urlscan.io logo urlscan.io
SecurityTrails logo

shadowandact.com Open in urlscan Pro
35.227.214.231  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://shadowandact.com/
Effective URL: https://shadowandact.com/
Submission: On May 27 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 108 IPs in 13 countries across 91 domains to perform 353 HTTP transactions. The main IP is 35.227.214.231, located in Kansas City, United States and belongs to GOOGLE, US. The main domain is shadowandact.com. The Cisco Umbrella rank of the primary domain is 248154.
TLS certificate: Issued by GTS CA 1D4 on April 11th 2022. Valid for: 3 months.
This is the only time shadowandact.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 15 35.227.214.231 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
1 2600:9000:231... 16509 (AMAZON-02)
13 185.152.64.17 60068 (CDN77 ^_^)
1 18.66.107.155 16509 (AMAZON-02)
1 151.101.65.131 54113 (FASTLY)
2 2.20.157.165 16625 (AKAMAI-AS)
1 18.66.248.59 16509 (AMAZON-02)
19 146.148.110.40 396982 (GOOGLE-CL...)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
1 151.139.128.11 20446 (STACKPATH...)
1 15 151.101.2.137 54113 (FASTLY)
4 2a00:1450:400... 15169 (GOOGLE)
1 35.190.59.101 15169 (GOOGLE)
2 35.201.67.47 15169 (GOOGLE)
2 35.190.91.160 15169 (GOOGLE)
2 2a03:2880:f02... 32934 (FACEBOOK)
2 2a00:1450:400... 15169 (GOOGLE)
1 3 108.157.4.38 16509 (AMAZON-02)
1 34.149.21.97 15169 (GOOGLE)
1 34.117.152.54 396982 (GOOGLE-CL...)
3 35.233.141.87 396982 (GOOGLE-CL...)
1 108.138.17.78 16509 (AMAZON-02)
1 3.69.136.55 16509 (AMAZON-02)
2 2a03:2880:f11... 32934 (FACEBOOK)
10 142.250.185.226 15169 (GOOGLE)
4 108.156.255.177 16509 (AMAZON-02)
2 13.32.99.69 16509 (AMAZON-02)
3 2606:4700::68... 13335 (CLOUDFLAR...)
4 2a02:26f0:350... 20940 (AKAMAI-ASN1)
2 45.55.126.42 14061 (DIGITALOC...)
1 2a00:1450:400... 15169 (GOOGLE)
4 18.66.9.79 16509 (AMAZON-02)
1 34.117.126.186 396982 (GOOGLE-CL...)
1 23.32.59.34 16625 (AKAMAI-AS)
2 167.99.21.53 14061 (DIGITALOC...)
7 34.248.81.187 16509 (AMAZON-02)
1 2602:803:c003... 26667 (RUBICONPR...)
11 3.248.142.99 16509 (AMAZON-02)
1 2 8.2.111.126 46636 (NATCOWEB)
3 6 185.33.221.53 29990 (ASN-APPNEX)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a04:4e42:200... 54113 (FASTLY)
12 18.189.255.1 16509 (AMAZON-02)
15 34.253.43.221 16509 (AMAZON-02)
5 2a00:1450:400... 15169 (GOOGLE)
2 54.165.89.243 14618 (AMAZON-AES)
3 18.203.167.73 16509 (AMAZON-02)
1 23.35.229.181 16625 (AKAMAI-AS)
6 34.149.12.213 15169 (GOOGLE)
1 34.206.157.2 14618 (AMAZON-AES)
6 6 3.72.114.165 16509 (AMAZON-02)
6 11 69.173.144.138 26667 (RUBICONPR...)
6 15.197.193.217 16509 (AMAZON-02)
1 2 50.57.31.206 19994 (RACKSPACE)
1 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
3 5 64.202.112.223 22075 (AS-OUTBRAIN)
14 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:401... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2606:4700::68... 13335 (CLOUDFLAR...)
8 2a00:1450:400... 15169 (GOOGLE)
1 2a05:d014:943... 16509 (AMAZON-02)
3 185.33.221.89 29990 (ASN-APPNEX)
1 104.102.28.239 20940 (AKAMAI-ASN1)
2 2606:4700:10:... 13335 (CLOUDFLAR...)
5 52.34.133.113 16509 (AMAZON-02)
5 2a00:1450:400... 15169 (GOOGLE)
3 2607:f8b0:400... 15169 (GOOGLE)
1 1 2a00:1450:401... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
3 13 2.20.157.55 16625 (AKAMAI-AS)
2 199.232.196.124 54113 (FASTLY)
1 151.101.193.108 54113 (FASTLY)
1 2620:1ec:bdf::45 8068 (MICROSOFT...)
4 23.205.235.133 16625 (AKAMAI-AS)
4 104.102.28.254 20940 (AKAMAI-ASN1)
1 8.2.111.121 46636 (NATCOWEB)
1 34.107.222.173 15169 (GOOGLE)
3 185.64.190.78 62713 (AS-PUBMATIC)
1 2620:1ec:21::14 8068 (MICROSOFT...)
3 6 209.54.176.128 16509 (AMAZON-02)
2 4 2a05:d018:d29... 16509 (AMAZON-02)
6 10 142.250.186.162 15169 (GOOGLE)
2 3 52.95.126.160 16509 (AMAZON-02)
3 4 37.157.3.29 198622 (ADFORM)
2 2 213.155.156.165 1299 (TWELVE99 ...)
6 185.64.189.110 62713 (AS-PUBMATIC)
4 4 103.229.206.241 30419 (MEDIAMATH...)
1 178.250.2.151 44788 (ASN-CRITE...)
1 8.28.7.84 62713 (AS-PUBMATIC)
1 1 51.210.112.63 16276 (OVH)
1 159.122.14.34 36351 (SOFTLAYER)
1 1 185.183.112.155 60350 (VP)
1 1 34.195.47.183 14618 (AMAZON-AES)
1 141.226.228.48 200478 (TABOOLA-AS)
1 3 3.126.56.137 16509 (AMAZON-02)
1 67.202.105.23 32748 (STEADFAST)
1 51.89.9.252 16276 (OVH)
1 2 185.86.137.122 201081 (SMARTADSE...)
2 2 72.251.249.13 29791 (VOXEL-DOT...)
1 72.251.249.9 29791 (VOXEL-DOT...)
1 1 52.3.28.57 14618 (AMAZON-AES)
4 4 213.19.147.44 26120 (RHYTHMONE)
2 2 193.0.160.128 54312 (ROCKETFUEL)
1 178.162.133.149 60781 (LEASEWEB-...)
1 1 145.40.89.200 54825 (PACKET)
1 2 185.33.221.87 29990 (ASN-APPNEX)
1 12 52.210.15.1 16509 (AMAZON-02)
1 1 188.34.152.202 24940 (HETZNER-AS)
3 3 54.229.33.24 16509 (AMAZON-02)
2 2 35.244.159.8 15169 (GOOGLE)
1 1 44.196.137.234 14618 (AMAZON-AES)
1 1 3.234.149.51 14618 (AMAZON-AES)
1 1 150.136.25.38 31898 (ORACLE-BM...)
1 169.197.150.8 398989 (DEEPINTENT)
2 2 64.74.236.127 22075 (AS-OUTBRAIN)
1 1 104.111.215.191 16625 (AKAMAI-AS)
1 1 198.148.27.140 19189 (PULSEPOINT)
1 151.101.130.49 54113 (FASTLY)
2 2 18.195.155.181 16509 (AMAZON-02)
1 1 202.241.208.55 4694 (IDCF IDC ...)
2 2 185.184.8.90 204995 (RTB-HOUSE...)
1 1 104.92.74.8 16625 (AKAMAI-AS)
1 52.48.107.84 16509 (AMAZON-02)
1 192.132.33.46 18568 (BIDTELLECT)
1 3 185.86.139.113 201081 (SMARTADSE...)
2 2 135.125.160.77 16276 (OVH)
1 35.244.174.68 15169 (GOOGLE)
1 1 2620:116:800d... 16509 (AMAZON-02)
1 104.36.113.24 ()
353 108
15    35.227.214.231 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 231.214.227.35.bc.googleusercontent.com
shadowandact.com
5    2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2600:9000:2315:4200:1:a3fa:7cc0:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn.jwplayer.com
13    185.152.64.17 (Prague, Czech Republic)

ASN60068 (CDN77 ^_^, GB)
PTR: unn-185-152-64-17.datapacket.com
load.sumome.com
load.sumo.com
1    18.66.107.155 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-107-155.fra56.r.cloudfront.net
dc8xl0ndzn2cb.cloudfront.net
1    151.101.65.131 (United States)

ASN54113 (FASTLY, US)
66c37c86af1b42cd94b050774081e5e2.js.ubembed.com
2    2.20.157.165 (Milan, Italy)

ASN16625 (AKAMAI-AS, US)
PTR: a2-20-157-165.deploy.static.akamaitechnologies.com
widgets.outbrain.com
widget-pixels.outbrain.com
1    18.66.248.59 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-248-59.dus51.r.cloudfront.net
cdn.p-n.io
19    146.148.110.40 (Council Bluffs, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 40.110.148.146.bc.googleusercontent.com
cms.shadowandact.com
cms.blavity.com
cms.afrotech.com
legacy.travelnoire.com
1    2606:4700:20::681a:609 (United States)

ASN13335 (CLOUDFLARENET, US)
console.adgrid.io
1    151.139.128.11 (United States)

ASN20446 (STACKPATH-CDN, US)
s.skimresources.com
15    151.101.2.137 (United States)

ASN54113 (FASTLY, US)
cd.connatix.com
cds.connatix.com
capi.connatix.com
ins.connatix.com
vid.connatix.com
img.connatix.com
4    2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    35.190.59.101 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 101.59.190.35.bc.googleusercontent.com
r.skimresources.com
2    35.201.67.47 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 47.67.201.35.bc.googleusercontent.com
t.skimresources.com
2    35.190.91.160 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 160.91.190.35.bc.googleusercontent.com
p.skimresources.com
2    2a03:2880:f02d:12:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
2    2a00:1450:4001:831::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
3    108.157.4.38 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-157-4-38.dus51.r.cloudfront.net
sb.scorecardresearch.com
1    34.149.21.97 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 97.21.149.34.bc.googleusercontent.com
api.afrotech.com
1    34.117.152.54 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 54.152.117.34.bc.googleusercontent.com
api.travelnoire.com
3    35.233.141.87 (The Dalles, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 87.141.233.35.bc.googleusercontent.com
api.shadowandact.com
1    108.138.17.78 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-17-78.fra56.r.cloudfront.net
assets.ubembed.com
1    3.69.136.55 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-69-136-55.eu-central-1.compute.amazonaws.com
66c37c86af1b42cd94b050774081e5e2.pages.ubembed.com
2    2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
10    142.250.185.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net
securepubads.g.doubleclick.net
pubads.g.doubleclick.net
4    108.156.255.177 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-156-255-177.dus51.r.cloudfront.net
c.amazon-adsystem.com
2    13.32.99.69 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-69.fra60.r.cloudfront.net
builder-assets.unbounce.com
3    2606:4700::6812:a6e0 (United States)

ASN13335 (CLOUDFLARENET, US)
pub.doubleverify.com
4    2a02:26f0:3500:68a::4469 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
cdn.doubleverify.com
2    45.55.126.42 (Clifton, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
meta.resetdigital.co
1    2a00:1450:400c:c07::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
4    18.66.9.79 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-9-79.txl50.r.cloudfront.net
d9hhrg4mnvzow.cloudfront.net
1    34.117.126.186 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 186.126.117.34.bc.googleusercontent.com
bids.concert.io
1    23.32.59.34 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-32-59-34.deploy.static.akamaitechnologies.com
htlb.casalemedia.com
2    167.99.21.53 (Clifton, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
ads.resetsrv.com
7    34.248.81.187 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-248-81-187.eu-west-1.compute.amazonaws.com
g2.gumgum.com
rtb.gumgum.com
1    2602:803:c003:200::41 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
11    3.248.142.99 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-248-142-99.eu-west-1.compute.amazonaws.com
ads.servenobid.com
2    8.2.111.126 (United States)

ASN46636 (NATCOWEB, US)
colossusssp.com
6    185.33.221.53 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 718.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
ib.adnxs.com
2    2a00:1450:4001:82a::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
1    2a04:4e42:200::393 (United States)

ASN54113 (FASTLY, US)
res.cloudinary.com
12    18.189.255.1 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-189-255-1.us-east-2.compute.amazonaws.com
capi-tier-1-us-east-2.connatix.com
15    34.253.43.221 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-253-43-221.eu-west-1.compute.amazonaws.com
s.srvsynd.com
5    2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
imasdk.googleapis.com
2    54.165.89.243 (United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-165-89-243.compute-1.amazonaws.com
66c37c86af1b42cd94b050774081e5e2.events.ubembed.com
3    18.203.167.73 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-203-167-73.eu-west-1.compute.amazonaws.com
vtrk.doubleverify.com
1    23.35.229.181 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-229-181.deploy.static.akamaitechnologies.com
tcheck.outbrainimg.com
6    34.149.12.213 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 213.12.149.34.bc.googleusercontent.com
tps.doubleverify.com
tpsc-eu3.doubleverify.com
1    34.206.157.2 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-206-157-2.compute-1.amazonaws.com
bpi.rtactivate.com
6    3.72.114.165 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-72-114-165.eu-central-1.compute.amazonaws.com
x.bidswitch.net
11    69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
token.rubiconproject.com
6    15.197.193.217 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org
2    50.57.31.206 (United States)

ASN19994 (RACKSPACE, US)
uipus.semasio.net
1    2a00:1450:4001:80f::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
3    2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
5    64.202.112.223 (Harrodsburg, United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com
log.outbrainimg.com
sync.outbrain.com
14    2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
1    2a00:1450:4014:80f::2002 (Ireland)

ASN15169 (GOOGLE, US)
adservice.google.de
1    2a00:1450:4001:811::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
d675ad9298e7296b35425808546f97a6.safeframe.googlesyndication.com
2    2606:4700::6810:5614 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
8    2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
googleads.g.doubleclick.net
1    2a05:d014:943:a602:bc4:f0e7:77e7:16a5 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
d.adup-tech.com
3    185.33.221.89 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 719.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
ams1-ib.adnxs.com
1    104.102.28.239 (Milan, Italy)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a104-102-28-239.deploy.static.akamaitechnologies.com
cdn.adnxs.com
2    2606:4700:10::ac43:1a76 (United States)

ASN13335 (CLOUDFLARENET, US)
m.adup-tech.com
5    52.34.133.113 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-34-133-113.us-west-2.compute.amazonaws.com
sumo.com
5    2a00:1450:4001:813::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
3    2607:f8b0:4008:808::2003 (United States)

ASN15169 (GOOGLE, US)
csi.gstatic.com
1    2a00:1450:4016::7 (Ireland)

ASN15169 (GOOGLE, US)
rr2---sn-h0jeln7e.googlevideo.com
1    2a00:1450:4001:67::9 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
rr4---sn-4g5ednly.googlevideo.com
1    2a00:1450:400c:c00::65 (Brussels, Belgium)

ASN15169 (GOOGLE, US)
s.youtube.com
13    2.20.157.55 (Milan, Italy)

ASN16625 (AKAMAI-AS, US)
PTR: a2-20-157-55.deploy.static.akamaitechnologies.com
js-sec.indexww.com
ssum-sec.casalemedia.com
dsum-sec.casalemedia.com
2    199.232.196.124 (United States)

ASN54113 (FASTLY, US)
cdn.concert.io
1    151.101.193.108 (United States)

ASN54113 (FASTLY, US)
acdn.adnxs.com
1    2620:1ec:bdf::45 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
public.servenobid.com
4    23.205.235.133 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-205-235-133.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
4    104.102.28.254 (Milan, Italy)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a104-102-28-254.deploy.static.akamaitechnologies.com
ads.pubmatic.com
1    8.2.111.121 (United States)

ASN46636 (NATCOWEB, US)
sync.colossusssp.com
1    34.107.222.173 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 173.222.107.34.bc.googleusercontent.com
d2fb08da-1c03-4c8a-978f-ad8a96b4c31f.partner.permutive.app
3    185.64.190.78 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
1    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
6    209.54.176.128 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
4    2a05:d018:d29:3605:a78d:7683:9776:13f1 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
pr-bh.ybp.yahoo.com
10    142.250.186.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net
cm.g.doubleclick.net
3    52.95.126.160 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
4    37.157.3.29 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
2    213.155.156.165 (Uppsala, Sweden)

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)
PTR: 213-155-156-165.teliacarrier-cust.com
d5p.de17a.com
6    185.64.189.110 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
simage2.pubmatic.com
4    103.229.206.241 (Singapore)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
1    178.250.2.151 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.criteo.com
1    8.28.7.84 (United States)

ASN62713 (AS-PUBMATIC, US)
image4.pubmatic.com
1    51.210.112.63 (France)

ASN16276 (OVH, FR)
PTR: pikafka-eu-3.cloudy.ovh
pixel.onaudience.com
1    159.122.14.34 (United States)

ASN36351 (SOFTLAYER, US)
PTR: 22.0e.7a9f.ip4.static.sl-reverse.com
um.simpli.fi
1    185.183.112.155 (Meaux, France)

ASN60350 (VP, FR)
sync.adotmob.com
1    34.195.47.183 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-195-47-183.compute-1.amazonaws.com
sync.extend.tv
1    141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)
sync.taboola.com
3    3.126.56.137 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-56-137.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
1    67.202.105.23 (United States)

ASN32748 (STEADFAST, US)
PTR: ip23.67-202-105.static.steadfastdns.net
pixel.33across.com
1    51.89.9.252 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip252.ip-51-89-9.eu
onetag-sys.com
2    185.86.137.122 (France)

ASN201081 (SMARTADSERVER, FR)
ssbsync.smartadserver.com
2    72.251.249.13 (Amsterdam, Netherlands)

ASN29791 (VOXEL-DOT-NET, US)
ce.lijit.com
1    72.251.249.9 (Amsterdam, Netherlands)

ASN29791 (VOXEL-DOT-NET, US)
ap.lijit.com
1    52.3.28.57 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-3-28-57.compute-1.amazonaws.com
x.yieldlift.com
4    213.19.147.44 (Utrecht, Netherlands)

ASN26120 (RHYTHMONE, US)
sync.1rx.io
2    193.0.160.128 (United States)

ASN54312 (ROCKETFUEL, US)
p.rfihub.com
1    178.162.133.149 (Rijswijk, Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: ams-1-sync.go.sonobi.com
sync.go.sonobi.com
1    145.40.89.200 (Ashburn, United States)

ASN54825 (PACKET, US)
prebid.a-mo.net
2    185.33.221.87 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 723.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
secure.adnxs.com
12    52.210.15.1 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
usersync.gumgum.com
1    188.34.152.202 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.202.152.34.188.clients.your-server.de
bidswitch-eu.splicky.com
3    54.229.33.24 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-229-33-24.eu-west-1.compute.amazonaws.com
ice.360yield.com
ad.360yield.com
2    35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
us-u.openx.net
1    44.196.137.234 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-196-137-234.compute-1.amazonaws.com
sync.srv.stackadapt.com
1    3.234.149.51 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-234-149-51.compute-1.amazonaws.com
sync.ipredictive.com
1    150.136.25.38 (Ashburn, United States)

ASN31898 (ORACLE-BMC-31898, US)
sync.technoratimedia.com
1    169.197.150.8 (United States)

ASN398989 (DEEPINTENT, US)
PTR: g.deepintent.com
match.deepintent.com
2    64.74.236.127 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: chi.outbrain.com
b1sync.zemanta.com
1    104.111.215.191 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-215-191.deploy.static.akamaitechnologies.com
stags.bluekai.com
1    198.148.27.140 (New York, United States)

ASN19189 (PULSEPOINT, US)
bh.contextweb.com
1    151.101.130.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
2    18.195.155.181 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-155-181.eu-central-1.compute.amazonaws.com
cs.emxdgt.com
1    202.241.208.55 (Japan)

ASN4694 (IDCF IDC Frontier Inc., JP)
tg.socdm.com
2    185.184.8.90 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net
creativecdn.com
1    104.92.74.8 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-92-74-8.deploy.static.akamaitechnologies.com
secure-assets.rubiconproject.com
1    52.48.107.84 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-48-107-84.eu-west-1.compute.amazonaws.com
match.prod.bidr.io
1    192.132.33.46 (United States)

ASN18568 (BIDTELLECT, US)
PTR: 46.bidtellect.com
bttrack.com
3    185.86.139.113 (France)

ASN201081 (SMARTADSERVER, FR)
rtb-csync.smartadserver.com
2    135.125.160.77 (France)

ASN16276 (OVH, FR)
PTR: ns3195934.ip-135-125-160.eu
gu.dyntrk.com
1    35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com
id.rlcdn.com
1    2620:116:800d:21:b314:a0ef:ab7c:d546 (United States)

ASN16509 (AMAZON-02, US)
pixel.quantserve.com
1    104.36.113.24 (None, )

ASN- ()
simage4.pubmatic.com
Apex Domain
Subdomains		 Transfer
33 shadowandact.com
shadowandact.com — Cisco Umbrella Rank: 248154
cms.shadowandact.com — Cisco Umbrella Rank: 467456
api.shadowandact.com — Cisco Umbrella Rank: 609264
5 MB
28 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 173
stats.g.doubleclick.net — Cisco Umbrella Rank: 84
pubads.g.doubleclick.net — Cisco Umbrella Rank: 479
googleads.g.doubleclick.net — Cisco Umbrella Rank: 40
cm.g.doubleclick.net — Cisco Umbrella Rank: 191
180 KB
27 connatix.com
cd.connatix.com — Cisco Umbrella Rank: 3085
cds.connatix.com — Cisco Umbrella Rank: 3207
capi.connatix.com — Cisco Umbrella Rank: 3465
ins.connatix.com — Cisco Umbrella Rank: 4945
capi-tier-1-us-east-2.connatix.com — Cisco Umbrella Rank: 3823
vid.connatix.com — Cisco Umbrella Rank: 3911
img.connatix.com — Cisco Umbrella Rank: 3790
353 KB
20 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 90
d675ad9298e7296b35425808546f97a6.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 136
115 KB
19 gumgum.com
g2.gumgum.com — Cisco Umbrella Rank: 1382
usersync.gumgum.com — Cisco Umbrella Rank: 1794
rtb.gumgum.com — Cisco Umbrella Rank: 1119
6 KB
17 rubiconproject.com
fastlane.rubiconproject.com — Cisco Umbrella Rank: 445
pixel.rubiconproject.com — Cisco Umbrella Rank: 306
eus.rubiconproject.com — Cisco Umbrella Rank: 530
token.rubiconproject.com — Cisco Umbrella Rank: 644
secure-assets.rubiconproject.com — Cisco Umbrella Rank: 977
25 KB
17 sumo.com
load.sumo.com — Cisco Umbrella Rank: 10392
sumo.com — Cisco Umbrella Rank: 9319
445 KB
16 doubleverify.com
pub.doubleverify.com — Cisco Umbrella Rank: 6666
cdn.doubleverify.com — Cisco Umbrella Rank: 428
vtrk.doubleverify.com — Cisco Umbrella Rank: 1405
tps.doubleverify.com — Cisco Umbrella Rank: 440
tpsc-eu3.doubleverify.com — Cisco Umbrella Rank: 25273
226 KB
15 srvsynd.com
s.srvsynd.com — Cisco Umbrella Rank: 11067
55 KB
15 pubmatic.com
hbopenbid.pubmatic.com Failed
ads.pubmatic.com — Cisco Umbrella Rank: 413
image6.pubmatic.com — Cisco Umbrella Rank: 564
image2.pubmatic.com — Cisco Umbrella Rank: 819
simage2.pubmatic.com — Cisco Umbrella Rank: 566
image4.pubmatic.com — Cisco Umbrella Rank: 784
simage4.pubmatic.com
38 KB
13 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 214
ams1-ib.adnxs.com — Cisco Umbrella Rank: 6504
cdn.adnxs.com — Cisco Umbrella Rank: 1302
acdn.adnxs.com — Cisco Umbrella Rank: 550
secure.adnxs.com — Cisco Umbrella Rank: 391
59 KB
13 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 280
s.amazon-adsystem.com — Cisco Umbrella Rank: 265
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 1099
47 KB
12 servenobid.com
ads.servenobid.com — Cisco Umbrella Rank: 1663
public.servenobid.com — Cisco Umbrella Rank: 3316
8 KB
12 casalemedia.com
htlb.casalemedia.com — Cisco Umbrella Rank: 439
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 494
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 518
15 KB
10 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 42
imasdk.googleapis.com — Cisco Umbrella Rank: 381
747 KB
7 yahoo.com
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 452
ups.analytics.yahoo.com — Cisco Umbrella Rank: 279
4 KB
7 gstatic.com
fonts.gstatic.com
csi.gstatic.com
106 KB
6 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 329
2 KB
6 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 269
3 KB
6 skimresources.com
s.skimresources.com — Cisco Umbrella Rank: 2810
r.skimresources.com — Cisco Umbrella Rank: 2699
t.skimresources.com — Cisco Umbrella Rank: 2886
p.skimresources.com — Cisco Umbrella Rank: 3812
21 KB
6 outbrain.com
widgets.outbrain.com — Cisco Umbrella Rank: 1257
widget-pixels.outbrain.com — Cisco Umbrella Rank: 2649
sync.outbrain.com — Cisco Umbrella Rank: 706
71 KB
5 smartadserver.com
ssbsync.smartadserver.com — Cisco Umbrella Rank: 1156
rtb-csync.smartadserver.com — Cisco Umbrella Rank: 565
2 KB
5 google.com
www.google.com — Cisco Umbrella Rank: 2
adservice.google.com — Cisco Umbrella Rank: 70
2 KB
5 ubembed.com
66c37c86af1b42cd94b050774081e5e2.js.ubembed.com — Cisco Umbrella Rank: 193249
assets.ubembed.com — Cisco Umbrella Rank: 9437
66c37c86af1b42cd94b050774081e5e2.pages.ubembed.com
66c37c86af1b42cd94b050774081e5e2.events.ubembed.com
53 KB
5 cloudfront.net
dc8xl0ndzn2cb.cloudfront.net
d9hhrg4mnvzow.cloudfront.net
40 KB
4 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 499
2 KB
4 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 409
3 KB
4 adform.net
c1.adform.net — Cisco Umbrella Rank: 539
2 KB
3 360yield.com
ice.360yield.com — Cisco Umbrella Rank: 1608
ad.360yield.com — Cisco Umbrella Rank: 622
892 B
3 lijit.com
ce.lijit.com — Cisco Umbrella Rank: 821
ap.lijit.com — Cisco Umbrella Rank: 575
2 KB
3 adup-tech.com
d.adup-tech.com — Cisco Umbrella Rank: 26068
m.adup-tech.com — Cisco Umbrella Rank: 60157
19 KB
3 colossusssp.com
colossusssp.com — Cisco Umbrella Rank: 1524
sync.colossusssp.com — Cisco Umbrella Rank: 1706
428 B
3 concert.io
bids.concert.io — Cisco Umbrella Rank: 8497
cdn.concert.io — Cisco Umbrella Rank: 9459
43 KB
3 scorecardresearch.com
sb.scorecardresearch.com — Cisco Umbrella Rank: 133
2 KB
2 dyntrk.com
gu.dyntrk.com — Cisco Umbrella Rank: 1244
1 KB
2 creativecdn.com
creativecdn.com — Cisco Umbrella Rank: 649
695 B
2 emxdgt.com
cs.emxdgt.com — Cisco Umbrella Rank: 837
490 B
2 zemanta.com
b1sync.zemanta.com — Cisco Umbrella Rank: 538
1 KB
2 openx.net
us-u.openx.net — Cisco Umbrella Rank: 348
431 B
2 rfihub.com
p.rfihub.com — Cisco Umbrella Rank: 684
1 KB
2 de17a.com
d5p.de17a.com — Cisco Umbrella Rank: 4853
637 B
2 indexww.com
js-sec.indexww.com — Cisco Umbrella Rank: 586
2 KB
2 googlevideo.com
rr2---sn-h0jeln7e.googlevideo.com — Cisco Umbrella Rank: 117388
rr4---sn-4g5ednly.googlevideo.com — Cisco Umbrella Rank: 89036
3 MB
2 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 419
11 KB
2 semasio.net
uipus.semasio.net — Cisco Umbrella Rank: 3854
1 KB
2 outbrainimg.com
tcheck.outbrainimg.com — Cisco Umbrella Rank: 3983
log.outbrainimg.com — Cisco Umbrella Rank: 2061
789 B
2 google.de
www.google.de — Cisco Umbrella Rank: 6117
adservice.google.de — Cisco Umbrella Rank: 8526
1 KB
2 resetsrv.com
ads.resetsrv.com — Cisco Umbrella Rank: 14867
705 B
2 resetdigital.co
meta.resetdigital.co — Cisco Umbrella Rank: 29680
3 KB
2 unbounce.com
builder-assets.unbounce.com — Cisco Umbrella Rank: 16565
36 KB
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 97
388 B
2 travelnoire.com
api.travelnoire.com — Cisco Umbrella Rank: 456096
legacy.travelnoire.com — Cisco Umbrella Rank: 207698
71 KB
2 afrotech.com
api.afrotech.com — Cisco Umbrella Rank: 604166
cms.afrotech.com — Cisco Umbrella Rank: 583200
51 KB
2 blavity.com
cms.blavity.com — Cisco Umbrella Rank: 248826
59 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 35
20 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 144
113 KB
1 quantserve.com
pixel.quantserve.com — Cisco Umbrella Rank: 412
509 B
1 rlcdn.com
id.rlcdn.com — Cisco Umbrella Rank: 555
98 B
1 bttrack.com
bttrack.com — Cisco Umbrella Rank: 752
380 B
1 bidr.io
match.prod.bidr.io — Cisco Umbrella Rank: 464
430 B
1 socdm.com
tg.socdm.com — Cisco Umbrella Rank: 1636
695 B
1 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 536
178 B
1 contextweb.com
bh.contextweb.com — Cisco Umbrella Rank: 529
388 B
1 bluekai.com
stags.bluekai.com — Cisco Umbrella Rank: 472
1 KB
1 deepintent.com
match.deepintent.com — Cisco Umbrella Rank: 811
44 B
1 technoratimedia.com
sync.technoratimedia.com — Cisco Umbrella Rank: 1009
339 B
1 ipredictive.com
sync.ipredictive.com — Cisco Umbrella Rank: 910
433 B
1 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 751
577 B
1 splicky.com
bidswitch-eu.splicky.com — Cisco Umbrella Rank: 26776
221 B
1 a-mo.net
prebid.a-mo.net — Cisco Umbrella Rank: 1087
437 B
1 sonobi.com
sync.go.sonobi.com — Cisco Umbrella Rank: 883
474 B
1 yieldlift.com
x.yieldlift.com — Cisco Umbrella Rank: 3542
593 B
1 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 741
1 33across.com
pixel.33across.com — Cisco Umbrella Rank: 2241
1 taboola.com
sync.taboola.com — Cisco Umbrella Rank: 835
99 B
1 extend.tv
sync.extend.tv — Cisco Umbrella Rank: 1570
546 B
1 adotmob.com
sync.adotmob.com — Cisco Umbrella Rank: 1290
307 B
1 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 758
613 B
1 onaudience.com
pixel.onaudience.com — Cisco Umbrella Rank: 2969
419 B
1 criteo.com
dis.criteo.com — Cisco Umbrella Rank: 679
363 B
1 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 320
706 B
1 permutive.app
d2fb08da-1c03-4c8a-978f-ad8a96b4c31f.partner.permutive.app — Cisco Umbrella Rank: 10514
166 B
1 youtube.com
s.youtube.com — Cisco Umbrella Rank: 683
1 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 163
42 KB
1 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 242
17 KB
1 rtactivate.com
bpi.rtactivate.com — Cisco Umbrella Rank: 1789
109 B
1 cloudinary.com
res.cloudinary.com — Cisco Umbrella Rank: 2080
493 KB
1 adgrid.io
console.adgrid.io — Cisco Umbrella Rank: 56465
202 KB
1 p-n.io
cdn.p-n.io — Cisco Umbrella Rank: 4308
65 KB
1 sumome.com
load.sumome.com — Cisco Umbrella Rank: 32204
2 KB
1 jwplayer.com
cdn.jwplayer.com — Cisco Umbrella Rank: 2362
41 KB
353 91
Domain Requested by
15 s.srvsynd.com cd.connatix.com
s.srvsynd.com
15 cms.shadowandact.com shadowandact.com
15 shadowandact.com 1 redirects shadowandact.com
14 pagead2.googlesyndication.com srcdoc
shadowandact.com
securepubads.g.doubleclick.net
tpc.googlesyndication.com
12 usersync.gumgum.com 1 redirects g2.gumgum.com
12 capi-tier-1-us-east-2.connatix.com cd.connatix.com
12 load.sumo.com load.sumome.com
11 ads.servenobid.com console.adgrid.io
public.servenobid.com
g2.gumgum.com
ssum-sec.casalemedia.com
ssbsync.smartadserver.com
10 cm.g.doubleclick.net 6 redirects ssum-sec.casalemedia.com
g2.gumgum.com
8 dsum-sec.casalemedia.com 2 redirects ssum-sec.casalemedia.com
7 googleads.g.doubleclick.net
7 pixel.rubiconproject.com 2 redirects shadowandact.com
public.servenobid.com
eus.rubiconproject.com
7 img.connatix.com shadowandact.com
6 s.amazon-adsystem.com 3 redirects ssum-sec.casalemedia.com
ssbsync.smartadserver.com
6 match.adsrvr.org shadowandact.com
ads.pubmatic.com
ssum-sec.casalemedia.com
g2.gumgum.com
6 x.bidswitch.net 6 redirects
6 ib.adnxs.com 3 redirects console.adgrid.io
acdn.adnxs.com
6 securepubads.g.doubleclick.net console.adgrid.io
securepubads.g.doubleclick.net
shadowandact.com
www.googletagservices.com
5 rtb.gumgum.com g2.gumgum.com
5 tpc.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
imasdk.googleapis.com
5 sumo.com load.sumo.com
5 imasdk.googleapis.com cd.connatix.com
imasdk.googleapis.com
5 fonts.googleapis.com shadowandact.com
builder-assets.unbounce.com
d.adup-tech.com
client
4 sync.outbrain.com 3 redirects g2.gumgum.com
4 sync.1rx.io 4 redirects
4 sync.mathtag.com 4 redirects
4 image2.pubmatic.com ads.pubmatic.com
4 c1.adform.net 3 redirects ads.pubmatic.com
4 pr-bh.ybp.yahoo.com 2 redirects ads.pubmatic.com
ssum-sec.casalemedia.com
4 token.rubiconproject.com 4 redirects
4 ads.pubmatic.com console.adgrid.io
ads.pubmatic.com
public.servenobid.com
g2.gumgum.com
4 eus.rubiconproject.com console.adgrid.io
eus.rubiconproject.com
g2.gumgum.com
4 tpsc-eu3.doubleverify.com cdn.doubleverify.com
4 pubads.g.doubleclick.net imasdk.googleapis.com
4 d9hhrg4mnvzow.cloudfront.net 66c37c86af1b42cd94b050774081e5e2.pages.ubembed.com
4 cdn.doubleverify.com shadowandact.com
securepubads.g.doubleclick.net
4 c.amazon-adsystem.com console.adgrid.io
c.amazon-adsystem.com
4 fonts.gstatic.com fonts.googleapis.com
3 rtb-csync.smartadserver.com 1 redirects ssbsync.smartadserver.com
3 ups.analytics.yahoo.com 1 redirects ssum-sec.casalemedia.com
3 aax-eu.amazon-adsystem.com 2 redirects
3 image6.pubmatic.com ads.pubmatic.com
3 ssum-sec.casalemedia.com 1 redirects js-sec.indexww.com
public.servenobid.com
3 csi.gstatic.com imasdk.googleapis.com
3 ams1-ib.adnxs.com shadowandact.com
console.adgrid.io
cdn.adnxs.com
3 adservice.google.com imasdk.googleapis.com
securepubads.g.doubleclick.net
3 vtrk.doubleverify.com pub.doubleverify.com
3 pub.doubleverify.com shadowandact.com
pub.doubleverify.com
3 api.shadowandact.com shadowandact.com
3 sb.scorecardresearch.com 1 redirects shadowandact.com
3 cds.connatix.com shadowandact.com
cd.connatix.com
2 gu.dyntrk.com 2 redirects
2 creativecdn.com 2 redirects
2 cs.emxdgt.com 2 redirects
2 ad.360yield.com 2 redirects
2 b1sync.zemanta.com 2 redirects
2 us-u.openx.net 2 redirects
2 secure.adnxs.com 1 redirects ssum-sec.casalemedia.com
2 p.rfihub.com 2 redirects
2 ce.lijit.com 2 redirects
2 ssbsync.smartadserver.com 1 redirects public.servenobid.com
2 simage2.pubmatic.com ads.pubmatic.com
2 d5p.de17a.com 2 redirects
2 cdn.concert.io console.adgrid.io
cdn.concert.io
2 js-sec.indexww.com console.adgrid.io
ssum-sec.casalemedia.com
2 m.adup-tech.com d.adup-tech.com
2 cdn.jsdelivr.net securepubads.g.doubleclick.net
cdn.concert.io
2 uipus.semasio.net 1 redirects shadowandact.com
2 tps.doubleverify.com cdn.doubleverify.com
2 66c37c86af1b42cd94b050774081e5e2.events.ubembed.com assets.ubembed.com
2 www.google.com shadowandact.com
tpc.googlesyndication.com
2 colossusssp.com 1 redirects console.adgrid.io
2 g2.gumgum.com console.adgrid.io
public.servenobid.com
2 ads.resetsrv.com console.adgrid.io
shadowandact.com
2 meta.resetdigital.co shadowandact.com
2 builder-assets.unbounce.com 66c37c86af1b42cd94b050774081e5e2.pages.ubembed.com
2 www.facebook.com shadowandact.com
2 cms.blavity.com shadowandact.com
2 capi.connatix.com shadowandact.com
cd.connatix.com
2 www.google-analytics.com shadowandact.com
www.google-analytics.com
2 connect.facebook.net shadowandact.com
connect.facebook.net
2 p.skimresources.com shadowandact.com
2 t.skimresources.com shadowandact.com
s.skimresources.com
1 simage4.pubmatic.com ads.pubmatic.com
1 pixel.quantserve.com 1 redirects
1 id.rlcdn.com ssbsync.smartadserver.com
1 bttrack.com ssum-sec.casalemedia.com
1 match.prod.bidr.io ssum-sec.casalemedia.com
1 secure-assets.rubiconproject.com 1 redirects
1 tg.socdm.com 1 redirects
1 sync-tm.everesttech.net g2.gumgum.com
1 bh.contextweb.com 1 redirects
1 stags.bluekai.com 1 redirects
1 match.deepintent.com g2.gumgum.com
1 sync.technoratimedia.com 1 redirects
1 sync.ipredictive.com 1 redirects
1 sync.srv.stackadapt.com 1 redirects
1 ice.360yield.com 1 redirects
1 bidswitch-eu.splicky.com 1 redirects
1 prebid.a-mo.net 1 redirects
1 sync.go.sonobi.com public.servenobid.com
1 x.yieldlift.com 1 redirects
1 ap.lijit.com public.servenobid.com
1 onetag-sys.com public.servenobid.com
1 pixel.33across.com public.servenobid.com
1 sync.taboola.com ssum-sec.casalemedia.com
1 sync.extend.tv 1 redirects
1 sync.adotmob.com 1 redirects
1 um.simpli.fi ads.pubmatic.com
1 pixel.onaudience.com 1 redirects
1 image4.pubmatic.com ads.pubmatic.com
1 dis.criteo.com ads.pubmatic.com
1 px.ads.linkedin.com
1 d2fb08da-1c03-4c8a-978f-ad8a96b4c31f.partner.permutive.app cdn.concert.io
1 sync.colossusssp.com
1 public.servenobid.com console.adgrid.io
1 acdn.adnxs.com console.adgrid.io
1 s.youtube.com
1 rr4---sn-4g5ednly.googlevideo.com
1 rr2---sn-h0jeln7e.googlevideo.com 1 redirects
1 cdn.adnxs.com console.adgrid.io
1 d.adup-tech.com console.adgrid.io
1 www.googletagservices.com securepubads.g.doubleclick.net
1 d675ad9298e7296b35425808546f97a6.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 adservice.google.de securepubads.g.doubleclick.net
1 log.outbrainimg.com widgets.outbrain.com
1 s0.2mdn.net imasdk.googleapis.com
1 bpi.rtactivate.com shadowandact.com
1 widget-pixels.outbrain.com shadowandact.com
1 tcheck.outbrainimg.com widgets.outbrain.com
1 vid.connatix.com cd.connatix.com
1 ins.connatix.com cd.connatix.com
1 legacy.travelnoire.com shadowandact.com
1 cms.afrotech.com shadowandact.com
1 res.cloudinary.com shadowandact.com
1 www.google.de shadowandact.com
1 fastlane.rubiconproject.com console.adgrid.io
1 htlb.casalemedia.com console.adgrid.io
1 bids.concert.io console.adgrid.io
1 stats.g.doubleclick.net www.google-analytics.com
1 66c37c86af1b42cd94b050774081e5e2.pages.ubembed.com assets.ubembed.com
1 assets.ubembed.com 66c37c86af1b42cd94b050774081e5e2.js.ubembed.com
1 api.travelnoire.com shadowandact.com
1 api.afrotech.com shadowandact.com
1 r.skimresources.com s.skimresources.com
1 cd.connatix.com 1 redirects
1 s.skimresources.com shadowandact.com
1 console.adgrid.io shadowandact.com
1 cdn.p-n.io shadowandact.com
1 widgets.outbrain.com shadowandact.com
1 66c37c86af1b42cd94b050774081e5e2.js.ubembed.com shadowandact.com
1 dc8xl0ndzn2cb.cloudfront.net shadowandact.com
1 load.sumome.com shadowandact.com
1 cdn.jwplayer.com shadowandact.com
0 hbopenbid.pubmatic.com Failed console.adgrid.io
353 155
Subject Issuer Validity Valid
shadowandact.com
GTS CA 1D4		 2022-04-11 -
2022-07-10		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2022-05-04 -
2022-07-27		 3 months crt.sh
jwplayer.com
Amazon		 2021-12-29 -
2023-01-25		 a year crt.sh
*.sumome.com
Sectigo RSA Domain Validation Secure Server CA		 2022-04-05 -
2023-04-05		 a year crt.sh
*.cloudfront.net
Amazon		 2022-02-01 -
2023-01-31		 a year crt.sh
*.js.ubembed.com
GlobalSign Atlas R3 DV TLS CA H2 2021		 2022-01-04 -
2023-02-05		 a year crt.sh
*.outbrain.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-04-03 -
2023-04-04		 a year crt.sh
pushlycdn.com
Amazon		 2022-02-14 -
2023-03-15		 a year crt.sh
cms.shadowandact.com
R3		 2022-05-13 -
2022-08-11		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-12-06 -
2022-12-05		 a year crt.sh
*.skimresources.com
DigiCert SHA2 Secure Server CA		 2021-09-27 -
2022-10-28		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2022-05-04 -
2022-07-27		 3 months crt.sh
*.sumo.com
Sectigo RSA Domain Validation Secure Server CA		 2022-04-05 -
2023-04-05		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2022-03-06 -
2022-06-04		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-05-04 -
2022-07-27		 3 months crt.sh
*.scorecardresearch.com
Amazon		 2022-01-29 -
2023-02-27		 a year crt.sh
*.connatix.com
Go Daddy Secure Certificate Authority - G2		 2021-08-20 -
2022-09-21		 a year crt.sh
cms.blavity.com
R3		 2022-05-02 -
2022-07-31		 3 months crt.sh
api.afrotech.com
GTS CA 1D4		 2022-05-10 -
2022-08-08		 3 months crt.sh
api.travelnoire.com
GTS CA 1D4		 2022-05-03 -
2022-08-01		 3 months crt.sh
api.shadowandact.com
R3		 2022-05-25 -
2022-08-23		 3 months crt.sh
assets.ubembed.com
Amazon		 2022-02-04 -
2023-03-05		 a year crt.sh
*.pages.ubembed.com
Sectigo RSA Domain Validation Secure Server CA		 2022-02-28 -
2023-03-31		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-05-04 -
2022-07-27		 3 months crt.sh
c.amazon-adsystem.com
Amazon		 2021-07-06 -
2022-06-27		 a year crt.sh
*.unbounce.com
Amazon		 2022-02-08 -
2023-03-09		 a year crt.sh
*.doubleverify.com
DigiCert SHA2 Secure Server CA		 2021-12-23 -
2022-12-23		 a year crt.sh
*.resetdigital.co
Sectigo RSA Domain Validation Secure Server CA		 2021-10-04 -
2022-10-06		 a year crt.sh
bids.concert.io
GTS CA 1D4		 2022-05-06 -
2022-08-04		 3 months crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018		 2021-12-12 -
2022-12-13		 a year crt.sh
resetsrv.com
E1		 2022-05-21 -
2022-08-19		 3 months crt.sh
*.gumgum.com
Amazon		 2022-05-06 -
2023-06-04		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-03-08 -
2023-04-04		 a year crt.sh
ads.servenobid.com
Amazon		 2021-06-28 -
2022-07-27		 a year crt.sh
*.colossusssp.com
Go Daddy Secure Certificate Authority - G2		 2021-11-07 -
2022-11-07		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2022-02-11 -
2023-03-14		 a year crt.sh
www.google.com
GTS CA 1C3		 2022-05-04 -
2022-07-27		 3 months crt.sh
www.google.de
GTS CA 1C3		 2022-05-04 -
2022-07-27		 3 months crt.sh
*.cloudinary.com
Go Daddy Secure Certificate Authority - G2		 2020-05-27 -
2022-06-22		 2 years crt.sh
cms.afrotech.com
R3		 2022-04-17 -
2022-07-16		 3 months crt.sh
legacy.travelnoire.com
R3		 2022-04-06 -
2022-07-05		 3 months crt.sh
srvsynd.com
R3		 2022-04-03 -
2022-07-02		 3 months crt.sh
*.events.ubembed.com
Amazon		 2022-05-13 -
2023-06-11		 a year crt.sh
vtrk.doubleverify.com
Go Daddy Secure Certificate Authority - G2		 2021-12-03 -
2023-01-04		 a year crt.sh
*.outbrainimg.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-03-11 -
2023-03-15		 a year crt.sh
rtactivate.com
Amazon		 2022-04-13 -
2023-05-12		 a year crt.sh
*.doubleclick.net
GTS CA 1C3		 2022-05-04 -
2022-07-27		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-05-04 -
2022-07-27		 3 months crt.sh
*.google.de
GTS CA 1C3		 2022-05-04 -
2022-07-27		 3 months crt.sh
*.adup-tech.com
Amazon		 2021-12-01 -
2022-12-29		 a year crt.sh
cdn.adnxs.com
GeoTrust RSA CA 2018		 2021-12-10 -
2022-12-09		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2022-05-04 -
2022-07-27		 3 months crt.sh
concert.io
GlobalSign Atlas R3 DV TLS CA 2022 Q1		 2022-03-23 -
2023-04-24		 a year crt.sh
public.servenobid.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-02-17 -
2023-02-17		 a year crt.sh
*.pubmatic.com
DigiCert SHA2 Secure Server CA		 2022-02-04 -
2023-02-03		 a year crt.sh
*.partner.permutive.app
R3		 2022-05-06 -
2022-08-04		 3 months crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2022-03-31 -
2023-05-02		 a year crt.sh
track.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-06 -
2022-10-07		 a year crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-04-11 -
2022-07-07		 3 months crt.sh
*.simpli.fi
DigiCert TLS RSA SHA256 2020 CA1		 2021-10-27 -
2022-11-27		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-01-18 -
2022-07-13		 6 months crt.sh
*.taboola.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-11-28 -
2022-12-29		 a year crt.sh
ups.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-01-11 -
2022-07-06		 6 months crt.sh
*.33across.com
Sectigo RSA Domain Validation Secure Server CA		 2021-09-23 -
2022-09-30		 a year crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-10 -
2023-01-03		 a year crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-25 -
2023-01-25		 a year crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2022-03-11 -
2023-04-12		 a year crt.sh
*.go.sonobi.com
Go Daddy Secure Certificate Authority - G2		 2021-12-08 -
2023-01-09		 a year crt.sh
*.deepintent.com
Go Daddy Secure Certificate Authority - G2		 2022-05-02 -
2023-06-03		 a year crt.sh
*.ad-server.k8s.ie.ggops.com
Amazon		 2022-02-15 -
2023-03-16		 a year crt.sh
*.everesttech.net
GlobalSign Atlas R3 DV TLS CA 2022 Q1		 2022-02-03 -
2023-03-07		 a year crt.sh
*.match.prod.bidr.io
Amazon		 2022-01-27 -
2023-02-25		 a year crt.sh
*.bttrack.com
Sectigo RSA Domain Validation Secure Server CA		 2022-03-21 -
2023-04-20		 a year crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2022-02-03 -
2023-02-25		 a year crt.sh

This page contains 45 frames:

Primary Page: https://shadowandact.com/
Frame ID: 1A63AE4EC54F0813CE31DEFAB318B2E4
Requests: 152 HTTP requests in this frame

Frame: https://cds.connatix.com/p/164162/connatix.playspace.dc.js
Frame ID: 346CF47A58310556EB4E8F3B752F7A64
Requests: 22 HTTP requests in this frame

Frame: https://t.skimresources.com/api/v2/robots.txt?__skimjs_preflight__please_ignore__=true&rnd=0.5243843886640431
Frame ID: 2B48E04782EA6CDBE33EA22FA3E5490A
Requests: 1 HTTP requests in this frame

Frame: https://66c37c86af1b42cd94b050774081e5e2.pages.ubembed.com/eaa83551-6da6-40c8-b5dd-d6388b30cd69/c.html?closedAt=0
Frame ID: 060B5E5B703BD1D3F55BA6BCAA38887F
Requests: 11 HTTP requests in this frame

Frame: https://cdn.doubleverify.com/dv-measurements2767.js
Frame ID: B7FDA8253F3C9389D6469E41F35D1A12
Requests: 4 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.517.2_en.html
Frame ID: 058F6E1B47B0892F8B60D756848A85B1
Requests: 21 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.517.2_en.html
Frame ID: 941522503013A3AA0716191A4D3F33EF
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.517.2_en.html
Frame ID: 19C3EBEFCF8C4E4D48836FCC2190CBF0
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: D01E403C15BE4E01D88967565D880C31
Requests: 1 HTTP requests in this frame

Frame: https://d675ad9298e7296b35425808546f97a6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 892CC025D8D55656374CA1A487BA4DA3
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 150CAADB3752B129CC47A29A618530E4
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: A771C670A9A16AF7C3B98AC2EA51131E
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuCUFOm4i9XPgXP6BNencVPMm5WHTDyj39FXPOIHMKxw_RJwtXfoUk61FPh634RBM4cwZpCcfIAsqORuTazgqUrZrWvseI7urz2LGSY46h20oGyVTvWDVxf7WcuxyzRXWONu73VpuNcOle2hzjl80V-AsHm7XDa8JSP7gf_35tqpIWafWWEmc2XbBKT2-ZzRzfm9n1fceJby4BqOy-f2mROIgoPvIDnjpVOjyo1B8ComnVCsIhe0i4dnbl4EgeHMjx_Nmxe9uIYA85WZXWS2EaECPWnNkPNY2GKLHHNXSg2TAGtrICmOA_ccIbSqAQ&sai=AMfl-YTRgjiGGCjU6KoodFhP9qc4oVHG0Vt4LjHf0xrLViLOWxVfLCSyglGdMACLKrP8KXwX2smBY1lG__x2-ZjS2_FNX2QyndskBt2P6RsWHH4pngjGgyl8cN-KPpXDpS0&sig=Cg0ArKJSzIBka-cfeptiEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 6295294AB9996D3C9BB638337A6B5370
Requests: 10 HTTP requests in this frame

Frame: https://d.adup-tech.com/rtb/win.html?b=21750700&p=22af4af680eafc5713ca06e890cb2deb&sid=2689&tid=lt4nOy0yNjg5XzAtNzQwMDUxNzIxNjc1MjA4ODIyNiAgICAgICAgICAgICAgICAg&bid=0.0639&cpmcrypt=&rt=1653677492.7099037&data=dAABAPA4mQAAAAAAEAAeAOqmBzqZ67k4AACAPwEAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQC63JgAAAAAAGQAAgAAAM3MzD5YeQAAygP6AIIKAACs40sBAAABAAAAMwAAAFgAAABIKwAAAgACAAAAEABERUhFc2hhZG93YW5kYWN0LmNvbTc3MDdkYWZmNTkxOWQwMTE0OGU1ZDkyZjQ0OGE2ODg4&dr=1&sspuid=8yz6_dbdQhCtdikR20um&ref=https%3A%2F%2Fshadowandact.com%2F
Frame ID: 0E6A30050255307F2FF1D855EBC923DF
Requests: 6 HTTP requests in this frame

Frame: blob://https://shadowandact.com/03491db6-9bc2-4889-8405-591ae32bdf3f
Frame ID: 0A9EF37A8BF91DE86C639AF867E2C7E0
Requests: 1 HTTP requests in this frame

Frame: https://cdn.doubleverify.com/dv-measurements2767.js
Frame ID: 873318656F345F1845ECFCFD43588336
Requests: 4 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 89FEA61BBB8C6EA4CB8F6FC33CE44D12
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: E6B15EDD0ABB152E8718D19686F23972
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/hhrtBw21.html
Frame ID: 2B77969BBE0D92EE45EAEED47D59477D
Requests: 3 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: D3F6224007AA084B267981C791DA9E49
Requests: 1 HTTP requests in this frame

Frame: https://cdn.concert.io/lib/bids/sync.html
Frame ID: 57313F1CB4D435E4DA3FB66FB110FEA9
Requests: 4 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: D9B8080C94F41BAEAD0133E5D167213E
Requests: 3 HTTP requests in this frame

Frame: https://public.servenobid.com/sync.html
Frame ID: 2D87C331AB7DC52E030C53EC1B52CD75
Requests: 11 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 14DA56924B4460D5188174912F26C48A
Requests: 10 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160224
Frame ID: 1DD163FFBA89DD98AA8775BAC8753457
Requests: 13 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fshadowandact.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Frame ID: E4AB599F0FDD2FFF8695F23F90219069
Requests: 10 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=3BAA82F1-396D-4543-9BC8-CD06037CA850
Frame ID: 1CDC58AAEF8FB2197BA66F1480EFA6FB
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=1902524812053439895
Frame ID: E1FA11C0D84EE50CCB26E66FACF64BE9
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:eeca6291-1db9-4700-bc78-1acd8f573a90&gdpr=0&gdpr_consent=
Frame ID: 00643C37C6BCB834E0CCEE09E053DEB9
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: A00B8735EF5C7BA990111788D9F56DED
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fx.yieldlift.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1YN-%26uid%3D
Frame ID: 05F6129F9AA19102DB3CDE9BFDB27AEA
Requests: 2 HTTP requests in this frame

Frame: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Frame ID: 9A507B60583C533EF67CE0FEFE091EBF
Requests: 16 HTTP requests in this frame

Frame: https://pixel.33across.com/ps?m=xch&rt=html&id=0010b00002Mq2FYAAZ&ru=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D304%26uid%3D33XUSERID33X
Frame ID: B5418EBCD41B981F978B5552FFC29547
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Frame ID: B762F1DAD26D7B3100D97A3262D8671E
Requests: 1 HTTP requests in this frame

Frame: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Frame ID: 37E0C27C90E574EE2119369245C5F82C
Requests: 6 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Frame ID: 4EFB3EC62E9951A2060E5494FA0034E0
Requests: 10 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=mmh&i=91856291-1db9-4f00-864c-9bfc0d533988&gdpr=0&gdpr_consent=
Frame ID: 33DD48D9A833D76E9B80266DD13056C2
Requests: 1 HTTP requests in this frame

Frame: https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=
Frame ID: 0F86C4B0DBA2DED1A490635CF2C860C6
Requests: 1 HTTP requests in this frame

Frame: https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV8wZmNkMmJlNi03YzMxLTQ4OGQtYmVjYi01Mzc0Mzc0YWVmMTQ=&gdpr=0&gdpr_consent=
Frame ID: AD8082C9130D52BD77CF2807AD964140
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Frame ID: CF3F7D6612BFA5FDC3C682223622AE78
Requests: 2 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent=
Frame ID: 571AD853CF2D5531DCE68ECFDFD6A7AA
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=emx&uid=3819475946486894415brt18311653677497123918f1
Frame ID: C9B71C9CC3333194B340399F0C69D355
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=sus&i=YpEducCo5tEAAONcAD0AAAAA
Frame ID: BFA3FE4AF42A400B8FABE81CFA29A6D1
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=rth&i=o0lkGltASx6qoORq4rkc&pi=gumgum&tc=1
Frame ID: 066140D39DDADD93F041BD9575E807BE
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=gumgum
Frame ID: C08AC267465D5890394CBF005966E9F4
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

SHADOW & ACT

Page URL History Show full URLs

  1. http://shadowandact.com/ HTTP 301
    https://shadowandact.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • ubembed\.com
Overall confidence: 100%
Detected patterns
  • /_nuxt/
Overall confidence: 100%
Detected patterns
  • <[^>]+\sdata-v(?:ue)?-
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • widgets\.outbrain\.com/outbrain\.js
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • load\.sumome\.com
Overall confidence: 100%
Detected patterns
  • <iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
  • \.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

353
Requests

83 %
HTTPS

25 %
IPv6

91
Domains

155
Subdomains

108
IPs

13
Countries

11347 kB
Transfer

20031 kB
Size

92
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://shadowandact.com/ HTTP 301
    https://shadowandact.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 18
  • https://cd.connatix.com/connatix.playspace.js HTTP 302
  • https://cds.connatix.com/p/164162/connatix.playspace.dc.js
Request Chain 45
  • https://sb.scorecardresearch.com/b?c1=2&c2=22819004&ns__t=1653677490918&ns_c=UTF-8&cv=3.5&c8=SHADOW%20%26%20ACT&c7=https%3A%2F%2Fshadowandact.com%2F&c9= HTTP 302
  • https://sb.scorecardresearch.com/b2?c1=2&c2=22819004&ns__t=1653677490918&ns_c=UTF-8&cv=3.5&c8=SHADOW%20%26%20ACT&c7=https%3A%2F%2Fshadowandact.com%2F&c9=
Request Chain 126
  • https://x.bidswitch.net/sync?dsp_id=447&user_id=000000B0949351C8&expires=90 HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?dsp_id=447&user_id=000000B0949351C8&expires=90 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=15796&nid=2760&put=14018679-16a5-4ae5-ac7b-b9be47c7a84f&expires=30
Request Chain 127
  • https://x.bidswitch.net/sync?ssp=resetdigital&user_id=000000B0949351C8&expires=90 HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=resetdigital&user_id=000000B0949351C8&expires=90 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=bidswitch&ttd_tpi=1&ttd_puid=resetdigital&gdpr=&gdpr_consent=
Request Chain 129
  • https://uipus.semasio.net/reset/1/info?sType=sync&sExtCookieId=000000B0949351C8&sInitiator=external HTTP 302
  • https://uipus.semasio.net/reset/1/info2?sType=sync&sExtCookieId=000000B0949351C8&sInitiator=external
Request Chain 194
  • https://rr2---sn-h0jeln7e.googlevideo.com/videoplayback?expire=1653706294&ei=th2RYtOlHoqTgQeo1IL4CA&ip=81.95.5.36&id=c574e9fa066036d8&itag=22&source=youtube&requiressl=yes&mh=Ck&mm=31&mn=sn-h0jeln7e&ms=au&mv=m&mvi=2&pl=24&susc=gvp&acao=yes&ctier=L&mime=video/mp4&vprv=1&dur=20.108&lmt=1648660266175374&mt=1653677096&txp=5432434&sparams=expire,ei,ip,id,itag,source,requiressl,susc,acao,ctier,mime,vprv,dur,lmt&sig=AOq0QJ8wRAIgBDwzJBkFAJRcK7sxlKj3rd0wm4Us_ToTrSanCa3yYHMCIH5wu5UIgDdvDPEAfFYcU7nKv6vfRrg7SKFEhUuTP8gA&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRAIgNrthrVrXK-I7OgQX6VIkokRyDw_0BZdw2II8L3ayktYCIEf7Fx_XqubmDrNa-tDnNGyUd-FxmVQR--Y-Qe20Y_zW&cpn=UMInIScPeez7ajtB HTTP 302
  • https://rr4---sn-4g5ednly.googlevideo.com/videoplayback?expire=1653706294&ei=th2RYtOlHoqTgQeo1IL4CA&ip=81.95.5.36&id=c574e9fa066036d8&itag=22&source=youtube&requiressl=yes&susc=gvp&acao=yes&ctier=L&mime=video/mp4&vprv=1&dur=20.108&lmt=1648660266175374&txp=5432434&sparams=expire,ei,ip,id,itag,source,requiressl,susc,acao,ctier,mime,vprv,dur,lmt&sig=AOq0QJ8wRAIgBDwzJBkFAJRcK7sxlKj3rd0wm4Us_ToTrSanCa3yYHMCIH5wu5UIgDdvDPEAfFYcU7nKv6vfRrg7SKFEhUuTP8gA&cpn=UMInIScPeez7ajtB&redirect_counter=1&rm=sn-h0jls7l&req_id=fa7b21a6d7c36e2&cms_redirect=yes&cmsv=e&ipbypass=yes&mh=Ck&mip=2a01:4a0:2b::11&mm=31&mn=sn-4g5ednly&ms=au&mt=1653675690&mv=u&mvi=4&pl=29&lsparams=ipbypass,mh,mip,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIgCG-xzQzW4jIkkaPjexaWocWrTlU6N0L-WJGyCnv4i0kCIQDd1yEZlUQl851N2xeCo0WuKXEG8hFK38GDP_xv-OvSGQ%3D%3D
Request Chain 243
  • https://colossusssp.com/?c=o&m=cookie HTTP 302
  • https://sync.colossusssp.com/hms.gif
Request Chain 248
  • https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fshadowandact.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F HTTP 302
  • https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fshadowandact.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Request Chain 252
  • https://token.rubiconproject.com/token?pid=36584 HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L3OSVROS-26-99K7
Request Chain 253
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=11Yn9O3URdOQsojRBJcqMg&rk=usync-na HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=11Yn9O3URdOQsojRBJcqMg
Request Chain 254
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/-kcVtYLsIJCs1lnAPsv0lMn5EUdSAgOZEtemQ7w0kco?csrc= HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=625178128464289871
Request Chain 255
  • https://token.rubiconproject.com/token?pid=25470 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDNPU1ZST1MtMjYtOTlLNw==
Request Chain 256
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEAEhtHbtDGoNTJqIgYbvb64&google_cver=1
Request Chain 257
  • https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NzRkOWNkMDBmZTA5MTRkZTY4ODRhOTA1YjdjYjQ3ZDU1ZDI5NDJjMg
Request Chain 258
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id= HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=QB4lFC5mRReUz6rdKI3d5g&rk=usync-other HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=QB4lFC5mRReUz6rdKI3d5g
Request Chain 260
  • https://c1.adform.net/serving/cookie/match?party=14&cid=3BAA82F1-396D-4543-9BC8-CD06037CA850 HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=3BAA82F1-396D-4543-9BC8-CD06037CA850
Request Chain 261
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=1902524812053439895
Request Chain 262
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:eeca6291-1db9-4700-bc78-1acd8f573a90&gdpr=0&gdpr_consent=
Request Chain 264
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=O6qC8TltRUObyM0GA3yoUA%3D%3D HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Request Chain 265
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=1bca6291-1db9-4c00-aa24-8c6b7b149698
Request Chain 266
  • https://pixel.onaudience.com/?partner=214&mapped=3BAA82F1-396D-4543-9BC8-CD06037CA850 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=1
Request Chain 267
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=M0JBQTgyRjEtMzk2RC00NTQzLTlCQzgtQ0QwNjAzN0NBODUw&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 268
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESECYDQLyLLrCMRrcmj3ckU-Y&google_cver=1
Request Chain 270
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=5791635389266032506
Request Chain 272
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=3819475946486894415&gdpr=0&gdpr_consent=
Request Chain 276
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YpEduMjJuSTTClLZU9VjiQAABHsAAAIB HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YpEduMjJuSTTClLZU9VjiQAABHsAAAIB&dcc=t
Request Chain 277
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YpEduMjJuSTTClLZU9VjiQAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEPaGroeCXYrPbkVVxUyTwCw&google_cver=1&gdpr=1
Request Chain 278
  • https://sync.adotmob.com/cookie/indexexchange?r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7bamob_user_id%7d%26expiration%3D%5bEXPIRATION%5d&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=%7Bamob_user_id%7D&expiration=[EXPIRATION]&gdpr=1
Request Chain 279
  • https://sync.extend.tv/r.gif?exchange=index HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=e1edfd3c-408c-40b2-a4f7-a4171f995a09
Request Chain 290
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D312%26uid%3D%24UID HTTP 302
  • https://ads.servenobid.com/sync?pid=312&uid=3819475946486894415
Request Chain 291
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D HTTP 302
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D&dnr=1 HTTP 302
  • https://ads.servenobid.com/sync?pid=310&uid=EtkLqRZHHsMfVmErS2qS7Sju
Request Chain 293
  • https://x.yieldlift.com/getuid?r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D314%26uid%3D%24UID HTTP 301
  • https://ads.servenobid.com/sync?pid=314&uid=eyJ4dWlkIjoiZmYxNmI0MmQtOTgzYy00Mzk1LWI5MTUtMzhlYjRlYWRmMTYyIiwiZHAiOnt9LCJiZGF5IjoiMjAyMi0wNS0yN1QxODo1MTozNy4xMjU1M1oifQ==
Request Chain 294
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D HTTP 302
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&zcc=1&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D&cb=1653677496804 HTTP 302
  • https://ads.servenobid.com/sync?pid=321&uid=OPTOUT
Request Chain 295
  • https://p.rfihub.com/cm?pub=44007&in=1 HTTP 302
  • https://ads.servenobid.com/sync?pid=324&uid=5141210820649358048
Request Chain 297
  • https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=1YN-&&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D327%26uid%3D HTTP 302
  • https://ads.servenobid.com/sync?pid=327&uid=3b8802a3-b7af-4f16-adef-4ff9c6d10652&gdpr=0&gdpr_consent=&us_privacy=1YN-
Request Chain 298
  • https://ups.analytics.yahoo.com/ups/58559/occ HTTP 302
  • https://ads.servenobid.com/sync?pid=337&uid=y-fiR4cRZE2uF80oLIzrTBgz0x9CUqk37006O6y8Q-~A
Request Chain 299
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID HTTP 302
  • https://usersync.gumgum.com/usersync?b=apn&i=3819475946486894415
Request Chain 300
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_0fcd2be6-7c31-488d-becb-5374374aef14&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
  • https://bidswitch-eu.splicky.com/cm?bidswitch_ssp_id=gumgum2&bsw_custom_parameter=14018679-16a5-4ae5-ac7b-b9be47c7a84f HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=311&user_id=&user_group=2&ssp=gumgum2&expires=10&bsw_param=14018679-16a5-4ae5-ac7b-b9be47c7a84f HTTP 302
  • https://usersync.gumgum.com/usersync?b=bsw&i=14018679-16a5-4ae5-ac7b-b9be47c7a84f
Request Chain 301
  • https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=0&gdprConsent=&platformRdUrl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRdUrl%7D HTTP 302
  • https://usersync.gumgum.com/usersync?b=obn&i=ENC%28g5b78a-8ZwLk4kBbTJKhqf1nmAVHXZNGxbNah5b7zygCUbvRjx4iDNDnGb1D-Koz%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%26platformUid%3D%7Bplatform_uid%7D%26obuid%3DENC%28g5b78a-8ZwLk4kBbTJKhqf1nmAVHXZNGxbNah5b7zygCUbvRjx4iDNDnGb1D-Koz%29 HTTP 302
  • https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=e_0fcd2be6-7c31-488d-becb-5374374aef14&obuid=ENC(g5b78a-8ZwLk4kBbTJKhqf1nmAVHXZNGxbNah5b7zygCUbvRjx4iDNDnGb1D-Koz) HTTP 302
  • https://sync.outbrain.com/syncPartner?platformId=GUMGU18H7EL9NI653I7DPEH51 HTTP 302
  • https://ice.360yield.com/server_match?partner_id=1863&r=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dimprove_digital%26uid%3D%7BPUB_USER_ID%7D%26obUid%3Dg5b78a-8ZwLk4kBbTJKhqf1nmAVHXZNGxbNah5b7zygCUbvRjx4iDNDnGb1D-Koz HTTP 302
  • https://sync.outbrain.com/cookie-sync?p=improve_digital&uid=eee90cfa-9fab-4d4a-b737-998726c01d81&obUid=g5b78a-8ZwLk4kBbTJKhqf1nmAVHXZNGxbNah5b7zygCUbvRjx4iDNDnGb1D-Koz
Request Chain 302
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D HTTP 302
  • https://us-u.openx.net/w/1.0/cm?cc=1&_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=opx&i=00664826-adf3-4834-a858-9222deb95b45
Request Chain 303
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb.gumgum.com/usersync?b=sta&i=0-5943c878-7efb-413c-409e-6ea4f3eecb8c$ip$81.95.5.36
Request Chain 304
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent= HTTP 302
  • https://rtb.gumgum.com/usersync?b=oth&i=y-aL4lMHFE2pfMJ.BT52nvBc_XlozaDJfVlP8u~A
Request Chain 305
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dvnt%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=vnt&i=097155b1-ddee-11ec-aa8d-45b80e638bcc
Request Chain 306
  • https://sync.technoratimedia.com/services?srv=cs&pid=65&us_privacy=1---&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsnc%26i%3D%5BUSER_ID%5D HTTP 307
  • https://usersync.gumgum.com/usersync?b=snc&i=GDPR
Request Chain 308
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=e_0fcd2be6-7c31-488d-becb-5374374aef14&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
  • https://stags.bluekai.com/site/23178?id=RWf-kswCiQqVEbh6wM2Y&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS64TUMIXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTHMRYHEPJQEZUT2USXMYWWW43XINUVC4KWIVRGQNTXJUZFSJTVONPXA4TJOZQWG6J5GEWS2LI&gdpr=0&us_privacy=1--- HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS64TUMIXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTHMRYHEPJQEZUT2USXMYWWW43XINUVC4KWIVRGQNTXJUZFSJTVONPXA4TJOZQWG6J5GEWS2LI HTTP 302
  • https://rtb.gumgum.com/usersync?b=zem&gdpr=0&i=RWf-kswCiQqVEbh6wM2Y&us_privacy=1---
Request Chain 309
  • https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D HTTP 302
  • https://ad.360yield.com/ul_cb/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D HTTP 302
  • https://usersync.gumgum.com/usersync?b=idi&i=eee90cfa-9fab-4d4a-b737-998726c01d81
Request Chain 310
  • https://sync.1rx.io/usersync2/floor6?gdpr=0&gdpr_consent=&dspret=1&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3D%5BRX_UUID%5D HTTP 302
  • https://sync.1rx.io/usersync2/floor6?zcc=1&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3D%5BRX_UUID%5D&cb=1653677496826 HTTP 302
  • https://usersync.gumgum.com/usersync?b=rhy&i=OPTOUT
Request Chain 311
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25 HTTP 302
  • https://usersync.gumgum.com/usersync?b=pln&i=tJq3nMfDUUuS&ev=1&pid=558355
Request Chain 312
  • https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=sad&i=2906828476072430406
Request Chain 314
  • https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=0&gdpr_consent=&redir=https%3a%2f%2fusersync.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d HTTP 302
  • https://usersync.gumgum.com/usersync?b=mmh&i=91856291-1db9-4f00-864c-9bfc0d533988&gdpr=0&gdpr_consent=
Request Chain 319
  • https://cs.emxdgt.com/um?redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID&gdpr=0&gdpr_consent= HTTP 302
  • https://ib.adnxs.com/getuid?https://cs.emxdgt.com/umcheck?apnxid=$UID&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24EMXUID HTTP 302
  • https://cs.emxdgt.com/umcheck?apnxid=3819475946486894415&redirect=https://usersync.gumgum.com/usersync?b=emx&i=$EMXUID HTTP 302
  • https://usersync.gumgum.com/usersync?b=emx&uid=3819475946486894415brt18311653677497123918f1
Request Chain 320
  • https://tg.socdm.com/aux/idsync?proto=gumgum HTTP 302
  • https://rtb.gumgum.com/usersync?b=sus&i=YpEducCo5tEAAONcAD0AAAAA
Request Chain 321
  • https://creativecdn.com/cm-notify?pi=gumgum HTTP 302
  • https://creativecdn.com/cm-notify?pi=gumgum&tc=1 HTTP 302
  • https://rtb.gumgum.com/usersync?b=rth&i=o0lkGltASx6qoORq4rkc&pi=gumgum&tc=1
Request Chain 322
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=gumgum
Request Chain 326
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=1d146291-1db9-4200-bd1c-4ff381bfc02d&gdpr=1&gdpr_consent=
Request Chain 327
  • https://p.rfihub.com/cm?in=1&pub=2079&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5124322322071111566
Request Chain 328
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YpEduMjJuSTTClLZU9VjiQAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEPaGroeCXYrPbkVVxUyTwCw&google_cver=1&gdpr=1
Request Chain 336
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=135&partneruserid=TAM_OK&redirurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fdcm%3Fpid%3D72348060-38ad-4586-8e4f-f1e2a8e789b3%26id%3DSMART_USER_ID&gdpr=0&gdpr_consent= HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=72348060-38ad-4586-8e4f-f1e2a8e789b3&id=2906828476072430406&gdpr=0&gdpr_consent=
Request Chain 337
  • https://gu.dyntrk.com/adx/sma/us.php?dynk=sma4rt4bt4fg&sspurl=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D69%26partneruserid%3DPARTNER_USER_ID%26gdpr%3D$GDPR%26gdpr_consent%3D$GDPR_CONSENT&gdpr=0&gdpr_consent= HTTP 302
  • https://gu.dyntrk.com/adx/sma/us.php?dynk=sma4rt4bt4fg&sspurl=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D69%26partneruserid%3DPARTNER_USER_ID%26gdpr%3D$GDPR%26gdpr_consent%3D$GDPR_CONSENT&gdpr=0&gdpr_consent=&prevuid=05030002_62911db9047d9&knw= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=69&partneruserid=05030002_62911db9047d9&gdpr=0&gdpr_consent=
Request Chain 339
  • https://pixel.quantserve.com/pixel/p-EtBqU4Lj3YbAv.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?partnerid=80&&partneruserid=BOJD-wO0GPMf4E_-CrVXrwWxSf8f4x74ULPxFfSf

353 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
shadowandact.com/
Redirect Chain
  • http://shadowandact.com/
  • https://shadowandact.com/
81 KB
23 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://shadowandact.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.214.231 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
231.214.227.35.bc.googleusercontent.com
Software
/
Resource Hash
f99a04a39f41d2c52fd71ffabe78539d81cd0c4699866c05df6efce45e2bbc93

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Fri, 27 May 2022 18:51:30 GMT
etag
"14527-fpLId1IZLQQrooZPB2/CXWD/r4E"
vary
Accept-Encoding
via
1.1 google

Redirect headers

Cache-Control
private
Content-Length
226
Content-Type
text/html; charset=UTF-8
Date
Fri, 27 May 2022 18:51:30 GMT
Location
https://shadowandact.com:443/
Referrer-Policy
no-referrer
css2
fonts.googleapis.com/ 		764 B
887 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Courier+Prime&display=swap
Requested by
Host: shadowandact.com
URL: https://shadowandact.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
75f62fc4dac0d25b6281a3ea17e1c90e38aa45ecc30b3d3887b16fdb976895ad
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://shadowandact.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 27 May 2022 18:51:31 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Fri, 27 May 2022 18:51:31 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 27 May 2022 18:51:31 GMT
css2
fonts.googleapis.com/ 		5 KB
661 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Montserrat:wght@400;600;700&display=swap
Requested by
Host: shadowandact.com
URL: https://shadowandact.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
1d1c9bc6f9d52ed8f452bafb66bbfa138f0c01a3bdc9779440eda71895bd8b07
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://shadowandact.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 27 May 2022 18:09:54 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Fri, 27 May 2022 18:51:31 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 27 May 2022 18:51:31 GMT
gShsHYSq.js
cdn.jwplayer.com/libraries/ 		127 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jwplayer.com/libraries/gShsHYSq.js
Requested by
Host: shadowandact.com
URL: https://shadowandact.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2315:4200:1:a3fa:7cc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
openresty /
Resource Hash
2de1164e9dd14a4d197b6356eb1beea40a0d60b676fa1758eeb627df9a3851b5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://shadowandact.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 27 May 2022 18:51:31 GMT
content-encoding
gzip
server
openresty
x-amz-cf-pop
DUS51-P2
x-cache
Miss from cloudfront
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=150, max-stale=180
content-length
41534
via
1.1 d45a8c6f9f33ed6e98c7762d0a4f951a.cloudfront.net (CloudFront)
x-amz-cf-id
IyP8PaJb-LVkw_cR6IoJyIhOP-Cki9DFPN06emwX81KgLgCZr8vpCA==
expires
Fri, 27 May 2022 18:54:01 GMT
/
load.sumome.com/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://load.sumome.com/
Requested by
Host: shadowandact.com
URL: https://shadowandact.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.152.64.17 Prague, Czech Republic, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-185-152-64-17.datapacket.com
Software
BunnyCDN-CZ1-887 /
Resource Hash
75cde5cd327239276b3bafb85d50f38fbd3b77bd15984deb9f6c02dd01b8ff86

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://shadowandact.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 27 May 2022 18:51:31 GMT
content-encoding
br
cdn-edgestorageid
887
x-amz-request-id
GATEW0S355SKPD8F
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-cachedat
03/13/2022 13:04:19
cdn-pullzone
53731
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-amz-id-2
5tlOleJ/nlKmsXDpaGx366BhbaikceSmEQLZGaxZX22b3vtF//nR1dLLatFCL+Zg3z7FtoNLj7A=
server
BunnyCDN-CZ1-887
access-control-allow-origin
*
last-modified
Mon, 10 Jan 2022 18:22:56 GMT
cdn-proxyver
1.02
cdn-requestpullcode
200
etag
W/"415c9608bc47ee8a16b3a2f2c0aee7b0"
vary
Accept-Encoding
content-type
text/javascript
cdn-cache
HIT
cdn-uid
a61f2e95-f685-45ef-9e80-35f4adfb29cb
cache-control
max-age=600
cdn-requestid
352b5fcad5d5723dc71e23a29a658bf1
cdn-requestcountrycode
DE
cdn-status
200
cdn-requestpullsuccess
True
keywee.min.js
dc8xl0ndzn2cb.cloudfront.net/js/shadowandactcom/v0/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://dc8xl0ndzn2cb.cloudfront.net/js/shadowandactcom/v0/keywee.min.js
Requested by
Host: shadowandact.com
URL: https://shadowandact.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.66.107.155 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-107-155.fra56.r.cloudfront.net
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://shadowandact.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers
/
66c37c86af1b42cd94b050774081e5e2.js.ubembed.com/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://66c37c86af1b42cd94b050774081e5e2.js.ubembed.com/
Requested by
Host: shadowandact.com
URL: https://shadowandact.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.131 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
1c2334732b90db19180dfb4e5a358ee2981231b13987654c60af5c8227d32aa1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://shadowandact.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 27 May 2022 18:51:31 GMT
content-encoding
br
x-backend-region
eu_west_1
age
685
etag
W/36af4d072511bb2ac07e0819f7b7d83f-v0.179.2
vary
Accept-Encoding, Referer
x-cache
Miss from cloudfront, HIT
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=0, must-revalidate
x-amz-cf-pop
FRA56-P3
accept-ranges
none
x-amz-apigw-id
SzEpIFZzjoEF3Ew=
outbrain.js
widgets.outbrain.com/ 		200 KB
69 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widgets.outbrain.com/outbrain.js
Requested by
Host: shadowandact.com
URL: https://shadowandact.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.20.157.165 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-20-157-165.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
952e6e6fc113c9de46e75d15d57cff1c83eb44ed44d2e773c9735e4227578195

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://shadowandact.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 27 May 2022 18:51:32 GMT
content-encoding
gzip
last-modified
Thu, 26 May 2022 14:29:37 GMT
etag
"16-X9YZo4fOsPHJk0fDaza3sQaOE/U"
vary
Accept-Encoding
edge-cache-tag
widget-cheetah-stg
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=14400
access-control-allow-credentials
false
access-control-allow-methods
GET,POST
x-traceid
59340935a26f92887f2992df1fa519f8
timing-allow-origin
*, *
pushly-sdk.min.js
cdn.p-n.io/ 		325 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.p-n.io/pushly-sdk.min.js?domain_key=iRqvNWJBLbniLnLOq5Q8pIMSeeUEEyd7ufKC
Requested by
Host: shadowandact.com
URL: https://shadowandact.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.248.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-248-59.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
aee0d8bc13f524568c9ffa316e517c7bfd6ca8b937fc63efe39effa52e38b544

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://shadowandact.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 27 May 2022 18:45:45 GMT
content-encoding
gzip
last-modified
Thu, 05 Mar 2020 15:24:54 GMT
server
AmazonS3
age
347
etag
W/"6991f303925e8c6a3e36d2f7877a67fb"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 cca0e030e1fac6fb27702d182fb6a74a.cloudfront.net (CloudFront)
cache-control
max-age=900
x-amz-cf-pop
DUS51-P1
x-amz-cf-id
OWmPVwp--9jCGg9o3B64wm1djrCtt_FUtSwb6Kd-7IJ8r8ZFkwU9cg==
adgrid.js
shadowandact.com/ 		363 B
322 B 		Script
General
Check archive.org
Download Go to
Full URL
https://shadowandact.com/adgrid.js
Requested by
Host: shadowandact.com
URL: https://shadowandact.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.214.231 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
231.214.227.35.bc.googleusercontent.com
Software
/
Resource Hash
d7ffc5dbafe863985902dd164bbd27ca81ba2db75aae03f2510854f4a6f2dc6a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://shadowandact.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 27 May 2022 18:51:31 GMT
via
1.1 google
last-modified
Thu, 19 May 2022 15:55:16 GMT
etag
W/"16b-180dd07c6a0"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public,max-age=0
accept-ranges
bytes
content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
255a8fb.js
shadowandact.com/_nuxt/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://shadowandact.com/_nuxt/255a8fb.js
Requested by
Host: shadowandact.com
URL: https://shadowandact.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.214.231 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
231.214.227.35.bc.googleusercontent.com
Software
/
Resource Hash
edd23c13257a30fed329422f34c3b0e6024414b054094e98a9779e3fff662c7f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://shadowandact.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 27 May 2022 13:37:08 GMT
via
1.1 google
last-modified
Thu, 19 May 2022 15:57:21 GMT
age
18863
etag
W/"9b5-180dd09aee8"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public,max-age=3600
accept-ranges
bytes
content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1247
f08d0a8.js
shadowandact.com/_nuxt/ 		198 KB
67 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://shadowandact.com/_nuxt/f08d0a8.js
Requested by
Host: shadowandact.com
URL: https://shadowandact.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.214.231 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
231.214.227.35.bc.googleusercontent.com
Software
/
Resource Hash
db87975ffce88143990eda04f18bf7f50a8938eecdeb0ec1d51bff5738970b08

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://shadowandact.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 26 May 2022 19:18:37 GMT
via
1.1 google
last-modified
Thu, 19 May 2022 15:57:21 GMT
age
84774
etag
W/"316f5-180dd09aee8"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public,max-age=3600
accept-ranges
bytes
content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68375
814b4a5.js
shadowandact.com/_nuxt/ 		426 KB
134 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://shadowandact.com/_nuxt/814b4a5.js
Requested by
Host: shadowandact.com
URL: https://shadowandact.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.214.231 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
231.214.227.35.bc.googleusercontent.com
Software
/
Resource Hash
08ebd705b057a3ea518837a696993c9bcda6c238cb94bad7b71a62ffdc614970

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://shadowandact.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 26 May 2022 22:03:18 GMT
via
1.1 google
last-modified
Thu, 19 May 2022 15:57:21 GMT
age
74893
etag
W/"6a764-180dd09aee8"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public,max-age=3600
accept-ranges
bytes
content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
137323
886b393.js
shadowandact.com/_nuxt/ 		214 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://shadowandact.com/_nuxt/886b393.js
Requested by
Host: shadowandact.com
URL: https://shadowandact.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.214.231 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
231.214.227.35.bc.googleusercontent.com
Software
/
Resource Hash
af759a83b0b693a2de6dec0f4ffddd80db6a622a3058d8153e56a43ef975b52a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://shadowandact.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 27 May 2022 16:09:59 GMT
via
1.1 google
last-modified
Thu, 19 May 2022 15:57:21 GMT
age
9692
etag
W/"3566b-180dd09aee8"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public,max-age=3600
accept-ranges
bytes
content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
53252
571574e.js
shadowandact.com/_nuxt/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://shadowandact.com/_nuxt/571574e.js
Requested by
Host: shadowandact.com
URL: https://shadowandact.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.214.231 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
231.214.227.35.bc.googleusercontent.com
Software
/
Resource Hash
293fe01721d4628c375aa84fc6897894c53d0e13e15b4a6d5037f382c1997023

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://shadowandact.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 27 May 2022 18:40:30 GMT
via
1.1 google
last-modified
Thu, 19 May 2022 15:57:21 GMT
age
661
etag
W/"250d-180dd09aee8"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public,max-age=3600
accept-ranges
bytes
content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2966
shadow-and-act-logo-white.svg
shadowandact.com/images/ 		11 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://shadowandact.com/images/shadow-and-act-logo-white.svg
Requested by
Host: shadowandact.com
URL: https://shadowandact.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.227.214.231 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
231.214.227.35.bc.googleusercontent.com
Software
/
Resource Hash
196300a732903456ce811b730755b3e0920433f3be8fdafde62ed805fd8b8073

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://shadowandact.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 27 May 2022 18:51:31 GMT
via
1.1 google
last-modified
Thu, 19 May 2022 15:55:16 GMT
etag
W/"2c24-180dd07c6a0"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public,max-age=0
accept-ranges
bytes
content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
danny1.jpeg
cms.shadowandact.com/wp-content/uploads/2022/05/ 		252 KB
253 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms.shadowandact.com/wp-content/uploads/2022/05/danny1.jpeg
Requested by
Host: shadowandact.com
URL: https://shadowandact.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
146.148.110.40 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
40.110.148.146.bc.googleusercontent.com
Software
nginx /
Resource Hash
891467d8f26788367d10371417978ea5811d09bcc0cac773c415d8facbe4ee4e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://shadowandact.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 27 May 2022 18:51:32 GMT
last-modified
Fri, 27 May 2022 17:57:20 GMT
server
nginx
etag
"62911100-3f1b5"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
258485
ad-grid-shadowandact-com.js
console.adgrid.io/adgrid-build/ 		758 KB
202 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://console.adgrid.io/adgrid-build/ad-grid-shadowandact-com.js
Requested by
Host: shadowandact.com
URL: https://shadowandact.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:609 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
50d45537ca7de540db0b85a1b3f930e9e6941d749561b9137f17296b78283855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://shadowandact.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 27 May 2022 18:51:31 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5534
cf-polished
origSize=776297
last-modified
Wed, 11 May 2022 18:28:04 GMT
server
cloudflare
etag
W/"bd869-5dec09a1a3a3b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6A8Zn3fmchLU2kWFVsXHFgW%2Bz2CMriC4zhOcpPccFSYfLsKnZ9DCJVEwmX5O9olFIXdYg0C3g0tDKmYU%2FPcgY6%2BSOwvUv7GzKuqv2x0a3meEHvmZ%2B6WRMEz7uNx%2FsUfFl67kGcaxxjZfVkSQLTzM"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=31536000
cf-ray
7120f1448d3e912b-FRA
cf-bgj
minify
205946X1691322.skimlinks.js
s.skimresources.com/js/ 		56 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.skimresources.com/js/205946X1691322.skimlinks.js
Requested by
Host: shadowandact.com
URL: https://shadowandact.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
02f226de6f07171bc49dec1b78eeb0bdb6a64410538aea1eb738263096f547a2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://shadowandact.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 27 May 2022 18:51:31 GMT
content-encoding
gzip
last-modified
Thu, 31 Mar 2022 17:01:01 GMT
server
AmazonS3
x-amz-request-id
D3FEEQGQFC65V4A1
etag
"97ea2ce1494845feddc7c38533e2cf0e"
x-hw
1653677491.cds041.fr8.hn,1653677491.cds107.fr8.c
content-type
application/octet-stream
cache-control
max-age=3600
accept-ranges
bytes
content-length
20703
x-amz-id-2
J/GPdf3tQINPksqSTEYT2DEJCa+pXxoYgQuCLqdnRA7IfKR11yD9hqiC4anB3wwUN1qEykwSFuc=
connatix.playspace.dc.js
cds.connatix.com/p/164162/ Frame 346C
Redirect Chain
  • https://cd.connatix.com/connatix.playspace.js
  • https://cds.connatix.com/p/164162/connatix.playspace.dc.js
885 KB
206 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cds.connatix.com/p/164162/connatix.playspace.dc.js
Requested by
Host: shadowandact.com
URL: https://shadowandact.com/
Protocol
H2
Server
151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
d27e312d3785783c6d98182e18c94caf23b0b81e06b1dae83edce0d358bb492e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 27 May 2022 18:51:31 GMT
content-encoding
br
last-modified
Fri, 27 May 2022 14:17:29 GMT
age
16114
etag
"a37ace1b0d530aa7cf4d38fc1f6377c8"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
access-control-max-age
86400
cache-control
public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges
bytes
content-length
210451

Redirect headers

location
https://cds.connatix.com/p/164162/connatix.playspace.dc.js
date
Fri, 27 May 2022 18:51:31 GMT
cache-control
no-cache, no-store, must-revalidate, max-age=0
accept-ranges
bytes
content-length
0
access-control-max-age
86400
JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v24/ 		30 KB
31 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v24/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@400;600;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c8f7c04f8d691138d54380550d91349271ca19cfc0f3f6666c401cfa892a12f8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://shadowandact.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 24 May 2022 17:07:05 GMT
x-content-type-options
nosniff
age
265466
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30876
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 14:37:35 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 24 May 2023 17:07:05 GMT
u-450q2lgwslOqpF_6gQ8kELawFpWg.woff2
fonts.gstatic.com/s/courierprime/v7/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/courierprime/v7/u-450q2lgwslOqpF_6gQ8kELawFpWg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Courier+Prime&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cb8761bf3adb57942e0f6bdea353ba81e8a57a44b2c8600cd50387fb3c8fa14a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://shadowandact.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 26 May 2022 23:59:04 GMT
x-content-type-options
nosniff
age
67947
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18764
x-xss-protection
0
last-modified
Thu, 21 Apr 2022 16:44:44 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 26 May 2023 23:59:04 GMT
72.0a035390359aab65eb82.js
load.sumo.com/ 		131 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://load.sumo.com/72.0a035390359aab65eb82.js
Requested by
Host: load.sumome.com
URL: https://load.sumome.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.152.64.17 Prague, Czech Republic, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-185-152-64-17.datapacket.com
Software
BunnyCDN-CZ1-887 /
Resource Hash
73c748a03b271d7a4d7c1ed120f668653c1d7ed4632748920048ddcde2e6d759

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://shadowandact.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 27 May 2022 18:51:31 GMT
content-encoding
br
cdn-edgestorageid
887
x-amz-request-id
2XT97DT0C0GXK5KC
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-cachedat
03/13/2022 13:04:20
cdn-pullzone
53731
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-amz-id-2
dCVi3ofsuXB8MuRfZt/N4Ei6Qxg1IfmVwy7PUtkHubvFxpQxIu7Op+8zccITo/BRb4qNpq/SuJA=
server
BunnyCDN-CZ1-887
access-control-allow-origin
*
last-modified
Mon, 10 Jan 2022 18:22:32 GMT
cdn-proxyver
1.02
cdn-requestpullcode
200
etag
W/"a1c4ecc2ca5bc12d61068cd427f9729f"
vary
Accept-Encoding, Accept-Encoding
content-type
text/javascript
cdn-cache
HIT
cdn-uid
a61f2e95-f685-45ef-9e80-35f4adfb29cb
cache-control
max-age=31536000
cdn-requestid
2cacb556297d380fd0d22a70467024da
cdn-requestcountrycode
DE
cdn-status
200
cdn-requestpullsuccess
True
73.0a035390359aab65eb82.js
load.sumo.com/ 		289 KB
100 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://load.sumo.com/73.0a035390359aab65eb82.js
Requested by
Host: load.sumome.com
URL: https://load.sumome.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.152.64.17 Prague, Czech Republic, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-185-152-64-17.datapacket.com
Software
BunnyCDN-CZ1-887 /
Resource Hash
f452c0a329f17acfb74497d9ddef4a0d5af4166d43da2a3824387fc71205cd4f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://shadowandact.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 27 May 2022 18:51:31 GMT
content-encoding
br
cdn-edgestorageid
887
x-amz-request-id
2XT2994WWMS94BG0
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-cachedat
03/13/2022 13:04:20
cdn-pullzone
53731
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-amz-id-2
+XoJWvvKHD6sZhQMgfdGGNafTQAey9UenDDTRMlIQjNQbqlQB3KaR7KFmKuG+DxMh6OhN6SEoLU=
server
BunnyCDN-CZ1-887
access-control-allow-origin
*
last-modified
Mon, 10 Jan 2022 18:22:33 GMT
cdn-proxyver
1.02
cdn-requestpullcode
200
etag
W/"ad6f2454f01de902ffd473d51c1207bf"
vary
Accept-Encoding, Accept-Encoding
content-type
text/javascript
cdn-cache
HIT
cdn-uid
a61f2e95-f685-45ef-9e80-35f4adfb29cb
cache-control
max-age=31536000
cdn-requestid
a1cff4c18ed4a997d029afa6849575bd
cdn-requestcountrycode
DE
cdn-status
200
cdn-requestpullsuccess
True
/
r.skimresources.com/api/ 		177 B
392 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://r.skimresources.com/api/
Requested by
Host: s.skimresources.com
URL: https://s.skimresources.com/js/205946X1691322.skimlinks.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.59.101 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
101.59.190.35.bc.googleusercontent.com
Software
openresty/1.11.2.5 /
Resource Hash
11287687c9cf584767bc3f85a06db55703f8d765a1d48449efbe487ed6924f26
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://shadowandact.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Fri, 27 May 2022 18:51:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
openresty/1.11.2.5
strict-transport-security
max-age=31536000
content-type
application/json
access-control-allow-origin
https://shadowandact.com
vary
Accept-Encoding
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via
1.1 google
robots.txt
t.skimresources.com/api/v2/ Frame 2B48 		0
134 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.skimresources.com/api/v2/robots.txt?__skimjs_preflight__please_ignore__=true&rnd=0.5243843886640431
Requested by
Host: shadowandact.com
URL: https://shadowandact.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.67.47 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
47.67.201.35.bc.googleusercontent.com
Software
Python/3.7 aiohttp/3.5.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 27 May 2022 18:51:31 GMT
via
1.1 google
server
Python/3.7 aiohttp/3.5.4
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/plain charset=UTF-8
px.gif
p.skimresources.com/ 		43 B
276 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p.skimresources.com/px.gif?ch=1&rn=9.290053107614266
Requested by
Host: shadowandact.com
URL: https://shadowandact.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.91.160 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
160.91.190.35.bc.googleusercontent.com
Software
Skimlinks Pixel 1.0 /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://shadowandact.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 27 May 2022 18:51:31 GMT
via
1.1 google
server
Skimlinks Pixel 1.0
p3p
policyref="http://skimlinks.com/w3c/p3p.xml", CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
content-type
image/gif
px.gif
p.skimresources.com/ 		43 B
102 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p.skimresources.com/px.gif?ch=2&rn=9.290053107614266
Requested by
Host: shadowandact.com
URL: https://shadowandact.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.91.160 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
160.91.190.35.bc.googleusercontent.com
Software
Skimlinks Pixel 1.0 /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://shadowandact.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 27 May 2022 18:51:31 GMT
via
1.1 google
server
Skimlinks Pixel 1.0
p3p
policyref="http://skimlinks.com/w3c/p3p.xml", CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
content-type
image/gif
81f8897.js
shadowandact.com/_nuxt/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://shadowandact.com/_nuxt/81f8897.js
Requested by
Host: shadowandact.com
URL: https://shadowandact.com/_nuxt/255a8fb.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.227.214.231 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
231.214.227.35.bc.googleusercontent.com
Software
/
Resource Hash
efbbda6160adbb78e20f51606567582468c1b6d19664b71ed0ef3bed07a0a208

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://shadowandact.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 27 May 2022 17:06:15 GMT
via
1.1 google
last-modified
Thu, 19 May 2022 15:57:21 GMT
age
6316
etag
W/"11bc-180dd09aee8"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public,max-age=3600
accept-ranges
bytes
content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1782
fbevents.js
connect.facebook.net/en_US/ 		99 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: shadowandact.com
URL: https://shadowandact.com/_nuxt/886b393.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
4a9a6afeba8624295a87efaf0d3c76fa7a55271f310adffcfa683bccacc0fc5d
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://shadowandact.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
26310
x-xss-protection
0
pragma
public
x-fb-debug
1t5jHwKGvk0J5X2RH7t2lsg9/SiiCzhoANMwqoFRoYZgGQ8vdmZB7mTMJFSh6R0VRj+xo4TGK/j99DZ5IC7wlQ==
x-fb-trip-id
917726464
x-frame-options
DENY
date
Fri, 27 May 2022 18:51:31 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
expires
Sat, 01 Jan 2000 00:00:00 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: shadowandact.com
URL: https://shadowandact.com/_nuxt/814b4a5.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://shadowandact.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
1944
date
Fri, 27 May 2022 18:19:08 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Fri, 27 May 2022 20:19:08 GMT
beacon.js
sb.scorecardresearch.com/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/beacon.js
Requested by
Host: shadowandact.com
URL: https://shadowandact.com/_nuxt/886b393.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.157.4.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-157-4-38.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://shadowandact.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 27 May 2022 02:04:51 GMT
content-encoding
gzip
etag
W/"1827f116c73f319409b97f10b8a58ade"
last-modified
Fri, 26 Feb 2021 14:35:05 GMT
server
AmazonS3
age
61641
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 ba922c695b86542cbfc03c782d8776d4.cloudfront.net (CloudFront)
x-amz-cf-pop
DUS51-P2
x-amz-cf-id
E81T594j4XOVkdVkz9WZiRfuWHWlu5zOTfvm3pQ-C5HEsj0yxRLKYw==
si
capi.connatix.com/tr/ 		42 B
42 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://capi.connatix.com/tr/si?3f40e27c-3e51-471e-94ce-9d663bd2110d
Requested by
Host: shadowandact.com
URL: https://shadowandact.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://shadowandact.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 27 May 2022 18:51:31 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json
access-control-max-age
86400
access-control-allow-credentials
true
accept-ranges
bytes
content-length
62
popular
cms.blavity.com/wp-json/v1/articles/ 		25 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cms.blavity.com/wp-json/v1/articles/popular?count=2
Requested by
Host: shadowandact.com
URL: https://shadowandact.com/_nuxt/f08d0a8.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
146.148.110.40 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
40.110.148.146.bc.googleusercontent.com
Software
nginx / WP Engine
Resource Hash
2c2c5b8f897d45367268223ff6e2727df0f4b3c0f2dce882b35711a751d92f0a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept
application/json, text/plain, */*
Referer
https://shadowandact.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 27 May 2022 18:51:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-cacheable
SHORT
x-powered-by
WP Engine
x-cache
HIT: 3
x-cache-group
normal
access-control-allow-headers
Authorization, X-WP-Nonce, Content-Disposition, Content-MD5, Content-Type
allow
GET
server
nginx
vary
Accept-Encoding, Accept-Encoding, Accept-Encoding,Cookie
access-control-allow-methods
OPTIONS, GET, POST, PUT, PATCH, DELETE
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://shadowandact.com
access-control-expose-headers
X-WP-Total, X-WP-TotalPages, Link
cache-control
max-age=600, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
link
<https://cms.blavity.com/wp-json/>; rel="https://api.w.org/"
popular
api.afrotech.com/v1/articles/ 		29 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.afrotech.com/v1/articles/popular?count=2
Requested by
Host: shadowandact.com
URL: https://shadowandact.com/_nuxt/f08d0a8.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.21.97 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
97.21.149.34.bc.googleusercontent.com
Software
/ Express
Resource Hash
64b98d1861cf8f17fdc40d1ca8adedfd227ee58562e99ff5df3636d61c94f39f

Request headers

Accept
application/json, text/plain, */*
Referer
https://shadowandact.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 27 May 2022 18:51:31 GMT
content-encoding
gzip
etag
W/"747a-bJ8QAYo/8pxaLIAyLbG6A+QhG5c"
x-powered-by
Express
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=900
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via
1.1 google
popular
api.travelnoire.com/v1/articles/ 		10 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.travelnoire.com/v1/articles/popular?count=2
Requested by
Host: shadowandact.com
URL: https://shadowandact.com/_nuxt/f08d0a8.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.152.54 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
54.152.117.34.bc.googleusercontent.com
Software
/ Express
Resource Hash
accf6e0d3fcb9fe39367fee5bd38d5e8e2ee80214198c569ee321e0110973c86

Request headers

Accept
application/json, text/plain, */*
Referer
https://shadowandact.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 27 May 2022 18:51:32 GMT
content-encoding
gzip
etag
W/"278f-xzkqFdEQnWxctig92DwXndMUe50"
x-powered-by
Express
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
public,max-age=3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via
1.1 google
ellen-switch.jpeg
cms.shadowandact.com/wp-content/uploads/2022/05/ 		116 KB
116 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms.shadowandact.com/wp-content/uploads/2022/05/ellen-switch.jpeg
Requested by
Host: shadowandact.com
URL: https://shadowandact.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
146.148.110.40 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
40.110.148.146.bc.googleusercontent.com
Software
nginx /
Resource Hash
7e447f5baf06a57b1faa3e0d73d7495022d6e52c5266f383e147b5e1df31e645

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://shadowandact.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 27 May 2022 18:51:32 GMT
last-modified
Fri, 27 May 2022 15:44:11 GMT
server
nginx
etag
"6290f1cb-1d081"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
118913
StrangerThings_StrangerThings4_1_00_19_18_18-1-scaled.jpg
cms.shadowandact.com/wp-content/uploads/2022/05/ 		239 KB
239 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms.shadowandact.com/wp-content/uploads/2022/05/StrangerThings_StrangerThings4_1_00_19_18_18-1-scaled.jpg
Requested by
Host: shadowandact.com
URL: https://shadowandact.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
146.148.110.40 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
40.110.148.146.bc.googleusercontent.com
Software
nginx /
Resource Hash
56baef642c218351cdaed0a1edec343bc21d1ca24a01f560f0e37abf0502f837

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://shadowandact.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 27 May 2022 18:51:32 GMT
last-modified
Fri, 27 May 2022 17:26:14 GMT
server
nginx
etag
"629109b6-3bb2c"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
244524
NUP_197531_00156.jpg
cms.shadowandact.com/wp-content/uploads/2022/05/ 		140 KB
140 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms.shadowandact.com/wp-content/uploads/2022/05/NUP_197531_00156.jpg
Requested by
Host: shadowandact.com
URL: https://shadowandact.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
146.148.110.40 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
40.110.148.146.bc.googleusercontent.com
Software
nginx /
Resource Hash
ced9f41fef6ee8c12ae0230c9b187eedee079e6ec777604114db71966d8be7b8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://shadowandact.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 27 May 2022 18:51:32 GMT
last-modified
Fri, 27 May 2022 17:12:20 GMT
server
nginx
etag
"62910674-22e61"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
142945
Screen-Shot-2022-05-27-at-9.03.05-AM.png
cms.shadowandact.com/wp-content/uploads/2022/05/ 		943 KB
945 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms.shadowandact.com/wp-content/uploads/2022/05/Screen-Shot-2022-05-27-at-9.03.05-AM.png
Requested by
Host: shadowandact.com
URL: https://shadowandact.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
146.148.110.40 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
40.110.148.146.bc.googleusercontent.com
Software
nginx /
Resource Hash
4f1f89a65c7a46c47bc95af769232b3d8f95cb4f93523b24a6a0bd9e12c073c4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://shadowandact.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 27 May 2022 18:51:32 GMT
last-modified
Fri, 27 May 2022 16:03:27 GMT
server
nginx
etag
"6290f64f-ebddf"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
966111
bridgerton.webp
cms.shadowandact.com/wp-content/uploads/2022/05/ 		324 KB
324 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms.shadowandact.com/wp-content/uploads/2022/05/bridgerton.webp
Requested by
Host: shadowandact.com
URL: https://shadowandact.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
146.148.110.40 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
40.110.148.146.bc.googleusercontent.com
Software
nginx /
Resource Hash
1463723d08f47e4d44c5159daa70a9ef52340d090049429a2d9450a57a99c4b6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://shadowandact.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 27 May 2022 18:51:32 GMT
last-modified
Fri, 27 May 2022 15:51:58 GMT
server
nginx
etag
"6290f39e-50e26"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
331302
6
api.shadowandact.com/v1/recentPost/4/ 		41 KB
41 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.shadowandact.com/v1/recentPost/4/6
Requested by
Host: shadowandact.com
URL: https://shadowandact.com/_nuxt/f08d0a8.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.233.141.87 The Dalles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
87.141.233.35.bc.googleusercontent.com
Software
nginx/1.10.3 (Ubuntu) / Express
Resource Hash
9e90ea8d8f57c5ff73ff737e1779216212fdde3f8829017f4a0c5e16b29dc886

Request headers

Accept
application/json, text/plain, */*
Referer
https://shadowandact.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Fri, 27 May 2022 18:51:32 GMT
Server
nginx/1.10.3 (Ubuntu)
X-Powered-By
Express
ETag
W/"a29c-5KePVWe8MFa4EkyeSOQd81lhous:dtagent10167190521165248qzTA"
Access-Control-Allow-Methods
POST, GET, DELETE, PUT, OPTIONS
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
ip
Access-Control-Allow-Credentials
true
Connection
keep-alive
ip
0
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept, token, Cache-Control, Author, Search
Content-Length
41628
0
api.shadowandact.com/v1/articles/categories/features,interviews/6/ 		57 KB
58 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.shadowandact.com/v1/articles/categories/features,interviews/6/0
Requested by
Host: shadowandact.com
URL: https://shadowandact.com/_nuxt/f08d0a8.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.233.141.87 The Dalles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
87.141.233.35.bc.googleusercontent.com
Software
nginx/1.10.3 (Ubuntu) / Express
Resource Hash
9fe56b96c210193426829ddd00a3f0408ba00ebf1cb8e560569f9d4e0a53325a

Request headers

Accept
application/json, text/plain, */*
Referer
https://shadowandact.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Fri, 27 May 2022 18:51:32 GMT
Server
nginx/1.10.3 (Ubuntu)
X-Powered-By
Express
ETag
W/"e42f-eQnyAbZ04oW1BYyLEfimVhu2nac:dtagent10167190521165248qzTA"
Access-Control-Allow-Methods
POST, GET, DELETE, PUT, OPTIONS
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
ip
Access-Control-Allow-Credentials
true
Connection
keep-alive
ip
0
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept, token, Cache-Control, Author, Search
Content-Length
58415
get_top_articales
api.shadowandact.com/v1/ 		30 KB
31 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.shadowandact.com/v1/get_top_articales?count=5&offset=0
Requested by
Host: shadowandact.com
URL: https://shadowandact.com/_nuxt/f08d0a8.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.233.141.87 The Dalles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
87.141.233.35.bc.googleusercontent.com
Software
nginx/1.10.3 (Ubuntu) / Express
Resource Hash
9862c2d21adf13fcf14d3ad5d4288bef7ce1642ed06fc48f22359b923d8f03c5

Request headers

Accept
application/json, text/plain, */*
Referer
https://shadowandact.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Fri, 27 May 2022 18:51:32 GMT
Server
nginx/1.10.3 (Ubuntu)
X-Powered-By
Express
ETag
W/"79da-nerJXH8TQL80NoGPDrXgr2YcFQE:dtagent10167190521165248qzTA"
Access-Control-Allow-Methods
POST, GET, DELETE, PUT, OPTIONS
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
ip
Access-Control-Allow-Credentials
true
Connection
keep-alive
ip
0
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept, token, Cache-Control, Author, Search
Content-Length
31194
bundle.js
assets.ubembed.com/universalscript/releases/v0.179.2/ 		174 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.ubembed.com/universalscript/releases/v0.179.2/bundle.js
Requested by
Host: 66c37c86af1b42cd94b050774081e5e2.js.ubembed.com
URL: https://66c37c86af1b42cd94b050774081e5e2.js.ubembed.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.17.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-17-78.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b318b179b35ca92c87626801798f3bce3864172926ae10288f0460a53f30177c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://shadowandact.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 05 Apr 2022 17:08:16 GMT
content-encoding
gzip
last-modified
Tue, 05 Apr 2022 16:31:05 GMT
server
AmazonS3
age
4498996
etag
W/"359008fe01078c59c66e034866170bd2"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 0e358bffbd534852f8496b34da6ad3e4.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA56-P7
x-amz-cf-id
-0yXWqPeeikFsM7x9YkPLQuDxEpju0dOJg6uTAWn8dK2Su963zmLbw==
page
t.skimresources.com/api/v2/ 		22 B
43 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.skimresources.com/api/v2/page
Requested by
Host: s.skimresources.com
URL: https://s.skimresources.com/js/205946X1691322.skimlinks.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.201.67.47 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
47.67.201.35.bc.googleusercontent.com
Software
Python/3.7 aiohttp/3.5.4 /
Resource Hash
fcc83a5b6aef86420c1ad553167106df96bd0ff4192ffe52b1647599948edbcf
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://shadowandact.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-type
text/plain

Response headers

pragma
no-cache
date
Fri, 27 May 2022 18:51:31 GMT
via
1.1 google
x-content-type-options
nosniff
server
Python/3.7 aiohttp/3.5.4
access-control-allow-headers
Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/plain; charset=utf-8, application/javascript
access-control-allow-origin
https://shadowandact.com
cache-control
no-store, no-cache, must-revalidate
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
22
b2
sb.scorecardresearch.com/
Redirect Chain
  • https://sb.scorecardresearch.com/b?c1=2&c2=22819004&ns__t=1653677490918&ns_c=UTF-8&cv=3.5&c8=SHADOW%20%26%20ACT&c7=https%3A%2F%2Fshadowandact.com%2F&c9=
  • https://sb.scorecardresearch.com/b2?c1=2&c2=22819004&ns__t=1653677490918&ns_c=UTF-8&cv=3.5&c8=SHADOW%20%26%20ACT&c7=https%3A%2F%2Fshadowandact.com%2F&c9=
0
190 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b2?c1=2&c2=22819004&ns__t=1653677490918&ns_c=UTF-8&cv=3.5&c8=SHADOW%20%26%20ACT&c7=https%3A%2F%2Fshadowandact.com%2F&c9=
Requested by
Host: shadowandact.com
URL: https://shadowandact.com/
Protocol
H2
Server
108.157.4.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-157-4-38.dus51.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://shadowandact.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 27 May 2022 18:51:32 GMT
via
1.1 ba922c695b86542cbfc03c782d8776d4.cloudfront.net (CloudFront)
x-amz-cf-pop
DUS51-P2
x-amz-cf-id
09fNS0IpY_e5gQzPE-gsbNlaVIhOfiYdEwIxH9d9URy4OSvYqx_N0w==
x-cache
Miss from cloudfront

Redirect headers

location
/b2?c1=2&c2=22819004&ns__t=1653677490918&ns_c=UTF-8&cv=3.5&c8=SHADOW%20%26%20ACT&c7=https%3A%2F%2Fshadowandact.com%2F&c9=
date
Fri, 27 May 2022 18:51:32 GMT
via
1.1 ba922c695b86542cbfc03c782d8776d4.cloudfront.net (CloudFront)
x-amz-cf-pop
DUS51-P2
content-length
0
x-amz-cf-id
TA3JqAnnPduDYS1dnNLs0hjGkbZuhJm2-bx8u7C3DjPMb6fIz7AVzw==
x-cache
Miss from cloudfront
2168516986784216
connect.facebook.net/signals/config/ 		305 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/2168516986784216?v=2.9.61&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
709d3e5223416effca462f34523356376e85b2e8557c5bcdc3ed12d3cc4ac7dc
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://shadowandact.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-xss-protection
0
pragma
public
x-fb-debug
WOA2ywecTKVUC1R+AjQzwRWmytdalH/F/jvHBV6AB1DA14PMDOaUZFoXGUka8Rou0xWLIHgKbRF3dwsUFFhhFA==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Fri, 27 May 2022 18:51:32 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
x-content-cdn-origin-ts
1653677492117
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
c.html
66c37c86af1b42cd94b050774081e5e2.pages.ubembed.com/eaa83551-6da6-40c8-b5dd-d6388b30cd69/ Frame 060B 		16 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://66c37c86af1b42cd94b050774081e5e2.pages.ubembed.com/eaa83551-6da6-40c8-b5dd-d6388b30cd69/c.html?closedAt=0
Requested by
Host: assets.ubembed.com
URL: https://assets.ubembed.com/universalscript/releases/v0.179.2/bundle.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
3.69.136.55 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-69-136-55.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
3f0fc153426f7b8e0ec908861aeaa6fec0c2edf93c1e635e9e65729611d7f94f

Request headers

Referer
https://shadowandact.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

connection
close
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Fri, 27 May 2022 18:51:32 GMT
etag
08fd9df7d0c81381dac0fd0701874566
last-modified
Wed, 25 May 2022 16:34:34 GMT
p3p
CP="This is not a privacy policy."
transfer-encoding
chunked
x-proxy-backend
page-server
x-unbounce-pageid
eaa83551-6da6-40c8-b5dd-d6388b30cd69
e8dffe2.js
shadowandact.com/_nuxt/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://shadowandact.com/_nuxt/e8dffe2.js
Requested by
Host: shadowandact.com
URL: https://shadowandact.com/_nuxt/255a8fb.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.227.214.231 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
231.214.227.35.bc.googleusercontent.com
Software
/
Resource Hash
bf5aea580f55072b408a17163e2ed273e1a9529cc88a64b295c48d1f7df799ad

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://shadowandact.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 26 May 2022 19:13:52 GMT
via
1.1 google
last-modified
Thu, 19 May 2022 15:57:21 GMT
age
85060
etag
W/"1494-180dd09aee8"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public,max-age=3600
accept-ranges
bytes
content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2006
1c11736.js
shadowandact.com/_nuxt/ 		125 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://shadowandact.com/_nuxt/1c11736.js
Requested by
Host: shadowandact.com
URL: https://shadowandact.com/_nuxt/255a8fb.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.227.214.231 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
231.214.227.35.bc.googleusercontent.com
Software
/
Resource Hash
42ea5313617e49c5c6bb3d2e3dbf0c10deb84fb87ae9350a439a23129223199d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://shadowandact.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 27 May 2022 15:38:32 GMT
via
1.1 google
last-modified
Thu, 19 May 2022 15:57:21 GMT
age
11580
etag
W/"1f43e-180dd09aee8"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public,max-age=3600
accept-ranges
bytes
content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43045
4d8ac26.js
shadowandact.com/_nuxt/ 		71 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://shadowandact.com/_nuxt/4d8ac26.js
Requested by
Host: shadowandact.com
URL: https://shadowandact.com/_nuxt/255a8fb.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.227.214.231 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
231.214.227.35.bc.googleusercontent.com
Software
/
Resource Hash
543a797fabb2d5f8954517d97e0405c0afb66895f5255cd02ea9774afa449a2b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://shadowandact.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 27 May 2022 15:38:32 GMT
via
1.1 google
last-modified
Thu, 19 May 2022 15:57:21 GMT
age
11580
etag
W/"11db8-180dd09aee8"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public,max-age=3600
accept-ranges
bytes
content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23220
6576171.js
shadowandact.com/_nuxt/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://shadowandact.com/_nuxt/6576171.js
Requested by
Host: shadowandact.com
URL: https://shadowandact.com/_nuxt/255a8fb.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.227.214.231 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
231.214.227.35.bc.googleusercontent.com
Software
/
Resource Hash
bc9e990d7f27fce06566bcd2ae5938d3cee8382ff12e6756995ba9c87368cea2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://shadowandact.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 27 May 2022 08:07:21 GMT
via
1.1 google
last-modified
Thu, 19 May 2022 15:57:21 GMT
age
38651
etag
W/"24ce-180dd09aee8"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public,max-age=3600
accept-ranges
bytes
content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3335
fb4e260.js
shadowandact.com/_nuxt/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://shadowandact.com/_nuxt/fb4e260.js
Requested by
Host: shadowandact.com
URL: https://shadowandact.com/_nuxt/255a8fb.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.227.214.231 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
231.214.227.35.bc.googleusercontent.com
Software
/
Resource Hash
14af14bde6f0dfee6e502eeecce3c30ccc8a387796495c63d4f8e214305c6346

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://shadowandact.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 27 May 2022 18:40:12 GMT
via
1.1 google
last-modified
Thu, 19 May 2022 15:57:21 GMT
age
680
etag
W/"21d9-180dd09aee8"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public,max-age=3600
accept-ranges
bytes
content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2774
/
www.facebook.com/tr/ 		44 B
297 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=2168516986784216&ev=PageView&dl=https%3A%2F%2Fshadowandact.com%2F&rl=&if=false&ts=1653677491119&sw=1600&sh=1200&v=2.9.61&r=stable&ec=0&o=30&fbp=fb.1.1653677491117.1600041987&it=1653677490928&coo=false&rqm=GET
Requested by
Host: shadowandact.com
URL: https://shadowandact.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://shadowandact.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 27 May 2022 18:51:32 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
44
expires
Fri, 27 May 2022 18:51:32 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		82 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: console.adgrid.io
URL: https://console.adgrid.io/adgrid-build/ad-grid-shadowandact-com.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
sffe /
Resource Hash
65d6c0493a0ae3c7497eb6c8e28bf50fede8392cccf4b259516a2b8c4df6cf71
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://shadowandact.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 27 May 2022 18:51:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28162
x-xss-protection
0
server
sffe
etag
"1228 / 858 of 1000 / last-modified: 1653649684"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 27 May 2022 18:51:32 GMT
apstag.js
c.amazon-adsystem.com/aax2/ 		135 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: console.adgrid.io
URL: https://console.adgrid.io/adgrid-build/ad-grid-shadowandact-com.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.156.255.177 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-156-255-177.dus51.r.cloudfront.net
Software
Server /
Resource Hash
1909b2a83fd41494d94862c4323944d9d0aa1f1e653f252ea5a73fc5944308b0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://shadowandact.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 27 May 2022 18:41:09 GMT
content-encoding
gzip
age
623
x-cache
Hit from cloudfront
timing-allow-origin
*
server
Server
x-amz-rid
1JJMSMRPVN0PK8BXAGF2
etag
4abd427e43cd6822329a2c05539e321f
vary
Accept-Encoding
x-amz-version-id
STlSjRvyyTgJyl_raxUeHIFBn6F5DqB3
via
1.1 fa544a973edca8926f95609301f23b66.cloudfront.net (CloudFront)
cache-control
public, max-age=900
x-amz-cf-pop
DUS51-P2
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
ioz9II9ccEttGXACZmQpQOfE1f5DIquBR_J8333IE4Ml-aFDckw-7Q==
hls.5b3b785f487abbe00eee.js
cds.connatix.com/p/164162/ Frame 346C 		0
47 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://cds.connatix.com/p/164162/hls.5b3b785f487abbe00eee.js
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 27 May 2022 18:51:32 GMT
content-encoding
br
last-modified
Fri, 27 May 2022 14:17:30 GMT
age
16115
etag
"182f65d040bfb9544bd8f71472475672"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
access-control-max-age
86400
cache-control
public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges
bytes
content-length
48258
connatix.playspace.css
cds.connatix.com/p/164162/ 		102 KB
14 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cds.connatix.com/p/164162/connatix.playspace.css
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
216d299dd5f5401f6b677080eeb3f94c184ee33ef376ab7f03c472a1987797b4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://shadowandact.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 27 May 2022 18:51:32 GMT
content-encoding
br
last-modified
Fri, 27 May 2022 14:17:29 GMT
age
16116
etag
"215ae78fe60db75bbc6f31e87e7e171f"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
access-control-max-age
86400
cache-control
public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges
bytes
content-length
13939
main-7b78720.z.css
builder-assets.unbounce.com/published-css/ Frame 060B 		15 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://builder-assets.unbounce.com/published-css/main-7b78720.z.css
Requested by
Host: 66c37c86af1b42cd94b050774081e5e2.pages.ubembed.com
URL: https://66c37c86af1b42cd94b050774081e5e2.pages.ubembed.com/eaa83551-6da6-40c8-b5dd-d6388b30cd69/c.html?closedAt=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-69.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7b787207f29ffd5672ab91b95f681b387b4d6433081cc8b47070f1d564827863

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://66c37c86af1b42cd94b050774081e5e2.pages.ubembed.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 05 Feb 2022 01:12:18 GMT
content-encoding
gzip
last-modified
Tue, 18 Jan 2022 22:28:54 GMT
server
AmazonS3
age
9653955
etag
"43729a62fb549c1f6784cd5cc32082e0"
x-cache
Hit from cloudfront
x-amz-version-id
kJDetr_gaa4mXuLbtL4sIGZNSy2Uu.RY
via
1.1 231be1c97cc722fa08b64d21072ebfac.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA60-P3
accept-ranges
bytes
content-type
text/css
content-length
2902
x-amz-cf-id
odoAUDNoy4sAGWYfHlotD3f__L1HLXeHnNTCNQfvZeEjZ-BqG1DiYw==
main.bundle-7a80b17.z.js
builder-assets.unbounce.com/published-js/ Frame 060B 		103 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://builder-assets.unbounce.com/published-js/main.bundle-7a80b17.z.js
Requested by
Host: 66c37c86af1b42cd94b050774081e5e2.pages.ubembed.com
URL: https://66c37c86af1b42cd94b050774081e5e2.pages.ubembed.com/eaa83551-6da6-40c8-b5dd-d6388b30cd69/c.html?closedAt=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-69.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7a80b17346ad96acb74876b1c792e1706cdfdb5e17ce3bc028ee6e832bdfd962

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://66c37c86af1b42cd94b050774081e5e2.pages.ubembed.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 11 May 2022 15:50:20 GMT
content-encoding
gzip
last-modified
Wed, 11 May 2022 15:25:07 GMT
server
AmazonS3
age
1393273
etag
"115451db447a15fd94ca1eec82178c7c"
x-cache
Hit from cloudfront
x-amz-version-id
hO9WFSZalI7CFVogzNPJaI4zzDMeqqnQ
via
1.1 231be1c97cc722fa08b64d21072ebfac.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA60-P3
accept-ranges
bytes
content-type
application/javascript
content-length
33491
x-amz-cf-id
LS8jy09t6oNlF8U9pFYeU9V4jGuiZUKcZQ2_YUumDswylYUj5vEowQ==
collect
www.google-analytics.com/j/ 		4 B
24 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=513413952&t=pageview&_s=1&dl=https%3A%2F%2Fshadowandact.com%2F&dp=%2F&ul=en-us&de=UTF-8&dt=SHADOW%20%26%20ACT&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEBAAEABEAAAAC~&jid=105091948&gjid=1923802324&cid=346333194.1653677491&tid=UA-10302152-1&_gid=708632297.1653677491&_r=1&_slc=1&z=255334322
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://shadowandact.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 27 May 2022 18:51:32 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://shadowandact.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
pub.js
pub.doubleverify.com/signals/ 		62 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pub.doubleverify.com/signals/pub.js
Requested by
Host: shadowandact.com
URL: https://shadowandact.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:a6e0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c75733e48b0ff8fe8cf445d3f20cab6e29bb6e4319e733af0f7a4e4a45cf7407
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://shadowandact.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 27 May 2022 18:51:32 GMT
content-encoding
br
vary
Accept-Encoding
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=86400; includeSubDomains
content-type
text/javascript
access-control-allow-origin
*
access-control-expose-headers
Server-Timing, Cf-Ray
cache-control
private, max-age=14400, stale-while-revalidate=345600, stale-if-error=345600
access-control-allow-credentials
true
server-timing
total;dur=0
cf-ray
7120f1483cb2925f-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
dvtp_src.js
cdn.doubleverify.com/ 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dvtp_src.js
Requested by
Host: shadowandact.com
URL: https://shadowandact.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:68a::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
bea1f2e1b6c000d5289dd1de1a9475c9245d3afe0a021ece086400dccdca1d42

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://shadowandact.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Fri, 27 May 2022 18:51:32 GMT
Content-Encoding
gzip
Last-Modified
Mon, 16 May 2022 12:36:02 GMT
Server
Microsoft-IIS/10.0
ETag
"0659c802169d81:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3303
smart.js
meta.resetdigital.co/Scripts/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://meta.resetdigital.co/Scripts/smart.js?px=1000171
Requested by
Host: shadowandact.com
URL: https://shadowandact.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.55.126.42 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
3268e741fd7cd43e836222b0979ee064c0422eb6c81d0d029bbbb98ff8a1e363

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://shadowandact.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 27 May 2022 18:51:32 GMT
cache-control
no-cache, no-store, must-revalidate
accept-ranges
bytes
content-length
2740
content-type
application/json
pubads_impl_2022052501.js
securepubads.g.doubleclick.net/gpt/ 		365 KB
124 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022052501.js?cb=31067809
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
sffe /
Resource Hash
19e0cfeae6e0bdd6aecd6fc545877f22b49c71a2c577205964a2d09f9b2133c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://shadowandact.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 27 May 2022 17:48:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3757
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
126602
x-xss-protection
0
last-modified
Wed, 25 May 2022 08:34:19 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 27 May 2023 17:48:55 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		168 B
142 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=shadowandact.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
7496aca607b701abffbb6b654eb5072b74ec7dc145032b1f93de2a273b598d05
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://shadowandact.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 27 May 2022 18:51:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
117
x-xss-protection
0
expires
Fri, 27 May 2022 18:51:32 GMT
story
capi.connatix.com/core/ Frame 346C 		19 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi.connatix.com/core/story?v=164162
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
b94ecd7f8508dd99481039b1a3a342b2939f3f5b360a3ef5fc6b5300f2a4172f

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
multipart/form-data

Response headers

date
Fri, 27 May 2022 18:51:32 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/x-protobuf
access-control-allow-origin
https://shadowandact.com
access-control-max-age
86400
access-control-allow-credentials
true
accept-ranges
bytes
content-length
8360
collect
stats.g.doubleclick.net/j/ 		4 B
442 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-10302152-1&cid=346333194.1653677491&jid=105091948&gjid=1923802324&_gid=708632297.1653677491&_u=aEBAAEAAEAAAAC~&z=574649773
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c07::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://shadowandact.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Fri, 27 May 2022 18:51:32 GMT
content-type
text/plain
access-control-allow-origin
https://shadowandact.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
truncated
/ Frame 060B 		42 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Content-Type
image/gif
f4e502c0-copy-of-audio-fb-tw-_1000000000000000000028.png
d9hhrg4mnvzow.cloudfront.net/66c37c86af1b42cd94b050774081e5e2.pages.ubembed.com/eaa83551-6da6-40c8-b5dd-d6388b30cd69/ Frame 060B 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d9hhrg4mnvzow.cloudfront.net/66c37c86af1b42cd94b050774081e5e2.pages.ubembed.com/eaa83551-6da6-40c8-b5dd-d6388b30cd69/f4e502c0-copy-of-audio-fb-tw-_1000000000000000000028.png
Requested by
Host: 66c37c86af1b42cd94b050774081e5e2.pages.ubembed.com
URL: https://66c37c86af1b42cd94b050774081e5e2.pages.ubembed.com/eaa83551-6da6-40c8-b5dd-d6388b30cd69/c.html?closedAt=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.9.79 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-9-79.txl50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d80326f55bc31b42059f5ccfb160eaf1441a05659feee224eec68e3e3445f7e8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://66c37c86af1b42cd94b050774081e5e2.pages.ubembed.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Mon, 23 May 2022 16:37:59 GMT
via
1.1 56924be70c5c0d77fdcb69cb44958832.cloudfront.net (CloudFront)
last-modified
Fri, 20 May 2022 19:11:23 GMT
server
AmazonS3
age
353614
etag
"a92eb63470f136b34ace2d912b07eab2"
x-cache
Hit from cloudfront
x-amz-version-id
bpp3yZuEPnVaJ7B5Ii.7QV5GZjec_yae
cache-control
max-age=31557600
x-amz-cf-pop
TXL50-P1
accept-ranges
bytes
content-type
image/png
content-length
27707
x-amz-cf-id
OCQZcmXQqxUEo8LLlQ-Oy5_d5GT6pnqVjX-yviF0_ONGpLZlUfsSZQ==
be4e7fba-81de-4de2-8baf-ef6d23fb97cd
https://66c37c86af1b42cd94b050774081e5e2.pages.ubembed.com/ Frame 060B 		5 KB
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
blob:https://66c37c86af1b42cd94b050774081e5e2.pages.ubembed.com/be4e7fba-81de-4de2-8baf-ef6d23fb97cd
Requested by
Host: builder-assets.unbounce.com
URL: https://builder-assets.unbounce.com/published-js/main.bundle-7a80b17.z.js
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9c29517d31f5827419cfb4f4ff8cd13b478ec5345cfbb24e4f02072c723a87e7

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Content-Length
5603
Content-Type
text/css
css
fonts.googleapis.com/ Frame 060B 		2 KB
530 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Montserrat:700italic
Requested by
Host: builder-assets.unbounce.com
URL: https://builder-assets.unbounce.com/published-js/main.bundle-7a80b17.z.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
668f86cfff5a8c9b897e409952e8ee8276eec206624dd5a379330aa9b66ae46e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://66c37c86af1b42cd94b050774081e5e2.pages.ubembed.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 27 May 2022 18:51:32 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Fri, 27 May 2022 18:51:32 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 27 May 2022 18:51:32 GMT
0917aaaf-fb-tw-opening-act-2_104e02b000000000000028.png
d9hhrg4mnvzow.cloudfront.net/66c37c86af1b42cd94b050774081e5e2.pages.ubembed.com/eaa83551-6da6-40c8-b5dd-d6388b30cd69/ Frame 060B 		535 B
925 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d9hhrg4mnvzow.cloudfront.net/66c37c86af1b42cd94b050774081e5e2.pages.ubembed.com/eaa83551-6da6-40c8-b5dd-d6388b30cd69/0917aaaf-fb-tw-opening-act-2_104e02b000000000000028.png
Requested by
Host: 66c37c86af1b42cd94b050774081e5e2.pages.ubembed.com
URL: https://66c37c86af1b42cd94b050774081e5e2.pages.ubembed.com/eaa83551-6da6-40c8-b5dd-d6388b30cd69/c.html?closedAt=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.9.79 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-9-79.txl50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3ac93fc3dd8a5dc306d2e910c462c3177c73fc95bc28c000245b1d705089679f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://66c37c86af1b42cd94b050774081e5e2.pages.ubembed.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Sat, 23 Apr 2022 05:06:05 GMT
via
1.1 56924be70c5c0d77fdcb69cb44958832.cloudfront.net (CloudFront)
last-modified
Sat, 23 Apr 2022 01:36:27 GMT
server
AmazonS3
age
2987128
etag
"cfc7b47d991e5c822dd2cf3785c83b07"
x-cache
Hit from cloudfront
x-amz-version-id
057nAo3tKdvksXg1b7hTCzaVlwsQF4tN
cache-control
max-age=31557600
x-amz-cf-pop
TXL50-P1
accept-ranges
bytes
content-type
image/png
content-length
535
x-amz-cf-id
0v9CH_fvf3ax82x0Iin7s5bg5mClGPHbuYroQSMbYy0E2J87CBsh0w==
0a16b48e-fb-tw-opening-act-1_10bn064000000000000028.png
d9hhrg4mnvzow.cloudfront.net/66c37c86af1b42cd94b050774081e5e2.pages.ubembed.com/eaa83551-6da6-40c8-b5dd-d6388b30cd69/ Frame 060B 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d9hhrg4mnvzow.cloudfront.net/66c37c86af1b42cd94b050774081e5e2.pages.ubembed.com/eaa83551-6da6-40c8-b5dd-d6388b30cd69/0a16b48e-fb-tw-opening-act-1_10bn064000000000000028.png
Requested by
Host: 66c37c86af1b42cd94b050774081e5e2.pages.ubembed.com
URL: https://66c37c86af1b42cd94b050774081e5e2.pages.ubembed.com/eaa83551-6da6-40c8-b5dd-d6388b30cd69/c.html?closedAt=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.9.79 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-9-79.txl50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4bca64f7394d2d15456b60202c7c4cf67874bfadb2d775b844799cf7b8301400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://66c37c86af1b42cd94b050774081e5e2.pages.ubembed.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Thu, 19 May 2022 02:19:11 GMT
via
1.1 56924be70c5c0d77fdcb69cb44958832.cloudfront.net (CloudFront)
last-modified
Mon, 09 May 2022 21:39:14 GMT
server
AmazonS3
age
750742
etag
"19011d0426b4c08131d58c1faae3f656"
x-cache
Hit from cloudfront
x-amz-version-id
m48eY1Sbl9OQQj9Rv0awZd6eqAHXZPUI
cache-control
max-age=31557600
x-amz-cf-pop
TXL50-P1
accept-ranges
bytes
content-type
image/png
content-length
2162
x-amz-cf-id
fK8N-6SfNuNjW-QQ1MKY1E-BoX3TT4K0BI2N3yw04M-TwnTYk48M-g==
d091cbdb-javicia-leslie-2022-by-manfred-baumann-7_10830c400000000000001o.jpg
d9hhrg4mnvzow.cloudfront.net/66c37c86af1b42cd94b050774081e5e2.pages.ubembed.com/eaa83551-6da6-40c8-b5dd-d6388b30cd69/ Frame 060B 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d9hhrg4mnvzow.cloudfront.net/66c37c86af1b42cd94b050774081e5e2.pages.ubembed.com/eaa83551-6da6-40c8-b5dd-d6388b30cd69/d091cbdb-javicia-leslie-2022-by-manfred-baumann-7_10830c400000000000001o.jpg
Requested by
Host: 66c37c86af1b42cd94b050774081e5e2.pages.ubembed.com
URL: https://66c37c86af1b42cd94b050774081e5e2.pages.ubembed.com/eaa83551-6da6-40c8-b5dd-d6388b30cd69/c.html?closedAt=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.9.79 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-9-79.txl50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ba75f67647fa7aa2f9de6988f64668e3bb9d8f992a11af3796e93bc00a7b23f5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://66c37c86af1b42cd94b050774081e5e2.pages.ubembed.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 20 May 2022 12:28:25 GMT
via
1.1 56924be70c5c0d77fdcb69cb44958832.cloudfront.net (CloudFront)
last-modified
Mon, 09 May 2022 21:39:14 GMT
server
AmazonS3
age
627788
etag
"c69ed576413921611edcea41dc0752db"
x-cache
Hit from cloudfront
x-amz-version-id
QWIb_Iz91RBlwW452XRvZXPNFRAPGP3h
cache-control
max-age=31557600
x-amz-cf-pop
TXL50-P1
accept-ranges
bytes
content-type
image/jpeg
content-length
8869
x-amz-cf-id
bZ8BDyzKmjYFrc8goSi0lkkfgfJaN7TuDV6V30jq2vDXti8b40d3pQ==
prebid
bids.concert.io/bids/ 		22 B
437 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bids.concert.io/bids/prebid
Requested by
Host: console.adgrid.io
URL: https://console.adgrid.io/adgrid-build/ad-grid-shadowandact-com.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.126.186 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
186.126.117.34.bc.googleusercontent.com
Software
Google Frontend / Express
Resource Hash
55aabd4f133660977420281f291a1ed0c58714a47679738bdaad2e8d59c31004

Request headers

Referer
https://shadowandact.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 27 May 2022 18:51:32 GMT
via
1.1 google
x-lat-long
49.473767,8.661250
x-powered-by
Express
x-region
DE
x-city
Schriesheim
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
22
x-response-time
201.508ms
server
Google Frontend
etag
W/"16-6cDG702lpKxhI09DG03JuPCfUBY"
vary
Origin, Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://shadowandact.com
x-cloud-trace-context
ab118e2d4e8a438a97c4f74c91319dd6/12797781398626249143
access-control-allow-credentials
true
x-region-subdivision
DEBW
cygnus
htlb.casalemedia.com/ 		36 B
328 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=726690&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%223418bb123a8631%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fshadowandact.com%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A3%2C%22msi%22%3A3%2C%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%226.6.0%22%2C%22userIds%22%3A%5B%5D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22477ba62a56ff1d%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22726690%22%2C%22sid%22%3A%22728x90%22%7D%7D%2C%7B%22w%22%3A970%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22726690%22%2C%22sid%22%3A%22970x250%22%7D%7D%2C%7B%22w%22%3A970%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22726690%22%2C%22sid%22%3A%22970x90%22%7D%7D%2C%7B%22w%22%3A970%2C%22h%22%3A66%2C%22ext%22%3A%7B%22siteID%22%3A%22726690%22%2C%22sid%22%3A%22970x66%22%7D%7D%5D%7D%7D%5D%2C%22at%22%3A1%7D
Requested by
Host: console.adgrid.io
URL: https://console.adgrid.io/adgrid-build/ad-grid-shadowandact-com.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.32.59.34 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-59-34.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
534274c3d49c7af8290c62fa48e9792a35a2e932075cca07bb76802e9582891d

Request headers

Referer
https://shadowandact.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 27 May 2022 18:51:32 GMT
x-ak-initial-geo
CC:[DE], RC:[HE], CN:[EU], CIP:[81.95.5.36], XFF:[]
server
Apache
content-type
application/json
access-control-allow-origin
https://shadowandact.com
x-cs-client-geo
12
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
36
x-ak-client-geo
12
expires
Fri, 27 May 2022 18:51:32 GMT
/
ads.resetsrv.com/ 		0
382 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.resetsrv.com/
Requested by
Host: console.adgrid.io
URL: https://console.adgrid.io/adgrid-build/ad-grid-shadowandact-com.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
167.99.21.53 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://shadowandact.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://shadowandact.com
date
Fri, 27 May 2022 18:51:32 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-methods
GET, POST
content-type
text/html
translator
hbopenbid.pubmatic.com/ 		0
0
imp
g2.gumgum.com/hbid/ 		2 B
329 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?aun=leaderboard_ad_1&t=208728&pi=2&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fshadowandact.com%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%226.6.0%22%7D&ogu=null&ns=10240&gpid=
Requested by
Host: console.adgrid.io
URL: https://console.adgrid.io/adgrid-build/ad-grid-shadowandact-com.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.248.81.187 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-248-81-187.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer
https://shadowandact.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 27 May 2022 18:51:32 GMT
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://shadowandact.com
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
content-length
2
expires
0
fastlane.json
fastlane.rubiconproject.com/a/api/ 		263 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17970&site_id=265350&zone_id=2082440&size_id=2&alt_size_ids=55%2C57&rf=https%3A%2F%2Fshadowandact.com%2F&tk_flint=pbjs_lite_v6.6.0&x_source.tid=8b07820f-7042-4c21-bea4-c2e8b86380c5&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.5574906347072714
Requested by
Host: console.adgrid.io
URL: https://console.adgrid.io/adgrid-build/ad-grid-shadowandact-com.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
961708716ea456fe76fdfecb2088b3d1f1650a0c4811040393d8296f5b86e2bc

Request headers

Referer
https://shadowandact.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 27 May 2022 18:51:32 GMT
Server
nginx/1.21.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://shadowandact.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
263
Expires
Wed, 17 Sep 1975 21:32:10 GMT
adreq
ads.servenobid.com/ 		899 B
695 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.servenobid.com/adreq?cb=6526
Requested by
Host: console.adgrid.io
URL: https://console.adgrid.io/adgrid-build/ad-grid-shadowandact-com.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.248.142.99 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-248-142-99.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
9430609689d5a14764e910949df8ee0552c1313bc1e1387d322215c44641978d

Request headers

Referer
https://shadowandact.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 27 May 2022 18:51:32 GMT
content-encoding
gzip
amp-access-control-allow-source-origin
*
vary
accept-encoding
content-type
application/json
access-control-allow-origin
https://shadowandact.com
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
/
colossusssp.com/ 		2 B
243 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://colossusssp.com/?c=o&m=multi
Requested by
Host: console.adgrid.io
URL: https://console.adgrid.io/adgrid-build/ad-grid-shadowandact-com.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
8.2.111.126 , United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
nginx /
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer
https://shadowandact.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://shadowandact.com
Date
Fri, 27 May 2022 18:51:32 GMT
Access-Control-Allow-Credentials
true
Server
nginx
Connection
keep-alive
Content-Length
2
Content-Type
application/json
prebid
ib.adnxs.com/ut/v3/ 		9 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: console.adgrid.io
URL: https://console.adgrid.io/adgrid-build/ad-grid-shadowandact-com.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.53 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
718.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
d9b7a0b172ed5eadfe8e41903efb17e71591fa64191b75c1bf3000dccfcb60c1
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://shadowandact.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
text/plain

Response headers

Date
Fri, 27 May 2022 18:51:32 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
81.95.5.36; 81.95.5.36; 718.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
32c61a21-c867-4ee7-ad25-e9a9cb72514f
Server
nginx/1.21.3
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://shadowandact.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
dv-measurements2767.js
cdn.doubleverify.com/ Frame B7FD 		531 KB
98 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dv-measurements2767.js
Requested by
Host: shadowandact.com
URL: https://shadowandact.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:68a::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
cf49fc361a840ed23a9d4aa0d4d90753d84308079e887fce936b69f0be4eebea

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://shadowandact.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Fri, 27 May 2022 18:51:32 GMT
Content-Encoding
gzip
Last-Modified
Mon, 16 May 2022 08:44:28 GMT
Server
Microsoft-IIS/10.0
ETag
"03e2427169d81:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=946080900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
100235
ga-audiences
www.google.com/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-10302152-1&cid=346333194.1653677491&jid=105091948&_u=aEBAAEAAEAAAAC~&z=1929528903
Requested by
Host: shadowandact.com
URL: https://shadowandact.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://shadowandact.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 27 May 2022 18:51:32 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-10302152-1&cid=346333194.1653677491&jid=105091948&_u=aEBAAEAAEAAAAC~&z=1929528903
Requested by
Host: shadowandact.com
URL: https://shadowandact.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://shadowandact.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 27 May 2022 18:51:32 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
yixyrgeqr4tapm3co9zr
res.cloudinary.com/blavity/image/upload/g_center,w_auto,q_auto:best,g_south_east,x_0/v1619043520/ 		493 KB
493 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://res.cloudinary.com/blavity/image/upload/g_center,w_auto,q_auto:best,g_south_east,x_0/v1619043520/yixyrgeqr4tapm3co9zr
Requested by
Host: shadowandact.com
URL: https://shadowandact.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::393 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Cloudinary /
Resource Hash
b1f2a6ad102633e0da139dddea8f77a8055acb177e9ca9e246d55c6290192feb
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://shadowandact.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 27 May 2022 18:51:32 GMT
x-content-type-options
nosniff
server-timing
fastly;dur=3;cpu=1;start=2022-05-27T18:51:32.732Z;desc=hit,rtt;dur=6
vary
DPR,Width
content-length
504441
last-modified
Thu, 22 Apr 2021 10:46:40 GMT
server
Cloudinary
etag
"10c1be139f0ff2e0424d6930adf133ca"
strict-transport-security
max-age=604800
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control
private, no-transform, immutable, max-age=2592000
content-dpr
1
accept-ranges
bytes
timing-allow-origin
*
echrhjgydupkk4xvbrdj.jpg
cms.afrotech.com/wp-content/uploads/2022/05/ 		45 KB
45 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms.afrotech.com/wp-content/uploads/2022/05/echrhjgydupkk4xvbrdj.jpg
Requested by
Host: shadowandact.com
URL: https://shadowandact.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
146.148.110.40 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
40.110.148.146.bc.googleusercontent.com
Software
nginx /
Resource Hash
03243666cf84f5416d71c75872948412b9451d66dddd8c2f3be674cc89dc1cdb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://shadowandact.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 27 May 2022 18:51:33 GMT
last-modified
Wed, 25 May 2022 15:05:15 GMT
server
nginx
etag
"628e45ab-b43e"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
46142
Alaska_Airlines_MD-83_N977AS_2322622821-e1547066386803.jpg
legacy.travelnoire.com/wp-content/uploads/2019/01/ 		67 KB
67 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://legacy.travelnoire.com/wp-content/uploads/2019/01/Alaska_Airlines_MD-83_N977AS_2322622821-e1547066386803.jpg
Requested by
Host: shadowandact.com
URL: https://shadowandact.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
146.148.110.40 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
40.110.148.146.bc.googleusercontent.com
Software
nginx /
Resource Hash
7878e9948340d0d1c53ea93b1e7ccff2d16e161286f12e58baa5a72c786f3462

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://shadowandact.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 27 May 2022 18:51:33 GMT
last-modified
Wed, 09 Jan 2019 20:39:46 GMT
server
nginx
etag
"5c365c12-10a30"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
68144
GettyImages-466308005-Cropped-compress.jpg
cms.blavity.com/wp-content/uploads/2022/04/ 		50 KB
50 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms.blavity.com/wp-content/uploads/2022/04/GettyImages-466308005-Cropped-compress.jpg
Requested by
Host: shadowandact.com
URL: https://shadowandact.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
146.148.110.40 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
40.110.148.146.bc.googleusercontent.com
Software
nginx /
Resource Hash
cfa6cffbde0fca3a82b5691d8105a1baf1d3489b5491842a10fa96139ec13e71

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://shadowandact.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 27 May 2022 18:51:33 GMT
last-modified
Thu, 21 Apr 2022 20:33:52 GMT
server
nginx
etag
"6261bfb0-c79b"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
51099
pub.json
pub.doubleverify.com/signals/ 		537 B
738 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pub.doubleverify.com/signals/pub.json?ctx=24192157&cmp=DV684348&signals=ids,bsc,vlp,tvp,arb,utm_source&url=https%3A%2F%2Fshadowandact.com%2F&adunits[/11462305847/shadow/home/adhesion][]=0x0&adunits[/11462305847/shadow/home][]=728x90,970x250,970x66,970x90
Requested by
Host: pub.doubleverify.com
URL: https://pub.doubleverify.com/signals/pub.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:a6e0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cc97dbfd1bef745cd588576510dc1e29a569f06b64f90f74a24885789003f2a7
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://shadowandact.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 27 May 2022 18:51:32 GMT
content-encoding
br
vary
User-Agent, Referer, Accept-Encoding
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=86400; includeSubDomains
content-type
application/json
access-control-allow-origin
https://shadowandact.com
access-control-expose-headers
Server-Timing, Cf-Ray
cache-control
private, max-age=900, stale-while-revalidate=345600, stale-if-error=345600
access-control-allow-credentials
true
server-timing
total;dur=103, ids;desc="ids iqc";dur=23, bsc;desc="bsc iqc";dur=26, vlp;desc="vlp kv";dur=66, vp.adu0;desc="vp.adu0 kv";dur=56, vp.adu1;desc="vp.adu1 kv";dur=66, rauth;desc="rauth kv";dur=103
cf-ray
7120f1497e699244-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
pub.json
pub.doubleverify.com/signals/ 		537 B
780 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pub.doubleverify.com/signals/pub.json?ctx=24192157&cmp=DV684348&signals=ids,bsc,vlp,tvp,arb,utm_source&url=https%3A%2F%2Fshadowandact.com%2F&adunits[/11462305847/shadow/home/adhesion][]=0x0&adunits[/11462305847/shadow/home][]=728x90,970x250,970x66,970x90
Requested by
Host: pub.doubleverify.com
URL: https://pub.doubleverify.com/signals/pub.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:a6e0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
12dcffd5cb06822734270a934d30bdea10ae38d8afe66aa077cebc20bbff86f9
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://shadowandact.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 27 May 2022 18:51:32 GMT
content-encoding
br
vary
User-Agent, Referer, Accept-Encoding
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=86400; includeSubDomains
content-type
application/json
access-control-allow-origin
https://shadowandact.com
access-control-expose-headers
Server-Timing, Cf-Ray
cache-control
private, max-age=900, stale-while-revalidate=345600, stale-if-error=345600
access-control-allow-credentials
true
server-timing
total;dur=114, ids;desc="ids iqc/hc";dur=87, bsc;desc="bsc iqc/hc";dur=87, vlp;desc="vlp kv";dur=114, vp.adu0;desc="vp.adu0 kv";dur=109, vp.adu1;desc="vp.adu1 kv";dur=114, rauth;desc="rauth kv";dur=109
cf-ray
7120f1497e669244-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
JTUFjIg1_i6t8kCHKm459Wx7xQYXK0vOoz6jq0N6WXh0pg.woff2
fonts.gstatic.com/s/montserrat/v24/ Frame 060B 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v24/JTUFjIg1_i6t8kCHKm459Wx7xQYXK0vOoz6jq0N6WXh0pg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:700italic
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
73c4a0df57e860afb462aeea0bfca3ea0259f88ec8378ca95c2d66783d9dd6db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://66c37c86af1b42cd94b050774081e5e2.pages.ubembed.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 24 May 2022 17:46:38 GMT
x-content-type-options
nosniff
age
263094
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13320
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 14:43:34 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 24 May 2023 17:46:38 GMT
insights.bin
ins.connatix.com/95a36ebe-1dc7-4ce0-a450-f8dda38442aa/2e2a276c-1571-46d4-9e70-d2b551fdfc51/ Frame 346C 		432 B
583 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ins.connatix.com/95a36ebe-1dc7-4ce0-a450-f8dda38442aa/2e2a276c-1571-46d4-9e70-d2b551fdfc51/insights.bin
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e023cfc398dfe758fa5c1454fc64608cb9f1894ce361473284fcb00679ebe1bd

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 27 May 2022 18:51:32 GMT
content-encoding
gzip
last-modified
Fri, 27 May 2022 17:15:56 GMT
age
3753
etag
"273ad40bf21fc2de502244867fa48861"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/octet-stream
access-control-allow-origin
*
access-control-max-age
86400
cache-control
public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges
bytes
content-length
266
sr
capi-tier-1-us-east-2.connatix.com/tr/ Frame 346C 		0
317 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi-tier-1-us-east-2.connatix.com/tr/sr?v=164162
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.189.255.1 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-189-255-1.us-east-2.compute.amazonaws.com
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
multipart/form-data

Response headers

date
Fri, 27 May 2022 18:51:32 GMT
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
application/x-protobuf
access-control-allow-origin
https://shadowandact.com
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
20
analytics.js
s.srvsynd.com/2/234175/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.srvsynd.com/2/234175/analytics.js?dt=2341751597675869250012&di=shadowandact.com&ui=00000000-0000-0000-0000-000000000000&md=2&ap=undefined&sr=connatix.com&pp=453249929261197&ti=x1448421605612486237246558044160&de=2&to=3&pv=b6988ba0-68f5-49ca-97aa-3e6195926b39
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
34.253.43.221 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-253-43-221.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
518b3503f9d2e22f869f22c8b44d769d66f6488012970430ec4d0bf2cdbddc11
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://shadowandact.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 27 May 2022 18:51:32 GMT
Content-Encoding
gzip
Accept-Ch
Viewport-Width, Viewport-Height, Width, DPR, RTT, ECT, Device-Memory, Downlink, Save-Data
Vary
*
Content-Type
text/javascript; charset=utf-8
Cache-Control
no-cache, no-store, must-revalidate, no-transform, private, max-age=0
Strict-Transport-Security
max-age=31536000; includeSubDomains
Timing-Allow-Origin
*
Content-Length
2822
Expires
0
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame 346C 		377 KB
127 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
52ad644da868878b67f129a0857315706f2b683876f5ff18f0ffb5c546d44958
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 27 May 2022 18:51:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
128968
x-xss-protection
0
expires
Fri, 27 May 2022 18:51:32 GMT
2e2a276c-1571-46d4-9e70-d2b551fdfc51.bin
vid.connatix.com/pid-3f40e27c-3e51-471e-94ce-9d663bd2110d/95a36ebe-1dc7-4ce0-a450-f8dda38442aa/ Frame 346C 		3 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid.connatix.com/pid-3f40e27c-3e51-471e-94ce-9d663bd2110d/95a36ebe-1dc7-4ce0-a450-f8dda38442aa/2e2a276c-1571-46d4-9e70-d2b551fdfc51.bin
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
20a90bba5b777d3ddb7e32465d440e6a6f884b46ac51b077b1ae028a0d7b3f36

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 27 May 2022 18:51:32 GMT
content-encoding
gzip
last-modified
Fri, 27 May 2022 17:15:22 GMT
age
5687
etag
"2057b846bd71434cfeba6816480ee514"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/octet-stream
access-control-allow-origin
*
access-control-max-age
86400
cache-control
public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges
bytes
content-length
1080
1.png
img.connatix.com/pid-3f40e27c-3e51-471e-94ce-9d663bd2110d/3f40e27c-3e51-471e-94ce-9d663bd2110d/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.connatix.com/pid-3f40e27c-3e51-471e-94ce-9d663bd2110d/3f40e27c-3e51-471e-94ce-9d663bd2110d/1.png
Requested by
Host: shadowandact.com
URL: https://shadowandact.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
662c975d636ea2d038456c35eac7fd6677a80ec8e9e4bf2c0ee232584f25d823

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://shadowandact.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 27 May 2022 18:51:32 GMT
content-encoding
br
age
908796
etag
"iysEHTQpLZLvQFZT4eXpxiajElZREAS5z4TVP3EGiMw"
access-control-max-age
86400
fastly-io-info
ifsz=18952 idim=400x151 ifmt=png ofsz=18952 odim=400x151 ofmt=png
access-control-allow-origin
*
cache-control
max-age=2592000, public
fastly-stats
io=1
accept-ranges
bytes
content-type
image/png
content-length
18853
fastly-io-warning
Failed to shrink image
163400_101A_290-1-scaled.jpg
cms.shadowandact.com/wp-content/uploads/2022/05/ 		274 KB
275 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms.shadowandact.com/wp-content/uploads/2022/05/163400_101A_290-1-scaled.jpg
Requested by
Host: shadowandact.com
URL: https://shadowandact.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
146.148.110.40 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
40.110.148.146.bc.googleusercontent.com
Software
nginx /
Resource Hash
d24dd755c5e5641e688320442bf831ec6a6aa91ae69ee9768855a56c7c5fa4cb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://shadowandact.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 27 May 2022 18:51:32 GMT
last-modified
Fri, 27 May 2022 15:26:31 GMT
server
nginx
etag
"6290eda7-44880"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
280704
image002-10.jpg
cms.shadowandact.com/wp-content/uploads/2022/05/ 		300 KB
301 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms.shadowandact.com/wp-content/uploads/2022/05/image002-10.jpg
Requested by
Host: shadowandact.com
URL: https://shadowandact.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
146.148.110.40 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
40.110.148.146.bc.googleusercontent.com
Software
nginx /
Resource Hash
e570927ac2503e9ec25fe5d060ef8cdeef692e29b828d7262ec11dfd92728751

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://shadowandact.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 27 May 2022 18:51:32 GMT
last-modified
Fri, 27 May 2022 13:09:13 GMT
server
nginx
etag
"6290cd79-4b123"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
307491
copy-of-20170604_xxx-coral-square-mall_friends-00_47_09_05-still004.jpg
cms.shadowandact.com/wp-content/uploads/2022/05/ 		120 KB
121 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms.shadowandact.com/wp-content/uploads/2022/05/copy-of-20170604_xxx-coral-square-mall_friends-00_47_09_05-still004.jpg
Requested by
Host: shadowandact.com
URL: https://shadowandact.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
146.148.110.40 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
40.110.148.146.bc.googleusercontent.com
Software
nginx /
Resource Hash
bd21873739d9fe0303c2c8a5cb604d7e67ce1747824f1d5e7b8f16ebb741b51d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://shadowandact.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 27 May 2022 18:51:33 GMT
last-modified
Fri, 27 May 2022 14:12:51 GMT
server
nginx
etag
"6290dc63-1e13e"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
123198
egy.jpeg
cms.shadowandact.com/wp-content/uploads/2022/05/ 		160 KB
160 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms.shadowandact.com/wp-content/uploads/2022/05/egy.jpeg
Requested by
Host: shadowandact.com
URL: https://shadowandact.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
146.148.110.40 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
40.110.148.146.bc.googleusercontent.com
Software
nginx /
Resource Hash
a6783f138f006faae855cc40f359f19cd366ae934626da6c0a24126d99ed3451

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://shadowandact.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 27 May 2022 18:51:33 GMT
last-modified
Fri, 27 May 2022 13:50:11 GMT
server
nginx
etag
"6290d713-28060"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
163936
dd-38.jpg
cms.shadowandact.com/wp-content/uploads/2022/05/ 		101 KB
102 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms.shadowandact.com/wp-content/uploads/2022/05/dd-38.jpg
Requested by
Host: shadowandact.com
URL: https://shadowandact.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
146.148.110.40 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
40.110.148.146.bc.googleusercontent.com
Software
nginx /
Resource Hash
80df28bc7acaf7d1854caca435b7d41fc19a8f2d5e28a96b0cd96f3906caa4c1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://shadowandact.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 27 May 2022 18:51:33 GMT
last-modified
Thu, 26 May 2022 23:07:47 GMT
server
nginx
etag
"62900843-194d6"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
103638
tg.webp
cms.shadowandact.com/wp-content/uploads/2022/05/ 		64 KB
64 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms.shadowandact.com/wp-content/uploads/2022/05/tg.webp
Requested by
Host: shadowandact.com
URL: https://shadowandact.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
146.148.110.40 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
40.110.148.146.bc.googleusercontent.com
Software
nginx /
Resource Hash
ad1ae29a408a8162e21c7a42790f099b01562742f6e039eca88344f7e0f40257

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://shadowandact.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 27 May 2022 18:51:33 GMT
last-modified
Thu, 26 May 2022 21:02:16 GMT
server
nginx
etag
"628fead8-10072"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
65650
tv_d007_07115rt-1-scaled.jpg
cms.shadowandact.com/wp-content/uploads/2022/05/ 		495 KB
496 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms.shadowandact.com/wp-content/uploads/2022/05/tv_d007_07115rt-1-scaled.jpg
Requested by
Host: shadowandact.com
URL: https://shadowandact.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
146.148.110.40 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
40.110.148.146.bc.googleusercontent.com
Software
nginx /
Resource Hash
e80816ecc3965de4e203b9ce03eb39345fe3c16ff8a848ebacd3c1bd29dfd245

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://shadowandact.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 27 May 2022 18:51:33 GMT
last-modified
Thu, 26 May 2022 01:48:39 GMT
server
nginx
etag
"628edc77-7bbb3"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
506803
104-credit_-Stephanie-Mei-Ling-1.jpg
cms.shadowandact.com/wp-content/uploads/2022/05/ 		167 KB
167 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms.shadowandact.com/wp-content/uploads/2022/05/104-credit_-Stephanie-Mei-Ling-1.jpg
Requested by
Host: shadowandact.com
URL: https://shadowandact.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
146.148.110.40 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
40.110.148.146.bc.googleusercontent.com
Software
nginx /
Resource Hash
82f7961c501f705562fc1dea08f305fd3883fb0b0990cda6c7a9b64ec8f09163

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://shadowandact.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 27 May 2022 18:51:33 GMT
last-modified
Mon, 23 May 2022 03:11:20 GMT
server
nginx
etag
"628afb58-29b91"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
170897
EMRG_2021_UT_210414_COLQUA_00394_R-1-scaled.jpg
cms.shadowandact.com/wp-content/uploads/2022/05/ 		622 KB
623 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms.shadowandact.com/wp-content/uploads/2022/05/EMRG_2021_UT_210414_COLQUA_00394_R-1-scaled.jpg
Requested by
Host: shadowandact.com
URL: https://shadowandact.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
146.148.110.40 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
40.110.148.146.bc.googleusercontent.com
Software
nginx /
Resource Hash
266054685424ac313339cb7cc9866589d5ca27f69a79efd764caf6778717861a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://shadowandact.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 27 May 2022 18:51:33 GMT
last-modified
Sun, 22 May 2022 23:16:43 GMT
server
nginx
etag
"628ac45b-9b6e0"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
636640
embeddableActivated
66c37c86af1b42cd94b050774081e5e2.events.ubembed.com/ 		0
101 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://66c37c86af1b42cd94b050774081e5e2.events.ubembed.com/embeddableActivated?activationRuleId=de44fd1eb9fb4a24b8b840fea9710983&browserTrackingId=924ca6e814124c0ab35deeaf13b53e50&clientId=a5b4eb2f-f233-44d7-a639-1808eaa6e003&hostPageCorrelationId=f5a1cdc4d156476389ca708c1bb2d349&hostPageReferrerUrl=&hostPageUrl=https%3A%2F%2Fshadowandact.com%2F&isFirstTime=true&requestId=01a6e88350394c389a21c505761983e3&source=universalscript-v0.179.2
Requested by
Host: assets.ubembed.com
URL: https://assets.ubembed.com/universalscript/releases/v0.179.2/bundle.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.165.89.243 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-165-89-243.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://shadowandact.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://shadowandact.com
date
Fri, 27 May 2022 18:51:33 GMT
access-control-allow-credentials
true
embeddableViewed
66c37c86af1b42cd94b050774081e5e2.events.ubembed.com/ 		0
102 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://66c37c86af1b42cd94b050774081e5e2.events.ubembed.com/embeddableViewed?activationRuleId=de44fd1eb9fb4a24b8b840fea9710983&browserTrackingId=924ca6e814124c0ab35deeaf13b53e50&clientId=a5b4eb2f-f233-44d7-a639-1808eaa6e003&hostPageCorrelationId=f5a1cdc4d156476389ca708c1bb2d349&hostPageReferrerUrl=&hostPageUrl=https%3A%2F%2Fshadowandact.com%2F&isFirstTime=true&requestId=9b15c733cfbe420ea9c99c4b0fd31aef&source=universalscript-v0.179.2
Requested by
Host: assets.ubembed.com
URL: https://assets.ubembed.com/universalscript/releases/v0.179.2/bundle.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.165.89.243 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-165-89-243.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://shadowandact.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://shadowandact.com
date
Fri, 27 May 2022 18:51:33 GMT
access-control-allow-credentials
true
/
www.facebook.com/tr/ 		44 B
91 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=2168516986784216&ev=Microdata&dl=https%3A%2F%2Fshadowandact.com%2F&rl=&if=false&ts=1653677491877&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22SHADOW%20%26%20ACT%22%2C%22meta%3Adescription%22%3A%22On%20Film%2C%20Television%2C%20and%20Web%20Content%20of%20Africa%20and%20its%20Diaspora%22%7D&cd[OpenGraph]=%7B%22og%3Asite_name%22%3A%22Shadow%20and%20Act%22%2C%22og%3Atype%22%3A%22website%22%2C%22og%3Atitle%22%3A%22Shadow%20%26%20Act%22%2C%22og%3Adescription%22%3A%22On%20Film%2C%20Television%2C%20and%20Web%20Content%20of%20Africa%20and%20its%20Diaspora%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.61&r=stable&ec=1&o=30&fbp=fb.1.1653677491117.1600041987&it=1653677490928&coo=false&es=automatic&tm=3&rqm=GET
Requested by
Host: shadowandact.com
URL: https://shadowandact.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://shadowandact.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 27 May 2022 18:51:33 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority
u=3,i
expires
Fri, 27 May 2022 18:51:33 GMT
config
c.amazon-adsystem.com/cdn/prod/ 		0
309 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fshadowandact.com&pubid=fa641ac5-3be6-4213-a9a2-56dbb880db7c
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.156.255.177 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-156-255-177.dus51.r.cloudfront.net
Software
Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://shadowandact.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 27 May 2022 16:40:11 GMT
via
1.1 fa544a973edca8926f95609301f23b66.cloudfront.net (CloudFront)
server
Server
age
7881
x-cache
Hit from cloudfront
access-control-allow-origin
https://shadowandact.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
x-amz-cf-pop
DUS51-P2
x-amz-cf-id
T53fI_j0x_A_Rb8Osh2fYnORKOlsABnR3_Zal0YylsyJjcUeaVV5Tg==
bid
c.amazon-adsystem.com/e/dtb/ 		23 B
493 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fshadowandact.com%2F&pid=1B8v78dRlnURm&cb=0&ws=1600x1200&v=7.75.0&t=700&slots=%5B%7B%22sd%22%3A%22leaderboard_ad_1%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x250%22%2C%22970x90%22%2C%22970x66%22%5D%2C%22sn%22%3A%22%2F11462305847%2Fshadow%2Fhome%22%7D%5D&pj=%7B%22adRefresh%22%3A%221%22%7D&pubid=fa641ac5-3be6-4213-a9a2-56dbb880db7c&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.156.255.177 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-156-255-177.dus51.r.cloudfront.net
Software
Server /
Resource Hash
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://shadowandact.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 27 May 2022 18:51:33 GMT
via
1.1 fa544a973edca8926f95609301f23b66.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
DUS51-P2
x-amz-rid
8AHX5EE65KB4XS1GS11M
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://shadowandact.com
access-control-allow-credentials
true
permissions-policy
interest-cohort=()
strict-transport-security
max-age=47474747; includeSubDomains; preload
timing-allow-origin
*
content-length
23
x-amz-cf-id
lEXA9b9VFZs-wQUtvU45DIyJBNRCjlUJthkiJdRz7ZofLjaS4IDfuQ==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.156.255.177 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-156-255-177.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://shadowandact.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-amz-version-id
aaJeHz3g2a7aWr9hYquBq.aDaObnNoK3
content-encoding
gzip
etag
W/"a4d296427fc806b21335359e398c025c"
age
48940
x-cache
Hit from cloudfront
access-control-max-age
3000
access-control-allow-origin
*
last-modified
Thu, 28 Apr 2022 01:41:20 GMT
server
AmazonS3
date
Fri, 27 May 2022 05:15:54 GMT
vary
Origin
access-control-allow-methods
GET
content-type
application/javascript
via
1.1 347732911156afff87ff95b6d55b9278.cloudfront.net (CloudFront)
cache-control
public, max-age=86400
x-amz-cf-pop
DUS51-P2
x-amz-cf-id
purdXSLnuYOnKz73rP0H6_ZND-f-LcVDvR-rCWdYGnGHatjlC57cGg==
/
vtrk.doubleverify.com/ 		0
183 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://vtrk.doubleverify.com/?v=1&t=event&ec=page&cd105=%40dvpub%2Fsignals-pagetag%400.0.2&cid=3dbc3bcc-7c9d-47ec-b46d-8fb452fe615c&z=806127817005&ctx=24192157&cd160=9bfe9982-44b8-49f4-9f46-0ca64aa6f6fb&cd161=https%3A%2F%2Fshadowandact.com%2F&ea=load-pq&cd180=network&cm180=81&cm181=22&cm182=11&cm183=17&cm184=30&cm185=1&cm186=215&cm191=0&cmp=DV684348
Requested by
Host: pub.doubleverify.com
URL: https://pub.doubleverify.com/signals/pub.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.203.167.73 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-203-167-73.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://shadowandact.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

access-control-allow-origin
https://shadowandact.com
date
Fri, 27 May 2022 18:51:33 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
vary
Origin
access-control-allow-methods
GET, POST, OPTIONS
c2hhZG93YW5kYWN0LmNvbQ==
tcheck.outbrainimg.com/tcheck/check/ 		16 B
464 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tcheck.outbrainimg.com/tcheck/check/c2hhZG93YW5kYWN0LmNvbQ==
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.35.229.181 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-229-181.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
929701ed632814943e3df803ddd9e3f179ccf889c0ad7b7f3392bd8d109b174f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://shadowandact.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Fri, 27 May 2022 18:51:33 GMT
ETag
W/"10-us8lSJutAxKqLzf8c1+n5XstcwY"
Access-Control-Max-Age
43200
Access-Control-Allow-Methods
GET,POST
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=18588
Access-Control-Allow-Credentials
false
Connection
keep-alive
X-TraceId
6288ed1661f5c880c4a4687f5bc51df0
Content-Length
16
Expires
Sat, 28 May 2022 00:01:21 GMT
px.gif
widget-pixels.outbrain.com/widget/detect/ 		43 B
341 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://widget-pixels.outbrain.com/widget/detect/px.gif?ch=1
Requested by
Host: shadowandact.com
URL: https://shadowandact.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.20.157.165 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-20-157-165.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://shadowandact.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 27 May 2022 18:51:33 GMT
last-modified
Wed, 30 Sep 2020 14:22:29 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1601475749.911431"
access-control-allow-methods
GET,POST
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=2592000
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
content-length
43
expires
Sun, 26 Jun 2022 18:51:33 GMT
visit.js
tps.doubleverify.com/ Frame B7FD 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tps.doubleverify.com/visit.js?gdpr=&gdpr_consent=&flvr=0&ttmms=428&ttfrms=35&brid=3&brver=102.0.5005.61&bridua=3&bds=1&tstype=1&eparams=DC4FC%3Dl9EEADTbpTauTauD925%40H2%3F524E%5D4%40%3ETau&srcurlD=0&aUrlD=0&ssl=https:&dfs=1978&ddur=77&uid=1653677491971317&jsCallback=dvCallback_1653677491971669&dvtagver=6.1.src&navUa=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F102.0.5005.61%20Safari%2F537.36&htmlmsging=1&chro=1&hist=2&winh=1200&winw=1600&wouh=1200&wouw=1600&scah=1200&scaw=1600&jsver=2767&tgjsver=2767&lvvn=28&m1=13&refD=0&referrer=https%3A%2F%2Fshadowandact.com%2F&fwc=4&fcl=181&flt=0&fec=1244&fcifrms=6&brh=2&sdf=2&dvp_epl=52&noc=4&ctx=24192157&cmp=DV701242&btreg=%eaid!%ecid!&btadsrv=%eaid!%ecid!&adsrv=104&unit=%%WIDTH%%x%%HEIGHT%%&seltag=1&sadv=%eadv!&ord=%ebuy!&litm=%eaid!&scrt=%ecid!&splc=%%ADUNIT%%&adu=%epid!&c1=%%PATTERN:utm_source%%&c2=%%PATTERN:arb%%&c3=%%PATTERN:categories%%&errorURL=https://tps.doubleverify.com/visit.jpg&mib=0&dvp_scripthash=1&t2te=0&dvp_qtpid=%%PATTERN:pts_pid%%&dvp_qtsid=%%PATTERN:pts_sid%%&dvp_rcp=2&dvp_htec=1&dvp_seem=2&dvp_tuk=1&dvp_sukv=725949615730.2377&dvp_tukv=647052784872.751&dvp_uuid=2484899069.7124343&dvp_tuid=1487438303135
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements2767.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.149.12.213 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
213.12.149.34.bc.googleusercontent.com
Software
/
Resource Hash
845ed3cf57521d1cf5a6d45dc2eb97bb9b00509f88585116e8e490efe31385fa

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://shadowandact.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 27 May 2022 18:51:33 GMT
Content-Encoding
br
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
max-age=0
Transfer-Encoding
chunked
Connection
keep-alive
Expires
05/26/2022 18:51:33
ao
capi-tier-1-us-east-2.connatix.com/tr/ Frame 346C 		0
317 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi-tier-1-us-east-2.connatix.com/tr/ao?v=164162
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.189.255.1 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-189-255-1.us-east-2.compute.amazonaws.com
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
multipart/form-data

Response headers

date
Fri, 27 May 2022 18:51:32 GMT
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
application/x-protobuf
access-control-allow-origin
https://shadowandact.com
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
20
g
capi-tier-1-us-east-2.connatix.com/rtb/ Frame 346C 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi-tier-1-us-east-2.connatix.com/rtb/g?v=164162
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.189.255.1 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-189-255-1.us-east-2.compute.amazonaws.com
Software
Kestrel /
Resource Hash
66d3c189ad296f2200e21cdebe55213b849305816669c976e1feb902b7b842b8

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
multipart/form-data

Response headers

date
Fri, 27 May 2022 18:51:32 GMT
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
application/x-protobuf
access-control-allow-origin
https://shadowandact.com
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
821
ps
capi-tier-1-us-east-2.connatix.com/tr/ Frame 346C 		0
317 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi-tier-1-us-east-2.connatix.com/tr/ps?v=164162
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.189.255.1 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-189-255-1.us-east-2.compute.amazonaws.com
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
multipart/form-data

Response headers

date
Fri, 27 May 2022 18:51:32 GMT
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
application/x-protobuf
access-control-allow-origin
https://shadowandact.com
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
20
mq
capi-tier-1-us-east-2.connatix.com/tr/ Frame 346C 		0
317 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi-tier-1-us-east-2.connatix.com/tr/mq?v=164162
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.189.255.1 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-189-255-1.us-east-2.compute.amazonaws.com
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
multipart/form-data

Response headers

date
Fri, 27 May 2022 18:51:32 GMT
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
application/x-protobuf
access-control-allow-origin
https://shadowandact.com
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
20
69275a42-f1fb-4c74-b319-e4cf017e7472.jpg
img.connatix.com/pid-3f40e27c-3e51-471e-94ce-9d663bd2110d/95a36ebe-1dc7-4ce0-a450-f8dda38442aa/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.connatix.com/pid-3f40e27c-3e51-471e-94ce-9d663bd2110d/95a36ebe-1dc7-4ce0-a450-f8dda38442aa/69275a42-f1fb-4c74-b319-e4cf017e7472.jpg?crop=349:268,smart&width=349&height=268&format=jpeg&quality=60&fit=crop
Requested by
Host: shadowandact.com
URL: https://shadowandact.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
d0ba1f35e0443b5312c70de11868cafe09441ddecf1dfd69791773ad358ee90e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://shadowandact.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 27 May 2022 18:51:33 GMT
content-encoding
br
age
5687
etag
"UtQFOL71NhYwkMAzEnqlpByO3qblzvDS0Pf24BKWwFg"
access-control-max-age
86400
fastly-io-info
ifsz=142945 idim=1000x667 ifmt=jpeg ofsz=12471 odim=349x268 ofmt=jpeg
access-control-allow-origin
*
cache-control
max-age=2592000, public
fastly-stats
io=1
accept-ranges
bytes
content-type
image/jpeg
content-length
12079
smart
meta.resetdigital.co/ 		35 B
240 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://meta.resetdigital.co/smart?px=1000171&ck=000000B0949351C8&tp=gif&k=&t=SHADOW%20%26%20ACT&d=On%20Film%2C%20Television%2C%20and%20Web%20Content%20of%20Africa%20and%20its%20Diaspora&email=&purl=https%3A%2F%2Fshadowandact.com%2F
Requested by
Host: shadowandact.com
URL: https://shadowandact.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
45.55.126.42 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://shadowandact.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 27 May 2022 18:51:32 GMT
cache-control
no-cache, no-store, must-revalidate
expires
0
accept-ranges
bytes
content-length
35
content-type
image/gif
/
bpi.rtactivate.com/tag/ 		43 B
109 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bpi.rtactivate.com/tag/?id=20784&user_id=000000B0949351C8
Requested by
Host: shadowandact.com
URL: https://shadowandact.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.206.157.2 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-206-157-2.compute-1.amazonaws.com
Software
awselb/2.0 /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://shadowandact.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 27 May 2022 18:51:33 GMT
server
awselb/2.0
content-length
43
content-type
image/gif
tap.php
pixel.rubiconproject.com/
Redirect Chain
  • https://x.bidswitch.net/sync?dsp_id=447&user_id=000000B0949351C8&expires=90
  • https://x.bidswitch.net/ul_cb/sync?dsp_id=447&user_id=000000B0949351C8&expires=90
  • https://pixel.rubiconproject.com/tap.php?v=15796&nid=2760&put=14018679-16a5-4ae5-ac7b-b9be47c7a84f&expires=30
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=15796&nid=2760&put=14018679-16a5-4ae5-ac7b-b9be47c7a84f&expires=30
Requested by
Host: shadowandact.com
URL: https://shadowandact.com/
Protocol
HTTP/1.1
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://shadowandact.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
66ef90d06496cfd000aab8206f2b6221
Content-Type
image/gif

Redirect headers

Location
//pixel.rubiconproject.com/tap.php?v=15796&nid=2760&put=14018679-16a5-4ae5-ac7b-b9be47c7a84f&expires=30
Date
Fri, 27 May 2022 18:51:33 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
generic
match.adsrvr.org/track/cmf/
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=resetdigital&user_id=000000B0949351C8&expires=90
  • https://x.bidswitch.net/ul_cb/sync?ssp=resetdigital&user_id=000000B0949351C8&expires=90
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=bidswitch&ttd_tpi=1&ttd_puid=resetdigital&gdpr=&gdpr_consent=
70 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=bidswitch&ttd_tpi=1&ttd_puid=resetdigital&gdpr=&gdpr_consent=
Requested by
Host: shadowandact.com
URL: https://shadowandact.com/
Protocol
H2
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://shadowandact.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 27 May 2022 18:51:33 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

Redirect headers

Location
//match.adsrvr.org/track/cmf/generic?ttd_pid=bidswitch&ttd_tpi=1&ttd_puid=resetdigital&gdpr=&gdpr_consent=
Date
Fri, 27 May 2022 18:51:33 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
hbsync
ads.resetsrv.com/ 		35 B
323 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.resetsrv.com/hbsync?000000B0949351C8
Requested by
Host: shadowandact.com
URL: https://shadowandact.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
167.99.21.53 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://shadowandact.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 27 May 2022 18:51:33 GMT
cache-control
no-cache, no-store, must-revalidate
expires
0
accept-ranges
bytes
content-length
35
content-type
image/gif
info2
uipus.semasio.net/reset/1/
Redirect Chain
  • https://uipus.semasio.net/reset/1/info?sType=sync&sExtCookieId=000000B0949351C8&sInitiator=external
  • https://uipus.semasio.net/reset/1/info2?sType=sync&sExtCookieId=000000B0949351C8&sInitiator=external
42 B
604 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uipus.semasio.net/reset/1/info2?sType=sync&sExtCookieId=000000B0949351C8&sInitiator=external
Requested by
Host: shadowandact.com
URL: https://shadowandact.com/
Protocol
HTTP/1.1
Server
50.57.31.206 , United States, ASN19994 (RACKSPACE, US),
Reverse DNS
Software
/
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://shadowandact.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 27 May 2022 18:51:34 GMT
Frontend-ID
12
P3P
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
Access-Control-Allow-Origin
*
UIP-Response-Status
Ok
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Content-Type
image/gif
Content-Length
42
Routing-Server-ID
-1
Expires
Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 27 May 2022 18:51:33 GMT
Frontend-ID
13
Location
/reset/1/info2?sType=sync&sExtCookieId=000000B0949351C8&sInitiator=external
P3P
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
Access-Control-Allow-Origin
*
UIP-Response-Status
Ok
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
Keep-Alive
Content-Length
0
Routing-Server-ID
-1
Expires
Sat, 01 Jan 2011 12:00:00 GMT
postback
s.srvsynd.com/2/2.60.0/234175/AUqCbqgKEPfi8l_L/ 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.srvsynd.com/2/2.60.0/234175/AUqCbqgKEPfi8l_L/postback?oz_pl=1&ui=00000000-0000-0000-0000-000000000000&pp=453249929261197&dt=2341751597675869250012&md=2&ap=undefined&sr=connatix.com&ti=x1448421605612486237246558044160&de=2&to=3&pv=b6988ba0-68f5-49ca-97aa-3e6195926b39&di=shadowandact.com&ci=234175&_x=1
Requested by
Host: s.srvsynd.com
URL: https://s.srvsynd.com/2/234175/analytics.js?dt=2341751597675869250012&di=shadowandact.com&ui=00000000-0000-0000-0000-000000000000&md=2&ap=undefined&sr=connatix.com&pp=453249929261197&ti=x1448421605612486237246558044160&de=2&to=3&pv=b6988ba0-68f5-49ca-97aa-3e6195926b39
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
34.253.43.221 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-253-43-221.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://shadowandact.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 27 May 2022 18:51:32 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
main.js
s.srvsynd.com/2/2.60.0/ 		159 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.srvsynd.com/2/2.60.0/main.js
Requested by
Host: s.srvsynd.com
URL: https://s.srvsynd.com/2/234175/analytics.js?dt=2341751597675869250012&di=shadowandact.com&ui=00000000-0000-0000-0000-000000000000&md=2&ap=undefined&sr=connatix.com&pp=453249929261197&ti=x1448421605612486237246558044160&de=2&to=3&pv=b6988ba0-68f5-49ca-97aa-3e6195926b39
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
34.253.43.221 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-253-43-221.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
c79d5cbe20f878c9d34e153680485f519f53ec6ad857ef0d929279d5f6a09591
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://shadowandact.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Fri, 27 May 2022 18:51:32 GMT
Content-Encoding
br
Accept-Ch
Viewport-Width, Viewport-Height, Width, DPR, RTT, ECT, Device-Memory, Downlink, Save-Data
Vary
Origin, Accept-Encoding
Content-Type
text/javascript; charset=utf-8
Cache-Control
public, no-transform, immutable, max-age=999999999
Strict-Transport-Security
max-age=31536000; includeSubDomains
Timing-Allow-Origin
*
Content-Length
50851
Expires
Mon, 02 Feb 2054 17:26:43 GMT
69275a42-f1fb-4c74-b319-e4cf017e7472.jpg
img.connatix.com/pid-3f40e27c-3e51-471e-94ce-9d663bd2110d/95a36ebe-1dc7-4ce0-a450-f8dda38442aa/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.connatix.com/pid-3f40e27c-3e51-471e-94ce-9d663bd2110d/95a36ebe-1dc7-4ce0-a450-f8dda38442aa/69275a42-f1fb-4c74-b319-e4cf017e7472.jpg?crop=349:196,smart&width=349&height=196&format=jpeg&quality=60&fit=crop
Requested by
Host: shadowandact.com
URL: https://shadowandact.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
4534753423d3ed79038050e7519191ab26bd20eb3e3e4c37b4dae9397e7b7ff1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://shadowandact.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 27 May 2022 18:51:33 GMT
content-encoding
br
age
5687
etag
"KEnS8udvpcZ4hrqiwHSHOmaY1IzssNAfF80VL8LZof8"
access-control-max-age
86400
fastly-io-info
ifsz=142945 idim=1000x667 ifmt=jpeg ofsz=10355 odim=349x196 ofmt=jpeg
access-control-allow-origin
*
cache-control
max-age=2592000, public
fastly-stats
io=1
accept-ranges
bytes
content-type
image/jpeg
content-length
9976
5dc02b3c-cac4-4773-9ff0-3a1d8328c263.jpg
img.connatix.com/pid-3f40e27c-3e51-471e-94ce-9d663bd2110d/95a36ebe-1dc7-4ce0-a450-f8dda38442aa/ 		8 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.connatix.com/pid-3f40e27c-3e51-471e-94ce-9d663bd2110d/95a36ebe-1dc7-4ce0-a450-f8dda38442aa/5dc02b3c-cac4-4773-9ff0-3a1d8328c263.jpg?crop=349:196,smart&width=349&height=196&format=jpeg&quality=60&fit=crop
Requested by
Host: shadowandact.com
URL: https://shadowandact.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
83a4600079f08a25643533ab1198c47acf9416713e6e3a6f6d6f5aa37212e080

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://shadowandact.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 27 May 2022 18:51:33 GMT
content-encoding
br
age
5687
etag
"MfUDRVkqr8yRBOrCLQDIqi3b9esIFRJSIpGt/FBVHlw"
access-control-max-age
86400
fastly-io-info
ifsz=307491 idim=1118x745 ifmt=jpeg ofsz=7886 odim=349x196 ofmt=jpeg
access-control-allow-origin
*
cache-control
max-age=2592000, public
fastly-stats
io=1
accept-ranges
bytes
content-type
image/jpeg
content-length
7493
5c7f8d2f-f4d6-4984-b722-92288f0ccd90.jpg
img.connatix.com/pid-3f40e27c-3e51-471e-94ce-9d663bd2110d/95a36ebe-1dc7-4ce0-a450-f8dda38442aa/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.connatix.com/pid-3f40e27c-3e51-471e-94ce-9d663bd2110d/95a36ebe-1dc7-4ce0-a450-f8dda38442aa/5c7f8d2f-f4d6-4984-b722-92288f0ccd90.jpg?crop=349:196,smart&width=349&height=196&format=jpeg&quality=60&fit=crop
Requested by
Host: shadowandact.com
URL: https://shadowandact.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
4ec212a435931c47f932a125ae1fa0d7039feaa08a03e9ea68e92663f902f53a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://shadowandact.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 27 May 2022 18:51:33 GMT
content-encoding
br
age
5687
etag
"/cLrEDSOB4CtdSesPXGuGF0wSGzrADhdr2zEytkuNAA"
access-control-max-age
86400
fastly-io-info
ifsz=966111 idim=1276x682 ifmt=png ofsz=6959 odim=349x196 ofmt=jpeg
access-control-allow-origin
*
cache-control
max-age=2592000, public
fastly-stats
io=1
accept-ranges
bytes
content-type
image/jpeg
content-length
6563
f3d06437-2342-42ca-ac35-3862b5d7a355.jpg
img.connatix.com/pid-3f40e27c-3e51-471e-94ce-9d663bd2110d/95a36ebe-1dc7-4ce0-a450-f8dda38442aa/ 		8 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.connatix.com/pid-3f40e27c-3e51-471e-94ce-9d663bd2110d/95a36ebe-1dc7-4ce0-a450-f8dda38442aa/f3d06437-2342-42ca-ac35-3862b5d7a355.jpg?crop=349:196,smart&width=349&height=196&format=jpeg&quality=60&fit=crop
Requested by
Host: shadowandact.com
URL: https://shadowandact.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
60a225fb196e1ac838472e33634b8d5c4d44aaf5a6b997f0aa7e23a9a65d032b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://shadowandact.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 27 May 2022 18:51:33 GMT
content-encoding
br
age
5687
etag
"c8BflJZMLFUsq6idPkZEC6YOq+OhU/l9nhEy+zXaIOI"
access-control-max-age
86400
fastly-io-info
ifsz=280704 idim=2560x1440 ifmt=jpeg ofsz=7685 odim=349x196 ofmt=jpeg
access-control-allow-origin
*
cache-control
max-age=2592000, public
fastly-stats
io=1
accept-ranges
bytes
content-type
image/jpeg
content-length
7287
e827d41c-bc5e-4f82-92db-450851b55929.jpg
img.connatix.com/pid-3f40e27c-3e51-471e-94ce-9d663bd2110d/95a36ebe-1dc7-4ce0-a450-f8dda38442aa/ 		10 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.connatix.com/pid-3f40e27c-3e51-471e-94ce-9d663bd2110d/95a36ebe-1dc7-4ce0-a450-f8dda38442aa/e827d41c-bc5e-4f82-92db-450851b55929.jpg?crop=349:196,smart&width=349&height=196&format=jpeg&quality=60&fit=crop
Requested by
Host: shadowandact.com
URL: https://shadowandact.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
5ee630e87a172c7c1a1654235a6d216b24b904189496310bd469e689474bd092

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://shadowandact.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 27 May 2022 18:51:33 GMT
content-encoding
br
age
5687
etag
"h5c+2ouWN32j/5VQRg/FDFIjclZUpqSWmz2+F1+1r28"
access-control-max-age
86400
fastly-io-info
ifsz=331302 idim=2000x1333 ifmt=webp ofsz=9970 odim=349x196 ofmt=jpeg
access-control-allow-origin
*
cache-control
max-age=2592000, public
fastly-stats
io=1
accept-ranges
bytes
content-type
image/jpeg
content-length
9595
bridge3.517.2_en.html
imasdk.googleapis.com/js/core/ Frame 058F 		635 KB
205 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.517.2_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
50b9a3ff7ad63b639a8d69e0e54c427e9cd1d35dfa3884b0083eb0adca066174
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://shadowandact.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
37895
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
210269
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Fri, 27 May 2022 08:19:58 GMT
expires
Sat, 27 May 2023 08:19:58 GMT
last-modified
Mon, 23 May 2022 16:49:57 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
client.js
s0.2mdn.net/instream/video/ Frame 346C 		44 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 27 May 2022 18:51:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16746
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 27 May 2022 18:51:33 GMT
integrator.js
adservice.google.com/adsid/ Frame 346C 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 27 May 2022 18:51:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
bridge3.517.2_en.html
imasdk.googleapis.com/js/core/ Frame 9415 		635 KB
205 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.517.2_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
50b9a3ff7ad63b639a8d69e0e54c427e9cd1d35dfa3884b0083eb0adca066174
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://shadowandact.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
37895
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
210269
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Fri, 27 May 2022 08:19:58 GMT
expires
Sat, 27 May 2023 08:19:58 GMT
last-modified
Mon, 23 May 2022 16:49:57 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
bridge3.517.2_en.html
imasdk.googleapis.com/js/core/ Frame 19C3 		635 KB
205 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.517.2_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
50b9a3ff7ad63b639a8d69e0e54c427e9cd1d35dfa3884b0083eb0adca066174
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://shadowandact.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
37895
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
210269
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Fri, 27 May 2022 08:19:58 GMT
expires
Sat, 27 May 2023 08:19:58 GMT
last-modified
Mon, 23 May 2022 16:49:57 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
dwce_cheq_events
log.outbrainimg.com/loggerServices/ 		4 B
325 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://log.outbrainimg.com/loggerServices/dwce_cheq_events?timestamp=1653677492266&sessionId=edc93cb0-4135-8c5b-e7f8-7778ffaf8ef5&url=shadowandact.com&cheqSource=1&cheqEvent=3&responseTime=333
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.202.112.223 Harrodsburg, United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://shadowandact.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 27 May 2022 18:51:33 GMT
Access-Control-Allow-Methods
GET,POST
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
X-TraceId
8a3a0a8774a63402401d5fe91b8ad075
Content-Length
4
Expires
0
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame D01E 		37 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://shadowandact.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 27 May 2022 17:57:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3232
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12861
x-xss-protection
0
last-modified
Tue, 26 Oct 2021 20:08:54 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Fri, 27 May 2022 18:57:41 GMT
/
vtrk.doubleverify.com/ 		0
182 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://vtrk.doubleverify.com/?v=1&t=event&ec=page&cd105=%40dvpub%2Fsignals-pagetag%400.0.2&cid=3dbc3bcc-7c9d-47ec-b46d-8fb452fe615c&z=352113813626&ctx=24192157&cd160=4793c9f1-3f72-4757-9e18-5e57e7af1794&cd161=https%3A%2F%2Fshadowandact.com%2F&ea=load-signals&cd191=7120f1497e669244&cd180=network&cm180=227&cm181=0&cm182=0&cm183=0&cm184=201&cm185=1&cm186=559&cm170=1&cd187=ids%20iqc&cm187=23&cd171=84011001&cd188=bsc%20iqc&cm188=26&cd189=vlp%20kv&cm189=66&cm190=103&cd190=rauth%20kv&cm191=103&cd175=%7B%227947aed0-a33a-4ac2-8a38-c06fb2b78884%22%3A%7B%22VLP%22%3A%220%22%2C%22TVP%22%3A%220-1%22%7D%2C%22b84fa991-a90f-4cf8-8cf0-3b5301703570%22%3A%7B%22VLP%22%3A%221%22%2C%22TVP%22%3A%223-5%22%7D%7D&cmp=DV684348
Requested by
Host: pub.doubleverify.com
URL: https://pub.doubleverify.com/signals/pub.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.203.167.73 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-203-167-73.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://shadowandact.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

access-control-allow-origin
https://shadowandact.com
date
Fri, 27 May 2022 18:51:33 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
vary
Origin
access-control-allow-methods
GET, POST, OPTIONS
/
vtrk.doubleverify.com/ 		0
182 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://vtrk.doubleverify.com/?v=1&t=event&ec=page&cd105=%40dvpub%2Fsignals-pagetag%400.0.2&cid=3dbc3bcc-7c9d-47ec-b46d-8fb452fe615c&z=732297748452&ctx=24192157&cd160=68a4f65c-9834-4f39-9827-868d6789f49d&cd161=https%3A%2F%2Fshadowandact.com%2F&ea=load-signals&cd191=7120f1497e699244&cd180=network&cm180=227&cm181=0&cm182=0&cm183=0&cm184=201&cm185=1&cm186=562&cm170=1&cd187=ids%20iqc&cm187=23&cd171=84011001&cd188=bsc%20iqc&cm188=26&cd189=vlp%20kv&cm189=66&cm190=103&cd190=rauth%20kv&cm191=103&cd175=%7B%227947aed0-a33a-4ac2-8a38-c06fb2b78884%22%3A%7B%22VLP%22%3A%220%22%2C%22TVP%22%3A%220-1%22%7D%2C%22b84fa991-a90f-4cf8-8cf0-3b5301703570%22%3A%7B%22VLP%22%3A%221%22%2C%22TVP%22%3A%223-5%22%7D%7D&cmp=DV684348
Requested by
Host: pub.doubleverify.com
URL: https://pub.doubleverify.com/signals/pub.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.203.167.73 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-203-167-73.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://shadowandact.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

access-control-allow-origin
https://shadowandact.com
date
Fri, 27 May 2022 18:51:33 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
vary
Origin
access-control-allow-methods
GET, POST, OPTIONS
integrator.js
adservice.google.de/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=shadowandact.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022052501.js?cb=31067809
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4014:80f::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://shadowandact.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 27 May 2022 18:51:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=shadowandact.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022052501.js?cb=31067809
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://shadowandact.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 27 May 2022 18:51:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=gpt_paw&pvsid=2604962229433622&vrg=2022052501&nw_id=11462305847&nslots=2&eid=31067809%2C44761478%2C31064019&pub_url=https%3A%2F%2Fshadowandact.com%2F&sig=1&req=0&req_cnt=1&dm=8
Requested by
Host: shadowandact.com
URL: https://shadowandact.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://shadowandact.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 27 May 2022 18:51:33 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		21 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2604962229433622&correlator=4463425744133019&eid=31067809%2C44761478%2C31064019&output=ldjh&gdfp_req=1&vrg=2022052501&ptt=17&impl=fif&iu_parts=11462305847%2Cshadow%2Chome&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90%7C970x250%7C970x90%7C970x66&ifi=1&adks=765179704&sfv=1-0-38&ecs=20220527&fsapi=false&prev_scp=pos%3Dleaderboard_ad%26tld%3Dshadowandact.com%26TLD_POSITION%3Dshadowandact.com_leaderboard_ad_1%26fqdn%3Dshadowandact.com%26refresh%3D0_shadowandact.com%26refresh_count%3D0%26domId%3Dleaderboard_ad_1%26FURL%3D%252F%26SURL%3D42099b4af021e53fd8fd4e056c2568d7c2e3ffa8%26sttrackid%3Dkgrimb850rj%26GMAV%3D0_shadowandact.com%26PAV%3D0_shadowandact.com%26amznbid%3D2%26amznp%3D2%26VLP%3D1%26pts_sid%3Db84fa991-a90f-4cf8-8cf0-3b5301703570%26TVP%3D3-5%26BSC%3D84011001%26IDS%3D1%26tld_hb_bidder%3Dshadowandact.com_appnexus%26amznsz%3D0x0%26hb_format%3Dbanner%26hb_size%3D970x250%26hb_pb%3D0.05%26hb_adid%3D199ee1f7140101%26hb_bidder%3Dappnexus&eri=1&cust_params=ctype%3Dunknown%26minute_rb%3D5SOV_1%26second_rb%3D5SOV_31%26referrer%3Dother%26device%3Ddesktop%26video%3Dno%26pts_pid%3D3dbc3bcc-7c9d-47ec-b46d-8fb452fe615c%26IDS%3D1%26BSC%3D84011001&sc=1&cookie_enabled=1&abxe=1&dt=1653677492324&lmt=1653677492&dlt=1653677489891&idt=1573&biw=1600&bih=1200&adxs=436&adys=2014&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2Fshadowandact.com%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=1600x0&msz=1600x0&fws=4&ohw=1600&ga_vid=346333194.1653677491&ga_sid=1653677492&ga_hid=513413952&ga_fc=true&btvi=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022052501.js?cb=31067809
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
feb45be43fea14728a131f58a610dda78f54d547c1b575f5c2db3edcddd02047
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://shadowandact.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 27 May 2022 18:51:33 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9741
x-xss-protection
0
google-lineitem-id
5733375311
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138354784080
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://shadowandact.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
d675ad9298e7296b35425808546f97a6.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 892C 		6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://d675ad9298e7296b35425808546f97a6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022052501.js?cb=31067809
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://shadowandact.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 27 May 2022 18:51:33 GMT
expires
Sat, 27 May 2023 18:51:33 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 150C 		37 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://shadowandact.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 27 May 2022 17:57:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3232
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12861
x-xss-protection
0
last-modified
Tue, 26 Oct 2021 20:08:54 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Fri, 27 May 2022 18:57:41 GMT
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame A771 		37 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://shadowandact.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 27 May 2022 17:57:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3232
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12861
x-xss-protection
0
last-modified
Tue, 26 Oct 2021 20:08:54 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Fri, 27 May 2022 18:57:41 GMT
postback
s.srvsynd.com/2/2.60.0/234175/AUqCbqgKEPfi8l_L/ 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.srvsynd.com/2/2.60.0/234175/AUqCbqgKEPfi8l_L/postback?oz_pl=1&ui=00000000-0000-0000-0000-000000000000&pp=453249929261197&dt=2341751597675869250012&md=2&ap=undefined&sr=connatix.com&ti=x1448421605612486237246558044160&de=2&to=3&pv=b6988ba0-68f5-49ca-97aa-3e6195926b39&di=shadowandact.com&ci=234175&_x=1
Requested by
Host: s.srvsynd.com
URL: https://s.srvsynd.com/2/234175/analytics.js?dt=2341751597675869250012&di=shadowandact.com&ui=00000000-0000-0000-0000-000000000000&md=2&ap=undefined&sr=connatix.com&pp=453249929261197&ti=x1448421605612486237246558044160&de=2&to=3&pv=b6988ba0-68f5-49ca-97aa-3e6195926b39
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
34.253.43.221 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-253-43-221.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://shadowandact.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 27 May 2022 18:51:33 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
view
securepubads.g.doubleclick.net/pcs/ Frame 6295 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuCUFOm4i9XPgXP6BNencVPMm5WHTDyj39FXPOIHMKxw_RJwtXfoUk61FPh634RBM4cwZpCcfIAsqORuTazgqUrZrWvseI7urz2LGSY46h20oGyVTvWDVxf7WcuxyzRXWONu73VpuNcOle2hzjl80V-AsHm7XDa8JSP7gf_35tqpIWafWWEmc2XbBKT2-ZzRzfm9n1fceJby4BqOy-f2mROIgoPvIDnjpVOjyo1B8ComnVCsIhe0i4dnbl4EgeHMjx_Nmxe9uIYA85WZXWS2EaECPWnNkPNY2GKLHHNXSg2TAGtrICmOA_ccIbSqAQ&sai=AMfl-YTRgjiGGCjU6KoodFhP9qc4oVHG0Vt4LjHf0xrLViLOWxVfLCSyglGdMACLKrP8KXwX2smBY1lG__x2-ZjS2_FNX2QyndskBt2P6RsWHH4pngjGgyl8cN-KPpXDpS0&sig=Cg0ArKJSzIBka-cfeptiEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: shadowandact.com
URL: https://shadowandact.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://shadowandact.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 27 May 2022 18:51:33 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Fri, 27 May 2022 18:51:33 GMT
creative.js
cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/ Frame 6295 		26 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/creative.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022052501.js?cb=31067809
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e72a4d605e3d5af4047f1f34af4008981be221e0809e57805c6011c451f81c14
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://shadowandact.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 27 May 2022 18:51:34 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
fastly-original-body-size
8874
age
34018
x-jsd-version
1.13.0
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra19137-FRA, cache-hhn4071-HHN
timing-allow-origin
*
x-jsd-version-type
version
server
cloudflare
etag
W/"682b-2ihEYwqesMldd0dS8BiHEV2ELiA"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OjBQ34ABjDq9%2BvYw1YhasgNhFAq1jh1oD%2BJvEkkOgHRYa3JJpPN%2F3oQvrAAfNRrkmci0euh5aJWy1LPfITbrVy9m1Q7XRbP1FU3AZWk%2F4JYBX%2Fy07oer2vMcr%2BJ578WPKpWxwQ31dueadhNk%2BlQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
cf-ray
7120f1515c80995d-FRA
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 6295 		136 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022052501.js?cb=31067809
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e4a7e92291c7c3762e70fa50a9125648bf36ceb3756d1a8aab689bcea989d8e4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://shadowandact.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 27 May 2022 18:51:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42680
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1653478767633683"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 27 May 2022 18:51:33 GMT
dvtp_src.js
cdn.doubleverify.com/ Frame 6295 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dvtp_src.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022052501.js?cb=31067809
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:68a::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
bea1f2e1b6c000d5289dd1de1a9475c9245d3afe0a021ece086400dccdca1d42

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://shadowandact.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Fri, 27 May 2022 18:51:33 GMT
Content-Encoding
gzip
Last-Modified
Mon, 16 May 2022 12:36:02 GMT
Server
Microsoft-IIS/10.0
ETag
"0659c802169d81:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3303
g
capi-tier-1-us-east-2.connatix.com/rtb/ Frame 346C 		0
317 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi-tier-1-us-east-2.connatix.com/rtb/g?v=164162
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.189.255.1 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-189-255-1.us-east-2.compute.amazonaws.com
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
multipart/form-data

Response headers

date
Fri, 27 May 2022 18:51:33 GMT
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
application/x-protobuf
access-control-allow-origin
https://shadowandact.com
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
20
postback
s.srvsynd.com/2/2.60.0/234175/AUqCbqgKEPfi8l_L/ 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.srvsynd.com/2/2.60.0/234175/AUqCbqgKEPfi8l_L/postback?ui=00000000-0000-0000-0000-000000000000&pp=453249929261197&dt=2341751597675869250012&md=2&ap=undefined&sr=connatix.com&ti=x1448421605612486237246558044160&de=2&to=3&pv=b6988ba0-68f5-49ca-97aa-3e6195926b39&di=shadowandact.com&ci=234175&sid=AUqCbqgKEPfi8l_L&oz_sc=0030275dff3765af74dbfd85&oz_df=1653677492819&oz_l=130&cv=3
Requested by
Host: s.srvsynd.com
URL: https://s.srvsynd.com/2/2.60.0/main.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
34.253.43.221 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-253-43-221.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://shadowandact.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 27 May 2022 18:51:33 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
win.html
d.adup-tech.com/rtb/ Frame 0E6A 		35 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://d.adup-tech.com/rtb/win.html?b=21750700&p=22af4af680eafc5713ca06e890cb2deb&sid=2689&tid=lt4nOy0yNjg5XzAtNzQwMDUxNzIxNjc1MjA4ODIyNiAgICAgICAgICAgICAgICAg&bid=0.0639&cpmcrypt=&rt=1653677492.7099037&data=dAABAPA4mQAAAAAAEAAeAOqmBzqZ67k4AACAPwEAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQC63JgAAAAAAGQAAgAAAM3MzD5YeQAAygP6AIIKAACs40sBAAABAAAAMwAAAFgAAABIKwAAAgACAAAAEABERUhFc2hhZG93YW5kYWN0LmNvbTc3MDdkYWZmNTkxOWQwMTE0OGU1ZDkyZjQ0OGE2ODg4&dr=1&sspuid=8yz6_dbdQhCtdikR20um&ref=https%3A%2F%2Fshadowandact.com%2F
Requested by
Host: console.adgrid.io
URL: https://console.adgrid.io/adgrid-build/ad-grid-shadowandact-com.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d014:943:a602:bc4:f0e7:77e7:16a5 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
2be17be7cf0890b06280537fe8e49a0190bfa93c33d4e9e80e7c1157d515c9ec

Request headers

Referer
https://shadowandact.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, max-age=60
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Fri, 27 May 2022 18:51:34 GMT
p3p
policyref="/w3c/p3p.xml", CP="OTC NOI DSP COR PSAo PSDo IVAo IVDo OTPo OUR IND"
server
nginx
rd_log
ams1-ib.adnxs.com/ Frame 6295 		0
809 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ams1-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Fshadowandact.com%2F&e=wqT_3QKIBOgIAgAAAwDWAAUBCLS7xJQGEOKr6MiE_pH8XRgAKjYJ6-I2GsBbsD8ReNFXkGYsqj8ZAAAAIFyPCEAheA0SACkRJNAxAAAAoEfh2j8wrMevCjitP0DmWUjZA1D3-rqdAVjG0U9gAGjE5mh4v4EDgAEBigEDVVNEkgUG9BcBmAHKB6AB-gGoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQDYAgDgArjDPuoCGWh0dHBzOi8vc2hhZG93YW5kYWN0LmNvbS-AAwCIAwGQAwCYAxegAwGqAwDAA6wCyAMA2AP6mJMB4AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIECjgxLjk1LjUuMzaoBACyBA8IABABGNgFIFooADAAOAK4BADABADIBADaBAIIAeAEAfAE9_q6nQGIBQGYBQCgBaLprpWv5vrZZsAFAMkFAAAAAAAA8D_SBQkJAAAAAAAAAADYBQHgBQHwBbTMH_oFBAgAEACQBgCYBgC4BgDBBgAAAAAAAPA_2gYWChAAAAAAAAkSBQFgEAAYAOAGAfIGAggAgAcBiAcAoAcBugcPCAUaRCAAMAA4vwZAAMgHv4ED0gcNCQU1BAAABR4I2gcGCSdo4AcA6gcCCADwB_nTAooIAhAAlQgAAIA_mAgB&s=b43e15e4e73786fe5fb109ca4808947a43839769&bdref=https%3A%2F%2Fshadowandact.com%2F&bdtop=true&bdifs=1&bstk=https%3A%2F%2Fshadowandact.com%2F,https%3A%2F%2Fshadowandact.com%2F&
Requested by
Host: shadowandact.com
URL: https://shadowandact.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.89 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
719.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://shadowandact.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 27 May 2022 18:51:34 GMT
X-Proxy-Origin
81.95.5.36; 81.95.5.36; 719.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
bd8957f0-e010-41fa-ada2-6b7fe93fc8ff
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
trk.js
cdn.adnxs.com/v/s/224/ Frame 6295 		85 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adnxs.com/v/s/224/trk.js
Requested by
Host: console.adgrid.io
URL: https://console.adgrid.io/adgrid-build/ad-grid-shadowandact-com.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.102.28.239 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-102-28-239.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
c652cb3dcc3b49133285c42c49b296c3a3af4f9fceffde1022a6e3539e2422b1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://shadowandact.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Fri, 27 May 2022 18:51:34 GMT
Content-Encoding
gzip
Last-Modified
Thu, 24 Feb 2022 08:58:20 GMT
Server
AkamaiNetStorage
ETag
"80cd3e09497c9fa4207d756c9d41697c:1645693100.060631"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*, *
Cache-Control
max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
29216
Expires
Sat, 27 May 2023 18:51:34 GMT
it
ams1-ib.adnxs.com/ Frame 6295 		0
809 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ams1-ib.adnxs.com/it?an_audit=0&referrer=https%253A%252F%252Fshadowandact.com%252F&e=wqT_3QLPCOhPBAAAAwDWAAUBCLS7xJQGEOKr6MiE_pH8XRgAKjYJ6-I2GsBbsD8ReNFXkGYsqj8ZAAAAIFyPCEAheA0SACkRJNAxAAAAoEfh2j8wrMevCjitP0DmWUjZA1D3-rqdAVjG0U9gAGjE5mh4v4EDgAEBigEDVVNEkgUG8O2YAcoHoAH6AagBAbABALgBAcABBcgBAtABANgBAOABAPABANgCAOACuMM-6gIZaHR0cHM6Ly9zaGFkb3dhbmRhY3QuY29tL4ADAIgDAZADAJgDF6ADAaoDxgQKjQRodHRwOi8vZC5hZHVwLXRlY2guY29tL3J0Yi91bnNlY3VyZS13aW4_cD0yMmFmNGFmNjgwZWFmYzU3MTNjYTA2ZTg5MGNiMmRlYiZzaWQ9MjY4OSZ0aWQ9bHQ0bk95MHlOamc1WHpBdE56UXdNRFV4TnpJeE5qYzFNakE0T0RJeU5pQWdJQ0FnSUNBZ0lDQWdJDQjwaSZiaWQ9MC4wNjM5JmNwbWNyeXB0PSR7QVVDVElPTl9QUklDRX0mcnQ9MTY1MzY3NzQ5Mi43MDk5MDM3JmRhdGE9ZEFBQkFQQTRtUUFBQUFBQUVBQWVBT3FtQnpxWjY3azRBQUNBUHdFQUEBHQEefgEAFFFDNjNKZwkmDEdRQUEBC3RNM016RDVZZVFBQXlnUDZBSUlLQUFDczQwc0JBQUEBBBhBTXdBQUFGAS0IQklLAQwIZ0FDAUXwgUVBQkVSVWhGYzJoaFpHOTNZVzVrWVdOMExtTnZiVGMzTURka1lXWm1OVGt4T1dRd01URTBPR1UxWkRreVpqUTBPR0UyT0RnNCZkaT0xJmRzPTEmc3NwdWlkPTh5ejZfZGJkUWhDdGRpa1IyMHVtJnJlZj1odHRwcyUzQSUyRiUyRnM6IQLwmiUyRhoTNjc3MTI0MTEzNzA5NTcxMDE3OCoFMTE0OTQ6GE1YZzVOekI0TWpVd2VGczFNREE0WFFfX8ADrALIAwDYA_qYkwHgAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQKODEuOTUuNS4zNqgEALIEDwgAEAEY2AUgWigAMAA4ArgEAMAEAMgEANoEAggB4AQB8AT3YSNYiAUBmAUAoAWi6a6Vr-b62WbABQDJBQAFARTwP9IFCQkFC3wAAADYBQHgBQHwBbTMH_oFBAgAEACQBgCYBgC4BgDBBgEhIAAA8D_aBhYKEAkNGQFcEAAYAOAGAfIGAggAgAcBiAcAoAcBugcPAURIGAAgADAAOL8GQADIB7-BA9IHDRVyATgI2gcGCSdo4AcA6gcCCADwB_nTAooIAhAAlQgAAIA_mAgB&s=1efcbb0619571457058f001b4e17cb8fca4d3d1e
Requested by
Host: console.adgrid.io
URL: https://console.adgrid.io/adgrid-build/ad-grid-shadowandact-com.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.89 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
719.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://shadowandact.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 27 May 2022 18:51:34 GMT
X-Proxy-Origin
81.95.5.36; 81.95.5.36; 719.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
63aed406-6342-4cc0-8321-ec72b9fbf860
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
ads
pubads.g.doubleclick.net/gampad/ Frame 058F 		70 KB
16 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F11462305847%2Fshadow%2Fconnatix&cust_params&description_url=https%3A%2F%2Fshadowandact.com%2F&tfcd=0&npa=0&sz=640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=2578090523680716&sdkv=h.3.517.2&osd=2&frm=1&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&u_so=l&ctv=0&sdki=44d&ptt=20&adk=622299487&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.517.2&sid=29FD6BF1-1EE6-4FC2-9520-3C9275360EA0&nel=0&eid=44725355%2C44750822%2C44760950%2C44761692%2C44762462&top=https%3A%2F%2Fshadowandact.com%2F&url=https%3A%2F%2Fshadowandact.com%2F&loc=about%3Ablank&dlt=1653677490063&idt=2792&dt=1653677493027&cookie=ID%3D209d702b8bca462e-22fd4e94a0cd00a7%3AT%3D1653677493%3AS%3DALNI_MZHpN7VYEinMa2N0aHVAcRZAsdkpw&scor=2632024636827705&ged=ve4_td3_tt0_pd3_la3000_er793.1153.952.1459_vi0.0.1200.1600_vp100_eb24171
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.517.2_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
d3426db94d60ccaae3686843153a8290b387de5e71c664b77d46d66fed472a9c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 27 May 2022 18:51:34 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15732
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
postback
s.srvsynd.com/2/2.60.0/234175/AUqCbqgKEPfi8l_L/ 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.srvsynd.com/2/2.60.0/234175/AUqCbqgKEPfi8l_L/postback?ui=00000000-0000-0000-0000-000000000000&pp=453249929261197&dt=2341751597675869250012&md=2&ap=undefined&sr=connatix.com&ti=x1448421605612486237246558044160&de=2&to=3&pv=b6988ba0-68f5-49ca-97aa-3e6195926b39&di=shadowandact.com&ci=234175&sid=AUqCbqgKEPfi8l_L&oz_sc=0030275dff3765af74dbfd85&oz_df=1653677493022&oz_l=4154&cv=3
Requested by
Host: s.srvsynd.com
URL: https://s.srvsynd.com/2/2.60.0/main.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
34.253.43.221 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-253-43-221.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://shadowandact.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 27 May 2022 18:51:33 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
03491db6-9bc2-4889-8405-591ae32bdf3f
https://shadowandact.com/ Frame 0A9E 		185 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://shadowandact.com/03491db6-9bc2-4889-8405-591ae32bdf3f
Requested by
Host: shadowandact.com
URL: https://shadowandact.com/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
848fe19ed492948709b881f504ce2eb6274baa694606ca88eb9b2990a2460caf

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Content-Length
185
Content-Type
application/javascript
css
fonts.googleapis.com/ Frame 0E6A 		5 KB
665 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:400,700
Requested by
Host: d.adup-tech.com
URL: https://d.adup-tech.com/rtb/win.html?b=21750700&p=22af4af680eafc5713ca06e890cb2deb&sid=2689&tid=lt4nOy0yNjg5XzAtNzQwMDUxNzIxNjc1MjA4ODIyNiAgICAgICAgICAgICAgICAg&bid=0.0639&cpmcrypt=&rt=1653677492.7099037&data=dAABAPA4mQAAAAAAEAAeAOqmBzqZ67k4AACAPwEAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQC63JgAAAAAAGQAAgAAAM3MzD5YeQAAygP6AIIKAACs40sBAAABAAAAMwAAAFgAAABIKwAAAgACAAAAEABERUhFc2hhZG93YW5kYWN0LmNvbTc3MDdkYWZmNTkxOWQwMTE0OGU1ZDkyZjQ0OGE2ODg4&dr=1&sspuid=8yz6_dbdQhCtdikR20um&ref=https%3A%2F%2Fshadowandact.com%2F
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
53c25022c1d2e1ba728dfa5458fe7b244f36518b8a9cbe351485570b46ffbdd7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d.adup-tech.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 27 May 2022 17:34:15 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Fri, 27 May 2022 18:51:34 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 27 May 2022 18:51:34 GMT
truncated
/ Frame 0E6A 		44 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d6108dede25017acc3584e1c5c5905991d4b30685954bb0aacbb2e099791b0d0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Content-Type
image/gif
oba_sd.png
m.adup-tech.com/images/icons/ Frame 0E6A 		164 B
456 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.adup-tech.com/images/icons/oba_sd.png
Requested by
Host: d.adup-tech.com
URL: https://d.adup-tech.com/rtb/win.html?b=21750700&p=22af4af680eafc5713ca06e890cb2deb&sid=2689&tid=lt4nOy0yNjg5XzAtNzQwMDUxNzIxNjc1MjA4ODIyNiAgICAgICAgICAgICAgICAg&bid=0.0639&cpmcrypt=&rt=1653677492.7099037&data=dAABAPA4mQAAAAAAEAAeAOqmBzqZ67k4AACAPwEAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQC63JgAAAAAAGQAAgAAAM3MzD5YeQAAygP6AIIKAACs40sBAAABAAAAMwAAAFgAAABIKwAAAgACAAAAEABERUhFc2hhZG93YW5kYWN0LmNvbTc3MDdkYWZmNTkxOWQwMTE0OGU1ZDkyZjQ0OGE2ODg4&dr=1&sspuid=8yz6_dbdQhCtdikR20um&ref=https%3A%2F%2Fshadowandact.com%2F
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700:10::ac43:1a76 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c21311b7dc1cbc9f0e2ae5da94511728b776110bd0d9e607589d01028064ff25

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d.adup-tech.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 27 May 2022 18:51:34 GMT
via
1.1 d95e5e5d3f02e7eb505dee0af2d6038e.cloudfront.net (CloudFront)
cf-cache-status
HIT
age
10581776
cf-polished
origFmt=png, origSize=415
x-cache
Hit from cloudfront
content-disposition
inline; filename="oba_sd.webp"
content-length
164
last-modified
Wed, 25 Aug 2021 09:33:20 GMT
server
cloudflare
etag
"61260e60-19f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
cache-control
public, max-age=31536000
x-amz-cf-pop
MSP50-C1
accept-ranges
bytes
cf-ray
7120f1532d0c9028-FRA
x-amz-cf-id
XvbuJIEeOh3ZknOG4JkfXlbmGGQyDfW31xMAJZky5CmFODAZRagkww==
cf-bgj
imgq:100,h2pri
19lxv8xi1x0x95x6s.jpg
m.adup-tech.com/ad_image/c/bd/I6/R2r_igP5UV5T1Y515A/ Frame 0E6A 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.adup-tech.com/ad_image/c/bd/I6/R2r_igP5UV5T1Y515A/19lxv8xi1x0x95x6s.jpg?b&1kji4ue
Requested by
Host: d.adup-tech.com
URL: https://d.adup-tech.com/rtb/win.html?b=21750700&p=22af4af680eafc5713ca06e890cb2deb&sid=2689&tid=lt4nOy0yNjg5XzAtNzQwMDUxNzIxNjc1MjA4ODIyNiAgICAgICAgICAgICAgICAg&bid=0.0639&cpmcrypt=&rt=1653677492.7099037&data=dAABAPA4mQAAAAAAEAAeAOqmBzqZ67k4AACAPwEAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQC63JgAAAAAAGQAAgAAAM3MzD5YeQAAygP6AIIKAACs40sBAAABAAAAMwAAAFgAAABIKwAAAgACAAAAEABERUhFc2hhZG93YW5kYWN0LmNvbTc3MDdkYWZmNTkxOWQwMTE0OGU1ZDkyZjQ0OGE2ODg4&dr=1&sspuid=8yz6_dbdQhCtdikR20um&ref=https%3A%2F%2Fshadowandact.com%2F
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700:10::ac43:1a76 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1294d317042546120b98070acdd864cf57c0c304f0bed880123eafc3227563b3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d.adup-tech.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 27 May 2022 18:51:34 GMT
via
1.1 d16428714e022976873ccc980fdc1288.cloudfront.net (CloudFront)
cf-cache-status
HIT
age
158893
cf-polished
origSize=9255, status=webp_bigger
cf-ray
7120f1532d0d9028-FRA
x-cache
Miss from cloudfront
content-length
9174
last-modified
Wed, 25 May 2022 22:31:33 GMT
server
cloudflare
etag
"4e3b3931951773dcaba1520983ba2cd7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-amz-version-id
null
cache-control
public, max-age=31536000
x-amz-cf-pop
FRA53-C1
accept-ranges
bytes
content-type
image/jpeg
x-amz-cf-id
iTKPEEFRVQ1D22Hby2J9HqfYQa-v7QYCI4qudttI-I7krOoXqADVPQ==
cf-bgj
imgq:100,h2pri
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v29/ Frame 0E6A 		44 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v29/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,700
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a658b2be7323c57d4bd5c4197b657e1f5360d1b950131dc377efec1d5111ffd0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://d.adup-tech.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Mon, 23 May 2022 23:32:09 GMT
x-content-type-options
nosniff
age
328765
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44800
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:25:14 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 23 May 2023 23:32:09 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 6295 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu2S5FY_fLya5G5o3KowO3JnJEQd63WrUJJUlQt0d6R3lXFnglpU3fGJEuGBPtVEG-EV2CRdhJbLNMWlB9T8Nk-T0rB7TIlkWQNPFrLVMKUM-r0LXCna1doZlh75tTZTh0aguI5WYX3mhrVTA-Pscsfv4I3qOeQEde1DNdxAg-0OSN-v_8EjHhEBXDHrX9fZwZcqltT72AHVPlEYnGqXIMUHxjIkjQ9fF4P4AJRnRY31JTNmWFyZozT8BH1i8T-d0QYXIFFqAXI93vq5NU1iW2ERwnErw4CtvPoGLXE25MsfKflWGqHiUFJ-u1WM4I_GA&sai=AMfl-YSa7ytS0j2Boj2s8tne3JPEAc4ukSMG3g_KN-HaBSfeCT0wZYtukfcmp1zd_a1LEstMLEVHFkhWWKdsqIWI4ljPw8f_-oPiKOC1AP82F7PJrZ_M8hDbpgxnYgQh3iw&sig=Cg0ArKJSzN1YxOnPONEiEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://shadowandact.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 27 May 2022 18:51:34 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Fri, 27 May 2022 18:51:34 GMT
truncated
/ Frame 6295 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
44f5552055c20dbc4b5e2f819d4f3a0ea388ca5410c07bbd7eaa0b47697c9c56

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Content-Type
image/png
dv-measurements2767.js
cdn.doubleverify.com/ Frame 8733 		531 KB
98 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dv-measurements2767.js
Requested by
Host: shadowandact.com
URL: https://shadowandact.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:68a::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
cf49fc361a840ed23a9d4aa0d4d90753d84308079e887fce936b69f0be4eebea

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://shadowandact.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Fri, 27 May 2022 18:51:34 GMT
Content-Encoding
gzip
Last-Modified
Mon, 16 May 2022 08:44:28 GMT
Server
Microsoft-IIS/10.0
ETag
"03e2427169d81:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=946080900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
100235
vevent
ams1-ib.adnxs.com/ Frame 6295 		0
832 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://ams1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fshadowandact.com%2F&e=wqT_3QLPCOhPBAAAAwDWAAUBCLS7xJQGEOKr6MiE_pH8XRgAKjYJ6-I2GsBbsD8ReNFXkGYsqj8ZAAAAIFyPCEAheA0SACkRJNAxAAAAoEfh2j8wrMevCjitP0DmWUjZA1D3-rqdAVjG0U9gAGjE5mh4v4EDgAEBigEDVVNEkgUG8O2YAcoHoAH6AagBAbABALgBAcABBcgBAtABANgBAOABAPABANgCAOACuMM-6gIZaHR0cHM6Ly9zaGFkb3dhbmRhY3QuY29tL4ADAIgDAZADAJgDF6ADAaoDxgQKjQRodHRwOi8vZC5hZHVwLXRlY2guY29tL3J0Yi91bnNlY3VyZS13aW4_cD0yMmFmNGFmNjgwZWFmYzU3MTNjYTA2ZTg5MGNiMmRlYiZzaWQ9MjY4OSZ0aWQ9bHQ0bk95MHlOamc1WHpBdE56UXdNRFV4TnpJeE5qYzFNakE0T0RJeU5pQWdJQ0FnSUNBZ0lDQWdJDQjwaSZiaWQ9MC4wNjM5JmNwbWNyeXB0PSR7QVVDVElPTl9QUklDRX0mcnQ9MTY1MzY3NzQ5Mi43MDk5MDM3JmRhdGE9ZEFBQkFQQTRtUUFBQUFBQUVBQWVBT3FtQnpxWjY3azRBQUNBUHdFQUEBHQEefgEAFFFDNjNKZwkmDEdRQUEBC3RNM016RDVZZVFBQXlnUDZBSUlLQUFDczQwc0JBQUEBBBhBTXdBQUFGAS0IQklLAQwIZ0FDAUXwgUVBQkVSVWhGYzJoaFpHOTNZVzVrWVdOMExtTnZiVGMzTURka1lXWm1OVGt4T1dRd01URTBPR1UxWkRreVpqUTBPR0UyT0RnNCZkaT0xJmRzPTEmc3NwdWlkPTh5ejZfZGJkUWhDdGRpa1IyMHVtJnJlZj1odHRwcyUzQSUyRiUyRnM6IQLwmiUyRhoTNjc3MTI0MTEzNzA5NTcxMDE3OCoFMTE0OTQ6GE1YZzVOekI0TWpVd2VGczFNREE0WFFfX8ADrALIAwDYA_qYkwHgAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQKODEuOTUuNS4zNqgEALIEDwgAEAEY2AUgWigAMAA4ArgEAMAEAMgEANoEAggB4AQB8AT3YSNYiAUBmAUAoAWi6a6Vr-b62WbABQDJBQAFARTwP9IFCQkFC3wAAADYBQHgBQHwBbTMH_oFBAgAEACQBgCYBgC4BgDBBgEhIAAA8D_aBhYKEAkNGQFcEAAYAOAGAfIGAggAgAcBiAcAoAcBugcPAURIGAAgADAAOL8GQADIB7-BA9IHDRVyATgI2gcGCSdo4AcA6gcCCADwB_nTAooIAhAAlQgAAIA_mAgB&s=1efcbb0619571457058f001b4e17cb8fca4d3d1e&type=nv&nvt=5&jm=1003&px=315&py=2014&bw=970&bh=250&sid=2697754421807763089&vd=ct~0|rr~0&sv=224&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=21750700&sw=1600&sh=1200&pw=1600&ph=3971&ww=1600&wh=1200&ft=2
Requested by
Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/224/trk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.89 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
719.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://shadowandact.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 27 May 2022 18:51:34 GMT
X-Proxy-Origin
81.95.5.36; 81.95.5.36; 719.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
d24cc61e-a981-4c59-a33f-d223b6e55a11
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://shadowandact.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
postback
s.srvsynd.com/2/2.60.0/234175/AUqCbqgKEPfi8l_L/ 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.srvsynd.com/2/2.60.0/234175/AUqCbqgKEPfi8l_L/postback?ui=00000000-0000-0000-0000-000000000000&pp=453249929261197&dt=2341751597675869250012&md=2&ap=undefined&sr=connatix.com&ti=x1448421605612486237246558044160&de=2&to=3&pv=b6988ba0-68f5-49ca-97aa-3e6195926b39&di=shadowandact.com&ci=234175&sid=AUqCbqgKEPfi8l_L&oz_sc=0030275dff3765af74dbfd85&oz_df=1653677493204&oz_l=1845&cv=3
Requested by
Host: s.srvsynd.com
URL: https://s.srvsynd.com/2/2.60.0/main.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
34.253.43.221 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-253-43-221.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://shadowandact.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 27 May 2022 18:51:33 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
visit.js
tps.doubleverify.com/ Frame 8733 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tps.doubleverify.com/visit.js?gdpr=&gdpr_consent=&flvr=0&ttmms=51&ttfrms=8&bridua=3&tstype=2&eparams=DC4FC%3Dl9EEADTbpTauTauD925%40H2%3F524E%5D4%40%3ETauU2%3F4r92%3A%3Fl9EEADTbpTauTauD925%40H2%3F524E%5D4%40%3ETar9EEADTbpTauTauD925%40H2%3F524E%5D4%40%3E&srcurlD=0&aUrlD=0&ssl=https:&dfs=7&ddur=9&uid=1653677493224901&jsCallback=dvCallback_1653677493224842&dvtagver=6.1.src&navUa=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F102.0.5005.61%20Safari%2F537.36&htmlmsging=1&chro=0&hist=2&winh=1200&winw=1600&wouh=1200&wouw=1600&scah=1200&scaw=1600&jsver=2767&tgjsver=2767&lvvn=28&m1=13&refD=1&referrer=https%3A%2F%2Fshadowandact.com%2F&fwc=4&fcl=276&flt=0&fec=1443&fcifrms=17&brh=2&sdf=2&dvp_epl=151&noc=4&ctx=24192157&cmp=DV701242&btreg=5733375311138354784080&btadsrv=5733375311138354784080&adsrv=104&unit=1x1&seltag=1&sadv=5028042685&ord=2877215675&litm=5733375311&scrt=138354784080&splc=/11462305847/shadow/home&adu=22477006128&errorURL=https://tps.doubleverify.com/visit.jpg&mib=0&dvp_scripthash=1&t2te=0&dvp_qtpid=3dbc3bcc-7c9d-47ec-b46d-8fb452fe615c&dvp_qtsid=b84fa991-a90f-4cf8-8cf0-3b5301703570&dvp_rcp=2&dvp_htec=1&dvp_seem=2&dvp_tuk=1&dvp_sukv=2659103970.2363977&dvp_tukv=486991040367.56665&dvp_uuid=141235859714.43677&dvp_tuid=1455635739396
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements2767.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.149.12.213 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
213.12.149.34.bc.googleusercontent.com
Software
/
Resource Hash
7165cd5d27b08f03681eb8df34dd57ca57ac241b6e72fbf31252e6cf02481079

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://shadowandact.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 27 May 2022 18:51:34 GMT
Content-Encoding
br
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
max-age=0
Transfer-Encoding
chunked
Connection
keep-alive
Expires
05/26/2022 18:51:34
/
sumo.com/api/load/ 		728 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://sumo.com/api/load/
Requested by
Host: load.sumo.com
URL: https://load.sumo.com/73.0a035390359aab65eb82.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.34.133.113 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-34-133-113.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
2785b55f5bc0a7edd3b6f9a4efe566a8e09f2e172d0f237e3b5a096a205dd478
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://shadowandact.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Fri, 27 May 2022 18:51:34 GMT
vary
Origin, Accept-Encoding
server
nginx
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
access-control-allow-origin
https://shadowandact.com
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
content-length
728
sodar
pagead2.googlesyndication.com/getconfig/ 		14 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022052501&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022052501.js?cb=31067809
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0019326d57285ed051d75c9b8fccd761497c7d94ca9d7e45eef0a16d662e2449
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://shadowandact.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 27 May 2022 18:51:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10649
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022052501.js?cb=31067809
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://shadowandact.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 27 May 2022 18:51:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 27 May 2022 18:51:34 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 89FE 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://shadowandact.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
3415
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 27 May 2022 17:54:39 GMT
expires
Sat, 27 May 2023 17:54:39 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame E6B1 		783 B
534 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
48f6199e5f7ef60b8567037b2b46e734a714961698e8dfb687550861dcfe22fb
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-V-roK1Yd06-0PnpnDuIHbQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://shadowandact.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
512
content-security-policy
script-src 'report-sample' 'nonce-V-roK1Yd06-0PnpnDuIHbQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 27 May 2022 18:51:34 GMT
expires
Fri, 27 May 2022 18:51:34 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
postback
s.srvsynd.com/2/2.60.0/234175/AUqCbqgKEPfi8l_L/ 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.srvsynd.com/2/2.60.0/234175/AUqCbqgKEPfi8l_L/postback?ui=00000000-0000-0000-0000-000000000000&pp=453249929261197&dt=2341751597675869250012&md=2&ap=undefined&sr=connatix.com&ti=x1448421605612486237246558044160&de=2&to=3&pv=b6988ba0-68f5-49ca-97aa-3e6195926b39&di=shadowandact.com&ci=234175&sid=AUqCbqgKEPfi8l_L&oz_sc=0030275dff3765af74dbfd85&oz_df=1653677493403&oz_l=7339&cv=3
Requested by
Host: s.srvsynd.com
URL: https://s.srvsynd.com/2/2.60.0/main.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
34.253.43.221 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-253-43-221.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://shadowandact.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 27 May 2022 18:51:33 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
csi
csi.gstatic.com/ Frame 058F 		0
327 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~l3osvrm0&c=4453007292392&slotId=2226503646196&qqid=CJPX9NysgPgCFWOF_QcdziUDzA&gqid=th2RYqWbCanL7_UPqd6YgA0&fb=ima_html5-lima&sdkv=h.3.517.2&mrd=4&aab=0&itv=1&eee=missing-element&bi=missing-id&vast_v=4.0&icc=1&icrh=0&icri=0&icrs=1&icru=0&icp=GoogleWhyThisAd&icdi=18x18&vmfc=2&vhc=0&wta=1&hghme=1&ghmsh_eids=44725355%2C44750822%2C44760950%2C44761692%2C44762462&met.4=ghmsh_s.l3osvs9b~ghmsh_s.l3osvs9c&ghmsh_mi=22%2C18%2C&ghmsh_vi=134%2C136%2C243%2C247%2C&ghmsh_ai=139%2C140%2C250%2C&ghmsh_gvt=0&ams=1&vs=1280x720&vc=avc1.64001F&mt=video%2Fmp4&vsrc=youtube&bit=22&cpn=UMInIScPeez7ajtB
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.517.2_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4008:808::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 27 May 2022 18:51:34 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
integrator.js
adservice.google.com/adsid/ Frame 346C 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 27 May 2022 18:51:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
sodar
pagead2.googlesyndication.com/pagead/ Frame E6B1 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022052501&jk=2604962229433622&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers
b_DSvT5BjDf3L7mXasT585du80JYgOthzDrRF7aJqH4.js
pagead2.googlesyndication.com/bg/ Frame 89FE 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/b_DSvT5BjDf3L7mXasT585du80JYgOthzDrRF7aJqH4.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6ff0d2bd3e418c37f72fb9976ac4f9f3976ef3425880eb61cc3ad117b689a87e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 25 May 2022 19:01:12 GMT
content-encoding
br
x-content-type-options
nosniff
age
172222
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13882
x-xss-protection
0
last-modified
Tue, 24 May 2022 10:08:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 25 May 2023 19:01:12 GMT
help_outline_white_24dp_with_3px_trbl_padding.png
imasdk.googleapis.com/formats/wta/ Frame 058F 		453 B
478 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imasdk.googleapis.com/formats/wta/help_outline_white_24dp_with_3px_trbl_padding.png?wp=ca-pub-2040918413447195
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e519cc4b7b8fdc64a7aaafc1b808cde266a234205aac0d6c55589c12446d565e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/js/core/bridge3.517.2_en.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 27 May 2022 18:47:54 GMT
x-content-type-options
nosniff
age
220
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
453
x-xss-protection
0
last-modified
Wed, 13 Oct 2021 14:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
image/png
cache-control
public, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 27 May 2022 19:37:54 GMT
/
googleads.g.doubleclick.net/pagead/interaction/ Frame 058F 		42 B
359 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=CQdYVth2RYpOkC-OK9u8PzsuM4AzsofTeadeB2PnND4rRo-2-ARABIIeepkpglYKAgJgHoAGwuqHXA8gBBakC0g91iscFsj7gAgCoAwGYBACqBPYBT9BsT0h3HYVcWIjtS25DEC9bAiRALlbxFFg0_KnO18v4ysEbyeigHQCTJ_ZvxqTwnSrA-x6qa_ACmKNd1UILeObTBDp7lhl6-k7GtLNhGLPLhpv4ihFAGxImD4EhVYzlcoksCeupxzwlUaWD2DDutC6tPv3fkhUptOhRKlgfrk8qVDQPvYJNhltgY0uXy28hnFhiD4ieU3ZmTsmznT6wB0ezYSQppu5NDQRvakH_9ZxCHrk9MDDEKDu6mQw4dBiYqpXzc_l8EpoguEvnYoc7kiYR4MgqjW4lGLYC7dyMRZk3iQ_7Qh9usAYhO8u8jCk4tggrEIUewASqiu6V4QPgBAGgBlSAB57s9oMDqAeOzhuoB5PYG6gHnNwbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwGoCAHSCAkIgOGAcBABGB2xCYQMPGVCGkp4gAoDmAsByAsB0AsOuAwB2BMM0BUB4hYCCAH4FgGAFwE&sigh=Gd1LwWyyLLg&label=show_ad&acvw=&sdkv=h.3.517.2&vci=CmsIARIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgdBZFNlbnNlIAQqDDUzNjMyMDgwMzAzMTIMNTg1NDgwMDgwODc4QJ4DUiMQDyUAAKBBKAE6C3hYVHAtZ1pnTnRnQglnb29nbGVhZHNQABgB
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 27 May 2022 18:51:34 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
adview
pubads.g.doubleclick.net/pagead/ Frame 058F 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubads.g.doubleclick.net/pagead/adview?ai=C6J24th2RYpOkC-OK9u8PzsuM4AzsofTeadeB2PnND4rRo-2-ARABIIeepkpglYKAgJgHoAGwuqHXA8gBBakC0g91iscFsj7gAgCoAwGYBACqBPMBT9BsT0h3HYVcWIjtS25DEC9bAiRALlbxFFg0_KnO18v4ysEbyeigHQCTJ_ZvxqTwnSrA-x6qa_ACmKNd1UILeObTBDp7lhl6-k7GtLNhGLPLhpv4ihFAGxImD4EhVYzlcoksCeupxzwlUaWD2DDutC6tPv3fkhUptOhRKlgfrk8qVDQPvYJNhltgY0uXy28hnFhiD4ieU3ZmTsmznT6wB0ezYSQppu5NDQRvakH_9ZxCHrk9MDDEKDu6mQw4dBiYqpXzc_l8Epp4uen7ar2tsLTcFls0RP0trRQHWlbUWpOzgCHjm7LUtbGh592QlObrPRbiwASqiu6V4QPgBAGgBlSAB57s9oMDqAeOzhuoB5PYG6gHnNwbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBDf5yKoCAHSCAkIgOGAcBABGB2ACgPICwHCEwYYsLqh1wPYEwzQFQHiFgIIAYAXAbIXHgocCAASFHB1Yi0yNTM5MzU1OTYwNDAyNzk4GIfEHQ&sigh=prQ4BBIC8F0&cmd=Ch1jYS12aWRlby1wdWItMjUzOTM1NTk2MDQwMjc5OBAAGAI&uach_m=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&vt=10&sdkv=h.3.517.2&vci=CmsIARIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgdBZFNlbnNlIAQqDDUzNjMyMDgwMzAzMTIMNTg1NDgwMDgwODc4QJ4DUiMQDyUAAKBBKAE6C3hYVHAtZ1pnTnRnQglnb29nbGVhZHNQABgB
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers
truncated
/ Frame 058F 		43 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Content-Type
image/gif
csi
csi.gstatic.com/ Frame 346C 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~l3osvr94&c=4453007292392&slotId=2226503646196&eee=missing-element&bi=missing-id&ulv=1
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4008:808::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 27 May 2022 18:51:34 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 058F 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?evt=start&format=TRUEVIEW&lid=143&sdkv=h.3.517.2&e=44725355%2C44750822%2C44760950%2C44761692%2C44762462&id=ima_html5&c=2469612171031745&domain=shadowandact.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 27 May 2022 18:51:34 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
videoplayback
rr4---sn-4g5ednly.googlevideo.com/
Redirect Chain
  • https://rr2---sn-h0jeln7e.googlevideo.com/videoplayback?expire=1653706294&ei=th2RYtOlHoqTgQeo1IL4CA&ip=81.95.5.36&id=c574e9fa066036d8&itag=22&source=youtube&requiressl=yes&mh=Ck&mm=31&mn=sn-h0jeln7...
  • https://rr4---sn-4g5ednly.googlevideo.com/videoplayback?expire=1653706294&ei=th2RYtOlHoqTgQeo1IL4CA&ip=81.95.5.36&id=c574e9fa066036d8&itag=22&source=youtube&requiressl=yes&susc=gvp&acao=yes&ctier=L...
3 MB
3 MB 		Media
General
Check archive.org
Download Go to
Full URL
https://rr4---sn-4g5ednly.googlevideo.com/videoplayback?expire=1653706294&ei=th2RYtOlHoqTgQeo1IL4CA&ip=81.95.5.36&id=c574e9fa066036d8&itag=22&source=youtube&requiressl=yes&susc=gvp&acao=yes&ctier=L&mime=video/mp4&vprv=1&dur=20.108&lmt=1648660266175374&txp=5432434&sparams=expire,ei,ip,id,itag,source,requiressl,susc,acao,ctier,mime,vprv,dur,lmt&sig=AOq0QJ8wRAIgBDwzJBkFAJRcK7sxlKj3rd0wm4Us_ToTrSanCa3yYHMCIH5wu5UIgDdvDPEAfFYcU7nKv6vfRrg7SKFEhUuTP8gA&cpn=UMInIScPeez7ajtB&redirect_counter=1&rm=sn-h0jls7l&req_id=fa7b21a6d7c36e2&cms_redirect=yes&cmsv=e&ipbypass=yes&mh=Ck&mip=2a01:4a0:2b::11&mm=31&mn=sn-4g5ednly&ms=au&mt=1653675690&mv=u&mvi=4&pl=29&lsparams=ipbypass,mh,mip,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIgCG-xzQzW4jIkkaPjexaWocWrTlU6N0L-WJGyCnv4i0kCIQDd1yEZlUQl851N2xeCo0WuKXEG8hFK38GDP_xv-OvSGQ%3D%3D
Protocol
HTTP/1.1
Server
2a00:1450:4001:67::9 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gvs 1.0 /
Resource Hash
fe89b1819788633045d05c4f1d086cf94f3f2808c54be6c81687007a3ff74851
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://shadowandact.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Fri, 27 May 2022 18:51:34 GMT
X-Content-Type-Options
nosniff
Last-Modified
Wed, 30 Mar 2022 17:11:06 GMT
Server
gvs 1.0
Vary
Origin
Content-Type
video/mp4
Content-Range
bytes 0-2688699/2688700
Cache-Control
private, max-age=28500
Cross-Origin-Resource-Policy
cross-origin
Connection
close
Accept-Ranges
bytes
Alt-Svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length
2688700
Expires
Fri, 27 May 2022 18:51:34 GMT

Redirect headers

Date
Fri, 27 May 2022 18:51:34 GMT
X-Content-Type-Options
nosniff
Last-Modified
Wed, 02 May 2007 10:26:10 GMT
Server
gvs 1.0
Vary
Origin
Content-Type
text/html
Location
https://rr4---sn-4g5ednly.googlevideo.com/videoplayback?expire=1653706294&ei=th2RYtOlHoqTgQeo1IL4CA&ip=81.95.5.36&id=c574e9fa066036d8&itag=22&source=youtube&requiressl=yes&susc=gvp&acao=yes&ctier=L&mime=video/mp4&vprv=1&dur=20.108&lmt=1648660266175374&txp=5432434&sparams=expire,ei,ip,id,itag,source,requiressl,susc,acao,ctier,mime,vprv,dur,lmt&sig=AOq0QJ8wRAIgBDwzJBkFAJRcK7sxlKj3rd0wm4Us_ToTrSanCa3yYHMCIH5wu5UIgDdvDPEAfFYcU7nKv6vfRrg7SKFEhUuTP8gA&cpn=UMInIScPeez7ajtB&redirect_counter=1&rm=sn-h0jls7l&req_id=fa7b21a6d7c36e2&cms_redirect=yes&cmsv=e&ipbypass=yes&mh=Ck&mip=2a01:4a0:2b::11&mm=31&mn=sn-4g5ednly&ms=au&mt=1653675690&mv=u&mvi=4&pl=29&lsparams=ipbypass,mh,mip,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIgCG-xzQzW4jIkkaPjexaWocWrTlU6N0L-WJGyCnv4i0kCIQDd1yEZlUQl851N2xeCo0WuKXEG8hFK38GDP_xv-OvSGQ%3D%3D
Cache-Control
private, max-age=900
Cross-Origin-Resource-Policy
cross-origin
Connection
close
Content-Length
0
Expires
Fri, 27 May 2022 18:51:34 GMT
ads
pubads.g.doubleclick.net/gampad/ Frame 19C3 		156 B
142 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F107430338%2C22655136332%2FCNX_VIDEO%2F12345-8&description_url=https%3A%2F%2Fshadowandact.com%2F&tfcd=0&%5BNPA%5D&sz=400x300%7C640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=4326454775844338&cust_params=domains%3Dshadowandact.com&ad_type=video&vad_type=linear&sdkv=h.3.517.2&osd=2&frm=1&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&u_so=l&ctv=0&sdki=44d&ptt=20&adk=1939715988&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.517.2&sid=586B667D-ED49-40DB-B6D0-E73C11B5412D&nel=0&eid=44725356%2C44760950%2C44761692%2C44762462&top=https%3A%2F%2Fshadowandact.com%2F&url=https%3A%2F%2Fshadowandact.com%2F&loc=about%3Ablank&dlt=1653677490063&idt=2840&dt=1653677493564&cookie=ID%3D209d702b8bca462e%3AT%3D1653677493%3AS%3DALNI_MZ_B5IICAil79RDw8_S-GDNCnkGNw&scor=205527481004204&ged=ve4_td4_tt1_pd4_la4000_er793.1153.952.1459_vi0.0.1200.1600_vp100_eb24171
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.517.2_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 27 May 2022 18:51:34 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
postback
s.srvsynd.com/2/2.60.0/234175/AUqCbqgKEPfi8l_L/ 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.srvsynd.com/2/2.60.0/234175/AUqCbqgKEPfi8l_L/postback?ui=00000000-0000-0000-0000-000000000000&pp=453249929261197&dt=2341751597675869250012&md=2&ap=undefined&sr=connatix.com&ti=x1448421605612486237246558044160&de=2&to=3&pv=b6988ba0-68f5-49ca-97aa-3e6195926b39&di=shadowandact.com&ci=234175&sid=AUqCbqgKEPfi8l_L&oz_sc=0030275dff3765af74dbfd85&oz_df=1653677493606&oz_l=117&cv=3
Requested by
Host: s.srvsynd.com
URL: https://s.srvsynd.com/2/2.60.0/main.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
34.253.43.221 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-253-43-221.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://shadowandact.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 27 May 2022 18:51:33 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
generate_204
tpc.googlesyndication.com/ Frame 89FE 		0
9 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?EPTiMw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 27 May 2022 18:51:34 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
/
googleads.g.doubleclick.net/pagead/interaction/ Frame 058F 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=CQdYVth2RYpOkC-OK9u8PzsuM4AzsofTeadeB2PnND4rRo-2-ARABIIeepkpglYKAgJgHoAGwuqHXA8gBBakC0g91iscFsj7gAgCoAwGYBACqBPYBT9BsT0h3HYVcWIjtS25DEC9bAiRALlbxFFg0_KnO18v4ysEbyeigHQCTJ_ZvxqTwnSrA-x6qa_ACmKNd1UILeObTBDp7lhl6-k7GtLNhGLPLhpv4ihFAGxImD4EhVYzlcoksCeupxzwlUaWD2DDutC6tPv3fkhUptOhRKlgfrk8qVDQPvYJNhltgY0uXy28hnFhiD4ieU3ZmTsmznT6wB0ezYSQppu5NDQRvakH_9ZxCHrk9MDDEKDu6mQw4dBiYqpXzc_l8EpoguEvnYoc7kiYR4MgqjW4lGLYC7dyMRZk3iQ_7Qh9usAYhO8u8jCk4tggrEIUewASqiu6V4QPgBAGgBlSAB57s9oMDqAeOzhuoB5PYG6gHnNwbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwGoCAHSCAkIgOGAcBABGB2xCYQMPGVCGkp4gAoDmAsByAsB0AsOuAwB2BMM0BUB4hYCCAH4FgGAFwE&sigh=Gd1LwWyyLLg&label=video_ad_loaded&acvw=&sdkv=h.3.517.2&vci=CmsIARIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgdBZFNlbnNlIAQqDDUzNjMyMDgwMzAzMTIMNTg1NDgwMDgwODc4QJ4DUiMQDyUAAMhBKAE6C3hYVHAtZ1pnTnRnQglnb29nbGVhZHNQABgB
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 27 May 2022 18:51:34 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Oy6hyfNY.js
tpc.googlesyndication.com/sodar/ Frame 058F 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Oy6hyfNY.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.517.2_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3b2ea1c9f3587781b58285cf64279e67f6329a3924fb93f81529f1826e2f4d16
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Tue, 24 May 2022 10:58:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
287571
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15406
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
expires
Wed, 24 May 2023 10:58:43 GMT
adview
pubads.g.doubleclick.net/pagead/ Frame 058F 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubads.g.doubleclick.net/pagead/adview?ai=C6J24th2RYpOkC-OK9u8PzsuM4AzsofTeadeB2PnND4rRo-2-ARABIIeepkpglYKAgJgHoAGwuqHXA8gBBakC0g91iscFsj7gAgCoAwGYBACqBPMBT9BsT0h3HYVcWIjtS25DEC9bAiRALlbxFFg0_KnO18v4ysEbyeigHQCTJ_ZvxqTwnSrA-x6qa_ACmKNd1UILeObTBDp7lhl6-k7GtLNhGLPLhpv4ihFAGxImD4EhVYzlcoksCeupxzwlUaWD2DDutC6tPv3fkhUptOhRKlgfrk8qVDQPvYJNhltgY0uXy28hnFhiD4ieU3ZmTsmznT6wB0ezYSQppu5NDQRvakH_9ZxCHrk9MDDEKDu6mQw4dBiYqpXzc_l8Epp4uen7ar2tsLTcFls0RP0trRQHWlbUWpOzgCHjm7LUtbGh592QlObrPRbiwASqiu6V4QPgBAGgBlSAB57s9oMDqAeOzhuoB5PYG6gHnNwbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBDf5yKoCAHSCAkIgOGAcBABGB2ACgPICwHCEwYYsLqh1wPYEwzQFQHiFgIIAYAXAbIXHgocCAASFHB1Yi0yNTM5MzU1OTYwNDAyNzk4GIfEHQ&sigh=prQ4BBIC8F0&cmd=Ch1jYS12aWRlby1wdWItMjUzOTM1NTk2MDQwMjc5OBAAGAI&uach_m=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&sdkv=h.3.517.2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers
/
googleads.g.doubleclick.net/pagead/interaction/ Frame 058F 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=CLh5-th2RYpOkC-OK9u8PzsuM4AzsofTeadeB2PnND4rRo-2-ARABIIeepkpglYKAgJgHoAGwuqHXA8gBBakC0g91iscFsj7gAgCoAwGYBACqBPMBT9BsT0h3HYVcWIjtS25DEC9bAiRALlbxFFg0_KnO18v4ysEbyeigHQCTJ_ZvxqTwnSrA-x6qa_ACmKNd1UILeObTBDp7lhl6-k7GtLNhGLPLhpv4ihFAGxImD4EhVYzlcoksCeupxzwlUaWD2DDutC6tPv3fkhUptOhRKlgfrk8qVDQPvYJNhltgY0uXy28hnFhiD4ieU3ZmTsmznT6wB0ezYSQppu5NDQRvakH_9ZxCHrk9MDDEKDu6mQw4dBiYqpXzc_l8Epp4uen7ar2tsLTcFls0RP0trRQHWlbUWpOzgCHjm7LUtbGh592QlObrPRbiwASqiu6V4QPgBAGgBlSAB57s9oMDqAeOzhuoB5PYG6gHnNwbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwGoCAHSCAkIgOGAcBABGB2ACgPICwHYEwzQFQHiFgIIAfgWAYAXAQ&sigh=vveOwYETG-Q&cmd=Ch1jYS12aWRlby1wdWItMjUzOTM1NTk2MDQwMjc5OBAAGAI&label=vast_creativeview&ad_mt=0&acvw=sv%3D926%26cb%3Dima%26e%3D19%26nas%3D1%26sdk%3Dh%26p%3D774,1131,970,1480%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26at%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D20062%26vmtime%3D-1%26is%3D275%26cs%3D274%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26lte%3D1%26ces%26femt%3D899%26femvt%3D0%26emc%3D3%26emuc%3D0%26emb%3D2,0,0,0,0%26avms%3Dexc%26qi%3D666548109%26psm%3D-2147483648%26psv%3D-2147483648%26psfv%3D-2147483648%26psa%3D0%26pnmm%3D1653677492155%26ptlt%3D1653677493718%26pngs%3D9,14,15%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26ss%3D0.03%26t%3D1653677493512&sdkv=h.3.517.2&vci=Cm4IARIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgdBZFNlbnNlIAQqDDUzNjMyMDgwMzAzMTIMNTg1NDgwMDgwODc4QJ4DUiYQDyUAAMhBKAE6C3hYVHAtZ1pnTnRnQglnb29nbGVhZHNIwQFQABgB
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 27 May 2022 18:51:34 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 058F 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvz1tgSiwulGOjdjYjE97pgCFqs78GTOJYgPwEzGohBZe_1_mvUZXjQxMKPUBZ2pMcsKBWAC83m-p9S4jlQDlBaAJDi1MC6Xx07V0PmwwcMtaTj85T-unzJc0KXvzIaDpWGu9jBxwMjIMbOT-dnfv0&sai=AMfl-YQRA61LrIk-vnHlS_Waes-ZVuVXnMXmDVpR0mD2yY3DJesX9wN56bczioOd7SU_l-ZT1NBIggLuvN-y8li2sTloYMTqhbBbHSwXIwFVorOmtGd3AMvG81fn5Dg&sig=Cg0ArKJSzIj3SzNJd02uEAE&cid=CAAST-RoCfR4TnNU5ojJdT3i-UM_IjR1U2rbKiHibfG5VPJ-a6RQaLhZyy6q_RKcLQqh0XfA0vUzUSSxR8_6N0eNevjsFWhMMDZ1IY8bclBWq6o&id=lidarv&acvw=sv%3D926%26cb%3Dima%26e%3D15%26nas%3D1%26sdk%3Dh%26p%3D774,1131,970,1480%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D20062%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D275%26ic%3D274%26cs%3D274%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26lte%3D1%26ces%26femt%3D899%26femvt%3D0%26emc%3D3%26emuc%3D0%26emb%3D2,0,0,0,0%26avms%3Dexc%26qi%3D666548109%26psm%3D-2147483648%26psv%3D-2147483648%26psfv%3D-2147483648%26psa%3D0%26pnmm%3D1653677492155%26ptlt%3D1653677493720%26pngs%3D9,14,15%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0.03%26t%3D1653677493512&avm=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 27 May 2022 18:51:34 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/interaction/ Frame 058F 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=CLh5-th2RYpOkC-OK9u8PzsuM4AzsofTeadeB2PnND4rRo-2-ARABIIeepkpglYKAgJgHoAGwuqHXA8gBBakC0g91iscFsj7gAgCoAwGYBACqBPMBT9BsT0h3HYVcWIjtS25DEC9bAiRALlbxFFg0_KnO18v4ysEbyeigHQCTJ_ZvxqTwnSrA-x6qa_ACmKNd1UILeObTBDp7lhl6-k7GtLNhGLPLhpv4ihFAGxImD4EhVYzlcoksCeupxzwlUaWD2DDutC6tPv3fkhUptOhRKlgfrk8qVDQPvYJNhltgY0uXy28hnFhiD4ieU3ZmTsmznT6wB0ezYSQppu5NDQRvakH_9ZxCHrk9MDDEKDu6mQw4dBiYqpXzc_l8Epp4uen7ar2tsLTcFls0RP0trRQHWlbUWpOzgCHjm7LUtbGh592QlObrPRbiwASqiu6V4QPgBAGgBlSAB57s9oMDqAeOzhuoB5PYG6gHnNwbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwGoCAHSCAkIgOGAcBABGB2ACgPICwHYEwzQFQHiFgIIAfgWAYAXAQ&sigh=vveOwYETG-Q&cmd=Ch1jYS12aWRlby1wdWItMjUzOTM1NTk2MDQwMjc5OBAAGAI&label=part2viewed&ad_mt=0&acvw=sv%3D926%26cb%3Dima%26e%3D0%26nas%3D1%26sdk%3Dh%26p%3D774,1131,970,1480%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D20062%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D275%26i0%3D275%26ic%3D0%26cs%3D274%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26lte%3D1%26ces%26femt%3D899%26femvt%3D0%26emc%3D3%26emuc%3D0%26emb%3D2,0,0,0,0%26avms%3Dexc%26qi%3D666548109%26psm%3D-2147483648%26psv%3D-2147483648%26psfv%3D-2147483648%26psa%3D0%26pnmm%3D1653677492155%26ptlt%3D1653677493721%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0.03%26t%3D1653677493512&sdkv=h.3.517.2&vci=Cm4IARIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgdBZFNlbnNlIAQqDDUzNjMyMDgwMzAzMTIMNTg1NDgwMDgwODc4QJ4DUiYQDyUAAMhBKAE6C3hYVHAtZ1pnTnRnQglnb29nbGVhZHNIwQFQABgB
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 27 May 2022 18:51:34 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 058F 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?evt=showui&format=TRUEVIEW&lid=143&sdkv=h.3.517.2&e=44725355%2C44750822%2C44760950%2C44761692%2C44762462&id=ima_html5&c=2469612171031745&domain=shadowandact.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 27 May 2022 18:51:34 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/interaction/ Frame 058F 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=CLh5-th2RYpOkC-OK9u8PzsuM4AzsofTeadeB2PnND4rRo-2-ARABIIeepkpglYKAgJgHoAGwuqHXA8gBBakC0g91iscFsj7gAgCoAwGYBACqBPMBT9BsT0h3HYVcWIjtS25DEC9bAiRALlbxFFg0_KnO18v4ysEbyeigHQCTJ_ZvxqTwnSrA-x6qa_ACmKNd1UILeObTBDp7lhl6-k7GtLNhGLPLhpv4ihFAGxImD4EhVYzlcoksCeupxzwlUaWD2DDutC6tPv3fkhUptOhRKlgfrk8qVDQPvYJNhltgY0uXy28hnFhiD4ieU3ZmTsmznT6wB0ezYSQppu5NDQRvakH_9ZxCHrk9MDDEKDu6mQw4dBiYqpXzc_l8Epp4uen7ar2tsLTcFls0RP0trRQHWlbUWpOzgCHjm7LUtbGh592QlObrPRbiwASqiu6V4QPgBAGgBlSAB57s9oMDqAeOzhuoB5PYG6gHnNwbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwGoCAHSCAkIgOGAcBABGB2ACgPICwHYEwzQFQHiFgIIAfgWAYAXAQ&sigh=vveOwYETG-Q&cmd=Ch1jYS12aWRlby1wdWItMjUzOTM1NTk2MDQwMjc5OBAAGAI&label=admute&ad_mt=0&acvw=sv%3D926%26cb%3Dima%26e%3D10%26nas%3D1%26sdk%3Dh%26p%3D774,1131,970,1480%26tos%3D13,0,0,0,0%26mtos%3D13,13,13,13,13%26amtos%3D0,0,0,0,0%26mcvt%3D13%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D13%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D13%26pst%3D-1%26dur%3D20062%26vmtime%3D-1%26dvs%3D13%26dfvs%3D13%26dvpt%3D13%26is%3D275%26i0%3D275%26ic%3D4096%26cs%3D4370%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26lte%3D1%26ces%26femt%3D899%26femvt%3D0%26emc%3D3%26emuc%3D0%26emb%3D2,0,0,0,0%26avms%3Dexc%26qi%3D666548109%26psm%3D-2147483648%26psv%3D-2147483648%26psfv%3D-2147483648%26psa%3D0%26pnmm%3D1653677492155%26ptlt%3D1653677493726%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,13&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0.03%26t%3D1653677493512&sdkv=h.3.517.2&vci=Cm4IARIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgdBZFNlbnNlIAQqDDUzNjMyMDgwMzAzMTIMNTg1NDgwMDgwODc4QJ4DUiYQDyUAAMhBKAE6C3hYVHAtZ1pnTnRnQglnb29nbGVhZHNIwQFQABgB
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 27 May 2022 18:51:34 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ai
capi-tier-1-us-east-2.connatix.com/tr/ Frame 346C 		4 B
321 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi-tier-1-us-east-2.connatix.com/tr/ai?v=164162
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.189.255.1 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-189-255-1.us-east-2.compute.amazonaws.com
Software
Kestrel /
Resource Hash
24f09448658e2e0e9af9ee648ec4f31218d4b5103704aa2faad2180c9f15fb43

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
multipart/form-data

Response headers

date
Fri, 27 May 2022 18:51:34 GMT
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
application/x-protobuf
access-control-allow-origin
https://shadowandact.com
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
24
hhrtBw21.html
tpc.googlesyndication.com/sodar/ Frame 2B77 		23 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/hhrtBw21.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Oy6hyfNY.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
861aed070db50ce0da9928455deff784c115b44540b09450f225ff7cff0c7429
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://imasdk.googleapis.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
47177
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8727
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 27 May 2022 05:45:17 GMT
expires
Sat, 27 May 2023 05:45:17 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
services
sumo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://sumo.com/services
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.34.133.113 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-34-133-113.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
x-sumo-auth
Access-Control-Request-Method
POST
Origin
https://shadowandact.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
pragma, x-requested-with, accept, x-sumo-auth, x-sumo-token, content-type
access-control-allow-methods
GET,HEAD,PUT,POST,DELETE
access-control-allow-origin
https://shadowandact.com
access-control-max-age
2592000
date
Fri, 27 May 2022 18:51:35 GMT
server
nginx
services
sumo.com/ 		124 B
520 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sumo.com/services
Requested by
Host: load.sumo.com
URL: https://load.sumo.com/73.0a035390359aab65eb82.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.34.133.113 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-34-133-113.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
88d1d0dd8730d866219619561304b3b5c22e3999a59dab5f70b88384312eff0f
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Accept
application/json, text/javascript, */*; q=0.01
X-Sumo-Auth
TVdZO8hSfHtKXgAbWGHMydJH
Referer
https://shadowandact.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Fri, 27 May 2022 18:51:35 GMT
vary
Origin, Accept-Encoding
server
nginx
x-frame-options
SAMEORIGIN
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
https://shadowandact.com
access-control-allow-credentials
true
content-type
application/json; charset=utf-8
content-length
124
2wSGrAFU2I9l4rVgSoL7oTdOOQiRBWDpfuX3kVoAHAw.js
pagead2.googlesyndication.com/bg/ Frame 2B77 		35 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/2wSGrAFU2I9l4rVgSoL7oTdOOQiRBWDpfuX3kVoAHAw.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/hhrtBw21.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
db0486ac0154d88f65e2b5604a82fba1374e3908910560e97ee5f7915a001c0c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 27 May 2022 14:03:05 GMT
content-encoding
br
x-content-type-options
nosniff
age
17309
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13827
x-xss-protection
0
last-modified
Tue, 24 May 2022 10:08:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 27 May 2023 14:03:05 GMT
postback
s.srvsynd.com/2/2.60.0/234175/AUqCbqgKEPfi8l_L/ 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.srvsynd.com/2/2.60.0/234175/AUqCbqgKEPfi8l_L/postback?ui=00000000-0000-0000-0000-000000000000&pp=453249929261197&dt=2341751597675869250012&md=2&ap=undefined&sr=connatix.com&ti=x1448421605612486237246558044160&de=2&to=3&pv=b6988ba0-68f5-49ca-97aa-3e6195926b39&di=shadowandact.com&ci=234175&sid=AUqCbqgKEPfi8l_L&oz_sc=0030275dff3765af74dbfd85&oz_df=1653677493835&oz_l=254&cv=3
Requested by
Host: s.srvsynd.com
URL: https://s.srvsynd.com/2/2.60.0/main.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
34.253.43.221 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-253-43-221.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://shadowandact.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 27 May 2022 18:51:34 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
sv
capi-tier-1-us-east-2.connatix.com/tr/ Frame 346C 		0
317 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi-tier-1-us-east-2.connatix.com/tr/sv?v=164162
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.189.255.1 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-189-255-1.us-east-2.compute.amazonaws.com
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
multipart/form-data

Response headers

date
Fri, 27 May 2022 18:51:34 GMT
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
application/x-protobuf
access-control-allow-origin
https://shadowandact.com
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
20
732b25bc-f90d-4aeb-b623-971775fc97b2
https://shadowandact.com/ 		772 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://shadowandact.com/732b25bc-f90d-4aeb-b623-971775fc97b2
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2b3593455a68e6ab96925ee0ae065dc47c18efcc02e6d8fb854b2df30dc3a433

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Content-Length
772
csi
csi.gstatic.com/ Frame 058F 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~l3osvsa3&c=4453007292392&slotId=2226503646196&qqid=CJPX9NysgPgCFWOF_QcdziUDzA&gqid=th2RYqWbCanL7_UPqd6YgA0&fb=ima_html5-lima&sdkv=h.3.517.2&mrd=4&aab=0&itv=1&met.4=ghmsh_s.l3osvsa5~vss_tr.118~ff.l3osvsgr
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.517.2_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4008:808::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 27 May 2022 18:51:35 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
playback
s.youtube.com/api/stats/ Frame 058F 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.youtube.com/api/stats/playback?ns=yt&fexp=44725355%2C44750822%2C44760950%2C44761692%2C44762462&el=adunit&cpn=UMInIScPeez7ajtB&docid=xXTp-gZgNtg&visitordata=Cgs2dWtfZ1pibE1zYw%253D%253D&ver=2&cmt=0.199&fmt=18&rt=0.000&adformat=2_2_1&euri=https%3A%2F%2Fshadowandact.com%2F&len=20.062&vtype=gvp&c=web_gvp_ads&cver=h.0.0.0&cbr=Chrome&cbrver=102.0.5005.61&cos=Linux%20x86_64&cosver=537.36&cplatform=desktop&mos=1&volume=0&delay=18&rtn=10
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::65 Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers
postback
s.srvsynd.com/2/2.60.0/234175/AUqCbqgKEPfi8l_L/ 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.srvsynd.com/2/2.60.0/234175/AUqCbqgKEPfi8l_L/postback?ui=00000000-0000-0000-0000-000000000000&pp=453249929261197&dt=2341751597675869250012&md=2&ap=undefined&sr=connatix.com&ti=x1448421605612486237246558044160&de=2&to=3&pv=b6988ba0-68f5-49ca-97aa-3e6195926b39&di=shadowandact.com&ci=234175&sid=AUqCbqgKEPfi8l_L&oz_sc=0030275dff3765af74dbfd85&oz_df=1653677494001&oz_l=446&cv=3
Requested by
Host: s.srvsynd.com
URL: https://s.srvsynd.com/2/2.60.0/main.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
34.253.43.221 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-253-43-221.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://shadowandact.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 27 May 2022 18:51:34 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
gen_204
pagead2.googlesyndication.com/pagead/ Frame 2B77 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=36&t=2&li=v_h.3.517.2&bgai=B3rKoth2RYpOkC-OK9u8PzsuM4AwAAAAAOAG6BRMIpc7y3KyA-AIVqeW7CB0pLwbQ&bg=!R0SlRADNAAao8wy8iPM7ACkAdvg8WklT4xzDjSjsQwK_elOAyiCYLEvKjs-8sEc7ntcc3P7a-7zOagIAAAB5UgAAAAloAQeZAlV0CLBNIhjpkGlL6GHNt4ZqTJIpmSZ-bSjCa3I_wo6r58r-7wmYs2rMQuo1cQEnDY8LMzEV9rJK9qq_OACr-MBCPKDUWNAJZtlfmXISedK_Hp4eno8ZmRxeGIPZib2LEaS6gMwbzJjpxUziHiPbdZvNWUS-3qd1L-v3sdZxmg8vA_YGFuSOOJiIiLrrEQEECMsGWTaD668oHxSGckEUv46F9JFI1qFdzu3M-aQKXqguuE2Ug4Sw72Mw8DVtrjU4N1IY4RedkK9m-lAfNYjK_a18tAQNGu-qTB1li-yY2eNl74Kv1vObjQgBp9P1tqGXPo6lJ1UDIe2vdSK7S2Q7LZ2qYeLU7CHtcYME9WsbDvyT-0wbiSik3pIyMYFsONbXxae_q3JVuWGtV4bjmqV0Z4bQ2-Bx0pxY_zICoLANmE2q1oZD1n6dFJKxsNJSnZ0Z0jkhF0XFHqADQOJ_3592eGR6dldx9C59CC96p-TrYywI-Yb2UvwgByOlM3y4P3qISNJB83PZsqsy1e8KOG-oKFfqQxfUAtaBz82_sPiGUxOS7V6nfgPTSg0FnWacf-ojOqyjX7NaBAC-twalTUDvm_vsAG3lPdM2jOkWxkvfzMF8WNejf6_R1DO8vVwsKv-Wu9TpOX8-Io-xkj-jUvw_OJk9dnYY2faMR3jy0BQ-CwFZKqt7kk870zHQrv-TrKxFqZUUoZmu70En7lqZPxE5UWUVB2P-RAokAzzX9DPo-4B9AtqQWLYLxxcIXfIlN_GFbrtmzNz-9sSGovVzH8v2-b0Eug35EE4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 27 May 2022 18:51:35 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
postback
s.srvsynd.com/2/2.60.0/234175/AUqCbqgKEPfi8l_L/ 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.srvsynd.com/2/2.60.0/234175/AUqCbqgKEPfi8l_L/postback?ui=00000000-0000-0000-0000-000000000000&pp=453249929261197&dt=2341751597675869250012&md=2&ap=undefined&sr=connatix.com&ti=x1448421605612486237246558044160&de=2&to=3&pv=b6988ba0-68f5-49ca-97aa-3e6195926b39&di=shadowandact.com&ci=234175&sid=AUqCbqgKEPfi8l_L&oz_sc=0030275dff3765af74dbfd85&oz_df=1653677494178&oz_l=10883&cv=3
Requested by
Host: s.srvsynd.com
URL: https://s.srvsynd.com/2/2.60.0/main.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
34.253.43.221 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-253-43-221.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://shadowandact.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 27 May 2022 18:51:34 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022052501&jk=2604962229433622&bg=!xsWlxYHNAAao8wy8iPM7ACkAdvg8WkGfB7cAz6WZvO794GAKNQ1MnHvmpLWRkALtDHc3PuFAhl5wHgIAAABuUgAAAARoAQcKAKe2yZDQVMGvZ_u26FmmRlC7WHyUq3tiAUPl2RQST8TRv37TUQKOfN03PaOD3Hrlp9-2ypoqKB8N18MR46xsS7yOg0C8HLsCgNc5w76M4zcSGHmbUFtMm5uwJiRLFSZ7CTH7HTmRfP54_Y-JJJgefH-pwG1JNyTaFIGaCD_DK4F2yC0cGWk0-bKitSjsITfqZRhtV9eNrl896fwbWwuLlU6XsoNUeD3HTpkCod8SEJOIy7JPdDJDCF7eWBNlQuaRWxcG0J1b0cECu4CNz79TrowP3eYQgEKwMnxymreN7CbOd6YsF8rcJFMFYhlFvg-Rnc5Me8nBTu5BQBh0eZYZP0wFBVOwl2OEMF9vmRayNrfIzvwGai34YWFashH-9HpGiL47Fobua4eGBqxdGBeR6Ze9O1Ur32barhTR1n2GsLK-kRnwLCOfLmTwPq5qTsSu45gvqXIbuAtInagSN3yTDo8SS_DwFr_iIgyh-UzHYjYgf4qV7gI9JkEUMZV3n9aJebDJGG-J3KgKdw_VaWBPp4mA9ZuS6wS-4QWlNtBgcWrNzvsJixwGrubG1ulOxOFT38DwF9MmVFgk58mgLhGVW1oQSzoArXKi7LPagOyWvSdEZ6myHlFtq8NXmznTxjRe_pvsTn6XV3u-oRAO8yNd1XbYhVvpbdBZMM5n3Fy_sN-xzGZjcB4sgYaPN3mY3ne57z8kdI3awejO8EFQenqhg_iNJoKKRhRKPo9uCNXRnd-jVUUt-j-oTaKnHzFHFNg2SLmv7RSM8C9QZT9KgFg_jy9IG0-ICNPLKPuu05HkHZJRglaLxvSsHR9rhy7FXDbxVwNqTk4mRN8XP-J995Vhw-vjK1zO5-hxTbZsywoIPl6T7-vYNZoM96MTGoFp4ZfRI1FxMQPME8WfjLGsc5FDpmX-0zo7NrjryVb04Ze_6YtiojG3-jPQuZF4TF5MorNcBpKa5j2p40wPpx3pZA_ikdQsgtRMs5SyohWopOgOljVfAMUB8v3BDY3PmKrn6V0V3N6wIap_q060FbalDBT_NwCbYSAb_DxsR50p65xRx63zm3Oixl0833ucJTKxlMqk0aIcJfqr7HURgsAPKhhXERHnIrUT_8q6kR8wlpQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://shadowandact.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers
7.0a035390359aab65eb82.js
load.sumo.com/ 		97 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://load.sumo.com/7.0a035390359aab65eb82.js
Requested by
Host: load.sumome.com
URL: https://load.sumome.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.152.64.17 Prague, Czech Republic, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-185-152-64-17.datapacket.com
Software
BunnyCDN-CZ1-887 /
Resource Hash
c60b93effcbac344d2c30270e0d97323af0f64f43f3ac4d8abd486a875477169

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://shadowandact.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 27 May 2022 18:51:35 GMT
content-encoding
br
cdn-edgestorageid
887
x-amz-request-id
7DYXE8BH00579X00
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-cachedat
03/13/2022 13:04:28
cdn-pullzone
53731
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-amz-id-2
wAXIxBbXSDIOR79DARy+4aIIA6S6Tt4BmT9BSZKbGWO/xByZh20vbM+bU06UgSciqHK1kbmLWxk=
server
BunnyCDN-CZ1-887
access-control-allow-origin
*
last-modified
Mon, 10 Jan 2022 18:22:30 GMT
cdn-proxyver
1.02
cdn-requestpullcode
200
etag
W/"3fa9c18f727d4b42fb894fda90a374e1"
vary
Accept-Encoding, Accept-Encoding
content-type
text/javascript
cdn-cache
HIT
cdn-uid
a61f2e95-f685-45ef-9e80-35f4adfb29cb
cache-control
max-age=31536000
cdn-requestid
325a164d48da9550e3ce759d9cf6e55d
cdn-requestcountrycode
DE
cdn-status
200
cdn-requestpullsuccess
True
4.0a035390359aab65eb82.js
load.sumo.com/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://load.sumo.com/4.0a035390359aab65eb82.js
Requested by
Host: load.sumome.com
URL: https://load.sumome.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.152.64.17 Prague, Czech Republic, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-185-152-64-17.datapacket.com
Software
BunnyCDN-CZ1-887 /
Resource Hash
3f351eef4b0a3ccd70ff9d4239851252a0a6eba79471e530f9deec0b3421d132

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://shadowandact.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 27 May 2022 18:51:35 GMT
content-encoding
br
cdn-edgestorageid
887
x-amz-request-id
7DYVYZXW1WZS6677
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-cachedat
03/13/2022 13:04:28
cdn-pullzone
53731
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-amz-id-2
19aEVmp7dLNwM/1L1r+WY94GmwxZn0XkLd94viHwxJumLVsdM3WPlERZH+C1dJfcQvyy5C5R1M8=
server
BunnyCDN-CZ1-887
access-control-allow-origin
*
last-modified
Mon, 10 Jan 2022 18:22:05 GMT
cdn-proxyver
1.02
cdn-requestpullcode
200
etag
W/"a39d043b7c7bba70750cf288ee5ef71a"
vary
Accept-Encoding, Accept-Encoding
content-type
text/javascript
cdn-cache
HIT
cdn-uid
a61f2e95-f685-45ef-9e80-35f4adfb29cb
cache-control
max-age=31536000
cdn-requestid
cb054f96a1268d4dcc79814da1e145cb
cdn-requestcountrycode
DE
cdn-status
200
cdn-requestpullsuccess
True
2.0a035390359aab65eb82.js
load.sumo.com/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://load.sumo.com/2.0a035390359aab65eb82.js
Requested by
Host: load.sumome.com
URL: https://load.sumome.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.152.64.17 Prague, Czech Republic, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-185-152-64-17.datapacket.com
Software
BunnyCDN-CZ1-887 /
Resource Hash
5dc9d61931a73fa03b59af510868b7e89e4523df5a53935212ca8a9b31af0b8d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://shadowandact.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 27 May 2022 18:51:35 GMT
content-encoding
br
cdn-edgestorageid
887
x-amz-request-id
7DYHZDNXAERXPJAN
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-cachedat
03/13/2022 13:04:28
cdn-pullzone
53731
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-amz-id-2
NQ3cHWfwJubWdxx8Rd4YCM2hhME/pmoqqWA5EPbOy/sNYR/oLTe/b3U1C5Rqow5e5wHBmRfgQDg=
server
BunnyCDN-CZ1-887
access-control-allow-origin
*
last-modified
Mon, 10 Jan 2022 18:21:48 GMT
cdn-proxyver
1.02
cdn-requestpullcode
200
etag
W/"6bfdf1ae8492f107706ac037915be663"
vary
Accept-Encoding, Accept-Encoding
content-type
text/javascript
cdn-cache
HIT
cdn-uid
a61f2e95-f685-45ef-9e80-35f4adfb29cb
cache-control
max-age=31536000
cdn-requestid
0a918f6954ec44defe9f09aa80111aa1
cdn-requestcountrycode
DE
cdn-status
200
cdn-requestpullsuccess
True
10.0a035390359aab65eb82.js
load.sumo.com/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://load.sumo.com/10.0a035390359aab65eb82.js
Requested by
Host: load.sumome.com
URL: https://load.sumome.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.152.64.17 Prague, Czech Republic, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-185-152-64-17.datapacket.com
Software
BunnyCDN-CZ1-887 /
Resource Hash
4b6753aef2f81a4813434523b259d9d19f368ae41cd40162bf0897bc4e334cb9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://shadowandact.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 27 May 2022 18:51:35 GMT
content-encoding
br
cdn-edgestorageid
887
x-amz-request-id
7DYPDQRG468TN8TQ
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-cachedat
03/13/2022 13:04:28
cdn-pullzone
53731
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-amz-id-2
vTl/O7NxKeYNAo34wBPEaVRcGTtT2ilFAiLKLR17QdhjmAz9onYXwsmWnSYgXhmjR+BUrp4gpO4=
server
BunnyCDN-CZ1-887
access-control-allow-origin
*
last-modified
Mon, 10 Jan 2022 18:21:34 GMT
cdn-proxyver
1.02
cdn-requestpullcode
200
etag
W/"fc263e7087822a0b00ff93677d6df4ea"
vary
Accept-Encoding, Accept-Encoding
content-type
text/javascript
cdn-cache
HIT
cdn-uid
a61f2e95-f685-45ef-9e80-35f4adfb29cb
cache-control
max-age=31536000
cdn-requestid
f5dd07dae727c88ca712f9a96892a359
cdn-requestcountrycode
DE
cdn-status
200
cdn-requestpullsuccess
True
22.0a035390359aab65eb82.js
load.sumo.com/ 		92 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://load.sumo.com/22.0a035390359aab65eb82.js
Requested by
Host: load.sumome.com
URL: https://load.sumome.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.152.64.17 Prague, Czech Republic, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-185-152-64-17.datapacket.com
Software
BunnyCDN-CZ1-887 /
Resource Hash
4c2a0a41bdbc55f5d0f74f367110639cb7fe35122a7a140846d1395d21609a6d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://shadowandact.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 27 May 2022 18:51:35 GMT
content-encoding
br
cdn-edgestorageid
887
x-amz-request-id
7DYTRJG0VEXB5FKV
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-cachedat
03/13/2022 13:04:28
cdn-pullzone
53731
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-amz-id-2
kUYBmyXOKL4f13PsnIlweF9QeY9UF72hlXxRE4Ld0pp6A0gbTK21M/QgZTm+VWFcvuFhdTDnCiw=
server
BunnyCDN-CZ1-887
access-control-allow-origin
*
last-modified
Mon, 10 Jan 2022 18:21:50 GMT
cdn-proxyver
1.02
cdn-requestpullcode
200
etag
W/"8af82c4c30a069f66de02526c2f332af"
vary
Accept-Encoding, Accept-Encoding
content-type
text/javascript
cdn-cache
HIT
cdn-uid
a61f2e95-f685-45ef-9e80-35f4adfb29cb
cache-control
max-age=31536000
cdn-requestid
c83898ed3e4c0cc89b20b802a12f44d7
cdn-requestcountrycode
DE
cdn-status
200
cdn-requestpullsuccess
True
23.0a035390359aab65eb82.js
load.sumo.com/ 		329 KB
94 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://load.sumo.com/23.0a035390359aab65eb82.js
Requested by
Host: load.sumome.com
URL: https://load.sumome.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.152.64.17 Prague, Czech Republic, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-185-152-64-17.datapacket.com
Software
BunnyCDN-CZ1-887 /
Resource Hash
36aecd4542cf4c62f3d0b0517e0e560aabd649e4efcfce254a95c5adeb388a5c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://shadowandact.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 27 May 2022 18:51:35 GMT
content-encoding
br
cdn-edgestorageid
887
x-amz-request-id
7DYQWW7NDCH126AR
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-cachedat
03/13/2022 13:04:28
cdn-pullzone
53731
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-amz-id-2
yWzzJ2K6QYXrvzHOY6EtdCeZ7zP0JKwZ3j9GXB8raZ8nXteXIInZ+LvoX+c0l4l+TO88Hc919ew=
server
BunnyCDN-CZ1-887
access-control-allow-origin
*
last-modified
Mon, 10 Jan 2022 18:21:51 GMT
cdn-proxyver
1.02
cdn-requestpullcode
200
etag
W/"be0b945be6cafa91f6fd4efdfc8268f8"
vary
Accept-Encoding, Accept-Encoding
content-type
text/javascript
cdn-cache
HIT
cdn-uid
a61f2e95-f685-45ef-9e80-35f4adfb29cb
cache-control
max-age=31536000
cdn-requestid
0bebd809671f9489bf4ee3b37bfba6e0
cdn-requestcountrycode
DE
cdn-status
200
cdn-requestpullsuccess
True
21.0a035390359aab65eb82.js
load.sumo.com/ 		179 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://load.sumo.com/21.0a035390359aab65eb82.js
Requested by
Host: load.sumome.com
URL: https://load.sumome.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.152.64.17 Prague, Czech Republic, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-185-152-64-17.datapacket.com
Software
BunnyCDN-CZ1-887 /
Resource Hash
967ff48c41053bf7c36f819b71ee6b509bd9971857397d74b41c75acc5bd27ae

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://shadowandact.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 27 May 2022 18:51:35 GMT
content-encoding
br
cdn-edgestorageid
887
x-amz-request-id
7DYYAC1D60VRVNQ9
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-cachedat
03/13/2022 13:04:28
cdn-pullzone
53731
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-amz-id-2
B1D9xoprVVvp2s4JHbypf21X8JpkbZw/cKi3aZeuT/rVdN0gQRZ4nEFh0gUJ69og2mnbH+RM0iE=
server
BunnyCDN-CZ1-887
access-control-allow-origin
*
last-modified
Mon, 10 Jan 2022 18:21:50 GMT
cdn-proxyver
1.02
cdn-requestpullcode
200
etag
W/"beda094dfc3b530efd0d2d83c5a0280c"
vary
Accept-Encoding, Accept-Encoding
content-type
text/javascript
cdn-cache
HIT
cdn-uid
a61f2e95-f685-45ef-9e80-35f4adfb29cb
cache-control
max-age=31536000
cdn-requestid
311ffdf6ac280d6cc6f73b0c7cda34e2
cdn-requestcountrycode
DE
cdn-status
200
cdn-requestpullsuccess
True
0.0a035390359aab65eb82.js
load.sumo.com/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://load.sumo.com/0.0a035390359aab65eb82.js
Requested by
Host: load.sumome.com
URL: https://load.sumome.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.152.64.17 Prague, Czech Republic, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-185-152-64-17.datapacket.com
Software
BunnyCDN-CZ1-887 /
Resource Hash
dd9c85c873b9b644468988e8165e079b0e747a550ce13fa3f7d0c1839b0fd503

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://shadowandact.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 27 May 2022 18:51:35 GMT
content-encoding
br
cdn-edgestorageid
887
x-amz-request-id
3QT1RRVVAHN62DCV
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-cachedat
03/13/2022 13:04:30
cdn-pullzone
53731
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-amz-id-2
s87ZhTmlzAihXnT1vKOqJDaz0UTkQGMGhuH7hm9c2oSVzPW0WRQkdqajtvWDW5zPz2BCjOK43b4=
server
BunnyCDN-CZ1-887
access-control-allow-origin
*
last-modified
Mon, 10 Jan 2022 18:21:33 GMT
cdn-proxyver
1.02
cdn-requestpullcode
200
etag
W/"31baf056af3800bbd6e4f9e8b445d052"
vary
Accept-Encoding, Accept-Encoding
content-type
text/javascript
cdn-cache
HIT
cdn-uid
a61f2e95-f685-45ef-9e80-35f4adfb29cb
cache-control
max-age=31536000
cdn-requestid
889cdd56a7db7dfa563f295e7c6e8777
cdn-requestcountrycode
DE
cdn-status
200
cdn-requestpullsuccess
True
96.0a035390359aab65eb82.js
load.sumo.com/ 		1 MB
80 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://load.sumo.com/96.0a035390359aab65eb82.js
Requested by
Host: load.sumome.com
URL: https://load.sumome.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.152.64.17 Prague, Czech Republic, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-185-152-64-17.datapacket.com
Software
BunnyCDN-CZ1-887 /
Resource Hash
535f84cffe4a18de721d24bd0f6a46f059068d48daf2327d143e0397431cbb14

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://shadowandact.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 27 May 2022 18:51:35 GMT
content-encoding
br
cdn-edgestorageid
887
x-amz-request-id
3QTB7FHQJW72W75G
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-cachedat
03/13/2022 13:04:30
cdn-pullzone
53731
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-amz-id-2
hEwFEVNCoMxrBbK5odZr9TLzmfc5GLX02rjCiy7USKeT1CtjJWVrqdsLET532wtwUQXmdkH/mWA=
server
BunnyCDN-CZ1-887
access-control-allow-origin
*
last-modified
Mon, 10 Jan 2022 18:22:52 GMT
cdn-proxyver
1.02
cdn-requestpullcode
200
etag
W/"f33273f5c8e8dd3d010a11b209891b91"
vary
Accept-Encoding, Accept-Encoding
content-type
text/javascript
cdn-cache
HIT
cdn-uid
a61f2e95-f685-45ef-9e80-35f4adfb29cb
cache-control
max-age=31536000
cdn-requestid
463161c40046ccda0b0804229ebe182e
cdn-requestcountrycode
DE
cdn-status
200
cdn-requestpullsuccess
True
97.0a035390359aab65eb82.js
load.sumo.com/ 		221 B
993 B 		Script
General
Check archive.org
Download Go to
Full URL
https://load.sumo.com/97.0a035390359aab65eb82.js
Requested by
Host: load.sumome.com
URL: https://load.sumome.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.152.64.17 Prague, Czech Republic, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-185-152-64-17.datapacket.com
Software
BunnyCDN-CZ1-887 /
Resource Hash
71b3e9761dec1834f8152f030e564ed3ccee88e6f133764557faadbebf869c2d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://shadowandact.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 27 May 2022 18:51:35 GMT
content-encoding
br
cdn-edgestorageid
887
x-amz-request-id
3QT0YKJMXCC8Q8JN
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-cachedat
03/13/2022 13:04:30
cdn-pullzone
53731
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-amz-id-2
3YMsjhD1bRSHlHYg3EUPk5l75TQsIUGAScsbqp+x/0/7F7lIoqfibIhUSkmZkOSWQ3VgoXQo/Gw=
server
BunnyCDN-CZ1-887
access-control-allow-origin
*
last-modified
Mon, 10 Jan 2022 18:22:53 GMT
cdn-proxyver
1.02
cdn-requestpullcode
200
etag
W/"857476cf6e94c14c223d4481353b4c19"
vary
Accept-Encoding, Accept-Encoding
content-type
text/javascript
cdn-cache
HIT
cdn-uid
a61f2e95-f685-45ef-9e80-35f4adfb29cb
cache-control
max-age=31536000
cdn-requestid
630e9bcc721b9389fe897001d34676d2
cdn-requestcountrycode
DE
cdn-status
200
cdn-requestpullsuccess
True
postback
s.srvsynd.com/2/2.60.0/234175/AUqCbqgKEPfi8l_L/ 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.srvsynd.com/2/2.60.0/234175/AUqCbqgKEPfi8l_L/postback?ui=00000000-0000-0000-0000-000000000000&pp=453249929261197&dt=2341751597675869250012&md=2&ap=undefined&sr=connatix.com&ti=x1448421605612486237246558044160&de=2&to=3&pv=b6988ba0-68f5-49ca-97aa-3e6195926b39&di=shadowandact.com&ci=234175&sid=AUqCbqgKEPfi8l_L&oz_sc=0030275dff3765af74dbfd85&oz_df=1653677494356&oz_l=1046&cv=3
Requested by
Host: s.srvsynd.com
URL: https://s.srvsynd.com/2/2.60.0/main.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
34.253.43.221 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-253-43-221.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://shadowandact.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 27 May 2022 18:51:34 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
css
fonts.googleapis.com/ 		31 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic,200,300,400,500,600,700,800
Requested by
Host: client
URL: about:client
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
344c14cce7eea32ca74e0baa3a3c10a0cee5645f9e276945454ab5d5c49168c7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://shadowandact.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 27 May 2022 17:55:44 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Fri, 27 May 2022 18:51:35 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 27 May 2022 18:51:35 GMT
features
sumo.com/api/site/647119b84ee190a7146ab71bf0c79bacc3f29cbc1b8bfcd2a48e2a8c5b82d5bb/ 		3 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://sumo.com/api/site/647119b84ee190a7146ab71bf0c79bacc3f29cbc1b8bfcd2a48e2a8c5b82d5bb/features?site_id=647119b84ee190a7146ab71bf0c79bacc3f29cbc1b8bfcd2a48e2a8c5b82d5bb
Requested by
Host: load.sumo.com
URL: https://load.sumo.com/73.0a035390359aab65eb82.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.34.133.113 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-34-133-113.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
058f76d93a417240888fe7522aca5a1322f3ff8f86ddc950a3c347f0a1ac57da
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Accept
application/json, text/plain, */*
Referer
https://shadowandact.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
X-Sumo-Auth
TVdZO8hSfHtKXgAbWGHMydJH

Response headers

date
Fri, 27 May 2022 18:51:35 GMT
content-encoding
gzip
vary
Origin, Accept-Encoding
server
nginx
etag
"-362431178"
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
access-control-allow-origin
https://shadowandact.com
access-control-allow-credentials
true
x-robots-tag
noindex, nofollow
features
sumo.com/api/site/647119b84ee190a7146ab71bf0c79bacc3f29cbc1b8bfcd2a48e2a8c5b82d5bb/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://sumo.com/api/site/647119b84ee190a7146ab71bf0c79bacc3f29cbc1b8bfcd2a48e2a8c5b82d5bb/features?site_id=647119b84ee190a7146ab71bf0c79bacc3f29cbc1b8bfcd2a48e2a8c5b82d5bb
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.34.133.113 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-34-133-113.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
x-sumo-auth
Access-Control-Request-Method
GET
Origin
https://shadowandact.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
pragma, x-requested-with, accept, x-sumo-auth, x-sumo-token, content-type
access-control-allow-methods
GET,HEAD,PUT,POST,DELETE
access-control-allow-origin
https://shadowandact.com
access-control-max-age
2592000
date
Fri, 27 May 2022 18:51:35 GMT
server
nginx
event.png
tpsc-eu3.doubleverify.com/ Frame B7FD 		0
271 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://tpsc-eu3.doubleverify.com/event.png?impid=1e97dc5ecff042f3abe84b7ae216d3ea&gdpr=&gdpr_consent=&dvp_twib=1&dvp_atali=1&vdur=131&eoid=10&msrjs=2767&nav_pltfrm=Linux%20x86_64&sdf=2&vit=2&isvelg=1&rmi=16&tltms=77&tetms=13&msltms=24&vltms=131&sei=290&vetms=346&engms=1&engisel=1&dvp_dtvst=1e97dc5ecff042f3abe84b7ae216d3ea&ttfurm=2581&cbust=1653677494520672
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements2767.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.149.12.213 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
213.12.149.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://shadowandact.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 27 May 2022 18:51:35 GMT
Vary
Origin
Access-Control-Allow-Origin
https://shadowandact.com
Cache-Control
max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Expires
05/26/2022 18:51:35
postback
s.srvsynd.com/2/2.60.0/234175/AUqCbqgKEPfi8l_L/ 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.srvsynd.com/2/2.60.0/234175/AUqCbqgKEPfi8l_L/postback?ui=00000000-0000-0000-0000-000000000000&pp=453249929261197&dt=2341751597675869250012&md=2&ap=undefined&sr=connatix.com&ti=x1448421605612486237246558044160&de=2&to=3&pv=b6988ba0-68f5-49ca-97aa-3e6195926b39&di=shadowandact.com&ci=234175&sid=AUqCbqgKEPfi8l_L&oz_sc=0030275dff3765af74dbfd85&oz_df=1653677494567&oz_l=1310&cv=3
Requested by
Host: s.srvsynd.com
URL: https://s.srvsynd.com/2/2.60.0/main.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
34.253.43.221 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-253-43-221.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://shadowandact.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 27 May 2022 18:51:34 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
event.png
tpsc-eu3.doubleverify.com/ Frame 8733 		0
271 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://tpsc-eu3.doubleverify.com/event.png?impid=2f5bc0960db64aacb23871f65c47f68d&gdpr=&gdpr_consent=&dvp_atali=1&vdur=14&eoid=10&msrjs=2767&nav_pltfrm=Linux%20x86_64&sdf=2&vit=2&isvelg=1&rmi=16&tltms=9&tetms=8&msltms=12&vltms=14&sei=290&vetms=10&engms=1&engisel=1&dvp_dtvst=1e97dc5ecff042f3abe84b7ae216d3ea&dvp_dtslt=2f5bc0960db64aacb23871f65c47f68d&mascid=2f5bc0960db64aacb23871f65c47f68d&ttfurm=2032&cbust=1653677495250949
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements2767.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.149.12.213 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
213.12.149.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://shadowandact.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 27 May 2022 18:51:36 GMT
Vary
Origin
Access-Control-Allow-Origin
https://shadowandact.com
Cache-Control
max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Expires
05/26/2022 18:51:36
ixmatch.html
js-sec.indexww.com/um/ Frame D3F6 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: console.adgrid.io
URL: https://console.adgrid.io/adgrid-build/ad-grid-shadowandact-com.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.20.157.55 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-20-157-55.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7c3b96f238042f73d0bedf5877fa02eb834e89649bbd122e2f10cc35238173cf

Request headers

Referer
https://shadowandact.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
1388
Content-Type
text/html; charset=UTF-8
Date
Fri, 27 May 2022 18:51:36 GMT
ETag
"e20015-b6b-5d84d0db0c30a"
Last-Modified
Fri, 18 Feb 2022 16:05:37 GMT
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Server
Apache
Vary
Accept-Encoding
sync.html
cdn.concert.io/lib/bids/ Frame 5731 		5 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.concert.io/lib/bids/sync.html
Requested by
Host: console.adgrid.io
URL: https://console.adgrid.io/adgrid-build/ad-grid-shadowandact-com.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.196.124 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bfcdc5bb514538c16b96948274609c06a933ee0f19dd90e3086f887a7df0e79b

Request headers

Referer
https://shadowandact.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
34127
cache-control
max-age=86400
content-length
4617
content-type
text/html
date
Fri, 27 May 2022 18:51:36 GMT
etag
"2e249336f5d89d6f82c998cf8004a382"
last-modified
Fri, 20 May 2022 16:30:21 GMT
server
AmazonS3
via
1.1 varnish
x-amz-id-2
oFDpqH+ldojB+M2SL3tizcOAxozvik+7e1AImhvqwqL3Qj1VkTxeqy506GGqBHbXModYXuelFxY=
x-amz-request-id
M7XTZR0TJHY770Y4
x-cache
HIT
x-cache-hits
42
x-served-by
cache-hhn4062-HHN
x-timer
S1653677496.452619,VS0,VE0
async_usersync.html
acdn.adnxs.com/dmp/ Frame D9B8 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: console.adgrid.io
URL: https://console.adgrid.io/adgrid-build/ad-grid-shadowandact-com.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://shadowandact.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
51880
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Fri, 27 May 2022 18:51:36 GMT
ETag
W/"623de86a-cf34"
Expires
Fri, 13 May 2022 04:26:27 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
6, 705335
X-Served-By
cache-lga21928-LGA, cache-hhn4075-HHN
X-Timer
S1653677496.448562,VS0,VE0
sync.html
public.servenobid.com/ Frame 2D87 		7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://public.servenobid.com/sync.html
Requested by
Host: console.adgrid.io
URL: https://console.adgrid.io/adgrid-build/ad-grid-shadowandact-com.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5ba644f0fddbedd145f222319852b63c370c3cb827de34c21e5f0823e6d33057

Request headers

Referer
https://shadowandact.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=86400
content-encoding
br
content-type
text/html
date
Fri, 27 May 2022 18:51:36 GMT
etag
"a067ca1c11975e052149fcb5fac5e2d3"
last-modified
Tue, 26 Apr 2022 01:37:54 GMT
server
AmazonS3
x-amz-id-2
LH6mYcgv06EEZdtK0q+wjdPT6hEkRRB1RHne6u+AQr7mgG4POZJzTURReTlzYpoPf1mmEDsolmE=
x-amz-meta-codebuild-buildarn
arn:aws:codebuild:us-east-1:559734745816:build/adserver-public-prod:5eb96107-ea8e-4447-a80a-9b951732aaca
x-amz-meta-codebuild-content-md5
e5441cba1c83e44c16f2d792acc1823c
x-amz-meta-codebuild-content-sha256
3b14aefb08d603d224cbf56f0ff34e70ebd576659dc2557c0629a8ec6943dc55
x-amz-request-id
HFT5Z4N1KZ911XAC
x-azure-ref
0uB2RYgAAAAB0WOsOeCroT4p/XNzPRr5yRlJBRURHRTEwMTAAODRlN2RmYTItMTQ0Mi00MzM0LWIzNGYtZTQyZDNmN2RkYWQ5
x-azure-ref-originshield
0FiOQYgAAAAAP7nyKC7xwRIGSJFpBWQ4GQU1TMDRFREdFMTkxMwA4NGU3ZGZhMi0xNDQyLTQzMzQtYjM0Zi1lNDJkM2Y3ZGRhZDk=
x-cache
TCP_HIT
usync.html
eus.rubiconproject.com/ Frame 14DA 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: console.adgrid.io
URL: https://console.adgrid.io/adgrid-build/ad-grid-shadowandact-com.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-235-133.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://shadowandact.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Fri, 27 May 2022 18:51:36 GMT
ETag
"402b2-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 1DD1 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160224
Requested by
Host: console.adgrid.io
URL: https://console.adgrid.io/adgrid-build/ad-grid-shadowandact-com.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.102.28.254 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-102-28-254.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://shadowandact.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=73853
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Fri, 27 May 2022 18:51:36 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Sat, 28 May 2022 15:22:29 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding
hms.gif
sync.colossusssp.com/
Redirect Chain
  • https://colossusssp.com/?c=o&m=cookie
  • https://sync.colossusssp.com/hms.gif
20 B
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.colossusssp.com/hms.gif
Protocol
HTTP/1.1
Server
8.2.111.121 , United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
nginx /
Resource Hash
c1e253200f916f76ff84eed9148f10f19670158475f152653d064f4c6127558d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://shadowandact.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Fri, 27 May 2022 18:51:37 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
text/plain

Redirect headers

Location
https://sync.colossusssp.com/hms.gif
Date
Fri, 27 May 2022 18:51:36 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
usync.js
eus.rubiconproject.com/ Frame 14DA 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-235-133.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
9449391857ab47443d4fcd4c4e47898692e7c798cf8c16bb0d2031a621f1cb76

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Fri, 27 May 2022 18:51:36 GMT
Content-Encoding
gzip
Last-Modified
Mon, 23 May 2022 17:55:16 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=75121
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9451
Expires
Sat, 28 May 2022 15:43:37 GMT
async_usersync
ib.adnxs.com/ Frame D9B8 		0
737 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.53 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
718.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 27 May 2022 18:51:36 GMT
X-Proxy-Origin
81.95.5.36; 81.95.5.36; 718.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
e93f9d41-fb97-48b4-8ceb-9834e540f659
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
js.cookie.min.js
cdn.jsdelivr.net/npm/js-cookie@2/src/ Frame 5731 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/js-cookie@2/src/js.cookie.min.js
Requested by
Host: cdn.concert.io
URL: https://cdn.concert.io/lib/bids/sync.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
39b8fe6364621725ff90431a34af0f87976d95c00cbfd1d0f3711a3f1fa1a07b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.concert.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 27 May 2022 18:51:36 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
34049
x-jsd-version
2.2.1
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra19150-FRA, cache-hhn4049-HHN
timing-allow-origin
*
x-jsd-version-type
version
server
cloudflare
etag
W/"79f-7pVBzxqV0qiF+LFDoQXKqgjKnJ0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=760secu8t96hUgD0s74lI8Cz2tJ3OXZ41dhexLI2hLXTtw5R8T7Mf%2Bxq%2F97cpEAkt%2B%2BkvvSX56yX3E6tiCRRGJm5kVwnpdmfw9nHu8VTGjkqnbrfVQenDZ%2FCYFPKVU%2BW%2BBRYUkjPARDWEGck3zc%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
cf-ray
7120f160fcb9696a-FRA
browserify-consent-string.js
cdn.concert.io/lib/bids/ Frame 5731 		38 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.concert.io/lib/bids/browserify-consent-string.js
Requested by
Host: cdn.concert.io
URL: https://cdn.concert.io/lib/bids/sync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.196.124 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9d44c04da1087e1be35a57ee5c975dc715c1aa92c31fd0233b3f7cd7014f1dcb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.concert.io/lib/bids/sync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 27 May 2022 18:51:36 GMT
via
1.1 varnish
age
1538906
x-cache
HIT
content-length
38796
x-amz-id-2
n1sIey/7P7wSTEpJOIE91vnoaclabqZKHG/NmYdGP0HVg+FwImQgZZUQtnKxOCW79rAiVOEhTlM=
x-served-by
cache-hhn4062-HHN
last-modified
Tue, 03 May 2022 13:54:25 GMT
server
AmazonS3
x-timer
S1653677496.480057,VS0,VE0
etag
"c8cdc96a2fa10f85ee91bb03aee93132"
x-amz-request-id
2PNHT6KYWF54HFN6
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
content-type
application/javascript
x-cache-hits
2076
usermatch
ssum-sec.casalemedia.com/ Frame E4AB
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fshadowandact.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
  • https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fshadowandact.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fshadowandact.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.20.157.55 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-20-157-55.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
fcdb89944b76cd60b9902dbde0a857fe0e9df6fe0eeab8d4ff8ff6e8d98e7867

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
1785
Content-Type
text/html
Date
Fri, 27 May 2022 18:51:36 GMT
Dropped-Udsids
230|39|241|45|13|152|26|206
Expires
Fri, 27 May 2022 18:51:36 GMT
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma
no-cache
Server
Apache
Vary
Is-Traffic-Usersync

Redirect headers

Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
347
Content-Type
text/html; charset=iso-8859-1
Date
Fri, 27 May 2022 18:51:36 GMT
Expires
Fri, 27 May 2022 18:51:36 GMT
Location
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fshadowandact.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma
no-cache
Server
Apache
_pdfps
d2fb08da-1c03-4c8a-978f-ad8a96b4c31f.partner.permutive.app/sync/ Frame 5731 		0
166 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://d2fb08da-1c03-4c8a-978f-ad8a96b4c31f.partner.permutive.app/sync/_pdfps
Requested by
Host: cdn.concert.io
URL: https://cdn.concert.io/lib/bids/sync.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.222.173 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
173.222.107.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.concert.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 27 May 2022 18:51:36 GMT
via
1.1 google
server
nginx
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://cdn.concert.io
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
PugMaster
image6.pubmatic.com/AdServer/ Frame 1DD1 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=36842668&p=160224&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160224
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
eccc3ad32660b371c10adea1e77793843560fa68404568797ec59e162db13a88

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 27 May 2022 18:51:35 GMT
content-type
text/html; charset=UTF-8
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
event.png
tpsc-eu3.doubleverify.com/ Frame B7FD 		0
271 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://tpsc-eu3.doubleverify.com/event.png?impid=1e97dc5ecff042f3abe84b7ae216d3ea&gdpr=&gdpr_consent=&msrcanlm=648&msrcannum=8&eoid=12&ismms=60&isumms=60&isvelg=1&nvr=2&isgmmims=60&isgmv4mims=60&elmtp=6&isbxdms=3060&b0=3414&adhgt=193&adwdth=342&engisel=1&dvp_vsosnmr=1&dvp_mvpw=device-width&dvp_mvpis=1&lftb=3414&sftb=3414&msrdp=14&naral=128&vct=1&vphgt=1200&vpwdth=1600&scrhgt=1200&scrwdth=1600&strp=0&advisonl=false&engalms=58&engscrlms=61&dvp_hdnAd=0&dvp_pageEng=true&dvp_dpr=1&cbust=1653677495448357
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements2767.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.149.12.213 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
213.12.149.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://shadowandact.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 27 May 2022 18:51:36 GMT
Vary
Origin
Access-Control-Allow-Origin
https://shadowandact.com
Cache-Control
max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Expires
05/26/2022 18:51:36
setuid
px.ads.linkedin.com/ Frame 14DA
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L3OSVROS-26-99K7
0
706 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L3OSVROS-26-99K7
Protocol
H2
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 27 May 2022 18:51:36 GMT
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: 7CF55431A5D4490895A56452FCD07850 Ref B: FRAEDGE1512 Ref C: 2022-05-27T18:51:36Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-ltx1
x-li-proto
http/2
content-length
0
x-li-uuid
AAXgAsvD97eN+1Rn9oc4GQ==

Redirect headers

Location
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L3OSVROS-26-99K7
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
66ef90d06496cfd000aab8206f2b6221
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
ecm3
s.amazon-adsystem.com/ Frame 14DA
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=11Yn9O3URdOQsojRBJcqMg&rk=usync-na
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=11Yn9O3URdOQsojRBJcqMg
43 B
556 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=11Yn9O3URdOQsojRBJcqMg
Protocol
HTTP/1.1
Server
209.54.176.128 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 27 May 2022 18:51:37 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
6E47KBCSB3620XAJ1CTE
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=11Yn9O3URdOQsojRBJcqMg
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
66ef90d06496cfd000aab8206f2b6221
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 14DA
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/-kcVtYLsIJCs1lnAPsv0lMn5EUdSAgOZEtemQ7w0kco?csrc=
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=625178128464289871
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=625178128464289871
Protocol
HTTP/1.1
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
66ef90d06496cfd000aab8206f2b6221
Content-Type
image/gif

Redirect headers

date
Fri, 27 May 2022 18:51:36 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=625178128464289871
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
pixel
cm.g.doubleclick.net/ Frame 14DA
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDNPU1ZST1MtMjYtOTlLNw==
170 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDNPU1ZST1MtMjYtOTlLNw==
Protocol
H2
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 27 May 2022 18:51:36 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDNPU1ZST1MtMjYtOTlLNw==
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
66ef90d06496cfd000aab8206f2b6221
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 14DA
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEAEhtHbtDGoNTJqIgYbvb64&google_cver=1
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEAEhtHbtDGoNTJqIgYbvb64&google_cver=1
Protocol
HTTP/1.1
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
66ef90d06496cfd000aab8206f2b6221
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Fri, 27 May 2022 18:51:36 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEAEhtHbtDGoNTJqIgYbvb64&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 14DA
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NzRkOWNkMDBmZTA5MTRkZTY4ODRhOTA1YjdjYjQ3ZDU1ZDI5NDJjMg
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NzRkOWNkMDBmZTA5MTRkZTY4ODRhOTA1YjdjYjQ3ZDU1ZDI5NDJjMg
Protocol
H2
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 27 May 2022 18:51:36 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NzRkOWNkMDBmZTA5MTRkZTY4ODRhOTA1YjdjYjQ3ZDU1ZDI5NDJjMg
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
78e3bdce5107450057bade54d54a0a7e
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
ecm3
aax-eu.amazon-adsystem.com/s/ Frame 14DA
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=QB4lFC5mRReUz6rdKI3d5g&rk=usync-other
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=QB4lFC5mRReUz6rdKI3d5g
43 B
556 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=QB4lFC5mRReUz6rdKI3d5g
Protocol
HTTP/1.1
Server
52.95.126.160 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 27 May 2022 18:51:36 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
R6QWV9XA21TM95E4YR0E
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=QB4lFC5mRReUz6rdKI3d5g
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
66ef90d06496cfd000aab8206f2b6221
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
rubicon
match.adsrvr.org/track/cmf/ Frame 14DA 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/rubicon
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 27 May 2022 18:51:36 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
match
c1.adform.net/serving/cookie/ Frame 1CDC
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&cid=3BAA82F1-396D-4543-9BC8-CD06037CA850
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=3BAA82F1-396D-4543-9BC8-CD06037CA850
35 B
468 B 		Document
General
Check archive.org
Download Go to
Full URL
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=3BAA82F1-396D-4543-9BC8-CD06037CA850
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160224
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.3.29 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-type
image/gif
date
Fri, 27 May 2022 18:51:36 GMT
expires
-1
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains

Redirect headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
0
date
Fri, 27 May 2022 18:51:36 GMT
expires
-1
location
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=3BAA82F1-396D-4543-9BC8-CD06037CA850
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
Pug
image2.pubmatic.com/AdServer/ Frame E1FA
Redirect Chain
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=1902524812053439895
42 B
275 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=1902524812053439895
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160224
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Fri, 27 May 2022 18:51:36 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=1902524812053439895
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
Pug
simage2.pubmatic.com/AdServer/ Frame 0064
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:eeca6291-1db9-4700-bc78-1acd8f573a90&gdpr=0&gdpr_consent=
42 B
324 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:eeca6291-1db9-4700-bc78-1acd8f573a90&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160224
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Fri, 27 May 2022 18:51:36 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
Content-Type
image/gif
Date
Fri, 27 May 2022 18:51:37 GMT
Expires
Fri, 27 May 2022 18:51:36 GMT
Keep-Alive
timeout=360
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server
MT3 4419 e1034d5 master hkg-pixel-x19 config:1.0.0
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:eeca6291-1db9-4700-bc78-1acd8f573a90&gdpr=0&gdpr_consent=
usersync.aspx
dis.criteo.com/dis/ Frame A00B 		43 B
363 B 		Document
General
Check archive.org
Download Go to
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160224
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.151 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache
content-type
image/gif
cross-origin-resource-policy
cross-origin
date
Fri, 27 May 2022 18:51:35 GMT
expires
Fri, 27 May 2022 00:00:00 GMT
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
655356
strict-transport-security
max-age=31536000; preload;
x-errorlevel
0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 1DD1
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=O6qC8TltRUObyM0GA3yoUA%3D%3D
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160224
Protocol
H2
Server
104.102.28.254 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-102-28-254.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 27 May 2022 18:51:36 GMT
content-encoding
gzip
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
server
Apache/2.2.15 (CentOS)
etag
"1300708-3de4-5d6ef246ef4cf"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=73853
accept-ranges
bytes
content-type
text/html; charset=UTF-8
content-length
5549
expires
Sat, 28 May 2022 15:22:29 GMT

Redirect headers

pragma
no-cache
date
Fri, 27 May 2022 18:51:36 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
272
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
SPug
image4.pubmatic.com/AdServer/ Frame 1DD1
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=1bca6291-1db9-4c00-aa24-8c6b7b149698
0
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=1bca6291-1db9-4c00-aa24-8c6b7b149698
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160224
Protocol
H2
Server
8.28.7.84 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 27 May 2022 14:26:17 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Fri, 27 May 2022 18:51:37 GMT
Server
MT3 4419 e1034d5 master hkg-pixel-x20 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=1bca6291-1db9-4c00-aa24-8c6b7b149698
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Fri, 27 May 2022 18:51:36 GMT
generic
match.adsrvr.org/track/cmf/ Frame 1DD1
Redirect Chain
  • https://pixel.onaudience.com/?partner=214&mapped=3BAA82F1-396D-4543-9BC8-CD06037CA850
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=1
70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160224
Protocol
H2
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 27 May 2022 18:51:36 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

Redirect headers

location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=1
content-length
0
Pug
image2.pubmatic.com/AdServer/ Frame 1DD1
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=M0JBQTgyRjEtMzk2RC00NTQzLTlCQzgtQ0QwNjAzN0NBODUw&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160224
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 27 May 2022 18:51:35 GMT
cache-control
no-store, no-cache, private
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Fri, 27 May 2022 18:51:36 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 1DD1
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESECYDQLyLLrCMRrcmj3ckU-Y&google_cver=1
42 B
499 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESECYDQLyLLrCMRrcmj3ckU-Y&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160224
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 27 May 2022 18:51:35 GMT
cache-control
no-store, no-cache, private
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Fri, 27 May 2022 18:51:36 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESECYDQLyLLrCMRrcmj3ckU-Y&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubmatic
um.simpli.fi/ Frame 1DD1 		43 B
613 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160224
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
159.122.14.34 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
22.0e.7a9f.ip4.static.sl-reverse.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 27 May 2022 18:51:36 GMT
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Thu, 26 May 2022 18:51:36 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 1DD1
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=5791635389266032506
42 B
299 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=5791635389266032506
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160224
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 27 May 2022 18:51:34 GMT
cache-control
no-store, no-cache, private
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Fri, 27 May 2022 18:51:36 GMT
server
nginx
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=5791635389266032506
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
generic
match.adsrvr.org/track/cmf/ Frame 1DD1 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160224
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 27 May 2022 18:51:36 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
Pug
image2.pubmatic.com/AdServer/ Frame 1DD1
Redirect Chain
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=3819475946486894415&gdpr=0&gdpr_consent=
42 B
299 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=3819475946486894415&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160224
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 27 May 2022 09:29:17 GMT
cache-control
no-store, no-cache, private
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Pragma
no-cache
Date
Fri, 27 May 2022 18:51:36 GMT
X-Proxy-Origin
81.95.5.36; 81.95.5.36; 718.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
5ec7b199-777c-49e3-9da9-653adc375506
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=3819475946486894415&gdpr=0&gdpr_consent=
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
3BAA82F1-396D-4543-9BC8-CD06037CA850
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 1DD1 		43 B
990 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/3BAA82F1-396D-4543-9BC8-CD06037CA850?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160224
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3605:a78d:7683:9776:13f1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 27 May 2022 18:51:36 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
pixel
cm.g.doubleclick.net/ Frame E4AB 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YpEduMjJuSTTClLZU9VjiQAABHsAAAIB&gdpr_consent=&us_privacy=&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fshadowandact.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 27 May 2022 18:51:36 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame E4AB 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale?gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fshadowandact.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 27 May 2022 18:51:36 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
dcm
s.amazon-adsystem.com/ Frame E4AB
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YpEduMjJuSTTClLZU9VjiQAABHsAAAIB
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YpEduMjJuSTTClLZU9VjiQAABHsAAAIB&dcc=t
43 B
645 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YpEduMjJuSTTClLZU9VjiQAABHsAAAIB&dcc=t
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fshadowandact.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Server
209.54.176.128 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 27 May 2022 18:51:37 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
MXJCWCAQKQ53AFHMGWB5
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 27 May 2022 18:51:37 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
ZX5WMK3Y2MESSN7PTGE7
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YpEduMjJuSTTClLZU9VjiQAABHsAAAIB&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame E4AB
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YpEduMjJuSTTClLZU9VjiQAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEPaGroeCXYrPbkVVxUyTwCw&google_cver=1&gdpr=1
43 B
985 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEPaGroeCXYrPbkVVxUyTwCw&google_cver=1&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fshadowandact.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Server
2.20.157.55 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-20-157-55.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 27 May 2022 18:51:36 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 27 May 2022 18:51:36 GMT

Redirect headers

pragma
no-cache
date
Fri, 27 May 2022 18:51:36 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEPaGroeCXYrPbkVVxUyTwCw&google_cver=1&gdpr=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
325
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame E4AB
Redirect Chain
  • https://sync.adotmob.com/cookie/indexexchange?r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7bamob_user_id%7d%26expiration%3D%5bEXPIRATION%5d&gdpr=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=%7Bamob_user_id%7D&expiration=[EXPIRATION]&gdpr=1
43 B
991 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=%7Bamob_user_id%7D&expiration=[EXPIRATION]&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fshadowandact.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Server
2.20.157.55 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-20-157-55.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 27 May 2022 18:51:36 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 27 May 2022 18:51:36 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=%7Bamob_user_id%7D&expiration=[EXPIRATION]&gdpr=1
date
Fri, 27 May 2022 18:51:36 GMT
access-control-allow-credentials
true
x-powered-by
Express
content-length
0
vary
Origin
keep-alive
timeout=5
crum
dsum-sec.casalemedia.com/ Frame E4AB
Redirect Chain
  • https://sync.extend.tv/r.gif?exchange=index
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=e1edfd3c-408c-40b2-a4f7-a4171f995a09
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=e1edfd3c-408c-40b2-a4f7-a4171f995a09
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fshadowandact.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Server
2.20.157.55 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-20-157-55.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 27 May 2022 18:51:37 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 27 May 2022 18:51:37 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 27 May 2022 18:51:37 GMT
Access-Control-Allow-Origin
*
Content-Type
text/html; charset=utf-8
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=e1edfd3c-408c-40b2-a4f7-a4171f995a09
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
132
Expires
Tue, 29 May 1984 15:00:00 GMT
/
sync.taboola.com/sg/indexscod/1/cm/ Frame E4AB 		0
99 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/indexscod/1/cm/?us_privacy=&gdpr=1&gdpr_consent=&id=YpEduMjJuSTTClLZU9VjiQAA%261147
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fshadowandact.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 27 May 2022 18:51:36 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
13407
sync
ups.analytics.yahoo.com/ups/55940/ Frame E4AB 		0
124 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=YpEduMjJuSTTClLZU9VjiQAABHsAAAIB&gdpr_consent=&us_privacy=&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fshadowandact.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.126.56.137 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-126-56-137.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.46 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 27 May 2022 18:51:36 GMT
server
ATS/9.1.0.46
age
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
htw-pixel.gif
js-sec.indexww.com/ht/ Frame E4AB 		43 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://js-sec.indexww.com/ht/htw-pixel.gif?YpEduMjJuSTTClLZU9VjiQAA%261147
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fshadowandact.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.20.157.55 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-20-157-55.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Fri, 27 May 2022 18:51:36 GMT
Last-Modified
Tue, 24 Jan 2017 19:36:04 GMT
Server
Apache
ETag
"902a3d-2b-546dc3a097100"
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=1172
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/gif
Content-Length
43
Expires
Fri, 27 May 2022 19:11:08 GMT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 05F6 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fx.yieldlift.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1YN-%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.102.28.254 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-102-28-254.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=73853
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Fri, 27 May 2022 18:51:36 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Sat, 28 May 2022 15:22:29 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding
13926
g2.gumgum.com/usync/ Frame 9A50 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.248.81.187 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-248-81-187.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
3821ab96c4c9467ae999fe5069f906ef28a4ebf352d11b0dfea19d2f75437b99

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
gzip
content-type
text/html;charset=UTF-8
date
Fri, 27 May 2022 18:51:36 GMT
etag
W/"0a134c0e41dbd92d98457feb3eee1419f"
server
nginx
timing-allow-origin
*
ps
pixel.33across.com/ Frame B541 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://pixel.33across.com/ps?m=xch&rt=html&id=0010b00002Mq2FYAAZ&ru=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D304%26uid%3D33XUSERID33X
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.23 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip23.67-202-105.static.steadfastdns.net
Software
33XP001 /
Resource Hash

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

date
Fri, 27 May 2022 18:51:36 GMT
server
33XP001
x-33x-status
2000208
/
onetag-sys.com/usync/ Frame B762 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip252.ip-51-89-9.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
sync
ssbsync.smartadserver.com/api/ Frame 37E0 		903 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.137.122 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
48ac297961131a6119b352150e1ad5d568a1758921249f676acb59e1b90447c6

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-length
903
content-type
text/html
date
Fri, 27 May 2022 18:51:36 GMT
usermatch
ssum-sec.casalemedia.com/ Frame 4EFB 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.20.157.55 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-20-157-55.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8b5eb0e22d5b6ea14b6710dd74e1683f513d112aeba0e7cbe351a258f8b97b22

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
1666
Content-Type
text/html
Date
Fri, 27 May 2022 18:51:36 GMT
Dropped-Udsids
73|46|130|3|57|45|206|156
Expires
Fri, 27 May 2022 18:51:36 GMT
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma
no-cache
Server
Apache
Vary
Is-Traffic-Usersync
sync.php
pixel.rubiconproject.com/exchange/ Frame 2D87 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/exchange/sync.php?p=13702&gdpr=0&gdpr_consent=&us_privacy=1YN-&
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
66ef90d06496cfd000aab8206f2b6221
Content-Type
image/gif
sync
ads.servenobid.com/ Frame 2D87
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D312%26uid%3D%24UID
  • https://ads.servenobid.com/sync?pid=312&uid=3819475946486894415
0
345 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=312&uid=3819475946486894415
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
3.248.142.99 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-248-142-99.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 27 May 2022 18:51:36 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Pragma
no-cache
Date
Fri, 27 May 2022 18:51:36 GMT
X-Proxy-Origin
81.95.5.36; 81.95.5.36; 718.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
46588b70-d23c-4e8b-ac5c-0ee260802cfa
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://ads.servenobid.com/sync?pid=312&uid=3819475946486894415
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
ads.servenobid.com/ Frame 2D87
Redirect Chain
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D&dnr=1
  • https://ads.servenobid.com/sync?pid=310&uid=EtkLqRZHHsMfVmErS2qS7Sju
0
350 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=310&uid=EtkLqRZHHsMfVmErS2qS7Sju
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
3.248.142.99 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-248-142-99.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 27 May 2022 18:51:36 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Pragma
no-cache
Date
Fri, 27 May 2022 18:51:36 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Location
https://ads.servenobid.com/sync?pid=310&uid=EtkLqRZHHsMfVmErS2qS7Sju
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap2ams1
Content-Length
0
Expires
Fri, 20 Mar 2009 00:00:00 GMT
pixel
ap.lijit.com/ Frame 2D87 		0
277 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ap.lijit.com/pixel?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%24UID
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.9 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 27 May 2022 18:51:36 GMT
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap3ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
sync
ads.servenobid.com/ Frame 2D87
Redirect Chain
  • https://x.yieldlift.com/getuid?r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D314%26uid%3D%24UID
  • https://ads.servenobid.com/sync?pid=314&uid=eyJ4dWlkIjoiZmYxNmI0MmQtOTgzYy00Mzk1LWI5MTUtMzhlYjRlYWRmMTYyIiwiZHAiOnt9LCJiZGF5IjoiMjAyMi0wNS0yN1QxODo1MTozNy4xMjU1M1oifQ==
0
431 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=314&uid=eyJ4dWlkIjoiZmYxNmI0MmQtOTgzYy00Mzk1LWI5MTUtMzhlYjRlYWRmMTYyIiwiZHAiOnt9LCJiZGF5IjoiMjAyMi0wNS0yN1QxODo1MTozNy4xMjU1M1oifQ==
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
3.248.142.99 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-248-142-99.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 27 May 2022 18:51:37 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Location
https://ads.servenobid.com/sync?pid=314&uid=eyJ4dWlkIjoiZmYxNmI0MmQtOTgzYy00Mzk1LWI5MTUtMzhlYjRlYWRmMTYyIiwiZHAiOnt9LCJiZGF5IjoiMjAyMi0wNS0yN1QxODo1MTozNy4xMjU1M1oifQ==
Pragma
no-cache
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
0
sync
ads.servenobid.com/ Frame 2D87
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&zcc=1&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D&cb=1653677496804
  • https://ads.servenobid.com/sync?pid=321&uid=OPTOUT
0
336 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=321&uid=OPTOUT
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
3.248.142.99 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-248-142-99.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 27 May 2022 18:51:36 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

pragma
no-cache
date
Fri, 27 May 2022 18:51:36 GMT
server
Tengine
etag
OPTOUT
content-type
text/html
location
https://ads.servenobid.com/sync?pid=321&uid=OPTOUT
cache-control
no-store, no-cache, must-revalidate
expires
0
sync
ads.servenobid.com/ Frame 2D87
Redirect Chain
  • https://p.rfihub.com/cm?pub=44007&in=1
  • https://ads.servenobid.com/sync?pid=324&uid=5141210820649358048
0
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=324&uid=5141210820649358048
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
3.248.142.99 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-248-142-99.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 27 May 2022 18:51:36 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Location
https://ads.servenobid.com/sync?pid=324&uid=5141210820649358048
Date
Fri, 27 May 2022 18:51:36 GMT
Server
Jetty(9.3.29.v20201019)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
usa
sync.go.sonobi.com/ Frame 2D87 		0
474 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/usa?loc=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D332%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.149 Rijswijk, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-sync.go.sonobi.com
Software
sonobi-go /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 27 May 2022 18:51:36 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
xcp-ams-1-7-9
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Type
text/plain; charset=utf8
Content-Length
0
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
sync
ads.servenobid.com/ Frame 2D87
Redirect Chain
  • https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=1YN-&&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D327%26uid%3D
  • https://ads.servenobid.com/sync?pid=327&uid=3b8802a3-b7af-4f16-adef-4ff9c6d10652&gdpr=0&gdpr_consent=&us_privacy=1YN-
0
356 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=327&uid=3b8802a3-b7af-4f16-adef-4ff9c6d10652&gdpr=0&gdpr_consent=&us_privacy=1YN-
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
3.248.142.99 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-248-142-99.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 27 May 2022 18:51:37 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

location
https://ads.servenobid.com/sync?pid=327&uid=3b8802a3-b7af-4f16-adef-4ff9c6d10652&gdpr=0&gdpr_consent=&us_privacy=1YN-
date
Fri, 27 May 2022 18:51:36 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
1
server
envoy
content-length
0
sync
ads.servenobid.com/ Frame 2D87
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58559/occ
  • https://ads.servenobid.com/sync?pid=337&uid=y-fiR4cRZE2uF80oLIzrTBgz0x9CUqk37006O6y8Q-~A
0
366 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=337&uid=y-fiR4cRZE2uF80oLIzrTBgz0x9CUqk37006O6y8Q-~A
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
3.248.142.99 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-248-142-99.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 27 May 2022 18:51:36 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

location
https://ads.servenobid.com/sync?pid=337&uid=y-fiR4cRZE2uF80oLIzrTBgz0x9CUqk37006O6y8Q-~A
date
Fri, 27 May 2022 18:51:36 GMT
server
ATS/9.1.0.46
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
usersync
usersync.gumgum.com/ Frame 9A50
Redirect Chain
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID
  • https://usersync.gumgum.com/usersync?b=apn&i=3819475946486894415
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=apn&i=3819475946486894415
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 27 May 2022 18:51:36 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
35
Expires
0

Redirect headers

Pragma
no-cache
Date
Fri, 27 May 2022 18:51:36 GMT
X-Proxy-Origin
81.95.5.36; 81.95.5.36; 723.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
8cd08701-64aa-497a-a808-3962580fe518
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://usersync.gumgum.com/usersync?b=apn&i=3819475946486894415
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
usersync
usersync.gumgum.com/ Frame 9A50
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_0fcd2be6-7c31-488d-becb-5374374aef14&gdpr=0&gdpr_consent=&us_privacy=1---
  • https://bidswitch-eu.splicky.com/cm?bidswitch_ssp_id=gumgum2&bsw_custom_parameter=14018679-16a5-4ae5-ac7b-b9be47c7a84f
  • https://x.bidswitch.net/sync?dsp_id=311&user_id=&user_group=2&ssp=gumgum2&expires=10&bsw_param=14018679-16a5-4ae5-ac7b-b9be47c7a84f
  • https://usersync.gumgum.com/usersync?b=bsw&i=14018679-16a5-4ae5-ac7b-b9be47c7a84f
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=bsw&i=14018679-16a5-4ae5-ac7b-b9be47c7a84f
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 27 May 2022 18:51:37 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
35
Expires
0

Redirect headers

Location
//usersync.gumgum.com/usersync?b=bsw&i=14018679-16a5-4ae5-ac7b-b9be47c7a84f
Date
Fri, 27 May 2022 18:51:36 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
cookie-sync
sync.outbrain.com/ Frame 9A50
Redirect Chain
  • https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=0&gdprConsent=&platformRdUrl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobR...
  • https://usersync.gumgum.com/usersync?b=obn&i=ENC%28g5b78a-8ZwLk4kBbTJKhqf1nmAVHXZNGxbNah5b7zygCUbvRjx4iDNDnGb1D-Koz%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%...
  • https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=e_0fcd2be6-7c31-488d-becb-5374374aef14&obuid=ENC(g5b78a-8ZwLk4kBbTJKhqf1nmAVHXZNGxbNah5b7zygCUbvRjx4iDNDnGb1D-Koz)
  • https://sync.outbrain.com/syncPartner?platformId=GUMGU18H7EL9NI653I7DPEH51
  • https://ice.360yield.com/server_match?partner_id=1863&r=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dimprove_digital%26uid%3D%7BPUB_USER_ID%7D%26obUid%3Dg5b78a-8ZwLk4kBbTJKhqf1nmAVHXZNGxbNah...
  • https://sync.outbrain.com/cookie-sync?p=improve_digital&uid=eee90cfa-9fab-4d4a-b737-998726c01d81&obUid=g5b78a-8ZwLk4kBbTJKhqf1nmAVHXZNGxbNah5b7zygCUbvRjx4iDNDnGb1D-Koz
0
318 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.outbrain.com/cookie-sync?p=improve_digital&uid=eee90cfa-9fab-4d4a-b737-998726c01d81&obUid=g5b78a-8ZwLk4kBbTJKhqf1nmAVHXZNGxbNah5b7zygCUbvRjx4iDNDnGb1D-Koz
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
64.202.112.223 Harrodsburg, United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Fri, 27 May 2022 18:51:37 GMT
Cache-Control
no-cache
X-TraceId
1e9e76121ab9c26c1e47ad2c4bfef4e4
Content-Length
0

Redirect headers

location
https://sync.outbrain.com/cookie-sync?p=improve_digital&uid=eee90cfa-9fab-4d4a-b737-998726c01d81&obUid=g5b78a-8ZwLk4kBbTJKhqf1nmAVHXZNGxbNah5b7zygCUbvRjx4iDNDnGb1D-Koz
date
Fri, 27 May 2022 18:51:37 GMT
access-control-allow-origin
*
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
usersync
usersync.gumgum.com/ Frame 9A50
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
  • https://us-u.openx.net/w/1.0/cm?cc=1&_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
  • https://usersync.gumgum.com/usersync?b=opx&i=00664826-adf3-4834-a858-9222deb95b45
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=opx&i=00664826-adf3-4834-a858-9222deb95b45
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 27 May 2022 18:51:37 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
35
Expires
0

Redirect headers

date
Fri, 27 May 2022 18:51:36 GMT
content-encoding
gzip
server
OXGW/eecec1e
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://usersync.gumgum.com/usersync?b=opx&i=00664826-adf3-4834-a858-9222deb95b45
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
via
1.1 google
usersync
rtb.gumgum.com/ Frame 9A50
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent=
  • https://rtb.gumgum.com/usersync?b=sta&i=0-5943c878-7efb-413c-409e-6ea4f3eecb8c$ip$81.95.5.36
35 B
208 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=sta&i=0-5943c878-7efb-413c-409e-6ea4f3eecb8c$ip$81.95.5.36
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Server
34.248.81.187 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-248-81-187.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 27 May 2022 18:51:37 GMT
server
nginx
content-type
image/gif;charset=UTF-8
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

Location
https://rtb.gumgum.com/usersync?b=sta&i=0-5943c878-7efb-413c-409e-6ea4f3eecb8c$ip$81.95.5.36
Date
Fri, 27 May 2022 18:51:37 GMT
Connection
keep-alive
Content-Length
119
Content-Type
text/html; charset=utf-8
usersync
rtb.gumgum.com/ Frame 9A50
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent=
  • https://rtb.gumgum.com/usersync?b=oth&i=y-aL4lMHFE2pfMJ.BT52nvBc_XlozaDJfVlP8u~A
35 B
208 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=oth&i=y-aL4lMHFE2pfMJ.BT52nvBc_XlozaDJfVlP8u~A
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Server
34.248.81.187 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-248-81-187.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 27 May 2022 18:51:36 GMT
server
nginx
content-type
image/gif;charset=UTF-8
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

date
Fri, 27 May 2022 18:51:36 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://rtb.gumgum.com/usersync?b=oth&i=y-aL4lMHFE2pfMJ.BT52nvBc_XlozaDJfVlP8u~A
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
usersync
usersync.gumgum.com/ Frame 9A50
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fuser...
  • https://usersync.gumgum.com/usersync?b=vnt&i=097155b1-ddee-11ec-aa8d-45b80e638bcc
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=vnt&i=097155b1-ddee-11ec-aa8d-45b80e638bcc
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 27 May 2022 18:51:37 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
35
Expires
0

Redirect headers

Location
https://usersync.gumgum.com/usersync?b=vnt&i=097155b1-ddee-11ec-aa8d-45b80e638bcc
Date
Fri, 27 May 2022 18:51:36 GMT
Server
Apache-Coyote/1.1
Connection
keep-alive
Content-Length
0
X-CI-RTID
097155b2-ddee-11ec-aa8d-45b80e638bcc
usersync
usersync.gumgum.com/ Frame 9A50
Redirect Chain
  • https://sync.technoratimedia.com/services?srv=cs&pid=65&us_privacy=1---&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsnc%26i%3D%5BUSER_ID%5D
  • https://usersync.gumgum.com/usersync?b=snc&i=GDPR
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=snc&i=GDPR
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 27 May 2022 18:51:37 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
35
Expires
0

Redirect headers

date
Fri, 27 May 2022 18:51:37 GMT
via
1.1 varnish
server
nginx
age
0
location
https://usersync.gumgum.com/usersync?b=snc&i=GDPR
access-control-allow-methods
POST,GET,HEAD,OPTIONS
x-varnish
178286022
access-control-allow-origin
https://g2.gumgum.com/
access-control-allow-credentials
true
content-length
0
142
match.deepintent.com/usersync/ Frame 9A50 		0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.deepintent.com/usersync/142
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
169.197.150.8 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
g.deepintent.com
Software
c /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 27 May 2022 18:51:35 GMT
content-length
0
server
c
usersync
rtb.gumgum.com/ Frame 9A50
Redirect Chain
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=e_0fcd2be6-7c31-488d-becb-5374374aef14&gdpr=0&gdpr_consent=&us_privacy=1---
  • https://stags.bluekai.com/site/23178?id=RWf-kswCiQqVEbh6wM2Y&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS64TUMIXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS64TUMIXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTHMRYHEPJQEZUT2USXMYWWW43XINUVC4KWIVRGQNTXJUZFSJTVONPXA...
  • https://rtb.gumgum.com/usersync?b=zem&gdpr=0&i=RWf-kswCiQqVEbh6wM2Y&us_privacy=1---
35 B
208 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/usersync?b=zem&gdpr=0&i=RWf-kswCiQqVEbh6wM2Y&us_privacy=1---
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Server
34.248.81.187 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-248-81-187.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 27 May 2022 18:51:37 GMT
server
nginx
content-type
image/gif;charset=UTF-8
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0

Redirect headers

Pragma
no-cache
Date
Fri, 27 May 2022 18:51:37 GMT
P3p
CP="We do not support P3P header."
Location
https://rtb.gumgum.com/usersync?b=zem&gdpr=0&i=RWf-kswCiQqVEbh6wM2Y&us_privacy=1---
Cache-Control
no-cache, no-store, must-revalidate
Content-Type
text/html; charset=utf-8
Content-Length
118
Expires
Thu, 01 Dec 1994 16:00:00 GMT
usersync
usersync.gumgum.com/ Frame 9A50
Redirect Chain
  • https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
  • https://ad.360yield.com/ul_cb/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
  • https://usersync.gumgum.com/usersync?b=idi&i=eee90cfa-9fab-4d4a-b737-998726c01d81
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=idi&i=eee90cfa-9fab-4d4a-b737-998726c01d81
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 27 May 2022 18:51:37 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
35
Expires
0

Redirect headers

location
https://usersync.gumgum.com/usersync?b=idi&i=eee90cfa-9fab-4d4a-b737-998726c01d81
date
Fri, 27 May 2022 18:51:36 GMT
access-control-allow-origin
*
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
usersync
usersync.gumgum.com/ Frame 9A50
Redirect Chain
  • https://sync.1rx.io/usersync2/floor6?gdpr=0&gdpr_consent=&dspret=1&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3D%5BRX_UUID%5D
  • https://sync.1rx.io/usersync2/floor6?zcc=1&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3D%5BRX_UUID%5D&cb=1653677496826
  • https://usersync.gumgum.com/usersync?b=rhy&i=OPTOUT
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=rhy&i=OPTOUT
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 27 May 2022 18:51:36 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
35
Expires
0

Redirect headers

pragma
no-cache
date
Fri, 27 May 2022 18:51:36 GMT
server
Tengine
etag
OPTOUT
content-type
text/html
location
https://usersync.gumgum.com/usersync?b=rhy&i=OPTOUT
cache-control
no-store, no-cache, must-revalidate
expires
0
usersync
usersync.gumgum.com/ Frame 9A50
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25
  • https://usersync.gumgum.com/usersync?b=pln&i=tJq3nMfDUUuS&ev=1&pid=558355
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=pln&i=tJq3nMfDUUuS&ev=1&pid=558355
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 27 May 2022 18:51:37 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
35
Expires
0

Redirect headers

strict-transport-security
max-age=15768000
server
Jetty(9.4.14.v20181114)
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
content-language
de-DE
location
https://usersync.gumgum.com/usersync?b=pln&i=tJq3nMfDUUuS&ev=1&pid=558355
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-8665795bf5-hfz26
expires
-1
usersync
usersync.gumgum.com/ Frame 9A50
Redirect Chain
  • https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=sad&i=2906828476072430406
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=sad&i=2906828476072430406
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 27 May 2022 18:51:37 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
35
Expires
0

Redirect headers

location
https://usersync.gumgum.com/usersync?b=sad&i=2906828476072430406
date
Fri, 27 May 2022 18:51:37 GMT
content-length
0
sync
ads.servenobid.com/ Frame 9A50 		0
358 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=309&uid=e_0fcd2be6-7c31-488d-becb-5374374aef14
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.248.142.99 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-248-142-99.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 27 May 2022 18:51:36 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
usersync
usersync.gumgum.com/ Frame 33DD
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=0&gdpr_consent=&redir=https%3a%2f%2fusersync.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d
  • https://usersync.gumgum.com/usersync?b=mmh&i=91856291-1db9-4f00-864c-9bfc0d533988&gdpr=0&gdpr_consent=
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=mmh&i=91856291-1db9-4f00-864c-9bfc0d533988&gdpr=0&gdpr_consent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Fri, 27 May 2022 18:51:37 GMT
Expires
0
Pragma
no-cache

Redirect headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
Content-Type
image/gif
Date
Fri, 27 May 2022 18:51:37 GMT
Expires
Fri, 27 May 2022 18:51:36 GMT
Keep-Alive
timeout=360
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server
MT3 4419 e1034d5 master hkg-pixel-x18 config:1.0.0
location
https://usersync.gumgum.com/usersync?b=mmh&i=91856291-1db9-4f00-864c-9bfc0d533988&gdpr=0&gdpr_consent=
URnmbSKM
sync-tm.everesttech.net/upi/pid/ Frame 0F86 		0
178 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
no-cache
content-length
0
date
Fri, 27 May 2022 18:51:36 GMT
pragma
no-cache
retry-after
0
server
Varnish
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-hhn4033-HHN
x-timer
S1653677497.864767,VS0,VE0
pixel
cm.g.doubleclick.net/ Frame AD80 		170 B
188 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV8wZmNkMmJlNi03YzMxLTQ4OGQtYmVjYi01Mzc0Mzc0YWVmMTQ=&gdpr=0&gdpr_consent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, must-revalidate
content-length
170
content-type
image/png
cross-origin-resource-policy
cross-origin
date
Fri, 27 May 2022 18:51:36 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
server
HTTP server (unknown)
x-xss-protection
0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame CF3F 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.102.28.254 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-102-28-254.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=73853
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Fri, 27 May 2022 18:51:36 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Sat, 28 May 2022 15:22:29 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding
generic
match.adsrvr.org/track/cmf/ Frame 571A 		70 B
264 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private,no-cache, must-revalidate
content-length
70
content-type
image/gif
date
Fri, 27 May 2022 18:51:36 GMT
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma
no-cache
x-aspnet-version
4.0.30319
usersync
usersync.gumgum.com/ Frame C9B7
Redirect Chain
  • https://cs.emxdgt.com/um?redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID&gdpr=0&gdpr_consent=
  • https://ib.adnxs.com/getuid?https://cs.emxdgt.com/umcheck?apnxid=$UID&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24EMXUID
  • https://cs.emxdgt.com/umcheck?apnxid=3819475946486894415&redirect=https://usersync.gumgum.com/usersync?b=emx&i=$EMXUID
  • https://usersync.gumgum.com/usersync?b=emx&uid=3819475946486894415brt18311653677497123918f1
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=emx&uid=3819475946486894415brt18311653677497123918f1
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Fri, 27 May 2022 18:51:37 GMT
Expires
0
Pragma
no-cache

Redirect headers

content-length
0
content-type
text/html
date
Fri, 27 May 2022 18:51:37 GMT
location
https://usersync.gumgum.com/usersync?b=emx&uid=3819475946486894415brt18311653677497123918f1
usersync
rtb.gumgum.com/ Frame BFA3
Redirect Chain
  • https://tg.socdm.com/aux/idsync?proto=gumgum
  • https://rtb.gumgum.com/usersync?b=sus&i=YpEducCo5tEAAONcAD0AAAAA
35 B
208 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usersync?b=sus&i=YpEducCo5tEAAONcAD0AAAAA
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.248.81.187 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-248-81-187.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, no-store, must-revalidate, max-age=0
content-length
35
content-type
image/gif;charset=UTF-8
date
Fri, 27 May 2022 18:51:37 GMT
expires
0
pragma
no-cache
server
nginx
timing-allow-origin
*

Redirect headers

Cache-Control
private
Connection
keep-alive
Content-Length
0
Date
Fri, 27 May 2022 18:51:37 GMT
Location
https://rtb.gumgum.com/usersync?b=sus&i=YpEducCo5tEAAONcAD0AAAAA
P3P
CP="See also http://www.scaleout.jp/privacy/"
Server
nginx
X-SO-Ads-Time
5
X-SO-Cluster-ID
21
X-SO-HostName
a-ad40187.dc2p.scaleout.jp
X-SO-IP
81.95.5.36
X-SO-Key
YpEducCo5tEAAONcAD0AAAAA
X-SO-LB-Data
{"ban":false,"clean_query":"\/aux\/idsync?proto=gumgum","cluster_id":21,"gdpr":true,"ipv4":"0.0.0.0","key":"YpEducCo5tEAAONcAD0AAAAA","privacy_sensitive":true,"uid":"","upstream_id":"a-ad40187"}
X-SO-LB-Hostname
a-tgng40013.dc2p.scaleout.jp
X-SO-Upstream-ID
a-ad40187
usersync
rtb.gumgum.com/ Frame 0661
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=gumgum
  • https://creativecdn.com/cm-notify?pi=gumgum&tc=1
  • https://rtb.gumgum.com/usersync?b=rth&i=o0lkGltASx6qoORq4rkc&pi=gumgum&tc=1
35 B
208 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usersync?b=rth&i=o0lkGltASx6qoORq4rkc&pi=gumgum&tc=1
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.248.81.187 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-248-81-187.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, no-store, must-revalidate, max-age=0
content-length
35
content-type
image/gif;charset=UTF-8
date
Fri, 27 May 2022 18:51:36 GMT
expires
0
pragma
no-cache
server
nginx
timing-allow-origin
*

Redirect headers

cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
date
Fri, 27 May 2022 18:51:36 GMT Fri, 27 May 2022 18:51:36 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://rtb.gumgum.com/usersync?b=rth&i=o0lkGltASx6qoORq4rkc&pi=gumgum&tc=1
pragma
no-cache
usync.html
eus.rubiconproject.com/ Frame C08A
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum
  • https://eus.rubiconproject.com/usync.html?p=gumgum
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=gumgum
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-235-133.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Fri, 27 May 2022 18:51:36 GMT
ETag
"402b2-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Fri, 27 May 2022 18:51:36 GMT
location
https://eus.rubiconproject.com/usync.html?p=gumgum
server
AkamaiGHost
YpEduMjJuSTTClLZU9VjiQAABHsAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 4EFB 		43 B
990 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/YpEduMjJuSTTClLZU9VjiQAABHsAAAIB?gdpr_consent=&us_privacy=&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3605:a78d:7683:9776:13f1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 27 May 2022 18:51:36 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
getuid
secure.adnxs.com/ Frame 4EFB 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.87 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
723.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers
ie
match.prod.bidr.io/cookie-sync/ Frame 4EFB 		43 B
430 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.prod.bidr.io/cookie-sync/ie?gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.48.107.84 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-48-107-84.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
Date
Fri, 27 May 2022 18:51:36 GMT
Server
nginx
strict-transport-security
max-age=2592000; includeSubDomains
p3p
CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
cache-control
no-cache, must-revalidate
Connection
keep-alive
content-type
image/gif
Content-Length
43
expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 4EFB
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D&gdpr=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=1d146291-1db9-4200-bd1c-4ff381bfc02d&gdpr=1&gdpr_consent=
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=1d146291-1db9-4200-bd1c-4ff381bfc02d&gdpr=1&gdpr_consent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
HTTP/1.1
Server
2.20.157.55 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-20-157-55.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 27 May 2022 18:51:37 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 27 May 2022 18:51:37 GMT

Redirect headers

Date
Fri, 27 May 2022 18:51:37 GMT
Server
MT3 4419 e1034d5 master hkg-pixel-x2 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=1d146291-1db9-4200-bd1c-4ff381bfc02d&gdpr=1&gdpr_consent=
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Fri, 27 May 2022 18:51:36 GMT
crum
dsum-sec.casalemedia.com/ Frame 4EFB
Redirect Chain
  • https://p.rfihub.com/cm?in=1&pub=2079&gdpr=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5124322322071111566
43 B
992 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5124322322071111566
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
HTTP/1.1
Server
2.20.157.55 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-20-157-55.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 27 May 2022 18:51:36 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 27 May 2022 18:51:36 GMT

Redirect headers

Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5124322322071111566
Date
Fri, 27 May 2022 18:51:36 GMT
Server
Jetty(9.3.29.v20201019)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
crum
dsum-sec.casalemedia.com/ Frame 4EFB
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YpEduMjJuSTTClLZU9VjiQAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEPaGroeCXYrPbkVVxUyTwCw&google_cver=1&gdpr=1
43 B
985 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEPaGroeCXYrPbkVVxUyTwCw&google_cver=1&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
HTTP/1.1
Server
2.20.157.55 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-20-157-55.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 27 May 2022 18:51:36 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 27 May 2022 18:51:36 GMT

Redirect headers

pragma
no-cache
date
Fri, 27 May 2022 18:51:36 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEPaGroeCXYrPbkVVxUyTwCw&google_cver=1&gdpr=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
325
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sync
ups.analytics.yahoo.com/ups/55940/ Frame 4EFB 		0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=YpEduMjJuSTTClLZU9VjiQAABHsAAAIB&gdpr_consent=&us_privacy=&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.126.56.137 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-126-56-137.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.46 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 27 May 2022 18:51:36 GMT
server
ATS/9.1.0.46
age
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
cookiesync
bttrack.com/pixel/ Frame 4EFB 		35 B
380 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bttrack.com/pixel/cookiesync?source=67e94f23-25d6-4008-8236-375d1743c2e0&secure=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
192.132.33.46 , United States, ASN18568 (BIDTELLECT, US),
Reverse DNS
46.bidtellect.com
Software
Microsoft-IIS/8.5 /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

X-ServerName
Track001-iad
Pragma
no-cache
Date
Fri, 27 May 2022 18:51:36 GMT
X-AspNetMvc-Version
5.2
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
P3P
CP="CAO DSP COR ADMo DEVo PSAo PSDo HISo IVAo IVDo OUR IND OTC"
Cache-Control
private,no-cache
Content-Type
image/gif
Content-Length
35
Expires
-1
sync
ads.servenobid.com/ Frame 4EFB 		0
357 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=333&uid=YpEduMjJuSTTClLZU9VjiQAABHsAAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.248.142.99 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-248-142-99.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 27 May 2022 18:51:36 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
av
capi-tier-1-us-east-2.connatix.com/tr/ Frame 346C 		0
317 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi-tier-1-us-east-2.connatix.com/tr/av?v=164162
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.189.255.1 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-189-255-1.us-east-2.compute.amazonaws.com
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
multipart/form-data

Response headers

date
Fri, 27 May 2022 18:51:36 GMT
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
application/x-protobuf
access-control-allow-origin
https://shadowandact.com
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
20
activeview
pagead2.googlesyndication.com/pcs/ Frame 058F 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvz1tgSiwulGOjdjYjE97pgCFqs78GTOJYgPwEzGohBZe_1_mvUZXjQxMKPUBZ2pMcsKBWAC83m-p9S4jlQDlBaAJDi1MC6Xx07V0PmwwcMtaTj85T-unzJc0KXvzIaDpWGu9jBxwMjIMbOT-dnfv0&sai=AMfl-YQRA61LrIk-vnHlS_Waes-ZVuVXnMXmDVpR0mD2yY3DJesX9wN56bczioOd7SU_l-ZT1NBIggLuvN-y8li2sTloYMTqhbBbHSwXIwFVorOmtGd3AMvG81fn5Dg&sig=Cg0ArKJSzIj3SzNJd02uEAE&cid=CAAST-RoCfR4TnNU5ojJdT3i-UM_IjR1U2rbKiHibfG5VPJ-a6RQaLhZyy6q_RKcLQqh0XfA0vUzUSSxR8_6N0eNevjsFWhMMDZ1IY8bclBWq6o&id=lidarv&acvw=sv%3D926%26cb%3Dima%26e%3D9%26nas%3D1%26sdk%3Dh%26p%3D774,1131,970,1480%26tos%3D2094,0,0,0,0%26mtos%3D2094,2094,2094,2094,2094%26amtos%3D0,0,0,0,0%26mcvt%3D2094%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D2094%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D660%26pst%3D438%26dur%3D20062%26vmtime%3D1756%26dtos%3D2094%26dtoss%3D1%26dvs%3D2081%26dfvs%3D2081%26dvpt%3D2081%26is%3D275%26i0%3D275%26ic%3D16777217%26cs%3D16781587%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26lte%3D1%26ces%26femt%3D899%26femvt%3D0%26emc%3D12%26emuc%3D0%26emb%3D11,0,0,0,0%26avms%3Dexc%26qi%3D666548109%26psm%3D-2147483645%26psv%3D-2147483645%26psfv%3D-2147483645%26psa%3D0%26pnmm%3D1653677492155%26ptlt%3D1653677495808%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,2094&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.03%26t%3D1653677493512
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 27 May 2022 18:51:36 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usync.js
eus.rubiconproject.com/ Frame C08A 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-235-133.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
9449391857ab47443d4fcd4c4e47898692e7c798cf8c16bb0d2031a621f1cb76

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=gumgum
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Fri, 27 May 2022 18:51:36 GMT
Content-Encoding
gzip
Last-Modified
Mon, 23 May 2022 17:55:16 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=75121
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9451
Expires
Sat, 28 May 2022 15:43:37 GMT
sync
ads.servenobid.com/ Frame 37E0 		0
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=317&uid=2906828476072430406&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.248.142.99 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-248-142-99.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 27 May 2022 18:51:36 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
dcm
s.amazon-adsystem.com/ Frame 37E0
Redirect Chain
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=135&partneruserid=TAM_OK&redirurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fdcm%3Fpid%3D72348060-38ad-4586-8e4f-f1e2a8e789b3%26id%3DSMART_USE...
  • https://s.amazon-adsystem.com/dcm?pid=72348060-38ad-4586-8e4f-f1e2a8e789b3&id=2906828476072430406&gdpr=0&gdpr_consent=
43 B
932 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=72348060-38ad-4586-8e4f-f1e2a8e789b3&id=2906828476072430406&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
HTTP/1.1
Server
209.54.176.128 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 27 May 2022 18:51:37 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
Z5Y8DW6BE1Q67M4XN5HB
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location
https://s.amazon-adsystem.com/dcm?pid=72348060-38ad-4586-8e4f-f1e2a8e789b3&id=2906828476072430406&gdpr=0&gdpr_consent=
pragma
no-cache
date
Fri, 27 May 2022 18:51:36 GMT
cache-control
no-cache,no-store
content-length
0
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
/
rtb-csync.smartadserver.com/redir/ Frame 37E0
Redirect Chain
  • https://gu.dyntrk.com/adx/sma/us.php?dynk=sma4rt4bt4fg&sspurl=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D69%26partneruserid%3DPARTNER_USER_ID%26gdpr%3D$GDPR%26gdp...
  • https://gu.dyntrk.com/adx/sma/us.php?dynk=sma4rt4bt4fg&sspurl=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D69%26partneruserid%3DPARTNER_USER_ID%26gdpr%3D$GDPR%26gdp...
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=69&partneruserid=05030002_62911db9047d9&gdpr=0&gdpr_consent=
43 B
411 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=69&partneruserid=05030002_62911db9047d9&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
HTTP/1.1
Server
185.86.139.113 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 27 May 2022 18:51:36 GMT
cache-control
no-cache,no-store
content-type
image/gif
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

date
Fri, 27 May 2022 18:51:37 GMT
server
nginx
access-control-allow-origin
*
transfer-encoding
chunked
access-control-allow-methods
POST, GET, OPTIONS
p3p
CP="NOI DEV OUR BUS UNI"
location
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=69&partneruserid=05030002_62911db9047d9&gdpr=0&gdpr_consent=
cache-control
no-cache
content-type
text/html; charset=UTF-8
access-control-allow-headers
Origin
keep-alive
timeout=10
711890.gif
id.rlcdn.com/ Frame 37E0 		0
98 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.rlcdn.com/711890.gif?credir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D136%26partneruserid%3D&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 27 May 2022 18:51:36 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
/
rtb-csync.smartadserver.com/redir/ Frame 37E0
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-EtBqU4Lj3YbAv.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?partnerid=80&&partneruserid=BOJD-wO0GPMf4E_-CrVXrwWxSf8f4x74ULPxFfSf
43 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=80&&partneruserid=BOJD-wO0GPMf4E_-CrVXrwWxSf8f4x74ULPxFfSf
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
HTTP/1.1
Server
185.86.139.113 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 27 May 2022 18:51:36 GMT
transfer-encoding
chunked
content-type
image/gif

Redirect headers

pragma
no-cache
date
Fri, 27 May 2022 18:51:37 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://rtb-csync.smartadserver.com/redir/?partnerid=80&&partneruserid=BOJD-wO0GPMf4E_-CrVXrwWxSf8f4x74ULPxFfSf
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
sync.php
pixel.rubiconproject.com/exchange/ Frame C08A 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/exchange/sync.php?p=gumgum&khaos=L3OSVROS-26-99K7
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
66ef90d06496cfd000aab8206f2b6221
Content-Type
image/gif
async_usersync
ib.adnxs.com/ Frame D9B8 		0
737 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.53 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
718.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 27 May 2022 18:51:37 GMT
X-Proxy-Origin
81.95.5.36; 81.95.5.36; 718.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
8c4d8698-b7b5-4fd1-b2f9-c0f2b46be140
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
abt
capi-tier-1-us-east-2.connatix.com/tr/ Frame 346C 		0
317 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi-tier-1-us-east-2.connatix.com/tr/abt?v=164162
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.189.255.1 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-189-255-1.us-east-2.compute.amazonaws.com
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
multipart/form-data

Response headers

date
Fri, 27 May 2022 18:51:37 GMT
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
application/x-protobuf
access-control-allow-origin
https://shadowandact.com
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
20
SPug
simage4.pubmatic.com/AdServer/ Frame 1DD1 		0
261 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=160224&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=160224
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.113.24 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 27 May 2022 14:43:43 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
postback
s.srvsynd.com/2/2.60.0/234175/AUqCbqgKEPfi8l_L/ 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.srvsynd.com/2/2.60.0/234175/AUqCbqgKEPfi8l_L/postback?ui=00000000-0000-0000-0000-000000000000&pp=453249929261197&dt=2341751597675869250012&md=2&ap=undefined&sr=connatix.com&ti=x1448421605612486237246558044160&de=2&to=3&pv=b6988ba0-68f5-49ca-97aa-3e6195926b39&di=shadowandact.com&ci=234175&sid=AUqCbqgKEPfi8l_L&oz_sc=0030275dff3765af74dbfd85&oz_df=1653677498348&oz_l=681&cv=3
Requested by
Host: s.srvsynd.com
URL: https://s.srvsynd.com/2/2.60.0/main.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
34.253.43.221 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-253-43-221.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://shadowandact.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 27 May 2022 18:51:38 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
st
capi-tier-1-us-east-2.connatix.com/tr/ Frame 346C 		0
317 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi-tier-1-us-east-2.connatix.com/tr/st?v=164162
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.189.255.1 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-189-255-1.us-east-2.compute.amazonaws.com
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
multipart/form-data

Response headers

date
Fri, 27 May 2022 18:51:39 GMT
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
application/x-protobuf
access-control-allow-origin
https://shadowandact.com
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
20
PugMaster
image6.pubmatic.com/AdServer/ Frame 05F6 		0
39 B 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=91374473&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fx.yieldlift.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1YN-%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 27 May 2022 18:51:38 GMT
content-length
0
PugMaster
image6.pubmatic.com/AdServer/ Frame CF3F 		0
39 B 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=54644136&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 27 May 2022 18:51:38 GMT
content-length
0
/
googleads.g.doubleclick.net/pagead/interaction/ Frame 058F 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=CLh5-th2RYpOkC-OK9u8PzsuM4AzsofTeadeB2PnND4rRo-2-ARABIIeepkpglYKAgJgHoAGwuqHXA8gBBakC0g91iscFsj7gAgCoAwGYBACqBPMBT9BsT0h3HYVcWIjtS25DEC9bAiRALlbxFFg0_KnO18v4ysEbyeigHQCTJ_ZvxqTwnSrA-x6qa_ACmKNd1UILeObTBDp7lhl6-k7GtLNhGLPLhpv4ihFAGxImD4EhVYzlcoksCeupxzwlUaWD2DDutC6tPv3fkhUptOhRKlgfrk8qVDQPvYJNhltgY0uXy28hnFhiD4ieU3ZmTsmznT6wB0ezYSQppu5NDQRvakH_9ZxCHrk9MDDEKDu6mQw4dBiYqpXzc_l8Epp4uen7ar2tsLTcFls0RP0trRQHWlbUWpOzgCHjm7LUtbGh592QlObrPRbiwASqiu6V4QPgBAGgBlSAB57s9oMDqAeOzhuoB5PYG6gHnNwbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwGoCAHSCAkIgOGAcBABGB2ACgPICwHYEwzQFQHiFgIIAfgWAYAXAQ&sigh=vveOwYETG-Q&cmd=Ch1jYS12aWRlby1wdWItMjUzOTM1NTk2MDQwMjc5OBAAGAI&label=videoplaytime25&ad_mt=5051&acvw=sv%3D926%26cb%3Dima%26e%3D1%26nas%3D1%26sdk%3Dh%26p%3D774,1131,970,1480%26tos%3D5104,0,0,0,0%26mtos%3D5104,5104,5104,5104,5104%26amtos%3D0,0,0,0,0%26mcvt%3D5104%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D5104%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D1067%26pst%3D438%26dur%3D20062%26vmtime%3D5051%26dtos%3D3010%26dtoss%3D2%26dvs%3D3010%26dfvs%3D3010%26dvpt%3D3010%26is%3D275%26i0%3D275%26i1%3D275%26ic%3D0%26cs%3D16781587%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26qmt%3D5104,5104,5104,5104,5104%26qnc%3D1%26qmv%3D0%26qnv%3D0%26lte%3D1%26ces%26femt%3D899%26femvt%3D0%26emc%3D27%26emuc%3D0%26emb%3D26,0,0,0,0%26avms%3Dexc%26qi%3D666548109%26psm%3D-2147483585%26psv%3D-2147483585%26psfv%3D-2147483585%26psa%3D0%26pnmm%3D1653677492155%26ptlt%3D1653677498817%26pngs%3D9s,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,5104&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.03%26t%3D1653677493512&sdkv=h.3.517.2&vci=Cm4IARIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgdBZFNlbnNlIAQqDDUzNjMyMDgwMzAzMTIMNTg1NDgwMDgwODc4QJ4DUiYQDyUAAMhBKAE6C3hYVHAtZ1pnTnRnQglnb29nbGVhZHNIwQFQABgB
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 27 May 2022 18:51:39 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/interaction/ Frame 058F 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=CLh5-th2RYpOkC-OK9u8PzsuM4AzsofTeadeB2PnND4rRo-2-ARABIIeepkpglYKAgJgHoAGwuqHXA8gBBakC0g91iscFsj7gAgCoAwGYBACqBPMBT9BsT0h3HYVcWIjtS25DEC9bAiRALlbxFFg0_KnO18v4ysEbyeigHQCTJ_ZvxqTwnSrA-x6qa_ACmKNd1UILeObTBDp7lhl6-k7GtLNhGLPLhpv4ihFAGxImD4EhVYzlcoksCeupxzwlUaWD2DDutC6tPv3fkhUptOhRKlgfrk8qVDQPvYJNhltgY0uXy28hnFhiD4ieU3ZmTsmznT6wB0ezYSQppu5NDQRvakH_9ZxCHrk9MDDEKDu6mQw4dBiYqpXzc_l8Epp4uen7ar2tsLTcFls0RP0trRQHWlbUWpOzgCHjm7LUtbGh592QlObrPRbiwASqiu6V4QPgBAGgBlSAB57s9oMDqAeOzhuoB5PYG6gHnNwbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwGoCAHSCAkIgOGAcBABGB2ACgPICwHYEwzQFQHiFgIIAfgWAYAXAQ&sigh=vveOwYETG-Q&cmd=Ch1jYS12aWRlby1wdWItMjUzOTM1NTk2MDQwMjc5OBAAGAI&label=video_skip_shown&ad_mt=5051&acvw=sv%3D926%26cb%3Dima%26nas%3D1%26sdk%3Dh%26p%3D774,1131,970,1480%26p0%3D774,1131,970,1480%26p1%3D774,1131,970,1480%26tos%3D5105,0,0,0,0%26mtos%3D5105,5105,5105,5105,5105%26amtos%3D0,0,0,0,0%26mtos1%3D5104,0,0%26mcvt%3D5105%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26a0%3D0%26a1%3D0%26ft%3D0%26at%3D0%26as%3D0%26vpt%3D5105%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D1068%26pst%3D438%26dur%3D20062%26vmtime%3D5051%26is%3D275%26i0%3D275%26i1%3D275%26cs%3D16781587%26c%3D1%26c0%3D1%26c1%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26qmt%3D1,1,1,1,1%26qnc%3D1%26qmv%3D0%26qnv%3D0%26lte%3D1%26ces%26femt%3D899%26femvt%3D0%26emc%3D27%26emuc%3D0%26emb%3D26,0,0,0,0%26avms%3Dexc%26qi%3D666548109%26psm%3D-2147483585%26psv%3D-2147483585%26psfv%3D-2147483585%26psa%3D0%26pnmm%3D1653677492155%26ptlt%3D1653677498819%26pngs%3D9s,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,5105%26ss0%3D0.03%26ss1%3D0.03&gv=atos%3D0,0,0,0,0%26avt%3D0%26ss%3D0.03%26t%3D1653677493512&sdkv=h.3.517.2&vci=Cm4IARIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgdBZFNlbnNlIAQqDDUzNjMyMDgwMzAzMTIMNTg1NDgwMDgwODc4QJ4DUiYQDyUAAMhBKAE6C3hYVHAtZ1pnTnRnQglnb29nbGVhZHNIwQFQABgB
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 27 May 2022 18:51:39 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
aq
capi-tier-1-us-east-2.connatix.com/tr/ Frame 346C 		0
317 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi-tier-1-us-east-2.connatix.com/tr/aq?v=164162
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.189.255.1 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-189-255-1.us-east-2.compute.amazonaws.com
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
multipart/form-data

Response headers

date
Fri, 27 May 2022 18:51:39 GMT
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
application/x-protobuf
access-control-allow-origin
https://shadowandact.com
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
20
event.png
tpsc-eu3.doubleverify.com/ Frame 8733 		0
271 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://tpsc-eu3.doubleverify.com/event.png?impid=2f5bc0960db64aacb23871f65c47f68d&gdpr=&gdpr_consent=&msrcanlm=9160&msrcannum=4&eoid=12&ismms=11&isumms=11&isvelg=1&nvr=2&isgmmims=12&isgmv4mims=11&elmtp=3&isbxdms=3012&b0=3273&adhgt=250&adwdth=970&norwdth=970&norhgt=250&engisel=1&dvp_vsosnmr=1&dvp_mvpw=device-width&dvp_mvpis=1&lftb=3273&sftb=3273&msrdp=1&naral=8256&vct=1&vphgt=1200&vpwdth=1600&chgt=250&cwdth=970&invcs=false&scrhgt=1200&scrwdth=1600&strp=0&advisonl=false&isgmpims=11&engalms=11&dvp_hdnAd=0&dvp_dpr=1&cbust=1653677499328323
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements2767.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.149.12.213 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
213.12.149.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://shadowandact.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 27 May 2022 18:51:40 GMT
Vary
Origin
Access-Control-Allow-Origin
https://shadowandact.com
Cache-Control
max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Expires
05/26/2022 18:51:40

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
hbopenbid.pubmatic.com
URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client

Verdicts & Comments Add Verdict or Comment

165 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| 21 object| 22 object| 23 object| 24 object| 25 object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails object| navigation function| cnxps object| jwDefaults object| webpackJsonpjwplayer function| jwplayer object| adGrid object| sumome object| webpackJsonpsumome object| __NUXT__ function| get_real_link object| __SKIM_JS_GLOBAL__ object| skimlinksAPI object| webpackJsonp object| regeneratorRuntime function| setImmediate function| clearImmediate object| onNuxtReadyCbs function| onNuxtReady object| $workbox function| fbq function| _fbq object| _comscore object| $nuxt number| _swclk_ number| _swsts_ object| PushlySDK object| sumo function| udm_ object| ns_p object| COMSCORE object| ube object| pbjs object| googletag object| PQ object| advImpVar object| winTopPos number| winTopIframeYOffset boolean| isInitialLoad boolean| detectPageScrolling boolean| adgrid_counters boolean| adgrid_debug boolean| adgrid_refresh boolean| adgrid_lazyload boolean| adgrid_native string| adgridFqdn string| topLevelDomain string| domainName string| adgridCurPage boolean| adgridVideoWrap number| winWidth number| winHeight string| deviceType function| adGridLoadPrebidAndGPT function| pbjsChunk object| _pbjsGlobals object| mnet string| nobidVersion object| nobid object| advJson object| apstag number| adgridScrollDelayTime object| jwplayerInstanceMapping boolean| adGridIsTabActive object| advWrapper string| adGridInterstitialIuPath number| adgridDomainId object| cnx_usr_storage object| google_tag_data function| ga object| gaplugins boolean| ga-disable-UA-10302152-1 object| gaGlobal object| gaData string| adGridCss object| adGridHead object| adGridStyle object| script object| spanElem object| dvScript object| aax object| ggeac object| google_js_reporting_queue undefined| google_measure_js_timing object| __webpack_exports__ object| $dv string| $frmId object| dvWindow function| dataTransparencyDirectQuery object| apntag object| player_instance_9d1cb47a861f49f9873f709fcbf94fd7 object| cnxEnfStorage function| cnxsetTimeout function| cnxsetInterval object| cnxPlugins boolean| apstagLOADED object| OBR string| OB_releaseVer function| OBR$ object| OB_PROXY object| outbrain object| outbrain_rater object| _dv_win function| dvCallback_1653677491971669 function| fireResetPixel boolean| ozoki_sv object| $$$ number| google_global_correlator object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id object| google_image_requests number| checkTop number| checkBottom boolean| halfInViewport boolean| fullInViewport boolean| halfInViewportWithBuffer object| seventyInViewport object| ninetyInViewport object| hundredInViewport boolean| isAboveFold boolean| isBelowFold object| result string| saved_tc string| saved_sc object| closure_lm_657199 string| ________ok number| lnt_z boolean| __smLoaded object| jQuery1102012473217019418459 object| GoogleGcLKhOms function| miCallback function| cnxAddEventListener

92 Cookies

Domain/Path Name / Value
shadowandact.com/ Name: __smVID
Value: 4394249133b5ecdf8fc10fff41a879fb6504ed5696f21b64d80bd6573f8b4ae2
.shadowandact.com/ Name: _fbp
Value: fb.1.1653677491117.1600041987
.scorecardresearch.com/ Name: UID
Value: 1D7da33eabb9d2d2c1db7501653677492
.shadowandact.com/ Name: _ga
Value: GA1.2.346333194.1653677491
.shadowandact.com/ Name: _gid
Value: GA1.2.708632297.1653677491
.shadowandact.com/ Name: _gat
Value: 1
.resetdigital.co/ Name: ckbk
Value: 000000B0949351C8
.gumgum.com/ Name: cs
Value: true
.rubiconproject.com/ Name: khaos
Value: L3OSVROS-26-99K7
.rubiconproject.com/ Name: audit
Value: 1|naVuGyos1qo/qtS7QrDUXV4C1LCtWBX9mfsNIvv6QtrmRNeXP/he0QQK6Lp9T5k9+itPipzEoYH0iLhbmn+8xeBxGCOXoSK1HNkOc7CI6Urc6UO785F0Pw==
.adnxs.com/ Name: icu
Value: ChgI59o-EAoYASABKAEwtLvElAY4AUABSAEQtLvElAYYAA..
.adnxs.com/ Name: uuid2
Value: 3819475946486894415
ads.resetsrv.com/ Name: ckbk
Value: 000000B0949351C8
.bidswitch.net/ Name: c
Value: 1653677493
.bidswitch.net/ Name: tuuid_lu
Value: 1653677493
.bidswitch.net/ Name: tuuid
Value: 14018679-16a5-4ae5-ac7b-b9be47c7a84f
.semasio.net/ Name: SEUNCY
Value: C9CCA72160598C3E
.doubleclick.net/ Name: IDE
Value: AHWqTUm1oicr4RoKkNGAcpyCVj-UvDf1Ql4HBSsrieC-kVMVYa08UIvOQ5WGNmtft4I
.d.adup-tech.com/ Name: uid_sec
Value: 8yz6_dbdQhCtdikR20um
.shadowandact.com/ Name: __gads
Value: ID=209d702b8bca462e:T=1653677493:S=ALNI_MZ_B5IICAil79RDw8_S-GDNCnkGNw
shadowandact.com/ Name: __smToken
Value: TVdZO8hSfHtKXgAbWGHMydJH
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 3BAA82F1-396D-4543-9BC8-CD06037CA850
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 1
.pubmatic.com/ Name: pi
Value: 160224:2
.pubmatic.com/ Name: DPSync3
Value: 1654819200%3A201_197_219%7C1653696000%3A174
.pubmatic.com/ Name: SyncRTB3
Value: 1654905600%3A35%7C1654819200%3A7_71_220_21_56_54_3_13_161
.casalemedia.com/ Name: CMID
Value: YpEduMjJuSTTClLZU9VjiQAA
.casalemedia.com/ Name: CMPS
Value: 5240
.casalemedia.com/ Name: CMPRO
Value: 1147
.onaudience.com/ Name: cookie
Value: 7b38caf88e7e791c
.onaudience.com/ Name: done_redirects147
Value: 1
.simpli.fi/ Name: suid
Value: 7CFD056D79C14DDDA9BC45DE5214EF1A
.de17a.com/ Name: guid2
Value: 1.1902524812053439895
.adform.net/ Name: C
Value: 1
.yahoo.com/ Name: A3
Value: d=AQABBLgdkWICEC4-6O3bfyD0xhEKA6Tg93gFEgEBAQFvkmKbYgAAAAAA_eMAAA&S=AQAAAklcJIOGTAC8c3TeUUe_JnI
.adform.net/ Name: uid
Value: 5791635389266032506
.analytics.yahoo.com/ Name: IDSYNC
Value: 196n~254i
.gumgum.com/ Name: vst
Value: e_0fcd2be6-7c31-488d-becb-5374374aef14
.servenobid.com/ Name: pid_312
Value: 3819475946486894415
.servenobid.com/ Name: pid_337
Value: y-fiR4cRZE2uF80oLIzrTBgz0x9CUqk37006O6y8Q-~A
.ads.linkedin.com/ Name: lang
Value: v=2&lang=en-us
.linkedin.com/ Name: bcookie
Value: "v=2&722bb0e7-a444-496f-8108-116d2e75b06b"
.linkedin.com/ Name: li_gc
Value: MTswOzE2NTM2Nzc0OTY7MjswMjF+b5dy81PPyjnAFj0Yzz0uGx1UX5xTdDJyOnqFSizZ8g==
.linkedin.com/ Name: lidc
Value: "b=TGST05:s=T:r=T:a=T:p=T:g=2550:u=1:x=1:i=1653677496:t=1653763896:v=2:sig=AQHd5r2mA0it4BAdLozeVjZpnoBJN_Qd"
.lijit.com/ Name: ljt_reader
Value: EtkLqRZHHsMfVmErS2qS7Sju
.servenobid.com/ Name: pid_309
Value: e_0fcd2be6-7c31-488d-becb-5374374aef14
.lijit.com/ Name: _ljtrtb_273657
Value: 273657
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 22987-CAESECYDQLyLLrCMRrcmj3ckU-Y&KRTB&16514-CAESECYDQLyLLrCMRrcmj3ckU-Y&KRTB&23025-CAESECYDQLyLLrCMRrcmj3ckU-Y
.pubmatic.com/ Name: KRTBCOOKIE_57
Value: 22776-3819475946486894415&KRTB&23339-3819475946486894415
.pubmatic.com/ Name: KRTBCOOKIE_336
Value: 5844-1902524812053439895
.pubmatic.com/ Name: KRTBCOOKIE_391
Value: 22924-5791635389266032506&KRTB&23263-5791635389266032506
.servenobid.com/ Name: pid_333
Value: YpEduMjJuSTTClLZU9VjiQAABHsAAAIB
.openx.net/ Name: i
Value: 24f7d30f-2c61-4f95-95f5-4a2772ce69fe|1653677496
.creativecdn.com/ Name: u
Value: o0lkGltASx6qoORq4rkc
.creativecdn.com/ Name: ts
Value: 1653677496
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAAAOMSNjU0MjE2MgIiA3NDIDA1MxPiM9T1TPYqMkz3DQtKC88CAEXDLZwlAAAA
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAAAPvFyGtoZmpsZm5uYmlmYWEEAI5k3cIQAAAA
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAAAOMSNjU0MjE2MgIiA3NDIDA1MxPiM9T1TPYqMkz3DQtKC88CAEXDLZwlAAAA
.servenobid.com/ Name: pid_321
Value: OPTOUT
.servenobid.com/ Name: pid_310
Value: EtkLqRZHHsMfVmErS2qS7Sju
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.smartadserver.com/ Name: pid
Value: 2906828476072430406
.servenobid.com/ Name: pid_324
Value: 5141210820649358048
.360yield.com/ Name: tuuid
Value: eee90cfa-9fab-4d4a-b737-998726c01d81
.360yield.com/ Name: tuuid_lu
Value: 1653677496
.servenobid.com/ Name: pid_317
Value: 2906828476072430406
.dyntrk.com/ Name: dyn_u
Value: 05030002_62911db9047d9
.quantserve.com/ Name: d
Value: EFcBDQGeJoir0QA
.quantserve.com/ Name: mc
Value: 62911db9-0548e-e7a35-3d2bc
.a-mo.net/ Name: amuid2
Value: 3b8802a3-b7af-4f16-adef-4ff9c6d10652
.prebid.a-mo.net/ Name: sd_amuid2
Value: 3b8802a3-b7af-4f16-adef-4ff9c6d10652
.servenobid.com/ Name: pid_327
Value: 3b8802a3-b7af-4f16-adef-4ff9c6d10652
.casalemedia.com/ Name: CMST
Value: YpEduGKRHbkA
.technoratimedia.com/ Name: tads_uid
Value: GDPR
.smartadserver.com/ Name: csync
Value: 69:05030002_62911db9047d9
.amazon-adsystem.com/ Name: ad-id
Value: A67JjUajWETwpvd0W5qK1LI
.emxdgt.com/ Name: euid
Value: 18311653677497123918f1
.yieldlift.com/ Name: xuids
Value: eyJ4dWlkIjoiZmYxNmI0MmQtOTgzYy00Mzk1LWI5MTUtMzhlYjRlYWRmMTYyIiwiZHAiOnt9LCJiZGF5IjoiMjAyMi0wNS0yN1QxODo1MTozNy4xMjU1M1oifQ==
.emxdgt.com/ Name: eapn_id
Value: 3819475946486894415
.outbrain.com/ Name: obuid
Value: 4e8acdb8-7c43-47b5-be18-c7cb3b932643
.servenobid.com/ Name: pid_314
Value: eyJ4dWlkIjoiZmYxNmI0MmQtOTgzYy00Mzk1LWI5MTUtMzhlYjRlYWRmMTYyIiwiZHAiOnt9LCJiZGF5IjoiMjAyMi0wNS0yN1QxODo1MTozNy4xMjU1M1oifQ==
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-5943c878-7efb-413c-409e-6ea4f3eecb8c.MZ8UnPYVFvnFwbqqupwTMRMflSXuM%2BEowoIM6LY9l78
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AWUPIeH77QTxAnm6k8-7LjFFfBSQ.eUkRDgrwQ9%2FIUrcF4Q9ooTIWN%2BTmQ6jEJwobQ2CmA1Y
.ipredictive.com/ Name: cu
Value: 097155b1-ddee-11ec-aa8d-45b80e638bcc|1653677497202
.zemanta.com/ Name: zuid
Value: RWf-kswCiQqVEbh6wM2Y
bh.contextweb.com/ Name: INGRESSCOOKIE
Value: 92f41c94e7b913c4
.pubmatic.com/ Name: KRTBCOOKIE_27
Value: 16735-uid:eeca6291-1db9-4700-bc78-1acd8f573a90&KRTB&16736-uid:eeca6291-1db9-4700-bc78-1acd8f573a90&KRTB&23019-uid:eeca6291-1db9-4700-bc78-1acd8f573a90&KRTB&23208-uid:eeca6291-1db9-4700-bc78-1acd8f573a90
.pubmatic.com/ Name: PugT
Value: 1653677496
.mathtag.com/ Name: uuid
Value: 1d146291-1db9-4200-bd1c-4ff381bfc02d
.casalemedia.com/ Name: CMRUM3
Value: f162911db805a0&e662911db82760&ce62911db805a0&0362911db927601d146291-1db9-4200-bd1c-4ff381bfc02d&1a62911db805a0&9862911db92760e1edfd3c-408c-40b2-a4f7-a4171f995a09&2d62911db82760CAESEPaGroeCXYrPbkVVxUyTwCw&2762911db80b40
.outbrain.com/ Name: improve_digital
Value: eee90cfa-9fab-4d4a-b737-998726c01d81
.pubmatic.com/ Name: SPugT
Value: 1653661577

7 Console Messages

Source Level URL
Text
network error URL: https://dc8xl0ndzn2cb.cloudfront.net/js/shadowandactcom/v0/keywee.min.js
Message:
Failed to load resource: the server responded with a status of 403 (Forbidden)
worker error URL: blob:https://shadowandact.com/03491db6-9bc2-4889-8405-591ae32bdf3f
Message:
Mixed Content: The page at 'blob:https://shadowandact.com/03491db6-9bc2-4889-8405-591ae32bdf3f' was loaded over HTTPS, but requested an insecure XMLHttpRequest endpoint 'chrome-extension://eppiocemhmnlbhjplcgkofciiegomcon/content/safecheck-notification/notification-iframe/index.html'. This request has been blocked; the content must be served over HTTPS.
worker error URL: blob:https://shadowandact.com/03491db6-9bc2-4889-8405-591ae32bdf3f
Message:
Mixed Content: The page at 'blob:https://shadowandact.com/03491db6-9bc2-4889-8405-591ae32bdf3f' was loaded over HTTPS, but requested an insecure XMLHttpRequest endpoint 'chrome-extension://cplklnmnlbnpmjogncfgfijoopmnlemp/skin/logo24.png'. This request has been blocked; the content must be served over HTTPS.
network error URL: https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID&gdpr=1
Message:
Failed to load resource: the server responded with a status of 400 (Request failed due to privacy signals)
network error URL: https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=
Message:
Failed to load resource: the server responded with a status of 503 ()
network error URL: https://id.rlcdn.com/711890.gif?credir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D136%26partneruserid%3D&gdpr=0&gdpr_consent=
Message:
Failed to load resource: the server responded with a status of 451 ()
network error URL: https://sync.colossusssp.com/hms.gif
Message:
Failed to load resource: the server responded with a status of 400 (Bad Request)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

66c37c86af1b42cd94b050774081e5e2.events.ubembed.com
66c37c86af1b42cd94b050774081e5e2.js.ubembed.com
66c37c86af1b42cd94b050774081e5e2.pages.ubembed.com
aax-eu.amazon-adsystem.com
acdn.adnxs.com
ad.360yield.com
ads.pubmatic.com
ads.resetsrv.com
ads.servenobid.com
adservice.google.com
adservice.google.de
ams1-ib.adnxs.com
ap.lijit.com
api.afrotech.com
api.shadowandact.com
api.travelnoire.com
assets.ubembed.com
b1sync.zemanta.com
bh.contextweb.com
bids.concert.io
bidswitch-eu.splicky.com
bpi.rtactivate.com
bttrack.com
builder-assets.unbounce.com
c.amazon-adsystem.com
c1.adform.net
capi-tier-1-us-east-2.connatix.com
capi.connatix.com
cd.connatix.com
cdn.adnxs.com
cdn.concert.io
cdn.doubleverify.com
cdn.jsdelivr.net
cdn.jwplayer.com
cdn.p-n.io
cds.connatix.com
ce.lijit.com
cm.g.doubleclick.net
cms.afrotech.com
cms.blavity.com
cms.shadowandact.com
colossusssp.com
connect.facebook.net
console.adgrid.io
creativecdn.com
cs.emxdgt.com
csi.gstatic.com
d.adup-tech.com
d2fb08da-1c03-4c8a-978f-ad8a96b4c31f.partner.permutive.app
d5p.de17a.com
d675ad9298e7296b35425808546f97a6.safeframe.googlesyndication.com
d9hhrg4mnvzow.cloudfront.net
dc8xl0ndzn2cb.cloudfront.net
dis.criteo.com
dsum-sec.casalemedia.com
eus.rubiconproject.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
g2.gumgum.com
googleads.g.doubleclick.net
gu.dyntrk.com
hbopenbid.pubmatic.com
htlb.casalemedia.com
ib.adnxs.com
ice.360yield.com
id.rlcdn.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
imasdk.googleapis.com
img.connatix.com
ins.connatix.com
js-sec.indexww.com
legacy.travelnoire.com
load.sumo.com
load.sumome.com
log.outbrainimg.com
m.adup-tech.com
match.adsrvr.org
match.deepintent.com
match.prod.bidr.io
meta.resetdigital.co
onetag-sys.com
p.rfihub.com
p.skimresources.com
pagead2.googlesyndication.com
pixel.33across.com
pixel.onaudience.com
pixel.quantserve.com
pixel.rubiconproject.com
pr-bh.ybp.yahoo.com
prebid.a-mo.net
pub.doubleverify.com
pubads.g.doubleclick.net
public.servenobid.com
px.ads.linkedin.com
r.skimresources.com
res.cloudinary.com
rr2---sn-h0jeln7e.googlevideo.com
rr4---sn-4g5ednly.googlevideo.com
rtb-csync.smartadserver.com
rtb.gumgum.com
s.amazon-adsystem.com
s.skimresources.com
s.srvsynd.com
s.youtube.com
s0.2mdn.net
sb.scorecardresearch.com
secure-assets.rubiconproject.com
secure.adnxs.com
securepubads.g.doubleclick.net
shadowandact.com
simage2.pubmatic.com
simage4.pubmatic.com
ssbsync.smartadserver.com
ssum-sec.casalemedia.com
stags.bluekai.com
stats.g.doubleclick.net
sumo.com
sync-tm.everesttech.net
sync.1rx.io
sync.adotmob.com
sync.colossusssp.com
sync.extend.tv
sync.go.sonobi.com
sync.ipredictive.com
sync.mathtag.com
sync.outbrain.com
sync.srv.stackadapt.com
sync.taboola.com
sync.technoratimedia.com
t.skimresources.com
tcheck.outbrainimg.com
tg.socdm.com
token.rubiconproject.com
tpc.googlesyndication.com
tps.doubleverify.com
tpsc-eu3.doubleverify.com
uipus.semasio.net
um.simpli.fi
ups.analytics.yahoo.com
us-u.openx.net
usersync.gumgum.com
vid.connatix.com
vtrk.doubleverify.com
widget-pixels.outbrain.com
widgets.outbrain.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagservices.com
x.bidswitch.net
x.yieldlift.com
hbopenbid.pubmatic.com
103.229.206.241
104.102.28.239
104.102.28.254
104.111.215.191
104.36.113.24
104.92.74.8
108.138.17.78
108.156.255.177
108.157.4.38
13.32.99.69
135.125.160.77
141.226.228.48
142.250.185.226
142.250.186.162
145.40.89.200
146.148.110.40
15.197.193.217
150.136.25.38
151.101.130.49
151.101.193.108
151.101.2.137
151.101.65.131
151.139.128.11
159.122.14.34
167.99.21.53
169.197.150.8
178.162.133.149
178.250.2.151
18.189.255.1
18.195.155.181
18.203.167.73
18.66.107.155
18.66.248.59
18.66.9.79
185.152.64.17
185.183.112.155
185.184.8.90
185.33.221.53
185.33.221.87
185.33.221.89
185.64.189.110
185.64.190.78
185.86.137.122
185.86.139.113
188.34.152.202
192.132.33.46
193.0.160.128
198.148.27.140
199.232.196.124
2.20.157.165
2.20.157.55
202.241.208.55
209.54.176.128
213.155.156.165
213.19.147.44
23.205.235.133
23.32.59.34
23.35.229.181
2600:9000:2315:4200:1:a3fa:7cc0:93a1
2602:803:c003:200::41
2606:4700:10::ac43:1a76
2606:4700:20::681a:609
2606:4700::6810:5614
2606:4700::6812:a6e0
2607:f8b0:4008:808::2003
2620:116:800d:21:b314:a0ef:ab7c:d546
2620:1ec:21::14
2620:1ec:bdf::45
2a00:1450:4001:67::9
2a00:1450:4001:80f::2006
2a00:1450:4001:811::2001
2a00:1450:4001:812::2002
2a00:1450:4001:812::2003
2a00:1450:4001:813::2001
2a00:1450:4001:813::200a
2a00:1450:4001:828::2002
2a00:1450:4001:82a::2004
2a00:1450:4001:82b::2002
2a00:1450:4001:830::2003
2a00:1450:4001:830::200a
2a00:1450:4001:831::200e
2a00:1450:400c:c00::65
2a00:1450:400c:c07::9b
2a00:1450:4014:80f::2002
2a00:1450:4016::7
2a02:26f0:3500:68a::4469
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
2a04:4e42:200::393
2a05:d014:943:a602:bc4:f0e7:77e7:16a5
2a05:d018:d29:3605:a78d:7683:9776:13f1
3.126.56.137
3.234.149.51
3.248.142.99
3.69.136.55
3.72.114.165
34.107.222.173
34.117.126.186
34.117.152.54
34.149.12.213
34.149.21.97
34.195.47.183
34.206.157.2
34.248.81.187
34.253.43.221
35.190.59.101
35.190.91.160
35.201.67.47
35.227.214.231
35.233.141.87
35.244.159.8
35.244.174.68
37.157.3.29
44.196.137.234
45.55.126.42
50.57.31.206
51.210.112.63
51.89.9.252
52.210.15.1
52.3.28.57
52.34.133.113
52.48.107.84
52.95.126.160
54.165.89.243
54.229.33.24
64.202.112.223
64.74.236.127
67.202.105.23
69.173.144.138
72.251.249.13
72.251.249.9
8.2.111.121
8.2.111.126
8.28.7.84
0019326d57285ed051d75c9b8fccd761497c7d94ca9d7e45eef0a16d662e2449
02f226de6f07171bc49dec1b78eeb0bdb6a64410538aea1eb738263096f547a2
03243666cf84f5416d71c75872948412b9451d66dddd8c2f3be674cc89dc1cdb
058f76d93a417240888fe7522aca5a1322f3ff8f86ddc950a3c347f0a1ac57da
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
08ebd705b057a3ea518837a696993c9bcda6c238cb94bad7b71a62ffdc614970
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
11287687c9cf584767bc3f85a06db55703f8d765a1d48449efbe487ed6924f26
1294d317042546120b98070acdd864cf57c0c304f0bed880123eafc3227563b3
12dcffd5cb06822734270a934d30bdea10ae38d8afe66aa077cebc20bbff86f9
1463723d08f47e4d44c5159daa70a9ef52340d090049429a2d9450a57a99c4b6
14af14bde6f0dfee6e502eeecce3c30ccc8a387796495c63d4f8e214305c6346
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
1909b2a83fd41494d94862c4323944d9d0aa1f1e653f252ea5a73fc5944308b0
196300a732903456ce811b730755b3e0920433f3be8fdafde62ed805fd8b8073
19e0cfeae6e0bdd6aecd6fc545877f22b49c71a2c577205964a2d09f9b2133c0
1c2334732b90db19180dfb4e5a358ee2981231b13987654c60af5c8227d32aa1
1d1c9bc6f9d52ed8f452bafb66bbfa138f0c01a3bdc9779440eda71895bd8b07
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4
209c2c22d21d582e1d02613e07891712ba48737353b2b74885abb9b6257a456f
20a90bba5b777d3ddb7e32465d440e6a6f884b46ac51b077b1ae028a0d7b3f36
216d299dd5f5401f6b677080eeb3f94c184ee33ef376ab7f03c472a1987797b4
24f09448658e2e0e9af9ee648ec4f31218d4b5103704aa2faad2180c9f15fb43
266054685424ac313339cb7cc9866589d5ca27f69a79efd764caf6778717861a
2785b55f5bc0a7edd3b6f9a4efe566a8e09f2e172d0f237e3b5a096a205dd478
293fe01721d4628c375aa84fc6897894c53d0e13e15b4a6d5037f382c1997023
2b3593455a68e6ab96925ee0ae065dc47c18efcc02e6d8fb854b2df30dc3a433
2be17be7cf0890b06280537fe8e49a0190bfa93c33d4e9e80e7c1157d515c9ec
2c2c5b8f897d45367268223ff6e2727df0f4b3c0f2dce882b35711a751d92f0a
2de1164e9dd14a4d197b6356eb1beea40a0d60b676fa1758eeb627df9a3851b5
3268e741fd7cd43e836222b0979ee064c0422eb6c81d0d029bbbb98ff8a1e363
344c14cce7eea32ca74e0baa3a3c10a0cee5645f9e276945454ab5d5c49168c7
36aecd4542cf4c62f3d0b0517e0e560aabd649e4efcfce254a95c5adeb388a5c
3821ab96c4c9467ae999fe5069f906ef28a4ebf352d11b0dfea19d2f75437b99
39b8fe6364621725ff90431a34af0f87976d95c00cbfd1d0f3711a3f1fa1a07b
3ac93fc3dd8a5dc306d2e910c462c3177c73fc95bc28c000245b1d705089679f
3b2ea1c9f3587781b58285cf64279e67f6329a3924fb93f81529f1826e2f4d16
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3f0fc153426f7b8e0ec908861aeaa6fec0c2edf93c1e635e9e65729611d7f94f
3f351eef4b0a3ccd70ff9d4239851252a0a6eba79471e530f9deec0b3421d132
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
42ea5313617e49c5c6bb3d2e3dbf0c10deb84fb87ae9350a439a23129223199d
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
44f5552055c20dbc4b5e2f819d4f3a0ea388ca5410c07bbd7eaa0b47697c9c56
4534753423d3ed79038050e7519191ab26bd20eb3e3e4c37b4dae9397e7b7ff1
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
48ac297961131a6119b352150e1ad5d568a1758921249f676acb59e1b90447c6
48f6199e5f7ef60b8567037b2b46e734a714961698e8dfb687550861dcfe22fb
4a9a6afeba8624295a87efaf0d3c76fa7a55271f310adffcfa683bccacc0fc5d
4b6753aef2f81a4813434523b259d9d19f368ae41cd40162bf0897bc4e334cb9
4bca64f7394d2d15456b60202c7c4cf67874bfadb2d775b844799cf7b8301400
4c2a0a41bdbc55f5d0f74f367110639cb7fe35122a7a140846d1395d21609a6d
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4ec212a435931c47f932a125ae1fa0d7039feaa08a03e9ea68e92663f902f53a
4f1f89a65c7a46c47bc95af769232b3d8f95cb4f93523b24a6a0bd9e12c073c4
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
50b9a3ff7ad63b639a8d69e0e54c427e9cd1d35dfa3884b0083eb0adca066174
50d45537ca7de540db0b85a1b3f930e9e6941d749561b9137f17296b78283855
518b3503f9d2e22f869f22c8b44d769d66f6488012970430ec4d0bf2cdbddc11
52ad644da868878b67f129a0857315706f2b683876f5ff18f0ffb5c546d44958
534274c3d49c7af8290c62fa48e9792a35a2e932075cca07bb76802e9582891d
535f84cffe4a18de721d24bd0f6a46f059068d48daf2327d143e0397431cbb14
53c25022c1d2e1ba728dfa5458fe7b244f36518b8a9cbe351485570b46ffbdd7
543a797fabb2d5f8954517d97e0405c0afb66895f5255cd02ea9774afa449a2b
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55aabd4f133660977420281f291a1ed0c58714a47679738bdaad2e8d59c31004
56baef642c218351cdaed0a1edec343bc21d1ca24a01f560f0e37abf0502f837
5ba644f0fddbedd145f222319852b63c370c3cb827de34c21e5f0823e6d33057
5dc9d61931a73fa03b59af510868b7e89e4523df5a53935212ca8a9b31af0b8d
5ee630e87a172c7c1a1654235a6d216b24b904189496310bd469e689474bd092
60a225fb196e1ac838472e33634b8d5c4d44aaf5a6b997f0aa7e23a9a65d032b
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
64b98d1861cf8f17fdc40d1ca8adedfd227ee58562e99ff5df3636d61c94f39f
65d6c0493a0ae3c7497eb6c8e28bf50fede8392cccf4b259516a2b8c4df6cf71
662c975d636ea2d038456c35eac7fd6677a80ec8e9e4bf2c0ee232584f25d823
668f86cfff5a8c9b897e409952e8ee8276eec206624dd5a379330aa9b66ae46e
66d3c189ad296f2200e21cdebe55213b849305816669c976e1feb902b7b842b8
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6ff0d2bd3e418c37f72fb9976ac4f9f3976ef3425880eb61cc3ad117b689a87e
709d3e5223416effca462f34523356376e85b2e8557c5bcdc3ed12d3cc4ac7dc
7165cd5d27b08f03681eb8df34dd57ca57ac241b6e72fbf31252e6cf02481079
71b3e9761dec1834f8152f030e564ed3ccee88e6f133764557faadbebf869c2d
73c4a0df57e860afb462aeea0bfca3ea0259f88ec8378ca95c2d66783d9dd6db
73c748a03b271d7a4d7c1ed120f668653c1d7ed4632748920048ddcde2e6d759
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
7496aca607b701abffbb6b654eb5072b74ec7dc145032b1f93de2a273b598d05
75cde5cd327239276b3bafb85d50f38fbd3b77bd15984deb9f6c02dd01b8ff86
75f62fc4dac0d25b6281a3ea17e1c90e38aa45ecc30b3d3887b16fdb976895ad
7878e9948340d0d1c53ea93b1e7ccff2d16e161286f12e58baa5a72c786f3462
7a80b17346ad96acb74876b1c792e1706cdfdb5e17ce3bc028ee6e832bdfd962
7b787207f29ffd5672ab91b95f681b387b4d6433081cc8b47070f1d564827863
7c3b96f238042f73d0bedf5877fa02eb834e89649bbd122e2f10cc35238173cf
7e447f5baf06a57b1faa3e0d73d7495022d6e52c5266f383e147b5e1df31e645
80df28bc7acaf7d1854caca435b7d41fc19a8f2d5e28a96b0cd96f3906caa4c1
82f7961c501f705562fc1dea08f305fd3883fb0b0990cda6c7a9b64ec8f09163
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83a4600079f08a25643533ab1198c47acf9416713e6e3a6f6d6f5aa37212e080
845ed3cf57521d1cf5a6d45dc2eb97bb9b00509f88585116e8e490efe31385fa
848fe19ed492948709b881f504ce2eb6274baa694606ca88eb9b2990a2460caf
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
861aed070db50ce0da9928455deff784c115b44540b09450f225ff7cff0c7429
88d1d0dd8730d866219619561304b3b5c22e3999a59dab5f70b88384312eff0f
891467d8f26788367d10371417978ea5811d09bcc0cac773c415d8facbe4ee4e
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8b5d6fcddeb8f4753f67b1d2634584a3380e61e1df832ab3d296d12cb4b3e7f5
8b5eb0e22d5b6ea14b6710dd74e1683f513d112aeba0e7cbe351a258f8b97b22
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
929701ed632814943e3df803ddd9e3f179ccf889c0ad7b7f3392bd8d109b174f
9430609689d5a14764e910949df8ee0552c1313bc1e1387d322215c44641978d
9449391857ab47443d4fcd4c4e47898692e7c798cf8c16bb0d2031a621f1cb76
952e6e6fc113c9de46e75d15d57cff1c83eb44ed44d2e773c9735e4227578195
961708716ea456fe76fdfecb2088b3d1f1650a0c4811040393d8296f5b86e2bc
967ff48c41053bf7c36f819b71ee6b509bd9971857397d74b41c75acc5bd27ae
9862c2d21adf13fcf14d3ad5d4288bef7ce1642ed06fc48f22359b923d8f03c5
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9c29517d31f5827419cfb4f4ff8cd13b478ec5345cfbb24e4f02072c723a87e7
9d44c04da1087e1be35a57ee5c975dc715c1aa92c31fd0233b3f7cd7014f1dcb
9e90ea8d8f57c5ff73ff737e1779216212fdde3f8829017f4a0c5e16b29dc886
9fe56b96c210193426829ddd00a3f0408ba00ebf1cb8e560569f9d4e0a53325a
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a658b2be7323c57d4bd5c4197b657e1f5360d1b950131dc377efec1d5111ffd0
a6783f138f006faae855cc40f359f19cd366ae934626da6c0a24126d99ed3451
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
accf6e0d3fcb9fe39367fee5bd38d5e8e2ee80214198c569ee321e0110973c86
ad1ae29a408a8162e21c7a42790f099b01562742f6e039eca88344f7e0f40257
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
aee0d8bc13f524568c9ffa316e517c7bfd6ca8b937fc63efe39effa52e38b544
af759a83b0b693a2de6dec0f4ffddd80db6a622a3058d8153e56a43ef975b52a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1f2a6ad102633e0da139dddea8f77a8055acb177e9ca9e246d55c6290192feb
b318b179b35ca92c87626801798f3bce3864172926ae10288f0460a53f30177c
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b
b94ecd7f8508dd99481039b1a3a342b2939f3f5b360a3ef5fc6b5300f2a4172f
ba75f67647fa7aa2f9de6988f64668e3bb9d8f992a11af3796e93bc00a7b23f5
bc9e990d7f27fce06566bcd2ae5938d3cee8382ff12e6756995ba9c87368cea2
bd21873739d9fe0303c2c8a5cb604d7e67ce1747824f1d5e7b8f16ebb741b51d
bea1f2e1b6c000d5289dd1de1a9475c9245d3afe0a021ece086400dccdca1d42
bf173f0930658d13d177a9ad70f3ab30d849011a70ccdd2dedce73f49372bf67
bf5aea580f55072b408a17163e2ed273e1a9529cc88a64b295c48d1f7df799ad
bfcdc5bb514538c16b96948274609c06a933ee0f19dd90e3086f887a7df0e79b
c1e253200f916f76ff84eed9148f10f19670158475f152653d064f4c6127558d
c21311b7dc1cbc9f0e2ae5da94511728b776110bd0d9e607589d01028064ff25
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c60b93effcbac344d2c30270e0d97323af0f64f43f3ac4d8abd486a875477169
c652cb3dcc3b49133285c42c49b296c3a3af4f9fceffde1022a6e3539e2422b1
c75733e48b0ff8fe8cf445d3f20cab6e29bb6e4319e733af0f7a4e4a45cf7407
c79d5cbe20f878c9d34e153680485f519f53ec6ad857ef0d929279d5f6a09591
c8f7c04f8d691138d54380550d91349271ca19cfc0f3f6666c401cfa892a12f8
cb8761bf3adb57942e0f6bdea353ba81e8a57a44b2c8600cd50387fb3c8fa14a
cc97dbfd1bef745cd588576510dc1e29a569f06b64f90f74a24885789003f2a7
ced9f41fef6ee8c12ae0230c9b187eedee079e6ec777604114db71966d8be7b8
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf49fc361a840ed23a9d4aa0d4d90753d84308079e887fce936b69f0be4eebea
cfa6cffbde0fca3a82b5691d8105a1baf1d3489b5491842a10fa96139ec13e71
d0ba1f35e0443b5312c70de11868cafe09441ddecf1dfd69791773ad358ee90e
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d24dd755c5e5641e688320442bf831ec6a6aa91ae69ee9768855a56c7c5fa4cb
d27e312d3785783c6d98182e18c94caf23b0b81e06b1dae83edce0d358bb492e
d3426db94d60ccaae3686843153a8290b387de5e71c664b77d46d66fed472a9c
d6108dede25017acc3584e1c5c5905991d4b30685954bb0aacbb2e099791b0d0
d7ffc5dbafe863985902dd164bbd27ca81ba2db75aae03f2510854f4a6f2dc6a
d80326f55bc31b42059f5ccfb160eaf1441a05659feee224eec68e3e3445f7e8
d9b7a0b172ed5eadfe8e41903efb17e71591fa64191b75c1bf3000dccfcb60c1
db0486ac0154d88f65e2b5604a82fba1374e3908910560e97ee5f7915a001c0c
db87975ffce88143990eda04f18bf7f50a8938eecdeb0ec1d51bff5738970b08
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
dd9c85c873b9b644468988e8165e079b0e747a550ce13fa3f7d0c1839b0fd503
e023cfc398dfe758fa5c1454fc64608cb9f1894ce361473284fcb00679ebe1bd
e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4a7e92291c7c3762e70fa50a9125648bf36ceb3756d1a8aab689bcea989d8e4
e519cc4b7b8fdc64a7aaafc1b808cde266a234205aac0d6c55589c12446d565e
e570927ac2503e9ec25fe5d060ef8cdeef692e29b828d7262ec11dfd92728751
e72a4d605e3d5af4047f1f34af4008981be221e0809e57805c6011c451f81c14
e80816ecc3965de4e203b9ce03eb39345fe3c16ff8a848ebacd3c1bd29dfd245
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152
eccc3ad32660b371c10adea1e77793843560fa68404568797ec59e162db13a88
edd23c13257a30fed329422f34c3b0e6024414b054094e98a9779e3fff662c7f
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efbbda6160adbb78e20f51606567582468c1b6d19664b71ed0ef3bed07a0a208
f452c0a329f17acfb74497d9ddef4a0d5af4166d43da2a3824387fc71205cd4f
f99a04a39f41d2c52fd71ffabe78539d81cd0c4699866c05df6efce45e2bbc93
fcc83a5b6aef86420c1ad553167106df96bd0ff4192ffe52b1647599948edbcf
fcdb89944b76cd60b9902dbde0a857fe0e9df6fe0eeab8d4ff8ff6e8d98e7867
fe89b1819788633045d05c4f1d086cf94f3f2808c54be6c81687007a3ff74851
feb45be43fea14728a131f58a610dda78f54d547c1b575f5c2db3edcddd02047