urlscan.io logo urlscan.io
SecurityTrails logo

www.empowher.com Open in urlscan Pro
2606:4700:20::681a:b97  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://www.empowher.com/user/4213177
Effective URL: https://www.empowher.com/users/samsondfneal
Submission: On August 28 via manual from US — Scanned from CH
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 47 IPs in 8 countries across 40 domains to perform 126 HTTP transactions. The main IP is 2606:4700:20::681a:b97, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.empowher.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on March 31st 2023. Valid for: a year.
This is the only time www.empowher.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 22 2606:4700:20:... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2.16.96.119 16625 (AKAMAI-AS)
2 2606:4700:10:... 13335 (CLOUDFLAR...)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700:303... 13335 (CLOUDFLAR...)
1 72.246.168.23 16625 (AKAMAI-AS)
3 13.224.192.181 16509 (AMAZON-02)
4 2a00:1450:400... 15169 (GOOGLE)
1 23.32.185.42 16625 (AKAMAI-AS)
4 2a03:2880:f08... 32934 (FACEBOOK)
1 151.101.128.65 54113 (FASTLY)
1 52.222.253.136 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
3 2a03:2880:f17... 32934 (FACEBOOK)
1 2a00:1450:400... 15169 (GOOGLE)
1 3.248.53.218 16509 (AMAZON-02)
12 2a00:1450:400... 15169 (GOOGLE)
1 23.212.88.20 16625 (AKAMAI-AS)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2001:4860:480... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
2 12 52.95.115.196 16509 (AMAZON-02)
3 2a00:1450:400... 15169 (GOOGLE)
2 2 52.31.112.199 16509 (AMAZON-02)
1 3 209.54.182.161 16509 (AMAZON-02)
1 1 35.214.207.20 15169 (GOOGLE)
1 4 34.98.64.218 396982 (GOOGLE-CL...)
2 23.32.184.192 16625 (AKAMAI-AS)
2 95.101.149.233 16625 (AKAMAI-AS)
2 185.64.190.78 62713 (AS-PUBMATIC)
4 5 37.157.5.133 198622 (ADFORM)
4 35.71.131.137 16509 (AMAZON-02)
7 10 142.250.186.162 15169 (GOOGLE)
7 10 69.173.144.138 26667 (RUBICONPR...)
1 1 69.173.144.139 26667 (RUBICONPR...)
1 178.250.1.9 44788 (ASN-CRITE...)
2 3 52.213.174.162 16509 (AMAZON-02)
1 2 34.111.129.221 396982 (GOOGLE-CL...)
3 4 52.207.39.200 14618 (AMAZON-AES)
6 198.47.127.205 62713 (AS-PUBMATIC)
1 34.91.62.186 396982 (GOOGLE-CL...)
1 2 2a05:d018:d29... 16509 (AMAZON-02)
1 2620:1ec:21::14 8068 (MICROSOFT...)
2 198.47.127.20 62713 (AS-PUBMATIC)
1 1 2620:116:800d... ()
2 2 185.89.210.90 ()
1 2606:4700:10:... ()
1 2 77.243.51.122 ()
2 2 141.94.170.64 ()
1 1 3.75.62.37 ()
3 3 35.157.211.238 ()
2 2 34.255.103.81 ()
126 47
22    2606:4700:20::681a:b97 (United States)

ASN13335 (CLOUDFLARENET, US)
www.empowher.com
1    2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2a00:1450:4001:81c::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
1    2.16.96.119 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-16-96-119.deploy.static.akamaitechnologies.com
s7.addthis.com
2    2606:4700:10::6816:146c (United States)

ASN13335 (CLOUDFLARENET, US)
widget.privy.com
api.privy.com
2    2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
1    2606:4700:3035::6815:47a3 (United States)

ASN13335 (CLOUDFLARENET, US)
www.honcode.ch
1    72.246.168.23 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a72-246-168-23.deploy.static.akamaitechnologies.com
contextual.media.net
3    13.224.192.181 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-192-181.fra2.r.cloudfront.net
c.amazon-adsystem.com
4    2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    23.32.185.42 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-32-185-42.deploy.static.akamaitechnologies.com
s.ntv.io
4    2a03:2880:f083:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    151.101.128.65 (United States)

ASN54113 (FASTLY, US)
tag.marinsm.com
1    52.222.253.136 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-253-136.fra60.r.cloudfront.net
aax.amazon-adsystem.com
2    2a00:1450:400c:c07::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
3    2a03:2880:f176:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    2a00:1450:4001:811::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    3.248.53.218 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-248-53-218.eu-west-1.compute.amazonaws.com
jadserve.postrelease.com
12    2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
1    23.212.88.20 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-212-88-20.deploy.static.akamaitechnologies.com
hblg.media.net
2    2a00:1450:4001:809::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
2    2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.ch
1    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.analytics.google.com
1    2a00:1450:4001:80b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
eef74b84b43898e5862bfdedab000a60.safeframe.googlesyndication.com
4    2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
12    52.95.115.196 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
3    2a00:1450:4001:829::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
2    52.31.112.199 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-31-112-199.eu-west-1.compute.amazonaws.com
match.prod.bidr.io
3    209.54.182.161 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
1    35.214.207.20 (Groningen, Netherlands)

ASN15169 (GOOGLE, US)
PTR: 20.207.214.35.bc.googleusercontent.com
csync.loopme.me
4    34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com
u.openx.net
eu-u.openx.net
us-u.openx.net
2    23.32.184.192 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-32-184-192.deploy.static.akamaitechnologies.com
ads.pubmatic.com
2    95.101.149.233 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a95-101-149-233.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
2    185.64.190.78 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
5    37.157.5.133 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
dmp.adform.net
4    35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
match.adsrvr.org
10    142.250.186.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net
cm.g.doubleclick.net
10    69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
pixel.rubiconproject.com
1    69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel-eu.rubiconproject.com
1    178.250.1.9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.criteo.com
3    52.213.174.162 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-213-174-162.eu-west-1.compute.amazonaws.com
sync.crwdcntrl.net
2    34.111.129.221 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 221.129.111.34.bc.googleusercontent.com
cr.frontend.weborama.fr
4    52.207.39.200 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-207-39-200.compute-1.amazonaws.com
a.audrte.com
6    198.47.127.205 (United States)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
simage2.pubmatic.com
1    34.91.62.186 (Groningen, Netherlands)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 186.62.91.34.bc.googleusercontent.com
um.simpli.fi
2    2a05:d018:d29:3602:1491:71d6:41d3:ab51 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
pr-bh.ybp.yahoo.com
1    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
2    198.47.127.20 (United States)

ASN62713 (AS-PUBMATIC, US)
simage4.pubmatic.com
image4.pubmatic.com
1    2620:116:800d:21:5ed4:8d5d:fed7:f5ef (None, )

ASN- ()
cms.quantserve.com
2    185.89.210.90 (None, )

ASN- ()
ib.adnxs.com
1    2606:4700:10::ac43:db6 (None, )

ASN- ()
mwzeom.zeotap.com
2    77.243.51.122 (None, )

ASN- ()
uipglob.semasio.net
2    141.94.170.64 (None, )

ASN- ()
pixel.onaudience.com
1    3.75.62.37 (None, )

ASN- ()
ups.analytics.yahoo.com
3    35.157.211.238 (None, )

ASN- ()
x.bidswitch.net
2    34.255.103.81 (None, )

ASN- ()
ads.avct.cloud
Apex Domain
Subdomains		 Transfer
24 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 93
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 210
cm.g.doubleclick.net — Cisco Umbrella Rank: 242
160 KB
22 empowher.com
www.empowher.com
308 KB
19 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 344
aax.amazon-adsystem.com — Cisco Umbrella Rank: 430
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 1071
s.amazon-adsystem.com — Cisco Umbrella Rank: 320
75 KB
13 rubiconproject.com
eus.rubiconproject.com — Cisco Umbrella Rank: 588
token.rubiconproject.com — Cisco Umbrella Rank: 617
pixel-eu.rubiconproject.com — Cisco Umbrella Rank: 2290
pixel.rubiconproject.com — Cisco Umbrella Rank: 364
18 KB
12 pubmatic.com
ads.pubmatic.com — Cisco Umbrella Rank: 547
image6.pubmatic.com — Cisco Umbrella Rank: 769
image2.pubmatic.com — Cisco Umbrella Rank: 875
simage2.pubmatic.com — Cisco Umbrella Rank: 797
simage4.pubmatic.com — Cisco Umbrella Rank: 1267
image4.pubmatic.com
28 KB
8 googlesyndication.com
eef74b84b43898e5862bfdedab000a60.safeframe.googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 116
tpc.googlesyndication.com — Cisco Umbrella Rank: 155
41 KB
5 adform.net
c1.adform.net — Cisco Umbrella Rank: 597
dmp.adform.net — Cisco Umbrella Rank: 3398
3 KB
4 audrte.com
a.audrte.com — Cisco Umbrella Rank: 2664
3 KB
4 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 360
1 KB
4 openx.net
u.openx.net — Cisco Umbrella Rank: 702
eu-u.openx.net — Cisco Umbrella Rank: 2566
us-u.openx.net — Cisco Umbrella Rank: 481
1 KB
4 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 165
175 KB
4 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 37
22 KB
3 bidswitch.net
x.bidswitch.net
1 KB
3 yahoo.com
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 458
ups.analytics.yahoo.com
2 KB
3 crwdcntrl.net
sync.crwdcntrl.net — Cisco Umbrella Rank: 803
1 KB
3 google.com
www.google.com — Cisco Umbrella Rank: 2
region1.analytics.google.com — Cisco Umbrella Rank: 3101
2 KB
3 facebook.com
www.facebook.com — Cisco Umbrella Rank: 110
216 B
2 avct.cloud
ads.avct.cloud
1 KB
2 onaudience.com
pixel.onaudience.com
972 B
2 semasio.net
uipglob.semasio.net
1 KB
2 adnxs.com
ib.adnxs.com
2 KB
2 weborama.fr
cr.frontend.weborama.fr — Cisco Umbrella Rank: 24109
496 B
2 bidr.io
match.prod.bidr.io — Cisco Umbrella Rank: 571
1 KB
2 google.ch
www.google.ch — Cisco Umbrella Rank: 28139
515 B
2 media.net
contextual.media.net — Cisco Umbrella Rank: 660
hblg.media.net — Cisco Umbrella Rank: 2292
2 KB
2 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 231
7 KB
2 privy.com
widget.privy.com — Cisco Umbrella Rank: 18490
api.privy.com — Cisco Umbrella Rank: 18584
104 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 45
ajax.googleapis.com — Cisco Umbrella Rank: 366
34 KB
1 zeotap.com
mwzeom.zeotap.com
438 B
1 quantserve.com
cms.quantserve.com
592 B
1 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 357
647 B
1 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 800
610 B
1 criteo.com
dis.criteo.com — Cisco Umbrella Rank: 626
363 B
1 loopme.me
csync.loopme.me — Cisco Umbrella Rank: 918
236 B
1 postrelease.com
jadserve.postrelease.com — Cisco Umbrella Rank: 1201
718 B
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 48
83 KB
1 marinsm.com
tag.marinsm.com — Cisco Umbrella Rank: 43265
529 B
1 ntv.io
s.ntv.io — Cisco Umbrella Rank: 3745
163 KB
1 honcode.ch
www.honcode.ch — Cisco Umbrella Rank: 140903
2 KB
1 addthis.com
s7.addthis.com — Cisco Umbrella Rank: 2866
361 B
126 40
Domain Requested by
22 www.empowher.com 1 redirects www.empowher.com
12 aax-eu.amazon-adsystem.com 2 redirects c.amazon-adsystem.com
aax-eu.amazon-adsystem.com
u.openx.net
eus.rubiconproject.com
ads.pubmatic.com
12 securepubads.g.doubleclick.net contextual.media.net
securepubads.g.doubleclick.net
10 cm.g.doubleclick.net 7 redirects u.openx.net
eus.rubiconproject.com
5 pixel.rubiconproject.com 3 redirects eus.rubiconproject.com
5 token.rubiconproject.com 4 redirects eus.rubiconproject.com
4 a.audrte.com 3 redirects ads.pubmatic.com
4 match.adsrvr.org u.openx.net
ads.pubmatic.com
eus.rubiconproject.com
4 c1.adform.net 3 redirects ads.pubmatic.com
4 pagead2.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
4 connect.facebook.net www.empowher.com
connect.facebook.net
4 www.google-analytics.com www.empowher.com
www.google-analytics.com
3 x.bidswitch.net 3 redirects
3 simage2.pubmatic.com ads.pubmatic.com
3 image2.pubmatic.com ads.pubmatic.com
3 sync.crwdcntrl.net 2 redirects ads.pubmatic.com
3 s.amazon-adsystem.com 1 redirects aax-eu.amazon-adsystem.com
eus.rubiconproject.com
3 tpc.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
3 www.facebook.com connect.facebook.net
www.empowher.com
3 c.amazon-adsystem.com www.empowher.com
c.amazon-adsystem.com
2 ads.avct.cloud 2 redirects
2 pixel.onaudience.com 2 redirects
2 uipglob.semasio.net 1 redirects
2 ib.adnxs.com 2 redirects
2 pr-bh.ybp.yahoo.com 1 redirects
2 cr.frontend.weborama.fr 1 redirects ads.pubmatic.com
2 image6.pubmatic.com ads.pubmatic.com
2 eus.rubiconproject.com aax-eu.amazon-adsystem.com
eus.rubiconproject.com
2 ads.pubmatic.com aax-eu.amazon-adsystem.com
ads.pubmatic.com
2 u.openx.net 1 redirects aax-eu.amazon-adsystem.com
2 match.prod.bidr.io 2 redirects
2 www.google.ch www.empowher.com
2 www.google.com www.empowher.com
tpc.googlesyndication.com
2 stats.g.doubleclick.net www.google-analytics.com
www.googletagmanager.com
2 cdnjs.cloudflare.com www.empowher.com
1 image4.pubmatic.com
1 ups.analytics.yahoo.com 1 redirects
1 mwzeom.zeotap.com
1 cms.quantserve.com 1 redirects
1 simage4.pubmatic.com ads.pubmatic.com
1 px.ads.linkedin.com eus.rubiconproject.com
1 um.simpli.fi ads.pubmatic.com
1 dmp.adform.net 1 redirects
1 dis.criteo.com ads.pubmatic.com
1 pixel-eu.rubiconproject.com 1 redirects
1 us-u.openx.net u.openx.net
1 eu-u.openx.net u.openx.net
1 csync.loopme.me 1 redirects
1 eef74b84b43898e5862bfdedab000a60.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 region1.analytics.google.com www.googletagmanager.com
1 hblg.media.net www.empowher.com
1 jadserve.postrelease.com s.ntv.io
1 www.googletagmanager.com www.google-analytics.com
1 aax.amazon-adsystem.com c.amazon-adsystem.com
1 api.privy.com widget.privy.com
1 tag.marinsm.com www.empowher.com
1 s.ntv.io www.empowher.com
1 contextual.media.net www.empowher.com
1 www.honcode.ch www.empowher.com
1 widget.privy.com www.empowher.com
1 s7.addthis.com www.empowher.com
1 ajax.googleapis.com www.empowher.com
1 fonts.googleapis.com www.empowher.com
126 63

This site contains links to these domains. Also see Links.

Domain
www.skinsafeproducts.com
xn--seo-ht8lex.kr
www.healthonnet.org
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-03-31 -
2024-03-30		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2023-08-07 -
2023-10-30		 3 months crt.sh
odc-addthis-prod-01.oracle.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-02-07 -
2024-02-07		 a year crt.sh
honcode.ch
GTS CA 1P5		 2023-08-13 -
2023-11-11		 3 months crt.sh
*.media.net
DigiCert TLS RSA SHA256 2020 CA1		 2023-02-10 -
2024-02-18		 a year crt.sh
c.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-02-28 -
2024-02-17		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-08-07 -
2023-10-30		 3 months crt.sh
*.ntv.io
DigiCert TLS RSA SHA256 2020 CA1		 2022-10-24 -
2023-10-26		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-06-06 -
2023-09-04		 3 months crt.sh
tag.marinsm.com
GlobalSign Atlas R3 DV TLS CA 2023 Q2		 2023-07-01 -
2024-08-01		 a year crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-03-16 -
2024-03-08		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-08-07 -
2023-10-30		 3 months crt.sh
*.postrelease.com
Amazon RSA 2048 M01		 2023-02-09 -
2024-02-16		 a year crt.sh
www.google.com
GTS CA 1C3		 2023-08-07 -
2023-10-30		 3 months crt.sh
*.google.ch
GTS CA 1C3		 2023-08-07 -
2023-10-30		 3 months crt.sh
aax-eu.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-06-21 -
2024-03-02		 8 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-08-07 -
2023-10-30		 3 months crt.sh
*.openx.net
RapidSSL TLS RSA CA G1		 2023-08-18 -
2024-08-18		 a year crt.sh
*.pubmatic.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-01-25 -
2024-01-24		 a year crt.sh
*.rubiconproject.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-03-07 -
2024-04-03		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2023-04-12 -
2024-05-13		 a year crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-07-19 -
2023-10-18		 3 months crt.sh
*.simpli.fi
DigiCert TLS RSA SHA256 2020 CA1		 2022-11-07 -
2023-12-08		 a year crt.sh
track.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-09-20 -
2023-09-20		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-04-04 -
2023-09-27		 6 months crt.sh

This page contains 16 frames:

Primary Page: https://www.empowher.com/users/samsondfneal
Frame ID: F58CCEE35588E70DD1F07A44FBF4F0BC
Requests: 71 HTTP requests in this frame

Frame: https://eef74b84b43898e5862bfdedab000a60.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 291F33598B7F69B68BDA3D7F02A98B62
Requests: 1 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-LoopMe_pm-db5_rbd_n-Beeswax_ox-db5&dcc=t
Frame ID: D2B80B7261FCECF965D8985282DF21AC
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 85CFC2859BDF7B89A6BA11BA0BD46C12
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: BD9E5D562CB8EB78361E301A3CFEE036
Requests: 2 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=n-Beeswax_n-LoopMe_ox-db5_pm-db5_rbd&fv=1.0&a=cm&cm3ppd=1&dmt=3
Frame ID: 343CF11F8DF805D3B09F0225BE688925
Requests: 3 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Frame ID: E1F0ECF0536E88641B528F744CA24D52
Requests: 7 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Frame ID: C1ED7F2B4BCA0190104082171C13757A
Requests: 19 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=a9eu&endpoint=eu
Frame ID: B6182F10029B4EB993DD74C7B853F701
Requests: 12 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: 79F34F910298EE4393DF95C64BD3CA14
Requests: 1 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/ecm3?ex=pubmatic.com&id=PM_UIDC36A9F12-5A1E-417A-81A4-5A5E941F99D0
Frame ID: 1015E22F38056A1056F66AB6396AFF01
Requests: 1 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?party=14&cid=C36A9F12-5A1E-417A-81A4-5A5E941F99D0&gdpr=0&gdpr_consent=
Frame ID: 087364FD406651847F0196AF5CB958D9
Requests: 1 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=C36A9F12-5A1E-417A-81A4-5A5E941F99D0&redir=true&gdpr=0&gdpr_consent=
Frame ID: 72E68458CF103AC493AAA4DC3FDA2E27
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=4DeLqbBm2fP7Ydb8tzPD_eRg26j7Oo_64TrAF8No
Frame ID: 397F3A5050639C18B5F74C45E413486C
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=7405929588912227224&gdpr=0&gdpr_consent=
Frame ID: 4A2BE80AF5AA6116CEECF433AB777377
Requests: 1 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/ecm3?ex=pubmatic.com&id=PM_UIDC36A9F12-5A1E-417A-81A4-5A5E941F99D0
Frame ID: D3646C82935CD4A8961E275C4DD55C03
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

samsondfneal's Profile

Page URL History Show full URLs

  1. https://www.empowher.com/user/4213177 HTTP 301
    https://www.empowher.com/users/samsondfneal Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <(?:link|style)[^>]+"/sites/(?:default|all)/(?:themes|modules)/
Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • addthis\.com/js/
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • cookieconsent\.min\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

126
Requests

82 %
HTTPS

39 %
IPv6

40
Domains

63
Subdomains

47
IPs

8
Countries

1224 kB
Transfer

3739 kB
Size

47
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://www.empowher.com/user/4213177 HTTP 301
    https://www.empowher.com/users/samsondfneal Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 63
  • https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-LoopMe_pm-db5_rbd_n-Beeswax_ox-db5 HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-LoopMe_pm-db5_rbd_n-Beeswax_ox-db5&dcc=t
Request Chain 72
  • https://match.prod.bidr.io/cookie-sync/amzn?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dbeeswax.com%26id%3D%24UID HTTP 303
  • https://match.prod.bidr.io/cookie-sync/amzn?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dbeeswax.com%26id%3D%24UID&_bee_ppp=1 HTTP 303
  • https://s.amazon-adsystem.com/ecm3?id=AADEe07J1_0AACS4CUPu7w&ex=beeswax.com
Request Chain 73
  • https://csync.loopme.me/?pubid=11405&redirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dloopme.com%26id%3D%7Bviewer_token%7D HTTP 307
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=loopme.com&id=d4a50318-5d47-4aeb-90e8-4ef4dbbf95b0
Request Chain 74
  • https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D HTTP 302
  • https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Request Chain 80
  • https://c1.adform.net/serving/cookie/match?party=22 HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=22 HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=7109418790429191185
Request Chain 84
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESED8eM3tNuGF8Ctadvh14_ng&google_cver=1
Request Chain 86
  • https://pixel-eu.rubiconproject.com/exchange/sync.php?p=a9eu&khaos=LLU88NWD-25-28WG HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/ecm3?id=LLU88NWD-25-28WG&ex=d-rubiconproject.com&status=ok
Request Chain 89
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=w2qfEloeQXqBpFpelB-Z0A%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Request Chain 90
  • https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=C36A9F12-5A1E-417A-81A4-5A5E941F99D0&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=C36A9F12-5A1E-417A-81A4-5A5E941F99D0&gdpr=0&gdpr_consent=&ct=y
Request Chain 91
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent= HTTP 307
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=3541310003
Request Chain 92
  • https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=C36A9F12-5A1E-417A-81A4-5A5E941F99D0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=MWJpcmZjbXdTVi1SWGU2dE5CbEE4QlNPQQ==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%253D%253D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://dmp.adform.net/serving/cookie/match/?party=1003&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://a.audrte.com/a?adform_uid=8927798110021034030&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D HTTP 302
  • https://a.audrte.com/p
Request Chain 93
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=QzM2QTlGMTItNUExRS00MTdBLTgxQTQtNUE1RTk0MUY5OUQw&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 94
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEFFGk97PENHzOJ6KJVHi8IU&google_cver=1
Request Chain 97
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=8927798110021034030
Request Chain 98
  • https://token.rubiconproject.com/token?pid=25470 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TExVODhOV0QtMjUtMjhXRw== HTTP 302
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEHHmIYM2vABMu-EPmXldzP4&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TExVODhOV0QtMjUtMjhXRw==&google_push=
Request Chain 100
  • https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MWY5ZWE2NzBkZTUxYzNiNDg0NDVjYzc4NjliMTJlYTI5ODViZmRhNg
Request Chain 101
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id= HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=3R6chNi3RdG-1Ab8nBvPnQ&rk=usync-other HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=3R6chNi3RdG-1Ab8nBvPnQ
Request Chain 102
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEA1OeHO-pPsenmDy5nSMp3Y&google_cver=1
Request Chain 103
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=OoSZ6DfERB-5XGBntIMu0Q&rk=usync-na HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=OoSZ6DfERB-5XGBntIMu0Q
Request Chain 104
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/goQXRBWVg7tAJ8hD1WKyzsn5EUdSAgOZEtemQ7w0kco?csrc= HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-abo6Aw5E2oLJ1.i72R2.21QZWpYvxTHwbDz3cQ--~A
Request Chain 105
  • https://token.rubiconproject.com/token?pid=36584 HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LLU88NWD-25-28WG
Request Chain 116
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=4DeLqbBm2fP7Ydb8tzPD_eRg26j7Oo_64TrAF8No
Request Chain 117
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA%3D%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=7405929588912227224&gdpr=0&gdpr_consent=
Request Chain 120
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=C36A9F12-5A1E-417A-81A4-5A5E941F99D0&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=C36A9F12-5A1E-417A-81A4-5A5E941F99D0&sInitiator=external&gdpr=0&gdpr_consent=
Request Chain 121
  • https://pixel.onaudience.com/?partner=214&mapped=C36A9F12-5A1E-417A-81A4-5A5E941F99D0&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=fa040765320200c3/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D HTTP 302
  • https://pixel.onaudience.com/?partner=104&icm&cver&mapped=64bb6e8879de5971836bf4a2a0b79e5e&gdpr=0 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
Request Chain 123
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=C36A9F12-5A1E-417A-81A4-5A5E941F99D0&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-L9XOKd5E2uUSCMQsC64qVlTw9kBnE7A-~A&gdpr=0
Request Chain 124
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.avct.cloud/getuid?url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dpubmatic HTTP 307
  • https://ads.avct.cloud/getuid?bounce=true&url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dpubmatic HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=59&user_id=21155e57-b0ec-4b4c-b4fd-677d2fd47f6b&ssp=pubmatic HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=5b830d76-6663-4cb7-ba69-4f0b6483c74c&gdpr=&gdpr_consent=&gdpr_pd=

126 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request samsondfneal
www.empowher.com/users/
Redirect Chain
  • https://www.empowher.com/user/4213177
  • https://www.empowher.com/users/samsondfneal
37 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.empowher.com/users/samsondfneal
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:b97 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7c046b6d8516aec1b57f9fb3673185fa458f45e7a1c10e52f18e3e11d15c0f0d

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

age
0
cache-control
no-cache, must-revalidate, post-check=0, pre-check=0
cf-cache-status
DYNAMIC
cf-ray
7fd8edec6e784c76-MXP
content-encoding
br
content-type
text/html; charset=utf-8
date
Mon, 28 Aug 2023 01:54:59 GMT
is-logged-in
False
last-modified
Mon, 28 Aug 2023 01:54:58 +0000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
p3p
CP="We do not have a P3P policy."
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8IMoMvxLPhO50SNpdOK2JufnpAQ8lQzESGzI5aXPHyvx1KVeHSxu8NWmTtrYi4kM6HVN6I8skdmcKwObMdVmZ8cBpDOtrwZwt7Pzmic38hobIleJMvf6hSM7%2FDTOOcTSizrQHo%2F8lzjm%2BFw0mws%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
via
1.1 varnish-v4
x-cache
MISS
x-cacheable
NO: !beresp.cacheable
x-debug-ip
Client IP: Forwarded: 2a00:bd80:a901:0:394::1, 2a00:bd80:a901:0:394::1, 127.0.0.1...
x-postproc
SESSce6bccc42be748aec24dd90a6cb095af=4df206f2b1bd9ec5dca59d0f59efc1a0
x-varnish
229676500

Redirect headers

age
0
cache-control
no-cache, must-revalidate, post-check=0, pre-check=0
cf-cache-status
DYNAMIC
cf-ray
7fd8ede8accb4c76-MXP
content-type
text/html; charset=utf-8
date
Mon, 28 Aug 2023 01:54:58 GMT
is-logged-in
False
last-modified
Mon, 28 Aug 2023 01:54:58 +0000
location
https://www.empowher.com/users/samsondfneal
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
p3p
CP="We do not have a P3P policy."
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Zn%2B5O9RiIL4cuR2AtoBs2PbHDQOzOBRFnFuH45kJLcW59OUpaqeZ4Apd1H5ngt2Jg6DMvRifaMfvEY0cj60%2Fwmo62au9EVKe2X7s%2F2CnwQkB4YS18gFE0z53FN6RDb1h4n9S3RiY8HLNT5fxe4k%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
via
1.1 varnish-v4
x-cache
MISS
x-cacheable
NO: !beresp.cacheable
x-debug-ip
Client IP: Forwarded: 2a00:bd80:a901:0:394::1, 2a00:bd80:a901:0:394::1, 127.0.0.1...
x-drupal-cache
MISS
x-postproc
x-varnish
229524721
css_d2c0f541cc8b067be9283397975a6af7.css
www.empowher.com/sites/default/files/css/ 		330 KB
60 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.empowher.com/sites/default/files/css/css_d2c0f541cc8b067be9283397975a6af7.css
Requested by
Host: www.empowher.com
URL: https://www.empowher.com/users/samsondfneal
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:b97 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b8571176689c69e86b7fa087b115ee8cfe6aa4398a8a39797ea035b86eb32975

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.empowher.com/users/samsondfneal
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 28 Aug 2023 01:55:00 GMT
via
1.1 varnish-v4
content-encoding
br
cf-cache-status
MISS
x-cacheable
YES
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache
MISS
x-debug-ip
Client IP: Forwarded: 2a00:bd80:a901:0:394::1, 2a00:bd80:a901:0:394::1, 127.0.0.1...
last-modified
Tue, 30 Jun 2020 18:20:23 GMT
server
cloudflare
etag
W/"5efb8267-528f1"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=isVmIsTrwPOghAWH0eUWwZ85c%2BJaq1lKY8nIIMpZWOWW0rIcFXYXC1As3YsGc2nU0gdMaWJSUE808%2FmZuWOWHERkkzvBQEYtFYSdsmeNUyQ96WD6tnUNxuv41yH4jlb%2FY%2FwojR4ZnFZ2rj3zpiA%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
x-varnish
229619991
cache-control
max-age=315360000
x-postproc
cf-ray
7fd8edef9fe84c76-MXP
navbar.css
www.empowher.com/sites/all/themes/blackwell/ 		9 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.empowher.com/sites/all/themes/blackwell/navbar.css?N
Requested by
Host: www.empowher.com
URL: https://www.empowher.com/users/samsondfneal
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:b97 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
37c3974fe9fcf3d844b0560a439e6fdad6118dd7a25c418c6a59a991beba3e97

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.empowher.com/users/samsondfneal
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 28 Aug 2023 01:54:59 GMT
via
1.1 varnish-v4
content-encoding
br
cf-cache-status
HIT
x-cacheable
YES
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
103405
cf-polished
origSize=11454
x-cache
HIT
x-debug-ip
Client IP: Forwarded: 85.65.239.46, 85.65.239.46, 127.0.0.1...
cf-bgj
minify
last-modified
Tue, 18 Feb 2020 18:08:24 GMT
server
cloudflare
etag
W/"5e4c2818-2cbe"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2liZJG5PAcfshkBkHfxIDKiAj8iP4mRwPZmTORoaM3n%2BySSVSRdsXwAfUEdyrs7kQSnKETU4WLWbJKEbhKcJHXv%2BmtAQgYQBOfKq9%2F6Q6TkpzLKKBOZfWngb18QsPAvyarGubjffJWNvl7klLX8%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
x-varnish
225348702 225348342
cache-control
max-age=315360000
x-postproc
cf-ray
7fd8edef9fea4c76-MXP
x-cache-hits
1
style-user.css
www.empowher.com/sites/all/themes/blackwell/ 		47 KB
10 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.empowher.com/sites/all/themes/blackwell/style-user.css
Requested by
Host: www.empowher.com
URL: https://www.empowher.com/users/samsondfneal
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:b97 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a51884996ce93f9dbd4fab23ace08670de6a6521aa59235e31479a8520eacfc0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.empowher.com/users/samsondfneal
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 28 Aug 2023 01:54:59 GMT
via
1.1 varnish-v4
content-encoding
br
cf-cache-status
MISS
x-cacheable
YES
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache
MISS
x-debug-ip
Client IP: Forwarded: 2a00:bd80:a901:0:394::1, 2a00:bd80:a901:0:394::1, 127.0.0.1...
last-modified
Tue, 18 Feb 2020 18:08:24 GMT
server
cloudflare
etag
W/"5e4c2818-bb18"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=idtcNBYvrW29wtGcSJ8hln%2FFinAlkNcVC7FuUSp0yKyyivTG5va58z1QMHdRguSEtYXshoh7xlAVcxU%2FNJKR%2FbRQet7n3BDd00MYmtBYAdwbUNLg85w7j24zo5rsqhUA%2BP%2Fdv6t0Rc3VDyg%2FsGE%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
x-varnish
229524727
cache-control
max-age=315360000
x-postproc
cf-ray
7fd8edef9feb4c76-MXP
css
fonts.googleapis.com/ 		7 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,300,600
Requested by
Host: www.empowher.com
URL: https://www.empowher.com/users/samsondfneal
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
83d6a46448afb87cedc4b6d5204b05ea79df73d5c8b911fff76dee3219ee9281
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.empowher.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 28 Aug 2023 01:54:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 28 Aug 2023 01:54:59 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 28 Aug 2023 01:54:59 GMT
js_d6495b7524174c309854d6517f21d838.js
www.empowher.com/sites/default/files/js/ 		129 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.empowher.com/sites/default/files/js/js_d6495b7524174c309854d6517f21d838.js
Requested by
Host: www.empowher.com
URL: https://www.empowher.com/users/samsondfneal
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:b97 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2182eb709bed62124f0e81deb88322533f2f0f004972295cd80499e6fec25fa1

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.empowher.com/users/samsondfneal
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 28 Aug 2023 01:54:59 GMT
via
1.1 varnish-v4
content-encoding
br
cf-cache-status
MISS
x-cacheable
YES
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache
MISS
x-debug-ip
Client IP: Forwarded: 2a00:bd80:a901:0:394::1, 2a00:bd80:a901:0:394::1, 127.0.0.1...
last-modified
Tue, 30 Jun 2020 18:20:22 GMT
server
cloudflare
etag
W/"5efb8266-205a5"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8YSiAiyg%2F7bN9SlDz%2FUY9d%2FhvqsNNhzF6sC0nhfSAVffyL54noxT%2Fg94nqWh%2B4Snv%2BlzAR7%2FrePyRau8aIl1Gpp3ShJwV9QqFgLulQ3%2BLyGBod%2FzTTJ5mfmv%2FZQe7op7AtFSv7osnWWOzQhofjE%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-varnish
229524730
cache-control
max-age=315360000
x-postproc
cf-ray
7fd8edef9fec4c76-MXP
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.10.1/ 		91 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.10.1/jquery.min.js
Requested by
Host: www.empowher.com
URL: https://www.empowher.com/users/samsondfneal
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8bf150f6b29d6c9337de6c945a8f63c929b203442040688878bc2753fe13e007
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.empowher.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 21 Aug 2023 10:44:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
573023
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
32984
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 20 Aug 2024 10:44:36 GMT
bootstrap.min.js
www.empowher.com/sites/all/themes/blackwell/js/ 		35 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.empowher.com/sites/all/themes/blackwell/js/bootstrap.min.js
Requested by
Host: www.empowher.com
URL: https://www.empowher.com/users/samsondfneal
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:b97 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d5fd173d00d9733900834e0e1083de86b532e048b15c0420ba5c2db0623644b8

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.empowher.com/users/samsondfneal
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 28 Aug 2023 01:54:59 GMT
via
1.1 varnish-v4
content-encoding
br
cf-cache-status
HIT
x-cacheable
YES
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
265987
x-cache
MISS
x-debug-ip
Client IP: Forwarded: 2001:16a2:79ac:9d00:d180:8314:a954:7e60, 2001:16a2:79ac:9d00:d180:8314:a954:7e60, 127.0.0.1...
last-modified
Tue, 18 Feb 2020 18:08:24 GMT
server
cloudflare
etag
W/"5e4c2818-8c6f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5aq6ZB0ct0EF1uWdgZ8PxQTOcg6mTtY1WRraxFyjmKyp3gsQvMgVOubLXG3ty2BO9HVU9OlhfQUCaFILwzQRzJMZp%2FnMcMWkH75B1tHP2SYKGZNrrsWNcF6i9wgLOr%2F%2FKEpcsTXZ2vCxE1OA4NQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-varnish
226023130
cache-control
max-age=315360000
x-postproc
cf-ray
7fd8edef9fed4c76-MXP
bootstrap-hover-dropdown.min.js
www.empowher.com/sites/all/themes/blackwell/js/ 		1 KB
996 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.empowher.com/sites/all/themes/blackwell/js/bootstrap-hover-dropdown.min.js
Requested by
Host: www.empowher.com
URL: https://www.empowher.com/users/samsondfneal
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:b97 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d29d000556b37c68c8a38e57ee0b4838d6bc7d2fa656c54dedf5f4ee9b6b005d

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.empowher.com/users/samsondfneal
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 28 Aug 2023 01:54:59 GMT
via
1.1 varnish-v4
content-encoding
br
cf-cache-status
HIT
x-cacheable
YES
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
103404
x-cache
HIT
x-debug-ip
Client IP: Forwarded: 85.65.239.46, 85.65.239.46, 127.0.0.1...
last-modified
Tue, 18 Feb 2020 18:08:24 GMT
server
cloudflare
etag
W/"5e4c2818-5d0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X44gQjguH%2FwjG3M4d8lzOU%2Byl3OKNNyC%2BIxxDZAVKyJ%2BhWIAWFFQBdmg1uYzMF%2F3pct83sh%2BTaD3issvB9%2B%2Fsqm8Bfz8Yz2sEdMjikJG8aGDWrFEENeU889qVWWJXsBXz6rQOxfQjFacwiJiD8E%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-varnish
223620327 222756286
cache-control
max-age=315360000
x-postproc
cf-ray
7fd8edef9fee4c76-MXP
x-cache-hits
1
jquery.scrolldepth.min.js
www.empowher.com/sites/all/themes/blackwell/js/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.empowher.com/sites/all/themes/blackwell/js/jquery.scrolldepth.min.js
Requested by
Host: www.empowher.com
URL: https://www.empowher.com/users/samsondfneal
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:b97 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3d553f17fdfd8d3a2dd97c541ac3ad2a4a6dcf505305037b8d7d78790cf085b4

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.empowher.com/users/samsondfneal
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 28 Aug 2023 01:54:59 GMT
via
1.1 varnish-v4
content-encoding
br
cf-cache-status
HIT
x-cacheable
YES
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
103404
x-cache
HIT
x-debug-ip
Client IP: Forwarded: 85.65.239.46, 85.65.239.46, 127.0.0.1...
last-modified
Tue, 18 Feb 2020 18:08:24 GMT
server
cloudflare
etag
W/"5e4c2818-d51"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C049mPnjcTBZZj4cY0hrESrqiguioqusYPIphEhTI70XX5PGgfxrrlMOqHAKSRGEfKu6qj%2F%2Fa6wr085CvXOCm9%2BbCNRXv37fMolJiOPFCqDcbgPl4qZdoa4LLMM5YGImqShcr%2BMdDsVAxA0YZmU%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-varnish
223620325 222756289
cache-control
max-age=315360000
x-postproc
cf-ray
7fd8edef9fef4c76-MXP
x-cache-hits
1
jquery.tools.min.js
www.empowher.com/sites/all/themes/blackwell/js/ 		45 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.empowher.com/sites/all/themes/blackwell/js/jquery.tools.min.js
Requested by
Host: www.empowher.com
URL: https://www.empowher.com/users/samsondfneal
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:b97 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dfe4d56a7fc93e6699273e82312b3936906a121bf2f97a43380a153c31a00892

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.empowher.com/users/samsondfneal
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 28 Aug 2023 01:54:59 GMT
via
1.1 varnish-v4
content-encoding
br
cf-cache-status
HIT
x-cacheable
YES
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
265987
x-cache
MISS
x-debug-ip
Client IP: Forwarded: 2001:16a2:79ac:9d00:d180:8314:a954:7e60, 2001:16a2:79ac:9d00:d180:8314:a954:7e60, 127.0.0.1...
last-modified
Tue, 18 Feb 2020 18:08:24 GMT
server
cloudflare
etag
W/"5e4c2818-b5d3"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Zw%2BjyoQTq11KhaobJtuD96JMWPCApXNAy298rrxFOSE%2BLDovtv9RSMSYc0VLU%2Bl1ClsvCaHEAm5rW7chI7abbcOBaHVSs7uTungFPKl6NMO39vQ3wGpFNp8BZjnHt4u1TJ5Hdp6vt3d0f92q7Ag%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-varnish
227156838
cache-control
max-age=315360000
x-postproc
cf-ray
7fd8edef9ff04c76-MXP
emp.js
www.empowher.com/sites/all/themes/blackwell/js/ 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.empowher.com/sites/all/themes/blackwell/js/emp.js
Requested by
Host: www.empowher.com
URL: https://www.empowher.com/users/samsondfneal
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:b97 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
629019c3f248473efe64d5fdbf31209d07d997a5269b16c5e4baeeccbffe6ecf

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.empowher.com/users/samsondfneal
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 28 Aug 2023 01:54:59 GMT
via
1.1 varnish-v4
content-encoding
br
cf-cache-status
HIT
x-cacheable
YES
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
103404
cf-polished
origSize=23865
x-cache
HIT
x-debug-ip
Client IP: Forwarded: 85.65.239.46, 85.65.239.46, 127.0.0.1...
cf-bgj
minify
last-modified
Tue, 18 Feb 2020 18:08:24 GMT
server
cloudflare
etag
W/"5e4c2818-5d39"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eFUrxpMxPQzJgH6X6LC0wnpUKj6HuYXHrBE%2BMNofu6r5pat%2FUXSvqSx5HvF%2F4n9urZUHg2r%2FNGV8V6XT69x7beMRSdEvDeSulLDeyGhx%2FEonMRgeDJaeVSTFdZm0mGIVH9yHWGEZbVZeaUXQ5gk%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-varnish
223620329 222756294
cache-control
max-age=315360000
x-postproc
cf-ray
7fd8edef9ff24c76-MXP
x-cache-hits
1
addthis_widget.js
s7.addthis.com/js/300/ 		56 B
361 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s7.addthis.com/js/300/addthis_widget.js
Requested by
Host: www.empowher.com
URL: https://www.empowher.com/users/samsondfneal
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.96.119 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-16-96-119.deploy.static.akamaitechnologies.com
Software
Oracle API Gateway /
Resource Hash
f475c34186022ba531ebc8bba97fc10df7e4c3ea854f314a18ab0644c851620d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.empowher.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 28 Aug 2023 01:55:00 GMT
server
Oracle API Gateway
opc-request-id
/AC47FC1AE0367A1CD8C6DD914E54B3D6/BA0183179D004424E9A839D3AE2254F0
x-frame-options
sameorigin
vary
Accept-Encoding
content-type
text/javascript
x-distribution
99
x-host
s7.addthis.com
content-length
76
x-xss-protection
1; mode=block
widget.js
widget.privy.com/assets/ 		332 KB
103 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widget.privy.com/assets/widget.js
Requested by
Host: www.empowher.com
URL: https://www.empowher.com/users/samsondfneal
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:146c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
64a531f11c7d4d3ae1e84d034996fdc232a2492c36e59be8bfd53b94a656c621
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.empowher.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 28 Aug 2023 01:55:00 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 vegur, 1.1 6c3e48e00c5cc82a938a68d74aa420d8.cloudfront.net (CloudFront)
cf-cache-status
HIT
last-modified
Fri, 25 Aug 2023 23:12:14 GMT
server
cloudflare
content-encoding
gzip
x-amz-cf-pop
MXP64-C1
age
1578
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=1800
cf-ray
7fd8edf5dea4839a-MXP
x-amz-cf-id
DzIlxspfykN1Tu6MxJQPHR5kLznrubPUXQ1-X8EvU2g96UL7BP0ErA==
css_f0163f14e18c27011243a3cee920ebe1.css
www.empowher.com/sites/default/files/css/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.empowher.com/sites/default/files/css/css_f0163f14e18c27011243a3cee920ebe1.css
Requested by
Host: www.empowher.com
URL: https://www.empowher.com/users/samsondfneal
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:b97 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7d3b7e88b3c83dd902ced3b8daaa79f99eec78ccd9002f6b312b65d5aef381f1

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.empowher.com/users/samsondfneal
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 28 Aug 2023 01:55:00 GMT
via
1.1 varnish-v4
content-encoding
br
cf-cache-status
HIT
x-cacheable
YES
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
265985
cf-polished
origSize=1880
x-cache
MISS
x-debug-ip
Client IP: Forwarded: 2001:16a2:79ac:9d00:d180:8314:a954:7e60, 2001:16a2:79ac:9d00:d180:8314:a954:7e60, 127.0.0.1...
cf-bgj
minify
last-modified
Tue, 30 Jun 2020 18:20:22 GMT
server
cloudflare
etag
W/"5efb8266-758"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K6z3eXxP%2BgqeAqoKI1iTBkhkI7T3YDetN0W3sfCowG2XkT4IMLUsb%2BuCTBxcXjBr17afPzMOw%2FWej5yJ%2FQtebM923V2mznO43K%2BF8pDty%2BrRm4IbXxCxKLjy8HUACR1HzeRyla8hyWjFvuAvLek%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
x-varnish
227773450
cache-control
max-age=315360000
x-postproc
cf-ray
7fd8edf5ba4c4c76-MXP
cookieconsent.min.css
cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.0.3/ 		4 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.0.3/cookieconsent.min.css
Requested by
Host: www.empowher.com
URL: https://www.empowher.com/users/samsondfneal
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
456ab1a71507ed91abae14c9d08faffb373a7bc711a66e44341b7b8b7bb72ab4
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.empowher.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 28 Aug 2023 01:54:59 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
6399561
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
948
last-modified
Mon, 04 May 2020 16:09:17 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e2d-f62"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zTjMkx1kdnddKtWzz%2BdfeAZN7Y9kYx2khkeo5n4qXEFce1S%2FlHluz4q1PHW2b01Vn3gVm9hXcFNUfzUFiiPI4141HSMauvbTNB%2BgKTMDoCgBP6CHBHylBy6ctvLsxa5mOI3pnv6FJIVA6JSkmpox8gyu"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7fd8edf07f9724c4-ZRH
expires
Sat, 17 Aug 2024 01:54:59 GMT
cookieconsent.min.js
cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.0.3/ 		19 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.0.3/cookieconsent.min.js
Requested by
Host: www.empowher.com
URL: https://www.empowher.com/users/samsondfneal
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
af4c6683814aa527caf53bde3d021e6aafe00833b45f2dead043c87ed7864674
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.empowher.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 28 Aug 2023 01:54:59 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
6661325
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
5676
last-modified
Mon, 04 May 2020 16:09:17 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e2d-4d5a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M%2Fflg6W4duXXu4XdHT6v7notGJHqwJmFu8J%2F%2BNNDe2Y9j1oe2lFCZCotENJbnCbxaM7ngN4cqPZFHCGLvsOdQG2cF0tOpy1djqjCsdCaCG1yr4QjpZdCePXjG92BFDSA9U8CjNi6VLo%2Fiv%2FNKK0BIITb"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7fd8edf07f9924c4-ZRH
expires
Sat, 17 Aug 2024 01:54:59 GMT
Untitled%20design-4%20copy%202_0.jpg
www.empowher.com/sites/default/files/herarticle/ 		54 KB
55 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.empowher.com/sites/default/files/herarticle/Untitled%20design-4%20copy%202_0.jpg
Requested by
Host: www.empowher.com
URL: https://www.empowher.com/users/samsondfneal
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:b97 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cdaac4172371a0d13c66325be74f92f4cb23575f7f8a2781d1d74323f926c720

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.empowher.com/users/samsondfneal
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 28 Aug 2023 01:55:00 GMT
via
1.1 varnish-v4
cf-cache-status
HIT
x-cacheable
YES
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
103404
x-cache
HIT
content-length
55546
x-debug-ip
Client IP: Forwarded: 85.65.239.46, 85.65.239.46, 127.0.0.1...
cf-bgj
h2pri
last-modified
Tue, 30 Jun 2020 19:17:45 GMT
server
cloudflare
etag
"5efb8fd9-d8fa"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EilbZ1a5y1aMhxVe77IkqXuFfEhjjqAVQ5IA9RfpFGaRcjiQyd8HRdr0j8IWFJchJf%2BmS0jL72x0m0oBmyvFcbcecXj%2B0F6lmD%2Fzem1O0MTi3tKYVKq6GGM6f6DxaMSuEj%2F75pkjgyIdrPQwsqg%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
x-varnish
223620333 225348355
cache-control
max-age=315360000
x-postproc
accept-ranges
bytes
cf-ray
7fd8edf5ba494c76-MXP
x-cache-hits
1
picture-4213177.png
www.empowher.com/sites/default/files/peoplepictures/ 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.empowher.com/sites/default/files/peoplepictures/picture-4213177.png
Requested by
Host: www.empowher.com
URL: https://www.empowher.com/users/samsondfneal
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:b97 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8ffc44bcd7df82a0d2ad084174ad7584250e3ae8f1e45cc3a1b1594b5861e074

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.empowher.com/users/samsondfneal
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 28 Aug 2023 01:55:00 GMT
via
1.1 varnish-v4
cf-cache-status
MISS
x-cacheable
YES
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache
MISS
content-length
28667
x-debug-ip
Client IP: Forwarded: 2a00:bd80:a901:0:394::1, 2a00:bd80:a901:0:394::1, 127.0.0.1...
last-modified
Tue, 22 Aug 2023 05:10:14 GMT
server
cloudflare
etag
"64e44336-6ffb"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xBQnk4Vk6MjWt%2BVBWlSiC3NyU%2BsfcU7yQb7mzkO9GCAIHR7kigryn1YJD8wjWJs10FBu1Z1XbQvk%2B8QyxdS1e8igtxlKJa2yd8u4v1stRU5D3lf3HAdFSLyOcmaApB%2F3rl5uC%2FAuWMX7BRHtg3A%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
x-varnish
229620000
cache-control
max-age=315360000
x-postproc
accept-ranges
bytes
cf-ray
7fd8edf5ba4a4c76-MXP
HONConduct884166_s2.gif
www.honcode.ch/HONcode/Seal/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.honcode.ch/HONcode/Seal/HONConduct884166_s2.gif
Requested by
Host: www.empowher.com
URL: https://www.empowher.com/users/samsondfneal
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:47a3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fa5278204f6f231236aa7c4734f6a380f4fce3636b8ac041d7aac61b742fc07b
Security Headers
Name Value
Strict-Transport-Security max-age=16000000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.empowher.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 28 Aug 2023 01:55:00 GMT
strict-transport-security
max-age=16000000
cf-cache-status
EXPIRED
last-modified
Fri, 01 May 2020 14:55:17 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"7ab-5a4975e8eff40-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oWs4ajtIiBuNIErfRdSbcRp1993P12%2F0sVtqk558HdlO90HVW%2BtfXMyHYb06%2BKgFa4XMZH5iF97Rxxx%2FZFp4rx1NkUDmzn9gi7eUvuaqB5uzz4%2F1kS8muz0dXynFSu7DE2PLRO%2BLpMojvFYAoQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
max-age=14400
cf-ray
7fd8edf61c3a0df1-MXP
alt-svc
h3=":443"; ma=86400
js_be6465d81f52c8e1262abafddfb6feca.js
www.empowher.com/sites/default/files/js/ 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.empowher.com/sites/default/files/js/js_be6465d81f52c8e1262abafddfb6feca.js
Requested by
Host: www.empowher.com
URL: https://www.empowher.com/users/samsondfneal
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:b97 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1c7adf907fdaeb92e7323570e9600071f5cc36b8c11372e0516acb4ce3edf7d3

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.empowher.com/users/samsondfneal
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 28 Aug 2023 01:54:59 GMT
via
1.1 varnish-v4
content-encoding
br
cf-cache-status
HIT
x-cacheable
YES
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
103402
cf-polished
origSize=15633
x-cache
HIT
x-debug-ip
Client IP: Forwarded: 85.65.239.46, 85.65.239.46, 127.0.0.1...
cf-bgj
minify
last-modified
Tue, 30 Jun 2020 18:20:23 GMT
server
cloudflare
etag
W/"5efb8267-3d11"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Gt8Iozbr1fPq2sk40Uga0%2FfBXtBF7RekLnNouh1HdZA5jiscrKxyoqTULcR9iIMeQ%2FqSgnIZItVzGEdf4FBNWuwU0VSzYJ4kF%2BmuF%2B5CMHjXeSphkWnIZfS8Ry%2BQensoaPuLGFs1PRkqN5XZWaU%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-varnish
223620338 225348352
cache-control
max-age=315360000
x-postproc
cf-ray
7fd8edf4d9f24c76-MXP
x-cache-hits
1
fivestar.js
www.empowher.com/sites/all/modules/contrib/fivestar/js/ 		16 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.empowher.com/sites/all/modules/contrib/fivestar/js/fivestar.js?1693187699
Requested by
Host: www.empowher.com
URL: https://www.empowher.com/users/samsondfneal
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:b97 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
62c53d8848db5c8251b277e9335e317af46c20f9599b69799256d81b4b3a67b1

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.empowher.com/users/samsondfneal
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 28 Aug 2023 01:55:00 GMT
via
1.1 varnish-v4
content-encoding
br
cf-cache-status
MISS
x-cacheable
YES
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache
MISS
x-debug-ip
Client IP: Forwarded: 2a00:bd80:a901:0:394::1, 2a00:bd80:a901:0:394::1, 127.0.0.1...
last-modified
Tue, 18 Feb 2020 18:08:24 GMT
server
cloudflare
etag
W/"5e4c2818-3fd0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9QNC5H30n7J11O59bW3syg3cj141pjBOMWfFnCzF3KaHEqZGI2I%2B5qRt5V0hYOk3SnlDKkMe%2BjrIlBbzOZX%2FR2JhxOaOI8jrTM2upAg38nZzI7nBbicsbt2FW1OQjdoIS0akMEuiiEVJB2KLxUY%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-varnish
229524736
cache-control
max-age=315360000
x-postproc
cf-ray
7fd8edf5ba4b4c76-MXP
bidexchange.js
contextual.media.net/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/bidexchange.js?cid=8CU3J5V33&version=3.1&https=1
Requested by
Host: www.empowher.com
URL: https://www.empowher.com/users/samsondfneal
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
72.246.168.23 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a72-246-168-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
d54c92c1b459e3b4a4fd2ce37492a629cffd6c0e595094c1042ae476923c7254
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.empowher.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
content-encoding
gzip
date
Mon, 28 Aug 2023 01:55:00 GMT
server
Apache
vary
Accept-Encoding
x-mnet-h
E
content-type
text/javascript; charset=utf-8
cache-control
max-age=0, no-cache, no-store
content-length
1194
expires
Mon, 28 Aug 2023 01:55:00 GMT
apstag.js
c.amazon-adsystem.com/aax2/ 		248 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: www.empowher.com
URL: https://www.empowher.com/users/samsondfneal
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.192.181 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-192-181.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c2636d239c265a5656677b6ed3f842f55edaf2040281669bcf3d173c8fbf4e3f

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.empowher.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 28 Aug 2023 01:04:16 GMT
content-encoding
gzip
via
1.1 00746b020527dcdbeca0dab6f6de299a.cloudfront.net (CloudFront), 1.1 1ac3fd533bf6be1b511077f8b8e23bfc.cloudfront.net (CloudFront)
last-modified
Thu, 24 Aug 2023 18:15:56 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1, FRA2-C1
age
3045
x-amz-server-side-encryption
AES256
etag
W/"761fb227b5d9333f86d2e976465cc3f4"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
x-amz-cf-id
tE7ZQEjd15ufWTsnEo4r9rGBmiHGv1FYgW7Ac1uyXC5Zv3WiKnltyw==
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.empowher.com
URL: https://www.empowher.com/users/samsondfneal
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.empowher.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 28 Aug 2023 01:44:23 GMT
last-modified
Mon, 12 Jun 2023 18:23:07 GMT
server
Golfe2
age
637
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Mon, 28 Aug 2023 03:44:23 GMT
load.js
s.ntv.io/serve/ 		615 KB
163 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.ntv.io/serve/load.js
Requested by
Host: www.empowher.com
URL: https://www.empowher.com/users/samsondfneal
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.32.185.42 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-185-42.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
7e8e0dd52fdad574552c3e7f492becb949de12a2936ddae55844807b3e80e90d

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.empowher.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 28 Aug 2023 01:55:00 GMT
Content-Encoding
gzip
x-amz-request-id
NNFXZ32T7TMZTEHV
x-amz-server-side-encryption
AES256
Transfer-Encoding
chunked
Connection
keep-alive, Transfer-Encoding
x-amz-id-2
YzKShMUeIp++v3XucJyCzEd0n7P0eeOMIeRzXhm9UeX+uacMWF/oZ9AJK2Cw3Bkj4bfJkmqFSh8=
Last-Modified
Thu, 17 Aug 2023 15:34:12 GMT
Server
AmazonS3
ETag
"db20caff20c655b418416921f457ce0c"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=3600
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
fbevents.js
connect.facebook.net/en_US/ 		193 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.empowher.com
URL: https://www.empowher.com/users/samsondfneal
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
9e41e783ec4cfc524c1666d1d5a4c805f8e92be52b030d130acfb31105e1e04c
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.empowher.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Mon, 28 Aug 2023 01:55:00 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
52127
x-xss-protection
0
pragma
public
x-fb-debug
fqzBO+A/Jxs+QM/9pVRwHXJ55IJOnEnqWizM3RDuqKZa2lLrYfTv7MHuiPE6EvG2dAVsscy5Kg23HC0c2Sri9A==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires
Sat, 01 Jan 2000 00:00:00 GMT
56941222330676224e000049.js
tag.marinsm.com/serve/ 		124 B
529 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tag.marinsm.com/serve/56941222330676224e000049.js
Requested by
Host: www.empowher.com
URL: https://www.empowher.com/users/samsondfneal
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.128.65 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Cowboy /
Resource Hash
40cb29c6823e44efb83a3f11ea4d5f63f6ba7d029afa2058205dbecfa7d9ca30
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.empowher.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 28 Aug 2023 01:55:00 GMT
Via
1.1 vegur, 1.1 varnish
X-Content-Type-Options
nosniff
Content-Encoding
gzip
Age
0
X-Cache
MISS
Connection
keep-alive
Content-Length
110
X-Served-By
cache-mxp6928-MXP
Server
Cowboy
X-Timer
S1693187700.182064,VS0,VE213
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
max-age=1800
Accept-Ranges
bytes
X-Cache-Hits
0
all.js
connect.facebook.net/en_US/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/all.js
Requested by
Host: www.empowher.com
URL: https://www.empowher.com/users/samsondfneal
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
9c85aee395c333fe01f55a26125cae905954edfa057c949185ed5deb0854302e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.empowher.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 28 Aug 2023 01:55:00 GMT
content-md5
KBXkJUbbdoubqQePlIVOqg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1686
x-fb-debug
8O8bKnCbASmulSemL9bwlBaFiDkv7rX+yP2gCboYaOD6EEexwhwqa3HsPgMeG+WoKacDSRk/44ErPYR/7uUHjg==
x-fb-content-md5
0bef66d0d973d7c683ac2fa1f1d8bc16
cross-origin-opener-policy
same-origin-allow-popups
etag
"93e42b46b27aa1c84742cb81338edd84"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
expires
Mon, 28 Aug 2023 02:01:48 GMT
jquery.cookie.js
www.empowher.com/sites/all/themes/blackwell/js/ 		827 B
798 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.empowher.com/sites/all/themes/blackwell/js/jquery.cookie.js
Requested by
Host: www.empowher.com
URL: https://www.empowher.com/sites/default/files/js/js_be6465d81f52c8e1262abafddfb6feca.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:b97 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
825bcade67052cde99899ccc90782226d1c1baab39244f26884dae084e7fc021

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.empowher.com/users/samsondfneal
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 28 Aug 2023 01:55:00 GMT
via
1.1 varnish-v4
content-encoding
br
cf-cache-status
HIT
x-cacheable
YES
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
103402
cf-polished
origSize=1535
x-cache
HIT
x-debug-ip
Client IP: Forwarded: 85.65.239.46, 85.65.239.46, 127.0.0.1...
cf-bgj
minify
last-modified
Tue, 18 Feb 2020 18:08:24 GMT
server
cloudflare
etag
W/"5e4c2818-5ff"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qePZMkTqyM2slm8KbAtJF25aT9h6dGC%2BrjjhipluI%2BNI9P0WSSSkotXZeYnMonrGpweU7%2Bcc74YBnizZsPCXeYSeWuU2%2FUp0zbj%2BK0b9%2FND%2F97sPk71C6Tvvc4U3xZ6tg%2BNLb45t%2BtHW%2FbbIJew%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-varnish
223620345 229015981
cache-control
max-age=315360000
x-postproc
cf-ray
7fd8edf5ba514c76-MXP
x-cache-hits
1
modals.js
www.empowher.com/sites/all/themes/blackwell/js/ 		4 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.empowher.com/sites/all/themes/blackwell/js/modals.js
Requested by
Host: www.empowher.com
URL: https://www.empowher.com/sites/default/files/js/js_be6465d81f52c8e1262abafddfb6feca.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:b97 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
29ce4d077043eb550f778602c3a213aa6e413823b5fe6cc30c4c7928b23694a2

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.empowher.com/users/samsondfneal
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 28 Aug 2023 01:55:00 GMT
via
1.1 varnish-v4
content-encoding
br
cf-cache-status
HIT
x-cacheable
YES
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
103402
cf-polished
origSize=6409
x-cache
HIT
x-debug-ip
Client IP: Forwarded: 2409:408c:259c:2e45:6b56:7efa:91b5:fdcb, 2409:408c:259c:2e45:6b56:7efa:91b5:fdcb, 127.0.0.1...
cf-bgj
minify
last-modified
Tue, 18 Feb 2020 18:08:24 GMT
server
cloudflare
etag
W/"5e4c2818-1909"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zVHpRz9oQwtrUbbk3Z7u2UwzH4hCAjCabDvbibDY2scBfogY5TexFbnfWn%2FVwY2awoVt1DBLQKSuUrLNgxACWnUSDScSu4L9MslBA3wQajkvoe8TSqvoY%2BC8B7LPgULv%2B8gLmnJPtO%2FLVD4bpH8%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-varnish
228950927 223620191
cache-control
max-age=315360000
x-postproc
cf-ray
7fd8edf5ba524c76-MXP
x-cache-hits
2
ad-label-vert.gif
www.empowher.com/sites/all/themes/blackwell/images/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.empowher.com/sites/all/themes/blackwell/images/ad-label-vert.gif
Requested by
Host: www.empowher.com
URL: https://www.empowher.com/sites/default/files/css/css_d2c0f541cc8b067be9283397975a6af7.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:b97 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8a57b79b77e9b4a9f191413e2e4582b3b09b95f40a7a7f360234d9c7c5103eba

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.empowher.com/sites/default/files/css/css_d2c0f541cc8b067be9283397975a6af7.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 28 Aug 2023 01:55:00 GMT
via
1.1 varnish-v4
cf-cache-status
HIT
x-cacheable
YES
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
265985
x-cache
MISS
content-length
1152
x-debug-ip
Client IP: Forwarded: 2001:16a2:79ac:9d00:d180:8314:a954:7e60, 2001:16a2:79ac:9d00:d180:8314:a954:7e60, 127.0.0.1...
last-modified
Tue, 18 Feb 2020 18:08:24 GMT
server
cloudflare
etag
"5e4c2818-480"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DksQnmQoXs0ON5ok6pgf4EhZ3NjNTEorpwHw93UD717Nxp%2BSw9Vi2wAgJ61ZbuZlvQ9iQDartzX3ug9tZ68H0famRDvbJFuia8FCEis%2FujQJT1oPlli3LwH75fFdgJecfqh8otuTqiSKAc9qFX4%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
x-varnish
227228071
cache-control
max-age=315360000
x-postproc
accept-ranges
bytes
cf-ray
7fd8edf5ca574c76-MXP
icons.png
www.empowher.com/sites/all/themes/blackwell/images/ 		21 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.empowher.com/sites/all/themes/blackwell/images/icons.png
Requested by
Host: www.empowher.com
URL: https://www.empowher.com/sites/default/files/css/css_d2c0f541cc8b067be9283397975a6af7.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:b97 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb4c26248b227477ac86e55431f1478db8a2bab39352585519b9c7e08d88d4a5

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.empowher.com/sites/default/files/css/css_d2c0f541cc8b067be9283397975a6af7.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 28 Aug 2023 01:55:00 GMT
via
1.1 varnish-v4
cf-cache-status
HIT
x-cacheable
YES
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
265985
x-cache
MISS
content-length
21655
x-debug-ip
Client IP: Forwarded: 2001:16a2:79ac:9d00:d180:8314:a954:7e60, 2001:16a2:79ac:9d00:d180:8314:a954:7e60, 127.0.0.1...
last-modified
Tue, 18 Feb 2020 18:08:24 GMT
server
cloudflare
etag
"5e4c2818-5497"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qNK3Ztq2EMHSUsb%2Bi2d50jpJoBus%2B%2BVC3X496qPajIfJYv6KGFKPfo4JlsM5SHs3%2Bjrp%2BxE%2FN3Pt2AIWc0ZDF%2FWdl9ogmaZP%2BGIJQOe%2Fb5ZOkn8E4yJFbGLiWAeIDOtv7C580CfbslK2xdg6eKo%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
x-varnish
227228074
cache-control
max-age=315360000
x-postproc
accept-ranges
bytes
cf-ray
7fd8edf5ca584c76-MXP
default-sprite.png
www.empowher.com/sites/all/themes/blackwell/images/ 		24 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.empowher.com/sites/all/themes/blackwell/images/default-sprite.png
Requested by
Host: www.empowher.com
URL: https://www.empowher.com/sites/default/files/css/css_d2c0f541cc8b067be9283397975a6af7.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:b97 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
701d38f6b8d480f286b457439a8bdb3ce29c5d913c680429754efdb4f8a9562d

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.empowher.com/sites/default/files/css/css_d2c0f541cc8b067be9283397975a6af7.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 28 Aug 2023 01:55:00 GMT
via
1.1 varnish-v4
cf-cache-status
HIT
x-cacheable
YES
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
103402
x-cache
HIT
content-length
24919
x-debug-ip
Client IP: Forwarded: 85.65.239.46, 85.65.239.46, 127.0.0.1...
last-modified
Tue, 18 Feb 2020 18:08:24 GMT
server
cloudflare
etag
"5e4c2818-6157"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=khbtJMmDHDPGguXDIOOZE1PSyzd3uNwJd1Xx0xNJDFgmH%2FN1%2BgfyykEzrbgUwBNlA1MNz8jY9EdvpbcmDPGgXyIIV%2BuqnWhn7F39lDCYQQlULJchBDPwSzZoSyPSQLPE8d4DUKpfXUx3Jv5UQBw%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
x-varnish
228950925 225348364
cache-control
max-age=315360000
x-postproc
accept-ranges
bytes
cf-ray
7fd8edf5ca5a4c76-MXP
x-cache-hits
1
ad-label-horz.gif
www.empowher.com/sites/all/themes/blackwell/images/ 		116 B
443 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.empowher.com/sites/all/themes/blackwell/images/ad-label-horz.gif
Requested by
Host: www.empowher.com
URL: https://www.empowher.com/sites/default/files/css/css_d2c0f541cc8b067be9283397975a6af7.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:b97 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9a5b84b047c9cc91ed81c5a043634d21df2a87dbb0cac52fa8b972206c8b54f2

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.empowher.com/sites/default/files/css/css_d2c0f541cc8b067be9283397975a6af7.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 28 Aug 2023 01:55:00 GMT
via
1.1 varnish-v4
cf-cache-status
HIT
x-cacheable
YES
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
103402
x-cache
HIT
content-length
116
x-debug-ip
Client IP: Forwarded: 2409:408c:259c:2e45:6b56:7efa:91b5:fdcb, 2409:408c:259c:2e45:6b56:7efa:91b5:fdcb, 127.0.0.1...
last-modified
Tue, 18 Feb 2020 18:08:24 GMT
server
cloudflare
etag
"5e4c2818-74"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KtTdVHJnembsLEDacBEY5SIdnTyHlD6KfYrrb1ocHAIoukWUGJ5VAhRWfQBI5kBh3iKFm%2F9b81aeUAsWv%2Fi301geVBQyQwKS3pYhZX%2FK%2FOAFKA%2FLcMB%2FV8Px58jLbUyA2GMDuG1g%2BKnVX6Syk%2Bo%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
x-varnish
223620347 223276397
cache-control
max-age=315360000
x-postproc
accept-ranges
bytes
cf-ray
7fd8edf5ca5b4c76-MXP
x-cache-hits
1
all.js
connect.facebook.net/en_US/ 		304 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/all.js?hash=6b3313ad2573013d2ee8359a1195edff
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
8c63a7f821285b4c21d5849015f798e977bf3b9b7e173d498b5c3ac005764c34
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.empowher.com/
Origin
https://www.empowher.com
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 28 Aug 2023 01:55:00 GMT
content-md5
oe1dHYATT4arzcPD6MMmlg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
87189
x-fb-debug
Awly60DMIjE5bMgvpASrb8cjkH106kTblQlTtcnZI50cGeGXHHq6TRJLccUEwZQgqMWEcdwbg44kMCu1dLmdug==
x-fb-content-md5
7e5bfa3ed19c3d84c409b324d4574c2c
cross-origin-opener-policy
same-origin-allow-popups
etag
"e60828b8979fe6c2a9dc559b36a6b63e"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
origin-agent-cluster
?0
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
priority
u=3,i
expires
Tue, 27 Aug 2024 00:09:32 GMT
campaigns.json
api.privy.com/businesses/C27276E9A39ACE9B437BA993/ 		42 B
611 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.privy.com/businesses/C27276E9A39ACE9B437BA993/campaigns.json?s=j&l=https%3A%2F%2Fwww.empowher.com%2Fusers%2Fsamsondfneal&user_uuid=9588ea45-9a10-4632-8fd7-6699bb090624&fence=1
Requested by
Host: widget.privy.com
URL: https://widget.privy.com/assets/widget.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:146c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
085775193a3438660321ef433979fcf52fafcd58fb1d2bd8cec61b0503380111
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.empowher.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ipcountry
CH
date
Mon, 28 Aug 2023 01:55:00 GMT
access-control-request-method
*
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-ippostalcode
x-permitted-cross-domain-policies
none
cf-cache-status
DYNAMIC
via
1.1 vegur
content-encoding
gzip
x-xss-protection
0
x-request-id
722086ea-17ca-4c8b-a493-2beba9536cef
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
etag
W/"085775193a3438660321ef433979fcf5"
x-download-options
noopen
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-IPCountry, X-IPRegion, X-IPPostalCode
cache-control
max-age=0, private, must-revalidate
x-ipregion
CH_
cf-ray
7fd8edf6bb4259e9-MXP
linkid.js
www.google-analytics.com/plugins/ua/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/plugins/ua/linkid.js
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.empowher.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 28 Aug 2023 01:49:50 GMT
content-encoding
br
x-content-type-options
nosniff
age
310
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
697
x-xss-protection
0
last-modified
Fri, 30 Jun 2023 18:58:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Mon, 28 Aug 2023 02:49:50 GMT
config
c.amazon-adsystem.com/cdn/prod/ 		0
303 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fwww.empowher.com&pubid=3342a50f-f325-41b3-be54-a4f440993552
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.192.181 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-192-181.fra2.r.cloudfront.net
Software
Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.empowher.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 28 Aug 2023 01:54:59 GMT
via
1.1 1ac3fd533bf6be1b511077f8b8e23bfc.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA2-C1
x-cache
Miss from cloudfront
access-control-allow-origin
https://www.empowher.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
x-amz-cf-id
W3gX6mY4XRLuo_9mWCoIBHqlF_FmYU0_tTs2_2NH1fpymzG1ENeARA==
bid
aax.amazon-adsystem.com/e/dtb/ 		138 B
580 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.empowher.com%2Fusers%2Fsamsondfneal&pid=DgsnGayIdwmwF&cb=0&ws=1600x1200&v=23.821.1806&t=2000&slots=%5B%7B%22sd%22%3A%22div-gpt-ad-1429823341605-0%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x90%22%2C%22970x250%22%5D%2C%22sn%22%3A%2245714857%2FHER_728x90_Top%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-1442253528109-0%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%5D%2C%22sn%22%3A%2245714857%2FHER_300xFlex_Top%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-1429823341605-2%22%2C%22s%22%3A%5B%22160x600%22%5D%2C%22sn%22%3A%2245714857%2FHER_160x600_Left%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-1429823341605-1%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x90%22%2C%22970x250%22%5D%2C%22sn%22%3A%2245714857%2FHER_728x90_Bottom%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-1462221522595-0%22%2C%22s%22%3A%5B%22320x50%22%2C%22300x100%22%2C%22300x100%22%5D%2C%22sn%22%3A%2245714857%2FHER_Mobile_Top%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-1462221522595-1%22%2C%22s%22%3A%5B%22320x50%22%2C%22300x250%22%5D%2C%22sn%22%3A%2245714857%2FHER_Mobile_Bottom%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-1490912742179-0%22%2C%22s%22%3A%5B%22300x600%22%5D%2C%22sn%22%3A%2245714857%2FHER_300x600_Home%22%7D%5D&pubid=3342a50f-f325-41b3-be54-a4f440993552&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.253.136 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-253-136.fra60.r.cloudfront.net
Software
Server /
Resource Hash
1ec76cf9c2249ece7fb0103a5a71bbcd7120d42b9583f0f66e4b9da577f6c501
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.empowher.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 28 Aug 2023 01:55:00 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 2a44338adc8233e5b25aca28287a69c8.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA60-P3
x-amz-rid
CSQG8M0YNDWAAP2AC8H9
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.empowher.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
138
x-amz-cf-id
TtVdresiVujqb5r9j2aJaYYtGQnZJx4ByvilUdB7qL5QKgIExFZG-Q==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.192.181 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-192-181.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.empowher.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
rBtfgJUMGYsy5fZuQwMAU7hSD.fVdF76
content-encoding
gzip
via
1.1 1ac3fd533bf6be1b511077f8b8e23bfc.cloudfront.net (CloudFront)
date
Sun, 27 Aug 2023 07:06:24 GMT
x-amz-cf-pop
FRA2-C1
age
67717
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Sat, 24 Jun 2023 09:19:11 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Accept-Encoding,Origin
x-amz-cf-id
yiJCMQqN_QRm5Gls8BR1oP1pJuV2fgnG5pnON0tta88-Mw6WW0vdmw==
870312469679803
connect.facebook.net/signals/config/ 		137 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/870312469679803?v=2.9.125&r=stable&domain=www.empowher.com
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
5718c1063be274898ba22a0f6e1eb7034b5c24c51f2d010534099571dc1901ed
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.empowher.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Mon, 28 Aug 2023 01:55:00 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
pragma
public
x-fb-debug
O4QojWGyoIWoHJsJmVNczXz7b6GBIZixr53ELByop/6nuhUxL076q0yvWWn5Qe+To7fBF+cFPsRmELs/DZPHJg==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires
Sat, 01 Jan 2000 00:00:00 GMT
collect
www.google-analytics.com/j/ 		15 B
35 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=832571140&t=pageview&_s=1&dl=https%3A%2F%2Fwww.empowher.com%2Fusers%2Fsamsondfneal&ul=en-us&de=UTF-8&dt=samsondfneal%27s%20Profile&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=KGBAgAAjCAAAACAAI~&jid=158223432&gjid=1945972953&cid=1710101432.1693187700&tid=UA-2916861-1&_gid=1449108992.1693187700&_slc=1&cd1=remnant&cd2=&cd3=&cd4=4213177&cd5=&cd6=1970-01-01&cd7=&cd8=&z=133935736
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1f57581dd67f816f949379100b9f4c4594a9b09f701a4e2a8c14ea63498093e5
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.empowher.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 28 Aug 2023 01:55:00 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.empowher.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
350 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-2916861-1&cid=1710101432.1693187700&jid=158223432&gjid=1945972953&_gid=1449108992.1693187700&_u=KGBAgAAjCAAAAGAAI~&z=682038436
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c07::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
3d89d2a833e0c8b73ddaac6d6ec14c4ab06c648ee6574f1b29e9ab8435e2f41e
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.empowher.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Mon, 28 Aug 2023 01:55:00 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.empowher.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j101&a=832571140&t=event&ni=1&_s=2&dl=https%3A%2F%2Fwww.empowher.com%2Fusers%2Fsamsondfneal&ul=en-us&de=UTF-8&dt=samsondfneal%27s%20Profile&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=User&ea=Type&el=anonymous%20user&ev=1&_u=KGBAgAAjCAAAAGAAI~&jid=&gjid=&cid=1710101432.1693187700&tid=UA-2916861-1&_gid=1449108992.1693187700&z=1765926009
Requested by
Host: www.empowher.com
URL: https://www.empowher.com/users/samsondfneal
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.empowher.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 27 Aug 2023 05:39:29 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
72931
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
status
www.facebook.com/x/oauth/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/x/oauth/status?client_id=213024989472&input_token&origin=1&redirect_uri=https%3A%2F%2Fwww.empowher.com%2Fusers%2Fsamsondfneal&sdk=joey&wants_cookie_data=true
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js?hash=6b3313ad2573013d2ee8359a1195edff
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.empowher.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; preload
date
Mon, 28 Aug 2023 01:55:00 GMT
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
pragma
no-cache
x-fb-debug
UTzHNGM2ihOezCF7yJ/SuGXBpFzpdGTTQ37orx7r12xFr+YSqfsTgJupi5X59HhRAcJuCk6ZYONjX2X7/c0flA==
fb-s
unknown
report-to
{"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.empowher.com
access-control-expose-headers
fb-s
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(self), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(self), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires
Sat, 01 Jan 2000 00:00:00 GMT
js
www.googletagmanager.com/gtag/ 		241 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-RZ9PT1H1PV&cx=c&_slc=1
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
79c0eece5f838695dcbc613ad7b4e043c2e5a31ba4221af35ca9062cc17cb20c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.empowher.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 28 Aug 2023 01:55:00 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
84971
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 28 Aug 2023 01:55:00 GMT
t
jadserve.postrelease.com/ 		268 B
718 B 		Script
General
Check archive.org
Download Go to
Full URL
https://jadserve.postrelease.com/t?ntv_url=https%3A%2F%2Fwww.empowher.com%2Fusers%2Fsamsondfneal&ntv_mvi
Requested by
Host: s.ntv.io
URL: https://s.ntv.io/serve/load.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.248.53.218 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-248-53-218.eu-west-1.compute.amazonaws.com
Software
nginx/1.12.2 /
Resource Hash
f24d352fc8e0fbbfd349ef49e86d9317834abb3494be70b4513660803ff66c67

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.empowher.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Aug 2023 01:55:00 GMT
content-encoding
gzip
server
nginx/1.12.2
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
189
expires
Mon, 1 Jan 1990 12:00:00 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		97 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/bidexchange.js?cid=8CU3J5V33&version=3.1&https=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
62b66cac6aac8cb51af3caca005c887f3fb72b9da286cf0f247e256cc6fa6abb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.empowher.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 28 Aug 2023 01:55:00 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28774
x-xss-protection
0
server
cafe
etag
795 / 19597 / m202308220101 / config-hash: 7028521147000579048
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Mon, 28 Aug 2023 01:55:00 GMT
log
hblg.media.net/ 		35 B
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hblg.media.net/log?logid=kfk&evtid=flog&itype=HB&r=1007&cid=8CU3J5V33&m=9_10_IN_EMS_CONFIG&pid=&svr=082508_711&abte=SSP_CLIENT&dn=www.empowher.com&requrl=https%3A%2F%2Fwww.empowher.com%2Fusers%2Fsamsondfneal
Requested by
Host: www.empowher.com
URL: https://www.empowher.com/users/samsondfneal
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.212.88.20 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-212-88-20.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.empowher.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Aug 2023 01:55:00 GMT
strict-transport-security
max-age=86400 ; includeSubDomains
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
content-length
35
expires
Mon, 28 Aug 2023 01:55:00 GMT
/
www.facebook.com/tr/ 		0
185 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=870312469679803&ev=PageView&dl=https%3A%2F%2Fwww.empowher.com%2Fusers%2Fsamsondfneal&rl=&if=false&ts=1693187700363&sw=1600&sh=1200&v=2.9.125&r=stable&ec=0&o=30&fbp=fb.1.1693187700362.450524180&it=1693187700258&coo=false&rqm=GET
Requested by
Host: www.empowher.com
URL: https://www.empowher.com/users/samsondfneal
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.empowher.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Mon, 28 Aug 2023 01:55:00 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
ga-audiences
www.google.com/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-2916861-1&cid=1710101432.1693187700&jid=158223432&_u=KGBAgAAjCAAAAGAAI~&z=721799648
Requested by
Host: www.empowher.com
URL: https://www.empowher.com/users/samsondfneal
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.empowher.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Aug 2023 01:55:00 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.ch/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.ch/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-2916861-1&cid=1710101432.1693187700&jid=158223432&_u=KGBAgAAjCAAAAGAAI~&z=721799648
Requested by
Host: www.empowher.com
URL: https://www.empowher.com/users/samsondfneal
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.empowher.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Aug 2023 01:55:00 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.analytics.google.com/g/ 		0
255 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-RZ9PT1H1PV&_ono=1&gtm=45je38n0&_p=832571140&_gaz=1&ul=en-us&sr=1600x1200&cid=1710101432.1693187700&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EBAI&_s=1&dl=https%3A%2F%2Fwww.empowher.com%2Fusers%2Fsamsondfneal&dt=samsondfneal%27s%20Profile&sid=1693187700&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&ep.ua_dimension_1=remnant&ep.ua_dimension_4=4213177&ep.ua_dimension_6=1970-01-01
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-RZ9PT1H1PV&cx=c&_slc=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.empowher.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Aug 2023 01:55:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.empowher.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
47 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&_ono=1&tid=G-RZ9PT1H1PV&cid=1710101432.1693187700&gtm=45je38n0&aip=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-RZ9PT1H1PV&cx=c&_slc=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c07::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.empowher.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Aug 2023 01:55:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.empowher.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.ch/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.ch/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&_ono=1&tid=G-RZ9PT1H1PV&cid=1710101432.1693187700&gtm=45je38n0&aip=1&z=1040067719
Requested by
Host: www.empowher.com
URL: https://www.empowher.com/users/samsondfneal
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.empowher.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Aug 2023 01:55:00 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308220101/ 		403 KB
127 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308220101/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8165d8e2771d30c1a2baf2e6ebb58ce49c3b9dc575676b6f1aa7afeb2e5efe86
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.empowher.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 27 Aug 2023 11:37:25 GMT
content-encoding
br
x-content-type-options
nosniff
age
51455
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
129871
x-xss-protection
0
server
cafe
etag
10423821264569162327
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Mon, 26 Aug 2024 11:37:25 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		738 B
419 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=406225294290822&correlator=1313756820403639&hxva=1&scor=503253167772709&eid=31076406%2C44780989%2C31068366%2C31076408%2C31077190&output=ldjh&gdfp_req=1&vrg=202308220101&ptt=17&impl=fif&iu_parts=45714857%2CHER_728x90_Top&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x90%7C728x90%7C970x250%7C320x50%7C300x50&ifi=1&sfv=1-0-40&eri=4&sc=1&cookie_enabled=1&abxe=1&dt=1693187700642&adxs=315&adys=90&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&color_bg=FFFFFF&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.empowher.com%2Fusers%2Fsamsondfneal&vis=1&psz=1570x25&msz=980x20&fws=4&ohw=1570&ga_vid=1710101432.1693187700&ga_sid=1693187701&ga_hid=832571140&ga_fc=true&dlt=1693187699122&idt=1477&cust_params=status%3D1%26extmdm%3Dnone%26c3%3D%26section%3D%26UGC%3Dfalse%26c1%3D%26c2%3D%26page%3D%26pt%3D%26server%3Dproduction%26rating%3Dna%26channel%3Dnone%26extsrc%3Dnone&adks=3050673328&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308220101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
697c29b0c27dee604743de3535ae083ea7c0352232a6d4cd912e4fd82082ed37
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.empowher.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 28 Aug 2023 01:55:00 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
389
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.empowher.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		575 B
328 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=406225294290822&correlator=1313756820403639&hxva=1&scor=503253167772709&eid=31076406%2C44780989%2C31068366%2C31076408%2C31077190&output=ldjh&gdfp_req=1&vrg=202308220101&ptt=17&impl=fif&iu_parts=45714857%2CHER_300xFlex_Top&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x100%7C300x250%7C300x1050%7C300x600&ifi=2&sfv=1-0-40&eri=4&sc=1&cookie_enabled=1&abxe=1&dt=1693187700651&adxs=1285&adys=162&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&color_bg=FFFFFF&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.empowher.com%2Fusers%2Fsamsondfneal&vis=1&psz=300x35&msz=300x10&fws=4&ohw=300&ga_vid=1710101432.1693187700&ga_sid=1693187701&ga_hid=832571140&ga_fc=true&dlt=1693187699122&idt=1477&cust_params=status%3D1%26extmdm%3Dnone%26c3%3D%26section%3D%26UGC%3Dfalse%26c1%3D%26c2%3D%26page%3D%26pt%3D%26server%3Dproduction%26rating%3Dna%26channel%3Dnone%26extsrc%3Dnone&adks=1706535992&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308220101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
37ab8353f0fc0e2b6248f19945f3e7bea74e421419a432471af0b6385476258a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.empowher.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 28 Aug 2023 01:55:00 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
298
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.empowher.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		576 B
323 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=406225294290822&correlator=1313756820403639&hxva=1&scor=503253167772709&eid=31076406%2C44780989%2C31068366%2C31076408%2C31077190&output=ldjh&gdfp_req=1&vrg=202308220101&ptt=17&impl=fif&iu_parts=45714857%2CHER_728x90_Bottom&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x90%7C728x90%7C970x250%7C320x50%7C300x50&ifi=3&sfv=1-0-40&eri=4&sc=1&cookie_enabled=1&abxe=1&dt=1693187700655&adxs=315&adys=808&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=3&oid=2&color_bg=FFFFFF&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.empowher.com%2Fusers%2Fsamsondfneal&vis=1&psz=1570x20&msz=980x0&fws=4&ohw=1570&ga_vid=1710101432.1693187700&ga_sid=1693187701&ga_hid=832571140&ga_fc=true&dlt=1693187699122&idt=1477&cust_params=status%3D1%26extmdm%3Dnone%26c3%3D%26section%3D%26UGC%3Dfalse%26c1%3D%26c2%3D%26page%3D%26pt%3D%26server%3Dproduction%26rating%3Dna%26channel%3Dnone%26extsrc%3Dnone&adks=2632463125&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308220101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d1b0e009c9ef65f5bd40982dba1ca1de5ae039e29fa0438d5d800001504af962
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.empowher.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 28 Aug 2023 01:55:00 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
293
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.empowher.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		574 B
322 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=406225294290822&correlator=1313756820403639&hxva=1&scor=503253167772709&eid=31076406%2C44780989%2C31068366%2C31076408%2C31077190&output=ldjh&gdfp_req=1&vrg=202308220101&ptt=17&impl=fif&iu_parts=45714857%2C1x1-anchor-ad-unit&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=4&sfv=1-0-40&eri=4&sc=1&cookie_enabled=1&abxe=1&dt=1693187700657&adxs=0&adys=833&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=4&oid=2&color_bg=FFFFFF&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.empowher.com%2Fusers%2Fsamsondfneal&vis=1&psz=1600x1&msz=1x-1&fws=0&ohw=0&ga_vid=1710101432.1693187700&ga_sid=1693187701&ga_hid=832571140&ga_fc=true&dlt=1693187699122&idt=1477&cust_params=status%3D1%26extmdm%3Dnone%26c3%3D%26section%3D%26UGC%3Dfalse%26c1%3D%26c2%3D%26page%3D%26pt%3D%26server%3Dproduction%26rating%3Dna%26channel%3Dnone%26extsrc%3Dnone&adks=2555910128&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308220101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
30e7e274070a4f06bd1191486f2c77127f184bcbf5c2c99bce5746cacc47bdfd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.empowher.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 28 Aug 2023 01:55:00 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
292
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.empowher.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		572 B
323 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=406225294290822&correlator=1313756820403639&hxva=1&scor=503253167772709&eid=31076406%2C44780989%2C31068366%2C31076408%2C31077190&output=ldjh&gdfp_req=1&vrg=202308220101&ptt=17&impl=fif&iu_parts=45714857%2CHER_1x1_InScreen&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=5&sfv=1-0-40&eri=4&sc=1&cookie_enabled=1&abxe=1&dt=1693187700659&adxs=0&adys=834&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=5&oid=2&color_bg=FFFFFF&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.empowher.com%2Fusers%2Fsamsondfneal&vis=1&psz=1600x1200&msz=1x-1&fws=0&ohw=0&ga_vid=1710101432.1693187700&ga_sid=1693187701&ga_hid=832571140&ga_fc=true&dlt=1693187699122&idt=1477&cust_params=status%3D1%26extmdm%3Dnone%26c3%3D%26section%3D%26UGC%3Dfalse%26c1%3D%26c2%3D%26page%3D%26pt%3D%26server%3Dproduction%26rating%3Dna%26channel%3Dnone%26extsrc%3Dnone&adks=174130014&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308220101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e34796d4279cf8a0a561a9018447f1b18fa71add2014d57ff9c881d73f669721
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.empowher.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 28 Aug 2023 01:55:00 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
293
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.empowher.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
eef74b84b43898e5862bfdedab000a60.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 291F 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://eef74b84b43898e5862bfdedab000a60.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308220101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.empowher.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 28 Aug 2023 01:55:00 GMT
expires
Tue, 27 Aug 2024 01:55:00 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ 		15 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202308220101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308220101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a04fc286c5c1575ef4f87d630f75339cc968f5092fdeb9f3b09833ad27dc063c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.empowher.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 28 Aug 2023 01:55:00 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11744
x-xss-protection
0
iu3
aax-eu.amazon-adsystem.com/s/ Frame D2B8
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-LoopMe_pm-db5_rbd_n-Beeswax_ox-db5
  • https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-LoopMe_pm-db5_rbd_n-Beeswax_ox-db5&dcc=t
308 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-LoopMe_pm-db5_rbd_n-Beeswax_ox-db5&dcc=t
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.115.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
261596695db08fe4e2d65515f052b4e84f130e643c2da09134a00bbe38f7dccf
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://www.empowher.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
308
Content-Type
text/html;charset=ISO-8859-1
Date
Mon, 28 Aug 2023 01:55:01 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
CQ3KDXCY04S8V2GMSGVS

Redirect headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Date
Mon, 28 Aug 2023 01:55:01 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Location
https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-LoopMe_pm-db5_rbd_n-Beeswax_ox-db5&dcc=t
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
ZBWGJ9V8RPE9FNRKGNAA
/
www.facebook.com/tr/ 		0
31 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=870312469679803&ev=Microdata&dl=https%3A%2F%2Fwww.empowher.com%2Fusers%2Fsamsondfneal&rl=&if=false&ts=1693187700866&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22samsondfneal%27s%20Profile%22%7D&cd[OpenGraph]=%7B%22og%3Asite_name%22%3A%22EmpowHER%22%2C%22og%3Atitle%22%3A%22samsondfneal%27s%20Profile%22%2C%22og%3Atype%22%3A%22website%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fwww.empowher.com%2Fusers%2Fsamsondfneal%22%7D&cd[Schema.org]=%5B%7B%22dimensions%22%3A%7B%22h%22%3A0%2C%22w%22%3A0%7D%2C%22properties%22%3A%7B%22name%22%3A%22Magnesium%20Deficiency%3A%20A%20Commonly%20Overlooked%20Health%20Issue%20%22%2C%22author%22%3A%22Catherine%20Taylor%22%7D%2C%22subscopes%22%3A%5B%5D%2C%22type%22%3A%22https%3A%2F%2Fschema.org%2FArticle%22%7D%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.125&r=stable&ec=1&o=30&fbp=fb.1.1693187700362.450524180&it=1693187700258&coo=false&es=automatic&tm=3&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.empowher.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Mon, 28 Aug 2023 01:55:00 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308220101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.empowher.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 28 Aug 2023 01:55:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 28 Aug 2023 01:55:00 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 85CF 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.empowher.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
19286
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 27 Aug 2023 20:33:34 GMT
expires
Mon, 26 Aug 2024 20:33:34 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame BD9E 		829 B
995 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
466ad6f481e0473a397153d021645e86262581ece798996028d757b86cbbaabe
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-BTDX8Ptg0h6H2Rozv-lzQA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.empowher.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
538
content-security-policy
script-src 'report-sample' 'nonce-BTDX8Ptg0h6H2Rozv-lzQA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 28 Aug 2023 01:55:01 GMT
expires
Mon, 28 Aug 2023 01:55:01 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
F8SkcvzQj7M3-2pXT2CJHOka8GJR2_XQE30kFDFsEbE.js
pagead2.googlesyndication.com/bg/ Frame 85CF 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/F8SkcvzQj7M3-2pXT2CJHOka8GJR2_XQE30kFDFsEbE.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
17c4a472fcd08fb337fb6a574f60891ce91af06251dbf5d0137d2414316c11b1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 26 Aug 2023 19:00:29 GMT
content-encoding
br
x-content-type-options
nosniff
age
111272
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14626
x-xss-protection
0
last-modified
Tue, 22 Aug 2023 10:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 25 Aug 2024 19:00:29 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame BD9E 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202308220101&jk=406225294290822&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame 85CF 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?bHFVaw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 28 Aug 2023 01:55:01 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
pr
aax-eu.amazon-adsystem.com/s/v3/ Frame 343C 		1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=n-Beeswax_n-LoopMe_ox-db5_pm-db5_rbd&fv=1.0&a=cm&cm3ppd=1&dmt=3
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-LoopMe_pm-db5_rbd_n-Beeswax_ox-db5&dcc=t
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.115.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
9110798709442fa881b24c5845d26fd76999226d7c7366ad2487c665cbad8e47
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-LoopMe_pm-db5_rbd_n-Beeswax_ox-db5&dcc=t
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
1374
Content-Type
text/html;charset=ISO-8859-1
Date
Mon, 28 Aug 2023 01:55:01 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
VXR6H6GN3RC36R5A6DKY
ecm3
s.amazon-adsystem.com/ Frame 343C
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/amzn?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dbeeswax.com%26id%3D%24UID
  • https://match.prod.bidr.io/cookie-sync/amzn?r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dbeeswax.com%26id%3D%24UID&_bee_ppp=1
  • https://s.amazon-adsystem.com/ecm3?id=AADEe07J1_0AACS4CUPu7w&ex=beeswax.com
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=AADEe07J1_0AACS4CUPu7w&ex=beeswax.com
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=n-Beeswax_n-LoopMe_ox-db5_pm-db5_rbd&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 28 Aug 2023 01:55:01 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
N8NJ9MP3VTZFQCC32FEA
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location
https://s.amazon-adsystem.com/ecm3?id=AADEe07J1_0AACS4CUPu7w&ex=beeswax.com
Date
Mon, 28 Aug 2023 01:55:01 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
ecm3
aax-eu.amazon-adsystem.com/s/ Frame 343C
Redirect Chain
  • https://csync.loopme.me/?pubid=11405&redirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dloopme.com%26id%3D%7Bviewer_token%7D
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=loopme.com&id=d4a50318-5d47-4aeb-90e8-4ef4dbbf95b0
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=loopme.com&id=d4a50318-5d47-4aeb-90e8-4ef4dbbf95b0
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=n-Beeswax_n-LoopMe_ox-db5_pm-db5_rbd&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Server
52.95.115.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 28 Aug 2023 01:55:01 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
W2C4CFM0Y1YX9Y9GA6AV
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=loopme.com&id=d4a50318-5d47-4aeb-90e8-4ef4dbbf95b0
date
Mon, 28 Aug 2023 01:55:01 GMT
server
_
content-length
0
cm
u.openx.net/w/1.0/ Frame E1F0
Redirect Chain
  • https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BO...
  • https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dopenx.com%26id%3...
678 B
722 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=n-Beeswax_n-LoopMe_ox-db5_pm-db5_rbd&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
8585ab4163392e59a468392f7d111ce10a629f8a78c3eb0e418998e332b865ff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
390
content-type
text/html
date
Mon, 28 Aug 2023 01:55:01 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Mon, 28 Aug 2023 01:55:01 GMT
location
https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
via
1.1 google
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame C1ED 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=n-Beeswax_n-LoopMe_ox-db5_pm-db5_rbd&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.32.184.192 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-184-192.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=108810
content-encoding
gzip
content-length
5606
content-type
text/html
date
Mon, 28 Aug 2023 01:55:01 GMT
expires
Tue, 29 Aug 2023 08:08:31 GMT
last-modified
Tue, 11 Jul 2023 09:39:35 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame B618 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=a9eu&endpoint=eu
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=n-Beeswax_n-LoopMe_ox-db5_pm-db5_rbd&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-149-233.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 28 Aug 2023 01:55:01 GMT
ETag
"40010-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
usync.js
eus.rubiconproject.com/ Frame B618 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9eu&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-149-233.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
cec590b68a6dd2b40fa90e876cb485c7eea3bac4e54cf4bb60335eacb010c431

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=a9eu&endpoint=eu
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 28 Aug 2023 01:55:01 GMT
Content-Encoding
gzip
Last-Modified
Sun, 27 Aug 2023 11:46:30 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=35525
Connection
keep-alive
Content-Length
10116
Expires
Mon, 28 Aug 2023 11:47:06 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame C1ED 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=5732494&p=156011&s=165626&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
13237fd40541c4feb4a1acd1e36b2e4a4367f8a109683399eabcae729af80932

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Mon, 28 Aug 2023 01:55:00 GMT
content-length
1710
content-type
text/html; charset=UTF-8
ecm3
aax-eu.amazon-adsystem.com/s/ Frame E1F0 		43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=openx.com&id=13de860e-847f-8cd6-bb10-e680804dd32b
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.115.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 28 Aug 2023 01:55:01 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
38QPXPA509D9VSH5BPZN
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
sd
eu-u.openx.net/w/1.0/ Frame E1F0
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=22
  • https://c1.adform.net/serving/cookie/match?CC=1&party=22
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=7109418790429191185
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=7109418790429191185
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Aug 2023 01:55:01 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 28 Aug 2023 01:55:01 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=7109418790429191185
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
dcm
aax-eu.amazon-adsystem.com/s/ Frame E1F0 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=fa457a28-e898-4449-9a1d-2b11dd13a271&id=13de860e-847f-8cd6-bb10-e680804dd32b
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.115.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 28 Aug 2023 01:55:01 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
YF2RVPDMV1T6ETB59Y4A
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
openx
match.adsrvr.org/track/cmf/ Frame E1F0 		70 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/openx?oxid=4b08fa73-98d5-372c-7b1e-6417e87e18cb&gdpr=0
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Mon, 28 Aug 2023 01:55:01 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame E1F0 		170 B
409 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=Njc2NzI5YjktNTFhMi02OTg4LTZlZmUtM2VhZTIyOWNkNmFi
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Aug 2023 01:55:01 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame E1F0
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESED8eM3tNuGF8Ctadvh14_ng&google_cver=1
43 B
180 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESED8eM3tNuGF8Ctadvh14_ng&google_cver=1
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?cc=1&id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Aug 2023 01:55:01 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 28 Aug 2023 01:55:01 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESED8eM3tNuGF8Ctadvh14_ng&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
khaos.jpg
token.rubiconproject.com/ Frame B618 		284 B
934 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/khaos.jpg?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9eu&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/jpg
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
284
X-RPHost
f5982f4f9cc79eb2b489dda8b92e3144
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
ecm3
aax-eu.amazon-adsystem.com/s/ Frame B618
Redirect Chain
  • https://pixel-eu.rubiconproject.com/exchange/sync.php?p=a9eu&khaos=LLU88NWD-25-28WG
  • https://aax-eu.amazon-adsystem.com/s/ecm3?id=LLU88NWD-25-28WG&ex=d-rubiconproject.com&status=ok
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?id=LLU88NWD-25-28WG&ex=d-rubiconproject.com&status=ok
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9eu&endpoint=eu
Protocol
HTTP/1.1
Server
52.95.115.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 28 Aug 2023 01:55:01 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
BMDPHHCQ70CDG6H188HP
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://aax-eu.amazon-adsystem.com/s/ecm3?id=LLU88NWD-25-28WG&ex=d-rubiconproject.com&status=ok
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
4cdacfaa68e4ab216fffbcc107c5b898
Expires
0
usersync.aspx
dis.criteo.com/dis/ Frame 79F3 		43 B
363 B 		Document
General
Check archive.org
Download Go to
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-cache
content-type
image/gif
cross-origin-resource-policy
cross-origin
date
Mon, 28 Aug 2023 01:55:01 GMT
expires
Mon, 28 Aug 2023 00:00:00 GMT
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
154690
strict-transport-security
max-age=31536000; preload;
x-errorlevel
0
ecm3
aax-eu.amazon-adsystem.com/s/ Frame 1015 		43 B
479 B 		Document
General
Check archive.org
Download Go to
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=pubmatic.com&id=PM_UIDC36A9F12-5A1E-417A-81A4-5A5E941F99D0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.115.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Mon, 28 Aug 2023 01:55:01 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
1BH75XERV0KM11YYQWKG
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame C1ED
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=w2qfEloeQXqBpFpelB-Z0A%3D%3D&gdpr=0&gdpr_consent=
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Server
23.32.184.192 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-184-192.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 28 Aug 2023 01:55:01 GMT
content-encoding
gzip
last-modified
Tue, 11 Jul 2023 09:39:35 GMT
server
Apache
vary
Accept-Encoding
content-type
text/html
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=108810
accept-ranges
bytes
content-length
5606
expires
Tue, 29 Aug 2023 08:08:31 GMT

Redirect headers

pragma
no-cache
date
Mon, 28 Aug 2023 01:55:01 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
qmap
sync.crwdcntrl.net/ Frame C1ED
Redirect Chain
  • https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=C36A9F12-5A1E-417A-81A4-5A5E941F99D0&gdpr=0&gdpr_consent=
  • https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=C36A9F12-5A1E-417A-81A4-5A5E941F99D0&gdpr=0&gdpr_consent=&ct=y
49 B
545 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=C36A9F12-5A1E-417A-81A4-5A5E941F99D0&gdpr=0&gdpr_consent=&ct=y
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Server
52.213.174.162 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-213-174-162.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Aug 2023 01:55:01 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.2.175
content-length
49
expires
0

Redirect headers

pragma
no-cache
date
Mon, 28 Aug 2023 01:55:01 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location
https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=C36A9F12-5A1E-417A-81A4-5A5E941F99D0&gdpr=0&gdpr_consent=&ct=y
cache-control
no-cache
x-server
10.45.17.143
content-length
0
expires
0
cr
cr.frontend.weborama.fr/ Frame C1ED
Redirect Chain
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=3541310003
0
45 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=3541310003
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Server
34.111.129.221 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
221.129.111.34.bc.googleusercontent.com
Software
Weborama Collect Frontend /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Aug 2023 01:55:00 GMT
via
1.1 google
last-modified
Mon, 28 Aug 2023 01:55:01 GMT
server
Weborama Collect Frontend
vary
Origin
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 03 Jul 2001 06:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 28 Aug 2023 01:55:01 GMT
via
1.1 google
last-modified
Mon, 28 Aug 2023 01:55:01 GMT
server
Weborama Collect Frontend
vary
Origin
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
location
https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=3541310003
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Tue, 03 Jul 2001 06:00:00 GMT
p
a.audrte.com/ Frame C1ED
Redirect Chain
  • https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=C36A9F12-5A1E-417A-81A4-5A5E941F99D0
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=MWJpcmZjbXdTVi1SWGU2dE5CbEE4QlNPQQ==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL...
  • https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%3D%3D&gdpr=0&gdpr_consent=
  • https://dmp.adform.net/serving/cookie/match/?party=1003&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent=
  • https://a.audrte.com/a?adform_uid=8927798110021034030&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D
  • https://a.audrte.com/p
68 B
424 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.audrte.com/p
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
HTTP/1.1
Server
52.207.39.200 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-207-39-200.compute-1.amazonaws.com
Software
nginx/1.22.1 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 28 Aug 2023 01:55:02 GMT
Server
nginx/1.22.1
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
68

Redirect headers

Date
Mon, 28 Aug 2023 01:55:02 GMT
Server
nginx/1.22.1
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Access-Control-Allow-Origin
*
Location
https://a.audrte.com:443/p
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
Pug
image2.pubmatic.com/AdServer/ Frame C1ED
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=QzM2QTlGMTItNUExRS00MTdBLTgxQTQtNUE1RTk0MUY5OUQw&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
245 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Server
198.47.127.205 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Mon, 28 Aug 2023 01:55:00 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Mon, 28 Aug 2023 01:55:01 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame C1ED
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEFFGk97PENHzOJ6KJVHi8IU&google_cver=1
42 B
349 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEFFGk97PENHzOJ6KJVHi8IU&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Server
198.47.127.205 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Mon, 28 Aug 2023 01:55:01 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Mon, 28 Aug 2023 01:55:01 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEFFGk97PENHzOJ6KJVHi8IU&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubmatic
um.simpli.fi/ Frame C1ED 		43 B
610 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
34.91.62.186 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
186.62.91.34.bc.googleusercontent.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 28 Aug 2023 01:55:01 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Sun, 27 Aug 2023 01:55:01 GMT
generic
match.adsrvr.org/track/cmf/ Frame C1ED 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Mon, 28 Aug 2023 01:55:01 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
Pug
simage2.pubmatic.com/AdServer/ Frame C1ED
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=8927798110021034030
42 B
470 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=8927798110021034030
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Server
198.47.127.205 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Mon, 28 Aug 2023 01:55:01 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Mon, 28 Aug 2023 01:55:01 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=8927798110021034030
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
pixel
cm.g.doubleclick.net/ Frame B618
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TExVODhOV0QtMjUtMjhXRw==
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEHHmIYM2vABMu-EPmXldzP4&google_cver=1
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TExVODhOV0QtMjUtMjhXRw==&google_push=
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TExVODhOV0QtMjUtMjhXRw==&google_push=
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9eu&endpoint=eu
Protocol
H3
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Aug 2023 01:55:01 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TExVODhOV0QtMjUtMjhXRw==&google_push=
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
704c1e4d3fcc922a3031d436b584678b
Expires
0
rubicon
match.adsrvr.org/track/cmf/ Frame B618 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/rubicon
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9eu&endpoint=eu
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Mon, 28 Aug 2023 01:55:01 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame B618
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MWY5ZWE2NzBkZTUxYzNiNDg0NDVjYzc4NjliMTJlYTI5ODViZmRhNg
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MWY5ZWE2NzBkZTUxYzNiNDg0NDVjYzc4NjliMTJlYTI5ODViZmRhNg
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9eu&endpoint=eu
Protocol
H3
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Aug 2023 01:55:01 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MWY5ZWE2NzBkZTUxYzNiNDg0NDVjYzc4NjliMTJlYTI5ODViZmRhNg
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
f5982f4f9cc79eb2b489dda8b92e3144
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
ecm3
aax-eu.amazon-adsystem.com/s/ Frame B618
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=3R6chNi3RdG-1Ab8nBvPnQ&rk=usync-other
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=3R6chNi3RdG-1Ab8nBvPnQ
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=3R6chNi3RdG-1Ab8nBvPnQ
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9eu&endpoint=eu
Protocol
HTTP/1.1
Server
52.95.115.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 28 Aug 2023 01:55:01 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
9MFEPPY1VBPX713PMCK4
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=3R6chNi3RdG-1Ab8nBvPnQ
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
f5982f4f9cc79eb2b489dda8b92e3144
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame B618
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEA1OeHO-pPsenmDy5nSMp3Y&google_cver=1
42 B
691 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEA1OeHO-pPsenmDy5nSMp3Y&google_cver=1
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9eu&endpoint=eu
Protocol
HTTP/1.1
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
f5982f4f9cc79eb2b489dda8b92e3144
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Mon, 28 Aug 2023 01:55:01 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEA1OeHO-pPsenmDy5nSMp3Y&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ecm3
s.amazon-adsystem.com/ Frame B618
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=OoSZ6DfERB-5XGBntIMu0Q&rk=usync-na
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=OoSZ6DfERB-5XGBntIMu0Q
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=OoSZ6DfERB-5XGBntIMu0Q
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9eu&endpoint=eu
Protocol
HTTP/1.1
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 28 Aug 2023 01:55:02 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
9G3PB0ZMY15JSG5W8R6V
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=OoSZ6DfERB-5XGBntIMu0Q
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
f5982f4f9cc79eb2b489dda8b92e3144
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame B618
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/goQXRBWVg7tAJ8hD1WKyzsn5EUdSAgOZEtemQ7w0kco?csrc=
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-abo6Aw5E2oLJ1.i72R2.21QZWpYvxTHwbDz3cQ--~A
42 B
691 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-abo6Aw5E2oLJ1.i72R2.21QZWpYvxTHwbDz3cQ--~A
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9eu&endpoint=eu
Protocol
HTTP/1.1
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
f5982f4f9cc79eb2b489dda8b92e3144
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date
Mon, 28 Aug 2023 01:55:02 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-abo6Aw5E2oLJ1.i72R2.21QZWpYvxTHwbDz3cQ--~A
content-length
0
setuid
px.ads.linkedin.com/ Frame B618
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LLU88NWD-25-28WG
0
647 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LLU88NWD-25-28WG
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9eu&endpoint=eu
Protocol
H2
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 28 Aug 2023 01:55:01 GMT
x-li-pop
afd-prod-lva1-x
x-msedge-ref
Ref A: 62D6550273EB4702B344B2F2E77B97DC Ref B: ZRHEDGE1208 Ref C: 2023-08-28T01:55:01Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lva1
x-li-proto
http/2
content-length
0
x-li-uuid
AAYD8fuAzv6WdHp9MInIpg==

Redirect headers

Location
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LLU88NWD-25-28WG
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
f5982f4f9cc79eb2b489dda8b92e3144
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202308220101&jk=406225294290822&bg=!h4SlhMvNAAYkVgHwBFY7ADQBe5WfOCOEPbN427zFZGzCXMpwoTd7lC-Q1ujxMKG1gZu2Q0vvwCc9zr_fdxCK9sxaoU-dAgAAAIdSAAAAB2gBBwoAFRLDgRoZjw0VIMITk9GW3lTNl4TWA5kCseTJsqvTQYvcoN9c7WBZTOp1NMVbZJy6INEpiqVQywBvpsEfvGc6cLEF_ogUiZWaxOVNQVdew0W9_8Xrb-qZF4LkS4Kliet0sTf-MEPNqSFr2oj00xJc8WtPvPOAKTwSL3O4gFYTfOqsEvgHcsbtIIx05Car_eFRJmoiVZVpb_VOUPXezEqnXl2EW3jH37ybGk_OOKTOxRCnDVOPeQnUQW0A7bSUXdc8kbAsVevSFUO8re9dpEXJS4WEG_vj_tK-CqEgZHIA2yBjz0c5mzzVbbVQz5Z9flB-39jB7YFhcGTRJuMKN79xHs3PhdnmZs5SDpuBHqkXGSMEM1CvXy9CqrLr6sE-TojSrzIxDKOsVGBAqgx7yQ42nqAoe7SnvoUa20w7hFGLvFTw9s4R6G0X_GkqQYFBHdjXq9P-po2bgE0H6nd76OMdh9Ta6vBO7Z5LOj5yKg55kkvk8Gr19RTnBN6PcF6xbnwEhHqXjqdeXeLNautYqF7SsAixOPFyRwKnD0F0_M03ay69TnSENk4jCrxnqi7z9KwbrCsttlHRlHi3xPxk8fO241U8MHVQ4iBbw2qKsWFzLGJU5lkHlJKXbaMvRWvNsFTdGRycRKFrlHXM_4xes4WdUFmEVNAer3KVLSvI13ua0T3bm2D0YA8-ZULOVR8F5PVyI5PcSifgSeH-Sd3wECicE8Vb7GJWUEHsdEf5AUI8X081V-XNmRbxb4elU8YamWRXF03L40Yxruy-Q3Cqq2EcA1t7xpDhViKxwA69N_CyXl3p2tJEL5974NMiKsfPNzu9CvviChvmo80cK3VlkXSIkR-wtBc0PLQ7geiE_BndODvavZOkicdqVa7cOHTc9t_WLfxyt5y6e_Jvc95ebtFnnEolgjYZmw11PsFLEWSiI3I4FFNpD2-gWhyo
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.empowher.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
ads
securepubads.g.doubleclick.net/gampad/ 		335 B
182 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=406225294290822&correlator=3067698474046649&hxva=1&scor=503253167772709&eid=31076406%2C44780989%2C31068366%2C31076408%2C31077190&output=ldjh&gdfp_req=1&vrg=202308220101&ptt=17&impl=fif&iu_parts=45714857%2CHER_728x90_Top&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x90%7C728x90%7C970x250%7C320x50%7C300x50&ifi=6&sfv=1-0-40&rcs=1&eri=5&sc=1&cookie=ID%3D1e615cd3e36970ca%3AT%3D1693187700%3ART%3D1693187700%3AS%3DALNI_MYTR7yNUndgCDBmw_wQO53fGfCbYw&gpic=UID%3D00000c698448352c%3AT%3D1693187700%3ART%3D1693187700%3AS%3DALNI_MaB2FIyEwfXIFHgsSPC6KO1VcNtXw&abxe=1&dt=1693187701877&adxs=15&adys=90&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&color_bg=FFFFFF&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.empowher.com%2Fusers%2Fsamsondfneal&vis=1&psz=1570x0&msz=980x20&fws=132&ohw=1570&psts=AOrYGsnHZeedOw5mzjy83Btkw1Do9dLUcvaFkZ_qni4ngLQ3lUx44tRa%2CAOrYGslMpFIV4ZjemwhJWXGFAjakT9Ntvm4sIeH7mgKbsbhnMakB1Qkx%2CAOrYGsmgG8evPojgsYnaV7-K84ykCk6ZaDlp00tbNskroct6MNkrvK0O%2CAOrYGskemM_ojrxwApoXa9P0BGd0U9Ik7-3IIZ6k9y4aNgZBBD4l3OrM&ga_vid=1710101432.1693187700&ga_sid=1693187701&ga_hid=832571140&ga_fc=true&dlt=1693187699122&idt=1477&prev_scp=amznbid%3D2%26amznp%3D2&cust_params=status%3D1%26extmdm%3Dnone%26c3%3D%26section%3D%26UGC%3Dfalse%26c1%3D%26c2%3D%26page%3D%26pt%3D%26server%3Dproduction%26rating%3Dna%26channel%3Dnone%26extsrc%3Dnone&adks=3050673328&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308220101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
93e2dd21e090fcdc2e8e0b7365a62337a4faceb3b28276d2410fcd04d008f030
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.empowher.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 28 Aug 2023 01:55:01 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
153
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.empowher.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		337 B
184 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=406225294290822&correlator=3067698474046649&hxva=1&scor=503253167772709&eid=31076406%2C44780989%2C31068366%2C31076408%2C31077190&output=ldjh&gdfp_req=1&vrg=202308220101&ptt=17&impl=fif&iu_parts=45714857%2CHER_300xFlex_Top&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x100%7C300x250%7C300x1050%7C300x600&ifi=7&sfv=1-0-40&rcs=1&eri=5&sc=1&cookie=ID%3D1e615cd3e36970ca%3AT%3D1693187700%3ART%3D1693187700%3AS%3DALNI_MYTR7yNUndgCDBmw_wQO53fGfCbYw&gpic=UID%3D00000c698448352c%3AT%3D1693187700%3ART%3D1693187700%3AS%3DALNI_MaB2FIyEwfXIFHgsSPC6KO1VcNtXw&abxe=1&dt=1693187701880&adxs=1285&adys=137&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&color_bg=FFFFFF&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.empowher.com%2Fusers%2Fsamsondfneal&vis=1&psz=300x0&msz=300x10&fws=132&ohw=300&psts=AOrYGslpqWlmAWBGaiTTHTwZkPWEyLd05n0kkKY9Xk6ViKGUAkR3Zal3%2CAOrYGslMpFIV4ZjemwhJWXGFAjakT9Ntvm4sIeH7mgKbsbhnMakB1Qkx%2CAOrYGsmgG8evPojgsYnaV7-K84ykCk6ZaDlp00tbNskroct6MNkrvK0O%2CAOrYGskemM_ojrxwApoXa9P0BGd0U9Ik7-3IIZ6k9y4aNgZBBD4l3OrM&ga_vid=1710101432.1693187700&ga_sid=1693187701&ga_hid=832571140&ga_fc=true&dlt=1693187699122&idt=1477&prev_scp=amznbid%3D2%26amznp%3D2&cust_params=status%3D1%26extmdm%3Dnone%26c3%3D%26section%3D%26UGC%3Dfalse%26c1%3D%26c2%3D%26page%3D%26pt%3D%26server%3Dproduction%26rating%3Dna%26channel%3Dnone%26extsrc%3Dnone&adks=1706535992&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308220101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
680c5a09974340bdad4ad9dfd53eb31a9b1d7bc47464aa6721ae5172fe83e8db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.empowher.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 28 Aug 2023 01:55:01 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
155
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.empowher.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		338 B
183 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=406225294290822&correlator=3067698474046649&hxva=1&scor=503253167772709&eid=31076406%2C44780989%2C31068366%2C31076408%2C31077190&output=ldjh&gdfp_req=1&vrg=202308220101&ptt=17&impl=fif&iu_parts=45714857%2CHER_728x90_Bottom&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x90%7C728x90%7C970x250%7C320x50%7C300x50&ifi=8&sfv=1-0-40&rcs=1&eri=5&sc=1&cookie=ID%3D1e615cd3e36970ca%3AT%3D1693187700%3ART%3D1693187700%3AS%3DALNI_MYTR7yNUndgCDBmw_wQO53fGfCbYw&gpic=UID%3D00000c698448352c%3AT%3D1693187700%3ART%3D1693187700%3AS%3DALNI_MaB2FIyEwfXIFHgsSPC6KO1VcNtXw&abxe=1&dt=1693187701884&adxs=15&adys=733&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=3&oid=2&color_bg=FFFFFF&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.empowher.com%2Fusers%2Fsamsondfneal&vis=1&psz=1570x0&msz=980x0&fws=132&ohw=1570&psts=AOrYGslpqWlmAWBGaiTTHTwZkPWEyLd05n0kkKY9Xk6ViKGUAkR3Zal3%2CAOrYGsnHZeedOw5mzjy83Btkw1Do9dLUcvaFkZ_qni4ngLQ3lUx44tRa%2CAOrYGsmgG8evPojgsYnaV7-K84ykCk6ZaDlp00tbNskroct6MNkrvK0O%2CAOrYGskemM_ojrxwApoXa9P0BGd0U9Ik7-3IIZ6k9y4aNgZBBD4l3OrM&ga_vid=1710101432.1693187700&ga_sid=1693187701&ga_hid=832571140&ga_fc=true&dlt=1693187699122&idt=1477&prev_scp=amznbid%3D2%26amznp%3D2&cust_params=status%3D1%26extmdm%3Dnone%26c3%3D%26section%3D%26UGC%3Dfalse%26c1%3D%26c2%3D%26page%3D%26pt%3D%26server%3Dproduction%26rating%3Dna%26channel%3Dnone%26extsrc%3Dnone&adks=2632463125&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308220101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d9529adb741aab85064f3c288a9af1e40c31529228f1c663e5642857c33249cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.empowher.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 28 Aug 2023 01:55:01 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
154
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.empowher.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		336 B
178 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=406225294290822&correlator=3067698474046649&hxva=1&scor=503253167772709&eid=31076406%2C44780989%2C31068366%2C31076408%2C31077190&output=ldjh&gdfp_req=1&vrg=202308220101&ptt=17&impl=fif&iu_parts=45714857%2C1x1-anchor-ad-unit&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=9&sfv=1-0-40&rcs=1&eri=5&sc=1&cookie=ID%3D1e615cd3e36970ca%3AT%3D1693187700%3ART%3D1693187700%3AS%3DALNI_MYTR7yNUndgCDBmw_wQO53fGfCbYw&gpic=UID%3D00000c698448352c%3AT%3D1693187700%3ART%3D1693187700%3AS%3DALNI_MaB2FIyEwfXIFHgsSPC6KO1VcNtXw&abxe=1&dt=1693187701897&adxs=0&adys=753&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=4&oid=2&color_bg=FFFFFF&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.empowher.com%2Fusers%2Fsamsondfneal&vis=1&psz=1600x0&msz=1x-1&fws=128&ohw=0&psts=AOrYGslpqWlmAWBGaiTTHTwZkPWEyLd05n0kkKY9Xk6ViKGUAkR3Zal3%2CAOrYGsnHZeedOw5mzjy83Btkw1Do9dLUcvaFkZ_qni4ngLQ3lUx44tRa%2CAOrYGslMpFIV4ZjemwhJWXGFAjakT9Ntvm4sIeH7mgKbsbhnMakB1Qkx%2CAOrYGskemM_ojrxwApoXa9P0BGd0U9Ik7-3IIZ6k9y4aNgZBBD4l3OrM&ga_vid=1710101432.1693187700&ga_sid=1693187701&ga_hid=832571140&ga_fc=true&dlt=1693187699122&idt=1477&cust_params=status%3D1%26extmdm%3Dnone%26c3%3D%26section%3D%26UGC%3Dfalse%26c1%3D%26c2%3D%26page%3D%26pt%3D%26server%3Dproduction%26rating%3Dna%26channel%3Dnone%26extsrc%3Dnone&adks=2555910128&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308220101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c8080fe2ff07f71ccf7cf7ce46f5b1a59a8ca4cfc574e477c2d1c5f201ae58d7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.empowher.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 28 Aug 2023 01:55:01 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
149
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.empowher.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		334 B
180 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=406225294290822&correlator=3067698474046649&hxva=1&scor=503253167772709&eid=31076406%2C44780989%2C31068366%2C31076408%2C31077190&output=ldjh&gdfp_req=1&vrg=202308220101&ptt=17&impl=fif&iu_parts=45714857%2CHER_1x1_InScreen&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=10&sfv=1-0-40&rcs=1&eri=5&sc=1&cookie=ID%3D1e615cd3e36970ca%3AT%3D1693187700%3ART%3D1693187700%3AS%3DALNI_MYTR7yNUndgCDBmw_wQO53fGfCbYw&gpic=UID%3D00000c698448352c%3AT%3D1693187700%3ART%3D1693187700%3AS%3DALNI_MaB2FIyEwfXIFHgsSPC6KO1VcNtXw&abxe=1&dt=1693187701901&adxs=0&adys=753&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=5&oid=2&color_bg=FFFFFF&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.empowher.com%2Fusers%2Fsamsondfneal&vis=1&psz=1600x1200&msz=1x-1&fws=128&ohw=0&psts=AOrYGslpqWlmAWBGaiTTHTwZkPWEyLd05n0kkKY9Xk6ViKGUAkR3Zal3%2CAOrYGsnHZeedOw5mzjy83Btkw1Do9dLUcvaFkZ_qni4ngLQ3lUx44tRa%2CAOrYGslMpFIV4ZjemwhJWXGFAjakT9Ntvm4sIeH7mgKbsbhnMakB1Qkx%2CAOrYGsmgG8evPojgsYnaV7-K84ykCk6ZaDlp00tbNskroct6MNkrvK0O&ga_vid=1710101432.1693187700&ga_sid=1693187701&ga_hid=832571140&ga_fc=true&dlt=1693187699122&idt=1477&cust_params=status%3D1%26extmdm%3Dnone%26c3%3D%26section%3D%26UGC%3Dfalse%26c1%3D%26c2%3D%26page%3D%26pt%3D%26server%3Dproduction%26rating%3Dna%26channel%3Dnone%26extsrc%3Dnone&adks=174130014&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308220101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
12b0839f0429b9d597ec4965acb46564500f0eebb7d29e6eb1f90a1b3f667c7c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.empowher.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 28 Aug 2023 01:55:01 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
151
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.empowher.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
SPug
simage4.pubmatic.com/AdServer/ Frame C1ED 		0
260 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=156011&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.20 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 28 Aug 2023 01:55:02 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
PugMaster
image6.pubmatic.com/AdServer/ Frame C1ED 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=1173454&p=156011&s=165626&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
a8368c9bdc19373164c350feb12a6f11c9d6955b7cbc32b449d9fe85a607748a

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Mon, 28 Aug 2023 01:55:04 GMT
content-length
1543
content-type
text/html; charset=UTF-8
match
c1.adform.net/serving/cookie/ Frame 0873 		35 B
599 B 		Document
General
Check archive.org
Download Go to
Full URL
https://c1.adform.net/serving/cookie/match?party=14&cid=C36A9F12-5A1E-417A-81A4-5A5E941F99D0&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.133 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-type
image/gif
date
Mon, 28 Aug 2023 01:55:04 GMT
expires
-1
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
dcm
aax-eu.amazon-adsystem.com/s/ Frame 72E6 		43 B
855 B 		Document
General
Check archive.org
Download Go to
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=C36A9F12-5A1E-417A-81A4-5A5E941F99D0&redir=true&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.115.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Mon, 28 Aug 2023 01:55:04 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
ZMA6W9F8GQ7J3ZDJBVSY
Pug
image2.pubmatic.com/AdServer/ Frame 397F
Redirect Chain
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=4DeLqbBm2fP7Ydb8tzPD_eRg26j7Oo_64TrAF8No
42 B
414 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=4DeLqbBm2fP7Ydb8tzPD_eRg26j7Oo_64TrAF8No
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.205 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 28 Aug 2023 01:55:02 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
date
Mon, 28 Aug 2023 01:55:04 GMT
expires
Fri, 04 Aug 1978 12:00:00 GMT
location
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=4DeLqbBm2fP7Ydb8tzPD_eRg26j7Oo_64TrAF8No
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
pragma
no-cache
strict-transport-security
max-age=86400
Pug
simage2.pubmatic.com/AdServer/ Frame 4A2B
Redirect Chain
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA%3D%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=7405929588912227224&gdpr=0&gdpr_consent=
42 B
297 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=7405929588912227224&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.205 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 28 Aug 2023 01:55:03 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
access-control-allow-origin
*
an-x-request-uuid
d64ea630-af38-4fe5-bafb-79ee739bf580
cache-control
no-store, no-cache, private
content-length
0
content-type
text/html; charset=utf-8
date
Mon, 28 Aug 2023 01:55:05 GMT
expires
Sat, 15 Nov 2008 16:00:00 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=7405929588912227224&gdpr=0&gdpr_consent=
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
pragma
no-cache
server
nginx/1.21.3
x-proxy-origin
176.10.106.8; 176.10.106.8; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
x-xss-protection
0
ecm3
aax-eu.amazon-adsystem.com/s/ Frame D364 		43 B
479 B 		Document
General
Check archive.org
Download Go to
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=pubmatic.com&id=PM_UIDC36A9F12-5A1E-417A-81A4-5A5E941F99D0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156011&s=165626&predirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fex%3Dpubmatic.com%26id%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.115.196 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Mon, 28 Aug 2023 01:55:04 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
YDWHZBY72GBCBP4C7RGW
mw
mwzeom.zeotap.com/ Frame C1ED 		95 B
438 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&gdpr=0&gdpr_consent=&cid=C36A9F12-5A1E-417A-81A4-5A5E941F99D0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:db6 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 28 Aug 2023 01:55:04 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Origin
content-type
image/png
access-control-allow-origin
https://ads.pubmatic.com
access-control-allow-credentials
true
cf-ray
7fd8ee127e99baca-MXP
access-control-allow-headers
*
content-length
95
info2
uipglob.semasio.net/pubmatic/1/ Frame C1ED
Redirect Chain
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=C36A9F12-5A1E-417A-81A4-5A5E941F99D0&sInitiator=external&gdpr=0&gdpr_consent=
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=C36A9F12-5A1E-417A-81A4-5A5E941F99D0&sInitiator=external&gdpr=0&gdpr_consent=
42 B
603 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=C36A9F12-5A1E-417A-81A4-5A5E941F99D0&sInitiator=external&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
77.243.51.122 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Aug 2023 01:55:13 GMT
frontend-id
9
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
content-type
image/gif
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-origin
*
content-length
42
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 28 Aug 2023 01:55:13 GMT
frontend-id
15
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
location
/pubmatic/1/info2?sType=sync&sExtCookieId=C36A9F12-5A1E-417A-81A4-5A5E941F99D0&sInitiator=external&gdpr=0&gdpr_consent=
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-origin
*
content-length
0
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT
generic
match.adsrvr.org/track/cmf/ Frame C1ED
Redirect Chain
  • https://pixel.onaudience.com/?partner=214&mapped=C36A9F12-5A1E-417A-81A4-5A5E941F99D0&gdpr=0&gdpr_consent=
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=fa040765320200c3/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%...
  • https://pixel.onaudience.com/?partner=104&icm&cver&mapped=64bb6e8879de5971836bf4a2a0b79e5e&gdpr=0
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
Protocol
H2
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Mon, 28 Aug 2023 01:55:04 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

Redirect headers

location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
content-length
0
C36A9F12-5A1E-417A-81A4-5A5E941F99D0
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame C1ED 		43 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/C36A9F12-5A1E-417A-81A4-5A5E941F99D0?gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3602:1491:71d6:41d3:ab51 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 28 Aug 2023 01:55:04 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
SPug
image4.pubmatic.com/AdServer/ Frame C1ED
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=C36A9F12-5A1E-417A-81A4-5A5E941F99D0&redir=true&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-L9XOKd5E2uUSCMQsC64qVlTw9kBnE7A-~A&gdpr=0
0
128 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-L9XOKd5E2uUSCMQsC64qVlTw9kBnE7A-~A&gdpr=0
Protocol
H2
Server
198.47.127.20 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 28 Aug 2023 01:55:03 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-L9XOKd5E2uUSCMQsC64qVlTw9kBnE7A-~A&gdpr=0
date
Mon, 28 Aug 2023 01:55:04 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.75
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Pug
simage2.pubmatic.com/AdServer/ Frame C1ED
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://ads.avct.cloud/getuid?url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dpubmatic
  • https://ads.avct.cloud/getuid?bounce=true&url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dpubmatic
  • https://x.bidswitch.net/sync?dsp_id=59&user_id=21155e57-b0ec-4b4c-b4fd-677d2fd47f6b&ssp=pubmatic
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=5b830d76-6663-4cb7-ba69-4f0b6483c74c&gdpr=&gdpr_consent=&gdpr_pd=
1 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=5b830d76-6663-4cb7-ba69-4f0b6483c74c&gdpr=&gdpr_consent=&gdpr_pd=
Protocol
H2
Server
198.47.127.205 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Mon, 28 Aug 2023 01:55:04 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
//simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=5b830d76-6663-4cb7-ba69-4f0b6483c74c&gdpr=&gdpr_consent=&gdpr_pd=
date
Mon, 28 Aug 2023 01:55:05 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0

Verdicts & Comments Add Verdict or Comment

95 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| documentPictureInPicture string| _d_site function| Privy object| Drupal function| getUrlParameter function| renderMedianetAds function| displayAdknowledgePixel function| renderUndertoneAdUnit function| renderConditionalAds function| $ function| jQuery function| FB_Connect function| FB_Stream function| FB_JS function| fbAsyncInit object| jQuery110107924084792799675 function| $jq function| flashembed object| jQuery151026660346285366576 object| Mobile number| d string| t object| type function| resizeText function| ucfirst function| lcfirst function| setCookie function| getCookie function| displaySiteSkinAd function| modifyContactForm function| getUrlVars function| isElementInViewport function| equalheight object| addthis_config string| forwardSlash object| googletag object| advBidxc object| slots function| refreshAds object| apstag string| GoogleAnalyticsObject function| universalGA function| fbq function| _fbq object| cookieconsent object| _pa object| e function| esteemVote function| processCommentVoteResults function| processVoteResults function| connect function| no_fbuser function| verify_connect function| LogPoint number| _sf_startpt object| FB object| webpackChunkprivy object| SENTRY_RELEASE object| SENTRY_RELEASES object| PrivyWidget object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| _aps boolean| apstagLOADED object| apscustom object| __buffer object| dataLayer undefined| nQuery number| ntvLoadStart object| ntv object| prdom object| onFocusEvents function| ntvjQueryInit function| ntvExtends function| ntvAppendStylesheet function| ntvAppendScript function| ntvGetElementViewability function| ntvArticleTracker function| ntvViewableImpressionTracker object| PostRelease object| ntvToutAds boolean| onFocus object| google_tag_manager object| ggeac object| google_js_reporting_queue undefined| google_measure_js_timing number| google_unique_id object| siteSkin object| GoogleGcLKhOms object| google_image_requests

47 Cookies

Domain/Path Name / Value
.empowher.com/ Name: SESSce6bccc42be748aec24dd90a6cb095af
Value: 4df206f2b1bd9ec5dca59d0f59efc1a0
www.empowher.com/ Name: poll-10444745
Value: 2a00%3Abd80%3Aa901%3A0%3A394%3A%3A1-106052793
.empowher.com/ Name: _privy_C27276E9A39ACE9B437BA993
Value: %7B%22uuid%22%3A%229588ea45-9a10-4632-8fd7-6699bb090624%22%7D
.empowher.com/ Name: _ga
Value: GA1.2.1710101432.1693187700
.empowher.com/ Name: _gid
Value: GA1.2.1449108992.1693187700
.empowher.com/ Name: _gat
Value: 1
www.empowher.com/ Name: ntvSession
Value: {}
.empowher.com/ Name: _fbp
Value: fb.1.1693187700362.450524180
.empowher.com/ Name: _ga_RZ9PT1H1PV
Value: GS1.2.1693187700.1.0.1693187700.60.0.0
.postrelease.com/ Name: visitor
Value: 657c34b2-f126-4dd6-969f-ff7a496a05c3
.postrelease.com/ Name: status
Value: 0
.empowher.com/ Name: __gads
Value: ID=1e615cd3e36970ca:T=1693187700:RT=1693187700:S=ALNI_MYTR7yNUndgCDBmw_wQO53fGfCbYw
.empowher.com/ Name: __gpi
Value: UID=00000c698448352c:T=1693187700:RT=1693187700:S=ALNI_MaB2FIyEwfXIFHgsSPC6KO1VcNtXw
.amazon-adsystem.com/ Name: ad-id
Value: A5OyqdmSYkggq0wgtb-xAEY
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.openx.net/ Name: i
Value: 98a4c52a-3152-08db-21c8-acff8c592b36|1693187701
.openx.net/ Name: pd
Value: v2|1693187701|n0vNvQiygu
.csync.loopme.me/ Name: viewer_token
Value: d4a50318-5d47-4aeb-90e8-4ef4dbbf95b0
.bidr.io/ Name: bito
Value: AADEe07J1_0AACS4CUPu7w
.bidr.io/ Name: bitoIsSecure
Value: ok
.doubleclick.net/ Name: IDE
Value: AHWqTUmMPAkmZ_PytxOFXYUHFBMUv-bcYnEiXTqq6FpjSLqsOp-PU4Lu_mkmOeTvk40
.rubiconproject.com/ Name: khaos
Value: LLU88NWD-25-28WG
.pubmatic.com/ Name: KADUSERCOOKIE
Value: C36A9F12-5A1E-417A-81A4-5A5E941F99D0
.adform.net/ Name: C
Value: 1
.adform.net/ Name: uid
Value: 8927798110021034030
.weborama.fr/ Name: AFFICHE_W
Value: 69x0h3GP16-r97
.simpli.fi/ Name: suid
Value: E56AC4C0D8414952868DE2969A013306
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 22987-CAESEFFGk97PENHzOJ6KJVHi8IU&KRTB&23025-CAESEFFGk97PENHzOJ6KJVHi8IU&KRTB&23386-CAESEFFGk97PENHzOJ6KJVHi8IU
.pubmatic.com/ Name: PugT
Value: 1693187701
.pubmatic.com/ Name: KRTBCOOKIE_391
Value: 22924-8927798110021034030&KRTB&23263-8927798110021034030&KRTB&23481-8927798110021034030
.crwdcntrl.net/ Name: _cc_dc
Value: 1
.crwdcntrl.net/ Name: _cc_id
Value: 64bb6e8879de5971836bf4a2a0b79e5e
.linkedin.com/ Name: bcookie
Value: "v=2&d97cdf81-a9c4-47e7-84bb-5d8078ec5ad4"
.linkedin.com/ Name: li_gc
Value: MTswOzE2OTMxODc3MDE7MjswMjG4dnlfmZVe61XmyBE/0mwgnjou99iOAqtNH29maWQx/g==
.linkedin.com/ Name: lidc
Value: "b=VGST01:s=V:r=V:a=V:p=V:g=2986:u=1:x=1:i=1693187701:t=1693274101:v=2:sig=AQGePcdkuFx76_qCDDHGgodPImOIbRQN"
.audrte.com/ Name: arcki2
Value: 1birfcmwSV-RXe6tNBlA8BSOA!20220908!1693187701925!ip#176.10.106.8
.audrte.com/ Name: arcki2_pubmatic
Value: C36A9F12-5A1E-417A-81A4-5A5E941F99D0!20220908!1693187701928
.yahoo.com/ Name: A3
Value: d=AQABBHb-62QCEDPy8I8CHbp-3p1OC0XPlzwFEgEBAQFP7WT1ZAAAAAAA_eMAAA&S=AQAAAgLQkr6_wd7UFuog7M4RiIY
.rubiconproject.com/ Name: audit
Value: 1|4SO+6+OWqVnav+EoK3DA59QYthc2yfpZXFodqHRXniqT5JOdE07T++V+IexoQJXQwGIRxuar/pXqFTrNE4+z9kqVaHlG5SlgpmvllXEtYN4=
.audrte.com/ Name: arcki2_ddp2
Value: 1birfcmwSV-RXe6tNBlA8BSOA!20220908!1693187702090
.audrte.com/ Name: arcki2_adform
Value: 8927798110021034030!20220908!1693187702234
.pubmatic.com/ Name: SPugT
Value: 1693187702
.ads.pubmatic.com/ Name: KCCH
Value: YES
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 2
.pubmatic.com/ Name: pi
Value: 156011:4
.pubmatic.com/ Name: DPSync3
Value: 1694390400%3A235_201_245_227_226_219_197_241
.pubmatic.com/ Name: SyncRTB3
Value: 1694390400%3A13_251_71_3_54_220_21_8_56%7C1694044800%3A63%7C1694476800%3A35%7C1693785600%3A223

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.audrte.com
aax-eu.amazon-adsystem.com
aax.amazon-adsystem.com
ads.avct.cloud
ads.pubmatic.com
ajax.googleapis.com
api.privy.com
c.amazon-adsystem.com
c1.adform.net
cdnjs.cloudflare.com
cm.g.doubleclick.net
cms.quantserve.com
connect.facebook.net
contextual.media.net
cr.frontend.weborama.fr
csync.loopme.me
dis.criteo.com
dmp.adform.net
eef74b84b43898e5862bfdedab000a60.safeframe.googlesyndication.com
eu-u.openx.net
eus.rubiconproject.com
fonts.googleapis.com
hblg.media.net
ib.adnxs.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
jadserve.postrelease.com
match.adsrvr.org
match.prod.bidr.io
mwzeom.zeotap.com
pagead2.googlesyndication.com
pixel-eu.rubiconproject.com
pixel.onaudience.com
pixel.rubiconproject.com
pr-bh.ybp.yahoo.com
px.ads.linkedin.com
region1.analytics.google.com
s.amazon-adsystem.com
s.ntv.io
s7.addthis.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
simage4.pubmatic.com
stats.g.doubleclick.net
sync.crwdcntrl.net
tag.marinsm.com
token.rubiconproject.com
tpc.googlesyndication.com
u.openx.net
uipglob.semasio.net
um.simpli.fi
ups.analytics.yahoo.com
us-u.openx.net
widget.privy.com
www.empowher.com
www.facebook.com
www.google-analytics.com
www.google.ch
www.google.com
www.googletagmanager.com
www.honcode.ch
x.bidswitch.net
13.224.192.181
141.94.170.64
142.250.186.162
151.101.128.65
178.250.1.9
185.64.190.78
185.89.210.90
198.47.127.20
198.47.127.205
2.16.96.119
2001:4860:4802:32::36
209.54.182.161
23.212.88.20
23.32.184.192
23.32.185.42
2606:4700:10::6816:146c
2606:4700:10::ac43:db6
2606:4700:20::681a:b97
2606:4700:3035::6815:47a3
2606:4700::6811:190e
2620:116:800d:21:5ed4:8d5d:fed7:f5ef
2620:1ec:21::14
2a00:1450:4001:809::2004
2a00:1450:4001:80b::2001
2a00:1450:4001:810::200e
2a00:1450:4001:811::2008
2a00:1450:4001:81c::200a
2a00:1450:4001:828::2002
2a00:1450:4001:829::2001
2a00:1450:4001:829::2003
2a00:1450:4001:82a::2002
2a00:1450:4001:830::200a
2a00:1450:400c:c07::9b
2a03:2880:f083:100:face:b00c:0:3
2a03:2880:f176:181:face:b00c:0:25de
2a05:d018:d29:3602:1491:71d6:41d3:ab51
3.248.53.218
3.75.62.37
34.111.129.221
34.255.103.81
34.91.62.186
34.98.64.218
35.157.211.238
35.214.207.20
35.71.131.137
37.157.5.133
52.207.39.200
52.213.174.162
52.222.253.136
52.31.112.199
52.95.115.196
69.173.144.138
69.173.144.139
72.246.168.23
77.243.51.122
95.101.149.233
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
085775193a3438660321ef433979fcf52fafcd58fb1d2bd8cec61b0503380111
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
12b0839f0429b9d597ec4965acb46564500f0eebb7d29e6eb1f90a1b3f667c7c
13237fd40541c4feb4a1acd1e36b2e4a4367f8a109683399eabcae729af80932
17c4a472fcd08fb337fb6a574f60891ce91af06251dbf5d0137d2414316c11b1
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
1c7adf907fdaeb92e7323570e9600071f5cc36b8c11372e0516acb4ce3edf7d3
1ec76cf9c2249ece7fb0103a5a71bbcd7120d42b9583f0f66e4b9da577f6c501
1f57581dd67f816f949379100b9f4c4594a9b09f701a4e2a8c14ea63498093e5
2182eb709bed62124f0e81deb88322533f2f0f004972295cd80499e6fec25fa1
261596695db08fe4e2d65515f052b4e84f130e643c2da09134a00bbe38f7dccf
29ce4d077043eb550f778602c3a213aa6e413823b5fe6cc30c4c7928b23694a2
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
30e7e274070a4f06bd1191486f2c77127f184bcbf5c2c99bce5746cacc47bdfd
37ab8353f0fc0e2b6248f19945f3e7bea74e421419a432471af0b6385476258a
37c3974fe9fcf3d844b0560a439e6fdad6118dd7a25c418c6a59a991beba3e97
3d553f17fdfd8d3a2dd97c541ac3ad2a4a6dcf505305037b8d7d78790cf085b4
3d89d2a833e0c8b73ddaac6d6ec14c4ab06c648ee6574f1b29e9ab8435e2f41e
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
40cb29c6823e44efb83a3f11ea4d5f63f6ba7d029afa2058205dbecfa7d9ca30
456ab1a71507ed91abae14c9d08faffb373a7bc711a66e44341b7b8b7bb72ab4
466ad6f481e0473a397153d021645e86262581ece798996028d757b86cbbaabe
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5718c1063be274898ba22a0f6e1eb7034b5c24c51f2d010534099571dc1901ed
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
629019c3f248473efe64d5fdbf31209d07d997a5269b16c5e4baeeccbffe6ecf
62b66cac6aac8cb51af3caca005c887f3fb72b9da286cf0f247e256cc6fa6abb
62c53d8848db5c8251b277e9335e317af46c20f9599b69799256d81b4b3a67b1
64a531f11c7d4d3ae1e84d034996fdc232a2492c36e59be8bfd53b94a656c621
680c5a09974340bdad4ad9dfd53eb31a9b1d7bc47464aa6721ae5172fe83e8db
697c29b0c27dee604743de3535ae083ea7c0352232a6d4cd912e4fd82082ed37
701d38f6b8d480f286b457439a8bdb3ce29c5d913c680429754efdb4f8a9562d
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
79c0eece5f838695dcbc613ad7b4e043c2e5a31ba4221af35ca9062cc17cb20c
7c046b6d8516aec1b57f9fb3673185fa458f45e7a1c10e52f18e3e11d15c0f0d
7d3b7e88b3c83dd902ced3b8daaa79f99eec78ccd9002f6b312b65d5aef381f1
7e8e0dd52fdad574552c3e7f492becb949de12a2936ddae55844807b3e80e90d
8165d8e2771d30c1a2baf2e6ebb58ce49c3b9dc575676b6f1aa7afeb2e5efe86
825bcade67052cde99899ccc90782226d1c1baab39244f26884dae084e7fc021
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83d6a46448afb87cedc4b6d5204b05ea79df73d5c8b911fff76dee3219ee9281
8585ab4163392e59a468392f7d111ce10a629f8a78c3eb0e418998e332b865ff
8a57b79b77e9b4a9f191413e2e4582b3b09b95f40a7a7f360234d9c7c5103eba
8bf150f6b29d6c9337de6c945a8f63c929b203442040688878bc2753fe13e007
8c63a7f821285b4c21d5849015f798e977bf3b9b7e173d498b5c3ac005764c34
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8ffc44bcd7df82a0d2ad084174ad7584250e3ae8f1e45cc3a1b1594b5861e074
9110798709442fa881b24c5845d26fd76999226d7c7366ad2487c665cbad8e47
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
93e2dd21e090fcdc2e8e0b7365a62337a4faceb3b28276d2410fcd04d008f030
94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a5b84b047c9cc91ed81c5a043634d21df2a87dbb0cac52fa8b972206c8b54f2
9c85aee395c333fe01f55a26125cae905954edfa057c949185ed5deb0854302e
9e41e783ec4cfc524c1666d1d5a4c805f8e92be52b030d130acfb31105e1e04c
a04fc286c5c1575ef4f87d630f75339cc968f5092fdeb9f3b09833ad27dc063c
a51884996ce93f9dbd4fab23ace08670de6a6521aa59235e31479a8520eacfc0
a8368c9bdc19373164c350feb12a6f11c9d6955b7cbc32b449d9fe85a607748a
af4c6683814aa527caf53bde3d021e6aafe00833b45f2dead043c87ed7864674
b8571176689c69e86b7fa087b115ee8cfe6aa4398a8a39797ea035b86eb32975
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c2636d239c265a5656677b6ed3f842f55edaf2040281669bcf3d173c8fbf4e3f
c8080fe2ff07f71ccf7cf7ce46f5b1a59a8ca4cfc574e477c2d1c5f201ae58d7
cdaac4172371a0d13c66325be74f92f4cb23575f7f8a2781d1d74323f926c720
cec590b68a6dd2b40fa90e876cb485c7eea3bac4e54cf4bb60335eacb010c431
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d1b0e009c9ef65f5bd40982dba1ca1de5ae039e29fa0438d5d800001504af962
d29d000556b37c68c8a38e57ee0b4838d6bc7d2fa656c54dedf5f4ee9b6b005d
d54c92c1b459e3b4a4fd2ce37492a629cffd6c0e595094c1042ae476923c7254
d5fd173d00d9733900834e0e1083de86b532e048b15c0420ba5c2db0623644b8
d9529adb741aab85064f3c288a9af1e40c31529228f1c663e5642857c33249cf
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
dfe4d56a7fc93e6699273e82312b3936906a121bf2f97a43380a153c31a00892
e34796d4279cf8a0a561a9018447f1b18fa71add2014d57ff9c881d73f669721
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eb4c26248b227477ac86e55431f1478db8a2bab39352585519b9c7e08d88d4a5
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f24d352fc8e0fbbfd349ef49e86d9317834abb3494be70b4513660803ff66c67
f475c34186022ba531ebc8bba97fc10df7e4c3ea854f314a18ab0644c851620d
fa5278204f6f231236aa7c4734f6a380f4fce3636b8ac041d7aac61b742fc07b