B
285 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p.alcmpn.com/em/173/111/2361.gif?bid=6fb1efc025eb6ace05e6290bdbc20873962b48fc&gid=ea850f47c7f0334a37803d054e22987d&eid=aec929b7c650316e9d46992c3ad4a2f2d27455c5fd8a328b47e3b2182ffc92dd
Protocol
H2
Server
35.226.42.89 -, , ASN (),
Reverse DNS
Software
nginx / Express
Resource Hash
d69cbc552cfe8de4931deb191dd349a881ff4448ed3251571e0bacd0257519b1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 01:53:09 GMT
strict-transport-security
max-age=31536000;
server
nginx
x-powered-by
Express
content-type
image/gif

Redirect headers

pragma
no-cache
date
Tue, 28 Nov 2023 01:53:09 GMT
server
awselb/2.0
content-type
image/gif
location
https://p.alcmpn.com/em/173/111/2361.gif?bid=6fb1efc025eb6ace05e6290bdbc20873962b48fc&gid=ea850f47c7f0334a37803d054e22987d&eid=aec929b7c650316e9d46992c3ad4a2f2d27455c5fd8a328b47e3b2182ffc92dd
cache-control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
content-length
43
expires
Fri, 20 Mar 2009 00:00:00 GMT
qmap
sync.crwdcntrl.net/ Frame E160 		49 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=C5B20BED-E183-402B-A22C-83D5EF22CB2C&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.88.134.208 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-88-134-208.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Nov 2023 01:53:09 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.40.10.32
content-length
49
expires
0
/
io.narrative.io/ Frame E160
Redirect Chain
  • https://io.narrative.io/?companyId=673&id=pubmatic_id:C5B20BED-E183-402B-A22C-83D5EF22CB2C
  • https://io.narrative.io/?io.narrative.guid.v2=e1682550-8d90-11ee-b479-0e71178f036d&companyId=673&id=pubmatic_id:C5B20BED-E183-402B-A22C-83D5EF22CB2C
0
247 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://io.narrative.io/?io.narrative.guid.v2=e1682550-8d90-11ee-b479-0e71178f036d&companyId=673&id=pubmatic_id:C5B20BED-E183-402B-A22C-83D5EF22CB2C
Protocol
HTTP/1.1
Server
54.152.66.88 -, , ASN (),
Reverse DNS
Software
nginx/1.22.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Tue, 28 Nov 2023 01:53:09 GMT
Cache-Control
no-cache
Server
nginx/1.22.1
Connection
keep-alive

Redirect headers

Location
https://io.narrative.io/?io.narrative.guid.v2=e1682550-8d90-11ee-b479-0e71178f036d&companyId=673&id=pubmatic_id:C5B20BED-E183-402B-A22C-83D5EF22CB2C
Date
Tue, 28 Nov 2023 01:53:09 GMT
Server
nginx/1.22.1
Connection
keep-alive
Content-Length
0
push-notifications.js
www.cbsnews.com/fly/bundles/cbsnewscore/js-build/ 		117 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.cbsnews.com/fly/bundles/cbsnewscore/js-build/push-notifications.js?v=5659e73acd91751548aa89950cf015b0
Requested by
Host: www.cbsnews.com
URL: https://www.cbsnews.com/fly/bundles/cbsnewscore/js-build/main.js?v=5659e73acd91751548aa89950cf015b0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.37.188 New York, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e3336d74e59575006a5ca2fd43d82078ae064b9badd1ee2decab5408c273440d
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://213.238.171.129.sslip.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 28 Nov 2023 01:53:09 GMT
via
1.1 varnish
age
903783
x-device
desktop
x-xss-protection
1; mode=block
content-length
40938
last-modified
Fri, 17 Nov 2023 13:16:00 GMT
x-edge-forwarded-proto
https
etag
W/"65576790-1d5ae"
vary
Accept-Encoding, X-Device, X-Edge-Forwarded-Proto
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=5184000s
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 16 Nov 2024 14:50:05 GMT
343641.m3u8
dai.google.com/linear/hls/pa/event/Sid4xiTQTkCT1SLu6rjUSQ/stream/256b38fd-8ed9-4188-8f15-081c15139a16:CBF2/variant/a2490d3c744cd6c7e5676ecfc6956ee9/bandwidth/ Frame 0C7C 		4 KB
405 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dai.google.com/linear/hls/pa/event/Sid4xiTQTkCT1SLu6rjUSQ/stream/256b38fd-8ed9-4188-8f15-081c15139a16:CBF2/variant/a2490d3c744cd6c7e5676ecfc6956ee9/bandwidth/343641.m3u8
Requested by
Host: www.cbsnews.com
URL: https://www.cbsnews.com/fly/bundles/cbsnewscore/js-build/polyfills/hls.min.js?v=5659e73acd91751548aa89950cf015b0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4008:805::200e Bradenton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
90e0bc30abe894653035a84fb54775977eb93778058d9096cab921d535fdcb19
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.cbsnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Nov 2023 01:53:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
content-type
application/x-mpegURL; charset=UTF-8
access-control-allow-origin
https://www.cbsnews.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-disposition
inline; filename="variant.m3u8"
access-control-allow-headers
Authorization
content-length
382
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 01 Jan 1990 00:00:00 GMT
/
sdk.iad-03.braze.com/api/v3/data/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://sdk.iad-03.braze.com/api/v3/data/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.208 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-braze-api-key,x-braze-datarequest,x-braze-triggersrequest,x-requested-with
Access-Control-Request-Method
POST
Origin
https://213.238.171.129.sslip.io
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-headers
content-type,x-braze-api-key,x-braze-datarequest,x-braze-triggersrequest,x-requested-with
access-control-allow-methods
POST, GET
access-control-allow-origin
*
access-control-expose-headers
access-control-max-age
7200
content-encoding
gzip
date
Tue, 28 Nov 2023 01:53:09 GMT
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-ewr18165-EWR
x-timer
S1701136389.243539,VS0,VE164
/
sdk.iad-03.braze.com/api/v3/data/ 		705 B
556 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sdk.iad-03.braze.com/api/v3/data/
Requested by
Host: www.cbsnews.com
URL: https://www.cbsnews.com/fly/bundles/cbsnewscore/js-build/push-notifications.js?v=5659e73acd91751548aa89950cf015b0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.208 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
004a92d8ab40f9ab44639fd1b1e6ad5ea831209fc76aad7d79695ad6aaa7f551
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

X-Braze-Api-Key
207348db-5664-4b4e-8370-4628847af485
X-Braze-TriggersRequest
true
X-Braze-DataRequest
true
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-type
application/json
Referer
https://213.238.171.129.sslip.io/
X-Requested-With
XMLHttpRequest

Response headers

date
Tue, 28 Nov 2023 01:53:09 GMT
content-encoding
gzip
via
1.1 varnish
strict-transport-security
max-age=31536000; includeSubDomains
x-cache
MISS
x-request-id
c70eb31f-5cd3-4baf-a092-e653695b1151
x-served-by
cache-ewr18165-EWR
x-runtime
0.143638
x-timer
S1701136389.428746,VS0,VE156
etag
W/"004a92d8ab40f9ab44639fd1b1e6ad5e"
access-control-max-age
7200
access-control-allow-methods
POST, GET
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
cache-control
max-age=0, private, must-revalidate
vary
Origin,Accept-Encoding
accept-ranges
bytes
x-cache-hits
0
/
247eda56317d1549491233a36.litix.io/ Frame 0C7C 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://247eda56317d1549491233a36.litix.io/
Requested by
Host: tealium.cbsnews.com
URL: https://tealium.cbsnews.com/site/prod/utag.js?v=202309221625
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.196.227.84 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-196-227-84.compute-1.amazonaws.com
Software
envoy /
Resource Hash

Request headers

Referer
https://www.cbsnews.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
*
date
Tue, 28 Nov 2023 01:53:09 GMT
x-envoy-upstream-service-time
0
server
envoy
content-length
0
access-control-allow-methods
POST, GET
343641.m3u8
dai.google.com/linear/hls/pa/event/Sid4xiTQTkCT1SLu6rjUSQ/stream/256b38fd-8ed9-4188-8f15-081c15139a16:CBF2/variant/a2490d3c744cd6c7e5676ecfc6956ee9/bandwidth/ Frame 0C7C 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
cbsnews4.cbsistatic.com
URL
http://cbsnews4.cbsistatic.com/fly/bundles/cbsnewscontent/fonts/PublicoHeadline-Bold/PublicoHeadline-Bold.woff2
Domain
api.rlcdn.com
URL
https://api.rlcdn.com/api/identity/envelope?pid=13294
Domain
ad.mrtnsvr.com
URL
https://ad.mrtnsvr.com/sync/pubmatic?gdpr=0&gdpr_consent=
Domain
dai.google.com
URL
https://dai.google.com/linear/hls/pa/event/Sid4xiTQTkCT1SLu6rjUSQ/stream/256b38fd-8ed9-4188-8f15-081c15139a16:CBF2/variant/a2490d3c744cd6c7e5676ecfc6956ee9/bandwidth/343641.m3u8

Verdicts & Comments Add Verdict or Comment

201 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| 21 object| 22 object| 23 object| 24 object| 25 object| 26 object| 27 object| 28 object| 29 object| 30 object| documentPictureInPicture object| CBSNEWS string| userAgent object| utag_data function| require function| requirejs function| define function| Intercom boolean| isSafari function| _createClass function| _classCallCheck object| idbKeyval object| cbsoptanon object| lazySizesConfig object| uuid object| webpackJsonpdisco-web object| regeneratorRuntime object| disco string| s_vid object| optimizely object| BidBarrel object| cbsiGptDivIds object| item object| submenu object| menuItem object| $tealium object| _taboola string| _cbsotstate object| googletag object| OneTrustStub object| ggeac object| google_tag_data object| google_js_reporting_queue undefined| google_measure_js_timing string| OnetrustActiveGroups string| OptanonActiveGroups object| dataLayer object| otStubData object| Optanon object| OneTrust function| __uspapi object| usPrivacyCookie object| gamoo object| otCcpaOptOut function| dnsfeed object| __otccpaooLocation object| adsbygoogle object| utag_err boolean| utag_condload boolean| firstpgvar object| vtg object| utag function| e object| s function| AppMeasurement_Module_AudienceManagement function| AppMeasurement function| s_gi function| s_pgicq function| AppMeasurement_Module_Integrate function| AppMeasurement_Module_ActivityMap function| _tealium_old_error function| utag_set_first_page_today number| OFFSET object| d number| LOCAL_OFFSET number| utc object| nd object| adobe function| Visitor object| s_c_il number| s_c_in function| DIL number| s_objectID number| s_giq object| om object| intercom object| DW function| mux object| ns_ string| f0 object| s_i_cbsicbsnewssite-dev object| pbjs object| adFlow function| FMS object| fmscw object| confiant object| headertag object| viacbs_at function| moatYieldReady function| setMoatPrebidData object| apstag object| publicaConfig object| _aps boolean| apstagLOADED object| apscustom undefined| ct undefined| et undefined| hourElapsed undefined| msg undefined| pixelDomain undefined| isDomless undefined| documentReferrer undefined| isBeta undefined| viewHash undefined| tagType undefined| pxSrc undefined| moat_px object| Moat#G26 object| MoatSuperV26 object| MoatNadoAllJsonpRequest_5867385 object| Moat#PML#26#1.2 boolean| Moat#EVA object| DOMlessLLDcallback_5867385 object| MoatDataJsonpRequest_5867385 function| __moatSlotTagLoadedcbsprebidheader506831276743 object| moatPrebidApi boolean| creativeVendorLibraryLoaded number| google_unique_id object| gaGlobal function| confiantDfpWrap object| GoogleGcLKhOms boolean| isPxlSent object| match object| bouncex number| infolinks_pid undefined| infolinks_wsid undefined| infolinks_advtq boolean| infolinks_iframe string| infolinks_basePath object| infolinks_slots boolean| infolinks_initFromFrame boolean| iceLoadStarted object| ampInaboxPositionObserver object| ampInaboxFrameOverlayManager object| BrandSafetyNadoscallback_5867385 string| keyName object| webpackChunksmart_tag function| _typeof function| _defineProperty function| reload_campaigns function| setBounceCookie function| getBounceCookie function| setBounceVisitCookie function| getBounceVisitCookie function| clearBounceCookie undefined| $ function| jQuery function| close_bouncex_ad object| google_image_requests function| setUpAgknTag number| _sf_startpt object| _sf_async_config string| ZN_77YCxjAq1e0122V_ed number| ZN_77YCxjAq1e0122V_sampleRate string| ZN_77YCxjAq1e0122V_url undefined| _ number| startTime number| duration object| _cb_shared function| admiral object| pSUPERFLY_mab object| _cbq object| pSUPERFLY object| pSUPERFLY_video object| _cbv_strategies object| _cbv number| _sf_endpt function| 4dm1r11545242527 object| _cbm object| trx

228 Cookies

Domain/Path Name / Value
.3lift.com/sync Name: sync
Value: CgoIoQEQleSEncExCgoIkQIQleSEncExCgoItAIQleSEncExCgoI5gEQleSEncExCgoIhwIQleSEncExCgoItwIQleSEncExCgkIOhCV5ISdwTEKCgiMAhCV5ISdwTEKCQhfEJXkhJ3BMQoJCB8QleSEncEx
213.238.171.129.sslip.io/ Name: fly_js_debug
Value: []
213.238.171.129.sslip.io/ Name: usprivacy
Value: 1YNN
.cbsnews.com/ Name: _awl
Value: 2.1701136375.5-72653f12d68ff7db55672fa6b769fdca-6763652d75732d6561737431-0
.sslip.io/ Name: first_page_today
Value: false
.sslip.io/ Name: prevPageType
Value: front_door
.sslip.io/ Name: prevPageName
Value: cbsnews:/
.sslip.io/ Name: utag_main
Value: v_id:018c13a129cb00b174a17eeda08803074002106c00b08$_sn:1$_se:1$_ss:1$_st:1701138178315$ses_id:1701136378315%3Bexp-session$_pn:1%3Bexp-session$vapi_domain:sslip.io
.demdex.net/ Name: demdex
Value: 34874868566750200013628261027188838197
.sslip.io/ Name: AMCVS_10D31225525FF5790A490D4D%40AdobeOrg
Value: 1
.sslip.io/ Name: s_vnum
Value: 1703728378532%26vn%3D1
.sslip.io/ Name: s_invisit
Value: true
.sslip.io/ Name: s_getNewRepeat
Value: 1701136378533-New
.sslip.io/ Name: s_lv_cbsnews
Value: 1701136378533
.sslip.io/ Name: s_lv_cbsnews_s
Value: First%20Visit
.sslip.io/ Name: AMCV_10D31225525FF5790A490D4D%40AdobeOrg
Value: 1075005958%7CMCIDTS%7C19690%7CMCMID%7C34726976660438081533606722353634462285%7CMCAAMLH-1701741178%7C7%7CMCAAMB-1701741178%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1701143578s%7CNONE%7CMCAID%7CNONE%7CvVersion%7C4.4.1
.sslip.io/ Name: s_cc
Value: true
213.238.171.129.sslip.io/ Name: OptanonAlertBoxClosed
Value: 0000-00-00T00:00:00.000Z
at.cbsi.com/ Name: _BB.abStr
Value: none
.eyeota.net/ Name: mako_uid
Value: 18c13a12cd3-1af0000010a5a7a
.eyeota.net/ Name: SERVERID
Value: 23162~DM
.ml314.com/ Name: pi
Value: 3640245160328036358
.yahoo.com/ Name: A3
Value: d=AQABBPtHZWUCEFvov_m9FR6OWzcvbAYeVDIFEgEBAQGZZmVvZdxH0iMA_eMAAA&S=AQAAAvsRNI_qd4ZU1gpW14br0Ys
.dpm.demdex.net/ Name: dpm
Value: 34874868566750200013628261027188838197
.doubleclick.net/ Name: IDE
Value: AHWqTUlZwbtb3OCCETQAgcNoH7sOPwTYg7atI-glBzhYAjS3y6PAbUU0Omq_s1QAijE
.adsrvr.org/ Name: TDID
Value: b3c3d956-bdf4-48cc-a145-56097a595da9
.liadm.com/ Name: lidid
Value: 5e3c1650-0cc0-46fb-be94-6490540e3d45
.demdex.net/ Name: dextp
Value: 477-1-1701136378614|771-1-1701136378723|22052-1-1701136378834|30064-1-1701136378941|30646-1-1701136379053|121998-1-1701136379220|796-1-1701136379352
.rkdms.com/ Name: sessionid
Value: h-4ba75c84c0994fb0abec2116c752291a_t-1701136379
.crwdcntrl.net/ Name: _cc_dc
Value: 0
.crwdcntrl.net/ Name: _cc_id
Value: 1d687e167c02500a890de9e89c7d0a13
213.238.171.129.sslip.io/ Name: _BB.bs
Value: b|1
213.238.171.129.sslip.io/ Name: _BB.d
Value: 1|||1
.sslip.io/ Name: _pubcid
Value: 1d52d2c4-845a-4f00-9b64-9499dbcd08a9
.sslip.io/ Name: _pubcid_cst
Value: zix7LPQsHA%3D%3D
.fwmrm.net/ Name: _uid
Value: umo0447_7306896879980195225
.gumgum.com/ Name: cs
Value: true
.teads.tv/ Name: tt_viewer
Value: d43c4484-8ab7-4bb7-a1b4-ae54835d617f
.teads.tv/ Name: receive-cookie-deprecation
Value: 1
.gumgum.com/ Name: vst
Value: u_209d8f3d-d0ff-4fa0-a9cc-79bb0a2860d9
.go.sonobi.com/ Name: __uis
Value: dc9e8aff-b3d2-44ac-afeb-70d1678e4f7e
.go.sonobi.com/ Name: _usd_213.238.171.129.sslip.io
Value: 50936196-5b37-4288-9af7-3f399c7bb899
.go.sonobi.com/ Name: HAPLB8G
Value: s86185|ZWVH/
.rubiconproject.com/ Name: khaos
Value: LPHOOFP5-1H-KTTM
.openx.net/ Name: receive-cookie-deprecation
Value: 1
.kargo.com/ Name: ktcid
Value: a7a112b5-bb30-089f-1064-fd287e97b48a
.3lift.com/ Name: tluid
Value: 1960977007445951021668
.getpublica.com/ Name: p_uid
Value: e219d0ab-f15d-4205-bd2a-5edb3f41f205
.adnxs.com/ Name: uuid2
Value: 3056755399233263756
.linkedin.com/ Name: li_sugr
Value: 1504e016-30f0-4f0a-9369-c4bb194b0203
.linkedin.com/ Name: bcookie
Value: "v=2&43511675-b847-4fde-81eb-bde1600b0442"
.linkedin.com/ Name: lidc
Value: "b=TGST04:s=T:r=T:a=T:p=T:g=3061:u=1:x=1:i=1701136380:t=1701222780:v=2:sig=AQFvEoexs8IBT6EGj9HP9IlbXLZaZosm"
.ads.stickyadstv.com/ Name: UID
Value: 66bc1e5a8fbde2ae9744746588b692b5
.ads.stickyadstv.com/ Name: uid-bp-37665
Value: e219d0ab-f15d-4205-bd2a-5edb3f41f205
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-6d7d368c-feeb-4b59-b1dc-1945c652496a-005%22%7D
.sslip.io/ Name: __gads
Value: ID=36e5352b947d23bb:T=1701136380:RT=1701136380:S=ALNI_MYRy98-DBaOIqQFPzjgme4htBUwoQ
.sslip.io/ Name: __gpi
Value: UID=00000ce14070e55f:T=1701136380:RT=1701136380:S=ALNI_MY8vzXVAcvbBr5bFB2R6L2qFxDm-A
.yieldmo.com/ Name: yieldmo_id
Value: 3FAkaVUEEkUN3KjKU0UN%7C1701129600000%7C0
213.238.171.129.sslip.io/ Name: logglytrackingsession
Value: 23864024-d8ae-4779-b434-fe87d424d173
.media.net/ Name: visitor-id
Value: 3441379825658219000V10
.media.net/ Name: data-pbs
Value: setstatuscode~~1
.doubleclick.net/ Name: DSID
Value: NO_DATA
.contextweb.com/ Name: V
Value: mG0tKx3rnDkV
bh.contextweb.com/ Name: INGRESSCOOKIE
Value: ef10f373733edf33
213.238.171.129.sslip.io/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.bounceexchange.com/ Name: bounceClientVisit4210c
Value: %7B%22vid%22%3A1701136382823253%2C%22did%22%3A%221105601963322787168%22%7D
.pubmatic.com/ Name: KADUSERCOOKIE
Value: C5B20BED-E183-402B-A22C-83D5EF22CB2C
.revcontent.com/ Name: rcuuid
Value: c05d7403-cd52-4123-ac38-2cc509907d34
.bidswitch.net/ Name: tuuid
Value: 23bd3352-e7fa-4d20-94b7-7e3199ca7991
.bidswitch.net/ Name: c
Value: 1701136382
.bidswitch.net/ Name: tuuid_lu
Value: 1701136382
.openx.net/ Name: i
Value: 17897edb-9b63-0bc5-1cc0-e1fd5b67e402|1701136383
.scorecardresearch.com/ Name: UID
Value: 1C2e7295a9c2f8123ae6ba31701136383
.ipredictive.com/ Name: cu
Value: cbfa431b-c3f4-455e-ae13-376871c80544|1701136383083
.simpli.fi/ Name: suid
Value: 3632AF9873274782B2743660ED8B6F3C
.pubmatic.com/ Name: KRTBCOOKIE_57
Value: 22776-3056755399233263756&KRTB&23339-3056755399233263756
.pubmatic.com/ Name: KRTBCOOKIE_377
Value: 6810-b3c3d956-bdf4-48cc-a145-56097a595da9&KRTB&22918-b3c3d956-bdf4-48cc-a145-56097a595da9&KRTB&22926-b3c3d956-bdf4-48cc-a145-56097a595da9&KRTB&23031-b3c3d956-bdf4-48cc-a145-56097a595da9
.zemanta.com/ Name: zuid
Value: W4l2hieW1Pe-3sxK-lnb
.openx.net/ Name: pd
Value: v2|1701136383|vMgavPkWgyiK
.tapad.com/ Name: TapAd_TS
Value: 1701136383080
.tapad.com/ Name: TapAd_DID
Value: 729b67a9-636b-43b1-a134-cfcfdcf9e9d7
.pubmatic.com/ Name: KRTBCOOKIE_279
Value: 22890-cbfa431b-c3f4-455e-ae13-376871c80544&KRTB&23011-cbfa431b-c3f4-455e-ae13-376871c80544&KRTB&23355-cbfa431b-c3f4-455e-ae13-376871c80544
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 22987-CAESEJliGf-ehooLfXpl0kxSe8Q&KRTB&23025-CAESEJliGf-ehooLfXpl0kxSe8Q&KRTB&23386-CAESEJliGf-ehooLfXpl0kxSe8Q
.pubmatic.com/ Name: KRTBCOOKIE_148
Value: 19421-uid:3632AF9873274782B2743660ED8B6F3C&KRTB&23486-uid:3632AF9873274782B2743660ED8B6F3C&KRTB&23489-uid:3632AF9873274782B2743660ED8B6F3C&KRTB&23539-uid:3632AF9873274782B2743660ED8B6F3C
.amazon-adsystem.com/ Name: ad-id
Value: Aw9ior8jlkWEuTwYcpggnlo
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.revcontent.com/ Name: adb_blk
Value: false
.revcontent.com/ Name: __ID
Value: 7c5bd0ea57c440a0a98a428399b79c88
.mfadsrvr.com/ Name: tuuid
Value: 2221df48-ba2a-4d32-9085-697f6bcb030f
.mfadsrvr.com/ Name: c
Value: 1701136383
.mfadsrvr.com/ Name: tuuid_lu
Value: 1701136383
.dotomi.com/ Name: DotomiTest
Value: 20cbfb7ac26f239f
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value: 1!7969
.openx.net/ Name: univ_id
Value: 537072971|b3c3d956-bdf4-48cc-a145-56097a595da9|1701136383257674
.mfadsrvr.com/ Name: ssh
Value: !revcontent,1701136383
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~ZWVH-wAC4Qn2aQBH
.pubmatic.com/ Name: KRTBCOOKIE_32
Value: 11175-AAACL5QUjZaaMgNztonrAAAAAAA&KRTB&22713-AAACL5QUjZaaMgNztonrAAAAAAA&KRTB&22715-AAACL5QUjZaaMgNztonrAAAAAAA&KRTB&23519-AAACL5QUjZaaMgNztonrAAAAAAA
213.238.171.129.sslip.io/ Name: _lr_retry_request
Value: true
213.238.171.129.sslip.io/ Name: _lr_env_src_ats
Value: false
.extremereach.io/ Name: userid_prod2
Value: 044f0aed82c2fdf79ee7b38812aa6008
.adsrvr.org/ Name: TDCPM
Value: CAESFgoHc3Z4OXQ1MBILCIyWj47Z77c8EAUSFwoIcHVibWF0aWMSCwjaw8Sj2e-3PBAFEhQKBXRhcGFkEgsIwq-zptnvtzwQBRIWCgdydWJpY29uEgsI9LnFq9nvtzwQBRgBIAIoAjILCK6lttPv77c8EAU4AVoFdGFwYWRgAg..
.fwmrm.net/ Name: _sid
Value: "o1c5a_7306325131021657686"
.adnxs.com/ Name: anj
Value: dTM7k!M4/0DunaTF']wIg2Il`wn3ew!]tdE8bhzs#DNA_<'.OaUcJNGVAZ6JaYkAFQ5E71[Q.r-XudA(cs>Z-]7af<T5sYTOvz6bLnhK1wW:ROJYcOYblK/9#tcrQQarta!)cU*A=(A%
.adnxs.com/ Name: uids
Value: eyJ0ZW1wVUlEcyI6eyJ0cmlwbGVsaWZ0X25hdGl2ZSI6eyJ1aWQiOiIxOTYwOTc3MDA3NDQ1OTUxMDIxNjY4IiwiZXhwaXJlcyI6IjIwMjQtMDItMjZUMDE6NTM6MDBaIn0sInJ1Ymljb24iOnsidWlkIjoiTFBIT09GUDUtMUgtS1RUTSIsImV4cGlyZXMiOiIyMDI0LTAyLTI2VDAxOjUzOjAzWiJ9fSwiYmlydGhkYXkiOiIyMDIzLTExLTI4VDAxOjUzOjAwWiJ9
.prebid.a-mo.net/ Name: _sv3_7
Value: 1
.a-mo.net/ Name: amuid2
Value: 37f13a53-d5a4-4a9a-9a95-4e487ec0895f
.prebid.a-mo.net/ Name: sd_amuid2
Value: 37f13a53-d5a4-4a9a-9a95-4e487ec0895f
.analytics.yahoo.com/ Name: IDSYNC
Value: "19cu~2fap:196d~2fap:18z8~2fap:18vk~2fap:19e0~2fap"
.connatix.com/ Name: cnx_userId
Value: bd21ab8a841047f3a811472bce37b81d
.bidr.io/ Name: bito
Value: AADX-E7KypAAABKsoCMXRw
.bidr.io/ Name: bitoIsSecure
Value: ok
.primis.tech/ Name: csuuid
Value: 65654800157f0
.rubiconproject.com/ Name: audit
Value: 1|mFVHqHkj5bGRcBxXp1LoeNNNw5weTFaNdOifzR7NK8t3P6ESP+XTHXfH0+JelHM0pubkcH5nLSInFZmqYfIGH7sYI8mNVVqiE/FYJ/AltTyHn93zGGfpN7cRAC0oDN0kbcd37CAxk7A=
.ssp.wknd.ai/ Name: rubiconUID
Value: LPHOOFP5-1H-KTTM
.sslip.io/ Name: cto_bundle
Value: cpT4A191cnptQjVSR0doMFQ4NWpZWE9FbTQ2bUF1YlpYZWVKaUlvR3FISFNJeEprQ05PNmxOSnpUTERZMUthc1pxcTFzeGRHT2xBMHglMkJDc1RHMGtzQ3dPT2dBdHVZeSUyRjFQNkR4Y0hrUUFDOEltQXJkc1FiTEw0Q0lRTlVlYk9IS2g1c00
.sslip.io/ Name: cto_bidid
Value: xXA4hV9JenFLNERLM0xHT0szSFJobXJRNnc3cVMlMkJycnliNnZBZUxNQjBSWnZud0FQd1QlMkZOWmdSMWNIWEcxMGR2VlJkb2FJSkhkTXllTzY0a3klMkZ2TzUwZzQwZyUzRCUzRA
.hb.yahoo.net/ Name: visitor-id
Value: 3441379845658299000V10
.hb.yahoo.net/ Name: data-mag
Value: LPHOOFP5-1H-KTTM~~63
.intentiq.com/ Name: IQver
Value: 1.9
.intentiq.com/ Name: intentIQ
Value: idYH9spGbC
.sslip.io/ Name: optimizelyEndUserId
Value: oeu1701136384401r0.8646180307040923
.sslip.io/ Name: _cb
Value: Clo2UE60BNZBeJbDD
.sslip.io/ Name: _chartbeat2
Value: .1701136384536.1701136384536.1.Dj3zK_D5H3VFDIirOJCVDBPPBapzh2.1
.sslip.io/ Name: _cb_svref
Value: null
.intentiq.com/ Name: IQPData
Value: 3460456582#1701136384535#0#1701136384535
.intentiq.com/ Name: intentIQCDate
Value: 1701136384567
.intentiq.com/ Name: IQMID
Value: 3460456582#1701136384612
.intentiq.com/ Name: CSDT
Value: UEQ6MTUxMDZfMCZUd3JpdUVt
.intentiq.com/ Name: ASDT
Value: 0
.213.238.171.129.sslip.io/ Name: _awl
Value: 6.1701136384.5-b2f3d6b2566ccc65f2c1b3f21d5bd2da-6763652d75732d6561737431-0
pbs.at.cbsi.com/ Name: uids
Value: eyJ1aWRzIjp7fSwidGVtcFVJRHMiOnsiZ3JvdXBtIjp7InVpZCI6IkM1QjIwQkVELUUxODMtNDAyQi1BMjJDLTgzRDVFRjIyQ0IyQyIsImV4cGlyZXMiOiIyMDIzLTEyLTEyVDAxOjUzOjA1Ljk4Mjk1NDYwMloifSwibWVkaWFuZXQiOnsidWlkIjoiMzQ0MTM3OTgyNTY1ODIxOTAwMFYxMCIsImV4cGlyZXMiOiIyMDIzLTEyLTEyVDAxOjUzOjAyLjI3NTkxNjk0OFoifSwicHVibWF0aWMiOnsidWlkIjoiQzVCMjBCRUQtRTE4My00MDJCLUEyMkMtODNENUVGMjJDQjJDIiwiZXhwaXJlcyI6IjIwMjMtMTItMTJUMDE6NTM6MDIuOTgzNDE1ODgxWiJ9LCJ0cmlwbGVsaWZ0Ijp7InVpZCI6IjE5NjA5NzcwMDc0NDU5NTEwMjE2NjgiLCJleHBpcmVzIjoiMjAyMy0xMi0xMlQwMTo1MzowMC43OTc3OTMyODlaIn0sInJ1Ymljb24iOnsidWlkIjoiTFBIT09GUDUtMUgtS1RUTSIsImV4cGlyZXMiOiIyMDIzLTEyLTEyVDAxOjUzOjAzLjY1OTQ2NjQzOVoifSwicHVsc2Vwb2ludCI6eyJ1aWQiOiJtRzB0S3gzcm5Ea1YiLCJleHBpcmVzIjoiMjAyMy0xMi0xMlQwMTo1MzowMi41MzkyMzU1NzhaIn0sIm9wZW54Ijp7InVpZCI6ImZkZmJjZTRkLThiN2ItMDdkYi0yZDlhLWU5MDBiZTFiMTU3MiIsImV4cGlyZXMiOiIyMDIzLTEyLTEyVDAxOjUzOjAzLjIwMDgwMDQzWiJ9LCJ5aWVsZG1vIjp7InVpZCI6IjNGQWthVlVFRWtVTjNLaktVMFVOIiwiZXhwaXJlcyI6IjIwMjMtMTItMTJUMDE6NTM6MDEuNTM5NTM5MDAyWiJ9fX0=
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 3
.pubmatic.com/ Name: pi
Value: 156512:4
.pubmatic.com/ Name: DPSync3
Value: 1701216000%3A255_248%7C1702339200%3A262_258_259_201_263_256_261_260%7C1701734400%3A265%7C1702166400%3A257
.pubmatic.com/ Name: SyncRTB3
Value: 1706313600%3A69%7C1703721600%3A224%7C1702425600%3A35%7C1702339200%3A81_22_46_233_240_249_178_264_214_99_238_243_166_21_7_220_250_3_5_176_196_56_96_165_104_13_54_234_55_48_71_231_8%7C1701734400%3A2_223_15_38%7C1701993600%3A63
.contextweb.com/ Name: pb_rtb_ev
Value: 3-1o8k|7dN.0.AADX-E7KypAAABKsoCMXRw
.mxptint.net/ Name: mxpim
Value: R33647_10CD5156D_C2BC8FA1.1.000000000000000065654802
.adgrx.com/ Name: ADGRX_UID
Value: df9238f6-8d90-11ee-a05a-06905cfe2b77
.rlcdn.com/ Name: rlas3
Value: ufFy/Up/TuMm0tsNnAO5oFRmqfxr3I22Xt/zDpNRLe0=
.rlcdn.com/ Name: pxrc
Value: CPuPlasGEgUI6AcQABIFCOhHEAcSBgjx6wEQAA==
.bfmio.com/ Name: __187_cid
Value: C5B20BED-E183-402B-A22C-83D5EF22CB2C
.bfmio.com/ Name: __io_cid
Value: 9a2415303555055fddde01c59b0623746eaf3e51
.adgrx.com/ Name: ADGRX_CM_PUBMATIC_BRIDGED
Value: 1
.pubmatic.com/ Name: KRTBCOOKIE_52
Value: 22772-R33647_10CD5156D_C2BC8FA1&KRTB&23092-R33647_10CD5156D_C2BC8FA1
.quantserve.com/ Name: d
Value: EK4BCwHEKvijAA
.quantserve.com/ Name: mc
Value: 65654802-12e7d-a6adc-2ec7c
.sitescout.com/ Name: ssi
Value: e7aec9d5-d48a-43eb-98ec-eba6db98bb60#1701136386087
.pubmatic.com/ Name: KRTBCOOKIE_945
Value: 19558-uid:W4l2hieW1Pe-3sxK-lnb
.adentifi.com/ Name: adtheorent[cuid]
Value: cuid_df933e44-8d90-11ee-8bb0-125edd13ad3d
.deepintent.com/ Name: CDIPARTNERS
Value: %7B%221%22%3A%2220231128%22%7D
.deepintent.com/ Name: CDIUSER
Value: di_28b6aadf11fe465084280
.pubmatic.com/ Name: KRTBCOOKIE_1003
Value: 22761-df9238f6-8d90-11ee-a05a-06905cfe2b77&KRTB&23275-df9238f6-8d90-11ee-a05a-06905cfe2b77
.pubmatic.com/ Name: KRTBCOOKIE_153
Value: 1923-59c70eXaPdb80z-C4dYg1-GDO9P8hz3StdZYLk-d&KRTB&19420-59c70eXaPdb80z-C4dYg1-GDO9P8hz3StdZYLk-d&KRTB&22979-59c70eXaPdb80z-C4dYg1-GDO9P8hz3StdZYLk-d&KRTB&23462-59c70eXaPdb80z-C4dYg1-GDO9P8hz3StdZYLk-d
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-861b6ec5-8aac-5b63-63af-250ef6806aa4.rAiohxMy1BtrFWoTSI4I7YRH%2FIUYPCGb582SbDj1Tdo
.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-861b6ec5-8aac-5b63-63af-250ef6806aa4.rAiohxMy1BtrFWoTSI4I7YRH%2FIUYPCGb582SbDj1Tdo
sync.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AhhtuxYqsW2NjryUO9oBqpM5CYIY.ejnQJqBZB8fAcIKss9KqvtVRW6gSKLjOBbThqxItaf4
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AhhtuxYqsW2NjryUO9oBqpM5CYIY.ejnQJqBZB8fAcIKss9KqvtVRW6gSKLjOBbThqxItaf4
sync.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKIGR12QIi50jfHApQOZN8uW4L01nrvvbHi6GnaYivDEVLEAEYAyCCkJWrBjABOgRyABfNQgS2LUP7.9mg7gB9qU9XIt%2BHarVrzH5pxYhohFfHwZsB5Kf1zVWA
.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKIGR12QIi50jfHApQOZN8uW4L01nrvvbHi6GnaYivDEVLEAEYAyCCkJWrBjABOgRyABfNQgS2LUP7.9mg7gB9qU9XIt%2BHarVrzH5pxYhohFfHwZsB5Kf1zVWA
.w55c.net/ Name: wfivefivec
Value: f9Ti3QeA1R7NhE5
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAA_-MSNjS3NDeysDA0sjAwNzQ1NTQyNBTiM9R1zfJxdTd3yzQKT80FACZGyMUlAAAA
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAA_-MSNjS3NDeysDA0sjAwNzQ1NTQyNBTiM9R1zfJxdTd3yzQKT80FACZGyMUlAAAA
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAA_9vEyGtobmBoaGxmbGFmaGEGADKzMh8QAAAA
.mathtag.com/ Name: uuid
Value: 0e2f6565-4802-4400-88b1-07b19da69a18
.pubmatic.com/ Name: KRTBCOOKIE_860
Value: 16335-hhtuxYqsW2NjryUO9oBqpM5CYIY&KRTB&23334-hhtuxYqsW2NjryUO9oBqpM5CYIY&KRTB&23417-hhtuxYqsW2NjryUO9oBqpM5CYIY&KRTB&23426-hhtuxYqsW2NjryUO9oBqpM5CYIY
.w55c.net/ Name: matchpubmatic
Value: 5
.acuityplatform.com/ Name: auid
Value: 857602416520
.acuityplatform.com/ Name: aum
Value: "OikKAfqbdXNlck1hdGNoQnlVc2VyTWF0Y2hpbmdJZE1hcPqANvqNdXNlck1hdGNoaW5nSWTMkWxhc3REcm9wVGltZU1pbGxpcyUBRgR0FESSmGxhc3RTdWNjZXNzZnVsTWF0Y2hNaWxsaXMlAUYEdBREko90aGlyZFBhcnR5VXNlcklkIfv7hnZlcnNpb27C+w=="
.adstanding.com/ Name: _adstanding_id
Value: b97de1766730b2aa23de4eb09dd810a9
.thrtle.com/ Name: mc
Value: eyJpZCI6IjE1MDBhNzQxLTRhZTAtNDIyNi1iZmQyLTZjYTAyMTc5OWZmMiIsImwiOjE3MDExMzYzODYyMDcsInQiOjF9
.ctnsnet.com/ Name: cid_f4f90506b8a84ec59649c8055c6837a3
Value: 1
.pubmatic.com/ Name: KRTBCOOKIE_18
Value: 22947-1797288128071551211
.pubmatic.com/ Name: KRTBCOOKIE_27
Value: 16735-uid:0e2f6565-4802-4400-88b1-07b19da69a18
.adform.net/ Name: C
Value: 1
.sitescout.com/ Name: _ssuma
Value: eyI0NSI6MTcwMTEzNjM4NjIwMH0
.adform.net/ Name: uid
Value: 6830002172029342515
.pubmatic.com/ Name: KRTBCOOKIE_188
Value: 3189-e7aec9d5-d48a-43eb-98ec-eba6db98bb60-65654802-5553&KRTB&23418-e7aec9d5-d48a-43eb-98ec-eba6db98bb60-65654802-5553
.pubmatic.com/ Name: KRTBCOOKIE_1278
Value: 23329-8b9b8f6c-c210-4107-bc4e-30b9bd3223d8&KRTB&23340-8b9b8f6c-c210-4107-bc4e-30b9bd3223d8&KRTB&23498-8b9b8f6c-c210-4107-bc4e-30b9bd3223d8
.pubmatic.com/ Name: KRTBCOOKIE_107
Value: 1471-uid:f9Ti3QeA1R7NhE5&KRTB&23421-uid:f9Ti3QeA1R7NhE5
.pubmatic.com/ Name: KRTBCOOKIE_469
Value: 8273-857602416520&KRTB&23428-857602416520
.pippio.com/ Name: did
Value: p7gloojxgNrCvjVJ
.pippio.com/ Name: didts
Value: 1701136386
.pippio.com/ Name: nnls
Value:
.pippio.com/ Name: pxrc
Value: CIKQlasGEgYIgr0rEAA=
.turn.com/ Name: uid
Value: 2635919596870554906
.pubmatic.com/ Name: KRTBCOOKIE_466
Value: 16530-23bd3352-e7fa-4d20-94b7-7e3199ca7991
.pubmatic.com/ Name: KRTBCOOKIE_391
Value: 22924-6830002172029342515&KRTB&23263-6830002172029342515&KRTB&23481-6830002172029342515
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-6d7d368c-feeb-4b59-b1dc-1945c652496a-005%22%2C%22nxtrdr%22%3Afalse%7D
.tribalfusion.com/ Name: ANON_ID
Value: aYnsAGyKalHobWm8ZbRyNKnmcjZaKRvysnr3Fs3ZaVH32mF5KPawF9rYbo7cGMZca0ZaNG43dq5YE6t9p0yJqdM7e
.pubmatic.com/ Name: KRTBCOOKIE_22
Value: 14911-2635919596870554906&KRTB&23150-2635919596870554906&KRTB&23527-2635919596870554906
beacon.lynx.cognitivlabs.com/ Name: UID
Value: 59ef6e2d-4d88-4264-b6cd-02b73c309661
beacon.lynx.cognitivlabs.com/ Name: ss
Value: pVeAMVc0WzI33NdOGKYXdOTCN9ifn1TGaNsbXFXj2GZkzMZN7kAg5F05U0i60CY%2B7cAm3nkCxaYwd0XZ4LckbA%3D%3D
.pubmatic.com/ Name: KRTBCOOKIE_594
Value: 17105-RX-6d7d368c-feeb-4b59-b1dc-1945c652496a-005&KRTB&17107-RX-6d7d368c-feeb-4b59-b1dc-1945c652496a-005
.nrich.ai/ Name: _nauid
Value: 696a9e81-e116-44fd-bcc5-1e5ae32870f9
.smartadserver.com/ Name: TestIfCookieP
Value: ok
.smartadserver.com/ Name: csync
Value: 127:AADX-E7KypAAABKsoCMXRw
.smartadserver.com/ Name: pid
Value: 5490910651018334647
.adx.opera.com/ Name: UID
Value: OPUb921b702034e445fae22937cc7b7fd4c
.pubmatic.com/ Name: KRTBCOOKIE_1323
Value: 23480-OPUb921b702034e445fae22937cc7b7fd4c&KRTB&23485-OPUb921b702034e445fae22937cc7b7fd4c&KRTB&23524-OPUb921b702034e445fae22937cc7b7fd4c
.csync.loopme.me/ Name: viewer_token
Value: 0fe21a01-13ec-47e8-ad8d-19c688df4a32
.adsby.bidtheatre.com/ Name: __kuid
Value: a6fb5414-ac15-4a40-861c-4402e80f71ac.470350386
.technoratimedia.com/ Name: tads_uidp_37
Value: 5258bf1d-1fc6-3c5c-a570-f083cd67786b
.technoratimedia.com/ Name: tads_uidp_44
Value: LPHNCITX-25-JGIC
.technoratimedia.com/ Name: tads_uidp_46
Value: 1564661398012761033
.technoratimedia.com/ Name: tads_uidp_49
Value: AAAMp77iK3wdIwMO1kCJAAAAAAA
.technoratimedia.com/ Name: tads_uidp_50
Value: 03fc58df-a7bf-4208-b2cb-31a85c987684
.technoratimedia.com/ Name: tads_uidp_61
Value: 212359922593950
.technoratimedia.com/ Name: tads_uidp_62
Value: 3441357445658220000V10
.technoratimedia.com/ Name: tads_uidp_64
Value: vvhkJrIzxwnji92aCysTXQiFRmVooL_4
.technoratimedia.com/ Name: tads_uidp_7
Value: 0265a769-2fc0-443b-9354-c63be0636896
.technoratimedia.com/ Name: tads_uidp_73
Value: AADX-E7KypAAABKsoCMXRw
.technoratimedia.com/ Name: tads_uidp_76
Value: RX-0495c7b9-44c9-41a1-a995-28d1a3268f03-005
.technoratimedia.com/ Name: tads_uidp_77
Value: PofEstCj9VKEGWd1K4T_6V9ye8zBy9DMf496X09bdGM
.technoratimedia.com/ Name: tads_uidp_79
Value: b34db21f-5e48-41a3-9a31-fba91f8bde33
.technoratimedia.com/ Name: tads_uidp_80
Value: y-jfp4_e9E2uFD4nCaG26XhG97xOxa1cma~A
.technoratimedia.com/ Name: tads_uidp_82
Value: ZWU-QDcZq0w0bPj9v4xYOAAA&1289
.technoratimedia.com/ Name: tads_uidp_88
Value: 1039810606060072404898
.technoratimedia.com/ Name: tads_uid
Value: AFD9D5A127AE4C3783E68AF7693006E4
.technoratimedia.com/ Name: tads_uid_cd
Value: 20231127165047+0000
.technoratimedia.com/ Name: tads_zora
Value: 2
.pubmatic.com/ Name: KRTBCOOKIE_699
Value: 22727-AADX-E7KypAAABKsoCMXRw
.owneriq.net/ Name: p2
Value: pmc
.owneriq.net/ Name: si
Value: Q7544227861187578966P
.owneriq.net/ Name: pmc
Value: 1
.c.appier.net/ Name: _auid
Value: KddlgywiDrGjqcCcAkhlZQ
.pubmatic.com/ Name: KRTBCOOKIE_904
Value: 16787-KddlgywiDrGjqcCcAkhlZQ
.pubmatic.com/ Name: PugT
Value: 1701103635
.pubmatic.com/ Name: SPugT
Value: 1701136387

7 Console Messages

Source Level URL
Text
other warning URL: https://213.238.171.129.sslip.io/(Line 5131)
Message:
<link rel=preload> has an invalid `href` value
network error URL: https://us01.z.antigena.com/l/FZt5psomz79DGe~O1V5PkX7S8-NVJIdw0INR-k~Duu9c36GyIDyElf4y8fa2~-9InNSq4BCadyu-8tQSiIkaVleT~Yh8GI4ocNSeo4~API4DJEsYNIMg2sPMMXvjcckTUFy53ZYw3gzv35jSAchydRkSr2XFgqe-kzzlKTlv1VT7-TlAc0PcX7nFzbKlHypwbpU3AWUAJgUx%20C5B20BED-E183-402B-A22C-83D5EF22CB2C&rnd=RND
Message:
Failed to load resource: the server responded with a status of 403 ()
security error URL: https://213.238.171.129.sslip.io/
Message:
Mixed Content: The page at 'https://213.238.171.129.sslip.io/' was loaded over HTTPS, but requested an insecure font 'http://cbsnews4.cbsistatic.com/fly/bundles/cbsnewscontent/fonts/PublicoHeadline-Bold/PublicoHeadline-Bold.woff2'. This request has been blocked; the content must be served over HTTPS.
javascript error URL: https://213.238.171.129.sslip.io/
Message:
Access to fetch at 'https://api.rlcdn.com/api/identity/envelope?pid=13294' from origin 'https://213.238.171.129.sslip.io' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
network error URL: https://api.rlcdn.com/api/identity/envelope?pid=13294
Message:
Failed to load resource: net::ERR_FAILED
javascript warning URL: https://www.cbsnews.com/embed/video/?v=5659e73acd91751548aa89950cf015b01701135726&usprivacy=null#tVhrU%2BM6Ev0rlKsmH7Yw8fvBVGo2JGGWvVzIJTC1VYRyyZbsaPBrJTshMPnv25LtxIGZuvvh3nkgudVqqVut00e8KaiuijJFW%2BW8YjU5VSifFGmKSk7DlCjnMUo5SDFZ0wg%2BocOfYYJyqqwpJoVy%2FqbQimRcOX98U6ptKXRSuiagQDH0LdMydCdy1NjWXNVyIqKGOo5U5DhGjC1d800DdLPy5Y7EV2KGn20W1et%2Fq%2F%2F8tqVhQJLXxcN8vrKmKb5Bs%2B%2F%2FFtoFownNZ5hWtMhhSs1ByNM6gX4U8pxshKCilfBAmVwsTm5AdHLd7AuTZ5BCJ67T9FdKEcqLnEYovf%2BFQkUzwiuUlcq5bumO73qa%2FAP2a4aajan64esahSQFO%2B30tPnMYQsQqQwlhItYchGBVVWV%2FHw5XA4R56TixlnrFKxX0egsKrLlcFWHyyFdDtlyaGiGuRzq%2BnKoOcuhpbuu7hJNJY5HVAtFSPWRRVTTtkzX8TQnjuLlsFrVWZgjmi6HjqW9mI62HMZGjOzIRp5hWFZsW9gJiWmHBiFmqJMQLYfPZItYpbbbUXnFCMpU3Te0F13ztLPvZfJlPbId2yeuiSLs666t25aHkOf7thbFmm6HGri%2F%2Bpmf%2Bt%2Frp2542otrgKO%2BFfvYDH3TisMIebEbEssMPTcyQ830hMZf5OjuVCkZXB2yeWDpkcfCslpz6XFjvXO%2Bcbuoq%2BVwDa7acB6O5REv1k2LeAayXC32TGw7BiYkgkPJEK8IC3T9LDNr73Aze6thRM%2BSokhS0lhPaU4QRHSV8uWQrEkOiy0otl7o%2FR%2F3z5N7fXFdO%2Bz7w%2BKPzvyRbePvdaVbKy5YhipYC5VlCndRXKPl8EXNSpI83F2DRv0uqpvN5nhtAUXLoQAjfpWVhbC%2BxzSAMRpJABPJqCFk2WboqrbtmaoVOqHqWThUHQIHaht65GveEcqoMjNarFtRwhCLVgCjj2LwpMWgrnsi9Z4gHRCDaN%2BLpW9Q1geWvpWLbTP42B%2B9bk2gNG1XUQ%2Br9HbzBFlHSsoLDBYAgThBXMKkLvZPkgw20AzUJWQn5%2FuIgOVxFIHkIi2i5z068QdO2KIOecRoSPBenZdFzgvW6a3Iy3hKYlSn4sy0U%2FirSOnFQWr6p5Z9avswgLCIfbwRPyE%2Fgw2tVoH4%2FOvz9gsAbLwJIk7x6O3Q331u%2BuukFgOy2Q0aGX8dvYmyCBeL01fSiWGDAeVBiiowJNvdoOZByegaRVuY0nT66j8dBsdUVFbFyISS0VMG3Ak2BcO826dM0t3gLc7ADGIo47vPooatmVCHeDwfBcyNNdc9W5%2FFm4xlZzmB%2BCC8HCaAfl8%2BuD9APN%2BMbEMzdX0QITEqfu4GcYqS0SfjAmVRCA3JIgYNrhiGhqdVKRs5BrRANHGI5Ng2j6DJazkBkYoOMlKxkQ7IPTisVbIibvufzPFXecDT8dVkMb4Kbopv8%2FHVdFCuWT56vBvfTG9%2FfxpAmpajdYZKXawJJ2sNeG%2Fz67Kn%2FFlEhgMrgYAlZPQG6BEIr4Q4pwRSNw8a2WiuTbSJ6Y6nqqFNLNWaXbrq%2BNKw1YvZxeRCd6aXnj0bHOfHh8xYAayM5BGAM5%2BMS%2Fj3DocGpWBGME00zUZ6B90ecUOxRm9NuxvAGpVAwNGGhIOf5d0vkyuha4jG19vbr9ez4OpmcX83G%2F8efLuazm6Dm9ubyezpQz41XQmG%2B%2FyAxOpni3Kq9K6LGGwCspfzVyHsh2Y%2FdNi%2BNNo4IPB7v305tXXgaNovVborJFAFLtHRpH10Dz40UZYVuQ1sj83uQFwxFD3TPBFBgDPjUcGI7EO1gwVszXMAaa0GsW%2FakxXg67Ss7v6bKkY6gpjzgFdBIiC%2BhWmQoDJAAopvlsPxXqdkrdG9JBJxWke6uZfw6t3CYstJQ8Cjos4rRgWDfIT6EKbgSErFDAHMO4Hgl9CZdTWhhe%2B45lBQ7%2BocF5v8CEViQjCX5Oe4mhpnUMVZM2E5%2FEIaAj4S21IfFgNIoionbCSJANy%2F5pDGgttJZv9zpBbsv36Zs6IkrNr%2BRsQ5G5ZLMLIdU3cx0Crf8nXDNJHpKDtwECAFSbIMR1aRZCv6IFsVuOEKJMcyPG2tjgmqakawGgkqDvXrtHuogFNQwkQ5PLwWRGUqKXSAswiuA4RjBRUngkcRiRoGsp8mInVsG7jGu1SifJYjeErhtgBDjGiUEhkQ4mmu5Rue6gGTVS3iO6pvYVONbBcigH0jjuzDlHkdTmENER5N91TNU3XrRHfPNe1cNw5q3YNlTz3UkxBImdiP%2FD49MSwoFJKRnDR8rRs6GZzAbQBhIbPpYLILV16B10HrtNI9C9vhw9OQ8ilZi31KZEk6hZiBgQAXQBngcCBB3r%2FgQPQvKhjaY6MrVZ%2BagUUT%2Fc5Mz0prXZQI4CPCK0BMpeV3Ms56CMQT%2Fquu7WFV14mh%2Blg3VA3iGBMPaZp8lFQ9VtZfpAb60y4iXoXi9UYzKi6k1W7hVj5IOz9ChnI8b1FGbqC9RU1VOsRp%2F8ico2olU64vfP9k%2BEBuFcnYJJfkH2NG4LgwYtv9%2BAfhFW7F4oxav6XVYH4QtCuey4Eu3NPu1wHHQf%2Fx48fBOaE7ZwC%2BbHvXVBMwRbsXXgMPMPgMJCFPJmlR41uWNMelTU3dMIB125eXtutrY8vXptb0n2NchBDrRETpHUIrLUQrLUb3AtVh9D8EGv4ZMMP1Rseg27e0a9w6Dk3r60Ria%2F%2F3DwSltM7EDkkurgPQHgE%2Bgv3QtKcrg7ETuIYpmhdcXoo24UgWSsQSR%2FT%2FJITErD9VbJ9Fu93%2FAA%3D%3D
Message:
The resource https://imasdk.googleapis.com/js/sdkloader/ima3.js was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript warning URL: https://www.cbsnews.com/embed/video/?v=5659e73acd91751548aa89950cf015b01701135726&usprivacy=null#tVhrU%2BM6Ev0rlKsmH7Yw8fvBVGo2JGGWvVzIJTC1VYRyyZbsaPBrJTshMPnv25LtxIGZuvvh3nkgudVqqVut00e8KaiuijJFW%2BW8YjU5VSifFGmKSk7DlCjnMUo5SDFZ0wg%2BocOfYYJyqqwpJoVy%2FqbQimRcOX98U6ptKXRSuiagQDH0LdMydCdy1NjWXNVyIqKGOo5U5DhGjC1d800DdLPy5Y7EV2KGn20W1et%2Fq%2F%2F8tqVhQJLXxcN8vrKmKb5Bs%2B%2F%2FFtoFownNZ5hWtMhhSs1ByNM6gX4U8pxshKCilfBAmVwsTm5AdHLd7AuTZ5BCJ67T9FdKEcqLnEYovf%2BFQkUzwiuUlcq5bumO73qa%2FAP2a4aajan64esahSQFO%2B30tPnMYQsQqQwlhItYchGBVVWV%2FHw5XA4R56TixlnrFKxX0egsKrLlcFWHyyFdDtlyaGiGuRzq%2BnKoOcuhpbuu7hJNJY5HVAtFSPWRRVTTtkzX8TQnjuLlsFrVWZgjmi6HjqW9mI62HMZGjOzIRp5hWFZsW9gJiWmHBiFmqJMQLYfPZItYpbbbUXnFCMpU3Te0F13ztLPvZfJlPbId2yeuiSLs666t25aHkOf7thbFmm6HGri%2F%2Bpmf%2Bt%2Frp2542otrgKO%2BFfvYDH3TisMIebEbEssMPTcyQ830hMZf5OjuVCkZXB2yeWDpkcfCslpz6XFjvXO%2Bcbuoq%2BVwDa7acB6O5REv1k2LeAayXC32TGw7BiYkgkPJEK8IC3T9LDNr73Aze6thRM%2BSokhS0lhPaU4QRHSV8uWQrEkOiy0otl7o%2FR%2F3z5N7fXFdO%2Bz7w%2BKPzvyRbePvdaVbKy5YhipYC5VlCndRXKPl8EXNSpI83F2DRv0uqpvN5nhtAUXLoQAjfpWVhbC%2BxzSAMRpJABPJqCFk2WboqrbtmaoVOqHqWThUHQIHaht65GveEcqoMjNarFtRwhCLVgCjj2LwpMWgrnsi9Z4gHRCDaN%2BLpW9Q1geWvpWLbTP42B%2B9bk2gNG1XUQ%2Br9HbzBFlHSsoLDBYAgThBXMKkLvZPkgw20AzUJWQn5%2FuIgOVxFIHkIi2i5z068QdO2KIOecRoSPBenZdFzgvW6a3Iy3hKYlSn4sy0U%2FirSOnFQWr6p5Z9avswgLCIfbwRPyE%2Fgw2tVoH4%2FOvz9gsAbLwJIk7x6O3Q331u%2BuukFgOy2Q0aGX8dvYmyCBeL01fSiWGDAeVBiiowJNvdoOZByegaRVuY0nT66j8dBsdUVFbFyISS0VMG3Ak2BcO826dM0t3gLc7ADGIo47vPooatmVCHeDwfBcyNNdc9W5%2FFm4xlZzmB%2BCC8HCaAfl8%2BuD9APN%2BMbEMzdX0QITEqfu4GcYqS0SfjAmVRCA3JIgYNrhiGhqdVKRs5BrRANHGI5Ng2j6DJazkBkYoOMlKxkQ7IPTisVbIibvufzPFXecDT8dVkMb4Kbopv8%2FHVdFCuWT56vBvfTG9%2FfxpAmpajdYZKXawJJ2sNeG%2Fz67Kn%2FFlEhgMrgYAlZPQG6BEIr4Q4pwRSNw8a2WiuTbSJ6Y6nqqFNLNWaXbrq%2BNKw1YvZxeRCd6aXnj0bHOfHh8xYAayM5BGAM5%2BMS%2Fj3DocGpWBGME00zUZ6B90ecUOxRm9NuxvAGpVAwNGGhIOf5d0vkyuha4jG19vbr9ez4OpmcX83G%2F8efLuazm6Dm9ubyezpQz41XQmG%2B%2FyAxOpni3Kq9K6LGGwCspfzVyHsh2Y%2FdNi%2BNNo4IPB7v305tXXgaNovVborJFAFLtHRpH10Dz40UZYVuQ1sj83uQFwxFD3TPBFBgDPjUcGI7EO1gwVszXMAaa0GsW%2FakxXg67Ss7v6bKkY6gpjzgFdBIiC%2BhWmQoDJAAopvlsPxXqdkrdG9JBJxWke6uZfw6t3CYstJQ8Cjos4rRgWDfIT6EKbgSErFDAHMO4Hgl9CZdTWhhe%2B45lBQ7%2BocF5v8CEViQjCX5Oe4mhpnUMVZM2E5%2FEIaAj4S21IfFgNIoionbCSJANy%2F5pDGgttJZv9zpBbsv36Zs6IkrNr%2BRsQ5G5ZLMLIdU3cx0Crf8nXDNJHpKDtwECAFSbIMR1aRZCv6IFsVuOEKJMcyPG2tjgmqakawGgkqDvXrtHuogFNQwkQ5PLwWRGUqKXSAswiuA4RjBRUngkcRiRoGsp8mInVsG7jGu1SifJYjeErhtgBDjGiUEhkQ4mmu5Rue6gGTVS3iO6pvYVONbBcigH0jjuzDlHkdTmENER5N91TNU3XrRHfPNe1cNw5q3YNlTz3UkxBImdiP%2FD49MSwoFJKRnDR8rRs6GZzAbQBhIbPpYLILV16B10HrtNI9C9vhw9OQ8ilZi31KZEk6hZiBgQAXQBngcCBB3r%2FgQPQvKhjaY6MrVZ%2BagUUT%2Fc5Mz0prXZQI4CPCK0BMpeV3Ms56CMQT%2Fquu7WFV14mh%2Blg3VA3iGBMPaZp8lFQ9VtZfpAb60y4iXoXi9UYzKi6k1W7hVj5IOz9ChnI8b1FGbqC9RU1VOsRp%2F8ico2olU64vfP9k%2BEBuFcnYJJfkH2NG4LgwYtv9%2BAfhFW7F4oxav6XVYH4QtCuey4Eu3NPu1wHHQf%2Fx48fBOaE7ZwC%2BbHvXVBMwRbsXXgMPMPgMJCFPJmlR41uWNMelTU3dMIB125eXtutrY8vXptb0n2NchBDrRETpHUIrLUQrLUb3AtVh9D8EGv4ZMMP1Rseg27e0a9w6Dk3r60Ria%2F%2F3DwSltM7EDkkurgPQHgE%2Bgv3QtKcrg7ETuIYpmhdcXoo24UgWSsQSR%2FT%2FJITErD9VbJ9Fu93%2FAA%3D%3D
Message:
The resource https://imasdk.googleapis.com/js/sdkloader/ima3_dai.js was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

194b924f7110d37d1d41f6d5fbfd923d.safeframe.googlesyndication.com
213.238.171.129.sslip.io
247eda56317d1549491233a36.litix.io
7f077.v.fwmrm.net
a.teads.tv
a.tribalfusion.com
a2628570003.cdn.optimizely.com
aax-eu.amazon-adsystem.com
aax.amazon-adsystem.com
ad.mrtnsvr.com
ad.turn.com
ads.pubmatic.com
ads.stickyadstv.com
ads.yieldmo.com
apex.go.sonobi.com
api.bounceexchange.com
api.rlcdn.com
assets.bounceexchange.com
assets.revcontent.com
assets1.cbsnewsstatic.com
assets2.cbsnewsstatic.com
assets3.cbsnewsstatic.com
at.cbsi.com
b1sync.zemanta.com
bcp.crwdcntrl.net
beacon.lynx.cognitivlabs.com
beacons-ipv4.extremereach.io
beacons.extremereach.io
bh.contextweb.com
bpi.rtactivate.com
c.amazon-adsystem.com
c1.adform.net
c2shb.pubgw.yahoo.com
capi.connatix.com
cbsdfp5832910442.s.moatpixel.com
cbsi.demdex.net
cbsnews.hb-api.omtrdc.net
cbsnews4.cbsistatic.com
cdn-magiclinks.trackonomics.net
cdn.ampproject.org
cdn.confiant-integrations.net
cdn.cookielaw.org
cdn.optimizely.com
cdn.privacy.paramount.com
cm.adgrx.com
cm.g.doubleclick.net
cms.analytics.yahoo.com
cms.quantserve.com
config.aps.amazon-adsystem.com
contextual-analytics.wunderkind.co
core.iprom.net
crb.kargo.com
csi.gstatic.com
csync.loopme.me
dai.google.com
dis.criteo.com
disco.headliner.link
dmp.v.fwmrm.net
doppler-config.cbsivideo.com
dpm.demdex.net
dsp.nrich.ai
eb2.3lift.com
eus.rubiconproject.com
events.bouncex.net
fastlane.rubiconproject.com
feeds-cbsn.cbsnews.com
fms.viacomcbs.digital
fonts.googleapis.com
fonts.gstatic.com
g2.gumgum.com
general-ipv4.telemetry.tataritv.com
general-ipv6.telemetry.tataritv.com
geolocation.onetrust.com
gocm.c.appier.net
googleads.g.doubleclick.net
grid.bidswitch.net
gum.criteo.com
hb.yahoo.net
hbopenbid.pubmatic.com
hbx.media.net
he.lijit.com
htlb.casalemedia.com
i.liadm.com
ib.adnxs.com
id.sv.rkdms.com
idsync.rlcdn.com
idx.liadm.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
images.revcontent.com
imasdk.googleapis.com
img.revcontent.com
io.narrative.io
ipac.ctnsnet.com
krk2.kargo.com
live.primis.tech
logx.optimizely.com
mab.chartbeat.com
match.adsby.bidtheatre.com
match.adsrvr.org
match.deepintent.com
match.prod.bidr.io
matching.truffle.bid
mb.moatads.com
ml314.com
mug.criteo.com
p.alcmpn.com
p.rfihub.com
pagead2.googlesyndication.com
pbs.at.cbsi.com
ping.chartbeat.net
pippio.com
pixel-sync.sitescout.com
pixel-us-east.rubiconproject.com
pixel.rubiconproject.com
pixel.tapad.com
pm.w55c.net
pmp.mxptint.net
pr-bh.ybp.yahoo.com
prebid.a-mo.net
production-cmp.isgprivacy.cbsi.com
protected-by.clarium.io
ps.eyeota.net
pubads.g.doubleclick.net
pubmatic-match.dotomi.com
px.ads.linkedin.com
px.moatads.com
px.owneriq.net
r.bidswitch.net
r1---sn-8xgp1vo-2pul.googlevideo.com
r3---sn-vgqsrn66.googlevideo.com
resources.infolinks.com
router.infolinks.com
rtb-csync.smartadserver.com
rtb.adentifi.com
rtb.adstanding.com
rtb.mfadsrvr.com
rtb.openx.net
s.amazon-adsystem.com
s.tribalfusion.com
saa.cbsnews.com
sb.scorecardresearch.com
sdk.iad-03.braze.com
secure-assets.rubiconproject.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
simage4.pubmatic.com
ssp.wknd.ai
static.adsafeprotected.com
static.chartbeat.com
sync-tm.everesttech.net
sync.1rx.io
sync.bfmio.com
sync.crwdcntrl.net
sync.getpublica.com
sync.intentiq.com
sync.ipredictive.com
sync.mathtag.com
sync.srv.stackadapt.com
sync.targeting.unrulymedia.com
sync.technoratimedia.com
sync1.intentiq.com
synchroscript.deliveryengine.adswizz.com
t.adx.opera.com
tag.bounceexchange.com
tealium.cbsnews.com
thrtle.com
token.rubiconproject.com
tpc.googlesyndication.com
track2.adpredictive.com
trends.revcontent.com
trx-hub.com
tvp.tv
u.openx.net
um.simpli.fi
ums.acuityplatform.com
uninterestedquarter.com
ups.analytics.yahoo.com
us-u.openx.net
us01.z.antigena.com
usersync.getpublica.com
wellgroomedhydrant.com
www.cbsnews.com
www.google.com
www.googletagservices.com
x.bidswitch.net
yeet.revcontent.com
z.moatads.com
ad.mrtnsvr.com
api.rlcdn.com
cbsnews4.cbsistatic.com
dai.google.com
104.110.250.70
104.18.41.104
104.36.115.111
104.77.153.27
107.178.254.65
107.23.110.3
108.138.85.112
108.139.47.20
129.80.46.219
13.225.214.129
13.225.63.110
13.35.93.31
142.250.64.226
146.75.29.188
147.28.129.37
151.101.129.188
151.101.129.208
151.101.66.49
162.248.18.34
162.55.120.196
172.104.121.22
172.64.151.101
172.66.42.247
173.231.178.81
18.161.34.34
18.164.107.227
18.164.124.99
18.173.132.10
18.173.219.51
18.233.185.233
18.238.40.125
184.24.207.174
184.72.178.21
184.73.244.76
184.87.37.119
185.167.164.43
188.166.17.21
195.5.165.20
198.148.27.131
199.127.204.171
199.232.37.188
199.38.167.130
2.18.109.123
2.22.36.24
207.198.113.88
213.238.171.129
23.195.93.95
23.48.190.245
23.51.53.13
23.51.54.26
23.83.76.89
2600:141b:1c00:49e::13b8
2600:141b:9000::b857:ad50
2600:1901:0:809c::1
2600:1901:0:9ed6::1
2600:1f16:e61:3f00:93d2:52b:cea6:7db8
2600:1f16:e61:3f01:a4e3:c039:b71b:e458
2600:1f18:4e9:5a07:afa7:1461:468e:7e6f
2600:1f18:66e7:fb11:7ec0:2f52:a755:95b0
2600:803:1504:1::c
2600:9000:20ee:4000:1b:6b7d:2300:93a1
2600:9000:21da:ea00:1f:439:80c0:93a1
2600:9000:21ea:1200:1d:8c8c:47c0:93a1
2600:9000:23cb:2600:4:daa7:500:93a1
2600:9000:247b:6c00:8:48e:53c0:93a1
2600:9000:24f1:d600:18:1fcd:353:c61
2600:9000:266a:8000:1a:5235:f980:93a1
2602:803:c002:200::52
2603:c020:400d:3000:f50:982a:7877:65bd
2606:4700:4400::ac40:90a6
2606:4700:4400::ac40:9b77
2606:4700::6812:18ad
2606:4700::6812:83ec
2606:ae80:1471:11::410
2607:f8b0:4006:809::2001
2607:f8b0:4006:809::2002
2607:f8b0:4006:81c::200a
2607:f8b0:4006:81e::2002
2607:f8b0:4006:821::2002
2607:f8b0:4008:800::2001
2607:f8b0:4008:805::2001
2607:f8b0:4008:805::2004
2607:f8b0:4008:805::200e
2607:f8b0:4008:806::2003
2607:f8b0:4008:809::200a
2607:f8b0:4008:80a::2002
2607:f8b0:4008:80b::2002
2607:f8b0:4009:2e::8
2607:f8b0:402a:80b::2003
2620:100:a001::c
2620:112:f002:bbbb::21
2620:116:800b:21:1456:d0e1:7db4:a56b
2620:1ec:21::14
2a04:4e42:46::444
2a04:4e42::714
3.137.65.67
3.19.248.185
3.229.24.114
3.232.64.79
3.234.94.35
3.248.28.79
3.92.156.8
3.94.12.39
34.111.113.62
34.111.8.32
34.117.4.53
34.117.77.79
34.120.155.137
34.120.253.250
34.200.65.202
34.202.199.100
34.226.253.81
34.98.64.218
34.98.72.95
35.169.162.91
35.169.174.253
35.186.193.173
35.186.253.211
35.207.24.140
35.211.118.13
35.211.178.172
35.211.178.18
35.214.235.117
35.226.42.89
35.236.220.17
35.244.154.8
35.71.131.137
38.98.69.175
40.76.134.238
51.255.68.171
52.2.217.2
52.206.205.175
52.22.32.84
52.223.22.214
52.3.119.146
52.45.224.4
52.46.143.56
52.54.71.185
52.70.29.196
52.71.244.43
52.95.115.255
54.146.202.96
54.152.66.88
54.159.136.91
54.165.74.222
54.196.227.84
54.237.38.140
54.243.45.130
54.85.148.229
54.88.134.208
63.140.38.128
63.140.38.165
63.251.28.134
64.74.236.63
68.67.160.114
69.166.1.64
69.173.151.100
69.90.254.78
74.119.119.139
74.119.119.150
74.121.140.211
8.18.47.7
8.28.7.81
8.28.7.83
82.145.213.8
004a92d8ab40f9ab44639fd1b1e6ad5ea831209fc76aad7d79695ad6aaa7f551
02354ab81dd4d561793d8047f145e2dba45d02f0d1f965e4922bf1af968a9fa0
02758176b038743144fd402dde05d0b0e669f2a2daaff68f17b9ac0fa64ffb2b
03d3aafe5741f37b3d94080b21f6ef11253cbce34ea6750ade405f3195a6bc4b
041e427d7ea306384af6e1e8c2fc570c617b9bde92a42f58eaf9dc1c18234cbb
06284ce8c02db78ae44d253b12fd9a861f665d65eeaabf5658e96ce3bc108863
065e9ecb8afbe6bb081942aff75e7b1d339ffd9685462128ac5192a160941ae5
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
076e818b0b6e9c662c708f1ad9c4363d2cdb0e7a0b606e4a257731fc34c23bf6
082d27c2641584658558db21fff166e4162d54b2f20df1d3026626f68c4c0882
0a2877d35b782162338bb95faedfa08559e23788db9d926e97da4d0efd2dbfc5
0b0a210e89ac35b54a9b4ccb0336ea91c561e6dc5f8bda49574da98d40799c6e
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
0c5bfc3afde8642085ce224ff3b4908aa551569dba9dd8c31a1d6b2c38ba3a91
0c88e5cad7fae79f9c54fa4c68e7c45a2d9754776b9c55c5fa350cc216ad35fd
0c9a2d2c121f95573bc6aba66f49b78dde2841a04a076721c69883741d231741
0dc1eaa16604f380a6a3d7336f2c1d2da3b6a77aa74135754fe14409877929f6
0de19ca7c735b21a7ce93fc81ba53d64f5cd4a0e39b8c31731b74ff9692685f9
0ed2e72b8338f47244500532f1c4a2f898130780a6ed2e0f4f59473cf4496a56
0fa9e15e718c1c73a57d2b3e1cccfd809b2310c1b583a406035f5a961a1fc7fe
0fef407f224001c6ded11c26d9ae9f4bddf311e48124dbdb2dc778faa3b2a676
10e6f57f39cbaa938c3c7ac90c1eee53474f8d47236755a128734e8b9a07c3c8
11374a19dd4c01bbe84753a1d3e1803e2fb052d5c6281e220d37b4e899d4cc7c
119c6a528ba39a60a3dcdb6b89ca6ed87cfd444957136f9b6d98d5e9d3134665
1365c2e7f65b68ab3ab4d6b0594e8d31c2c14b0ef6e71dd56f14a2f6711dbb4f
13af0e6f4fa0a67f98f00083727180c3c26c634565736a0503df47cea3045a8d
13d6c7421a5226dba282844559ceb253919842859ca3383290b10444023036e1
146dc1d7c5eb4a55845dc09eca64cca7f53598183cce62b6d0d829a3b7819766
15b6030c65413214411e5e2bf8a960add1a99825048061b874d99f82c310b4ae
15f583457aaf3de15a556c74792fc7061d26a13b15d04c8bdcd3b6231018911a
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf
18ebc36644e10f87e20812c15e329c1b25848c62cd6cdfe74427cdf8995bc3a9
195715ee0adb3b3bf6c435b440bfab73e93d572bd364d9478b22aaaabf95fcd8
1a98e3aecf83fb7e4cb7adf2b1067c2194c206f7ea7e4697448bff8f7c65ef51
1d6ef446c1c980d0eb158d99763b88810eb37a91d8a36408a7cc69f17fabe4b5
218c479ab2616c95cdb825787c21e9eb9d3c5b663bb9b23affe8071740e61787
2206cc3b3080dba8a841a08281ea5add576e41ce3cb9c1275d04dedf09d26a51
227698f9473523b735aa88d16366866ba878a804fbcf0e420ba50be4acff4c5d
232113364085d2c055b72681d134ad7ebccd42bbf6296f457c19ee9c7a38de25
2456315a37213a8eb0e8a02bc98c467e9dcd4545b6060e47c1e6a96a0765d44d
247702ecc39010300f2eb5e645266b9bc178f44d08f927507f66fa7b96ba5455
25cc1a8d371ebecb108a5e0ebe87b23142b9eb66fc3410cf3edb9b58e61fc561
272d2e19b15b17a439d4f5074dab1546a4942adf675409aa6a4a60d4aca1ab67
273a73c9ca47f744f0362898c233679d982bb7aff18e52ed31e406512f85d97e
276f4cac68e7e4924bfb465e8fc4500c6066852f249de71b219dcecd51dda556
29538425766b8e607f722b292629b5da8a1b5c480f26febec71ce3e689db0ca8
299f93b4e8a74d0880cd959ff3d27c2a0b4d061d241d6ecf79cfcedfb15360a2
2a87732e2e79f815d76991b517c933a27f5280e30797762f167f80b5ade6f824
2a8c6a59229a961cbc8237de7e4c69299ae3f7f3681be2cc564d124da199b4c9
2a8d1d7919d3d0edde8d6897a47fa7d797094b070ff2c912317b6684925cc655
2b4deeee8c622668eae11700ede39f55aec92cdd6bda3173b81f6e3e446e1e4c
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e350091b637b736dc2f946dca8d482ec67a0a389ed267b2079e61231bd5d332
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
2fc21f505c6160286b2b85a077fba645b58f9fafd72ddeda41de66d901e218e8
30b77bf0c0360a4ef402dee9f91c2df7094cd39f68fee44353876e193af14f1c
313734c6a8618b2f9ed5e2b0fdede2b5ceaafd7f42bc768ffc47ae2c2ec27989
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
316e5741a53dfd98743876fcdd741d5efbf8a98b35afca2578b5e61415f01e7a
329c9c7026d1c9423b642686137df4cd4e720aecb0059ed286a5bb1b520b9fc9
330db8c80df2e65bf1ab27c70a0042f79f0921b5a0bd237da0b391a82a97f232
3398c832ff4a6236383928071f474b77fc14fed0f96c1eb51a2e911a719cd587
33c80567e0584326a9ffa6523c541b11a416a559dc989c3c40a2c422e9febf11
3486e7b4a56255ea6b9716484eb177e5613846850d379ed37af2502de1d196d3
35e3323a05cd760d4d50dd2b1e5f03c3aa33b5891357bcef69e631c89ba8ae6d
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
368e449cd700e2dce075c6901039a8107cc4ecbfa84af93304fe5875c7321d3d
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
36b4586090a685f70a6c00b8cef4155fe570d344004cb1ed635ba45107181323
36f9d07f3ece059f8c9eee159a9c1d1380b52823197f5e0f4391f754c5aedc14
3797f2b02c4e4a5a4f6f62bd6f0b47a7bb6d74638cd29bb97b0de698a7271e1a
3907cc5ed9d4a0cdb316d069614220b55fccd5624ac173592a7a4c2c3aae0636
393f300584045704534d2b8391d2dbc5efe80057ea74f19b3b620fdf9ca8e0d1
3a50882d604b09d44a0615c6907e696c04e2891b39c81a7025bb780127925c51
3c005e458f727e1f20ac2c2ebc908c4fb55cc01f1ad54adb409730f4c95ce5ad
3d2335302c75842a2e94f2de1019b2b83bb9da1f0261d0a9eb0e50a250b2afe6
3d62f6140a19af16515a5d4d0221605d5d6d3ad0f38c792534da2d283e820596
3e71743cd43c2c0a7a7f36b8bedfce83dbc5f236335f1ebaaa929e899bff63d2
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
405f17efa15f9c112f7a11462f4c4bf38dd6b2da37e5c0cc5cccdb2aa95534a6
406eaffa99cf933d468ae69e334e192b8f97a9e50a0eb02e05b7fe32737e2759
40d773710d685e5f0110e8b34418a6845ab85fa00e883743cb8ee6bd80e5ebde
42443a15df22d1769aca204e5ba7217e8e4474db675d06aac8275f49b2bc600a
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2
4355a46b19d348dc2f57c046f8ef63d4538ebb936000f3c9ee954a27460dd865
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
46d82c6e94f7ccd5a9f284172b81ef0816351a60a53b10e3753db12cfb1b3555
477632be17a38eae5765b373d3f9fbbee93dca6f0afffa1815079a5383c77267
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
48cf5e6fadb3e29ac5c299c292f4f0c5dbed7c1ef44d721c77defa164d14cfd4
49d65831c7e98a7d885d223699a41198204329efff9d1904c8af71323f613d68
49eaa23c3c030f1ff520d0ec7cafb9d3cd3ddf9f729b4666fc4cb59cebf6b0cc
4a47ce84e1fdde51475cd77a0fd312bb383de8f10a979e14ede34eec91df5e79
4b11a3cb86b8e90ee13ac577dbb1a2398373c7d7777a18066cf50b991ecae129
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4c09e2914c4899cc46faf6c2d15155322cdbc8beb68f17294f24870f36c7e876
4d65758b691bf89ab1320b4255c63edf50700ebace2d51255d0cd85fe58aa5d4
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f36cfb4c1659c842099e22ced447064fc12172b3f07bab0949e72c015834b8e
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0
516f5e4c2dc5c69f3e1707e76695f866f8e62468aca15c1a9ddb165eb684f6f0
518d265e7492ff69971397df36b1504256005db2967607e9a3bf64baa60cd1e9
52a5a3f0cd1e0e4da77558156ca80a6e9a453eb625a5c92f8e187230222539d6
52e30df32b375bff5e687ede5efb71c3ce472e2f0972c473e9cc22e9a2270f5a
542ed46baa4019bd1c2c533921a44c71a99b77058d9a0930c966153f64daa387
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54eacec863498628814d62c486eca8cd1c580c77a4dda865b5941006e40c6e66
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
56553a8283eddb6fcb23fd87c8fdca1a62b81166c8203e960a6a1d9a262839fa
57a8cc3bae0bfa43590633a5b0027afc9f26d6331094f7fe44593c9a542dcd41
5802558528d108bab1a193203915735cf2e64d654b783f7ddfca797387707be7
58f4221b759177e73c8870b947bec3aefee9b9b2e1ceb01ec7492c11ed5af7be
59a32c94ea6b833e767d464c4aa17f630d03b318e5d0461669f73914dcc65769
59e58524340cd7ad353be010374b124c242fdde10a0ed41047fe2fd4bb9e5a2e
5a7f6a8f46af479ab93de0f6012b997456cfa01775f781bbb7b2d3dab7013869
5c1623ee87f9a81fb9b0188516f8f5afda81c8b23898fec7d66de3ed390f4a1d
5cd24aa713f15b00ff07b0701f02c156dc4db118988b965e09e352bdec0ea180
5eb4ecdbfd71806a8d53f0d71206cb2f6f4045808a18ad2b10434a9ffdf40a5c
5f3aae2c704ff1919707745708c5be550920015cd6cd32e86336c0c1bffcb7f7
5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d
6057b1883b269446f8a2e9260df6fbd4383eddb9c58ac312f9c6b18113778fd4
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
622701ac890314e6cac9c7a0e85e9012d4144c71ba4a4ffdb492d712e2112455
626b749c912e14985016557bfac3b6162d687076653b70b60da61e88fad492ae
6300f448d738e70ac11f0140df0b3ce91a2de9e0da7fdf09d32d28031600ba51
631df19a43d14aa23fbb8e0a5746bb97892f31e10312d6671a0a061417029ce3
63417d1e88ad5cbbe1c4089e21271fd10c89c540f128b420874af1eaf8e4f992
64a10cfcbf437b910b4d542dee492a82e0bc5fc02fac1c18806de65ed2bd60b9
652f3fe8163b40346a568ec544a51dc10c558d972876ff5859298ea286a73e56
66986c476e0ca6bcb95c2427dd2ce792b98c2ff653ce85b022db41b6ca787b57
6795d0a9acbd40672a508a822c7c2a4840b43fe7c486df2a0c96264653e3155c
67a5cf03d77ba81e0dfcb6e2996780cb6650c1e9b4a3812c3e917c8d79828035
68afb50bd79b337f9c6cf6f4107ebbad61d51ac040e82c7b525553fac6f6be62
691dcdb24853a0f5ce4e6597e5713dea66799b57ffe2c2a10f28f98e0b569b19
69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7
697958b7719fabe6d935565b9693adba55b2fae12a9d0b262c630aa13d1e5769
69848d17f84889ee20b38a8ec02d1f7502ed0b3ae5352b9533a4cefd6bbe11d4
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c
6a7f2741885474282051be5ed5a043f87855d5a39a26c447874603ab89218ff6
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b30722487e92833baf8f01d6b2d2fed4e459d7cd42dc81ac1a80d8d08b9450e
6cb74b1c20520023a412d8e0bc04e0bcc832be2f66b0a584056db181dcd5a052
6cd215a02f11740bc1c877114be7ff375523da28b8ed3e5cecf2333517c8a3b6
6eadf9bc0090490438da45de316253bdebd58ad4908bb8d3676d512ef0ba83bb
6ed37e392b16dc80c3fe4470e3e48eb831b86dc84531de828b734190073d8062
70026939ae15fefaef7ccc2c697b126b84497e92f3c8c8a662e141b1dc1c8f01
706005f8f4cdf3d33ce240712a260cc822459b98c6733f72702184e33b25c94c
707df400f6dc3ea04d0f75a742469b3e74bde5e297886b2dd7b1b4cc40b71766
715f4e1d00916a45781e00854e9181988c097046f4c586ef595bca19deed87bd
720e27dfe2cacfe3f65e1682fffa45268e5bfd40fdad57447e23bf7f9a2eb5b2
72276fa2d087eb36209f3680d5dab31c28e7b38fae5ac24eb7d782c9c1246c29
7342b82c002e27bdfeb42b67d139c5e8d00723143bdad5352ee98cf069fa99f6
73696236febdff580a8ab4e5c222fa67ccb3c73adc76bc6a01526d90adc8598a
7539100ad11920b839c188c97cab36d8df37ba71e0477ee7762148a6a3746ceb
7b237ffd39315f45f4f63e68a504707f191e491098db2071240c59bf9416a828
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
7c2a9b0ebc8e415be8693b60754f183f3837c35a25ab30c6d7b589ee2353310d
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
7fe05de865636eb530276a2b7acea53e5e82415f2de5aad0dcc56a0cfd39a918
7ff8b2b40be5b81d03ba81dccaf2fc736a1d2bd7a588115deb21abfc3cb53de4
81a838cf54551298811c3604f3fb407cc010b670f299f4788f4cfb5a18ebd444
81d770080c1b800be3a53c463260330cb7c2b15f194634f75e2b1f847507b2fa
838f4b697deefb701f31eb892e6dde74a92dd7c65d4d56f967bb79c17a66d79e
842afd38c5e89bde9cc5a3d817894bed6c8b190427cb748bd29eda4b400ca56d
84351bbb9fbc6ff809cc59019a0938f914a60b99e1e81a97e6999a0e6b6fb962
851aab34e9b9e9c6252ed4a0bd57b30a79795aacdc7e036d7e824ed9e69b2807
85af33b3bfad511db80d2fcc1245bf6d952f6df636797f1f50a1f270d028cf33
8630282ccf13d1d42eae46d6012fba53069c6145ddd8711712a424609bfcdcda
866d266da2e3ce14d802e62e789988a84b6eb50a737296b940f109f3a0af350e
868639d5c4a1a9546a8943942ab229e25f52199335ad6190cf93cdda614536a6
86daa34e3161d6772c000d61217a2845e368089cec3769d625d2a7534bbfd117
87b08df9709c965081be45fd99f5003775fadebac9dc5780c00af359b0639bc6
88f5f53e57a59458f8b86cff6ef47de533eb4cc402cfa730c069ed2b1d71f5bc
89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4
8c1d4ca40cb7f6849fc0947cd2e3186ec82786d1aba8eb832e89ccb5874bd5db
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652
8efa51d4e9620bdc48f6583f5e7901afa0a65486993a7d7e30071f08c6e3d255
90e0bc30abe894653035a84fb54775977eb93778058d9096cab921d535fdcb19
92a0cfb39bc47c5d14d40f2eca585f29859cdbaae86f21da4495934b8fca45ec
93edc33aa2a6e807ec4c13f270703bb3fba72a251eb6decffec3c49a184db3ea
94277016b9cfd1841456b42956005a0f56ae4bfb468d672e7dc0534b34f633e4
946a743e6776ac66bd06edadf992553fd5e927988945bbd8084f422068caf121
94d3b3f21c82e9004e1a95aba77f256573a3406d0782d451d50ac8e4bb4df7c5
959fb799aa5409ec5a84da35f1d765864fca811b193a0d2e5c0f6dfa29ee124a
95a4782358ce7c4e22475eb612274c204bfc8a0c8d3299e7d6c1f242ae958fef
95dcda2b953f1a9e6ab6261a3c6b729f6a74b65584baef52679aff93fed04ed7
98279c8ba2ab23c05982c576f922443fb5bfd6934f5bf8830d2be961b5cfc474
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
98be4a756625b3e9907d50abee5144882dcc6a3573ec3a416f3352fa625cf531
98dcc25e38ec758895e96d49d11b3797f0d0ccc3ced2a65ec17ac0e4ea5e84a9
99473bf996a68e748ab54b8735f92bb3422763e4383d7e4c6b430fcc3d61bafd
9964ee8197977baaa2823ca42bac20e4e176ee26152562cbdcecc75600f187a3
9c89aa6968134ff29659e3ae9332dc217d5db905f2b5386928591f244fa4fcd9
9d96b2fe2d8d4a398a846ebee84e5e70ec37e0fc613b3e2a5aaa81b1bf2d8470
9ea1823078c462969eaa59d6ef62623c19d77b72e25a103105b043aefaa0769a
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e
a2e89e542e44485026f66678c74cb69480bdbbb033a63aaba321f21f25276541
a4d450d9f67e06c84c82a9a8c58cfc96fd91795b935201dace82e858732ddea6
a4de1e27f83eb7660e650f61a7b3cae568fff6554aabf2ece6acaaa943814bbb
a5eb82ceb5e7241a3b0fc258e5348af7aea604cebe07b48db51254d1a4d007a3
a6380b6e9a97837e4d7e419dcdd2e317372f2fcc996491ff73a7b3839fad99bf
a6e3011d74b5fbd43acc90563ed7dcf76c49f852009ced30e3961411046fe803
a7379a376036fab277e6176ce58592952d41b99177bf3b85d508734433e9c846
a7b7120dffd25546c93c1367b9c86a3dc87e71d2c89ebb39163a71eb3b659f01
a7c422907c52a2c993ab2f08a4da4110693b43723e3fbcb2ae9935f540157f19
a7ee5a6a51288ea6e0b7e24df57edbec355b3f754daa94a296dad2702b906c58
a8b06f4c162fb2fa36b3e6e2e8042ad4bff95e84adce7f1f7962549f977cfcb5
a90a8d30e26dc731414ee12982dc525c0b7d83d858c5f018e74e0b5950026662
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a
ae7df002af4ec129f8403467125a84f6b8a62a837e5db100005b00ad7cfbdaee
aec5da9cdb9e79a51a88df05c40fb806707c735235503b7b4a0a47ae81957af5
af20fc35e31f29999a16220aff96dbe14f14c263fb8e6946ccac76887e97c0aa
afca58f2c31bc20024bcc1359e839484408759d75ede9e0d4cfe80049038c7ee
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b04dfae5d49297b8b6a514bd8bf1c7bea7ebe622232401a5abed5a92809a2b66
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1e4f585831adbbbeb5ece543acf891fd10d936ac0ab104150118b7290f0a2d1
b418459fdad4878ac0bf54ac48eef7cccc94be6592776ab1e0e06a18ee22a82e
b488673b52c519f8bf7df045354cac567a136756977fb2077b243bd0bcb7683c
b49c70539bf8ea921ba898e695544c784ea722d7f036e6b843c95ae2acc970d4
b53b6ad23b258ce11eed97786741510819a369348afcf1260856fe3041fc33de
b84bc98b4024a0d63cade00923c66e78bdf1f431edb62d40bdebe7c0d7c71b97
b857347e8644e3dfc228417e700986e7981a434ee3e37ec8f3edff3acaaacb15
b8872b960f80a1cd564a26e966402f4f843aa9c4b002d306e5bec3446db62657
baae6b668c4eb83202b9e341751fcbc803124180e275e281ae3b86b6b7196a2f
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bb4f8df5602b561c6a5247851f27cebac4099886c0f337e67e5ea9fa0f9caac8
bbb3bfd0cdfa5bd8f651735573bc1979f499b3d92743852495de4e8a7c15f4a6
c180a56cbc9fb69f4a1441f0186406d4b0392405ba4d34ddcc02814f86183cd5
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c29fd07a303f4eed97b55ac1bf160c73300f40eaeb4c5f305bdb07e6012e43b9
c2b5307e2583806f132c2c8a86438c8cfd2af8557c0621d696d080017e4c4b66
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf
c319db2237e3629388116b0b2fd86b57ae8bbbbb9aa4d57ffc86dfd6d6d1a2ba
c3264a06ba10c869c3d0d51b1d6ed6acdf45a0434fcbb3237fe35615c43c94d2
c377d1f0f67136e0a6b321a5809ad2dfa7848d70294324e3dbe5cb30fdd6a387
c3965c2db5a7e83642ddb137e9d57b4acacafe099abf6eb7daf97b9f660a9e34
c406780834f1884eb7d3f321d022a36508d573a07e86e7e1b3f6455c4f43275b
c484c78d502a9769494d9fe87c9a826618b36fd60b567dee2cfa0f4e9163d79d
c4fad867557fa65e1a778e915c0b4ed0cd1bbb4443452c8943e5cec6504311e7
c6077711ce3174050ccebe6559eb5f0e251942c2cad21900d1c3ef316065565b
c6383d777a022696c8d7f45d9a1e6a5ad8fefb1ab663b10ee4f03db351020fcd
c65dbac8410d7c114507cb865ff7d2ee5ab690b33263fce692b0fd9bd69350c3
c8416a5ad9aa2ee4672d7ccb6bada46a4fac42608223eaa7bc2505ca3a18c1ca
c93b39434a45f4779a884833f1eb5c0764d2f7e63328822b5a51af10f22ac732
c99655d3c0d749e481197148fe082333bf7b1df05cbe0c29abec474448587f9b
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
ca3f07f4e7e1d13882d00f91d1cced485491c5b2f5d1883f86cce8a317d05650
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
cb83af0eec1fb71fb35196225c4a4a8964b7e47b52f9a85679c808907abd2b09
cc3a41863d92b22799ff23c52e2173e80b13ebc75b9144151ea105cd52b59de5
cc4b8ba332bce386714ddd948191111bd0f4459875ae1cd7623829e7adc7ff28
cf136f094c7f82d1c0c28ad64ecfaff847f8899ecf66494c7a8ee73abda58c48
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68
d0b37cfd14e3aec021486af8b65494ec54bbf5bc67858e993d122a4816e36474
d139a56a0aec7d930023b1d1c1854a3d845f355cff43d4f877a6ea6315e6daf2
d1cf07d433a923298b8b708845ded352d8ec8c8f5e69aca2e6d13e4929907a55
d278491b1de51ad826d16be5ab27b1746999c02d45200f107218427e34eed798
d374fd2001caa24f052c109e9280c53e3973577d56b7a48572d67817cbbbcdb3
d3f7b0ec4de079928a999641e781e80f33597a392a561bc460276dfb4efb6eec
d62294b7e6cd4ca6ee405dcdac8f2f923d64f04e9fc19a9e9db40ffa475f9928
d69cbc552cfe8de4931deb191dd349a881ff4448ed3251571e0bacd0257519b1
d72937213cadbbac047a88ef3944b4d3b8ff8ae47065edf2d5e4c9a3463a3350
d767233e917c54707e80fc1232f5d1a8df7d02db94e8b08d8d83eb583cdd780b
d98d889ce3d9e25fe760cb36d947c5b22df8836a3e8a0bb706c3a511f676f944
d99937e8195e14a02b6a6dee370835eeea26e6dd295aa4296bbee8349bb98233
db15d0dca42325e52f61acbab666be731af215b544e2d9ec7d327e47a763afe8
dd40d61fc9eaf54d81632552f8ea15f5828f3073821622c082bafbcc9fdada4d
ddce6a171ead6c4cbc7ed048f66a97a2b5781741aab2926507513cdb3dd7dccc
de3f1fd55183c58e7acd6c0d39b0e223410844a8beadfaa7ed7bec0f5c391009
dea4eb388be423aa5f77f2983f867492757e88f0afac98e9558a32ece1c1e9e6
df18d62903da2f5883592b2960bebd633e904c8bf8be1dba47455b60d719738b
e09b04e03caf2ef5c2f3fc9f407b579c41b0f91012bdb0652d1c46418d78c8d8
e14dc41636709a3b0042ec6dee5475fb3bcbeedfdc3650d836d1ca3ce336309d
e27ed4fdf3cfcc7a811bb9e700f00dd4625da85a5913b30e36be9bd4b4f2b6a9
e2d7d6e2becd91848d59ad86e8eae2df7af92fa377fdcc904883b475f4044551
e3336d74e59575006a5ca2fd43d82078ae064b9badd1ee2decab5408c273440d
e3815b35d86be4555c82c45b8a08a212efa15208be89f50b5333d41c0bd394e3
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4b985a733456e8352e89d0893a32bd9a5c2ebfbb5ad026383f8ae94aacf899a
e4dc0968cca7489a3a425f15c614505c9cb104e60c7ca20c53d18aed3a732a7c
e69e5a763c8b5cd21f2cbaa441fb935010ea926de8b6c6b1400f585bbf53d67a
e82bee0fd2520f23b90137eb06b49093d5c1b23fed7b0015dd73294afd4df0a1
ea5db5581e262d77d1a43fbb3f0fa3661b51d097b40ca38f584b4943f47cf2e0
eac0304fa4373ddb2611190e2bc2fb9190317d315afd9eb772d546fce7c02589
eb8348c69f7b606d9cfeb3817f11762ec900db130c405f84a0891dc452e936a4
ec1102ae3d8170ff18eba852fab7da32848ab42489ae990c5916fcb7c199efd3
eddc11d8be0ae5311acc08d5f2ebe7ff9426384f6408ecbb56abbd7fb5e03743
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0877351aa93ada7eedc2f2bbf0661ed0d6015c63a685d75ace0ce4ad0068be4
f1d8514c694fc47c1845862ed9934b05ffa5eeedf411c148125a5aea11b90515
f2fdbd9fa50c614a7a44f031cb9b287d42c62c2bbb273878770afc8758fddd58
f3664e88b8da310c13d2046c7b21a02661d58d97bbf1566533e2142f82f564b1
f4964194db405b7e9f6de68f7adba39a64b3ce864da9b8f44256c4f1dc5fa90d
f4d1d36eefbba603f15f6511108b2c8fb57a682f14aa0e0d58bcaeb66332e886
f4fc114373da7e63fade04d84f7f1cfb5b31632246f33b10f3b7b275b85e6dd6
f6396e10385abbfed080858b7e155e92f371ebed4895193e086e9e327166d969
f64aebb3dd712d3b558276e7eda3c524c14fab350a3aa8b8389bd8e3eef5dcf7
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f7ef7bdb140fcd765bdac4986c81d77307c5a5eff6582c17a6fe91b1f7775793
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
f8238cdd1cc6032f1c34cf7e559b55a936097f78cc8839628e5cc39a6fc3f390
f86366f35aa57fbd20ad62caaaf4b15e38903b16df61e48556a565e19cb570dc
f8b8137031a6e1e77e08b41b8abde91c9af330b6d9e99fc0431b50ddd5951d76
f8f6ac995517b39fc2b2507b9cc7955a7b7475ae3c12827fd40a9c7189c55aef
fd60a3c0bf748f4ef33dbb9eac95a6ac6a806a6182ca63011b641f9188632194
ff06dcd5e40fc7dcf398375c1c0c4b3c80601ac8111fbddd7d9a8d79b829a105
ff18779bb7f76122171e9faa51b7af30bc0239d361c926489b02032bb5bccb54