urlscan.io logo urlscan.io
SecurityTrails logo

www.salon.com Open in urlscan Pro
2600:9000:2240:8e00:1a:b9b9:50c0:93a1  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://www.salon.com/
Effective URL: https://www.salon.com/
Submission: On November 03 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 87 IPs in 11 countries across 69 domains to perform 166 HTTP transactions. The main IP is 2600:9000:2240:8e00:1a:b9b9:50c0:93a1, located in United States and belongs to AMAZON-02, US. The main domain is www.salon.com.
TLS certificate: Issued by Amazon on March 19th 2021. Valid for: a year.
This is the only time www.salon.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 4 2600:9000:224... 16509 (AMAZON-02)
2 2600:9000:223... 16509 (AMAZON-02)
3 2606:4700::68... 13335 (CLOUDFLAR...)
4 2a00:1450:400... 15169 (GOOGLE)
6 143.204.98.50 16509 (AMAZON-02)
2 52.222.214.98 16509 (AMAZON-02)
1 13.225.87.56 16509 (AMAZON-02)
1 3 2620:116:800d... 16509 (AMAZON-02)
1 35.167.53.177 16509 (AMAZON-02)
1 52.86.105.134 14618 (AMAZON-AES)
1 2600:9000:223... 16509 (AMAZON-02)
1 2a04:4e42:600... 54113 (FASTLY)
1 18.66.112.32 16509 (AMAZON-02)
1 18.66.112.67 16509 (AMAZON-02)
1 13.224.193.125 16509 (AMAZON-02)
4 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
3 2606:4700::68... 13335 (CLOUDFLAR...)
1 199.232.198.217 54113 (FASTLY)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 35.201.100.179 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
3 18.66.139.84 16509 (AMAZON-02)
3 172.217.18.98 15169 (GOOGLE)
3 216.52.2.19 30282 (AS-INAPCD...)
1 1 147.75.61.140 54825 (PACKET)
6 54.149.4.149 16509 (AMAZON-02)
1 1 104.92.74.8 16625 (AKAMAI-AS)
2 104.89.20.125 16625 (AKAMAI-AS)
1 99.80.189.205 16509 (AMAZON-02)
2 3 185.64.190.78 62713 (AS-PUBMATIC)
1 38.27.122.101 174 (COGENT-174)
4 4 18.192.95.190 16509 (AMAZON-02)
4 4 3.120.13.220 16509 (AMAZON-02)
5 5 18.156.0.31 16509 (AMAZON-02)
4 104.89.31.187 16625 (AKAMAI-AS)
1 13.35.253.106 16509 (AMAZON-02)
1 51.89.7.198 16276 (OVH)
1 54.218.247.33 16509 (AMAZON-02)
1 3.234.102.102 14618 (AMAZON-AES)
1 44.225.168.153 16509 (AMAZON-02)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2 35.244.159.8 15169 (GOOGLE)
1 2602:803:c003... 26667 (RUBICONPR...)
4 18.66.109.174 16509 (AMAZON-02)
1 23.37.38.181 16625 (AKAMAI-AS)
1 34.107.148.139 15169 (GOOGLE)
1 178.250.2.131 44788 (ASN-CRITE...)
1 2 37.252.172.38 29990 (ASN-APPNEX)
4 52.28.9.10 16509 (AMAZON-02)
1 185.64.189.112 62713 (AS-PUBMATIC)
1 72.251.249.13 29791 (VOXEL-DOT...)
4 185.86.138.32 201081 (SMARTADSE...)
1 2.18.232.7 16625 (AKAMAI-AS)
1 18.185.169.108 16509 (AMAZON-02)
1 18.66.97.105 16509 (AMAZON-02)
2 2a02:fa8:8806... 41041 (VCLK-EU-SE)
3 34.149.20.76 15169 (GOOGLE)
1 34.117.126.186 15169 (GOOGLE)
1 35.156.230.193 16509 (AMAZON-02)
1 185.255.84.151 200271 (IGUANE-)
1 142.250.186.98 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
5 2600:9000:225... 16509 (AMAZON-02)
1 54.213.79.211 16509 (AMAZON-02)
1 54.187.25.111 16509 (AMAZON-02)
1 1 37.252.172.45 29990 (ASN-APPNEX)
1 8 52.35.10.191 16509 (AMAZON-02)
3 4 15.197.193.217 16509 (AMAZON-02)
1 12 185.64.189.110 62713 (AS-PUBMATIC)
6 9 142.250.186.162 15169 (GOOGLE)
2 2 52.212.206.16 16509 (AMAZON-02)
1 2a04:4e42:400... 54113 (FASTLY)
1 72.34.250.75 27630 (AS-XFERNET)
1 13.225.87.87 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 46.105.202.126 16276 (OVH)
1 8.39.36.141 26667 (RUBICONPR...)
1 35.84.44.29 16509 (AMAZON-02)
2 2a03:2880:f01... 32934 (FACEBOOK)
3 3 69.173.144.165 26667 (RUBICONPR...)
1 35.244.174.68 15169 (GOOGLE)
3 3 151.101.194.49 54113 (FASTLY)
4 69.173.144.139 26667 (RUBICONPR...)
3 3 185.29.132.241 30419 (MEDIAMATH...)
1 2 2a05:d018:d29... 16509 (AMAZON-02)
2 2a03:2880:f11... 32934 (FACEBOOK)
2 2.18.233.180 16625 (AKAMAI-AS)
3 4 37.157.6.252 198622 (ADFORM)
2 2 213.155.156.164 1299 (TWELVE99 ...)
1 178.250.0.163 44788 (ASN-CRITE...)
1 1 85.114.159.118 24961 (MYLOC-AS ...)
3 198.47.127.20 3257 (GTT-BACKB...)
2 3 51.222.80.231 16276 (OVH)
2 2 52.209.129.133 16509 (AMAZON-02)
2 2 34.254.143.3 16509 (AMAZON-02)
1 159.253.128.188 36351 (SOFTLAYER)
1 1 47.252.78.131 45102 (CNNIC-ALI...)
166 87
4    2600:9000:2240:8e00:1a:b9b9:50c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
www.salon.com
2    2600:9000:223c:6e00:18:1fcd:34f:cdc1 (United States)

ASN16509 (AMAZON-02, US)
static.chartbeat.com
3    2606:4700::6811:4f22 (United States)

ASN13335 (CLOUDFLARENET, US)
global.proper.io
eb.proper.io
4    2a00:1450:4001:831::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
6    143.204.98.50 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-50.fra50.r.cloudfront.net
mediaproxy.salon.com
2    52.222.214.98 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-214-98.fra56.r.cloudfront.net
assets.salon.com
1    13.225.87.56 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-87-56.fra2.r.cloudfront.net
get.s-onetag.com
3    2620:116:800d:21:8c6e:cf2c:8d6:9fb5 (United States)

ASN16509 (AMAZON-02, US)
secure.quantserve.com
pixel.quantserve.com
1    35.167.53.177 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-167-53-177.us-west-2.compute.amazonaws.com
a.ad.gt
1    52.86.105.134 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-86-105-134.compute-1.amazonaws.com
ping.chartbeat.net
1    2600:9000:223c:ba00:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
rules.quantcount.com
1    2a04:4e42:600::714 (United States)

ASN54113 (FASTLY, US)
mab.chartbeat.com
1    18.66.112.32 (United States)

ASN16509 (AMAZON-02, US)
onetag-geo.s-onetag.com
1    18.66.112.67 (United States)

ASN16509 (AMAZON-02, US)
signal-beacon.s-onetag.com
1    13.224.193.125 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-193-125.fra2.r.cloudfront.net
signal-segments.s-onetag.com
4    2a00:1450:4001:812::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fundingchoicesmessages.google.com
1    2a00:1450:400c:c06::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
3    2606:4700::6812:9eea (United States)

ASN13335 (CLOUDFLARENET, US)
player.propervideo.io
mediaproxy.propervideo.io
1    199.232.198.217 (United States)

ASN54113 (FASTLY, US)
static.scroll.com
2    2a00:1450:4001:82a::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
2    2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
1    35.201.100.179 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 179.100.201.35.bc.googleusercontent.com
connect.scroll.com
1    2a00:1450:4001:809::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
3    18.66.139.84 (United States)

ASN16509 (AMAZON-02, US)
tagan.adlightning.com
3    172.217.18.98 (United States)

ASN15169 (GOOGLE, US)
PTR: zrh04s05-in-f98.1e100.net
securepubads.g.doubleclick.net
3    216.52.2.19 (United States)

ASN30282 (AS-INAPCDN-OCY, US)
ce.lijit.com
1    147.75.61.140 (Ashburn, United States)

ASN54825 (PACKET, US)
prebid.a-mo.net
6    54.149.4.149 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-149-4-149.us-west-2.compute.amazonaws.com
usync.proper.io
1    104.92.74.8 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-92-74-8.deploy.static.akamaitechnologies.com
secure-assets.rubiconproject.com
2    104.89.20.125 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-89-20-125.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
1    99.80.189.205 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-99-80-189-205.eu-west-1.compute.amazonaws.com
ads.yieldmo.com
3    185.64.190.78 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
1    38.27.122.101 (Chestertown, United States)

ASN174 (COGENT-174, US)
match.bnmla.com
4    18.192.95.190 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-192-95-190.eu-central-1.compute.amazonaws.com
x.bidswitch.net
4    3.120.13.220 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-120-13-220.eu-central-1.compute.amazonaws.com
pixel.advertising.com
5    18.156.0.31 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-0-31.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
4    104.89.31.187 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-89-31-187.deploy.static.akamaitechnologies.com
secure.cdn.fastclick.net
1    13.35.253.106 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-253-106.fra6.r.cloudfront.net
ats.rlcdn.com
1    51.89.7.198 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: p20.id5-sync.com
id5-sync.com
1    54.218.247.33 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-218-247-33.us-west-2.compute.amazonaws.com
id.sharedid.org
1    3.234.102.102 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-234-102-102.compute-1.amazonaws.com
fid.agkn.com
1    44.225.168.153 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-225-168-153.us-west-2.compute.amazonaws.com
bids.proper.io
1    2606:4700::6812:9fea (United States)

ASN13335 (CLOUDFLARENET, US)
propervideo.io
2    35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
propermedia-d.openx.net
u.openx.net
1    2602:803:c003:200::51 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
4    18.66.109.174 (United States)

ASN16509 (AMAZON-02, US)
c.amazon-adsystem.com
1    23.37.38.181 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-37-38-181.deploy.static.akamaitechnologies.com
htlb.casalemedia.com
1    34.107.148.139 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 139.148.107.34.bc.googleusercontent.com
prebid.media.net
1    178.250.2.131 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: bidder.am5.vip.prod.criteo.com
bidder.criteo.com
2    37.252.172.38 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 690.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
ib.adnxs.com
4    52.28.9.10 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-28-9-10.eu-central-1.compute.amazonaws.com
btlr.sharethrough.com
1    185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
1    72.251.249.13 (Amsterdam, Netherlands)

ASN29791 (VOXEL-DOT-NET, US)
ap.lijit.com
4    185.86.138.32 (France)

ASN201081 (SMARTADSERVER, FR)
prg.smartadserver.com
1    2.18.232.7 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-232-7.deploy.static.akamaitechnologies.com
a.teads.tv
1    18.185.169.108 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-185-169-108.eu-central-1.compute.amazonaws.com
tlx.3lift.com
1    18.66.97.105 (United States)

ASN16509 (AMAZON-02, US)
hb.undertone.com
2    2a02:fa8:8806:13::1460 (Singapore)

ASN41041 (VCLK-EU-SE, US)
web.hb.ad.cpe.dotomi.com
proc.ad.cpe.dotomi.com
3    34.149.20.76 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 76.20.149.34.bc.googleusercontent.com
ssc.33across.com
1    34.117.126.186 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 186.126.117.34.bc.googleusercontent.com
bids.concert.io
1    35.156.230.193 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-156-230-193.eu-central-1.compute.amazonaws.com
hb.emxdgt.com
1    185.255.84.151 (Paris, France)

ASN200271 (IGUANE-, FR)
hb-api.omnitagjs.com
1    142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net
www.googleadservices.com
1    2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2a00:1450:4001:801::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
lh3.googleusercontent.com
2    2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
5    2600:9000:225e:d800:14:6f36:d40:21 (United States)

ASN16509 (AMAZON-02, US)
d2um6xmmztr4fp.cloudfront.net
1    54.213.79.211 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-213-79-211.us-west-2.compute.amazonaws.com
aufp.io
1    54.187.25.111 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-187-25-111.us-west-2.compute.amazonaws.com
p.ad.gt
1    37.252.172.45 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
secure.adnxs.com
8    52.35.10.191 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-35-10-191.us-west-2.compute.amazonaws.com
ids.ad.gt
4    15.197.193.217 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org
12    185.64.189.110 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
simage2.pubmatic.com
9    142.250.186.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net
cm.g.doubleclick.net
2    52.212.206.16 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-212-206-16.eu-west-1.compute.amazonaws.com
match.prod.bidr.io
1    2a04:4e42:400::300 (United States)

ASN54113 (FASTLY, US)
trc.taboola.com
1    72.34.250.75 (North Hollywood, United States)

ASN27630 (AS-XFERNET, US)
sync.go.sonobi.com
1    13.225.87.87 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-87-87.fra2.r.cloudfront.net
geo.privacymanager.io
1    2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    46.105.202.126 (France)

ASN16276 (OVH, FR)
cdn.id5-sync.com
1    8.39.36.141 (Los Angeles, United States)

ASN26667 (RUBICONPROJECT, US)
pixel-us-west.rubiconproject.com
1    35.84.44.29 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-84-44-29.us-west-2.compute.amazonaws.com
pixels.ad.gt
2    2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
3    69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
1    35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com
id.rlcdn.com
3    151.101.194.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
4    69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
3    185.29.132.241 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
2    2a05:d018:d29:3601:cd4:b591:26a5:2dfd (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
pr-bh.ybp.yahoo.com
2    2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
2    2.18.233.180 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-180.deploy.static.akamaitechnologies.com
ads.pubmatic.com
4    37.157.6.252 (Denmark)

ASN198622 (ADFORM, DK)
PTR: s1.adform.net
c1.adform.net
2    213.155.156.164 (Uppsala, Sweden)

ASN1299 (TWELVE99 Twelve99, Telia Carrier, SE)
PTR: 213-155-156-164.teliacarrier-cust.com
d5p.de17a.com
1    178.250.0.163 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.criteo.com
1    85.114.159.118 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com
dsp.adfarm1.adition.com
3    198.47.127.20 (United States)

ASN3257 (GTT-BACKBONE GTT, US)
image4.pubmatic.com
simage4.pubmatic.com
3    51.222.80.231 (Canada)

ASN16276 (OVH, FR)
PTR: pikafka-4.cloudy.ovh
pixel.onaudience.com
2    52.209.129.133 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-209-129-133.eu-west-1.compute.amazonaws.com
sync.crwdcntrl.net
2    34.254.143.3 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-254-143-3.eu-west-1.compute.amazonaws.com
loada.exelator.com
1    159.253.128.188 (Amsterdam, Netherlands)

ASN36351 (SOFTLAYER, US)
PTR: bc.80.fd9f.ip4.static.sl-reverse.com
um.simpli.fi
1    47.252.78.131 (United States)

ASN45102 (CNNIC-ALIBABA-US-NET-AP Alibaba US Technology Co., Ltd., CN)
event.clientgear.com
Apex Domain
Subdomains		 Transfer
21 pubmatic.com
image6.pubmatic.com
hbopenbid.pubmatic.com
image2.pubmatic.com
ads.pubmatic.com
simage2.pubmatic.com
image4.pubmatic.com
simage4.pubmatic.com
28 KB
14 doubleclick.net
stats.g.doubleclick.net
securepubads.g.doubleclick.net
cm.g.doubleclick.net
googleads.g.doubleclick.net
149 KB
12 rubiconproject.com
secure-assets.rubiconproject.com
eus.rubiconproject.com
fastlane.rubiconproject.com
pixel-us-west.rubiconproject.com
token.rubiconproject.com
pixel.rubiconproject.com
17 KB
12 salon.com
www.salon.com
mediaproxy.salon.com
assets.salon.com
182 KB
11 ad.gt
a.ad.gt
p.ad.gt
ids.ad.gt
pixels.ad.gt
16 KB
10 proper.io
global.proper.io
usync.proper.io
bids.proper.io
eb.proper.io
127 KB
7 yahoo.com
ups.analytics.yahoo.com
pr-bh.ybp.yahoo.com
6 KB
6 google.com
fundingchoicesmessages.google.com
www.google.com
84 KB
5 cloudfront.net
d2um6xmmztr4fp.cloudfront.net
554 KB
4 adform.net
c1.adform.net
2 KB
4 adsrvr.org
match.adsrvr.org
2 KB
4 smartadserver.com
prg.smartadserver.com
7 KB
4 sharethrough.com
btlr.sharethrough.com
449 B
4 amazon-adsystem.com
c.amazon-adsystem.com
41 KB
4 fastclick.net
secure.cdn.fastclick.net
94 KB
4 advertising.com
pixel.advertising.com
1 KB
4 bidswitch.net
x.bidswitch.net
2 KB
4 lijit.com
ce.lijit.com
ap.lijit.com
2 KB
4 propervideo.io
player.propervideo.io
propervideo.io
mediaproxy.propervideo.io
208 KB
4 s-onetag.com
get.s-onetag.com
onetag-geo.s-onetag.com
signal-beacon.s-onetag.com
signal-segments.s-onetag.com
19 KB
4 google-analytics.com
www.google-analytics.com
22 KB
3 onaudience.com
pixel.onaudience.com
1 KB
3 mathtag.com
sync.mathtag.com
2 KB
3 everesttech.net
sync-tm.everesttech.net
824 B
3 33across.com
ssc.33across.com
667 B
3 adnxs.com
ib.adnxs.com
secure.adnxs.com
3 KB
3 adlightning.com
tagan.adlightning.com
67 KB
3 quantserve.com
secure.quantserve.com
pixel.quantserve.com
11 KB
3 chartbeat.com
static.chartbeat.com
mab.chartbeat.com
24 KB
2 exelator.com
loada.exelator.com
2 KB
2 crwdcntrl.net
sync.crwdcntrl.net
1 KB
2 de17a.com
d5p.de17a.com
637 B
2 facebook.com
www.facebook.com
419 B
2 facebook.net
connect.facebook.net
115 KB
2 bidr.io
match.prod.bidr.io
1 KB
2 gstatic.com
fonts.gstatic.com
158 KB
2 dotomi.com
web.hb.ad.cpe.dotomi.com
proc.ad.cpe.dotomi.com
1 KB
2 criteo.com
bidder.criteo.com
dis.criteo.com
616 B
2 openx.net
propermedia-d.openx.net
u.openx.net
944 B
2 id5-sync.com
id5-sync.com
cdn.id5-sync.com
11 KB
2 rlcdn.com
ats.rlcdn.com
id.rlcdn.com
61 KB
2 google.de
www.google.de
655 B
2 scroll.com
static.scroll.com
connect.scroll.com
19 KB
1 clientgear.com
event.clientgear.com
262 B
1 simpli.fi
um.simpli.fi
612 B
1 adition.com
dsp.adfarm1.adition.com
501 B
1 privacymanager.io
geo.privacymanager.io
594 B
1 sonobi.com
sync.go.sonobi.com
410 B
1 taboola.com
trc.taboola.com
239 B
1 aufp.io
aufp.io
3 KB
1 googleusercontent.com
lh3.googleusercontent.com
2 KB
1 googleapis.com
fonts.googleapis.com
4 KB
1 googleadservices.com
www.googleadservices.com
15 KB
1 omnitagjs.com
hb-api.omnitagjs.com
741 B
1 emxdgt.com
hb.emxdgt.com
158 B
1 concert.io
bids.concert.io
405 B
1 undertone.com
hb.undertone.com
684 B
1 3lift.com
tlx.3lift.com
5 KB
1 teads.tv
a.teads.tv
247 B
1 media.net
prebid.media.net
880 B
1 casalemedia.com
htlb.casalemedia.com
394 B
1 agkn.com
fid.agkn.com
687 B
1 sharedid.org
id.sharedid.org
213 B
1 bnmla.com
match.bnmla.com
114 B
1 yieldmo.com
ads.yieldmo.com
35 B
1 a-mo.net
prebid.a-mo.net
725 B
1 googletagmanager.com
www.googletagmanager.com
39 KB
1 quantcount.com
rules.quantcount.com
2 KB
1 chartbeat.net
ping.chartbeat.net
201 B
166 69
Domain Requested by
9 cm.g.doubleclick.net 6 redirects www.salon.com
8 ids.ad.gt 1 redirects www.salon.com
6 simage2.pubmatic.com ads.pubmatic.com
6 image2.pubmatic.com 1 redirects ads.pubmatic.com
6 usync.proper.io www.salon.com
6 mediaproxy.salon.com www.salon.com
5 d2um6xmmztr4fp.cloudfront.net player.propervideo.io
5 ups.analytics.yahoo.com 5 redirects
4 c1.adform.net 3 redirects ads.pubmatic.com
4 pixel.rubiconproject.com www.salon.com
4 match.adsrvr.org 3 redirects www.salon.com
4 prg.smartadserver.com global.proper.io
4 btlr.sharethrough.com global.proper.io
4 c.amazon-adsystem.com global.proper.io
c.amazon-adsystem.com
4 secure.cdn.fastclick.net global.proper.io
secure.cdn.fastclick.net
4 pixel.advertising.com 4 redirects
4 x.bidswitch.net 4 redirects
4 fundingchoicesmessages.google.com global.proper.io
4 www.google-analytics.com www.salon.com
www.google-analytics.com
4 www.salon.com 1 redirects www.salon.com
3 pixel.onaudience.com 2 redirects ads.pubmatic.com
3 sync.mathtag.com 3 redirects
3 sync-tm.everesttech.net 3 redirects
3 token.rubiconproject.com 3 redirects
3 ssc.33across.com global.proper.io
3 image6.pubmatic.com 2 redirects ads.pubmatic.com
3 ce.lijit.com global.proper.io
3 securepubads.g.doubleclick.net global.proper.io
tagan.adlightning.com
securepubads.g.doubleclick.net
3 tagan.adlightning.com global.proper.io
tagan.adlightning.com
2 loada.exelator.com 2 redirects
2 sync.crwdcntrl.net 2 redirects
2 image4.pubmatic.com ads.pubmatic.com
2 d5p.de17a.com 2 redirects
2 ads.pubmatic.com tagan.adlightning.com
ads.pubmatic.com
2 www.facebook.com www.salon.com
2 pr-bh.ybp.yahoo.com 1 redirects ads.pubmatic.com
2 connect.facebook.net p.ad.gt
connect.facebook.net
2 match.prod.bidr.io 2 redirects
2 fonts.gstatic.com fonts.googleapis.com
2 ib.adnxs.com 1 redirects global.proper.io
2 eus.rubiconproject.com global.proper.io
eus.rubiconproject.com
2 www.google.de www.salon.com
2 www.google.com www.salon.com
2 player.propervideo.io www.salon.com
tagan.adlightning.com
2 pixel.quantserve.com 1 redirects www.salon.com
2 assets.salon.com www.salon.com
2 global.proper.io www.salon.com
global.proper.io
2 static.chartbeat.com www.salon.com
1 simage4.pubmatic.com ads.pubmatic.com
1 event.clientgear.com 1 redirects
1 um.simpli.fi ads.pubmatic.com
1 dsp.adfarm1.adition.com 1 redirects
1 dis.criteo.com ads.pubmatic.com
1 id.rlcdn.com www.salon.com
1 u.openx.net 1 redirects
1 pixels.ad.gt tagan.adlightning.com
1 pixel-us-west.rubiconproject.com www.salon.com
1 eb.proper.io global.proper.io
1 proc.ad.cpe.dotomi.com secure.cdn.fastclick.net
1 cdn.id5-sync.com tagan.adlightning.com
1 googleads.g.doubleclick.net tagan.adlightning.com
1 geo.privacymanager.io ats.rlcdn.com
1 sync.go.sonobi.com www.salon.com
1 trc.taboola.com www.salon.com
1 secure.adnxs.com 1 redirects
1 p.ad.gt a.ad.gt
1 aufp.io a.ad.gt
1 lh3.googleusercontent.com www.salon.com
1 fonts.googleapis.com
1 www.googleadservices.com www.googletagmanager.com
1 hb-api.omnitagjs.com global.proper.io
1 hb.emxdgt.com global.proper.io
1 bids.concert.io global.proper.io
1 web.hb.ad.cpe.dotomi.com global.proper.io
1 hb.undertone.com global.proper.io
1 tlx.3lift.com global.proper.io
1 a.teads.tv global.proper.io
1 ap.lijit.com global.proper.io
1 hbopenbid.pubmatic.com global.proper.io
1 bidder.criteo.com global.proper.io
1 prebid.media.net global.proper.io
1 htlb.casalemedia.com global.proper.io
1 fastlane.rubiconproject.com global.proper.io
1 propermedia-d.openx.net global.proper.io
1 mediaproxy.propervideo.io www.salon.com
1 propervideo.io player.propervideo.io
1 bids.proper.io global.proper.io
1 fid.agkn.com global.proper.io
1 id.sharedid.org global.proper.io
1 id5-sync.com global.proper.io
1 ats.rlcdn.com global.proper.io
1 match.bnmla.com global.proper.io
1 ads.yieldmo.com global.proper.io
1 secure-assets.rubiconproject.com 1 redirects
1 prebid.a-mo.net 1 redirects
1 www.googletagmanager.com www.salon.com
1 connect.scroll.com static.scroll.com
1 static.scroll.com www.salon.com
1 stats.g.doubleclick.net www.google-analytics.com
1 signal-segments.s-onetag.com get.s-onetag.com
1 signal-beacon.s-onetag.com get.s-onetag.com
1 onetag-geo.s-onetag.com get.s-onetag.com
1 mab.chartbeat.com static.chartbeat.com
1 rules.quantcount.com secure.quantserve.com
1 ping.chartbeat.net www.salon.com
1 a.ad.gt www.salon.com
1 secure.quantserve.com www.salon.com
1 get.s-onetag.com www.salon.com
166 108

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
proper.io
www.adlightning.com
Subject Issuer Validity Valid
salon.com
Amazon		 2021-03-19 -
2022-04-17		 a year crt.sh
*.chartbeat.com
Thawte RSA CA 2018		 2021-05-20 -
2022-06-03		 a year crt.sh
proper.io
Cloudflare Inc ECC CA-3		 2021-06-07 -
2022-06-06		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-10-18 -
2022-01-10		 3 months crt.sh
*.s-onetag.com
Amazon		 2021-02-03 -
2022-03-04		 a year crt.sh
*.quantserve.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-22 -
2022-09-21		 a year crt.sh
*.ad.gt
Amazon		 2021-06-09 -
2022-07-08		 a year crt.sh
*.chartbeat.net
Thawte RSA CA 2018		 2020-12-01 -
2021-12-30		 a year crt.sh
*.google.com
GTS CA 1C3		 2021-10-04 -
2021-12-27		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-10-04 -
2021-12-27		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-06-11 -
2022-06-10		 a year crt.sh
*.scroll.com
R3		 2021-10-29 -
2022-01-27		 3 months crt.sh
www.google.com
GTS CA 1C3		 2021-10-04 -
2021-12-27		 3 months crt.sh
www.google.de
GTS CA 1C3		 2021-10-18 -
2022-01-10		 3 months crt.sh
*.adlightning.com
Amazon		 2021-06-24 -
2022-07-23		 a year crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2021-03-11 -
2022-04-12		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-04-01 -
2022-04-04		 a year crt.sh
*.yieldmo.com
Amazon		 2021-05-25 -
2022-06-23		 a year crt.sh
*.bnmla.com
Go Daddy Secure Certificate Authority - G2		 2021-01-06 -
2022-02-07		 a year crt.sh
secure.cdn.fastclick.net
DigiCert SHA2 Secure Server CA		 2021-03-11 -
2022-03-15		 a year crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2021-02-25 -
2022-03-28		 a year crt.sh
*.id5-sync.com
R3		 2021-10-05 -
2022-01-03		 3 months crt.sh
id.sharedid.org
Amazon		 2021-01-08 -
2022-02-06		 a year crt.sh
*.agkn.com
RapidSSL RSA CA 2018		 2020-07-25 -
2022-09-18		 2 years crt.sh
*.proper.io
Sectigo RSA Domain Validation Secure Server CA		 2020-12-20 -
2022-01-20		 a year crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2021-07-08 -
2022-08-08		 a year crt.sh
c.amazon-adsystem.com
Amazon		 2021-07-06 -
2022-06-27		 a year crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018		 2021-02-05 -
2022-02-09		 a year crt.sh
*.media.net
Sectigo RSA Domain Validation Secure Server CA		 2021-04-12 -
2022-05-05		 a year crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-09-09 -
2021-12-07		 3 months crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2021-03-05 -
2022-02-19		 a year crt.sh
*.sharethrough.com
Amazon		 2021-08-13 -
2022-09-11		 a year crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2021-08-04 -
2022-09-04		 a year crt.sh
*.smartadserver.com
DigiCert ECC Secure Server CA		 2020-01-30 -
2022-02-03		 2 years crt.sh
teads.tv
R3		 2021-11-03 -
2022-02-01		 3 months crt.sh
*.3lift.com
Amazon		 2021-06-12 -
2022-07-11		 a year crt.sh
*.undertone.com
Amazon		 2021-10-04 -
2022-11-01		 a year crt.sh
ad.cpe.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2021-07-13 -
2022-06-25		 a year crt.sh
ssc.33across.com
GTS CA 1D4		 2021-09-28 -
2021-12-27		 3 months crt.sh
bids.concert.io
GTS CA 1D4		 2021-09-12 -
2021-12-11		 3 months crt.sh
*.emxdgt.com
Amazon		 2021-07-02 -
2022-07-31		 a year crt.sh
omnitagjs.com
Sectigo RSA Domain Validation Secure Server CA		 2021-05-24 -
2022-06-23		 a year crt.sh
www.googleadservices.com
GTS CA 1C3		 2021-10-04 -
2021-12-27		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2021-10-04 -
2021-12-27		 3 months crt.sh
*.googleusercontent.com
GTS CA 1C3		 2021-10-04 -
2021-12-27		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2021-10-18 -
2022-01-10		 3 months crt.sh
*.cloudfront.net
Amazon		 2021-03-19 -
2022-03-17		 a year crt.sh
aufp.io
Amazon		 2020-12-26 -
2022-01-24		 a year crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1		 2020-11-25 -
2021-12-26		 a year crt.sh
*.go.sonobi.com
Go Daddy Secure Certificate Authority - G2		 2020-12-06 -
2022-01-07		 a year crt.sh
*.privacymanager.io
Amazon		 2021-09-25 -
2022-10-24		 a year crt.sh
cdn.id5-sync.com
R3		 2021-09-15 -
2021-12-14		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2021-08-13 -
2021-11-11		 3 months crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2021-03-18 -
2022-04-19		 a year crt.sh
track.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-06 -
2022-10-07		 a year crt.sh
*.simpli.fi
DigiCert SHA2 Secure Server CA		 2019-09-18 -
2021-12-12		 2 years crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2021-08-24 -
2022-02-16		 6 months crt.sh

This page contains 9 frames:

Primary Page: https://www.salon.com/
Frame ID: 8E8FDA8D793E96FB0192AFE1E4BE13D9
Requests: 133 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=8777&endpoint=us-west
Frame ID: 1A885A41DEA756A3D1F34E05D6AC8645
Requests: 11 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156374&s=206686&predirect=
Frame ID: F217C11F0F43FB288E08E5E23F43FBD9
Requests: 17 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 0EBE9E2C14AE830E9164626F6712672E
Requests: 1 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=0FE355CA-71C4-40AC-AC05-98C8E8C1D328
Frame ID: A0EE345559AFEDF0A2EE366F5CE87099
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=3341736361121403267
Frame ID: 0F2F63326E9E18C441E682B7B685CD3D
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: E07ED73E784385E4158ADC8703A2CCDA
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7026464915995818126
Frame ID: B746A79AC10F8B9F8BFA828F7B7DA84D
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YYMEnQAB2NTyTwBR&gdpr=0&gdpr_consent=
Frame ID: 83DB8646160FD14971F4AAD48A4047C7
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Salon.com | News, Politics, Culture, Science & Food

Page URL History Show full URLs

  1. http://www.salon.com/ HTTP 301
    https://www.salon.com/ Page URL

Page Statistics

166
Requests

81 %
HTTPS

25 %
IPv6

69
Domains

108
Subdomains

87
IPs

11
Countries

2093 kB
Transfer

5035 kB
Size

119
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.salon.com/ HTTP 301
    https://www.salon.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 39
  • https://prebid.a-mo.net/cchain/0?cb=https%3A%2F%2Fusync.proper.io%2Fv1%2Fusersync%3Fbidder%3Dadaptmx%26proper_uid%3D2e8e7dc6-0291-43d2-81fe-f8e99abcd3d9%26uid%3D&gdpr=false&us_privacy=1---&callback=window.proper_06346978_c92a9092_2 HTTP 302
  • https://usync.proper.io/v1/usersync?bidder=adaptmx&proper_uid=2e8e7dc6-0291-43d2-81fe-f8e99abcd3d9&uid=d2ee4bed-788f-4ff5-81a6-a951f6e82af8&us_privacy=1---
Request Chain 40
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=8777&endpoint=us-west HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=8777&endpoint=us-west
Request Chain 42
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fusync.proper.io%2Fv1%2Fusersync%3Fbidder%3Dpubmatic%26proper_uid%3D2e8e7dc6-0291-43d2-81fe-f8e99abcd3d9%26uid%3D%23PM_USER_ID&gdpr=false&us_privacy=1---&callback=window.proper_fd733044_3b374cbb_4 HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fusync.proper.io%2Fv1%2Fusersync%3Fbidder%3Dpubmatic%26proper_uid%3D2e8e7dc6-0291-43d2-81fe-f8e99abcd3d9%26uid%3D%23PM_USER_ID&gdpr=false&us_privacy=1---&callback=window.proper_fd733044_3b374cbb_4&rdf=1 HTTP 302
  • https://usync.proper.io/v1/usersync?bidder=pubmatic&proper_uid=2e8e7dc6-0291-43d2-81fe-f8e99abcd3d9&uid=0FE355CA-71C4-40AC-AC05-98C8E8C1D328
Request Chain 44
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fusync.proper.io%2Fv1%2Fusersync%3Fbidder%3Dmediagrid%26proper_uid%3D2e8e7dc6-0291-43d2-81fe-f8e99abcd3d9%26uid%3D%24%7BBSW_UUID%7D?gdpr=false&us_privacy=1---&callback=window.proper_1882cfa7_f743c969_6 HTTP 302
  • https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fusync.proper.io%2Fv1%2Fusersync%3Fbidder%3Dmediagrid%26proper_uid%3D2e8e7dc6-0291-43d2-81fe-f8e99abcd3d9%26uid%3D%24%7BBSW_UUID%7D?gdpr=false&us_privacy=1---&callback=window.proper_1882cfa7_f743c969_6 HTTP 302
  • https://usync.proper.io/v1/usersync?bidder=mediagrid&proper_uid=2e8e7dc6-0291-43d2-81fe-f8e99abcd3d9&uid=e096de5a-79d2-448d-9f49-a19e33134835
Request Chain 45
  • https://pixel.advertising.com/ups/58316/sync?redir=true&gdpr=false&us_privacy=1---&callback=window.proper_745ee9d3_8e5a06ca_7 HTTP 302
  • https://pixel.advertising.com/ups/58316/sync?redir=true&gdpr=false&us_privacy=1---&callback=window.proper_745ee9d3_8e5a06ca_7&verify=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/58316/sync?redir=true&gdpr=false&us_privacy=1---&callback=window.proper_745ee9d3_8e5a06ca_7&apid=UP5649fdf7-3cf0-11ec-986e-02b6af95a6ec HTTP 302
  • https://usync.proper.io/v1/usersync?bidder=aol_instream_s2s&uid=y-KORI9RRE2uEyoXEP89OcfuNhDP_mdkic~A~UP5649fdf7-3cf0-11ec-986e-02b6af95a6ec
Request Chain 46
  • https://pixel.advertising.com/ups/58316/sync?redir=true&gdpr=false&us_privacy=1---&callback=window.proper_2edee819_ae957c85_8 HTTP 302
  • https://pixel.advertising.com/ups/58316/sync?redir=true&gdpr=false&us_privacy=1---&callback=window.proper_2edee819_ae957c85_8&verify=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/58316/sync?redir=true&gdpr=false&us_privacy=1---&callback=window.proper_2edee819_ae957c85_8&apid=UP5649fdf7-3cf0-11ec-986e-02b6af95a6ec HTTP 302
  • https://usync.proper.io/v1/usersync?bidder=aol_instream_s2s&uid=y-KORI9RRE2uEyoXEP89OcfuNhDP_mdkic~A~UP5649fdf7-3cf0-11ec-986e-02b6af95a6ec
Request Chain 47
  • https://ups.analytics.yahoo.com/ups/58355/sync?redir=true&callback=window.proper_75048cb8_1da86cd5_9 HTTP 302
  • https://ups.analytics.yahoo.com/ups/58355/sync?redir=true&callback=window.proper_75048cb8_1da86cd5_9&verify=true HTTP 302
  • https://usync.proper.io/v1/usersync?bidder=verizon_media_s2s&uid=y-KORI9RRE2uEyoXEP89OcfuNhDP_mdkic~A
Request Chain 102
  • https://secure.adnxs.com/getuid?https://ids.ad.gt/api/v1/match?id=de073e09-6df1-4182-9ecf-5314e62cd9e4&adnxs_id=$UID HTTP 302
  • https://ids.ad.gt/api/v1/match?id=de073e09-6df1-4182-9ecf-5314e62cd9e4&adnxs_id=2122704094273706711
Request Chain 103
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8gkxb6n&ttd_tpi=1&gpdr=0&ttd_puid=de073e09-6df1-4182-9ecf-5314e62cd9e4 HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=8gkxb6n&ttd_tpi=1&gpdr=0&ttd_puid=de073e09-6df1-4182-9ecf-5314e62cd9e4 HTTP 302
  • https://ids.ad.gt/api/v1/t_match?tdid=b25042a1-920c-4527-ab1d-1239a8bb2046&id=de073e09-6df1-4182-9ecf-5314e62cd9e4
Request Chain 104
  • https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fpbm_match%3Fpbm%3D%23PM_USER_ID%26id%3Dde073e09-6df1-4182-9ecf-5314e62cd9e4 HTTP 302
  • https://ids.ad.gt/api/v1/pbm_match?pbm=0FE355CA-71C4-40AC-AC05-98C8E8C1D328&id=de073e09-6df1-4182-9ecf-5314e62cd9e4
Request Chain 105
  • https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_cm&google_sc&google_ula=450542624&id=de073e09-6df1-4182-9ecf-5314e62cd9e4 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_cm=&google_sc=&google_ula=450542624&id=de073e09-6df1-4182-9ecf-5314e62cd9e4&google_tc= HTTP 302
  • https://ids.ad.gt/api/v1/g_match?id=de073e09-6df1-4182-9ecf-5314e62cd9e4&google_gid=CAESEO8bnENmEG1nrkxYnMKJTM4&google_cver=1&google_ula=450542624,0
Request Chain 106
  • https://ids.ad.gt/api/v1/g_hosted?id=de073e09-6df1-4182-9ecf-5314e62cd9e4 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_hm=ZGUwNzNlMDktNmRmMS00MTgyLTllY2YtNTMxNGU2MmNkOWU0
Request Chain 107
  • https://match.prod.bidr.io/cookie-sync/audigent?buyer_user_id=de073e09-6df1-4182-9ecf-5314e62cd9e4 HTTP 303
  • https://match.prod.bidr.io/cookie-sync/audigent?buyer_user_id=de073e09-6df1-4182-9ecf-5314e62cd9e4&_bee_ppp=1 HTTP 303
  • https://ids.ad.gt/api/v1/beeswax_match?beeswax_id=AAVMSE7DBgkAADFpDtoCIw&id=de073e09-6df1-4182-9ecf-5314e62cd9e4
Request Chain 132
  • https://u.openx.net/w/1.0/cm?id=998eaf06-9905-4eae-9e26-9fac75960c53&r=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fopenx%3Fopenx_id%3D%7BOPENX_ID%7D%26id%3D0201wslsds07jv2yg08xizqr0bwpa1w0evvljv1k7cm961o8b5po0ntek210qskvk40trr7270wqxik90zq3u2c12pa5j31k0gxf118nmsj90fzd0bt1elzfjf1hl5r1i1kkc2jl%26auid%3Dde073e09-6df1-4182-9ecf-5314e62cd9e4 HTTP 302
  • https://ids.ad.gt/api/v1/openx?openx_id=b1cd52bf-7c41-06c9-3cf9-58b91a5e6242&id=0201wslsds07jv2yg08xizqr0bwpa1w0evvljv1k7cm961o8b5po0ntek210qskvk40trr7270wqxik90zq3u2c12pa5j31k0gxf118nmsj90fzd0bt1elzfjf1hl5r1i1kkc2jl&auid=de073e09-6df1-4182-9ecf-5314e62cd9e4
Request Chain 134
  • https://token.rubiconproject.com/token?pid=25470&us_privacy=1--- HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1ZLMjJTWUctRS1ESzUw&us_privacy=1---
Request Chain 136
  • https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D&us_privacy=1--- HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D&us_privacy=1---&_test=YYMEnQAB2NTyTwBR HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YYMEnQAB2NTyTwBR&us_privacy=1---&_test=YYMEnQAB2NTyTwBR
Request Chain 137
  • https://sync.mathtag.com/sync/img?mt_exid=9&redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4222%26nid%3D1512%26put%3D%5BMM_UUID%5D&us_privacy=1--- HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=26c36183-049c-4200-bdf9-d4fcbf34bc7f
Request Chain 138
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&us_privacy=1--- HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEN3L5ys8MBz7LPjMR25cHLo&google_cver=1
Request Chain 139
  • https://token.rubiconproject.com/token?pid=2249&pt=n&us_privacy=1--- HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=N2QwYzIzMjRiNjk4MGM5OTYwZTE0NmMzNmE3ZjFiNGEzZjIwYzk2Zg&us_privacy=1---
Request Chain 140
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1&us_privacy=1--- HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/gzOaRmSsctoNAp7-VvYNFg?csrc=&us_privacy=1--- HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=3726590077018230994
Request Chain 146
  • https://c1.adform.net/serving/cookie/match?party=14&cid=0FE355CA-71C4-40AC-AC05-98C8E8C1D328 HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=0FE355CA-71C4-40AC-AC05-98C8E8C1D328
Request Chain 147
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=3341736361121403267
Request Chain 149
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7026464915995818126
Request Chain 150
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YYMEnQAB2NTyTwBR&gdpr=0&gdpr_consent=
Request Chain 151
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=D-NVynHEQKysBZjI6MHTKA%3D%3D HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Request Chain 152
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=26c36183-049c-4200-bdf9-d4fcbf34bc7f
Request Chain 153
  • https://pixel.onaudience.com/?partner=214&mapped=0FE355CA-71C4-40AC-AC05-98C8E8C1D328 HTTP 302
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D HTTP 302
  • https://sync.crwdcntrl.net/map/ct=y/c=8587/tp=CLOD?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D HTTP 302
  • https://pixel.onaudience.com/?partner=104&icm&cver&mapped=8271dfd1a37bf1b578d39bce3623eb92 HTTP 302
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25 HTTP 302
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25&xl8blockcheck=1 HTTP 302
  • https://pixel.onaudience.com/?partner=161&icm&cver&mapped=c84561eeab0819e65acb9ff06655330a
Request Chain 154
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MEZFMzU1Q0EtNzFDNC00MEFDLUFDMDUtOThDOEU4QzFEMzI4&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 155
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEEz-klMq_ONqlNaLId9z8RA&google_cver=1
Request Chain 157
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:26c36183-049c-4200-bdf9-d4fcbf34bc7f&gdpr=0&gdpr_consent=
Request Chain 158
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=b25042a1-920c-4527-ab1d-1239a8bb2046
Request Chain 159
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=235704883405741506
Request Chain 160
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=2122704094273706711&gdpr=0&gdpr_consent=
Request Chain 161
  • https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=TowMOkiJDWtVhAU_SYoZOx7bAz1V2ww9GYhPLltU
Request Chain 162
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=0FE355CA-71C4-40AC-AC05-98C8E8C1D328&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-pPG9iqlE2uXwPuwKDGA9iRPPWklPUAY-~A&gdpr=0&gdpr_consent=
Request Chain 164
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://event.clientgear.com/cookie/bidswitch?partner=bidswitch&bidswitch_ssp_id=pubmatic&bsw_custom_parameter=e096de5a-79d2-448d-9f49-a19e33134835 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=257&user_id=mk32fba9f1-3989-45d7-98e7-cee2b85083f8&expires=7&user_group=5&ssp=pubmatic&bsw_param=e096de5a-79d2-448d-9f49-a19e33134835 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=e096de5a-79d2-448d-9f49-a19e33134835&gdpr=&gdpr_consent=&gdpr_pd=

166 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.salon.com/
Redirect Chain
  • http://www.salon.com/
  • https://www.salon.com/
215 KB
36 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.salon.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2240:8e00:1a:b9b9:50c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
714de2cbe0c9d76d563e2a5fd4466bab4dc8f2f7517b56213c7cd28fa9ac628b

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

content-type
text/html; charset=UTF-8
content-length
36650
cache-control
public, s-maxage=86400, max-age=0
cache-tag
home-page
content-encoding
br
date
Wed, 03 Nov 2021 21:24:51 GMT
server
nginx
vary
Accept-Encoding
x-cache
Hit from cloudfront
via
1.1 814952d19d560b49ff15ad2f71e400d3.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P1
x-amz-cf-id
L4o2bdte4O7t-d21HzUCCMhvbsKr6LUeJU1ncTEM0NaI5-vNUx_vrA==
age
1656

Redirect headers

Server
CloudFront
Date
Wed, 03 Nov 2021 21:52:27 GMT
Content-Type
text/html
Content-Length
183
Connection
keep-alive
Location
https://www.salon.com/
X-Cache
Redirect from cloudfront
Via
1.1 fd4a8fa7c304171992e7f22fc8894905.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA60-P1
X-Amz-Cf-Id
17S3DNMECclZn94o-1X9SQYg7IzXMa3Zp2JYnH3641L0FoGBQagxCg==
chartbeat_mab.js
static.chartbeat.com/js/ 		22 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.chartbeat.com/js/chartbeat_mab.js
Requested by
Host: www.salon.com
URL: https://www.salon.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:6e00:18:1fcd:34f:cdc1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
3d54d65d1a3e03ee57b6b3bea623447a1d39393610bdd51bb389fe20c0b17f78

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.salon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 03 Nov 2021 20:19:09 GMT
content-encoding
gzip
last-modified
Thu, 28 Oct 2021 00:17:06 GMT
server
nginx
age
5597
etag
W/"6179ec02-59c1"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
via
1.1 e44e0b24e706487eaec6b9e01f2166dd.cloudfront.net (CloudFront)
cache-control
max-age=7200
cross-origin-resource-policy
cross-origin
x-amz-cf-pop
FRA56-P2
x-amz-cf-id
8XEptuoDlmULnbnfQyeb9YpIVwEbedE32JCpn9gfgJlEKfdZ4p-ElA==
expires
Wed, 03 Nov 2021 22:19:09 GMT
salon.min.js
global.proper.io/ 		90 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://global.proper.io/salon.min.js
Requested by
Host: www.salon.com
URL: https://www.salon.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:4f22 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cec62d830b2cf65fbd6d1244389e310025a6486f4c07d9401d5159b8a868cedf

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.salon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 03 Nov 2021 21:52:27 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 03 Nov 2021 21:26:24 GMT
server
cloudflare
age
1540
etag
W/"6182fe80-168d2"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=300
cf-ray
6a88d46b8c66694c-FRA
expires
Wed, 03 Nov 2021 21:57:27 GMT
chartbeat.js
static.chartbeat.com/js/ 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.chartbeat.com/js/chartbeat.js
Requested by
Host: www.salon.com
URL: https://www.salon.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:6e00:18:1fcd:34f:cdc1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
e2c28f3e8b6a2e5170859e67cff3e8240e6b888d02005306ef3d2129f5cbd74c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.salon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 03 Nov 2021 20:30:21 GMT
content-encoding
gzip
last-modified
Thu, 28 Oct 2021 00:27:20 GMT
server
nginx
age
4926
etag
W/"6179ee68-8e96"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
via
1.1 e44e0b24e706487eaec6b9e01f2166dd.cloudfront.net (CloudFront)
cache-control
max-age=7200
cross-origin-resource-policy
cross-origin
x-amz-cf-pop
FRA56-P2
x-amz-cf-id
AcjZogX_3NGhEieYMhnPPd-lBkkrtZvDX5HbCinv69UnNJjQBsOcBA==
expires
Wed, 03 Nov 2021 22:30:21 GMT
analytics.js
www.google-analytics.com/ 		48 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.salon.com
URL: https://www.salon.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.salon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 26 Oct 2021 23:24:02 GMT
server
Golfe2
age
6681
date
Wed, 03 Nov 2021 20:01:06 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19747
expires
Wed, 03 Nov 2021 22:01:06 GMT
salon-logo.svg
www.salon.com/design/images/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.salon.com/design/images/salon-logo.svg
Requested by
Host: www.salon.com
URL: https://www.salon.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2240:8e00:1a:b9b9:50c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
df5137425e7de7419e6a429ba54ae05b9e7c3bf00a7cdda775669ffe68223cf2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.salon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 03 Nov 2021 14:36:57 GMT
content-encoding
br
last-modified
Wed, 03 Nov 2021 14:25:44 GMT
server
nginx
age
26130
etag
W/"61829be8-811"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
via
1.1 814952d19d560b49ff15ad2f71e400d3.cloudfront.net (CloudFront)
cache-control
max-age=31536000, public
x-amz-cf-pop
FRA60-P1
content-length
910
x-amz-cf-id
ZE5XzVca8Tvd8cASFUCBwXBPLUBxpHpUnmSEQPkN156ref30jNeQQw==
expires
Thu, 03 Nov 2022 14:36:57 GMT
the-morning-show-still05.jpg
mediaproxy.salon.com/width/600/https://media.salon.com/2021/11/ 		25 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mediaproxy.salon.com/width/600/https://media.salon.com/2021/11/the-morning-show-still05.jpg
Requested by
Host: www.salon.com
URL: https://www.salon.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-50.fra50.r.cloudfront.net
Software
nginx /
Resource Hash
9551cbf6c941f1b4011cd87e51778a40a9375cece6433052937a4d81d34ebcc2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.salon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-response-time
128ms
date
Wed, 03 Nov 2021 21:23:39 GMT
via
1.1 bab8148a65b29113f79cf2725076287d.cloudfront.net (CloudFront)
server
nginx
age
1728
x-cache
Hit from cloudfront
content-type
image/webp
cache-control
public, s-maxage=31536000, max-age=31536000
x-amz-cf-pop
FRA50-C1
content-length
25990
x-amz-cf-id
wTO8j6PV8Fw_KXFy1cDPK8X9izVxsVwk_4HFT1riiX2GdafHBnnFlQ==
exhausted-sad-depressed-doctor-1103211.jpg
mediaproxy.salon.com/width/380/https://media.salon.com/2021/11/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mediaproxy.salon.com/width/380/https://media.salon.com/2021/11/exhausted-sad-depressed-doctor-1103211.jpg
Requested by
Host: www.salon.com
URL: https://www.salon.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-50.fra50.r.cloudfront.net
Software
nginx /
Resource Hash
f90f350c59e05f4d0676c002a1be86ea1744ba4f465dcf4f1299f51e35aac792

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.salon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-response-time
120ms
date
Wed, 03 Nov 2021 20:00:14 GMT
via
1.1 bab8148a65b29113f79cf2725076287d.cloudfront.net (CloudFront)
server
nginx
age
6733
x-cache
Hit from cloudfront
content-type
image/webp
cache-control
public, s-maxage=31536000, max-age=31536000
x-amz-cf-pop
FRA50-C1
content-length
8226
x-amz-cf-id
TlHY-4CludAgGUrcZB5prC5Ft1brJ1bB6B-xairfDZEvhHhGI2VItQ==
mcauliffe-youngkin-biden-trump-1103211.jpg
mediaproxy.salon.com/width/380/https://media.salon.com/2021/11/ 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mediaproxy.salon.com/width/380/https://media.salon.com/2021/11/mcauliffe-youngkin-biden-trump-1103211.jpg
Requested by
Host: www.salon.com
URL: https://www.salon.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-50.fra50.r.cloudfront.net
Software
nginx /
Resource Hash
a1487840a2b462dbe286bc37aa72a3d397b26a73eb2680b47ba9ac03c5c3be40

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.salon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-response-time
87ms
date
Wed, 03 Nov 2021 17:00:30 GMT
via
1.1 bab8148a65b29113f79cf2725076287d.cloudfront.net (CloudFront)
server
nginx
age
17517
x-cache
Hit from cloudfront
content-type
image/webp
cache-control
public, s-maxage=31536000, max-age=31536000
x-amz-cf-pop
FRA50-C1
content-length
13614
x-amz-cf-id
8kszoOHUirYETRhtx6gV5D8d1wT36uf3VGBR0ATNfVz_KwoMaBzUoA==
donald-trumo-guantanamo-bay-0622211.jpg
mediaproxy.salon.com/width/380/https://media.salon.com/2021/06/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mediaproxy.salon.com/width/380/https://media.salon.com/2021/06/donald-trumo-guantanamo-bay-0622211.jpg
Requested by
Host: www.salon.com
URL: https://www.salon.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-50.fra50.r.cloudfront.net
Software
nginx /
Resource Hash
083adef2478e555313701e4ba78cbe91b3fb95bee5bf93b99d0e07afef9a1676

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.salon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-response-time
135ms
date
Wed, 03 Nov 2021 16:44:42 GMT
via
1.1 bab8148a65b29113f79cf2725076287d.cloudfront.net (CloudFront)
server
nginx
age
18465
x-cache
Hit from cloudfront
content-type
image/webp
cache-control
public, s-maxage=31536000, max-age=31536000
x-amz-cf-pop
FRA50-C1
content-length
19306
x-amz-cf-id
Xt255Nfa_gbi5syOaD4c_JKKn0_XgNpw5hallnnPaiOunfzhRqrejQ==
bundle.js
assets.salon.com/design/assets/ 		186 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.salon.com/design/assets/bundle.js?rev=e180938aea145d3684c7729e793326eb377c7009
Requested by
Host: www.salon.com
URL: https://www.salon.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.214.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-214-98.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
c78d1e06582a546d5958a71b269912cdec0a4c5d22978749ff5c5570a342887f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.salon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 03 Nov 2021 17:54:32 GMT
content-encoding
br
age
14275
x-cache
Hit from cloudfront
content-length
53451
access-control-allow-origin
*
last-modified
Wed, 03 Nov 2021 14:26:05 GMT
server
nginx
etag
W/"61829bfd-2e969"
vary
Accept-Encoding
access-control-allow-methods
GET, POST
content-type
application/javascript
via
1.1 8af5231b014ab5e8c35000dd4cf4b68d.cloudfront.net (CloudFront)
cache-control
max-age=31536000, public
x-amz-cf-pop
FRA56-P3
x-amz-cf-id
ji92I99aioVAsf8Hh6WmQJ8M0ndtk3Hr27Ymr9vx7j9rmsZqFFfdQA==
expires
Thu, 03 Nov 2022 17:54:32 GMT
tag.min.js
get.s-onetag.com/8bd3d5a0-8adc-4bdc-b823-dc1c8689c243/ 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://get.s-onetag.com/8bd3d5a0-8adc-4bdc-b823-dc1c8689c243/tag.min.js
Requested by
Host: www.salon.com
URL: https://www.salon.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.87.56 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-87-56.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d472a9c7fccf3507b7125a0d6b470edde2a16eabd27e504dd08aa01c6b697f00

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.salon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id
KMzo2N0gtbmQLjo.iwaSvfQECNl.MFBM
content-encoding
gzip
last-modified
Thu, 28 Oct 2021 14:13:38 GMT
server
AmazonS3
age
62236
etag
W/"478293adf3338220c447eede3457b4e5"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
via
1.1 58b222ebbb6cc6c8c8c9a46127ae3a3e.cloudfront.net (CloudFront)
cache-control
max-age=86400
date
Wed, 03 Nov 2021 04:35:11 GMT
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
JvU3z20ZC6S23v41Ux7z4WFTS11VLcPW6zAeY25vKLFikB-mlZYiAg==
quant.js
secure.quantserve.com/ 		24 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: www.salon.com
URL: https://www.salon.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:8c6e:cf2c:8d6:9fb5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
53d91fb2b51a3daa0645f78f71b29e695f42b0ac6db0d29f7fc7e5e38c3ffb7a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.salon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 03 Nov 2021 21:52:27 GMT
content-encoding
gzip
etag
"4zy+3zXYb8Q7og5Af8HrBg=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
expires
Wed, 10 Nov 2021 21:52:27 GMT
main.css
assets.salon.com/design/assets/ 		54 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://assets.salon.com/design/assets/main.css?rev=e180938aea145d3684c7729e793326eb377c7009
Requested by
Host: www.salon.com
URL: https://www.salon.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.214.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-214-98.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
c289bb7f0768e6f27949bd7a16a12290ee12317bf340cd15266a0348fe595e58

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.salon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 03 Nov 2021 17:54:32 GMT
content-encoding
br
age
14275
x-cache
Hit from cloudfront
content-length
7733
access-control-allow-origin
*
last-modified
Thu, 14 Oct 2021 16:35:08 GMT
server
nginx
etag
W/"61685c3c-d7ac"
vary
Accept-Encoding
access-control-allow-methods
GET, POST
content-type
text/css
via
1.1 8af5231b014ab5e8c35000dd4cf4b68d.cloudfront.net (CloudFront)
cache-control
max-age=31536000, public
x-amz-cf-pop
FRA56-P3
x-amz-cf-id
Nrwly4lhCKjd7GL61D3-7JO7YCV4IMSM6mgvbdX-3s4qDfHS-WV0Qw==
expires
Thu, 03 Nov 2022 17:54:32 GMT
317
a.ad.gt/api/v1/u/matches/ 		3 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.ad.gt/api/v1/u/matches/317?url=https%3A%2F%2Fwww.salon.com%2F&ref=
Requested by
Host: www.salon.com
URL: https://www.salon.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.167.53.177 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-167-53-177.us-west-2.compute.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
5f3925658dcc0aef75c4032a6e4ffd0d9da7741d68e55fbb10a328e1207fc9a7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.salon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 03 Nov 2021 21:52:27 GMT
server
nginx/1.18.0
content-length
3251
content-type
application/javascript
vaccine-card-under-scrutiny-magnifying-glass-1102211.jpg
mediaproxy.salon.com/width/380/https://media.salon.com/2021/11/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mediaproxy.salon.com/width/380/https://media.salon.com/2021/11/vaccine-card-under-scrutiny-magnifying-glass-1102211.jpg
Requested by
Host: www.salon.com
URL: https://www.salon.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-50.fra50.r.cloudfront.net
Software
nginx /
Resource Hash
0b349c9f7305a447e1b8a1eefbb3e916ed0d6eb65aa0fc18c3a9f62a8c7204f3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.salon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-response-time
77ms
date
Tue, 02 Nov 2021 21:24:17 GMT
via
1.1 bab8148a65b29113f79cf2725076287d.cloudfront.net (CloudFront)
server
nginx
age
88090
x-cache
Hit from cloudfront
content-type
image/webp
cache-control
public, s-maxage=31536000, max-age=31536000
x-amz-cf-pop
FRA50-C1
content-length
7778
x-amz-cf-id
faB7qM3HRRQOtLOZWy6m630GbLSR-uSqOkHbeIyrsXqhij4DZ0FCQA==
succession-still05.jpg
mediaproxy.salon.com/width/380/https://media.salon.com/2021/11/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mediaproxy.salon.com/width/380/https://media.salon.com/2021/11/succession-still05.jpg
Requested by
Host: www.salon.com
URL: https://www.salon.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-50.fra50.r.cloudfront.net
Software
nginx /
Resource Hash
bcc04a1a7434dab656af4fba2a677ea88f93530021938921b037195743384942

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.salon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-response-time
133ms
date
Wed, 03 Nov 2021 06:15:55 GMT
via
1.1 bab8148a65b29113f79cf2725076287d.cloudfront.net (CloudFront)
server
nginx
age
56192
x-cache
Hit from cloudfront
content-type
image/webp
cache-control
public, s-maxage=31536000, max-age=31536000
x-amz-cf-pop
FRA50-C1
content-length
8544
x-amz-cf-id
OM8pUvtI7QGy1JgV3w38DudgE4JPFUKSxcshgxj4Z5PU_WQBBfzMlQ==
ping
ping.chartbeat.net/ 		43 B
201 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ping.chartbeat.net/ping?h=salon.com&p=%2F&u=sbGNuC-jN9sBq4qXD&d=salon.com&g=1614&g0=No%20Section&g1=No%20Author&n=1&f=00001&c=0&x=0&m=0&y=8685&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&b=166&t=CQuTNRDlmp6hdxeE7tI7aLDpPhCO&V=129&i=Salon.com%20%7C%20News%2C%20Politics%2C%20Culture%2C%20Science%20%26%20Food&tz=0&_acct=anon&sn=1&sv=BBz8qxDfNTJfUnxzkT_N6KDvh_Yo&sd=1&im=062b0730&_
Requested by
Host: www.salon.com
URL: https://www.salon.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.86.105.134 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-86-105-134.compute-1.amazonaws.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.salon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 03 Nov 2021 21:52:27 GMT
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
content-length
43
expires
0
rules-p-mEzuYq24VEJ-3.js
rules.quantcount.com/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-mEzuYq24VEJ-3.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:ba00:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
25fcf2c54c6d96e3f17121f0daf102c9d5a8299afc4b76972d686deeb64fba93

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.salon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 03 Nov 2021 21:03:26 GMT
content-encoding
gzip
age
2942
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
last-modified
Wed, 27 Oct 2021 21:21:49 GMT
server
AmazonS3
etag
W/"02ef5b9a45e03fb1ba06ab75b58846f4"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
via
1.1 c387974a86541bbcc6c5141a85eeaf36.cloudfront.net (CloudFront)
cache-control
max-age=3600
x-amz-cf-pop
FRA56-P2
x-amz-cf-id
HWjCpvfr_QiIVgJSfKFoXPw23lk1fM2O2nNcWfqCTwlj0aKKwOGrKg==
/
mab.chartbeat.com/mab_strategy/headline_testing/get_strategy/ 		149 B
471 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mab.chartbeat.com/mab_strategy/headline_testing/get_strategy/?host=salon.com&domain=salon.com&path=%2F
Requested by
Host: static.chartbeat.com
URL: https://static.chartbeat.com/js/chartbeat_mab.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:600::714 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
f3796ee99aa2393f256d3fdc7ce29234328dcec597199795fc6319ecf621e3c0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.salon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 03 Nov 2021 21:52:27 GMT
content-encoding
gzip
x-cache-hits
1
age
333
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
118
x-served-by
cache-fra19147-FRA
access-control-allow-origin
*
x-timer
S1635976348.527050,VS0,VE1
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
content-type
application/json
via
1.1 varnish (Varnish/6.0), 1.1 varnish
cache-control
no-store, no-cache, must-revalidate, max-age=0, s-maxage=0
accept-ranges
bytes
expires
Mon, 01 Nov 2021 21:46:54 GMT
/
onetag-geo.s-onetag.com/ 		555 B
970 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://onetag-geo.s-onetag.com/
Requested by
Host: get.s-onetag.com
URL: https://get.s-onetag.com/8bd3d5a0-8adc-4bdc-b823-dc1c8689c243/tag.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
f51938710e179807bbf1be9a1e9d7e3441fa74e7dfe9f46841914fb12ca7de3c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.salon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 03 Nov 2021 13:28:49 GMT
via
1.1 9e627a2e7bf673974b02e3bf374bb843.cloudfront.net (CloudFront), 1.1 0c39e892d8c809025c8f47425847f681.cloudfront.net (CloudFront)
age
30217
x-amzn-requestid
a114887a-7216-45ea-9506-3809106889e6
x-cache
Hit from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=86400
x-amz-cf-pop
DUS51-C1, FRA56-P5
x-amz-apigw-id
IOs21EoRiYcFT5w=
content-length
555
x-amz-cf-id
eepbBPGsSdXqxyeDR6CufsjP8tbSU7pqjr0mjZqBKbQKm0f9uJx6ng==
beacon.min.js
signal-beacon.s-onetag.com/ 		29 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://signal-beacon.s-onetag.com/beacon.min.js
Requested by
Host: get.s-onetag.com
URL: https://get.s-onetag.com/8bd3d5a0-8adc-4bdc-b823-dc1c8689c243/tag.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.67 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
099d5a93d27e43c40b29b9f45a57492ca8d87ee45d14d7a83d0ff39735822b3a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.salon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id
x0gR.yq1o4oS4jq28J7nG9U0MFiLgIQ.
content-encoding
gzip
etag
W/"5c1dcd62582070cb2352f625af50ce57"
last-modified
Thu, 21 Oct 2021 09:51:00 GMT
server
AmazonS3
age
69325
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 342054511f9732c450e11bade76323dd.cloudfront.net (CloudFront)
cache-control
max-age=86400
date
Wed, 03 Nov 2021 06:41:54 GMT
x-amz-cf-pop
FRA56-P5
x-amz-cf-id
6gSmfkkg6OcsH4dIt6tn5lXsiSPB7TocslaRovSylGnDczU997pVBg==
%2F
signal-segments.s-onetag.com/desktop/www.salon.com/ 		908 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://signal-segments.s-onetag.com/desktop/www.salon.com/%2F
Requested by
Host: get.s-onetag.com
URL: https://get.s-onetag.com/8bd3d5a0-8adc-4bdc-b823-dc1c8689c243/tag.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.193.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-193-125.fra2.r.cloudfront.net
Software
/
Resource Hash
5f4d89df9a85b8496da17128550d38a1a2dc9ddb32f115f9f60a038a31e4a1d5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.salon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 03 Nov 2021 14:00:31 GMT
via
1.1 b83a899c16a2f53127e152fe5fc783a4.cloudfront.net (CloudFront), 1.1 24c299c0a6423c6f96984a85fb014109.cloudfront.net (CloudFront)
age
28316
x-amzn-requestid
b5c49f70-73b8-47bd-b7f2-f80112db2646
x-cache
Hit from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=86400, public
x-amzn-trace-id
Root=1-618295ff-44315dfa493622e72b306261;Sampled=0
x-amz-cf-pop
FRA50-C1, FRA2-C1
x-amz-apigw-id
IOxf-FjACYcF9HQ=
content-length
908
x-amz-cf-id
KI5a7RQFz4L0-O7ewnMp5Vum922E9XEnKwe6NFSK5sPgrUHVHE2XCw==
collect
www.google-analytics.com/j/ 		4 B
208 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j93&a=1796052974&t=pageview&_s=1&dl=https%3A%2F%2Fwww.salon.com%2F&ul=en-us&de=UTF-8&dt=Salon.com%20%7C%20News%2C%20Politics%2C%20Culture%2C%20Science%20%26%20Food&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=1337110925&gjid=1981244836&cid=1893018188.1635976348&tid=UA-1232497-1&_gid=1821141482.1635976348&_r=1&_slc=1&cd1=Salon%3A%20in-depth%20news%2C%20politics%2C%20business%2C%20technology%20%26amp%3B%20culture&cd2=home-page&cd9=original&z=338847144
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.salon.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 03 Nov 2021 21:52:27 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.salon.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
AGSKWxU6PPZz8t0_jW4Se2a7NkSos3KZVfogw_aYrO7blr80XSmjaBue-ZHCwTtB7VnB06UvZEM44XYdI0yvU25f9L8=
fundingchoicesmessages.google.com/f/ 		78 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxU6PPZz8t0_jW4Se2a7NkSos3KZVfogw_aYrO7blr80XSmjaBue-ZHCwTtB7VnB06UvZEM44XYdI0yvU25f9L8=
Requested by
Host: global.proper.io
URL: https://global.proper.io/salon.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c7490bffa2cab23add7050aba8fd5b7a62b6023254d2a69d7345828bea6b4815
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-up6Dt5sjs2lPmAZX0WQwZA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-up6Dt5sjs2lPmAZX0WQwZA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.salon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 03 Nov 2021 21:52:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
cross-origin-opener-policy
same-origin
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'report-sample' 'nonce-up6Dt5sjs2lPmAZX0WQwZA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-up6Dt5sjs2lPmAZX0WQwZA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
expires
Mon, 01 Jan 1990 00:00:00 GMT
1.91.0-kargo-page-takeover.js
global.proper.io/payloads/ 		414 KB
107 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://global.proper.io/payloads/1.91.0-kargo-page-takeover.js
Requested by
Host: global.proper.io
URL: https://global.proper.io/salon.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:4f22 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
70b3915c982e975de60d0e046e0d891f3cb936c6be6db52609d493ff5172dc7c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.salon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 03 Nov 2021 21:52:27 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 03 Nov 2021 20:09:50 GMT
server
cloudflare
age
6146
etag
W/"6182ec8e-678ca"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=300
cf-ray
6a88d46c2da7694c-FRA
expires
Wed, 03 Nov 2021 21:57:27 GMT
salon_is_ad_free_check.php
www.salon.com/ajax/ 		77 B
429 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.salon.com/ajax/salon_is_ad_free_check.php
Requested by
Host: www.salon.com
URL: https://www.salon.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2240:8e00:1a:b9b9:50c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
d783bf33379246ddaebb6219871feebfd4b37a04900a52c1f2f20cc629609fd7

Request headers

Accept
*/*
Referer
https://www.salon.com/
X-Requested-With
XMLHttpRequest
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 03 Nov 2021 21:52:27 GMT
content-encoding
br
server
nginx
x-amz-cf-pop
FRA60-P1
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
text/html; charset=UTF-8
via
1.1 814952d19d560b49ff15ad2f71e400d3.cloudfront.net (CloudFront)
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
content-length
60
x-amz-cf-id
A0MJ1vX-L6nNKBrDl96tO6XgUrBcfnNUmONFyFHJQKFHDWVXUGRvbg==
collect
stats.g.doubleclick.net/j/ 		4 B
441 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j93&tid=UA-1232497-1&cid=1893018188.1635976348&jid=1337110925&gjid=1981244836&_gid=1821141482.1635976348&_u=IEBAAEAAAAAAAC~&z=714013222
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c06::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.salon.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Wed, 03 Nov 2021 21:52:27 GMT
content-type
text/plain
access-control-allow-origin
https://www.salon.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel;r=1250200172;labels=description.Award-winning%20news%20and%20culture%20%20features%20breaking%20news%20%20in-depth%20reporting%20and%20criticism%20on%20politics%20%20science%20%20food%20and%2...
pixel.quantserve.com/ 		35 B
371 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel;r=1250200172;labels=description.Award-winning%20news%20and%20culture%20%20features%20breaking%20news%20%20in-depth%20reporting%20and%20criticism%20on%20politics%20%20science%20%20food%20and%20entertainment;rf=0;a=p-mEzuYq24VEJ-3;url=https%3A%2F%2Fwww.salon.com%2F;uht=2;fpan=1;fpa=P0-1727713511-1635976347577;pbc=;ns=0;ce=1;qjs=1;qv=11b7ea70-20211103205804;cm=;gdpr=0;ref=;d=salon.com;je=0;sr=1600x1200x24;dst=0;et=1635976347577;tzo=0;ogl=
Requested by
Host: www.salon.com
URL: https://www.salon.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:8c6e:cf2c:8d6:9fb5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.salon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 03 Nov 2021 21:52:27 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
main.js
player.propervideo.io/new_rtp/ 		116 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.propervideo.io/new_rtp/main.js
Requested by
Host: www.salon.com
URL: https://www.salon.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:9eea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
71456da5a003ee937acafa9b98bc0f7eecca2f38b33eb2a58b4ab532f3d19609

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.salon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 03 Nov 2021 21:52:27 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 02 Nov 2021 18:49:33 GMT
server
cloudflare
age
97362
etag
W/"6181883d-2b34d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
expires
Wed, 03 Nov 2021 21:57:27 GMT
cache-control
public, max-age=300
cf-polished
origSize=176973
cf-ray
6a88d46c9bbbd6b1-FRA
cf-bgj
minify
scroll.js
static.scroll.com/js/ 		17 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.scroll.com/js/scroll.js
Requested by
Host: www.salon.com
URL: https://www.salon.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.198.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
e016838866d792bb27ebc256f894e240e2cadd33fc87cdc269c89436243bd085

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.salon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 03 Nov 2021 21:52:27 GMT
via
1.1 varnish
age
86122
x-guploader-uploadid
ADPycdu-nhrNzi-6QU4M9FYEkIJ-1J67AonNQ_6_Lv06Ia_Jhyj6UcltgtH9UKCLqNnG2d8jCUQCZMqYya3pdFx0px5lMxd1Lw
x-cache
HIT
x-goog-storage-class
STANDARD
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
content-length
17821
x-served-by
cache-fra19137-FRA
last-modified
Tue, 02 Nov 2021 21:57:05 GMT
server
UploadServer
x-timer
S1635976348.620679,VS0,VE0
vary
Origin
x-goog-hash
crc32c=7ALuSw==, md5=grQzk3EVr717ymtR/aZLuQ==
x-goog-generation
1635890225580830
expires
Wed, 03 Nov 2021 21:57:06 GMT
cache-control
public, max-age=0, s-maxage=86400
access-control-allow-credentials
true
x-goog-stored-content-length
6448
accept-ranges
bytes
content-type
application/javascript
x-scrolljs
3
x-cache-hits
20074
ga-audiences
www.google.com/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j93&tid=UA-1232497-1&cid=1893018188.1635976348&jid=1337110925&_u=IEBAAEAAAAAAAC~&z=369441941
Requested by
Host: www.salon.com
URL: https://www.salon.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.salon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 03 Nov 2021 21:52:27 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j93&tid=UA-1232497-1&cid=1893018188.1635976348&jid=1337110925&_u=IEBAAEAAAAAAAC~&z=369441941
Requested by
Host: www.salon.com
URL: https://www.salon.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.salon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 03 Nov 2021 21:52:27 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
AGSKWxUA6-JONfANDzD96TbfYoaSNzy7rKHhkapJKwTNjdiLJaBBO33fxmmAyXQf7VpDvxhv-zP5jEGp_GECOWOs0Hk=
fundingchoicesmessages.google.com/el/ 		0
893 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxUA6-JONfANDzD96TbfYoaSNzy7rKHhkapJKwTNjdiLJaBBO33fxmmAyXQf7VpDvxhv-zP5jEGp_GECOWOs0Hk=?pvid=AAAC753F-46C2-49E9-98E7-272E112C9D34&anonid=C1435021-C6D7-43B4-B4B0-13DB9866590F
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.0KCYm3TUNw0.es5.O/d=1/rs=AJlcJMxlAFAf_8wDqBvRteYVRE_EPxIikw/m=kernel_loader,loader_js_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-/T05bu1epqOkLLtglcoApg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-/T05bu1epqOkLLtglcoApg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.salon.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 03 Nov 2021 21:52:27 GMT
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
pragma
no-cache
server
ESF
cross-origin-opener-policy
same-origin
x-frame-options
SAMEORIGIN
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.salon.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-/T05bu1epqOkLLtglcoApg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-/T05bu1epqOkLLtglcoApg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxVq1WctSVXtCuO2bk7khsZBw-IA2VggQBzitxcuiTusy5jQyJbVtGjBOec-IzOBvzVElyNgR2MOFYvB2f_Kbsw=
fundingchoicesmessages.google.com/f/ 		274 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxVq1WctSVXtCuO2bk7khsZBw-IA2VggQBzitxcuiTusy5jQyJbVtGjBOec-IzOBvzVElyNgR2MOFYvB2f_Kbsw=?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjM1OTc2MzQ3LDY4MzAwMDAwMF0sIkFBQUM3NTNGLTQ2QzItNDlFOS05OEU3LTI3MkUxMTJDOUQzNCIsIkMxNDM1MDIxLUM2RDctNDNCNC1CNEIwLTEzREI5ODY2NTkwRiIsbnVsbCxbbnVsbCxbN10sbnVsbCxudWxsLG51bGwsbnVsbCxmYWxzZV0sImh0dHBzOi8vd3d3LnNhbG9uLmNvbS8iLG51bGwsW11d
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.0KCYm3TUNw0.es5.O/d=1/rs=AJlcJMxlAFAf_8wDqBvRteYVRE_EPxIikw/m=kernel_loader,loader_js_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
52ccbb6bccbe98df3d02d41743f0867be04049a8a39015ef8f3db8022c4d9a16
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-de5TDsEKYj7u+8+BcgiGfQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-de5TDsEKYj7u+8+BcgiGfQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.salon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 03 Nov 2021 21:52:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
cross-origin-opener-policy
same-origin; report-to="ContributorGlobalRouterHttp"
x-frame-options
SAMEORIGIN
report-to
{"group":"ContributorGlobalRouterHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorGlobalRouterHttp/external"}]}
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'report-sample' 'nonce-de5TDsEKYj7u+8+BcgiGfQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-de5TDsEKYj7u+8+BcgiGfQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
expires
Mon, 01 Jan 1990 00:00:00 GMT
check
connect.scroll.com/embed/ 		0
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://connect.scroll.com/embed/check
Requested by
Host: static.scroll.com
URL: https://static.scroll.com/js/scroll.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.100.179 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
179.100.201.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src https: 'unsafe-eval' 'unsafe-inline'; child-src blob:;frame-ancestors https: http:; object-src 'none'; img-src 'self' https://*.scroll.com https://logo-scroll.imgix.net https://u-scroll.imgix.net https://pub-scroll.imgix.net https://scroll-static.imgix.net https://scroll.imgix.net https://logo-scratch-scroll.imgix.net https://www.google-analytics.com https://www.googletagmanager.com https://*.stripe.com data: https://static.scroll.com https://assets.scroll.com https://scroll.com; connect-src 'self' https://api.stripe.com https://checkout.stripe.com https://sentry.io https://o74190.ingest.sentry.io https://www.google-analytics.com https://fonts.googleapis.com https://*.scroll.com https://static.scroll.com https://api.scroll.com/v1/; frame-src 'self' https://js.stripe.com https://hooks.stripe.com https://checkout.stripe.com https://accounts.google.com https://static.scroll.com https://assets.scroll.com https://scroll.com; font-src https://fonts.googleapis.com https://fonts.gstatic.com/ https://use.typekit.net https://p.typekit.net https://static.scroll.com https://assets.scroll.com https://scroll.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://use.typekit.net https://p.typekit.net https://static.scroll.com https://assets.scroll.com; script-src 'self' 'unsafe-inline' https://js.stripe.com/v3/ https://checkout.stripe.com https://apis.google.com https://www.google-analytics.com https://www.googletagmanager.com https://browser.sentry-cdn.com https://static.scroll.com https://assets.scroll.com 'nonce-null' 'strict-dynamic';
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.salon.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Wed, 03 Nov 2021 21:52:27 GMT
via
1.1 google
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.salon.com
access-control-allow-credentials
true
content-security-policy
default-src https: 'unsafe-eval' 'unsafe-inline'; child-src blob:;frame-ancestors https: http:; object-src 'none'; img-src 'self' https://*.scroll.com https://logo-scroll.imgix.net https://u-scroll.imgix.net https://pub-scroll.imgix.net https://scroll-static.imgix.net https://scroll.imgix.net https://logo-scratch-scroll.imgix.net https://www.google-analytics.com https://www.googletagmanager.com https://*.stripe.com data: https://static.scroll.com https://assets.scroll.com https://scroll.com; connect-src 'self' https://api.stripe.com https://checkout.stripe.com https://sentry.io https://o74190.ingest.sentry.io https://www.google-analytics.com https://fonts.googleapis.com https://*.scroll.com https://static.scroll.com https://api.scroll.com/v1/; frame-src 'self' https://js.stripe.com https://hooks.stripe.com https://checkout.stripe.com https://accounts.google.com https://static.scroll.com https://assets.scroll.com https://scroll.com; font-src https://fonts.googleapis.com https://fonts.gstatic.com/ https://use.typekit.net https://p.typekit.net https://static.scroll.com https://assets.scroll.com https://scroll.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://use.typekit.net https://p.typekit.net https://static.scroll.com https://assets.scroll.com; script-src 'self' 'unsafe-inline' https://js.stripe.com/v3/ https://checkout.stripe.com https://apis.google.com https://www.google-analytics.com https://www.googletagmanager.com https://browser.sentry-cdn.com https://static.scroll.com https://assets.scroll.com 'nonce-null' 'strict-dynamic';
alt-svc
clear
content-length
0
js
www.googletagmanager.com/gtag/ 		96 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-657872957
Requested by
Host: www.salon.com
URL: https://www.salon.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
83a31a8f9283b98a3c0f590e5aed38f347182c79e34b5fdd4290818673b38d5f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.salon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 03 Nov 2021 21:52:27 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39168
x-xss-protection
0
last-modified
Wed, 03 Nov 2021 21:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 03 Nov 2021 21:52:27 GMT
op.js
tagan.adlightning.com/properio/ 		60 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/properio/op.js
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/1.91.0-kargo-page-takeover.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.139.84 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5c4a811fc304da555db89e1db3dadebc3ecd2e11e7a83016c41fb72a12f4a393

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.salon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id
nTWHoFu4_gw30bz6H_M_VYlbSW1gn.p3
content-encoding
gzip
etag
"04cd135e220c813b29ae333eafef6e94"
age
590
x-cache
Hit from cloudfront
content-length
24699
x-amz-meta-git_commit
7b120a5
last-modified
Wed, 03 Nov 2021 13:41:07 GMT
server
AmazonS3
date
Wed, 03 Nov 2021 21:43:25 GMT
content-type
application/javascript
via
1.1 70d755f7200c02162c7545e4ce74649b.cloudfront.net (CloudFront)
cache-control
max-age=3600
x-amz-cf-pop
FRA60-P4
accept-ranges
bytes
x-amz-cf-id
mAqp4lZ4tU2MmCxwvxGuCmLY5QFsM2xjyVZ7pn2W_Czds5ciEfGN4Q==
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		80 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/1.91.0-kargo-page-takeover.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f98.1e100.net
Software
sffe /
Resource Hash
76f8cf4b3881c1b76ceadc8f9c19df31f1278b1a6ee0747c42e5d526b1335047
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.salon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 03 Nov 2021 21:52:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1033 / 619 of 1000 / last-modified: 1635937517"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27305
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 03 Nov 2021 21:52:27 GMT
merge
ce.lijit.com/ 		0
348 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ce.lijit.com/merge?pid=263069&3pid=2e8e7dc6-0291-43d2-81fe-f8e99abcd3d9&location=https%3A%2F%2Fusync.proper.io%2Fv1%2Fusersync%3Fbidder%3Dsovrn%26proper_uid%3D2e8e7dc6-0291-43d2-81fe-f8e99abcd3d9%26uid%3D%5BSOVRNID%5D&gdpr=false&us_privacy=1---&callback=window.proper_fb61bbd8_27844157_1
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/1.91.0-kargo-page-takeover.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.19 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.salon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 03 Nov 2021 21:52:27 GMT
X-MERGE
GDPR Optout true
Server
nginx
X-Powered-By
raptor
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap4ams1
Expires
Fri, 20 Mar 2009 00:00:00 GMT
usersync
usync.proper.io/v1/
Redirect Chain
  • https://prebid.a-mo.net/cchain/0?cb=https%3A%2F%2Fusync.proper.io%2Fv1%2Fusersync%3Fbidder%3Dadaptmx%26proper_uid%3D2e8e7dc6-0291-43d2-81fe-f8e99abcd3d9%26uid%3D&gdpr=false&us_privacy=1---&callback...
  • https://usync.proper.io/v1/usersync?bidder=adaptmx&proper_uid=2e8e7dc6-0291-43d2-81fe-f8e99abcd3d9&uid=d2ee4bed-788f-4ff5-81a6-a951f6e82af8&us_privacy=1---
181 B
382 B 		Script
General
Check archive.org
Download Go to
Full URL
https://usync.proper.io/v1/usersync?bidder=adaptmx&proper_uid=2e8e7dc6-0291-43d2-81fe-f8e99abcd3d9&uid=d2ee4bed-788f-4ff5-81a6-a951f6e82af8&us_privacy=1---
Requested by
Host: www.salon.com
URL: https://www.salon.com/
Protocol
H2
Server
54.149.4.149 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-149-4-149.us-west-2.compute.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
425f3101dfe5c67c409e8380476a08c290897f878ab8b17fee5b84d84fb1fd49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.salon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

access-control-allow-origin
*
date
Wed, 03 Nov 2021 21:52:28 GMT
server
nginx/1.18.0
content-length
181
content-type
text/javascript

Redirect headers

location
https://usync.proper.io/v1/usersync?bidder=adaptmx&proper_uid=2e8e7dc6-0291-43d2-81fe-f8e99abcd3d9&uid=d2ee4bed-788f-4ff5-81a6-a951f6e82af8&us_privacy=1---
date
Wed, 03 Nov 2021 21:52:27 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
1
server
envoy
content-length
0
usync.html
eus.rubiconproject.com/ Frame 1A88
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=8777&endpoint=us-west
  • https://eus.rubiconproject.com/usync.html?p=8777&endpoint=us-west
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=8777&endpoint=us-west
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/1.91.0-kargo-page-takeover.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.89.20.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-89-20-125.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.salon.com/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Tue, 26 Oct 2021 17:01:05 GMT
ETag
"40019-119-5cf446c48f640"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Wed, 03 Nov 2021 21:52:27 GMT
Connection
keep-alive
Vary
Accept-Encoding

Redirect headers

Server
AkamaiGHost
Content-Length
0
Location
https://eus.rubiconproject.com/usync.html?p=8777&endpoint=us-west
Date
Wed, 03 Nov 2021 21:52:27 GMT
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
pbsync
ads.yieldmo.com/ 		0
35 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.yieldmo.com/pbsync?&redirectUri=https%3A%2F%2Fusync.proper.io%2Fv1%2Fusersync%3Fbidder%3Dyieldmo%26proper_uid%3D2e8e7dc6-0291-43d2-81fe-f8e99abcd3d9%26uid%3D%24UID&gdpr=false&us_privacy=1---&callback=window.proper_521e846b_0f49e151_3
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/1.91.0-kargo-page-takeover.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.80.189.205 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-80-189-205.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.salon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 03 Nov 2021 21:52:27 GMT
usersync
usync.proper.io/v1/
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fusync.proper.io%2Fv1%2Fusersync%3Fbidder%3Dpubmatic%26proper_uid%3D2e8e7dc6-0291-43d2-81fe-f8e99abcd3d9%26uid%3D%23PM_USER_...
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fusync.proper.io%2Fv1%2Fusersync%3Fbidder%3Dpubmatic%26proper_uid%3D2e8e7dc6-0291-43d2-81fe-f8e99abcd3d9%26uid%3D%23PM_USER_...
  • https://usync.proper.io/v1/usersync?bidder=pubmatic&proper_uid=2e8e7dc6-0291-43d2-81fe-f8e99abcd3d9&uid=0FE355CA-71C4-40AC-AC05-98C8E8C1D328
182 B
386 B 		Script
General
Check archive.org
Download Go to
Full URL
https://usync.proper.io/v1/usersync?bidder=pubmatic&proper_uid=2e8e7dc6-0291-43d2-81fe-f8e99abcd3d9&uid=0FE355CA-71C4-40AC-AC05-98C8E8C1D328
Requested by
Host: www.salon.com
URL: https://www.salon.com/
Protocol
H2
Server
54.149.4.149 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-149-4-149.us-west-2.compute.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
6439039f67c8c7e5377ff77dde9f019935a671db506a5f6cc7d58c85dee8b46c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.salon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

access-control-allow-origin
*
date
Wed, 03 Nov 2021 21:52:28 GMT
server
nginx/1.18.0
content-length
182
content-type
text/javascript

Redirect headers

location
https://usync.proper.io/v1/usersync?bidder=pubmatic&proper_uid=2e8e7dc6-0291-43d2-81fe-f8e99abcd3d9&uid=0FE355CA-71C4-40AC-AC05-98C8E8C1D328
date
Wed, 03 Nov 2021 21:52:27 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
usersync
match.bnmla.com/ 		0
114 B 		Script
General
Check archive.org
Download Go to
Full URL
https://match.bnmla.com/usersync?sspid=1000227&redir=https%3A%2F%2Fusync.proper.io%2Fv1%2Fusersync%3Fbidder%3Dengagebdr%26proper_uid%3D2e8e7dc6-0291-43d2-81fe-f8e99abcd3d9%26uid%3D%5BUUID%5D&callback=window.proper_531d2ad7_f521e197_5
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/1.91.0-kargo-page-takeover.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
38.27.122.101 Chestertown, United States, ASN174 (COGENT-174, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.salon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Wed, 03 Nov 2021 21:52:28 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
usersync
usync.proper.io/v1/
Redirect Chain
  • https://x.bidswitch.net/check_uuid/https%3A%2F%2Fusync.proper.io%2Fv1%2Fusersync%3Fbidder%3Dmediagrid%26proper_uid%3D2e8e7dc6-0291-43d2-81fe-f8e99abcd3d9%26uid%3D%24%7BBSW_UUID%7D?gdpr=false&us_pri...
  • https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fusync.proper.io%2Fv1%2Fusersync%3Fbidder%3Dmediagrid%26proper_uid%3D2e8e7dc6-0291-43d2-81fe-f8e99abcd3d9%26uid%3D%24%7BBSW_UUID%7D?gdpr=false&...
  • https://usync.proper.io/v1/usersync?bidder=mediagrid&proper_uid=2e8e7dc6-0291-43d2-81fe-f8e99abcd3d9&uid=e096de5a-79d2-448d-9f49-a19e33134835
183 B
387 B 		Script
General
Check archive.org
Download Go to
Full URL
https://usync.proper.io/v1/usersync?bidder=mediagrid&proper_uid=2e8e7dc6-0291-43d2-81fe-f8e99abcd3d9&uid=e096de5a-79d2-448d-9f49-a19e33134835
Requested by
Host: www.salon.com
URL: https://www.salon.com/
Protocol
H2
Server
54.149.4.149 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-149-4-149.us-west-2.compute.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
3ee74a92e3d67dc60c808d2d3d60814231cf93740732ff613ba467dd97a3aaec

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.salon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

access-control-allow-origin
*
date
Wed, 03 Nov 2021 21:52:28 GMT
server
nginx/1.18.0
content-length
183
content-type
text/javascript

Redirect headers

Location
https://usync.proper.io/v1/usersync?bidder=mediagrid&proper_uid=2e8e7dc6-0291-43d2-81fe-f8e99abcd3d9&uid=e096de5a-79d2-448d-9f49-a19e33134835
Date
Wed, 03 Nov 2021 21:52:27 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
usersync
usync.proper.io/v1/
Redirect Chain
  • https://pixel.advertising.com/ups/58316/sync?redir=true&gdpr=false&us_privacy=1---&callback=window.proper_745ee9d3_8e5a06ca_7
  • https://pixel.advertising.com/ups/58316/sync?redir=true&gdpr=false&us_privacy=1---&callback=window.proper_745ee9d3_8e5a06ca_7&verify=true
  • https://ups.analytics.yahoo.com/ups/58316/sync?redir=true&gdpr=false&us_privacy=1---&callback=window.proper_745ee9d3_8e5a06ca_7&apid=UP5649fdf7-3cf0-11ec-986e-02b6af95a6ec
  • https://usync.proper.io/v1/usersync?bidder=aol_instream_s2s&uid=y-KORI9RRE2uEyoXEP89OcfuNhDP_mdkic~A~UP5649fdf7-3cf0-11ec-986e-02b6af95a6ec
189 B
426 B 		Script
General
Check archive.org
Download Go to
Full URL
https://usync.proper.io/v1/usersync?bidder=aol_instream_s2s&uid=y-KORI9RRE2uEyoXEP89OcfuNhDP_mdkic~A~UP5649fdf7-3cf0-11ec-986e-02b6af95a6ec
Requested by
Host: www.salon.com
URL: https://www.salon.com/
Protocol
H2
Server
54.149.4.149 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-149-4-149.us-west-2.compute.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
0bdee151a3ef6f17d95b50ed90b4bc8b9e876b3fc5f20015b5efcafbaefaf50a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.salon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

access-control-allow-origin
*
date
Wed, 03 Nov 2021 21:52:28 GMT
server
nginx/1.18.0
content-length
189
content-type
text/javascript

Redirect headers

Date
Wed, 03 Nov 2021 21:52:28 GMT
Server
ATS/7.1.2.138
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://usync.proper.io/v1/usersync?bidder=aol_instream_s2s&uid=y-KORI9RRE2uEyoXEP89OcfuNhDP_mdkic~A~UP5649fdf7-3cf0-11ec-986e-02b6af95a6ec
Connection
keep-alive
Content-Length
0
usersync
usync.proper.io/v1/
Redirect Chain
  • https://pixel.advertising.com/ups/58316/sync?redir=true&gdpr=false&us_privacy=1---&callback=window.proper_2edee819_ae957c85_8
  • https://pixel.advertising.com/ups/58316/sync?redir=true&gdpr=false&us_privacy=1---&callback=window.proper_2edee819_ae957c85_8&verify=true
  • https://ups.analytics.yahoo.com/ups/58316/sync?redir=true&gdpr=false&us_privacy=1---&callback=window.proper_2edee819_ae957c85_8&apid=UP5649fdf7-3cf0-11ec-986e-02b6af95a6ec
  • https://usync.proper.io/v1/usersync?bidder=aol_instream_s2s&uid=y-KORI9RRE2uEyoXEP89OcfuNhDP_mdkic~A~UP5649fdf7-3cf0-11ec-986e-02b6af95a6ec
189 B
426 B 		Script
General
Check archive.org
Download Go to
Full URL
https://usync.proper.io/v1/usersync?bidder=aol_instream_s2s&uid=y-KORI9RRE2uEyoXEP89OcfuNhDP_mdkic~A~UP5649fdf7-3cf0-11ec-986e-02b6af95a6ec
Requested by
Host: www.salon.com
URL: https://www.salon.com/
Protocol
H2
Server
54.149.4.149 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-149-4-149.us-west-2.compute.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
0bdee151a3ef6f17d95b50ed90b4bc8b9e876b3fc5f20015b5efcafbaefaf50a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.salon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

access-control-allow-origin
*
date
Wed, 03 Nov 2021 21:52:28 GMT
server
nginx/1.18.0
content-length
189
content-type
text/javascript

Redirect headers

Date
Wed, 03 Nov 2021 21:52:28 GMT
Server
ATS/7.1.2.138
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://usync.proper.io/v1/usersync?bidder=aol_instream_s2s&uid=y-KORI9RRE2uEyoXEP89OcfuNhDP_mdkic~A~UP5649fdf7-3cf0-11ec-986e-02b6af95a6ec
Connection
keep-alive
Content-Length
0
usersync
usync.proper.io/v1/
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58355/sync?redir=true&callback=window.proper_75048cb8_1da86cd5_9
  • https://ups.analytics.yahoo.com/ups/58355/sync?redir=true&callback=window.proper_75048cb8_1da86cd5_9&verify=true
  • https://usync.proper.io/v1/usersync?bidder=verizon_media_s2s&uid=y-KORI9RRE2uEyoXEP89OcfuNhDP_mdkic~A
151 B
360 B 		Script
General
Check archive.org
Download Go to
Full URL
https://usync.proper.io/v1/usersync?bidder=verizon_media_s2s&uid=y-KORI9RRE2uEyoXEP89OcfuNhDP_mdkic~A
Requested by
Host: www.salon.com
URL: https://www.salon.com/
Protocol
H2
Server
54.149.4.149 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-149-4-149.us-west-2.compute.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
61ffb6786c0e64729468cbdce2564a02bb4e89071c08900fc8f74c2eae82f660

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.salon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

access-control-allow-origin
*
date
Wed, 03 Nov 2021 21:52:28 GMT
server
nginx/1.18.0
content-length
151
content-type
text/javascript

Redirect headers

Date
Wed, 03 Nov 2021 21:52:27 GMT
Server
ATS/7.1.2.138
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://usync.proper.io/v1/usersync?bidder=verizon_media_s2s&uid=y-KORI9RRE2uEyoXEP89OcfuNhDP_mdkic~A
Connection
keep-alive
Content-Length
0
merge
ce.lijit.com/ 		0
348 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ce.lijit.com/merge?pid=263069&3pid=2e8e7dc6-0291-43d2-81fe-f8e99abcd3d9&location=https%3A%2F%2Fusync.proper.io%2Fv1%2Fusersync%3Fbidder%3Dsovrn_instream%26proper_uid%3D2e8e7dc6-0291-43d2-81fe-f8e99abcd3d9%26uid%3D%5BSOVRNID%5D&gdpr=false&us_privacy=1---&callback=window.proper_6112ef52_77646783_10
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/1.91.0-kargo-page-takeover.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.19 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.salon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 03 Nov 2021 21:52:27 GMT
X-MERGE
GDPR Optout true
Server
nginx
X-Powered-By
raptor
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap4ams1
Expires
Fri, 20 Mar 2009 00:00:00 GMT
merge
ce.lijit.com/ 		0
348 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ce.lijit.com/merge?pid=263069&3pid=2e8e7dc6-0291-43d2-81fe-f8e99abcd3d9&location=https%3A%2F%2Fusync.proper.io%2Fv1%2Fusersync%3Fbidder%3Dsovrn_outstream%26proper_uid%3D2e8e7dc6-0291-43d2-81fe-f8e99abcd3d9%26uid%3D%5BSOVRNID%5D&gdpr=false&us_privacy=1---&callback=window.proper_b0888021_744004e3_11
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/1.91.0-kargo-page-takeover.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.19 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.salon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 03 Nov 2021 21:52:27 GMT
X-MERGE
GDPR Optout true
Server
nginx
X-Powered-By
raptor
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap4ams1
Expires
Fri, 20 Mar 2009 00:00:00 GMT
launcher-stub.min.js
secure.cdn.fastclick.net/js/cnvr-launcher/latest/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher-stub.min.js
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/1.91.0-kargo-page-takeover.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.89.31.187 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-89-31-187.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
6b2b5b05933a00a9e1beb6e53fba22bf77feaa3c203e361d637985750fec4bab

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.salon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 03 Nov 2021 21:52:27 GMT
content-encoding
gzip
last-modified
Tue, 19 Jan 2021 22:23:11 GMT
server
Apache
etag
"2988-5b94848b276f9-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=900
accept-ranges
bytes
content-length
3813
expires
Wed, 03 Nov 2021 22:07:27 GMT
ats.js
ats.rlcdn.com/ 		184 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ats.rlcdn.com/ats.js
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/1.91.0-kargo-page-takeover.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.253.106 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-253-106.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
489d91bed61ef8d1c31f9de5b1c13777a03ac0864206094dd594ad82ef266ca7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.salon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 03 Nov 2021 04:07:14 GMT
content-encoding
gzip
age
63914
x-amz-server-side-encryption
AES256
x-amz-meta-codebuild-buildarn
arn:aws:codebuild:eu-west-1:469675294282:build/ATSLibrary-prod:f3f3bcb1-d653-4795-a242-0bc52f20e334
x-cache
Hit from cloudfront
x-amz-meta-codebuild-content-sha256
7fac56bbf391534ba4d108d9d1c5ede96a619703863f7695a7d7c98a8fea4662
x-amz-meta-codebuild-content-md5
99ea7c9ae879eabed07b623c4b48c3a2
last-modified
Tue, 26 Oct 2021 10:28:36 GMT
server
AmazonS3
etag
W/"319188f4e162198ee578ba6e65904ead"
vary
Accept-Encoding
x-amz-version-id
aNI79gymn36SdL1OCQ9XQoRn1j6ap8oY
via
1.1 baa5702f7bd64fcbae1e3bd950d9a245.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
content-type
application/x-javascript
x-amz-cf-id
YDLAfMZHNayQZqtgrfHXK1_bY246bJ-HyqqfcvtDhlfsXr2BgKbIow==
445.json
id5-sync.com/g/v2/ 		213 B
531 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/445.json
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/1.91.0-kargo-page-takeover.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.89.7.198 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
p20.id5-sync.com
Software
/
Resource Hash
195d86686493886d7d5c0c5767c788c2abb85e89b67e44bbd7a8cbf399020ecc
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.salon.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
https://www.salon.com
Date
Wed, 03 Nov 2021 21:52:26 GMT
Access-Control-Allow-Credentials
true
Vary
Origin
Transfer-Encoding
chunked
Strict-Transport-Security
max-age=63072000; includeSubDomains; preload
Content-Type
application/json;charset=UTF-8
id
id.sharedid.org/ 		0
213 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id.sharedid.org/id
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/1.91.0-kargo-page-takeover.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.218.247.33 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-218-247-33.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.salon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

access-control-allow-origin
https://www.salon.com
pragma
no-cache
date
Wed, 03 Nov 2021 21:52:28 GMT
cache-control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
expires
0
f
fid.agkn.com/ 		151 B
687 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fid.agkn.com/f?apiKey=2361619832&r=https://www.salon.com/
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/1.91.0-kargo-page-takeover.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.234.102.102 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-234-102-102.compute-1.amazonaws.com
Software
AAWebServer /
Resource Hash
c7eb76a3dce0c3013c7d4d8319f52686eb9a50c0ca70ca49d509be712b64346e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.salon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 03 Nov 2021 21:52:28 GMT
server
AAWebServer
vary
Origin
access-control-allow-methods
GET, POST, OPTIONS
p3p
policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
access-control-allow-origin
https://www.salon.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-type
application/javascript;charset=iso-8859-1
access-control-allow-headers
accept, cache-control, origin, x-requested-with, x-file-name, content-type
content-length
151
expires
0
bidding
bids.proper.io/api/ 		0
171 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bids.proper.io/api/bidding
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/1.91.0-kargo-page-takeover.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.225.168.153 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-225-168-153.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.salon.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
*
Date
Wed, 03 Nov 2021 21:52:28 GMT
Connection
keep-alive
Content-Length
0
Content-Type
application/octet-stream
get_video.php
propervideo.io/ajax/ 		1 KB
965 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://propervideo.io/ajax/get_video.php?id=salon-id-ll5yo5&site=salon
Requested by
Host: player.propervideo.io
URL: https://player.propervideo.io/new_rtp/main.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:9fea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.3.23
Resource Hash
08057f271c56e48b69ab547341e75b8d2c7fc64ce0948d861a53b3da436a4b18

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.salon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 03 Nov 2021 21:52:27 GMT
content-encoding
br
cf-cache-status
HIT
age
200992
x-powered-by
PHP/7.3.23
last-modified
Mon, 01 Nov 2021 14:02:35 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
PUT, GET, POST
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
x-server-id
1
cache-control
public, max-age=300
access-control-allow-credentials
true
cf-ray
6a88d46dce1168e9-FRA
expires
Wed, 03 Nov 2021 21:57:27 GMT
b-7b120a5-7c9914f0.js
tagan.adlightning.com/properio/ 		67 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/properio/b-7b120a5-7c9914f0.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/properio/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.139.84 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
81c28971df4291e16a540f8c58e2ca8f13aa7f4ee1a02d0b3852919b10902df1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.salon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 06 Sep 2021 20:05:24 GMT
content-encoding
gzip
age
5017624
x-cache
Hit from cloudfront
content-length
26203
x-amz-meta-git_commit
7b120a5
last-modified
Wed, 11 Aug 2021 19:11:04 GMT
server
AmazonS3
etag
"bb406d35e3bab5d4e4d328835f3e593e"
x-amz-version-id
De68rAfWXSerlWAoNYx.YB4vxVE8fqqr
via
1.1 70d755f7200c02162c7545e4ce74649b.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA60-P4
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
pSRfPaT75Iy8WU_e5kYsiEeNuO933CpnXTlnVZumjJZTy2NaJGwxLg==
bl-f821a95-e51ac588.js
tagan.adlightning.com/properio/ 		48 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/properio/bl-f821a95-e51ac588.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/properio/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.139.84 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9e859705ddc9f6f3a2ad0fa51bc03a4de3764a228bf7f80da8a8a5234578c650

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.salon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 03 Nov 2021 13:41:34 GMT
content-encoding
gzip
age
29454
x-cache
Hit from cloudfront
content-length
16828
x-amz-meta-git_commit
f821a95
last-modified
Wed, 03 Nov 2021 13:40:09 GMT
server
AmazonS3
etag
"5a80bc32a3f96831223f03988657526b"
x-amz-version-id
hzpdcV3IRoBfaMsIKZAMV5C7E_vqbyq7
via
1.1 70d755f7200c02162c7545e4ce74649b.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA60-P4
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
kCYVmsPBMnCsSAdRPFlj995-fLb0NXUIiaBqpqUPOQEz_Kfdm7D8oA==
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
92e649098eefaf82db65282d7cbb4e65c738aca33c3fc8073a9c770fbcb0623d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type
image/webp
dash.min.js
player.propervideo.io/new_src/libraries/ 		594 KB
159 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.propervideo.io/new_src/libraries/dash.min.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/properio/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:9eea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7b705c8f31bac6bb1e49d9c57534c23dfaaca682160dea116d0d235efaabe9ad

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.salon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 03 Nov 2021 21:52:27 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 27 Nov 2020 19:43:57 GMT
server
cloudflare
age
97363
etag
W/"5fc156fd-94800"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=300
cf-ray
6a88d46e2dbbd6b1-FRA
expires
Wed, 03 Nov 2021 21:57:27 GMT
ll5yo5.jpg
mediaproxy.propervideo.io/width/600/https://d2um6xmmztr4fp.cloudfront.net/propervideo/images/hd/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mediaproxy.propervideo.io/width/600/https://d2um6xmmztr4fp.cloudfront.net/propervideo/images/hd/ll5yo5.jpg
Requested by
Host: www.salon.com
URL: https://www.salon.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:9eea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a42521c8473d6b3355c4ba7cc8f57632a88c61c5c8ec61c7b7c6a04b2fd7855d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.salon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 03 Nov 2021 21:52:27 GMT
cf-cache-status
HIT
age
200991
cf-polished
qual=85, origFmt=jpeg, origSize=29578
content-disposition
inline; filename="ll5yo5.webp"
content-length
22328
x-response-time
46ms
last-modified
Mon, 01 Nov 2021 14:02:36 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
expires
Thu, 03 Nov 2022 21:52:27 GMT
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
6a88d46ece73d6b1-FRA
cf-bgj
imgq:85,h2pri
arj
propermedia-d.openx.net/w/1.0/ 		189 B
571 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://propermedia-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.salon.com%2F&ch=UTF-8&res=1600x1200x24&ifr=true&tws=1600x1200&aus=728x90%2C300x250%2C336x280%7C300x250%7C300x250&auid=540459428%2C540459445%2C540459446&aumfs=100%2C100%2C100&dddid=795a4e54-4e30-45b7-96e5-59ea7b2550b3%2C528d98b5-17a3-49cc-84c9-48c2eda7e17e%2C907aff33-718b-456e-b099-6d571be38ec1&divIds=openx-70526520-bfad-42aa-adc1-59989bb8ebc6%2Copenx-84ad5c80-0b96-4f7b-b973-6f6c1ef49e45%2Copenx-ebb4bb08-4786-49fe-93aa-734fbaf142b2&be=1&bc=hb_pb_3.0.1&nocache=1635976347866&schain=1.0%2C1!proper.io%2Ce5961d07-eb92-11e9-a488-69e3386c7506%2C1&x_gdpr_f=1&us_privacy=1---&id5id=0&_pubcid=2e8e7dc6-0291-43d2-81fe-f8e99abcd3d9
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/1.91.0-kargo-page-takeover.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.218.0 /
Resource Hash
b9a3a31e6f646223696c6f3873f57cfa7b6b2b95ca0e271e40fd65f2f810d155

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.salon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 03 Nov 2021 21:52:27 GMT
content-encoding
gzip
server
OXGW/16.218.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.salon.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
clear
content-length
175
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		715 B
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=8777&site_id=125272&zone_id=1708990&size_id=2%3B2%3B15%3B15%3B15&alt_size_ids=%3B%3B16%3B16%3B&rp_floor=0.1&rp_secure=1&tk_flint=pbjs_lite_v3.2.0&x_source.tid=10f10a49-ef54-4a2c-b0a2-dce2b83d064b%3B474eea1a-2f81-49bb-88d9-75a2e97a004b%3Bb3037c0a-d893-4770-b1e8-1fb724a0438e%3B5b0c50b6-da48-4e45-a663-7702555ee054%3B3e8306c8-7dbc-431f-b52f-d64320cfdc0c&p_screen_res=1600x1200&tg_fl.eid=1708990-4%3B1708990-5%3B1708990-1%3B1708990-2%3B1708990-3&rf=https%3A%2F%2Fwww.salon.com%2F&x_source.pchain=proper.io%3Ae5961d07-eb92-11e9-a488-69e3386c7506&ppuid=2e8e7dc6-0291-43d2-81fe-f8e99abcd3d9&eid_id5-sync.com=0%5E1%5E&eid_pubcid.org=2e8e7dc6-0291-43d2-81fe-f8e99abcd3d9%5E1&us_privacy=1---&rp_schain=1.0%2C1!proper.io%2Ce5961d07-eb92-11e9-a488-69e3386c7506%2C1&slots=5&rand=0.4846070692078188
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/1.91.0-kargo-page-takeover.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
2602:803:c003:200::51 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
2792a77781e2a839531d0c02913adac97a4f878a6a04e33ddf0b79317618377e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.salon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 03 Nov 2021 21:52:27 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.salon.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
715
Expires
Wed, 17 Sep 1975 21:32:10 GMT
apstag.js
c.amazon-adsystem.com/aax2/ 		133 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/1.91.0-kargo-page-takeover.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.109.174 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
973fe12f5130be123a73261e3956030b8a1c380f8cd8234e319b51bda6892898

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.salon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id
Z0IamK7Uj8Cug.ddab3Iex9UsiUM6RCO
content-encoding
gzip
etag
fc2e1be4d234471752ea2ebee7e63d1e
age
216
x-cache
Hit from cloudfront
server
Server
x-amz-rid
0WSSH6DQ9F06NCTHFCZN
date
Wed, 03 Nov 2021 21:48:59 GMT
vary
Accept-Encoding
content-type
application/javascript
via
1.1 0a624670dff351af866d2f19bde4a313.cloudfront.net (CloudFront)
cache-control
public, max-age=900
x-amz-cf-pop
FRA56-P5
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
9oAfbSZNBl894u7ypfB40EaVwXAl7NRCSh_dnDEvsQkVL6fgEhp9iQ==
cygnus
htlb.casalemedia.com/ 		46 B
394 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=321166&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%222e496936-a312-465d-b314-1c9a105162fa%22%2C%22site%22%3A%7B%22ref%22%3A%22%22%2C%22page%22%3A%22https%3A%2F%2Fwww.salon.com%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22sn%22%3A0%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22728x90-1-LOwHx%22%2C%22bidfloor%22%3A0.1%2C%22bidfloorcur%22%3A%22USD%22%2C%22ext%22%3A%7B%22sid%22%3A%22728x90-1-LOwHx%22%2C%22siteID%22%3A%22321166%22%7D%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22w%22%3A728%2C%22h%22%3A90%7D%7D%2C%7B%22id%22%3A%22728x90-2-6QMb0%22%2C%22bidfloor%22%3A0.1%2C%22bidfloorcur%22%3A%22USD%22%2C%22ext%22%3A%7B%22sid%22%3A%22728x90-2-6QMb0%22%2C%22siteID%22%3A%22321166%22%7D%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22w%22%3A728%2C%22h%22%3A90%7D%7D%2C%7B%22id%22%3A%22300x250-1-Kiy0S%22%2C%22bidfloor%22%3A0.1%2C%22bidfloorcur%22%3A%22USD%22%2C%22ext%22%3A%7B%22sid%22%3A%22300x250-1-Kiy0S%22%2C%22siteID%22%3A%22321166%22%7D%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22w%22%3A300%2C%22h%22%3A250%7D%7D%2C%7B%22id%22%3A%22300x250-2-alAaH%22%2C%22bidfloor%22%3A0.1%2C%22bidfloorcur%22%3A%22USD%22%2C%22ext%22%3A%7B%22sid%22%3A%22300x250-2-alAaH%22%2C%22siteID%22%3A%22321166%22%7D%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22w%22%3A300%2C%22h%22%3A250%7D%7D%2C%7B%22id%22%3A%22300x250-3-GFzYl%22%2C%22bidfloor%22%3A0.1%2C%22bidfloorcur%22%3A%22USD%22%2C%22ext%22%3A%7B%22sid%22%3A%22300x250-3-GFzYl%22%2C%22siteID%22%3A%22321166%22%7D%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22w%22%3A300%2C%22h%22%3A250%7D%7D%2C%7B%22id%22%3A%22336x280-1-ElNqS%22%2C%22bidfloor%22%3A0.1%2C%22bidfloorcur%22%3A%22USD%22%2C%22ext%22%3A%7B%22sid%22%3A%22336x280-1-ElNqS%22%2C%22siteID%22%3A%22321166%22%7D%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22w%22%3A336%2C%22h%22%3A280%7D%7D%5D%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22nodes%22%3A%5B%7B%22hp%22%3A1%2C%22asi%22%3A%22proper.io%22%2C%22sid%22%3A%22e5961d07-eb92-11e9-a488-69e3386c7506%22%7D%5D%2C%22complete%22%3A1%7D%7D%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22gdpr%22%3A0%2C%22us_privacy%22%3A%221---%22%7D%7D%7D
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/1.91.0-kargo-page-takeover.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.37.38.181 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-38-181.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
a21d223dd8dd1a11b8c2049f7a2995466563e0e549e3631499a6020231622c43

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.salon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 03 Nov 2021 21:52:28 GMT
content-encoding
gzip
x-ak-initial-geo
CC:[DE], RC:[SN], CN:[EU], CIP:[136.243.198.80], XFF:[]
server
Apache
vary
Is-Traffic-Invalid,Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.salon.com
x-cs-client-geo
12
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
66
x-ak-client-geo
12
expires
Wed, 03 Nov 2021 21:52:28 GMT
prebid
prebid.media.net/rtb/ 		1 KB
880 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CUW4K2MG
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/1.91.0-kargo-page-takeover.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.148.139 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
139.148.107.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
7279c4c8a06b691e8f08bfac5066ccc587aa97a86431a2f1d61553c147ba1e33

Request headers

Referer
https://www.salon.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 03 Nov 2021 21:52:27 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.salon.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
clear
via
1.1 google
cdb
bidder.criteo.com/ 		18 B
282 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=5.18.0&cb=90311630929&im=1
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/1.91.0-kargo-page-takeover.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910

Request headers

Referer
https://www.salon.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Wed, 03 Nov 2021 21:52:27 GMT
content-encoding
gzip
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.salon.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
44
prebid
ib.adnxs.com/ut/v3/ 		598 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/1.91.0-kargo-page-takeover.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.38 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
690.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
87be16637580ca332b866a832ded9dfadebabf5ee1431906648bc366305342f5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.salon.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Wed, 03 Nov 2021 21:52:28 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
136.243.198.80; 136.243.198.80; 690.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
f16fbae8-4fd7-4958-8460-b7b0a03c1ff6
Server
nginx/1.17.9
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://www.salon.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
v1
btlr.sharethrough.com/WYu2BXv1/ 		0
112 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/WYu2BXv1/v1?placement_key=F8MULVWUDAosezLnCD16d3xY&bidId=F8MULVWUDAosezLnCD16d3xY&bidfloor=0.1&instant_play_capable=true&hbSource=prebid&hbVersion=3.0.0&strVersion=3.2.0&id5uid=%5Bobject%20Object%5D&pubcid=2e8e7dc6-0291-43d2-81fe-f8e99abcd3d9&us_privacy=1---&schain=%7B%22ver%22%3A%221.0%22%2C%22nodes%22%3A%5B%7B%22hp%22%3A1%2C%22asi%22%3A%22proper.io%22%2C%22sid%22%3A%22e5961d07-eb92-11e9-a488-69e3386c7506%22%7D%5D%2C%22complete%22%3A1%7D
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/1.91.0-kargo-page-takeover.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.28.9.10 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-9-10.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.salon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

access-control-allow-origin
https://www.salon.com
date
Wed, 03 Nov 2021 21:52:27 GMT
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/WYu2BXv1/ 		0
112 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/WYu2BXv1/v1?placement_key=kT4ysUFN4n5metmdia1r2pcG&bidId=kT4ysUFN4n5metmdia1r2pcG&bidfloor=0.1&instant_play_capable=true&hbSource=prebid&hbVersion=3.0.0&strVersion=3.2.0&id5uid=%5Bobject%20Object%5D&pubcid=2e8e7dc6-0291-43d2-81fe-f8e99abcd3d9&us_privacy=1---&schain=%7B%22ver%22%3A%221.0%22%2C%22nodes%22%3A%5B%7B%22hp%22%3A1%2C%22asi%22%3A%22proper.io%22%2C%22sid%22%3A%22e5961d07-eb92-11e9-a488-69e3386c7506%22%7D%5D%2C%22complete%22%3A1%7D
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/1.91.0-kargo-page-takeover.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.28.9.10 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-9-10.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.salon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

access-control-allow-origin
https://www.salon.com
date
Wed, 03 Nov 2021 21:52:27 GMT
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/WYu2BXv1/ 		0
113 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/WYu2BXv1/v1?placement_key=DQMnTARGrrM5gxNdN6yAtmtp&bidId=DQMnTARGrrM5gxNdN6yAtmtp&bidfloor=0.1&instant_play_capable=true&hbSource=prebid&hbVersion=3.0.0&strVersion=3.2.0&id5uid=%5Bobject%20Object%5D&pubcid=2e8e7dc6-0291-43d2-81fe-f8e99abcd3d9&us_privacy=1---&schain=%7B%22ver%22%3A%221.0%22%2C%22nodes%22%3A%5B%7B%22hp%22%3A1%2C%22asi%22%3A%22proper.io%22%2C%22sid%22%3A%22e5961d07-eb92-11e9-a488-69e3386c7506%22%7D%5D%2C%22complete%22%3A1%7D
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/1.91.0-kargo-page-takeover.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.28.9.10 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-9-10.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.salon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

access-control-allow-origin
https://www.salon.com
date
Wed, 03 Nov 2021 21:52:27 GMT
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/WYu2BXv1/ 		0
112 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/WYu2BXv1/v1?placement_key=MCAFXkMpXrFWfqqsZK42o9N2&bidId=MCAFXkMpXrFWfqqsZK42o9N2&bidfloor=0.1&instant_play_capable=true&hbSource=prebid&hbVersion=3.0.0&strVersion=3.2.0&id5uid=%5Bobject%20Object%5D&pubcid=2e8e7dc6-0291-43d2-81fe-f8e99abcd3d9&us_privacy=1---&schain=%7B%22ver%22%3A%221.0%22%2C%22nodes%22%3A%5B%7B%22hp%22%3A1%2C%22asi%22%3A%22proper.io%22%2C%22sid%22%3A%22e5961d07-eb92-11e9-a488-69e3386c7506%22%7D%5D%2C%22complete%22%3A1%7D
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/1.91.0-kargo-page-takeover.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.28.9.10 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-9-10.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.salon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

access-control-allow-origin
https://www.salon.com
date
Wed, 03 Nov 2021 21:52:27 GMT
access-control-allow-credentials
true
vary
Origin
translator
hbopenbid.pubmatic.com/ 		0
115 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/1.91.0-kargo-page-takeover.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.salon.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://www.salon.com
date
Wed, 03 Nov 2021 21:52:27 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
bid
ap.lijit.com/rtb/ 		115 B
754 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_5.18.0
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/1.91.0-kargo-page-takeover.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.13 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
/
Resource Hash
e46e310306db4480ca39acaa1797a1bcf4f6af051450ee6f84c12c3ec5706764

Request headers

Referer
https://www.salon.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Wed, 03 Nov 2021 21:52:27 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://www.salon.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap2ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
111
v1
prg.smartadserver.com/prebid/ 		735 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/1.91.0-kargo-page-takeover.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.32 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
19161157b90b37d42790f4b8d1e72777b366f05eaa904593c145d31c3a5d4f82

Request headers

Referer
https://www.salon.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 03 Nov 2021 21:52:27 GMT
content-encoding
br
vary
Accept-Encoding
x-smrt-d
4%3b21%3b60
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://www.salon.com
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
transfer-encoding
chunked
v1
prg.smartadserver.com/prebid/ 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/1.91.0-kargo-page-takeover.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.32 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
c59c99744c79151c7e70de4c589d825cac7de500c2bb2d207820f37e7fea7c26

Request headers

Referer
https://www.salon.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 03 Nov 2021 21:52:27 GMT
content-encoding
br
vary
Accept-Encoding
x-smrt-d
4%3b9%3b69
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://www.salon.com
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
transfer-encoding
chunked
v1
prg.smartadserver.com/prebid/ 		908 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/1.91.0-kargo-page-takeover.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.32 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
952441349b4c057299a501444f711dc764b49b0336cdcb6b4f76cd09587a129d

Request headers

Referer
https://www.salon.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 03 Nov 2021 21:52:27 GMT
content-encoding
br
vary
Accept-Encoding
x-smrt-d
4%3b24%3b67
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://www.salon.com
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
transfer-encoding
chunked
v1
prg.smartadserver.com/prebid/ 		661 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/1.91.0-kargo-page-takeover.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.32 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
146e5052d0f8508dffd8ad8c52e958a31d0ac04fcf8bd3e4c7a5eb40bca88359

Request headers

Referer
https://www.salon.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 03 Nov 2021 21:52:27 GMT
content-encoding
br
vary
Accept-Encoding
x-smrt-d
4%3b2%3b63
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://www.salon.com
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
transfer-encoding
chunked
bid-request
a.teads.tv/hb/ 		16 B
247 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/hb/bid-request
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/1.91.0-kargo-page-takeover.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.232.7 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-232-7.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Request headers

Referer
https://www.salon.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 03 Nov 2021 21:52:28 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.salon.com
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
42
expires
Wed, 03 Nov 2021 21:52:28 GMT
auction
tlx.3lift.com/header/ 		18 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=5.18.0&referrer=https%3A%2F%2Fwww.salon.com%2F&tmax=1200&gdpr=false&us_privacy=1---
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/1.91.0-kargo-page-takeover.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.185.169.108 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-185-169-108.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
3bb48d4348c56ff24220eef7b04be7e6da53199e0583d63b157dd840fec5926f
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.salon.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 03 Nov 2021 21:52:28 GMT
content-encoding
gzip
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.salon.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
4408
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
hb
hb.undertone.com/ 		0
684 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.undertone.com/hb?pid=3520&domain=salon.com&gdpr=0&gdprstr=&ccpa=1---
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/1.91.0-kargo-page-takeover.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.salon.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 03 Nov 2021 21:52:27 GMT
via
1.1 59d5785a1d012a54118141e7e216a493.cloudfront.net (CloudFront)
server
istio-envoy
x-amz-cf-pop
FRA56-P2
x-cache
Miss from cloudfront
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSDo OUR BUS UNI COM NAV"
access-control-allow-origin
https://www.salon.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
x-amz-cf-id
zJKv1B6mm3TR1iNIk9zDoVDH6BRBwFMIfX3hjdWgGyA0JNcMp6UEyQ==
expires
Mon, 26 Jul 1997 05:00:00 GMT
24
web.hb.ad.cpe.dotomi.com/s2s/header/ 		427 B
611 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://web.hb.ad.cpe.dotomi.com/s2s/header/24
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/1.91.0-kargo-page-takeover.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a02:fa8:8806:13::1460 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
389a9a3789c95e186938117ed685c0f2cdc8be282a1d3995363995ed429bfb56

Request headers

Referer
https://www.salon.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 03 Nov 2021 21:52:28 GMT
server
nginx
content-type
application/json
access-control-allow-origin
https://www.salon.com
cache-control
no-cache
access-control-allow-credentials
true
content-length
427
expires
0
hb
ssc.33across.com/api/v1/ 		87 B
318 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/1.91.0-kargo-page-takeover.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
38f04c123509bf6c5621c67580ad6165c8fe9ec2d7a5fb716cce5b5899ffcc4b

Request headers

Referer
https://www.salon.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Wed, 03 Nov 2021 21:52:27 GMT
content-encoding
gzip
status
200 OK
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.salon.com
access-control-allow-credentials
true
alt-svc
clear
via
1.1 google
hb
ssc.33across.com/api/v1/ 		87 B
179 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/1.91.0-kargo-page-takeover.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
148b871e949a6a4caf538057e75581146b3ad0c104be1b4023d65a8bfd7c78d2

Request headers

Referer
https://www.salon.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Wed, 03 Nov 2021 21:52:27 GMT
content-encoding
gzip
status
200 OK
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.salon.com
access-control-allow-credentials
true
alt-svc
clear
via
1.1 google
hb
ssc.33across.com/api/v1/ 		87 B
170 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/1.91.0-kargo-page-takeover.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
cc8e36d463defbcf3246a917a182606b060815c9a56c92757a116c53ab326cf0

Request headers

Referer
https://www.salon.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Wed, 03 Nov 2021 21:52:27 GMT
content-encoding
gzip
status
200 OK
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.salon.com
access-control-allow-credentials
true
alt-svc
clear
via
1.1 google
prebid
bids.concert.io/bids/ 		22 B
405 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bids.concert.io/bids/prebid
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/1.91.0-kargo-page-takeover.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.126.186 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
186.126.117.34.bc.googleusercontent.com
Software
Google Frontend / Express
Resource Hash
55aabd4f133660977420281f291a1ed0c58714a47679738bdaad2e8d59c31004

Request headers

Referer
https://www.salon.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Wed, 03 Nov 2021 21:52:28 GMT
via
1.1 google
x-lat-long
48.370545,10.897790
x-powered-by
Express
x-region
DE
x-city
Augsburg
alt-svc
clear
content-length
22
x-response-time
225.990ms
server
Google Frontend
etag
W/"16-6cDG702lpKxhI09DG03JuPCfUBY"
vary
Origin, Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.salon.com
x-cloud-trace-context
dd7ac79a554d66ceb6d19e321f8766ff/13108715267817823475;o=1
access-control-allow-credentials
true
x-region-subdivision
DEBY
/
hb.emxdgt.com/ 		0
158 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.emxdgt.com/?t=1000&ts=1635976347881
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/1.91.0-kargo-page-takeover.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.156.230.193 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-156-230-193.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.salon.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://www.salon.com
date
Wed, 03 Nov 2021 21:52:27 GMT
cache-control
no-cache
access-control-allow-credentials
true
access-control-allow-headers
security, Content-Type
v1
hb-api.omnitagjs.com/hb-api/prebid/ 		392 B
741 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb-api.omnitagjs.com/hb-api/prebid/v1?CanonicalUrl=https%3A%2F%2Fwww.salon.com%2F
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/1.91.0-kargo-page-takeover.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.255.84.151 Paris, France, ASN200271 (IGUANE-, FR),
Reverse DNS
Software
ayl-lb-fra02 /
Resource Hash
e6305050c1f12c5d57ec8f6bf06181c68cef3b17f745e8a4c992381b61d47d40
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.salon.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 03 Nov 2021 21:52:27 GMT
x-content-type-options
nosniff
server
ayl-lb-fra02
vary
Accept-Encoding
access-control-allow-methods
OPTIONS, POST
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.salon.com
access-control-max-age
3600
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
35
access-control-allow-headers
Accept-Encoding, Content-Type
content-length
392
expires
0
pubads_impl_2021102801.js
securepubads.g.doubleclick.net/gpt/ 		350 KB
118 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021102801.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/properio/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f98.1e100.net
Software
sffe /
Resource Hash
d5b83174b14c8fb07a6cfc17abbc860e726a23b84f724c468049c73e1e8d7cba
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.salon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 03 Nov 2021 21:52:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
120786
x-xss-protection
0
last-modified
Thu, 28 Oct 2021 08:34:36 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 03 Nov 2021 21:52:27 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		189 B
144 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.salon.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f98.1e100.net
Software
cafe /
Resource Hash
b6ff0f2cb4595ec01f5ac1694c0193f382c1daba771d4eacd66b99b5fefee714
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.salon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 03 Nov 2021 21:52:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
119
x-xss-protection
0
expires
Wed, 03 Nov 2021 21:52:27 GMT
conversion_async.js
www.googleadservices.com/pagead/ 		37 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-657872957
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
55aa0299a6b880ddee3b6e438a6e155730fca9eaf992e5e4ac105ca1de5f3312
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.salon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 03 Nov 2021 21:52:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14369
x-xss-protection
0
server
cafe
etag
15288909967828865177
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Wed, 03 Nov 2021 21:52:28 GMT
usync.js
eus.rubiconproject.com/ Frame 1A88 		32 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=8777&endpoint=us-west
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.89.20.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-89-20-125.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
4ac95c59a70b7c78d9dcfce05d1dcfd512e8f083d1525cf5d34ee3f57bf8e325

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=8777&endpoint=us-west
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date
Wed, 03 Nov 2021 21:52:27 GMT
Content-Encoding
gzip
Last-Modified
Wed, 03 Nov 2021 21:03:19 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=83854
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9506
Expires
Thu, 04 Nov 2021 21:10:01 GMT
css
fonts.googleapis.com/ 		54 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Archivo|Arimo|Bitter|EB+Garamond|Lato|Libre+Baskerville|Libre+Franklin|Lora|Google+Sans:regular,medium|Material+Icons|Merriweather|Montserrat|Mukta|Muli|Nunito|Open+Sans:400,600,700|Open+Sans+Condensed:300,400,600,700|Oswald|Playfair+Display|Poppins|Raleway|Roboto|Roboto+Condensed|Roboto+Slab|Slabo+27px|Source+Sans+Pro|Ubuntu|Volkhov&display=swap
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorIabTcfV2ClientJs.de.iDei_fIRu7s.es5.O/d=1/rs=AJlcJMxAOfPDMp1omlUb589sO7JZAoIaeg/m=iabtcfv2wallscript
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
1d94be6ff05be0fbb645591bca2a96f3ff991a46a304a40c73c17c798a1ed023
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.salon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 03 Nov 2021 21:52:27 GMT
server
ESF
date
Wed, 03 Nov 2021 21:52:27 GMT
x-frame-options
SAMEORIGIN
report-to
{"group":"AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"}]}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only
same-origin; report-to="AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"
expires
Wed, 03 Nov 2021 21:52:27 GMT
Ox7mB4USqjJKDjfyyFN8wg_nUmEfXWTiUIOqMuGxgD0vVLX6AzxZQVJtS_-oSbZQOitgEVhIBy1y9-IQ7dXNctSgd1ArO-3svCdSyDUl1pK8Sod70EtP=h60
lh3.googleusercontent.com/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lh3.googleusercontent.com/Ox7mB4USqjJKDjfyyFN8wg_nUmEfXWTiUIOqMuGxgD0vVLX6AzxZQVJtS_-oSbZQOitgEVhIBy1y9-IQ7dXNctSgd1ArO-3svCdSyDUl1pK8Sod70EtP=h60
Requested by
Host: www.salon.com
URL: https://www.salon.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
db2c15c2e76a2f6e8ec9e2bef69f55e123e4949840caf2c0fcb5b606fb56a361
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.salon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 03 Nov 2021 19:38:14 GMT
x-content-type-options
nosniff
age
8054
content-disposition
inline;filename="unnamed.png"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1619
x-xss-protection
0
server
fife
etag
"v1"
vary
Origin
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Fri, 22 Oct 2021 05:38:19 GMT
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v27/ 		44 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v27/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Archivo|Arimo|Bitter|EB+Garamond|Lato|Libre+Baskerville|Libre+Franklin|Lora|Google+Sans:regular,medium|Material+Icons|Merriweather|Montserrat|Mukta|Muli|Nunito|Open+Sans:400,600,700|Open+Sans+Condensed:300,400,600,700|Oswald|Playfair+Display|Poppins|Raleway|Roboto|Roboto+Condensed|Roboto+Slab|Slabo+27px|Source+Sans+Pro|Ubuntu|Volkhov&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.salon.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 01 Nov 2021 21:11:57 GMT
x-content-type-options
nosniff
age
175231
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44656
x-xss-protection
0
last-modified
Thu, 28 Oct 2021 00:30:43 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Tue, 01 Nov 2022 21:11:57 GMT
flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
fonts.gstatic.com/s/materialicons/v114/ 		114 KB
114 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/materialicons/v114/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Archivo|Arimo|Bitter|EB+Garamond|Lato|Libre+Baskerville|Libre+Franklin|Lora|Google+Sans:regular,medium|Material+Icons|Merriweather|Montserrat|Mukta|Muli|Nunito|Open+Sans:400,600,700|Open+Sans+Condensed:300,400,600,700|Oswald|Playfair+Display|Poppins|Raleway|Roboto|Roboto+Condensed|Roboto+Slab|Slabo+27px|Source+Sans+Pro|Ubuntu|Volkhov&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b819e02fcd718274f1b6ad5e11e5b6330f25f5388b8ceb6213463725e81644af
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.salon.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Tue, 02 Nov 2021 00:16:05 GMT
x-content-type-options
nosniff
age
164183
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
116484
x-xss-protection
0
last-modified
Tue, 02 Nov 2021 00:08:13 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 02 Nov 2022 00:16:05 GMT
AGSKWxUSaSlEsbzmzYzxgX04GyEmuvq3kH2DHcY17QNaLzO5zuqe_l7W1AyVfhoz3XtcUgNdO1s-Uo0Bs6UJL9kVv8lrjQlJo3fbFe_JiIkq_Vfufi6x3ILYsU6UVzSCdLz0_5P8D5RZedGrgqtNem0qUu7tLRKKrKNe9okDim2pd0ZnaEOh0hqOb424DRO6
fundingchoicesmessages.google.com/el/ 		0
363 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxUSaSlEsbzmzYzxgX04GyEmuvq3kH2DHcY17QNaLzO5zuqe_l7W1AyVfhoz3XtcUgNdO1s-Uo0Bs6UJL9kVv8lrjQlJo3fbFe_JiIkq_Vfufi6x3ILYsU6UVzSCdLz0_5P8D5RZedGrgqtNem0qUu7tLRKKrKNe9okDim2pd0ZnaEOh0hqOb424DRO6?dmid=53cb964110ed71cd
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorIabTcfV2ClientJs.de.iDei_fIRu7s.es5.O/d=1/rs=AJlcJMxAOfPDMp1omlUb589sO7JZAoIaeg/m=iabtcfv2wallscript
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-dnVK0Je6n8W9AgoCE/kMhg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-dnVK0Je6n8W9AgoCE/kMhg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.salon.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 03 Nov 2021 21:52:28 GMT
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
pragma
no-cache
server
ESF
cross-origin-opener-policy
same-origin
x-frame-options
SAMEORIGIN
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.salon.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-dnVK0Je6n8W9AgoCE/kMhg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-dnVK0Je6n8W9AgoCE/kMhg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
expires
Mon, 01 Jan 1990 00:00:00 GMT
ll5yo5.mpd
d2um6xmmztr4fp.cloudfront.net/propervideo/processed-dash/ 		2 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://d2um6xmmztr4fp.cloudfront.net/propervideo/processed-dash/ll5yo5.mpd
Requested by
Host: player.propervideo.io
URL: https://player.propervideo.io/new_src/libraries/dash.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:d800:14:6f36:d40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6c5d110e7d2bec93112a5d498dc620bf2213eb5d6af634cfa37a5e5d4fce5fd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.salon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 01 Nov 2021 15:24:56 GMT
via
1.1 e65c822edea04e16936bdb4537763dd5.cloudfront.net (CloudFront)
age
196053
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
2525
last-modified
Fri, 29 Oct 2021 15:37:55 GMT
server
AmazonS3
etag
"509d92ce2f1e72ed379bbc82812f8593"
vary
Origin
access-control-allow-methods
GET, POST, HEAD
x-amz-version-id
1OqE_0APolXmrQVKQBlRdamNHJPE5K.x
access-control-allow-origin
*
cache-control
public, s-maxage=31536000, max-age=31536000
x-amz-cf-pop
FRA60-P4
accept-ranges
bytes
content-type
application/dash+xml
x-amz-cf-id
VrIIFgtzODLqMcPI5Of94UwMv1CYKUrEvYFcm32nR-ddNkQtNZIX9w==
launcher.min.js
secure.cdn.fastclick.net/js/cnvr-launcher/latest/ 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher.min.js
Requested by
Host: secure.cdn.fastclick.net
URL: https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher-stub.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.89.31.187 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-89-31-187.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
d7cd09b590143e055a2a0bbfa2b87359e72b419db9f29ecdf3e946fc08c74a56

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.salon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 03 Nov 2021 21:52:28 GMT
content-encoding
gzip
last-modified
Tue, 19 Jan 2021 22:23:11 GMT
server
Apache
etag
"a253-5b94848b276f1-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=900
accept-ranges
bytes
content-length
14886
expires
Wed, 03 Nov 2021 22:07:28 GMT
haloid
aufp.io/api/v1/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://aufp.io/api/v1/haloid
Requested by
Host: a.ad.gt
URL: https://a.ad.gt/api/v1/u/matches/317?url=https%3A%2F%2Fwww.salon.com%2F&ref=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.213.79.211 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-213-79-211.us-west-2.compute.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
85e50082d7ce113bfa87dbade18dbf747d1bacfcffdbd628296dcffa98a08f94

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.salon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 03 Nov 2021 21:52:28 GMT
content-encoding
gzip
last-modified
Fri, 29 Oct 2021 04:16:12 GMT
server
nginx/1.18.0
etag
W/"1635480972.0-6132-2958560116"
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript
access-control-allow-origin
*, *
access-control-expose-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
cache-control
public, max-age=43200
origin-trial
A/KTxPuSXtwcggydvUxw5B4dXspsb2iweedc7KDi2xv9M89MtnOpULTs7DQJVHBxGDV5wj5a3LW9S4ev3WfQkwIAAAB+eyJvcmlnaW4iOiJodHRwczovL2hhbG9mbG9jLmNvbTo0NDMiLCJmZWF0dXJlIjoiSW50ZXJlc3RDb2hvcnRBUEkiLCJleHBpcnkiOjE2MjYyMjA3OTksImlzU3ViZG9tYWluIjp0cnVlLCJpc1RoaXJkUGFydHkiOnRydWV9
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
expires
Thu, 04 Nov 2021 09:52:28 GMT
317
p.ad.gt/api/v1/p/ 		25 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://p.ad.gt/api/v1/p/317
Requested by
Host: a.ad.gt
URL: https://a.ad.gt/api/v1/u/matches/317?url=https%3A%2F%2Fwww.salon.com%2F&ref=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.187.25.111 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-187-25-111.us-west-2.compute.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
3809a6684f846affe0fe66e55bd75a099b9d0df6ad5f16019cd38729269db633

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.salon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 03 Nov 2021 21:52:28 GMT
content-encoding
gzip
server
nginx/1.18.0
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
match
ids.ad.gt/api/v1/
Redirect Chain
  • https://secure.adnxs.com/getuid?https://ids.ad.gt/api/v1/match?id=de073e09-6df1-4182-9ecf-5314e62cd9e4&adnxs_id=$UID
  • https://ids.ad.gt/api/v1/match?id=de073e09-6df1-4182-9ecf-5314e62cd9e4&adnxs_id=2122704094273706711
43 B
564 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ids.ad.gt/api/v1/match?id=de073e09-6df1-4182-9ecf-5314e62cd9e4&adnxs_id=2122704094273706711
Requested by
Host: www.salon.com
URL: https://www.salon.com/
Protocol
H2
Server
52.35.10.191 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-35-10-191.us-west-2.compute.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.salon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 03 Nov 2021 21:52:28 GMT
cache-control
public, max-age=43200
server
nginx/1.18.0
content-type
image/gif
expires
Thu, 04 Nov 2021 09:52:28 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 03 Nov 2021 21:52:28 GMT
X-Proxy-Origin
136.243.198.80; 136.243.198.80; 693.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
d36badaf-eed1-41ba-b9c6-0f37188db70f
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://ids.ad.gt/api/v1/match?id=de073e09-6df1-4182-9ecf-5314e62cd9e4&adnxs_id=2122704094273706711
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
t_match
ids.ad.gt/api/v1/
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8gkxb6n&ttd_tpi=1&gpdr=0&ttd_puid=de073e09-6df1-4182-9ecf-5314e62cd9e4
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=8gkxb6n&ttd_tpi=1&gpdr=0&ttd_puid=de073e09-6df1-4182-9ecf-5314e62cd9e4
  • https://ids.ad.gt/api/v1/t_match?tdid=b25042a1-920c-4527-ab1d-1239a8bb2046&id=de073e09-6df1-4182-9ecf-5314e62cd9e4
43 B
568 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ids.ad.gt/api/v1/t_match?tdid=b25042a1-920c-4527-ab1d-1239a8bb2046&id=de073e09-6df1-4182-9ecf-5314e62cd9e4
Requested by
Host: www.salon.com
URL: https://www.salon.com/
Protocol
H2
Server
52.35.10.191 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-35-10-191.us-west-2.compute.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.salon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 03 Nov 2021 21:52:28 GMT
cache-control
public, max-age=43200
server
nginx/1.18.0
content-type
image/gif
expires
Thu, 04 Nov 2021 09:52:28 GMT

Redirect headers

pragma
no-cache
date
Wed, 03 Nov 2021 21:52:28 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://ids.ad.gt/api/v1/t_match?tdid=b25042a1-920c-4527-ab1d-1239a8bb2046&id=de073e09-6df1-4182-9ecf-5314e62cd9e4
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
259
pbm_match
ids.ad.gt/api/v1/
Redirect Chain
  • https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fpbm_match%3Fpbm%3D%23PM_USER_ID%26id%3Dde073e09-6df1-4182-9ecf-5314e62cd9e4
  • https://ids.ad.gt/api/v1/pbm_match?pbm=0FE355CA-71C4-40AC-AC05-98C8E8C1D328&id=de073e09-6df1-4182-9ecf-5314e62cd9e4
43 B
572 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ids.ad.gt/api/v1/pbm_match?pbm=0FE355CA-71C4-40AC-AC05-98C8E8C1D328&id=de073e09-6df1-4182-9ecf-5314e62cd9e4
Requested by
Host: www.salon.com
URL: https://www.salon.com/
Protocol
H2
Server
52.35.10.191 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-35-10-191.us-west-2.compute.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.salon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 03 Nov 2021 21:52:28 GMT
cache-control
public, max-age=43200
server
nginx/1.18.0
content-type
image/gif
expires
Thu, 04 Nov 2021 09:52:28 GMT

Redirect headers

location
https://ids.ad.gt/api/v1/pbm_match?pbm=0FE355CA-71C4-40AC-AC05-98C8E8C1D328&id=de073e09-6df1-4182-9ecf-5314e62cd9e4
date
Wed, 03 Nov 2021 21:52:27 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
g_match
ids.ad.gt/api/v1/
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_cm&google_sc&google_ula=450542624&id=de073e09-6df1-4182-9ecf-5314e62cd9e4
  • https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_cm=&google_sc=&google_ula=450542624&id=de073e09-6df1-4182-9ecf-5314e62cd9e4&google_tc=
  • https://ids.ad.gt/api/v1/g_match?id=de073e09-6df1-4182-9ecf-5314e62cd9e4&google_gid=CAESEO8bnENmEG1nrkxYnMKJTM4&google_cver=1&google_ula=450542624,0
43 B
571 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ids.ad.gt/api/v1/g_match?id=de073e09-6df1-4182-9ecf-5314e62cd9e4&google_gid=CAESEO8bnENmEG1nrkxYnMKJTM4&google_cver=1&google_ula=450542624,0
Requested by
Host: www.salon.com
URL: https://www.salon.com/
Protocol
H2
Server
52.35.10.191 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-35-10-191.us-west-2.compute.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.salon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 03 Nov 2021 21:52:28 GMT
cache-control
public, max-age=43200
server
nginx/1.18.0
content-type
image/gif
expires
Thu, 04 Nov 2021 09:52:28 GMT

Redirect headers

pragma
no-cache
date
Wed, 03 Nov 2021 21:52:28 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ids.ad.gt/api/v1/g_match?id=de073e09-6df1-4182-9ecf-5314e62cd9e4&google_gid=CAESEO8bnENmEG1nrkxYnMKJTM4&google_cver=1&google_ula=450542624,0
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
357
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/
Redirect Chain
  • https://ids.ad.gt/api/v1/g_hosted?id=de073e09-6df1-4182-9ecf-5314e62cd9e4
  • https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_hm=ZGUwNzNlMDktNmRmMS00MTgyLTllY2YtNTMxNGU2MmNkOWU0
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_hm=ZGUwNzNlMDktNmRmMS00MTgyLTllY2YtNTMxNGU2MmNkOWU0
Requested by
Host: www.salon.com
URL: https://www.salon.com/
Protocol
H3
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.salon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 03 Nov 2021 21:52:28 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_hm=ZGUwNzNlMDktNmRmMS00MTgyLTllY2YtNTMxNGU2MmNkOWU0
date
Wed, 03 Nov 2021 21:52:28 GMT
server
nginx/1.18.0
content-length
473
content-type
text/html; charset=utf-8
beeswax_match
ids.ad.gt/api/v1/
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/audigent?buyer_user_id=de073e09-6df1-4182-9ecf-5314e62cd9e4
  • https://match.prod.bidr.io/cookie-sync/audigent?buyer_user_id=de073e09-6df1-4182-9ecf-5314e62cd9e4&_bee_ppp=1
  • https://ids.ad.gt/api/v1/beeswax_match?beeswax_id=AAVMSE7DBgkAADFpDtoCIw&id=de073e09-6df1-4182-9ecf-5314e62cd9e4
43 B
477 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ids.ad.gt/api/v1/beeswax_match?beeswax_id=AAVMSE7DBgkAADFpDtoCIw&id=de073e09-6df1-4182-9ecf-5314e62cd9e4
Requested by
Host: www.salon.com
URL: https://www.salon.com/
Protocol
H2
Server
52.35.10.191 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-35-10-191.us-west-2.compute.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.salon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 03 Nov 2021 21:52:28 GMT
cache-control
public, max-age=43200
server
nginx/1.18.0
content-type
image/gif
expires
Thu, 04 Nov 2021 09:52:28 GMT

Redirect headers

location
https://ids.ad.gt/api/v1/beeswax_match?beeswax_id=AAVMSE7DBgkAADFpDtoCIw&id=de073e09-6df1-4182-9ecf-5314e62cd9e4
Date
Wed, 03 Nov 2021 21:52:28 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
strict-transport-security
max-age=2592000; includeSubDomains
cm
trc.taboola.com/sg/audigent/1/ 		43 B
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/sg/audigent/1/cm?redirect=http%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Ftaboola%3Fpartner_uid%3D%3CTUID%3E%3Fid%3Dde073e09-6df1-4182-9ecf-5314e62cd9e4
Requested by
Host: www.salon.com
URL: https://www.salon.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::300 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
0d9762a1a60deef8aa093c473ad27c38eed77184d6940e7df06d89d77cbd3e94

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.salon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-vcl-time-ms
9
pragma
no-cache
date
Wed, 03 Nov 2021 21:52:28 GMT
via
1.1 varnish
server
nginx
x-timer
S1635976349.627993,VS0,VE9
x-served-by
cache-fra19134-FRA
x-cache
MISS
cache-control
no-cache, no-store
accept-ranges
bytes
x-cache-hits
0
us
sync.go.sonobi.com/ 		0
410 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us?https://ids.ad.gt/api/v1/son_match?id=de073e09-6df1-4182-9ecf-5314e62cd9e4&uid=[UID]
Requested by
Host: www.salon.com
URL: https://www.salon.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
72.34.250.75 North Hollywood, United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.salon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 03 Nov 2021 21:52:29 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
go-lax-1-5-9
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Type
text/plain; charset=utf8
Content-Length
0
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
/
geo.privacymanager.io/ 		30 B
594 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://geo.privacymanager.io/
Requested by
Host: ats.rlcdn.com
URL: https://ats.rlcdn.com/ats.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.87.87 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-87-87.fra2.r.cloudfront.net
Software
/
Resource Hash
c0a2e157af72d5455d5b7ac1ea5d3c446d7e4ba3f0025dc060a11e8386e0160a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.salon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 03 Nov 2021 10:55:30 GMT
via
1.1 e41703af87be84ac95b3cadf9d8dd470.cloudfront.net (CloudFront), 1.1 1bf129b8787cf2e96d3bce725554e4d5.cloudfront.net (CloudFront)
age
39418
x-amzn-requestid
ec18a139-f53d-4ddd-9ae3-365d85ac1de1
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
content-type
application/json
access-control-allow-origin
*
x-amzn-trace-id
Root=1-61826aa2-443e0bf6636e34623a2baed3;Sampled=0
x-cache
Hit from cloudfront
x-amz-cf-pop
FRA56-P3, FRA2-C2
x-amz-apigw-id
IOWZcGYhDoEFhTw=
content-length
30
x-amz-cf-id
UjMXdEUUxyqQqqoV68h_OEQGHxMeBKhj0dnnw0Qt2pvizsuwfqiZsQ==
access-control-allow-headers
Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.109.174 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.salon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id
c91ZTIbLZrDqT0mloV_AD7.LNsTlhW69
content-encoding
gzip
etag
W/"a4d296427fc806b21335359e398c025c"
age
64635
x-cache
Hit from cloudfront
access-control-max-age
3000
access-control-allow-origin
*
last-modified
Thu, 07 Oct 2021 01:02:33 GMT
server
AmazonS3
date
Wed, 03 Nov 2021 03:55:13 GMT
vary
Origin
access-control-allow-methods
GET
content-type
application/javascript
via
1.1 91dc0292eef4e22508a3ae73fe64bbf5.cloudfront.net (CloudFront)
cache-control
public, max-age=86400
x-amz-cf-pop
FRA56-P5
x-amz-cf-id
ykjD2BQMUmSoTmMi84dPEX4phg3jF0WKcUmOMAgB6snsNLL0xxp2hg==
config
c.amazon-adsystem.com/cdn/prod/ 		779 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fwww.salon.com%2F&pubid=cb3b5777-430d-4622-b7fc-358cfa27d518
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.109.174 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
835818f0b8155a58255c00668cb2db2d90544cf7f79f344005e3b31992f63294

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.salon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 03 Nov 2021 17:16:38 GMT
via
1.1 0a624670dff351af866d2f19bde4a313.cloudfront.net (CloudFront)
server
Server
age
16550
x-cache
Hit from cloudfront
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.salon.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
x-amz-cf-pop
FRA56-P5
content-length
779
x-amz-cf-id
JtgPn3qqwSp7V8GPaRIzf6ykghVHIZlYUTYUsLyqdHIOgx4s2McOXg==
bid
c.amazon-adsystem.com/e/dtb/ 		23 B
492 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.salon.com%2F&pid=69xYEBehsLr34&cb=0&ws=1600x1200&v=7.70.0&t=2000&slots=%5B%7B%22sd%22%3A%22desktop-3%22%2C%22s%22%3A%5B%22728x90%22%2C%22300x250%22%5D%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A10%7D%2C%7B%22sd%22%3A%22desktop-4%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A10%7D%2C%7B%22sd%22%3A%22desktop-1%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A10%7D%2C%7B%22sd%22%3A%22desktop-2%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A10%7D%5D&schain=1.0%2C1!proper.io%2Ce5961d07-eb92-11e9-a488-69e3386c7506%2C1%2C%2C%2C&pubid=cb3b5777-430d-4622-b7fc-358cfa27d518&gdpre=1&gdprl=%7B%22status%22%3A%22tcfv2-success%22%2C%22cmpTimeout%22%3A25%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.109.174 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.salon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 03 Nov 2021 21:52:28 GMT
via
1.1 0a624670dff351af866d2f19bde4a313.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA56-P5
x-amz-rid
FFM93C704MFABMX2ZKAZ
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.salon.com
access-control-allow-credentials
true
permissions-policy
interest-cohort=()
strict-transport-security
max-age=47474747; includeSubDomains; preload
timing-allow-origin
*
content-length
23
x-amz-cf-id
r8-LFTlQLGPJJNat1-tL0gMlVPhjpz2MCulRWJBRYzgyMhUqiBx48Q==
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/657872957/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/657872957/?random=1635976348420&cv=9&fst=1635976348420&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=aar&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.salon.com%2F&tiba=Salon.com%20%7C%20News%2C%20Politics%2C%20Culture%2C%20Science%20%26%20Food&hn=www.googleadservices.com&us_privacy=1---&async=1&rfmt=3&fmt=4
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/properio/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fc039c22a1050accc48fa6b44de899b97fd3ceccd369eb8aca9457b07fa2ef28
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.salon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 03 Nov 2021 21:52:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1051
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
id5-api.js
cdn.id5-sync.com/api/1.0/ 		35 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.id5-sync.com/api/1.0/id5-api.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/properio/op.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.105.202.126 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
eb6883bc39782219d9eb3868c4e21acbdf949cc1a13bd35fb86bcb447488a977
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.salon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
content-encoding
br
x-cacheable
Matched cache
x-cdn-pop-ip
137.74.120.0/27
date
Wed, 03 Nov 2021 21:30:12 GMT
content-type
text/javascript;charset=utf-8
cache-control
max-age=3600
x-cdn-pop
sbg
content-disposition
attachment;filename="id5-api.js"
accept-ranges
bytes
content-length
10053
x-request-id
594182823
launcher
proc.ad.cpe.dotomi.com/cvx/client/direct/ 		423 B
628 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://proc.ad.cpe.dotomi.com/cvx/client/direct/launcher?version=1.0.8&lid=616
Requested by
Host: secure.cdn.fastclick.net
URL: https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a02:fa8:8806:13::1460 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
18c3ad9d69f010a2b28ea73c99136fd5d631996a7cd0a5b11e8e6b1d3c48ff5f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.salon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 03 Nov 2021 21:52:28 GMT
server
nginx
vary
Origin
content-type
application/json
access-control-allow-origin
https://www.salon.com
cache-control
max-age=1800
access-control-allow-credentials
true
content-length
423
expires
Wed, 03 Nov 2021 22:22:28 GMT
ll5yo5_960x540p_dashinit.mp4
d2um6xmmztr4fp.cloudfront.net/propervideo/processed-dash/ 		741 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://d2um6xmmztr4fp.cloudfront.net/propervideo/processed-dash/ll5yo5_960x540p_dashinit.mp4
Requested by
Host: player.propervideo.io
URL: https://player.propervideo.io/new_src/libraries/dash.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:d800:14:6f36:d40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2a7f73bfaf490b177aedc23d3d5f0dddc216ef3f7dd13731d4d81390aedc4f84

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.salon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 01 Nov 2021 18:01:19 GMT
via
1.1 e65c822edea04e16936bdb4537763dd5.cloudfront.net (CloudFront)
age
186670
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
741
last-modified
Fri, 29 Oct 2021 15:37:55 GMT
server
AmazonS3
etag
"d02e6735e1177a4d1381e8ca4add1a87"
vary
Origin
access-control-allow-methods
GET, POST, HEAD
x-amz-version-id
oNO8h3oxC_WAncAb1fnWOxhVRlQ63fX2
access-control-allow-origin
*
cache-control
public, s-maxage=31536000, max-age=31536000
x-amz-cf-pop
FRA60-P4
accept-ranges
bytes
content-type
video/mp4
x-amz-cf-id
KLmxZrwGUbE4_S7MJeJXGQTjFDDO2GNViOHGiPypr-kfr_TOwtmJVg==
ll5yo5_audio_128kinit.mp4
d2um6xmmztr4fp.cloudfront.net/propervideo/processed-dash/ 		638 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://d2um6xmmztr4fp.cloudfront.net/propervideo/processed-dash/ll5yo5_audio_128kinit.mp4
Requested by
Host: player.propervideo.io
URL: https://player.propervideo.io/new_src/libraries/dash.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:d800:14:6f36:d40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f87ad2c434484cb6527e56c7ba994c411a76d0033bb4aaa5784ce4310231e013

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.salon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 01 Nov 2021 18:01:19 GMT
via
1.1 e65c822edea04e16936bdb4537763dd5.cloudfront.net (CloudFront)
age
186670
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
638
last-modified
Fri, 29 Oct 2021 15:37:55 GMT
server
AmazonS3
etag
"0c0cca0dff830bc61aecda977086e44c"
vary
Origin
access-control-allow-methods
GET, POST, HEAD
x-amz-version-id
GwhXalcCO93q5_acwEHoIvSKo6KFVeDi
access-control-allow-origin
*
cache-control
public, s-maxage=31536000, max-age=31536000
x-amz-cf-pop
FRA60-P4
accept-ranges
bytes
content-type
video/mp4
x-amz-cf-id
BO9on7qTvUFthjKmADIVoglbuKFps7zKD-WQf5uZI309WJa9V5NO6g==
ll5yo5_960x540p_dash_000000001.mp4
d2um6xmmztr4fp.cloudfront.net/propervideo/processed-dash/ 		351 KB
352 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://d2um6xmmztr4fp.cloudfront.net/propervideo/processed-dash/ll5yo5_960x540p_dash_000000001.mp4
Requested by
Host: player.propervideo.io
URL: https://player.propervideo.io/new_src/libraries/dash.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:d800:14:6f36:d40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
09b2637f6b626bae4a48b7c900571558c0078dc2776eedcb4d12ad54031ff718

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.salon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 01 Nov 2021 18:01:20 GMT
via
1.1 e65c822edea04e16936bdb4537763dd5.cloudfront.net (CloudFront)
age
186669
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
359860
last-modified
Fri, 29 Oct 2021 15:37:35 GMT
server
AmazonS3
etag
"30d145b0398c2462f4a9bc01b3e2a712"
vary
Origin
access-control-allow-methods
GET, POST, HEAD
x-amz-version-id
.Xqy3JlVA67wsPjdg6IzVzLh31SOm5Se
access-control-allow-origin
*
cache-control
public, s-maxage=31536000, max-age=31536000
x-amz-cf-pop
FRA60-P4
accept-ranges
bytes
content-type
video/mp4
x-amz-cf-id
EjvE76jCFNe_bxIxIM-D55fvGMH-ydnppicPMfEcLSV8_WHwl9tj9Q==
ll5yo5_audio_128k_000000001.mp4
d2um6xmmztr4fp.cloudfront.net/propervideo/processed-dash/ 		196 KB
197 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://d2um6xmmztr4fp.cloudfront.net/propervideo/processed-dash/ll5yo5_audio_128k_000000001.mp4
Requested by
Host: player.propervideo.io
URL: https://player.propervideo.io/new_src/libraries/dash.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:d800:14:6f36:d40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1473e3c63c2f09c096c1c42637f43e5f3bdc8d3c1c40443ad07764e19de05dce

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.salon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Mon, 01 Nov 2021 18:01:20 GMT
via
1.1 e65c822edea04e16936bdb4537763dd5.cloudfront.net (CloudFront)
age
186669
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
200610
last-modified
Fri, 29 Oct 2021 15:37:35 GMT
server
AmazonS3
etag
"ffc86e6ee92811f71531265ab2163ecd"
vary
Origin
access-control-allow-methods
GET, POST, HEAD
x-amz-version-id
jhqF.HoKxsNbRzl2uMGbsH06uevNI.L8
access-control-allow-origin
*
cache-control
public, s-maxage=31536000, max-age=31536000
x-amz-cf-pop
FRA60-P4
accept-ranges
bytes
content-type
video/mp4
x-amz-cf-id
jMY3fx1-lgjbWtjrV0qXTPD-opnhym999ghGr5cg74poN9E257hgEA==
pubcid.min.js
secure.cdn.fastclick.net/js/pubcid/latest/ 		53 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js
Requested by
Host: secure.cdn.fastclick.net
URL: https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.89.31.187 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-89-31-187.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
a4350fed8ed92bbf4f462fc245028928ac33afa25d2231b28c334b91cd0d3952

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.salon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 03 Nov 2021 21:52:28 GMT
content-encoding
gzip
last-modified
Tue, 01 Jun 2021 17:06:57 GMT
server
Apache
etag
"d398-5c3b75e9ebb41-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=900
accept-ranges
bytes
content-length
17087
expires
Wed, 03 Nov 2021 22:07:28 GMT
coreid.min.js
secure.cdn.fastclick.net/js/cnvr-coreid/latest/ 		196 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.cdn.fastclick.net/js/cnvr-coreid/latest/coreid.min.js
Requested by
Host: secure.cdn.fastclick.net
URL: https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.89.31.187 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-89-31-187.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7bcea2a6b05fd4d0aa03bf8cae7c1bcd0719d7acb0d4c30bd675b1b20c11bd00

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.salon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 03 Nov 2021 21:52:28 GMT
content-encoding
gzip
last-modified
Thu, 21 Oct 2021 17:07:21 GMT
server
Apache
etag
"30e24-5cedfed84fbab-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=900
accept-ranges
bytes
content-length
59124
expires
Wed, 03 Nov 2021 22:07:28 GMT
/
www.google.com/pagead/1p-user-list/657872957/ 		42 B
154 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/657872957/?random=1635976348420&cv=9&fst=1635973200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=aar&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.salon.com%2F&tiba=Salon.com%20%7C%20News%2C%20Politics%2C%20Culture%2C%20Science%20%26%20Food&async=1&fmt=3&is_vtc=1&random=2531035644&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: www.salon.com
URL: https://www.salon.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.salon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 03 Nov 2021 21:52:28 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/657872957/ 		42 B
154 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/657872957/?random=1635976348420&cv=9&fst=1635973200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=aar&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.salon.com%2F&tiba=Salon.com%20%7C%20News%2C%20Politics%2C%20Culture%2C%20Science%20%26%20Food&async=1&fmt=3&is_vtc=1&random=2531035644&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: www.salon.com
URL: https://www.salon.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.salon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 03 Nov 2021 21:52:28 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
s2s
eb.proper.io/ 		565 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://eb.proper.io/s2s
Requested by
Host: global.proper.io
URL: https://global.proper.io/payloads/1.91.0-kargo-page-takeover.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:4f22 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5761b272a2e871ff233affaff65a826a9543c40397b5c04ef63b1644ea3f5ba0

Request headers

Referer
https://www.salon.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 03 Nov 2021 21:52:29 GMT
content-encoding
br
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.salon.com
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-timing
dur:244
cf-ray
6a88d473bf10694c-FRA
expires
-1
sync.php
pixel-us-west.rubiconproject.com/exchange/ Frame 1A88 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-us-west.rubiconproject.com/exchange/sync.php?p=8777&us_privacy=1---
Requested by
Host: www.salon.com
URL: https://www.salon.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
8.39.36.141 Los Angeles, United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
dbbc2dbf689859fb5870b364473d5441
Content-Type
image/gif
halo_match
ids.ad.gt/api/v1/ 		43 B
651 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ids.ad.gt/api/v1/halo_match?id=de073e09-6df1-4182-9ecf-5314e62cd9e4&halo_id=0201wslsds07jv2yg08xizqr0bwpa1w0evvljv1k7cm961o8b5po0ntek210qskvk40trr7270wqxik90zq3u2c12pa5j31k0gxf118nmsj90fzd0bt1elzfjf1hl5r1i1kkc2jl
Requested by
Host: www.salon.com
URL: https://www.salon.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.35.10.191 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-35-10-191.us-west-2.compute.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.salon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 03 Nov 2021 21:52:29 GMT
cache-control
public, max-age=43200
server
nginx/1.18.0
content-type
image/gif
expires
Thu, 04 Nov 2021 09:52:28 GMT
getpixels
pixels.ad.gt/api/v1/ 		0
344 B 		Script
General
Check archive.org
Download Go to
Full URL
https://pixels.ad.gt/api/v1/getpixels?tagger_id=463c1c04f97df6052c8b767511c8557d&url=https%3A%2F%2Fwww.salon.com%2F&code=%27none%27
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/properio/op.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.84.44.29 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-84-44-29.us-west-2.compute.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.salon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

access-control-allow-origin
*
date
Wed, 03 Nov 2021 21:52:29 GMT
server
nginx/1.18.0
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-allow-methods
GET, POST, OPTIONS
access-control-expose-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
fbevents.js
connect.facebook.net/en_US/ 		98 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: p.ad.gt
URL: https://p.ad.gt/api/v1/p/317
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
b23807a4c5d90afca0dc47d688c0a05302779429dab75f5e6182562dcc2970f6
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.salon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
25965
x-xss-protection
0
pragma
public
x-fb-debug
MrYJBbCDh4eJ+RD660m8D9Af49fynVnrZLqrH40XVBHBel4WpL7ukIXXNGZaKtJvsWhcOTvslJzw9DgmUVJ6BQ==
x-fb-trip-id
686109401
x-frame-options
DENY
date
Wed, 03 Nov 2021 21:52:28 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
expires
Sat, 01 Jan 2000 00:00:00 GMT
ecommerce.js
www.google-analytics.com/plugins/ua/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/plugins/ua/ecommerce.js
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8e1b84265e633c043720dd0921476c16bc9f75e393e855c9116ca7c3a847b5c7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.salon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 03 Nov 2021 21:01:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3068
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
738
x-xss-protection
0
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Wed, 03 Nov 2021 22:01:20 GMT
ec.js
www.google-analytics.com/plugins/ua/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/plugins/ua/ec.js
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.salon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 03 Nov 2021 21:36:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
933
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1306
x-xss-protection
0
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Wed, 03 Nov 2021 22:36:55 GMT
openx
ids.ad.gt/api/v1/
Redirect Chain
  • https://u.openx.net/w/1.0/cm?id=998eaf06-9905-4eae-9e26-9fac75960c53&r=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fopenx%3Fopenx_id%3D%7BOPENX_ID%7D%26id%3D0201wslsds07jv2yg08xizqr0bwpa1w0evvljv1k7cm961o8...
  • https://ids.ad.gt/api/v1/openx?openx_id=b1cd52bf-7c41-06c9-3cf9-58b91a5e6242&id=0201wslsds07jv2yg08xizqr0bwpa1w0evvljv1k7cm961o8b5po0ntek210qskvk40trr7270wqxik90zq3u2c12pa5j31k0gxf118nmsj90fzd0bt1e...
43 B
482 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ids.ad.gt/api/v1/openx?openx_id=b1cd52bf-7c41-06c9-3cf9-58b91a5e6242&id=0201wslsds07jv2yg08xizqr0bwpa1w0evvljv1k7cm961o8b5po0ntek210qskvk40trr7270wqxik90zq3u2c12pa5j31k0gxf118nmsj90fzd0bt1elzfjf1hl5r1i1kkc2jl&auid=de073e09-6df1-4182-9ecf-5314e62cd9e4
Requested by
Host: www.salon.com
URL: https://www.salon.com/
Protocol
H2
Server
52.35.10.191 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-35-10-191.us-west-2.compute.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.salon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 03 Nov 2021 21:52:29 GMT
cache-control
public, max-age=43200
server
nginx/1.18.0
content-type
image/gif
expires
Thu, 04 Nov 2021 09:52:29 GMT

Redirect headers

date
Wed, 03 Nov 2021 21:52:28 GMT
content-encoding
gzip
server
OXGW/16.218.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://ids.ad.gt/api/v1/openx?openx_id=b1cd52bf-7c41-06c9-3cf9-58b91a5e6242&id=0201wslsds07jv2yg08xizqr0bwpa1w0evvljv1k7cm961o8b5po0ntek210qskvk40trr7270wqxik90zq3u2c12pa5j31k0gxf118nmsj90fzd0bt1elzfjf1hl5r1i1kkc2jl&auid=de073e09-6df1-4182-9ecf-5314e62cd9e4
content-type
image/gif
alt-svc
clear
content-length
0
via
1.1 google
1853083501571805
connect.facebook.net/signals/config/ 		307 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1853083501571805?v=2.9.48&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
8bb4f7ed5a9c1317c29a70fd33a14a262386564f4d6e927cf0366d591f4d3745
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.salon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
90323
x-xss-protection
0
pragma
public
x-fb-debug
iAa4bhZWcjT5QrdND8sLXLEofxlQCkyzVf/I96BgPVCsnaKxk5/cg753nSp7hhhryLp/QGz84YKewPksreihjQ==
x-fb-trip-id
686109401
x-frame-options
DENY
date
Wed, 03 Nov 2021 21:52:28 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 1A88
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470&us_privacy=1---
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1ZLMjJTWUctRS1ESzUw&us_privacy=1---
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1ZLMjJTWUctRS1ESzUw&us_privacy=1---
Requested by
Host: www.salon.com
URL: https://www.salon.com/
Protocol
H3
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 03 Nov 2021 21:52:28 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1ZLMjJTWUctRS1ESzUw&us_privacy=1---
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
4b510f0cc5fcbc9800016ef543086418
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
709414.gif
id.rlcdn.com/ Frame 1A88 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.rlcdn.com/709414.gif?us_privacy=1---
Requested by
Host: www.salon.com
URL: https://www.salon.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers
tap.php
pixel.rubiconproject.com/ Frame 1A88
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D&us_privacy=1---
  • https://sync-tm.everesttech.net/ct/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D&us_privacy=1---&_test=YYMEnQAB2NTyTwBR
  • https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YYMEnQAB2NTyTwBR&us_privacy=1---&_test=YYMEnQAB2NTyTwBR
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YYMEnQAB2NTyTwBR&us_privacy=1---&_test=YYMEnQAB2NTyTwBR
Requested by
Host: www.salon.com
URL: https://www.salon.com/
Protocol
HTTP/1.1
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
78e3bdce5107450057bade54d54a0a7e
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Wed, 03 Nov 2021 21:52:29 GMT
via
1.1 varnish
server
Varnish
x-timer
S1635976349.084532,VS0,VE0
x-served-by
cache-fra19175-FRA
x-cache
HIT
location
https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YYMEnQAB2NTyTwBR&us_privacy=1---&_test=YYMEnQAB2NTyTwBR
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
tap.php
pixel.rubiconproject.com/ Frame 1A88
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=9&redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4222%26nid%3D1512%26put%3D%5BMM_UUID%5D&us_privacy=1---
  • https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=26c36183-049c-4200-bdf9-d4fcbf34bc7f
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=26c36183-049c-4200-bdf9-d4fcbf34bc7f
Requested by
Host: www.salon.com
URL: https://www.salon.com/
Protocol
HTTP/1.1
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
78e3bdce5107450057bade54d54a0a7e
Content-Type
image/gif

Redirect headers

Date
Wed, 03 Nov 2021 21:52:29 GMT
Server
MT3 4067 88cc6bf master zrh-pixel-x10 config:1.0.0
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=26c36183-049c-4200-bdf9-d4fcbf34bc7f
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Wed, 03 Nov 2021 21:52:28 GMT
tap.php
pixel.rubiconproject.com/ Frame 1A88
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&us_privacy=1---
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEN3L5ys8MBz7LPjMR25cHLo&google_cver=1
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEN3L5ys8MBz7LPjMR25cHLo&google_cver=1
Requested by
Host: www.salon.com
URL: https://www.salon.com/
Protocol
HTTP/1.1
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
78e3bdce5107450057bade54d54a0a7e
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Wed, 03 Nov 2021 21:52:28 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEN3L5ys8MBz7LPjMR25cHLo&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 1A88
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n&us_privacy=1---
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=N2QwYzIzMjRiNjk4MGM5OTYwZTE0NmMzNmE3ZjFiNGEzZjIwYzk2Zg&us_privacy=1---
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=N2QwYzIzMjRiNjk4MGM5OTYwZTE0NmMzNmE3ZjFiNGEzZjIwYzk2Zg&us_privacy=1---
Requested by
Host: www.salon.com
URL: https://www.salon.com/
Protocol
H3
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 03 Nov 2021 21:52:28 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=N2QwYzIzMjRiNjk4MGM5OTYwZTE0NmMzNmE3ZjFiNGEzZjIwYzk2Zg&us_privacy=1---
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
4b510f0cc5fcbc9800016ef543086418
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 1A88
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1&us_privacy=1---
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/gzOaRmSsctoNAp7-VvYNFg?csrc=&us_privacy=1---
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=3726590077018230994
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=3726590077018230994
Requested by
Host: www.salon.com
URL: https://www.salon.com/
Protocol
HTTP/1.1
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
78e3bdce5107450057bade54d54a0a7e
Content-Type
image/gif

Redirect headers

date
Wed, 03 Nov 2021 21:52:29 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=3726590077018230994
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
rubicon
match.adsrvr.org/track/cmf/ Frame 1A88 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/rubicon?us_privacy=1---
Requested by
Host: www.salon.com
URL: https://www.salon.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 03 Nov 2021 21:52:28 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
/
www.facebook.com/tr/ 		44 B
313 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1853083501571805&ev=PageView&dl=https%3A%2F%2Fwww.salon.com%2F&rl=&if=false&ts=1635976348974&cd[partner_id]=317&cd[tagger_id]=463c1c04f97df6052c8b767511c8557d&sw=1600&sh=1200&v=2.9.48&r=stable&ec=0&o=30&fbp=fb.1.1635976348973.1094589520&it=1635976348941&coo=false&tm=1&rqm=GET
Requested by
Host: www.salon.com
URL: https://www.salon.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.salon.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 03 Nov 2021 21:52:28 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
44
expires
Wed, 03 Nov 2021 21:52:28 GMT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame F217 		14 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156374&s=206686&predirect=
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/properio/op.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.salon.com/

Response headers

last-modified
Tue, 15 Jun 2021 06:08:03 GMT
etag
"1300708-3945-5c4c7cc02bd56"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
5054
content-type
text/html; charset=UTF-8
cache-control
max-age=79940
expires
Thu, 04 Nov 2021 20:04:49 GMT
date
Wed, 03 Nov 2021 21:52:29 GMT
vary
Accept-Encoding
/
www.facebook.com/tr/ Frame 0EBE 		0
106 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/tr/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests
1
Origin
https://www.salon.com
Content-Type
application/x-www-form-urlencoded
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.salon.com/

Response headers

content-type
text/plain
access-control-allow-origin
https://www.salon.com
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
content-length
0
server
proxygen-bolt
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
date
Wed, 03 Nov 2021 21:52:29 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame F217 		3 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=71335562&p=156374&s=206686&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156374&s=206686&predirect=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
41dbe6877836b16b7cf03d00fd0f0edd99a970103ff9fb21502223f0f1ab6715

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 03 Nov 2021 21:52:29 GMT
content-type
text/html; charset=UTF-8
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
match
c1.adform.net/serving/cookie/ Frame A0EE
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&cid=0FE355CA-71C4-40AC-AC05-98C8E8C1D328
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=0FE355CA-71C4-40AC-AC05-98C8E8C1D328
35 B
468 B 		Document
General
Check archive.org
Download Go to
Full URL
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=0FE355CA-71C4-40AC-AC05-98C8E8C1D328
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156374&s=206686&predirect=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.252 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
s1.adform.net
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Wed, 03 Nov 2021 21:52:29 GMT
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate, no-transform
pragma
no-cache
expires
-1
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
strict-transport-security
max-age=31536000; includeSubDomains

Redirect headers

server
nginx
date
Wed, 03 Nov 2021 21:52:29 GMT
content-length
0
location
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=0FE355CA-71C4-40AC-AC05-98C8E8C1D328
cache-control
no-cache, no-store, must-revalidate, no-transform
pragma
no-cache
expires
-1
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
strict-transport-security
max-age=31536000; includeSubDomains
Pug
image2.pubmatic.com/AdServer/ Frame 0F2F
Redirect Chain
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=3341736361121403267
42 B
209 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=3341736361121403267
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156374&s=206686&predirect=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Wed, 03 Nov 2021 21:52:27 GMT
content-type
image/gif; charset=utf-8
content-length
42
x-lat
amspug010:0:416
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=3341736361121403267
content-length
0
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
usersync.aspx
dis.criteo.com/dis/ Frame E07E 		43 B
334 B 		Document
General
Check archive.org
Download Go to
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156374&s=206686&predirect=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.163 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

date
Wed, 03 Nov 2021 21:52:29 GMT
content-type
image/gif
server
Kestrel
cache-control
no-cache
pragma
no-cache
expires
Wed, 03 Nov 2021 00:00:00 GMT
x-errorlevel
0
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
367896
Pug
simage2.pubmatic.com/AdServer/ Frame B746
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7026464915995818126
42 B
210 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7026464915995818126
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156374&s=206686&predirect=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Wed, 03 Nov 2021 21:52:28 GMT
content-type
image/gif; charset=utf-8
content-length
42
x-lat
amspug011:0:502
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

Server
nginx
Date
Wed, 03 Nov 2021 21:52:29 GMT
Transfer-Encoding
chunked
Connection
keep-alive
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7026464915995818126
Pug
simage2.pubmatic.com/AdServer/ Frame 83DB
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YYMEnQAB2NTyTwBR&gdpr=0&gdpr_consent=
1 B
336 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YYMEnQAB2NTyTwBR&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156374&s=206686&predirect=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Wed, 03 Nov 2021 21:52:28 GMT
content-type
text/html; charset=utf-8
content-length
1
x-lat
amspug018:0:424
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

server
Varnish
retry-after
0
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YYMEnQAB2NTyTwBR&gdpr=0&gdpr_consent=
accept-ranges
bytes
date
Wed, 03 Nov 2021 21:52:29 GMT
via
1.1 varnish
x-served-by
cache-fra19175-FRA
x-cache
HIT
x-cache-hits
0
x-timer
S1635976350.530036,VS0,VE0
cache-control
no-cache
pragma
no-cache
content-length
0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame F217
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=D-NVynHEQKysBZjI6MHTKA%3D%3D
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156374&s=206686&predirect=
Protocol
H2
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 03 Nov 2021 21:52:29 GMT
content-encoding
gzip
last-modified
Tue, 15 Jun 2021 06:08:03 GMT
server
Apache/2.2.15 (CentOS)
etag
"1300708-3945-5c4c7cc02bd56"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=79940
accept-ranges
bytes
content-type
text/html; charset=UTF-8
content-length
5054
expires
Thu, 04 Nov 2021 20:04:49 GMT

Redirect headers

pragma
no-cache
date
Wed, 03 Nov 2021 21:52:29 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
272
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
SPug
image4.pubmatic.com/AdServer/ Frame F217
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=26c36183-049c-4200-bdf9-d4fcbf34bc7f
0
48 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=26c36183-049c-4200-bdf9-d4fcbf34bc7f
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156374&s=206686&predirect=
Protocol
H2
Server
198.47.127.20 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 03 Nov 2021 21:52:28 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Wed, 03 Nov 2021 21:52:29 GMT
Server
MT3 4067 88cc6bf master zrh-pixel-x29 config:1.0.0
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=26c36183-049c-4200-bdf9-d4fcbf34bc7f
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Wed, 03 Nov 2021 21:52:28 GMT
/
pixel.onaudience.com/ Frame F217
Redirect Chain
  • https://pixel.onaudience.com/?partner=214&mapped=0FE355CA-71C4-40AC-AC05-98C8E8C1D328
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D
  • https://sync.crwdcntrl.net/map/ct=y/c=8587/tp=CLOD?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D
  • https://pixel.onaudience.com/?partner=104&icm&cver&mapped=8271dfd1a37bf1b578d39bce3623eb92
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25&xl8blockcheck=1
  • https://pixel.onaudience.com/?partner=161&icm&cver&mapped=c84561eeab0819e65acb9ff06655330a
35 B
247 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.onaudience.com/?partner=161&icm&cver&mapped=c84561eeab0819e65acb9ff06655330a
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156374&s=206686&predirect=
Protocol
HTTP/1.1
Server
51.222.80.231 , Canada, ASN16276 (OVH, FR),
Reverse DNS
pikafka-4.cloudy.ovh
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-length
35
content-type
image/gif

Redirect headers

date
Wed, 03 Nov 2021 21:52:30 GMT
server
nginx
x-powered-by
Undertow/1
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
location
https://pixel.onaudience.com/?partner=161&icm&cver&mapped=c84561eeab0819e65acb9ff06655330a
cache-control
no-cache
access-control-allow-credentials
true
content-type
text/html
content-length
0
Pug
image2.pubmatic.com/AdServer/ Frame F217
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MEZFMzU1Q0EtNzFDNC00MEFDLUFDMDUtOThDOEU4QzFEMzI4&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
186 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156374&s=206686&predirect=
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 03 Nov 2021 21:52:29 GMT
cache-control
no-store, no-cache, private
x-lat
amspug014:0:316
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Wed, 03 Nov 2021 21:52:29 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame F217
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEEz-klMq_ONqlNaLId9z8RA&google_cver=1
42 B
438 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEEz-klMq_ONqlNaLId9z8RA&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156374&s=206686&predirect=
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 03 Nov 2021 21:52:27 GMT
cache-control
no-store, no-cache, private
x-lat
amspug003:0:543
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Wed, 03 Nov 2021 21:52:29 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEEz-klMq_ONqlNaLId9z8RA&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubmatic
um.simpli.fi/ Frame F217 		43 B
612 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156374&s=206686&predirect=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
159.253.128.188 Amsterdam, Netherlands, ASN36351 (SOFTLAYER, US),
Reverse DNS
bc.80.fd9f.ip4.static.sl-reverse.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 03 Nov 2021 21:52:29 GMT
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Tue, 02 Nov 2021 21:52:29 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame F217
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:26c36183-049c-4200-bdf9-d4fcbf34bc7f&gdpr=0&gdpr_consent=
42 B
341 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:26c36183-049c-4200-bdf9-d4fcbf34bc7f&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156374&s=206686&predirect=
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 03 Nov 2021 21:52:28 GMT
cache-control
no-store, no-cache, private
x-lat
amspug013:0:412
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Wed, 03 Nov 2021 21:52:29 GMT
Server
MT3 4067 88cc6bf master zrh-pixel-x29 config:1.0.0
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:26c36183-049c-4200-bdf9-d4fcbf34bc7f&gdpr=0&gdpr_consent=
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Wed, 03 Nov 2021 21:52:28 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame F217
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=b25042a1-920c-4527-ab1d-1239a8bb2046
42 B
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=b25042a1-920c-4527-ab1d-1239a8bb2046
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156374&s=206686&predirect=
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 03 Nov 2021 21:52:28 GMT
cache-control
no-store, no-cache, private
x-lat
amspug015:0:397
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Wed, 03 Nov 2021 21:52:29 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=b25042a1-920c-4527-ab1d-1239a8bb2046
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
313
Pug
simage2.pubmatic.com/AdServer/ Frame F217
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=235704883405741506
42 B
389 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=235704883405741506
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156374&s=206686&predirect=
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 03 Nov 2021 21:33:39 GMT
cache-control
no-store, no-cache, private
x-lat
amspug0021:0:379
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Wed, 03 Nov 2021 21:52:29 GMT
server
nginx
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=235704883405741506
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
Pug
image2.pubmatic.com/AdServer/ Frame F217
Redirect Chain
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=2122704094273706711&gdpr=0&gdpr_consent=
42 B
386 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=2122704094273706711&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156374&s=206686&predirect=
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 03 Nov 2021 21:52:28 GMT
cache-control
no-store, no-cache, private
x-lat
amspug017:0:409
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Pragma
no-cache
Date
Wed, 03 Nov 2021 21:52:29 GMT
X-Proxy-Origin
136.243.198.80; 136.243.198.80; 690.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
cbe478df-82dc-4146-b01e-3ea43411c781
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=2122704094273706711&gdpr=0&gdpr_consent=
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame F217
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=TowMOkiJDWtVhAU_SYoZOx7bAz1V2ww9GYhPLltU
42 B
272 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=TowMOkiJDWtVhAU_SYoZOx7bAz1V2ww9GYhPLltU
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156374&s=206686&predirect=
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 03 Nov 2021 21:52:28 GMT
cache-control
no-store, no-cache, private
x-lat
amspug020:0:506
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Wed, 03 Nov 2021 21:52:29 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=TowMOkiJDWtVhAU_SYoZOx7bAz1V2ww9GYhPLltU
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
SPug
image4.pubmatic.com/AdServer/ Frame F217
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=0FE355CA-71C4-40AC-AC05-98C8E8C1D328&redir=true&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-pPG9iqlE2uXwPuwKDGA9iRPPWklPUAY-~A&gdpr=0&gdpr_consent=
0
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-pPG9iqlE2uXwPuwKDGA9iRPPWklPUAY-~A&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156374&s=206686&predirect=
Protocol
H2
Server
198.47.127.20 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 03 Nov 2021 21:52:28 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Wed, 03 Nov 2021 21:52:29 GMT
Server
ATS/7.1.2.138
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-pPG9iqlE2uXwPuwKDGA9iRPPWklPUAY-~A&gdpr=0&gdpr_consent=
Connection
keep-alive
Content-Length
0
0FE355CA-71C4-40AC-AC05-98C8E8C1D328
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame F217 		43 B
872 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/0FE355CA-71C4-40AC-AC05-98C8E8C1D328?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156374&s=206686&predirect=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3601:cd4:b591:26a5:2dfd Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 03 Nov 2021 21:52:29 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
Pug
simage2.pubmatic.com/AdServer/ Frame F217
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://event.clientgear.com/cookie/bidswitch?partner=bidswitch&bidswitch_ssp_id=pubmatic&bsw_custom_parameter=e096de5a-79d2-448d-9f49-a19e33134835
  • https://x.bidswitch.net/sync?dsp_id=257&user_id=mk32fba9f1-3989-45d7-98e7-cee2b85083f8&expires=7&user_group=5&ssp=pubmatic&bsw_param=e096de5a-79d2-448d-9f49-a19e33134835
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=e096de5a-79d2-448d-9f49-a19e33134835&gdpr=&gdpr_consent=&gdpr_pd=
1 B
199 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=e096de5a-79d2-448d-9f49-a19e33134835&gdpr=&gdpr_consent=&gdpr_pd=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156374&s=206686&predirect=
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 03 Nov 2021 21:52:27 GMT
cache-control
no-store, no-cache, private
x-lat
amspug003:0:406
server
nginx
content-type
text/html; charset=utf-8
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
//simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=e096de5a-79d2-448d-9f49-a19e33134835&gdpr=&gdpr_consent=&gdpr_pd=
Date
Wed, 03 Nov 2021 21:52:29 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
SPug
simage4.pubmatic.com/AdServer/ Frame F217 		0
128 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=156374&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156374&s=206686&predirect=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.20 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date
Wed, 03 Nov 2021 21:52:30 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Verdicts & Comments Add Verdict or Comment

271 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| onbeforexrselect function| reportError boolean| originAgentCluster object| scheduler object| __tti object| salon_config object| propervideotag undefined| testDropProper undefined| testDropProperVideo undefined| testDropRevContent undefined| testDropQuantCast object| testDropLaterpay object| properSpecialOps function| visual_change function| disable_btn function| show_modal function| toggle_mobile_nav function| disclaimerButton function| kill_modal function| getCookie function| parseCookie function| setCookie function| focustime function| getRTPVersion boolean| adsRemovedWith function| proper_callback_function undefined| style object| propertag boolean| use_adblock boolean| load_proper_message_var object| script function| handle_toggle function| remove function| load_proper_message number| counter object| _sf_async_config object| _cbq string| GoogleAnalyticsObject function| ga object| cookies object| perfMetrics function| display_onload object| _qevents object| observers object| global_items string| device_type number| req_id function| lazy_load function| on_intersection function| classic_lazy_load function| throttle function| guid function| get_device_type object| _cb_shared object| pSUPERFLY_mab object| pSUPERFLY function| quantserve function| __qc object| ezt object| _qoptions function| qtrack object| __connect object| googletag object| pbjs object| google_tag_data object| gaplugins object| gaGlobal object| gaData function| __d3lUW8vwsKlB__ object| d1 object| d2 boolean| payload_loaded object| _cbm function| verify_email function| add_loader function| close_loader function| randNum function| get_social_shares function| transform_number function| change_display function| expire_token function| add_to_db function| enable_btn boolean| lazy_loaded_related_articles boolean| lazy_loaded_trending_articles function| get_trending_articles function| get_related_articles function| $ function| jQuery boolean| lazy_loaded_video_player boolean| lazy_loaded_rev_content function| loadAllAds function| load_rev_content function| load_propervideo_only function| load_rumble function| lazy_load_video_player string| live_src_code string| test_src_code function| getUrlParameter function| goBack function| view_in_app function| getAPIRoot function| deleteCookie function| parseJwt function| oauthLogin function| getLatestJWLivestream function| switch_description function| stripe_checkout object| PushlySDK function| pushly function| add_pushly string| shared_cookie_name function| isSharedPremiumUser function| generateGUID function| storeGUID function| getAlerts object| NProgress function| adFreeCheck function| lpAccessDenied function| lpHasAccess function| SelectionSharer boolean| lazy_loaded_twitter function| lazy_load_twitter function| getPurchaseLinks function| carousel_logic object| loginModal function| signup_password_validation function| switch_logins function| show_signup function| salon_register function| logOut function| toggle_display function| salon_login function| salon_forgot_username function| salon_forgot_password function| link_accounts function| new_social_account function| other_login function| change_resend_button function| send_verification function| switch_profile_view object| changesForm function| change_password function| new_password_validation function| handle_save function| save_article_request function| replace_save_button function| delete_saved_article function| check_save function| handle_subscription function| delete_account function| enable_button boolean| lpAccess object| sharedPremium object| Scroll object| _0x1ac4 function| _0x2ad4 function| _0x32639f object| ProperMedia function| proper_log function| proper_debug_console function| proper_debug_overlay function| proper_display function| proper_render function| disableSlotRefresh function| logMatchingResponse function| properSpaNewPage function| properInfNewPage function| properBuildSlots function| properDeleteSlot function| properDestroyDfpSlot function| proper_remnant function| runATS function| publisherAudiencesOptOut function| refreshAuctionAndSlotsByName object| TraceKit function| UAParser string| PBJS_USER_ID_OPTOUT_NAME object| device string| SYNC_ENDPOINT string| NON_MEASURABLE number| accountId object| default_ContributorServingResponseClientJs object| __googlefc object| googlefc object| N2ZkNTNkMjU2YWNmOTVmMWxvYWRlcl9qcw== string| N2ZkNTNkMjU2YWNmOTVmMWNhY2hlZF9qcw== string| __fcInvoked string| __fcexpdef object| __fcInternalApiManager boolean| __fcInternalApiPostMessageReady object| __tcfapiEventListeners function| __tcfapi object| __tcfapiManager boolean| __tcfapiPostMessageReady function| __uspapi object| __uspapiManager object| ProperMediaVideo function| propervideo_log function| propervideo_display object| dataLayer function| gtag string| proper_ad_page_uuid function| proper_fb61bbd8_27844157_1 function| proper_06346978_c92a9092_2 function| proper_521e846b_0f49e151_3 function| proper_fd733044_3b374cbb_4 function| proper_531d2ad7_f521e197_5 function| proper_1882cfa7_f743c969_6 function| proper_745ee9d3_8e5a06ca_7 function| proper_2edee819_ae957c85_8 function| proper_75048cb8_1da86cd5_9 function| proper_6112ef52_77646783_10 function| proper_b0888021_744004e3_11 object| cnvr_launcher_options number| proper_rps string| proper_ad_session_uuid string| key object| SotjAR2 function| SotjAR3 object| xop object| data string| x object| apstag object| link1 object| link2 string| placementId object| google_tag_manager object| ggeac object| google_js_reporting_queue object| default_ContributorIabTcfV2ClientJs function| __g78fHfh446__ object| oaPMWm2 function| oaPMWm3 function| xblocker object| nd6eXX function| nd6eXJ function| xblacklist object| response object| dashjs object| conversant object| auvars object| regeneratorRuntime object| core function| setImmediate function| clearImmediate object| ats boolean| apstagLOADED function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter undefined| google_measure_js_timing function| GooglemKTybQhCsO function| google_trackConversion object| GooglebQhCsO object| pubcid_options object| publink_options object| PublisherCommonId object| coreid object| ID5 object| au function| docReady object| autag function| fbq function| _fbq

119 Cookies

Domain/Path Name / Value
www.salon.com/ Name: _cb_ls
Value: 1
www.salon.com/ Name: _cb
Value: sbGNuC-jN9sBq4qXD
www.salon.com/ Name: _chartbeat2
Value: .1635976347485.1635976347485.1.BBz8qxDfNTJfUnxzkT_N6KDvh_Yo.1
www.salon.com/ Name: _cb_svref
Value: null
.salon.com/ Name: _ga
Value: GA1.2.1893018188.1635976348
.salon.com/ Name: _gid
Value: GA1.2.1821141482.1635976348
.salon.com/ Name: _gat
Value: 1
www.salon.com/ Name: proper_rtp_split_test
Value: {"version_id":"10146","release_ts":"2021-11-03 14:26:24"}
www.salon.com/ Name: salon-page-view-count
Value: 1
.quantserve.com/ Name: mc
Value: 6183049b-91617-2ff74-f84a5
.salon.com/ Name: __qca
Value: P0-1727713511-1635976347577
.salon.com/ Name: FCCDCF
Value: [null,null,["[[],[],[],[],null,null,true]",1635976347667],null,null,null,[]]
.bidswitch.net/ Name: tuuid
Value: e096de5a-79d2-448d-9f49-a19e33134835
.bidswitch.net/ Name: c
Value: 1635976347
.bidswitch.net/ Name: tuuid_lu
Value: 1635976347
.yahoo.com/ Name: A3
Value: d=AQABBJsEg2ECEKq7W1fjv5ZQomnJOT9XxzkFEgEBAQFWhGGMYQAAAAAA_eMAAA&S=AQAAAsjfcI1BfLo_taPs8iTkMHs
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 0FE355CA-71C4-40AC-AC05-98C8E8C1D328
.salon.com/ Name: _gcl_au
Value: 1.1.836585364.1635976348
.advertising.com/ Name: APID
Value: UP5649fdf7-3cf0-11ec-986e-02b6af95a6ec
.openx.net/ Name: i
Value: 4b217483-5c4a-06c2-35d4-840169069ebb|1635976347
.ad.gt/ Name: au_id
Value: de073e09-6df1-4182-9ecf-5314e62cd9e4
.ad.gt/ Name: au_idmatch
Value: {"apn": "2021-11-03", "ttd": "2021-11-03", "pub": "2021-11-03", "adx": "2021-11-03", "halo": "2021-11-03", "goo": "2021-11-03", "bees": "2021-11-03", "taboola": "2021-11-03", "son": "2021-11-03"}
.lijit.com/ Name: ljtrtb
Value: eJyrrgUAAXUA%2BQ%3D%3D
.lijit.com/ Name: ljt_reader
Value: ee7a46292955ca3003b483fc
.rubiconproject.com/ Name: khaos
Value: KVK22SYG-E-DK50
.rubiconproject.com/ Name: rsid
Value: 1|BdCsOVsH/a/fRiqn0c18Mxvc5rJaP5uXhxptBfrzPAh1r4H5OGjlRsLybbqMiOGkSHO3tT2oYW2peUfJM3OqKzSlnlAWiFIP9hAlb/GLHAIlzGqoEKZaU66THvScWV7/AA==
.rubiconproject.com/ Name: audit
Value: 1|naVuGyos1qqojN1azuaEw+MH05QULE/jV/G9Z/GRzTwlMNVEfWi2ygtalK2PVZW6hfnTI/ZUR4VymPvo8pleP2G37LI6Qn8SFZkIf3R57N0=
.prebid.a-mo.net/ Name: _sv3_0
Value: 1
.prebid.a-mo.net/ Name: _sv3_2
Value: 1
.prebid.a-mo.net/ Name: _sv3_3
Value: 1
.prebid.a-mo.net/ Name: _sv3_4
Value: 1
.a-mo.net/ Name: amuid2
Value: d2ee4bed-788f-4ff5-81a6-a951f6e82af8
.smartadserver.com/ Name: pbw
Value: %24b%3d16950%3b%24o%3d11100
.smartadserver.com/ Name: vs
Value: 363694=4649632
.smartadserver.com/ Name: TestIfCookie
Value: ok
.smartadserver.com/ Name: TestIfCookieP
Value: ok
.smartadserver.com/ Name: sasd
Value: %24qc%3D1314162586%3B%24ql%3DHigh%3B%24qpc%3D80801%3B%24qt%3D25_176_122666t%3B%24dma%3D0
.adnxs.com/ Name: icu
Value: ChgIzcY5EAoYASABKAEwnImMjAY4AUABSAEQnImMjAYYAA..
.adnxs.com/ Name: uuid2
Value: 2122704094273706711
.smartadserver.com/ Name: sasd2
Value: q=%24qc%3D1314162586%3B%24ql%3DHigh%3B%24qpc%3D80801%3B%24qt%3D25_176_122666t%3B%24dma%3D0&c=1&l=1277444200&lo=671245698&lt=637715767479640987&o=1
.agkn.com/ Name: ab
Value: 0001%3ATgEj1mxxW2cIMrCjtlvv%2FPPJLUkzkiWs
.undertone.com/ Name: UTID
Value: 821b0ef18c21446082f9236acf8a0b64
.undertone.com/ Name: UTID_ENC
Value: 7paj7eaoz4u30uxwwkbrontyc
www.salon.com/ Name: fabrickId
Value: %7B%22fabrickId%22%3A%22E1%3A58tv1yjhXPgpqQlpEa5HSa1yEgNJbqxmqumzp-WqObL9SSLmdrFV_iWi5k_ToIa_ACXwa0Fv77-O1uu2KGkgD3yuzTkM0bpJY2NGi4GnBqb7hp-r40GE7Ezhrl_EDbmt%22%7D
.salon.com/ Name: properSessionData
Value: eyJ1dWlkIjoiOGNmM2JmOTQtMjIwMC00M2IxLWFhY2EtZDg1NzVhN2FhMTMyIiwiZGVwdGgiOjEsInJlZmVycmVyIjoiIiwiZ2NsaWQiOiIiLCJmYmNsaWQiOiIiLCJ1dG1fY2FtcGFpZ24iOiIiLCJ1dG1fc291cmNlIjoiIiwidXRtX21lZGl1bSI6IiIsInV0bV90ZXJtIjoiIiwidXRtX2NvbnRlbnQiOiIiLCJ1dG1fdGVtcGxhdGUiOiIiLCJ1dG1fcmVmZXJyZXIiOiIiLCJ1dG1fYWRzZXQiOiIiLCJ1dG1fc3ViaWQiOiIiLCJyZXZlbnVlIjowLCJiaWRfYXZnIjp7fSwibm9fYmlkX2NudCI6eyJhOSI6MSwiZW14IjoxLCJpbmRleCI6MSwia2FyZ28iOjEsIm9wZW54IjoxLCJzb3ZybiI6MSwidGVhZHMiOjEsImNyaXRlbyI6MSwiY29uY2VydCI6MSwicnViaWNvbiI6MSwiYXBwbmV4dXMiOjEsIm1lZGlhbmV0IjoxLCJwdWJtYXRpYyI6MSwiYWR5b3VsaWtlIjoxLCJ1bmRlcnRvbmUiOjEsImNvbnZlcnNhbnQiOjEsImRpc3RyaWN0bWRteCI6MSwic2hhcmV0aHJvdWdoIjoxLCJzbWFydF9hZHNlcnZlciI6MSwidGhpcnR5dGhyZWVhY3Jvc3MiOjF9LCJsYXN0X3RocmVzaG9sZCI6MH0=
www.salon.com/ Name: sharedid
Value: %7B%22id%22%3A%2201FKKWM0NK590QMPC476G1HTBD%22%2C%22ts%22%3A1635976348339%2C%22ns%22%3Atrue%7D
www.salon.com/ Name: sharedid_last
Value: Wed%2C%2003%20Nov%202021%2021%3A52%3A28%20GMT
.yahoo.com/ Name: APID
Value: UP5649fdf7-3cf0-11ec-986e-02b6af95a6ec
.yahoo.com/ Name: APIDTS
Value: 1635976348
.proper.io/ Name: mediagrid
Value: e096de5a-79d2-448d-9f49-a19e33134835
.proper.io/ Name: pubmatic
Value: 0FE355CA-71C4-40AC-AC05-98C8E8C1D328
.proper.io/ Name: verizon_media
Value: y-KORI9RRE2uEyoXEP89OcfuNhDP_mdkic~A
.proper.io/ Name: adaptmx
Value: d2ee4bed-788f-4ff5-81a6-a951f6e82af8
.adsrvr.org/ Name: TDID
Value: b25042a1-920c-4527-ab1d-1239a8bb2046
www.salon.com/ Name: _lr_geo_location
Value: DE
.doubleclick.net/ Name: IDE
Value: AHWqTUnh2GKbo1rtWYEu9ImaVk7IhCDbaCSvCxdULKkhaepl_QxmZ8GfJtCjvxoF_mQ
.proper.io/ Name: aol_instream
Value: y-KORI9RRE2uEyoXEP89OcfuNhDP_mdkic~A~UP5649fdf7-3cf0-11ec-986e-02b6af95a6ec
.bidr.io/ Name: bito
Value: AAVMSE7DBgkAADFpDtoCIw
.bidr.io/ Name: bitoIsSecure
Value: ok
.ad.gt/ Name: last_seeng_hosted
Value: 1635976348864
.ad.gt/ Name: g_hosted
Value:
.ad.gt/ Name: last_seenadnxs
Value: 1635976348876
.ad.gt/ Name: adnxs_id
Value: 2122704094273706711
.ad.gt/ Name: first_seenadnxs
Value: 1635976348876
.ad.gt/ Name: last_seenadx
Value: 1635976348880
.ad.gt/ Name: google_gid
Value: CAESEO8bnENmEG1nrkxYnMKJTM4
.ad.gt/ Name: first_seenadx
Value: 1635976348880
.ad.gt/ Name: last_seenpbm
Value: 1635976348879
.ad.gt/ Name: pbm
Value: 0FE355CA-71C4-40AC-AC05-98C8E8C1D328
.ad.gt/ Name: first_seenpbm
Value: 1635976348880
.salon.com/ Name: _fbp
Value: fb.1.1635976348973.1094589520
.mathtag.com/ Name: uuid
Value: 26c36183-049c-4200-bdf9-d4fcbf34bc7f
.proper.io/ Name: __cf_bm
Value: yaJZWwFj9rdHbzjtxLnO9i4IrlXY7CiUP8oIsyoNDik-1635976347-0-AYnoJDrsU1NVYrkPXxX6IqZs3YYqU8SVWz9jMMEAW5j5ufAXV%2BFfMUfqHmXq%2Bw1MSCZ4geoaPZe2KaNBoIoCVMi3tf3JI8mcS7Drn04kniV6
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~YYMEnQAB2NTyTwBR
.ad.gt/ Name: last_seenbeeswax
Value: 1635976348882
.ad.gt/ Name: beeswax_id
Value: AAVMSE7DBgkAADFpDtoCIw
.ad.gt/ Name: last_seentd
Value: 1635976348883
.ad.gt/ Name: tdid
Value: b25042a1-920c-4527-ab1d-1239a8bb2046
.ad.gt/ Name: first_seentd
Value: 1635976348883
.ad.gt/ Name: last_seenhaloid
Value: 1635976349003
.ad.gt/ Name: halo_id
Value: 0201wslsds07jv2yg08xizqr0bwpa1w0evvljv1k7cm961o8b5po0ntek210qskvk40trr7270wqxik90zq3u2c12pa5j31k0gxf118nmsj90fzd0bt1elzfjf1hl5r1i1kkc2jl
.ad.gt/ Name: first_seenhaloid
Value: 1635976349004
.ad.gt/ Name: last_seenopenx
Value: 1635976349036
.ad.gt/ Name: openx_id
Value: b1cd52bf-7c41-06c9-3cf9-58b91a5e6242
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 1
.pubmatic.com/ Name: pi
Value: 156374:3
.pubmatic.com/ Name: DPSync3
Value: 1637107200%3A201_197_219%7C1635984000%3A174
.pubmatic.com/ Name: SyncRTB3
Value: 1637193600%3A35%7C1636761600%3A63%7C1637107200%3A220_56_3_13_22_21_7_8_71_161_54%7C1638489600%3A203%7C1636502400%3A223
.analytics.yahoo.com/ Name: IDSYNC
Value: "190z~21bx:18zw~21bx:18z8~21bx"
.quantserve.com/ Name: d
Value: ELUBCwHRJPijAA
.pubmatic.com/ Name: KRTBCOOKIE_57
Value: 22776-2122704094273706711
.pubmatic.com/ Name: PUBMDCID
Value: 3
.pubmatic.com/ Name: KRTBCOOKIE_153
Value: 19420-TowMOkiJDWtVhAU_SYoZOx7bAz1V2ww9GYhPLltU&KRTB&22979-TowMOkiJDWtVhAU_SYoZOx7bAz1V2ww9GYhPLltU
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 22987-CAESEEz-klMq_ONqlNaLId9z8RA&KRTB&16514-CAESEEz-klMq_ONqlNaLId9z8RA&KRTB&23025-CAESEEz-klMq_ONqlNaLId9z8RA
.pubmatic.com/ Name: KRTBCOOKIE_218
Value: 4056-YYMEnQAB2NTyTwBR&KRTB&22978-YYMEnQAB2NTyTwBR&KRTB&23194-YYMEnQAB2NTyTwBR&KRTB&23209-YYMEnQAB2NTyTwBR
.adfarm1.adition.com/ Name: UserID1
Value: 7026464915995818126
.simpli.fi/ Name: suid
Value: D9E6E2EB135E4EA496357C3FC0AC798B
.pubmatic.com/ Name: KRTBCOOKIE_1101
Value: 23040-7026464915995818126
.pubmatic.com/ Name: KRTBCOOKIE_27
Value: 16735-uid:26c36183-049c-4200-bdf9-d4fcbf34bc7f&KRTB&16736-uid:26c36183-049c-4200-bdf9-d4fcbf34bc7f&KRTB&23019-uid:26c36183-049c-4200-bdf9-d4fcbf34bc7f&KRTB&23114-uid:26c36183-049c-4200-bdf9-d4fcbf34bc7f
.adform.net/ Name: C
Value: 1
.adsrvr.org/ Name: TDCPM
Value: CAESFwoIcHVibWF0aWMSCwi6q_q8yMePOhAFGAEgASgCMgsIuqP96d7HjzoQBTgBWghwdWJtYXRpY2AC
.de17a.com/ Name: guid2
Value: 1.3341736361121403267
.pubmatic.com/ Name: KRTBCOOKIE_377
Value: 6810-b25042a1-920c-4527-ab1d-1239a8bb2046&KRTB&22918-b25042a1-920c-4527-ab1d-1239a8bb2046&KRTB&23031-b25042a1-920c-4527-ab1d-1239a8bb2046
.adform.net/ Name: uid
Value: 235704883405741506
.pubmatic.com/ Name: KRTBCOOKIE_391
Value: 22924-235704883405741506&KRTB&23263-235704883405741506
.pubmatic.com/ Name: KRTBCOOKIE_336
Value: 5844-3341736361121403267
.pubmatic.com/ Name: PugT
Value: 1635976347
.onaudience.com/ Name: cookie
Value: 353d14daafe862c5
.onaudience.com/ Name: done_redirects104
Value: 1
event.clientgear.com/ Name: mkuuid
Value: mk32fba9f1-3989-45d7-98e7-cee2b85083f8
.pubmatic.com/ Name: KRTBCOOKIE_466
Value: 16530-e096de5a-79d2-448d-9f49-a19e33134835
.crwdcntrl.net/ Name: _cc_dc
Value: 1
.crwdcntrl.net/ Name: _cc_id
Value: 8271dfd1a37bf1b578d39bce3623eb92
.crwdcntrl.net/ Name: _cc_cc
Value: "ACZ4XmNQsDAyN0xJSzFMNDZPSjNMMjW3SDG2TEpONTYzMk5NsjRiAILEZpa5IBoKAFkwCps%3D"
.crwdcntrl.net/ Name: _cc_aud
Value: "ABR4XmNgYGBIbGaZC6SgAAAS9gGG"
.onaudience.com/ Name: done_redirects161
Value: 1
.exelator.com/ Name: EE
Value: "c84561eeab0819e65acb9ff06655330a"
.exelator.com/ Name: ud
Value: "eJxrXxzq6XKLQSHZwsTUzDA1NTHJwMLQMtXMNDE5yTItzcDMzNTU2NggcXFZatGCpaXFqSlJh5ZU5JTkNK0uiw91jHdz9PX0iVzmnFGUn5u6AiwU5hq0yNJ0SX5RZvoiF9fFRSlpDItKik8F7yt%252BCgCBxSqC"
.pubmatic.com/ Name: SPugT
Value: 1635976350

1 Console Messages

Source Level URL
Text
network error URL: https://id.rlcdn.com/709414.gif?us_privacy=1---
Message:
Failed to load resource: the server responded with a status of 451 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.ad.gt
a.teads.tv
ads.pubmatic.com
ads.yieldmo.com
ap.lijit.com
assets.salon.com
ats.rlcdn.com
aufp.io
bidder.criteo.com
bids.concert.io
bids.proper.io
btlr.sharethrough.com
c.amazon-adsystem.com
c1.adform.net
cdn.id5-sync.com
ce.lijit.com
cm.g.doubleclick.net
connect.facebook.net
connect.scroll.com
d2um6xmmztr4fp.cloudfront.net
d5p.de17a.com
dis.criteo.com
dsp.adfarm1.adition.com
eb.proper.io
eus.rubiconproject.com
event.clientgear.com
fastlane.rubiconproject.com
fid.agkn.com
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
geo.privacymanager.io
get.s-onetag.com
global.proper.io
googleads.g.doubleclick.net
hb-api.omnitagjs.com
hb.emxdgt.com
hb.undertone.com
hbopenbid.pubmatic.com
htlb.casalemedia.com
ib.adnxs.com
id.rlcdn.com
id.sharedid.org
id5-sync.com
ids.ad.gt
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
lh3.googleusercontent.com
loada.exelator.com
mab.chartbeat.com
match.adsrvr.org
match.bnmla.com
match.prod.bidr.io
mediaproxy.propervideo.io
mediaproxy.salon.com
onetag-geo.s-onetag.com
p.ad.gt
ping.chartbeat.net
pixel-us-west.rubiconproject.com
pixel.advertising.com
pixel.onaudience.com
pixel.quantserve.com
pixel.rubiconproject.com
pixels.ad.gt
player.propervideo.io
pr-bh.ybp.yahoo.com
prebid.a-mo.net
prebid.media.net
prg.smartadserver.com
proc.ad.cpe.dotomi.com
propermedia-d.openx.net
propervideo.io
rules.quantcount.com
secure-assets.rubiconproject.com
secure.adnxs.com
secure.cdn.fastclick.net
secure.quantserve.com
securepubads.g.doubleclick.net
signal-beacon.s-onetag.com
signal-segments.s-onetag.com
simage2.pubmatic.com
simage4.pubmatic.com
ssc.33across.com
static.chartbeat.com
static.scroll.com
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.crwdcntrl.net
sync.go.sonobi.com
sync.mathtag.com
tagan.adlightning.com
tlx.3lift.com
token.rubiconproject.com
trc.taboola.com
u.openx.net
um.simpli.fi
ups.analytics.yahoo.com
usync.proper.io
web.hb.ad.cpe.dotomi.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.salon.com
x.bidswitch.net
104.89.20.125
104.89.31.187
104.92.74.8
13.224.193.125
13.225.87.56
13.225.87.87
13.35.253.106
142.250.186.162
142.250.186.98
143.204.98.50
147.75.61.140
15.197.193.217
151.101.194.49
159.253.128.188
172.217.18.98
178.250.0.163
178.250.2.131
18.156.0.31
18.185.169.108
18.192.95.190
18.66.109.174
18.66.112.32
18.66.112.67
18.66.139.84
18.66.97.105
185.255.84.151
185.29.132.241
185.64.189.110
185.64.189.112
185.64.190.78
185.86.138.32
198.47.127.20
199.232.198.217
2.18.232.7
2.18.233.180
213.155.156.164
216.52.2.19
23.37.38.181
2600:9000:223c:6e00:18:1fcd:34f:cdc1
2600:9000:223c:ba00:6:44e3:f8c0:93a1
2600:9000:2240:8e00:1a:b9b9:50c0:93a1
2600:9000:225e:d800:14:6f36:d40:21
2602:803:c003:200::51
2606:4700::6811:4f22
2606:4700::6812:9eea
2606:4700::6812:9fea
2620:116:800d:21:8c6e:cf2c:8d6:9fb5
2a00:1450:4001:801::2001
2a00:1450:4001:801::2002
2a00:1450:4001:809::2008
2a00:1450:4001:80f::2003
2a00:1450:4001:812::200e
2a00:1450:4001:813::200a
2a00:1450:4001:827::2003
2a00:1450:4001:82a::2004
2a00:1450:4001:831::200e
2a00:1450:400c:c06::9d
2a02:fa8:8806:13::1460
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
2a04:4e42:400::300
2a04:4e42:600::714
2a05:d018:d29:3601:cd4:b591:26a5:2dfd
3.120.13.220
3.234.102.102
34.107.148.139
34.117.126.186
34.149.20.76
34.254.143.3
35.156.230.193
35.167.53.177
35.201.100.179
35.244.159.8
35.244.174.68
35.84.44.29
37.157.6.252
37.252.172.38
37.252.172.45
38.27.122.101
44.225.168.153
46.105.202.126
47.252.78.131
51.222.80.231
51.89.7.198
52.209.129.133
52.212.206.16
52.222.214.98
52.28.9.10
52.35.10.191
52.86.105.134
54.149.4.149
54.187.25.111
54.213.79.211
54.218.247.33
69.173.144.139
69.173.144.165
72.251.249.13
72.34.250.75
8.39.36.141
85.114.159.118
99.80.189.205
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
08057f271c56e48b69ab547341e75b8d2c7fc64ce0948d861a53b3da436a4b18
083adef2478e555313701e4ba78cbe91b3fb95bee5bf93b99d0e07afef9a1676
099d5a93d27e43c40b29b9f45a57492ca8d87ee45d14d7a83d0ff39735822b3a
09b2637f6b626bae4a48b7c900571558c0078dc2776eedcb4d12ad54031ff718
0b349c9f7305a447e1b8a1eefbb3e916ed0d6eb65aa0fc18c3a9f62a8c7204f3
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bdee151a3ef6f17d95b50ed90b4bc8b9e876b3fc5f20015b5efcafbaefaf50a
0d9762a1a60deef8aa093c473ad27c38eed77184d6940e7df06d89d77cbd3e94
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
146e5052d0f8508dffd8ad8c52e958a31d0ac04fcf8bd3e4c7a5eb40bca88359
1473e3c63c2f09c096c1c42637f43e5f3bdc8d3c1c40443ad07764e19de05dce
148b871e949a6a4caf538057e75581146b3ad0c104be1b4023d65a8bfd7c78d2
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
18c3ad9d69f010a2b28ea73c99136fd5d631996a7cd0a5b11e8e6b1d3c48ff5f
19161157b90b37d42790f4b8d1e72777b366f05eaa904593c145d31c3a5d4f82
195d86686493886d7d5c0c5767c788c2abb85e89b67e44bbd7a8cbf399020ecc
1d94be6ff05be0fbb645591bca2a96f3ff991a46a304a40c73c17c798a1ed023
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba
25fcf2c54c6d96e3f17121f0daf102c9d5a8299afc4b76972d686deeb64fba93
2792a77781e2a839531d0c02913adac97a4f878a6a04e33ddf0b79317618377e
2a7f73bfaf490b177aedc23d3d5f0dddc216ef3f7dd13731d4d81390aedc4f84
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
3809a6684f846affe0fe66e55bd75a099b9d0df6ad5f16019cd38729269db633
389a9a3789c95e186938117ed685c0f2cdc8be282a1d3995363995ed429bfb56
38f04c123509bf6c5621c67580ad6165c8fe9ec2d7a5fb716cce5b5899ffcc4b
3bb48d4348c56ff24220eef7b04be7e6da53199e0583d63b157dd840fec5926f
3d54d65d1a3e03ee57b6b3bea623447a1d39393610bdd51bb389fe20c0b17f78
3ee74a92e3d67dc60c808d2d3d60814231cf93740732ff613ba467dd97a3aaec
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
41dbe6877836b16b7cf03d00fd0f0edd99a970103ff9fb21502223f0f1ab6715
425f3101dfe5c67c409e8380476a08c290897f878ab8b17fee5b84d84fb1fd49
489d91bed61ef8d1c31f9de5b1c13777a03ac0864206094dd594ad82ef266ca7
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4ac95c59a70b7c78d9dcfce05d1dcfd512e8f083d1525cf5d34ee3f57bf8e325
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
52ccbb6bccbe98df3d02d41743f0867be04049a8a39015ef8f3db8022c4d9a16
53d91fb2b51a3daa0645f78f71b29e695f42b0ac6db0d29f7fc7e5e38c3ffb7a
55aa0299a6b880ddee3b6e438a6e155730fca9eaf992e5e4ac105ca1de5f3312
55aabd4f133660977420281f291a1ed0c58714a47679738bdaad2e8d59c31004
5761b272a2e871ff233affaff65a826a9543c40397b5c04ef63b1644ea3f5ba0
5c4a811fc304da555db89e1db3dadebc3ecd2e11e7a83016c41fb72a12f4a393
5f3925658dcc0aef75c4032a6e4ffd0d9da7741d68e55fbb10a328e1207fc9a7
5f4d89df9a85b8496da17128550d38a1a2dc9ddb32f115f9f60a038a31e4a1d5
61ffb6786c0e64729468cbdce2564a02bb4e89071c08900fc8f74c2eae82f660
6439039f67c8c7e5377ff77dde9f019935a671db506a5f6cc7d58c85dee8b46c
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b2b5b05933a00a9e1beb6e53fba22bf77feaa3c203e361d637985750fec4bab
6c5d110e7d2bec93112a5d498dc620bf2213eb5d6af634cfa37a5e5d4fce5fd7
70b3915c982e975de60d0e046e0d891f3cb936c6be6db52609d493ff5172dc7c
71456da5a003ee937acafa9b98bc0f7eecca2f38b33eb2a58b4ab532f3d19609
714de2cbe0c9d76d563e2a5fd4466bab4dc8f2f7517b56213c7cd28fa9ac628b
7279c4c8a06b691e8f08bfac5066ccc587aa97a86431a2f1d61553c147ba1e33
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
76f8cf4b3881c1b76ceadc8f9c19df31f1278b1a6ee0747c42e5d526b1335047
7b705c8f31bac6bb1e49d9c57534c23dfaaca682160dea116d0d235efaabe9ad
7bcea2a6b05fd4d0aa03bf8cae7c1bcd0719d7acb0d4c30bd675b1b20c11bd00
81c28971df4291e16a540f8c58e2ca8f13aa7f4ee1a02d0b3852919b10902df1
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
835818f0b8155a58255c00668cb2db2d90544cf7f79f344005e3b31992f63294
83a31a8f9283b98a3c0f590e5aed38f347182c79e34b5fdd4290818673b38d5f
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
85e50082d7ce113bfa87dbade18dbf747d1bacfcffdbd628296dcffa98a08f94
87be16637580ca332b866a832ded9dfadebabf5ee1431906648bc366305342f5
88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96
8bb4f7ed5a9c1317c29a70fd33a14a262386564f4d6e927cf0366d591f4d3745
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e1b84265e633c043720dd0921476c16bc9f75e393e855c9116ca7c3a847b5c7
92e649098eefaf82db65282d7cbb4e65c738aca33c3fc8073a9c770fbcb0623d
952441349b4c057299a501444f711dc764b49b0336cdcb6b4f76cd09587a129d
9551cbf6c941f1b4011cd87e51778a40a9375cece6433052937a4d81d34ebcc2
973fe12f5130be123a73261e3956030b8a1c380f8cd8234e319b51bda6892898
9e859705ddc9f6f3a2ad0fa51bc03a4de3764a228bf7f80da8a8a5234578c650
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a1487840a2b462dbe286bc37aa72a3d397b26a73eb2680b47ba9ac03c5c3be40
a21d223dd8dd1a11b8c2049f7a2995466563e0e549e3631499a6020231622c43
a42521c8473d6b3355c4ba7cc8f57632a88c61c5c8ec61c7b7c6a04b2fd7855d
a4350fed8ed92bbf4f462fc245028928ac33afa25d2231b28c334b91cd0d3952
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
b23807a4c5d90afca0dc47d688c0a05302779429dab75f5e6182562dcc2970f6
b6ff0f2cb4595ec01f5ac1694c0193f382c1daba771d4eacd66b99b5fefee714
b819e02fcd718274f1b6ad5e11e5b6330f25f5388b8ceb6213463725e81644af
b9a3a31e6f646223696c6f3873f57cfa7b6b2b95ca0e271e40fd65f2f810d155
bcc04a1a7434dab656af4fba2a677ea88f93530021938921b037195743384942
c0a2e157af72d5455d5b7ac1ea5d3c446d7e4ba3f0025dc060a11e8386e0160a
c289bb7f0768e6f27949bd7a16a12290ee12317bf340cd15266a0348fe595e58
c59c99744c79151c7e70de4c589d825cac7de500c2bb2d207820f37e7fea7c26
c7490bffa2cab23add7050aba8fd5b7a62b6023254d2a69d7345828bea6b4815
c78d1e06582a546d5958a71b269912cdec0a4c5d22978749ff5c5570a342887f
c7eb76a3dce0c3013c7d4d8319f52686eb9a50c0ca70ca49d509be712b64346e
cc8e36d463defbcf3246a917a182606b060815c9a56c92757a116c53ab326cf0
cec62d830b2cf65fbd6d1244389e310025a6486f4c07d9401d5159b8a868cedf
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d472a9c7fccf3507b7125a0d6b470edde2a16eabd27e504dd08aa01c6b697f00
d5b83174b14c8fb07a6cfc17abbc860e726a23b84f724c468049c73e1e8d7cba
d783bf33379246ddaebb6219871feebfd4b37a04900a52c1f2f20cc629609fd7
d7cd09b590143e055a2a0bbfa2b87359e72b419db9f29ecdf3e946fc08c74a56
db2c15c2e76a2f6e8ec9e2bef69f55e123e4949840caf2c0fcb5b606fb56a361
df5137425e7de7419e6a429ba54ae05b9e7c3bf00a7cdda775669ffe68223cf2
e016838866d792bb27ebc256f894e240e2cadd33fc87cdc269c89436243bd085
e2c28f3e8b6a2e5170859e67cff3e8240e6b888d02005306ef3d2129f5cbd74c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e46e310306db4480ca39acaa1797a1bcf4f6af051450ee6f84c12c3ec5706764
e6305050c1f12c5d57ec8f6bf06181c68cef3b17f745e8a4c992381b61d47d40
eb6883bc39782219d9eb3868c4e21acbdf949cc1a13bd35fb86bcb447488a977
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f3796ee99aa2393f256d3fdc7ce29234328dcec597199795fc6319ecf621e3c0
f51938710e179807bbf1be9a1e9d7e3441fa74e7dfe9f46841914fb12ca7de3c
f87ad2c434484cb6527e56c7ba994c411a76d0033bb4aaa5784ce4310231e013
f90f350c59e05f4d0676c002a1be86ea1744ba4f465dcf4f1299f51e35aac792
fc039c22a1050accc48fa6b44de899b97fd3ceccd369eb8aca9457b07fa2ef28
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62