www.livenewsnow.com Open in urlscan Pro
142.44.129.23 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.livenewsnow.com/featured/msnbc.html
Submission: On September 16 via manual (September 16th 2021, 1:06:23 am UTC) from US — Scanned from DE

Summary HTTP 470 Redirects Links 15 Behaviour Indicators

Summary

This website contacted 109 IPs in 13 countries across 98 domains to perform 470 HTTP transactions. The main IP is 142.44.129.23, located in Canada and belongs to OVH, FR. The main domain is www.livenewsnow.com.
TLS certificate: Issued by cPanel, Inc. Certification Authority on August 20th 2021. Valid for: 3 months.

This is the only time www.livenewsnow.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
53	142.44.129.23 142.44.129.23	16276 (OVH) (OVH)
2	142.250.186.170 142.250.186.170	15169 (GOOGLE) (GOOGLE)
6	104.26.15.238 104.26.15.238	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	18.211.226.152 18.211.226.152	14618 (AMAZON-AES) (AMAZON-AES)
1	68.71.249.118 68.71.249.118	20093 (ZEROLAG) (ZEROLAG)
3	142.250.186.131 142.250.186.131	15169 (GOOGLE) (GOOGLE)
5	151.101.194.114 151.101.194.114	54113 (FASTLY) (FASTLY)
1	151.139.242.29 151.139.242.29	33438 (HIGHWINDS2) (HIGHWINDS2)
4	52.50.197.208 52.50.197.208	16509 (AMAZON-02) (AMAZON-02)
21	142.250.185.226 142.250.185.226	15169 (GOOGLE) (GOOGLE)
4	172.217.23.106 172.217.23.106	15169 (GOOGLE) (GOOGLE)
1	46.105.201.240 46.105.201.240	16276 (OVH) (OVH)
5	195.181.175.25 195.181.175.25	60068 (CDN77 ^_^) (CDN77 ^_^)
1	104.154.142.214 104.154.142.214	15169 (GOOGLE) (GOOGLE)
5	142.250.184.226 142.250.184.226	15169 (GOOGLE) (GOOGLE)
1	192.99.8.27 192.99.8.27	16276 (OVH) (OVH)
1	13.225.78.59 13.225.78.59	16509 (AMAZON-02) (AMAZON-02)
3	142.250.185.131 142.250.185.131	15169 (GOOGLE) (GOOGLE)
1	151.101.65.229 151.101.65.229	54113 (FASTLY) (FASTLY)
1	104.26.14.238 104.26.14.238	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	13.225.78.27 13.225.78.27	16509 (AMAZON-02) (AMAZON-02)
2	54.234.151.247 54.234.151.247	14618 (AMAZON-AES) (AMAZON-AES)
13	23.20.158.212 23.20.158.212	14618 (AMAZON-AES) (AMAZON-AES)
1	142.250.186.34 142.250.186.34	15169 (GOOGLE) (GOOGLE)
1	13.224.193.80 13.224.193.80	16509 (AMAZON-02) (AMAZON-02)
1	158.69.139.229 158.69.139.229	16276 (OVH) (OVH)
1	3.1.182.12 3.1.182.12	16509 (AMAZON-02) (AMAZON-02)
1	172.217.16.136 172.217.16.136	15169 (GOOGLE) (GOOGLE)
1	44.227.231.197 44.227.231.197	16509 (AMAZON-02) (AMAZON-02)
8	151.139.128.11 151.139.128.11	20446 (HIGHWINDS3) (HIGHWINDS3)
8	184.26.16.208 184.26.16.208	16625 (AKAMAI-AS) (AKAMAI-AS)
5	142.250.185.110 142.250.185.110	15169 (GOOGLE) (GOOGLE)
6	151.139.241.28 151.139.241.28	33438 (HIGHWINDS2) (HIGHWINDS2)
3	64.233.167.157 64.233.167.157	15169 (GOOGLE) (GOOGLE)
2	51.89.24.69 51.89.24.69	16276 (OVH) (OVH)
1	13.225.78.44 13.225.78.44	16509 (AMAZON-02) (AMAZON-02)
1	18.195.98.10 18.195.98.10	16509 (AMAZON-02) (AMAZON-02)
1	104.16.88.26 104.16.88.26	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	52.17.148.138 52.17.148.138	16509 (AMAZON-02) (AMAZON-02)
1	13.225.78.93 13.225.78.93	16509 (AMAZON-02) (AMAZON-02)
3	13.225.78.37 13.225.78.37	16509 (AMAZON-02) (AMAZON-02)
1	159.203.161.83 159.203.161.83	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
4 4	51.210.112.63 51.210.112.63	16276 (OVH) (OVH)
2	104.118.220.232 104.118.220.232	174 (COGENT-174) (COGENT-174)
7	208.100.17.186 208.100.17.186	32748 (STEADFAST) (STEADFAST)
1	13.224.193.91 13.224.193.91	16509 (AMAZON-02) (AMAZON-02)
9 18	37.252.173.22 37.252.173.22	29990 (ASN-APPNEX) (ASN-APPNEX)
9	213.19.147.42 213.19.147.42	26120 (RHYTHMONE) (RHYTHMONE)
9	34.149.20.76 34.149.20.76	15169 (GOOGLE) (GOOGLE)
4	54.194.126.20 54.194.126.20	16509 (AMAZON-02) (AMAZON-02)
7	185.64.189.112 185.64.189.112	62713 (AS-PUBMATIC) (AS-PUBMATIC)
3	13.224.193.129 13.224.193.129	16509 (AMAZON-02) (AMAZON-02)
9	185.255.84.151 185.255.84.151	200271 (IGUANE-) (IGUANE-)
13	51.89.9.254 51.89.9.254	16276 (OVH) (OVH)
4 53	34.98.64.218 34.98.64.218	15169 (GOOGLE) (GOOGLE)
9	18.192.135.64 18.192.135.64	16509 (AMAZON-02) (AMAZON-02)
1	34.216.108.96 34.216.108.96	16509 (AMAZON-02) (AMAZON-02)
1	54.213.79.211 54.213.79.211	16509 (AMAZON-02) (AMAZON-02)
4 4	37.252.173.27 37.252.173.27	29990 (ASN-APPNEX) (ASN-APPNEX)
1 10	52.42.90.222 52.42.90.222	16509 (AMAZON-02) (AMAZON-02)
8 14	76.223.111.131 76.223.111.131	16509 (AMAZON-02) (AMAZON-02)
21 29	185.64.190.80 185.64.190.80	62713 (AS-PUBMATIC) (AS-PUBMATIC)
21 26	142.250.185.130 142.250.185.130	15169 (GOOGLE) (GOOGLE)
1 2	185.86.137.131 185.86.137.131	201081 (SMARTADSE...) (SMARTADSERVER)
15 15	54.246.13.173 54.246.13.173	16509 (AMAZON-02) (AMAZON-02)
10 10	185.29.134.244 185.29.134.244	30419 (MEDIAMATH...) (MEDIAMATH-INC)
1	208.100.17.190 208.100.17.190	32748 (STEADFAST) (STEADFAST)
1	142.250.186.129 142.250.186.129	15169 (GOOGLE) (GOOGLE)
1	13.225.78.3 13.225.78.3	16509 (AMAZON-02) (AMAZON-02)
1	52.18.52.16 52.18.52.16	16509 (AMAZON-02) (AMAZON-02)
1	142.250.184.230 142.250.184.230	15169 (GOOGLE) (GOOGLE)
6	3.86.21.221 3.86.21.221	14618 (AMAZON-AES) (AMAZON-AES)
1	52.89.213.37 52.89.213.37	16509 (AMAZON-02) (AMAZON-02)
2	157.240.236.1 157.240.236.1	32934 (FACEBOOK) (FACEBOOK)
1	142.250.186.132 142.250.186.132	15169 (GOOGLE) (GOOGLE)
2	157.240.236.35 157.240.236.35	32934 (FACEBOOK) (FACEBOOK)
1	52.31.202.1 52.31.202.1	16509 (AMAZON-02) (AMAZON-02)
1 12	52.30.140.199 52.30.140.199	16509 (AMAZON-02) (AMAZON-02)
1	104.21.78.98 104.21.78.98	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 3	151.101.1.44 151.101.1.44	54113 (FASTLY) (FASTLY)
2 2	35.227.248.159 35.227.248.159	15169 (GOOGLE) (GOOGLE)
1	104.16.92.60 104.16.92.60	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	34.254.143.3 34.254.143.3	16509 (AMAZON-02) (AMAZON-02)
2 2	54.247.138.82 54.247.138.82	16509 (AMAZON-02) (AMAZON-02)
1	18.198.109.212 18.198.109.212	16509 (AMAZON-02) (AMAZON-02)
1	54.72.203.75 54.72.203.75	16509 (AMAZON-02) (AMAZON-02)
1 1	52.7.51.190 52.7.51.190	14618 (AMAZON-AES) (AMAZON-AES)
1	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
1 1	64.58.232.179 64.58.232.179	13649 (ASN-VINS) (ASN-VINS)
1	64.58.232.177 64.58.232.177	13649 (ASN-VINS) (ASN-VINS)
1	52.211.195.119 52.211.195.119	16509 (AMAZON-02) (AMAZON-02)
2 2	52.48.53.255 52.48.53.255	16509 (AMAZON-02) (AMAZON-02)
6 7	3.125.70.222 3.125.70.222	16509 (AMAZON-02) (AMAZON-02)
2 2	46.228.164.13 46.228.164.13	56396 (AMOBEE) (AMOBEE)
5 5	151.101.2.49 151.101.2.49	54113 (FASTLY) (FASTLY)
2	173.231.180.197 173.231.180.197	29791 (VOXEL-DOT...) (VOXEL-DOT-NET)
3 3	66.155.71.25 66.155.71.25	13768 (COGECO-PEER1) (COGECO-PEER1)
1	3.127.52.31 3.127.52.31	16509 (AMAZON-02) (AMAZON-02)
2	3.215.247.12 3.215.247.12	14618 (AMAZON-AES) (AMAZON-AES)
5	184.26.16.194 184.26.16.194	16625 (AKAMAI-AS) (AKAMAI-AS)
4	208.100.17.171 208.100.17.171	32748 (STEADFAST) (STEADFAST)
3	13.225.78.120 13.225.78.120	16509 (AMAZON-02) (AMAZON-02)
18 19	52.29.23.197 52.29.23.197	16509 (AMAZON-02) (AMAZON-02)
2 2	52.214.235.66 52.214.235.66	16509 (AMAZON-02) (AMAZON-02)
10 10	52.57.110.162 52.57.110.162	16509 (AMAZON-02) (AMAZON-02)
4 4	35.210.53.219 35.210.53.219	19527 (GOOGLE-2) (GOOGLE-2)
4 4	198.148.27.140 198.148.27.140	19189 (PULSEPOINT) (PULSEPOINT)
5	185.86.137.132 185.86.137.132	201081 (SMARTADSE...) (SMARTADSERVER)
6 6	91.228.74.134 91.228.74.134	16509 (AMAZON-02) (AMAZON-02)
12 13	37.157.4.40 37.157.4.40	198622 (ADFORM) (ADFORM)
2 2	18.196.60.85 18.196.60.85	16509 (AMAZON-02) (AMAZON-02)
2 2	188.42.191.196 188.42.191.196	7979 (SERVERS-COM) (SERVERS-COM)
1	34.98.67.61 34.98.67.61	15169 (GOOGLE) (GOOGLE)
3 9	23.37.42.132 23.37.42.132	16625 (AKAMAI-AS) (AKAMAI-AS)
26	107.23.252.174 107.23.252.174	14618 (AMAZON-AES) (AMAZON-AES)
6 6	35.157.177.200 35.157.177.200	16509 (AMAZON-02) (AMAZON-02)
8 8	18.156.0.31 18.156.0.31	16509 (AMAZON-02) (AMAZON-02)
3	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
3 3	88.214.206.142 88.214.206.142	46636 (NATCOWEB) (NATCOWEB)
17 20	185.64.189.216 185.64.189.216	62713 (AS-PUBMATIC) (AS-PUBMATIC)
3 3	34.239.198.206 34.239.198.206	14618 (AMAZON-AES) (AMAZON-AES)
1	185.64.189.115 185.64.189.115	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2 2	213.155.156.185 213.155.156.185	1299 (TELIANET ...) (TELIANET Telia Carrier)
1	178.250.2.151 178.250.2.151	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1 1	85.114.159.118 85.114.159.118	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
11 14	185.64.189.114 185.64.189.114	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 1	162.55.6.212 162.55.6.212	24940 (HETZNER-AS) (HETZNER-AS)
3 3	213.19.147.45 213.19.147.45	26120 (RHYTHMONE) (RHYTHMONE)
1	172.67.74.129 172.67.74.129	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	87.98.242.60 87.98.242.60	16276 (OVH) (OVH)
1 2	104.18.13.5 104.18.13.5	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	169.197.150.7 169.197.150.7	398989 (DEEPINTENT) (DEEPINTENT)
1 2	104.22.24.87 104.22.24.87	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	159.253.128.183 159.253.128.183	36351 (SOFTLAYER) (SOFTLAYER)
1	64.158.223.140 64.158.223.140	41041 (VCLK-EU-SE) (VCLK-EU-SE)
1 1	46.228.164.11 46.228.164.11	56396 (AMOBEE) (AMOBEE)
1 1	34.98.107.212 34.98.107.212	15169 (GOOGLE) (GOOGLE)
1 1	34.251.173.19 34.251.173.19	16509 (AMAZON-02) (AMAZON-02)
3	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
470	109

53 142.44.129.23 (Canada)

ASN16276 (OVH, FR)
PTR: ip23.ip-142-44-129.net

www.livenewsnow.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.170 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f10.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 104.26.15.238 (United States)

ASN13335 (CLOUDFLARENET, US)

services.vlitag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tag.vlitag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets.vlitag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.211.226.152 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-211-226-152.compute-1.amazonaws.com

powerad.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 68.71.249.118 (United States)

ASN20093 (ZEROLAG, US)

udmserve.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.186.131 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 151.101.194.114 (United States)

ASN54113 (FASTLY, US)

ssl.p.jwpcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.139.242.29 (United States)

ASN33438 (HIGHWINDS2, US)

cdn2.lockerdomecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.50.197.208 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-50-197-208.eu-west-1.compute.amazonaws.com

trends.revcontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 142.250.185.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.217.23.106 (United States)

ASN15169 (GOOGLE, US)
PTR: mil04s23-in-f106.1e100.net

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 46.105.201.240 (France)

ASN16276 (OVH, FR)

s10.histats.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 195.181.175.25 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)
PTR: frankfurt-20.cdn77.com

1420543146.rsc.cdn77.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.154.142.214 (Council Bluffs, United States)

ASN15169 (GOOGLE, US)
PTR: 214.142.154.104.bc.googleusercontent.com

lockerdome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.99.8.27 (Ajax, Canada)

ASN16276 (OVH, FR)
PTR: ns500876.ip-192-99-8.net

s4.histats.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.78.59 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-59.fra2.r.cloudfront.net

test.quantcast.mgr.consensu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.185.131 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f3.1e100.net

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.65.229 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.26.14.238 (United States)

ASN13335 (CLOUDFLARENET, US)

assets.vlitag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.225.78.27 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-27.fra2.r.cloudfront.net

quantcast.mgr.consensu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.234.151.247 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-234-151-247.compute-1.amazonaws.com

reporting.powerad.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 23.20.158.212 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-23-20-158-212.compute-1.amazonaws.com

hb.brainlyads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.34 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.193.80 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-193-80.fra2.r.cloudfront.net

audit-tcfv2.quantcast.mgr.consensu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 158.69.139.229 (Montreal, Canada)

ASN16276 (OVH, FR)
PTR: ip229.ip-158-69-139.net

e.dtscout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.1.182.12 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-1-182-12.ap-southeast-1.compute.amazonaws.com

pixel.zprk.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.16.136 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s46-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 44.227.231.197 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-227-231-197.us-west-2.compute.amazonaws.com

a.ad.gt	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 151.139.128.11 (United States)

ASN20446 (HIGHWINDS3, US)

cdn.revcontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
img.revcontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
images.revcontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 184.26.16.208 (Singapore, Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a184-26-16-208.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.250.185.110 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f14.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 151.139.241.28 (United States)

ASN33438 (HIGHWINDS2, US)

cdn1.lockerdomecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 64.233.167.157 (United States)

ASN15169 (GOOGLE, US)
PTR: wl-in-f157.1e100.net

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 51.89.24.69 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip69.ip-51-89-24.eu

t.dtscout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.78.44 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-44.fra2.r.cloudfront.net

get.s-onetag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.195.98.10 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-98-10.eu-central-1.compute.amazonaws.com

pd.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.16.88.26 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn.tynt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.17.148.138 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-17-148-138.eu-west-1.compute.amazonaws.com

vid.springserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.78.93 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-93.fra2.r.cloudfront.net

onetag-geo.s-onetag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.225.78.37 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-37.fra2.r.cloudfront.net

tags.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 159.203.161.83 (Clifton, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
PTR: lb4.ny1.dtscdn.com

t.dtscdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 51.210.112.63 (France) 4 redirects

ASN16276 (OVH, FR)
PTR: pikafka-3.cloudy.ovh

pixel.onaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.118.220.232 (Atlanta, United States)

ASN174 (COGENT-174, US)
PTR: a104-118-220-232.deploy.static.akamaitechnologies.com

tags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 208.100.17.186 (United States)

ASN32748 (STEADFAST, US)
PTR: ip186.208-100-17.static.steadfastdns.net

ic.tynt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.193.91 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-193-91.fra2.r.cloudfront.net

vpaid.springserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 37.252.173.22 (Frankfurt am Main, Germany) 9 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 213.19.147.42 (United Kingdom)

ASN26120 (RHYTHMONE, US)

tag.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 34.149.20.76 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 76.20.149.34.bc.googleusercontent.com

ssc.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 54.194.126.20 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-194-126-20.eu-west-1.compute.amazonaws.com

ads.yieldmo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

hbopenbid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.224.193.129 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-193-129.fra2.r.cloudfront.net

hb.undertone.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 185.255.84.151 (Paris, France)

ASN200271 (IGUANE-, FR)

hb-api.omnitagjs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 51.89.9.254 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip254.ip-51-89-9.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

53 34.98.64.218 (Kansas City, United States) 4 redirects

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com

u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
next-millennium-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
eu-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 18.192.135.64 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-192-135-64.eu-central-1.compute.amazonaws.com

grid.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.216.108.96 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-216-108-96.us-west-2.compute.amazonaws.com

aufp.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.213.79.211 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-213-79-211.us-west-2.compute.amazonaws.com

p.ad.gt	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 37.252.173.27 (Frankfurt am Main, Germany) 4 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 52.42.90.222 (Boardman, United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-42-90-222.us-west-2.compute.amazonaws.com

ids.ad.gt	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 76.223.111.131 (United States) 8 redirects

ASN16509 (AMAZON-02, US)
PTR: a97adde81b00f2ca4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

29 185.64.190.80 (United Kingdom) 21 redirects

ASN62713 (AS-PUBMATIC, US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

26 142.250.185.130 (United States) 21 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.86.137.131 (France) 1 redirects

ASN201081 (SMARTADSERVER, FR)

sync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 54.246.13.173 (Dublin, Ireland) 15 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-246-13-173.eu-west-1.compute.amazonaws.com

match.prod.bidr.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 185.29.134.244 (United Kingdom) 10 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 208.100.17.190 (United States)

ASN32748 (STEADFAST, US)
PTR: ip190.208-100-17.static.steadfastdns.net

de.tynt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.129 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f1.1e100.net

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.78.3 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-3.fra2.r.cloudfront.net

onetag-geo-grouping.s-onetag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.18.52.16 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-18-52-16.eu-west-1.compute.amazonaws.com

g2.gumgum.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.184.230 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f6.1e100.net

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 3.86.21.221 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-86-21-221.compute-1.amazonaws.com

report2.hb.brainlyads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.89.213.37 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-89-213-37.us-west-2.compute.amazonaws.com

pixels.ad.gt	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 157.240.236.1 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-02-frx5.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.132 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 157.240.236.35 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-02-frx5.facebook.com

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.31.202.1 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-31-202-1.eu-west-1.compute.amazonaws.com

vid-io-dub.springserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 52.30.140.199 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-30-140-199.eu-west-1.compute.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.21.78.98 (None, )

ASN13335 (CLOUDFLARENET, US)

a.dtssrv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.1.44 (United States) 1 redirects

ASN54113 (FASTLY, US)

trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
match.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.227.248.159 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 159.248.227.35.bc.googleusercontent.com

pixel.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.16.92.60 (None, )

ASN13335 (CLOUDFLARENET, US)

dmp.truoptik.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.254.143.3 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-254-143-3.eu-west-1.compute.amazonaws.com

loadm.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.247.138.82 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-247-138-82.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.198.109.212 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-198-109-212.eu-central-1.compute.amazonaws.com

sync.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.72.203.75 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-72-203-75.eu-west-1.compute.amazonaws.com

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.7.51.190 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-7-51-190.compute-1.amazonaws.com

aorta.clickagy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 64.58.232.179 (United States) 1 redirects

ASN13649 (ASN-VINS, US)

global.ib-ibi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 64.58.232.177 (United States)

ASN13649 (ASN-VINS, US)
PTR: be31-199.crrt01.las04.flexential.net

ib.mookie1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.211.195.119 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-211-195-119.eu-west-1.compute.amazonaws.com

ml314.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.48.53.255 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-48-53-255.eu-west-1.compute.amazonaws.com

sync.tidaltv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 3.125.70.222 (Frankfurt am Main, Germany) 6 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-125-70-222.eu-central-1.compute.amazonaws.com

ps.eyeota.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 46.228.164.13 (United Kingdom) 2 redirects

ASN56396 (AMOBEE, GB)

d.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 151.101.2.49 (United States) 5 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 173.231.180.197 (United States)

ASN29791 (VOXEL-DOT-NET, US)

cm.adgrx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 66.155.71.25 (Portsmouth, United Kingdom) 3 redirects

ASN13768 (COGECO-PEER1, CA)

pixel-sync.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.127.52.31 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-127-52-31.eu-central-1.compute.amazonaws.com

aa.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.215.247.12 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-215-247-12.compute-1.amazonaws.com

report.hb.brainlyads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 184.26.16.194 (Singapore, Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a184-26-16-194.deploy.static.akamaitechnologies.com

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 208.100.17.171 (United States)

ASN32748 (STEADFAST, US)
PTR: ip171.208-100-17.static.steadfastdns.net

ssc-cms.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.225.78.120 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-120.fra2.r.cloudfront.net

cdn.undertone.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 52.29.23.197 (Frankfurt am Main, Germany) 18 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-29-23-197.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.214.235.66 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-214-235-66.eu-west-1.compute.amazonaws.com

ads.avct.cloud	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 52.57.110.162 (Frankfurt am Main, Germany) 10 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-57-110-162.eu-central-1.compute.amazonaws.com

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.210.53.219 (Brussels, Belgium) 4 redirects

ASN19527 (GOOGLE-2, US)
PTR: 219.53.210.35.bc.googleusercontent.com

pool.admedo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 198.148.27.140 (New York, United States) 4 redirects

ASN19189 (PULSEPOINT, US)

bh.contextweb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 185.86.137.132 (France)

ASN201081 (SMARTADSERVER, FR)

rtb-csync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 91.228.74.134 (United Kingdom) 6 redirects

ASN16509 (AMAZON-02, US)

pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 37.157.4.40 (Denmark) 12 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.196.60.85 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-196-60-85.eu-central-1.compute.amazonaws.com

rtb.mfadsrvr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 188.42.191.196 (Luxembourg) 2 redirects

ASN7979 (SERVERS-COM, US)

ads.betweendigital.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.98.67.61 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 61.67.98.34.bc.googleusercontent.com

odr.mookie1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 23.37.42.132 (Frankfurt am Main, Germany) 3 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-37-42-132.deploy.static.akamaitechnologies.com

secure-assets.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

26 107.23.252.174 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-107-23-252-174.compute-1.amazonaws.com

usr.undertone.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 35.157.177.200 (Frankfurt am Main, Germany) 6 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-177-200.eu-central-1.compute.amazonaws.com

pixel.advertising.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 18.156.0.31 (Frankfurt am Main, Germany) 8 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-0-31.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 88.214.206.142 (United Kingdom) 3 redirects

ASN46636 (NATCOWEB, US)

cs.admanmedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 185.64.189.216 (United Kingdom) 17 redirects

ASN62713 (AS-PUBMATIC, US)

image8.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.239.198.206 (Ashburn, United States) 3 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-239-198-206.compute-1.amazonaws.com

sync.ipredictive.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.115 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.155.156.185 (Uppsala, Sweden) 2 redirects

ASN1299 (TELIANET Telia Carrier, SE)
PTR: 213-155-156-185.teliacarrier-cust.com

d5p.de17a.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.2.151 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.114.159.118 (Germany) 1 redirects

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com

dsp.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 185.64.189.114 (United Kingdom) 11 redirects

ASN62713 (AS-PUBMATIC, US)

image4.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
simage4.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.55.6.212 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.212.6.55.162.clients.your-server.de

csync.loopme.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 213.19.147.45 (United Kingdom) 3 redirects

ASN26120 (RHYTHMONE, US)

sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.67.74.129 (United States)

ASN13335 (CLOUDFLARENET, US)

ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 87.98.242.60 (Saarbrücken, Germany) 1 redirects

ASN16276 (OVH, FR)
PTR: ip60.ip-87-98-242.eu

green.erne.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.13.5 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 169.197.150.7 (United States)

ASN398989 (DEEPINTENT, US)
PTR: g.deepintent.com

match.deepintent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.22.24.87 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

spl.zeotap.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mwzeom.zeotap.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 159.253.128.183 (Amsterdam, Netherlands)

ASN36351 (SOFTLAYER, US)
PTR: b7.80.fd9f.ip4.static.sl-reverse.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 64.158.223.140 (Amsterdam, Netherlands)

ASN41041 (VCLK-EU-SE, US)
PTR: ams02-login.dotomi.com

pubmatic-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 46.228.164.11 (United Kingdom) 1 redirects

ASN56396 (AMOBEE, GB)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.98.107.212 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 212.107.98.34.bc.googleusercontent.com

ads.playground.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.251.173.19 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-251-173-19.eu-west-1.compute.amazonaws.com

rtb.gumgum.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
79	pubmatic.com 49 redirects ads.pubmatic.com hbopenbid.pubmatic.com image2.pubmatic.com image8.pubmatic.com simage2.pubmatic.com image6.pubmatic.com image4.pubmatic.com simage4.pubmatic.com	217 KB
53	openx.net 4 redirects u.openx.net next-millennium-d.openx.net eu-u.openx.net us-u.openx.net	12 KB
53	livenewsnow.com www.livenewsnow.com	692 KB
41	doubleclick.net 21 redirects securepubads.g.doubleclick.net googleads.g.doubleclick.net stats.g.doubleclick.net cm.g.doubleclick.net	1 MB
32	undertone.com hb.undertone.com cdn.undertone.com usr.undertone.com	15 KB
28	bidswitch.net 18 redirects grid.bidswitch.net x.bidswitch.net	9 KB
27	adnxs.com 13 redirects ib.adnxs.com secure.adnxs.com acdn.adnxs.com	105 KB
21	brainlyads.com hb.brainlyads.com report2.hb.brainlyads.com report.hb.brainlyads.com	318 KB
15	rubiconproject.com 3 redirects secure-assets.rubiconproject.com eus.rubiconproject.com pixel.rubiconproject.com token.rubiconproject.com	33 KB
15	bidr.io 15 redirects match.prod.bidr.io	7 KB
15	crwdcntrl.net 1 redirects tags.crwdcntrl.net bcp.crwdcntrl.net sync.crwdcntrl.net	23 KB
14	adsrvr.org 8 redirects match.adsrvr.org	5 KB
13	adform.net 12 redirects c1.adform.net	6 KB
13	onetag-sys.com onetag-sys.com	6 KB
13	33across.com ssc.33across.com ssc-cms.33across.com	2 KB
13	ad.gt 1 redirects a.ad.gt p.ad.gt ids.ad.gt pixels.ad.gt	17 KB
12	revcontent.com trends.revcontent.com cdn.revcontent.com img.revcontent.com images.revcontent.com	287 KB
11	1rx.io 2 redirects tag.1rx.io sync.1rx.io	3 KB
10	w55c.net 10 redirects pm.w55c.net	8 KB
10	mathtag.com 10 redirects sync.mathtag.com	5 KB
10	googletagservices.com www.googletagservices.com	245 KB
9	omnitagjs.com hb-api.omnitagjs.com	3 KB
9	tynt.com cdn.tynt.com ic.tynt.com de.tynt.com	6 KB
8	yahoo.com 8 redirects ups.analytics.yahoo.com pr-bh.ybp.yahoo.com Failed	7 KB
7	eyeota.net 6 redirects ps.eyeota.net	4 KB
7	smartadserver.com 1 redirects sync.smartadserver.com rtb-csync.smartadserver.com	2 KB
7	lockerdomecdn.com cdn2.lockerdomecdn.com cdn1.lockerdomecdn.com	96 KB
7	vlitag.com services.vlitag.com tag.vlitag.com assets.vlitag.com	426 KB
6	advertising.com 6 redirects pixel.advertising.com	2 KB
6	quantserve.com 6 redirects pixel.quantserve.com	3 KB
6	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	110 KB
6	gstatic.com fonts.gstatic.com www.gstatic.com	74 KB
6	googleapis.com fonts.googleapis.com imasdk.googleapis.com	443 KB
5	everesttech.net 5 redirects sync-tm.everesttech.net	1 KB
5	google-analytics.com www.google-analytics.com	22 KB
5	cdn77.org 1420543146.rsc.cdn77.org	1000 KB
5	jwpcdn.com ssl.p.jwpcdn.com	180 KB
5	powerad.ai powerad.ai reporting.powerad.ai	50 KB
4	contextweb.com 4 redirects bh.contextweb.com	2 KB
4	admedo.com 4 redirects pool.admedo.com	1 KB
4	yieldmo.com ads.yieldmo.com	909 B
4	onaudience.com 4 redirects pixel.onaudience.com	2 KB
4	consensu.org test.quantcast.mgr.consensu.org quantcast.mgr.consensu.org audit-tcfv2.quantcast.mgr.consensu.org	171 KB
3	ipredictive.com 3 redirects sync.ipredictive.com	2 KB
3	admanmedia.com 3 redirects cs.admanmedia.com	1 KB
3	sitescout.com 3 redirects pixel-sync.sitescout.com	2 KB
3	turn.com 3 redirects d.turn.com ad.turn.com	1 KB
3	taboola.com 1 redirects trc.taboola.com match.taboola.com	704 B
3	springserve.com vid.springserve.com vpaid.springserve.com vid-io-dub.springserve.com	88 KB
3	s-onetag.com get.s-onetag.com onetag-geo.s-onetag.com onetag-geo-grouping.s-onetag.com	12 KB
3	dtscout.com e.dtscout.com t.dtscout.com	9 KB
2	zeotap.com 1 redirects spl.zeotap.com mwzeom.zeotap.com	896 B
2	tribalfusion.com 1 redirects a.tribalfusion.com s.tribalfusion.com	1 KB
2	de17a.com 2 redirects d5p.de17a.com	637 B
2	betweendigital.com 2 redirects ads.betweendigital.com	1 KB
2	mfadsrvr.com 2 redirects rtb.mfadsrvr.com	1 KB
2	avct.cloud 2 redirects ads.avct.cloud	902 B
2	adgrx.com cm.adgrx.com	816 B
2	tidaltv.com 2 redirects sync.tidaltv.com	688 B
2	mookie1.com ib.mookie1.com odr.mookie1.com	2 KB
2	demdex.net 2 redirects dpm.demdex.net	2 KB
2	exelator.com 1 redirects loadm.exelator.com	1 KB
2	tapad.com 2 redirects pixel.tapad.com	916 B
2	facebook.com www.facebook.com	331 B
2	facebook.net connect.facebook.net	115 KB
2	gumgum.com 1 redirects g2.gumgum.com rtb.gumgum.com	698 B
2	bluekai.com tags.bluekai.com	608 B
2	sharethis.com pd.sharethis.com sync.sharethis.com	255 B
2	histats.com s10.histats.com s4.histats.com	5 KB
1	playground.xyz 1 redirects ads.playground.xyz	485 B
1	dotomi.com pubmatic-match.dotomi.com	104 B
1	simpli.fi um.simpli.fi	610 B
1	deepintent.com match.deepintent.com	44 B
1	erne.co 1 redirects green.erne.co	327 B
1	ad4m.at ad4m.at	974 B
1	unrulymedia.com 1 redirects sync.targeting.unrulymedia.com	535 B
1	loopme.me 1 redirects csync.loopme.me	216 B
1	adition.com 1 redirects dsp.adfarm1.adition.com	501 B
1	criteo.com dis.criteo.com	334 B
1	agkn.com aa.agkn.com	412 B
1	ml314.com ml314.com	422 B
1	ib-ibi.com 1 redirects global.ib-ibi.com	513 B
1	rlcdn.com idsync.rlcdn.com	66 B
1	clickagy.com 1 redirects aorta.clickagy.com	672 B
1	krxd.net beacon.krxd.net	338 B
1	truoptik.com dmp.truoptik.com
1	dtssrv.com a.dtssrv.com	556 B
1	google.com www.google.com	522 B
1	2mdn.net s0.2mdn.net	17 KB
1	aufp.io aufp.io	3 KB
1	dtscdn.com t.dtscdn.com	407 B
1	googletagmanager.com www.googletagmanager.com	40 KB
1	zprk.io pixel.zprk.io	3 KB
1	jsdelivr.net cdn.jsdelivr.net	1 KB
1	lockerdome.com lockerdome.com	28 KB
1	udmserve.net udmserve.net
0	bidtheatre.com Failed match.adsby.bidtheatre.com Failed
0	id5-sync.com Failed id5-sync.com Failed
470	98

	Domain	Requested by
53	www.livenewsnow.com	www.livenewsnow.com
26	usr.undertone.com	cdn.undertone.com ads.pubmatic.com
26	cm.g.doubleclick.net	21 redirects eu-u.openx.net
25	eu-u.openx.net	hb.brainlyads.com eu-u.openx.net
20	image8.pubmatic.com	17 redirects ads.pubmatic.com
19	x.bidswitch.net	18 redirects
18	ib.adnxs.com	9 redirects hb.brainlyads.com
17	us-u.openx.net	3 redirects eu-u.openx.net
15	match.prod.bidr.io	15 redirects
15	image2.pubmatic.com	14 redirects ads.pubmatic.com
14	simage2.pubmatic.com	7 redirects cdn.undertone.com ads.pubmatic.com
14	match.adsrvr.org	8 redirects bcp.crwdcntrl.net eu-u.openx.net
13	image4.pubmatic.com	11 redirects ads.pubmatic.com
13	c1.adform.net	12 redirects ads.pubmatic.com
13	onetag-sys.com	hb.brainlyads.com
13	hb.brainlyads.com	powerad.ai www.livenewsnow.com
11	securepubads.g.doubleclick.net	www.googletagservices.com
10	pm.w55c.net	10 redirects
10	sync.mathtag.com	10 redirects
10	ids.ad.gt	1 redirects www.livenewsnow.com
10	u.openx.net	1 redirects hb.brainlyads.com
10	www.googletagservices.com	tag.vlitag.com hb.brainlyads.com
9	grid.bidswitch.net	hb.brainlyads.com
9	hb-api.omnitagjs.com	hb.brainlyads.com
9	ssc.33across.com	hb.brainlyads.com
9	tag.1rx.io	hb.brainlyads.com
8	ups.analytics.yahoo.com	8 redirects
8	sync.crwdcntrl.net	1 redirects bcp.crwdcntrl.net
8	ads.pubmatic.com	www.livenewsnow.com hb.brainlyads.com ads.pubmatic.com
7	ps.eyeota.net	6 redirects bcp.crwdcntrl.net
7	hbopenbid.pubmatic.com	hb.brainlyads.com
7	ic.tynt.com	www.livenewsnow.com
6	pixel.advertising.com	6 redirects
6	eus.rubiconproject.com	cdn.undertone.com eus.rubiconproject.com
6	pixel.quantserve.com	6 redirects
6	report2.hb.brainlyads.com	hb.brainlyads.com
6	cdn1.lockerdomecdn.com	lockerdome.com
5	rtb-csync.smartadserver.com	eu-u.openx.net
5	acdn.adnxs.com	hb.brainlyads.com
5	sync-tm.everesttech.net	5 redirects
5	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
5	images.revcontent.com	www.livenewsnow.com
5	pagead2.googlesyndication.com	www.livenewsnow.com imasdk.googleapis.com srcdoc
5	1420543146.rsc.cdn77.org	ssl.p.jwpcdn.com
5	ssl.p.jwpcdn.com	www.livenewsnow.com
4	bh.contextweb.com	4 redirects
4	pool.admedo.com	4 redirects
4	ssc-cms.33across.com	hb.brainlyads.com
4	bcp.crwdcntrl.net	tags.crwdcntrl.net bcp.crwdcntrl.net
4	secure.adnxs.com	4 redirects
4	ads.yieldmo.com	hb.brainlyads.com
4	pixel.onaudience.com	4 redirects
4	imasdk.googleapis.com	tag.vlitag.com blank imasdk.googleapis.com
4	assets.vlitag.com	tag.vlitag.com www.livenewsnow.com
4	trends.revcontent.com	www.livenewsnow.com trends.revcontent.com cdn.revcontent.com
3	token.rubiconproject.com	cdn.undertone.com eus.rubiconproject.com
3	sync.ipredictive.com	3 redirects
3	cs.admanmedia.com	3 redirects
3	pixel.rubiconproject.com	cdn.undertone.com
3	secure-assets.rubiconproject.com	3 redirects
3	cdn.undertone.com	hb.brainlyads.com
3	pixel-sync.sitescout.com	3 redirects
3	hb.undertone.com	hb.brainlyads.com
3	tags.crwdcntrl.net	e.dtscout.com tags.crwdcntrl.net
3	stats.g.doubleclick.net	lockerdome.com www.google-analytics.com
3	www.gstatic.com	www.livenewsnow.com www.gstatic.com
3	fonts.gstatic.com	fonts.googleapis.com
3	powerad.ai	www.livenewsnow.com powerad.ai
2	sync.1rx.io	2 redirects
2	d5p.de17a.com	2 redirects
2	ads.betweendigital.com	2 redirects
2	rtb.mfadsrvr.com	2 redirects
2	ads.avct.cloud	2 redirects
2	report.hb.brainlyads.com	hb.brainlyads.com
2	cm.adgrx.com	bcp.crwdcntrl.net ads.pubmatic.com
2	d.turn.com	2 redirects
2	sync.tidaltv.com	2 redirects
2	dpm.demdex.net	2 redirects
2	loadm.exelator.com	1 redirects bcp.crwdcntrl.net
2	pixel.tapad.com	2 redirects
2	trc.taboola.com	1 redirects bcp.crwdcntrl.net
2	www.facebook.com	www.livenewsnow.com
2	connect.facebook.net	p.ad.gt connect.facebook.net
2	sync.smartadserver.com	1 redirects www.livenewsnow.com
2	tags.bluekai.com	www.livenewsnow.com bcp.crwdcntrl.net
2	t.dtscout.com	e.dtscout.com
2	cdn.revcontent.com	www.livenewsnow.com
2	reporting.powerad.ai	powerad.ai
2	quantcast.mgr.consensu.org	assets.vlitag.com
2	services.vlitag.com	www.livenewsnow.com services.vlitag.com
2	fonts.googleapis.com	www.livenewsnow.com
1	simage4.pubmatic.com	ads.pubmatic.com
1	rtb.gumgum.com	1 redirects
1	ads.playground.xyz	1 redirects
1	ad.turn.com	1 redirects
1	pubmatic-match.dotomi.com	ads.pubmatic.com
1	um.simpli.fi	ads.pubmatic.com
1	mwzeom.zeotap.com	ads.pubmatic.com
1	spl.zeotap.com	1 redirects
1	match.deepintent.com	ads.pubmatic.com
1	match.taboola.com	ads.pubmatic.com
1	s.tribalfusion.com	ads.pubmatic.com
1	a.tribalfusion.com	1 redirects
1	green.erne.co	1 redirects
1	ad4m.at	ads.pubmatic.com
1	sync.targeting.unrulymedia.com	1 redirects
1	csync.loopme.me	1 redirects
1	dsp.adfarm1.adition.com	1 redirects
1	dis.criteo.com	ads.pubmatic.com
1	image6.pubmatic.com	ads.pubmatic.com
1	odr.mookie1.com	eu-u.openx.net
1	aa.agkn.com	bcp.crwdcntrl.net
1	ml314.com	bcp.crwdcntrl.net
1	ib.mookie1.com	bcp.crwdcntrl.net
1	global.ib-ibi.com	1 redirects
1	idsync.rlcdn.com	bcp.crwdcntrl.net
1	aorta.clickagy.com	1 redirects
1	beacon.krxd.net	bcp.crwdcntrl.net
1	sync.sharethis.com	bcp.crwdcntrl.net
1	dmp.truoptik.com	bcp.crwdcntrl.net
1	a.dtssrv.com	e.dtscout.com
1	vid-io-dub.springserve.com	vpaid.springserve.com
1	www.google.com	www.livenewsnow.com
1	pixels.ad.gt	p.ad.gt
1	s0.2mdn.net	imasdk.googleapis.com
1	g2.gumgum.com	hb.brainlyads.com
1	onetag-geo-grouping.s-onetag.com	get.s-onetag.com
1	tpc.googlesyndication.com	vpaid.springserve.com
1	next-millennium-d.openx.net	vpaid.springserve.com
1	de.tynt.com	cdn.tynt.com
1	p.ad.gt	a.ad.gt
1	aufp.io	a.ad.gt
1	vpaid.springserve.com	powerad.ai
1	t.dtscdn.com	e.dtscout.com
1	onetag-geo.s-onetag.com	get.s-onetag.com
1	vid.springserve.com	powerad.ai
1	cdn.tynt.com	e.dtscout.com
1	pd.sharethis.com	e.dtscout.com
1	get.s-onetag.com	e.dtscout.com
1	img.revcontent.com	www.livenewsnow.com
1	a.ad.gt	www.livenewsnow.com
1	www.googletagmanager.com	powerad.ai
1	pixel.zprk.io	powerad.ai
1	e.dtscout.com	s4.histats.com
1	audit-tcfv2.quantcast.mgr.consensu.org	quantcast.mgr.consensu.org
1	googleads.g.doubleclick.net	pagead2.googlesyndication.com
1	cdn.jsdelivr.net	assets.vlitag.com
1	test.quantcast.mgr.consensu.org	assets.vlitag.com
1	s4.histats.com	s10.histats.com
1	lockerdome.com	cdn2.lockerdomecdn.com
1	s10.histats.com	www.livenewsnow.com
1	cdn2.lockerdomecdn.com	www.livenewsnow.com
1	tag.vlitag.com	services.vlitag.com
1	udmserve.net	www.livenewsnow.com
0	match.adsby.bidtheatre.com Failed	ads.pubmatic.com
0	pr-bh.ybp.yahoo.com Failed	ads.pubmatic.com
0	id5-sync.com Failed	bcp.crwdcntrl.net
470	157

This site contains links to these domains. Also see Links.

Domain
www.watchnews.pro
planetnews.com
www.liveradioplayer.com
www.msnbc.com
twitter.com
www.linkedin.com
www.facebook.com
trends.revcontent.com
www.cnn.com
www.bbc.com
www.cnbc.com

Subject Issuer	Validity	Valid
livenewsnow.com cPanel, Inc. Certification Authority	`2021-08-20` - `2021-11-18`	3 months	crt.sh
upload.video.google.com GTS CA 1O1	`2021-08-23` - `2021-11-15`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-06-13` - `2022-06-12`	a year	crt.sh
*.powerad.ai Go Daddy Secure Certificate Authority - G2	`2021-08-13` - `2022-09-14`	a year	crt.sh
udmserve.net DigiCert TLS RSA SHA256 2020 CA1	`2021-07-21` - `2022-08-21`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2021-08-23` - `2021-11-15`	3 months	crt.sh
*.jwplayer.com GlobalSign Atlas R3 DV TLS CA 2020	`2021-04-20` - `2022-05-22`	a year	crt.sh
cdn2.lockerdomecdn.com Go Daddy Secure Certificate Authority - G2	`2021-03-06` - `2022-04-07`	a year	crt.sh
revcontent.com Amazon	`2021-08-09` - `2022-09-07`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-08-23` - `2021-11-15`	3 months	crt.sh
histats.com R3	`2021-08-02` - `2021-10-31`	3 months	crt.sh
www.cdn77.com R3	`2021-07-15` - `2021-10-13`	3 months	crt.sh
*.lockerdome.com Go Daddy Secure Certificate Authority - G2	`2020-09-27` - `2021-10-29`	a year	crt.sh
quantcast.mgr.consensu.org R3	`2021-07-28` - `2021-10-26`	3 months	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2020	`2021-04-30` - `2022-06-01`	a year	crt.sh
hb.brainlyads.com Go Daddy Secure Certificate Authority - G2	`2020-11-23` - `2021-12-25`	a year	crt.sh
*.dtscout.com GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1	`2020-11-03` - `2021-11-03`	a year	crt.sh
*.zprk.io DigiCert TLS RSA SHA256 2020 CA1	`2020-12-11` - `2021-12-15`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-08-23` - `2021-11-15`	3 months	crt.sh
*.ad.gt Amazon	`2021-06-09` - `2022-07-08`	a year	crt.sh
cdn.revcontent.com R3	`2021-09-13` - `2021-12-12`	3 months	crt.sh
img.revcontent.com R3	`2021-09-12` - `2021-12-11`	3 months	crt.sh
images.revcontent.com R3	`2021-09-11` - `2021-12-10`	3 months	crt.sh
*.pubmatic.com DigiCert SHA2 Secure Server CA	`2021-03-30` - `2022-04-04`	a year	crt.sh
cdn1.lockerdomecdn.com Go Daddy Secure Certificate Authority - G2	`2021-03-06` - `2022-04-07`	a year	crt.sh
*.s-onetag.com Amazon	`2021-02-03` - `2022-03-04`	a year	crt.sh
sharethis.com Amazon	`2020-08-17` - `2021-09-16`	a year	crt.sh
*.tynt.com Sectigo RSA Domain Validation Secure Server CA	`2019-10-01` - `2021-09-30`	2 years	crt.sh
*.springserve.com Amazon	`2021-07-07` - `2022-08-05`	a year	crt.sh
*.crwdcntrl.net Go Daddy Secure Certificate Authority - G2	`2021-04-29` - `2022-05-31`	a year	crt.sh
t.dtscdn.com GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1	`2020-11-03` - `2021-11-15`	a year	crt.sh
odc-pixel-prod-01.oracle.com DigiCert SHA2 Secure Server CA	`2021-04-25` - `2022-04-26`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2021-03-05` - `2022-02-19`	a year	crt.sh
*.1rx.io Sectigo RSA Domain Validation Secure Server CA	`2021-06-01` - `2022-07-02`	a year	crt.sh
*.33across.com Sectigo RSA Domain Validation Secure Server CA	`2020-06-01` - `2021-09-30`	a year	crt.sh
*.yieldmo.com Amazon	`2021-05-25` - `2022-06-23`	a year	crt.sh
*.undertone.com Amazon	`2020-11-03` - `2021-12-02`	a year	crt.sh
omnitagjs.com Sectigo RSA Domain Validation Secure Server CA	`2021-05-24` - `2022-06-23`	a year	crt.sh
onetag-sys.com R3	`2021-07-26` - `2021-10-24`	3 months	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2021-07-08` - `2022-08-08`	a year	crt.sh
grid.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2020-10-15` - `2021-10-23`	a year	crt.sh
aufp.io Amazon	`2020-12-26` - `2022-01-24`	a year	crt.sh
*.smartadserver.com DigiCert ECC Secure Server CA	`2020-01-30` - `2022-02-03`	2 years	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-08-23` - `2021-11-15`	3 months	crt.sh
*.gumgum.com Amazon	`2021-06-05` - `2022-07-04`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
report2.hb.brainlyads.com R3	`2021-09-13` - `2021-12-12`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-06-26` - `2021-09-24`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-08-23` - `2021-11-15`	3 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2021-03-18` - `2022-04-19`	a year	crt.sh
*.taboola.com DigiCert TLS RSA SHA256 2020 CA1	`2020-11-25` - `2021-12-26`	a year	crt.sh
*.truoptik.com Go Daddy Secure Certificate Authority - G2	`2020-10-19` - `2021-11-20`	a year	crt.sh
*.exelator.com DigiCert TLS RSA SHA256 2020 CA1	`2021-06-02` - `2022-06-07`	a year	crt.sh
beacon.krxd.net DigiCert TLS RSA SHA256 2020 CA1	`2021-01-13` - `2022-01-07`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2021-02-25` - `2022-03-28`	a year	crt.sh
ib.mookie1.com DigiCert SHA2 High Assurance Server CA	`2019-10-07` - `2021-11-12`	2 years	crt.sh
*.ml314.com Amazon	`2021-01-17` - `2022-02-14`	a year	crt.sh
*.eyeota.net R3	`2021-08-27` - `2021-11-25`	3 months	crt.sh
public1.adgear.com Sectigo RSA Domain Validation Secure Server CA	`2021-02-24` - `2022-03-26`	a year	crt.sh
*.agkn.com RapidSSL RSA CA 2018	`2020-07-25` - `2022-09-18`	2 years	crt.sh
report.hb.brainlyads.com R3	`2021-08-28` - `2021-11-26`	3 months	crt.sh
cdn.adnxs.com GeoTrust RSA CA 2018	`2021-03-11` - `2022-02-07`	a year	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2020-04-23` - `2022-05-04`	2 years	crt.sh
*.mookie1.com DigiCert TLS RSA SHA256 2020 CA1	`2021-02-22` - `2022-03-25`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2021-04-01` - `2022-04-04`	a year	crt.sh
*.k8s-cluster-p-us-east-1.ramp-ut.io Amazon	`2020-11-18` - `2021-12-18`	a year	crt.sh
track.adform.net DigiCert TLS RSA SHA256 2020 CA1	`2021-09-06` - `2022-10-07`	a year	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-09-09` - `2021-12-07`	3 months	crt.sh
*.deepintent.com Go Daddy Secure Certificate Authority - G2	`2020-04-09` - `2022-06-08`	2 years	crt.sh
*.simpli.fi DigiCert SHA2 Secure Server CA	`2019-09-18` - `2021-12-12`	2 years	crt.sh
*.dotomi.com GlobalSign RSA OV SSL CA 2018	`2021-08-10` - `2022-09-11`	a year	crt.sh

This page contains 72 frames:

Primary Page: https://www.livenewsnow.com/featured/msnbc.html
Frame ID: 8AA852A01570122DF91A35E4D225529B
Requests: 162 HTTP requests in this frame

Frame: https://lockerdome.com/lad/14009239735841894?pubid=ld-5173-9605&pubo=https%3A%2F%2Fwww.livenewsnow.com&rid=&width=640
Frame ID: B8F5009EBF792061BAC80F87F47E4295
Requests: 14 HTTP requests in this frame

Frame: https://hb.brainlyads.com/pbjs_wrapper.v1.0.js
Frame ID: 1B617189ADC70CBDDDD0C3774477948E
Requests: 86 HTTP requests in this frame

Frame: https://hb.brainlyads.com/pbjs_wrapper.v1.1.js
Frame ID: 28C27D9D5202DB7B9F49916CBE80C75E
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210913/r20190131/zrt_lookup.html
Frame ID: 2A0AE9B91726E3BA7D39D4DEC0CD2309
Requests: 1 HTTP requests in this frame

Frame: https://hb.brainlyads.com/json-parts/2421/?ver=1.0&pageId=1164287288&sizes=[]&winbidder=&keyValues=[[%22refresh%22,0],[%22url%22,%22https://www.livenewsnow.com/featured/msnbc.html%22],[%22referrer%22,%22%22],[%22referrerCategory%22,%22Direct%22]]
Frame ID: 8D0371BC90421DE9266AC59B125EDE1A
Requests: 1 HTTP requests in this frame

Frame: https://hb.brainlyads.com/json-parts/2435/?ver=1.0&pageId=1164287288&sizes=[]&winbidder=&keyValues=[[%22refresh%22,0],[%22url%22,%22https://www.livenewsnow.com/featured/msnbc.html%22],[%22referrerCategory%22,%22Direct%22]]
Frame ID: 76E07C76934FFB64EA5FE42B14CD1E2D
Requests: 1 HTTP requests in this frame

Frame: https://hb.brainlyads.com/json-parts/2423/?ver=1.0&pageId=1164287288&sizes=[[160,600],[120,600]]&winbidder=&keyValues=[[%22refresh%22,0],[%22url%22,%22https://www.livenewsnow.com/featured/msnbc.html%22],[%22referrerCategory%22,%22Direct%22]]
Frame ID: FCC01F78AB4ACDDD914AB463EE98F42A
Requests: 1 HTTP requests in this frame

Frame: https://hb.brainlyads.com/json-parts/2435/?ver=1.0&pageId=1164287288&sizes=[[300,250]]&winbidder=&keyValues=[[%22refresh%22,0],[%22url%22,%22https://www.livenewsnow.com/featured/msnbc.html%22],[%22referrerCategory%22,%22Direct%22]]
Frame ID: 6A9932B7756B8986BDC5106065D68D55
Requests: 1 HTTP requests in this frame

Frame: https://hb.brainlyads.com/json-parts/2423/?ver=1.0&pageId=1164287288&sizes=[[160,600],[120,600]]&winbidder=&keyValues=[[%22refresh%22,0],[%22url%22,%22https://www.livenewsnow.com/featured/msnbc.html%22],[%22referrerCategory%22,%22Direct%22]]
Frame ID: 3EA08519E1E81C140CA355E027D8AC8F
Requests: 1 HTTP requests in this frame

Frame: https://hb.brainlyads.com/json-parts/2435/?ver=1.0&pageId=1164287288&sizes=[[300,250]]&winbidder=&keyValues=[[%22refresh%22,0],[%22url%22,%22https://www.livenewsnow.com/featured/msnbc.html%22],[%22referrerCategory%22,%22Direct%22]]
Frame ID: 96DA2B8EFCAC5E7A087F50E5BA1518F4
Requests: 1 HTTP requests in this frame

Frame: https://hb.brainlyads.com/json-parts/2435/?ver=1.0&pageId=1164287288&sizes=[]&winbidder=&keyValues=[[%22refresh%22,0],[%22url%22,%22https://www.livenewsnow.com/featured/msnbc.html%22],[%22referrerCategory%22,%22Direct%22]]
Frame ID: 3C294D60BAEB803DE5A00F1D9962C7D0
Requests: 1 HTTP requests in this frame

Frame: https://t.dtscout.com/idg/?su=4C301631754377FF67FF8E3C8919DF42
Frame ID: 52DA88A6A67513D40F456641958B1477
Requests: 1 HTTP requests in this frame

Frame: https://www.googletagservices.com/tag/js/gpt.js
Frame ID: B137D7B8FC7DAD6157584E8FB4A1A3A0
Requests: 2 HTTP requests in this frame

Frame: https://www.googletagservices.com/tag/js/gpt.js
Frame ID: CD8E328EFCF10A6D339D7E490C0F48D6
Requests: 2 HTTP requests in this frame

Frame: https://www.googletagservices.com/tag/js/gpt.js
Frame ID: ABDD7779B0AF7D06846401C499D329FA
Requests: 2 HTTP requests in this frame

Frame: https://www.googletagservices.com/tag/js/gpt.js
Frame ID: E9359065BF69923141D618496081E81A
Requests: 2 HTTP requests in this frame

Frame: https://www.googletagservices.com/tag/js/gpt.js
Frame ID: A93B9244EECEA6FA07F13454D9785D2C
Requests: 2 HTTP requests in this frame

Frame: https://www.googletagservices.com/tag/js/gpt.js
Frame ID: 565B96F114CC0D96DBA7995882108BFD
Requests: 2 HTTP requests in this frame

Frame: https://www.googletagservices.com/tag/js/gpt.js
Frame ID: B0A0914CF55A98CBD14ACCFAAB500C66
Requests: 2 HTTP requests in this frame

Frame: https://vpaid.springserve.com/production/vpaid_44854a27.js
Frame ID: 5BCE966B6FA47E85316FB5C8B622DA06
Requests: 4 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/vpaid_adapter.js?adtagurl=https://pubads.g.doubleclick.net/gampad/live/ads%3Fsz%3D640x480%26description_url%3Dhttps%253A%252F%252Fwww.livenewsnow.com%252F%26vpos%3Dpreroll%26iu%3D/90814396/livenewsnow_video%26env%3Dvp%26gdfp_req%3D1%26output%3Dvast%26tfcd%3D0%26npa%3D0%26vpmute%3D0%26vpa%3D0%26type%3Djs%26unviewed_position_start%3D1%26channel%3Dvastadp
Frame ID: F85B0B827CFEA91B927AD5CA195E515E
Requests: 4 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.480.1_en.html
Frame ID: 9D3EECAA66E6D927031C44B95FF821D9
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: A5875C84D812A51CFDBA4EB758DAD9BF
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 6D92C762AB4E595A8DA74CEA33532C88
Requests: 1 HTTP requests in this frame

Frame: https://hb.brainlyads.com/json-parts/2501/?ver=1.0&pageId=1164287288&sizes=[]&winbidder=&keyValues=[[%22refresh%22,0],[%22url%22,%22https://www.livenewsnow.com/featured/msnbc.html%22],[%22referrerCategory%22,%22Direct%22]]
Frame ID: 5DA3E64804DE6DE0A4DC75C9362F7501
Requests: 1 HTTP requests in this frame

Frame: https://tags.crwdcntrl.net/lt/shared/2/lt.iframe.html?c=3825
Frame ID: 0D6B06E21D1E4C3B83A4E70AB1E9160E
Requests: 1 HTTP requests in this frame

Frame: https://bcp.crwdcntrl.net/pixels?s=135%2C116%2C108%2C106%2C104%2C100%2C94%2C81%2C80%2C79%2C78%2C61%2C50%2C49%2C42%2C38%2C33%2C26%2C22%2C12%2C8%2C3%2C2&c=3825
Frame ID: 907C1DC07E96CFF6E71644541B293DB9
Requests: 24 HTTP requests in this frame

Frame: https://www.googletagservices.com/tag/js/gpt.js
Frame ID: 382396C5883A46771F3BA0CE2D4DFF6F
Requests: 2 HTTP requests in this frame

Frame: https://hb.brainlyads.com/json-parts/2501/?ver=1.0&pageId=1164287288&sizes=[[1,1],[300,600],[300,250]]&winbidder=&keyValues=[[%22refresh%22,0],[%22url%22,%22https://www.livenewsnow.com/featured/msnbc.html%22],[%22referrerCategory%22,%22Direct%22]]
Frame ID: 81EE41042BE42770D48F4C6D36CC2A04
Requests: 1 HTTP requests in this frame

Frame: https://www.googletagservices.com/tag/js/gpt.js
Frame ID: 2D0399E0158F1A948ADC39479C72B648
Requests: 2 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 09852B68439A5D3B5BEA7D51508E3BE5
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: A8B6270B3103FC4446DE3089FE9AEC34
Requests: 24 HTTP requests in this frame

Frame: https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=bo6haih4Or65TXaKlId8sQ&gdpr_consent=undefined&us_privacy=1---
Frame ID: 6C322E86F957F2F4ACD85B19A580951E
Requests: 1 HTTP requests in this frame

Frame: https://cdn.undertone.com/js/usersync.html?ccpa=1---
Frame ID: A0E1DFCAF3E14510F73B0C05C9BB5D3C
Requests: 8 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: D55DC25E1AFE1B01146E9B2D3D9D7FCE
Requests: 1 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=85ac7b17-5271-4304-bcbc-5dddfff9683c&gdpr=0&us_privacy=1---
Frame ID: 97D286F4CEFEF6FC0727E9FB9DA08032
Requests: 11 HTTP requests in this frame

Frame: https://cdn.undertone.com/js/usersync.html?ccpa=1---
Frame ID: FC070DEFBAE961C4B4F194EF9D48557F
Requests: 8 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 380D0B0C17D61E5C3191E53ECF0CEE1F
Requests: 1 HTTP requests in this frame

Frame: https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=bo6haih4Or65TXaKlId8sQ&gdpr_consent=undefined&us_privacy=1---
Frame ID: 20F6B923C129E133DA2B66234C8B3B99
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 84D173D120D0BF604D714D9B36C0E9EA
Requests: 1 HTTP requests in this frame

Frame: https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=bo6haih4Or65TXaKlId8sQ&gdpr_consent=undefined&us_privacy=1---
Frame ID: DE400BE09E8DB3231B73D16C43276083
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 5E05F0DF94DC62FE63C4F5376EA4CEE9
Requests: 1 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=85ac7b17-5271-4304-bcbc-5dddfff9683c&gdpr=0&us_privacy=1---
Frame ID: 311541DB7C0E2BEE869DBA6AF49EDC3B
Requests: 11 HTTP requests in this frame

Frame: https://cdn.undertone.com/js/usersync.html?ccpa=1---
Frame ID: 7F9228B1EDBCA7C97139327729A430C9
Requests: 8 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: C6C1053A1473457CC7CA620B6DF2C270
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 44D3AD559A5F310034A0C35D0D34B8AF
Requests: 1 HTTP requests in this frame

Frame: https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=bo6haih4Or65TXaKlId8sQ&gdpr_consent=undefined&us_privacy=1---
Frame ID: 4C9F0AC053491C360AD67BE0B0A48DC6
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1631754378333&us_privacy=1---
Frame ID: E696487281EFC779530268703AB7E4A3
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1631754378334&us_privacy=1---
Frame ID: 762B9698035E4643C018F709210330DC
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: E8FD39E9DB1FB23031D4072A3BECF761
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1631754378333&us_privacy=1---
Frame ID: 50C20D41364B4403A80EC504A5F368AB
Requests: 1 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=85ac7b17-5271-4304-bcbc-5dddfff9683c&gdpr=0&us_privacy=1---
Frame ID: 5F8750E7B19E36FE3617860E4750A92F
Requests: 11 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=85ac7b17-5271-4304-bcbc-5dddfff9683c&gdpr=0&us_privacy=1---
Frame ID: C989D12510CBE6C1195461F7F8D0AA78
Requests: 11 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 34251FFD44B609AEBEAD1ADE49039BDC
Requests: 1 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=85ac7b17-5271-4304-bcbc-5dddfff9683c&gdpr=0&us_privacy=1---
Frame ID: 7D16182DE8F436137E630CF263A8A1CC
Requests: 11 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=12776
Frame ID: AC308EB610AAA1A92E93C9B8867A18A9
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=12776
Frame ID: 7EE911CFDE44C05C07E374AC631D1681
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=12776
Frame ID: D9B23A675D20B974F86572F26B7A7511
Requests: 3 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?party=14&cid=9D35A074-4453-48D3-818E-01171824F295
Frame ID: EE35E28293F61BF58FAF74280CD97160
Requests: 1 HTTP requests in this frame

Frame: https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Frame ID: 9CF15667164F6761F5F23747807774E6
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: B69C155C95FB1863FE3B41AD712BF6ED
Requests: 1 HTTP requests in this frame

Frame: https://usr.undertone.com/userPixel/sync?partnerId=53&uid=9D35A074-4453-48D3-818E-01171824F295
Frame ID: AEC9746DA2AC8AC3D7BBABB2ADE1C36A
Requests: 1 HTTP requests in this frame

Frame: https://usr.undertone.com/userPixel/sync?partnerId=53&uid=9D35A074-4453-48D3-818E-01171824F295
Frame ID: 1DF24586F3CB47DDB6632A2F63FD5743
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0
Frame ID: FD63E4CB6335294B82B7D77C8F1F32B4
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-67fe52ad-70a5-4b1f-9367-f2c5060ce4d9-003
Frame ID: 869E45AE34325219DE5FF83F60E7347C
Requests: 1 HTTP requests in this frame

Frame: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Frame ID: BAFCC44200DAD88F33107D9A7F77DF93
Requests: 1 HTTP requests in this frame

Frame: https://ad4m.at/ad/dpe?b=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjkmdGw9MTI5NjAw&piggybackCookie=$UID
Frame ID: 5502349C608F310E39BC14E6182C4D0A
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=j77VLQZQAioC6nbMsdQFXfTC
Frame ID: 58A81F5A5026C8F1ADB039383165F7A7
Requests: 1 HTTP requests in this frame

Frame: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: 87DFD00DDCA6E2E27CF59ECBA7FDCA9C
Requests: 1 HTTP requests in this frame

Frame: https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=02203537-41f2-43e7-9dc1-ea067be77035-tuct83c1e0d&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Frame ID: 6253F1EE96A466AFA099B1B4593F4A31
Requests: 1 HTTP requests in this frame

Frame: https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent=
Frame ID: 05DB78B76DE75237C6821801FBD1F95C
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

MSNBC Live Stream free - MSNBC News Live Streaming Online

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/
wp-embed\.min\.js\?ver=([\d.]+)

Yoast SEO (SEO) Expand

Overall confidence: 100%
Detected patterns

<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

/prebid\.js
adnxs\.com/[^"]*(?:prebid|/pb\.js)

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Quantcast Choice (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

quantcast\.mgr\.consensu\.org

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

470
Requests

99 %
HTTPS

0 %
IPv6

98
Domains

157
Subdomains

109
IPs

13
Countries

6058 kB
Transfer

16103 kB
Size

170
Cookies

15 Outgoing links

These are links going to different origins than the main page.

URL: https://www.watchnews.pro/subscription
Title: Subscribe Pro

Search URL Search Domain Scan URL

URL: https://planetnews.com/live/politics.html
Title: alternative msnbc stream

Search URL Search Domain Scan URL

URL: http://www.liveradioplayer.com/msnbc-radio/
Title: live audio

Search URL Search Domain Scan URL

URL: http://www.msnbc.com/
Title: http://www.msnbc.com

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?text=MSNBC+Live+Stream&url=https%3A%2F%2Fwww.livenewsnow.com%2Ffeatured%2Fmsnbc.html
Title: Tweet

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/cws/share?url=https%3A%2F%2Fwww.livenewsnow.com%2Ffeatured%2Fmsnbc.html
Title: Share

Search URL Search Domain Scan URL

URL: https://www.facebook.com/share.php?u=https%3A%2F%2Fwww.livenewsnow.com%2Ffeatured%2Fmsnbc.html
Title: Share8K

Search URL Search Domain Scan URL

URL: https://trends.revcontent.com/click.php?d=VBPrdulVtsj6hM18eApRU8J1AfroWll9zXNRMoNreQNvykFjqy7whEKg%2FFCKiqhD1XiPhmSLOuLdL%2Blg96t3NhyBzI3ZnBbgjo%2FEZ9S9OOdrxSlU0sg0c0izq2bXeUYRrqyUnyrCUvxN%2BDrzNRjsccRpX4jZtO%2BsipRPukdG8CuNd1durM8AUiSYTWmoGD6AsiX5ARwGCKKLLmZKj9m1eS3KKSRP5%2BauSbhueAiTV0dYaIl6RF0a6cCEAAEaBeEkav%2BXeGwjYCfq78yL6ySjowcTbtjtrr%2B0qKFK9%2Bu1Jlyjb3u0RF8AydOQndH%2F5meB9%2BcVcU6qF693CyhAo8vegOP335isxcLb9b2tvdWSG2aW1hBl0Wvs5el3aKm0oRXNCyp%2FsCTfN7TlpJNEX1T0gW486H0Odg6HkRwVg7oYjtT4Xpzeg%2BTl82mqImlSiUzyWjaag3plyG05OhyK5qDB%2FYWPytH0FBp7l7%2F2tSpeKrURAdFxISdLSvHdy2yu7ypPiS4VoSZlw8Zs%2FLi916Wc28ZcGCYE9iqKg4qDDFN65Txo6f0StHwzoVDj5h2v%2F48DCM3RhNk3L69tAlnMRPgUXsZ8t1BWpw4KBvWZAmA%2BS1yTr9jRtiZW5CH6KuAicOgdUdFfP7kcYlIX2iQqoYqmDVygnqkAzLvGpuXdKZdP93ya5%2BsO6614Nnt2nYHLAQ6xD5kReC5z5bmomJjm6I3JGDaVetJKdGGjJfIdYyTSTcRBci4FNQszEOwItZirY0Ijmf2PR3lpg6gJIfGgOgCL8%2BeP4FGzfOeu2ZF%2Fz6gooepK7%2BChPVgN3Su7zgONk%2FfQSWRKntNlK3W4Tz7lC2vPU2x4KD9p%2B5lkSJeg3w47Ztzk%2FdH7%2FtxtbkSD%2B5utDV8dMRhqgl6zbZbqDYABeozmHbvKO%2Bqobv8WvncdLOeqo9mCue%2Bo48WhwqfCKYRAGAsO7U6xVqjl5axQWDaDyZdzYHqAzcyT9sjnPFEBVMHiykK2GqKZ5eRyQ1eNgm0a83c%2F5t6IhpSbsVkGgO0eE2%2F5fpifDfPP2A8a6gwiTwBs%2BqD3JUsKNNuEddETmw9V4s1ZXpU8RsZu08Wh6q166ZqPJJIRMGyRLMhSVaEHI7CFKj0739nhSMb3iS45CvAB1TWEIb2eHvl35HNacoCzz3nZe9HxdUeX2yLetjrQ5OyUytG6aIbVYCO1YBPcoaFVh9ZhI7hrSfqbcCCLjOhQhIS3T1wWQItPB15tPUbq0yaBtFFzVNM3zNvhqLEowKL51jARvtMrY8Lfxz41s4%2BVzQHgD8C9tcK0zFYyUM06ppptHbJ8C45ebzI4N26jXtSooN44LluBwumo56KvrOuDzio3oShk%2BC6%2BJf4YtkbxcaL6Zq8DLQfDR%2FN9PvHzww6SNEOIba4d3TLc%2FaUn%2Bgh7CnUdUTnGaLmGy8WiDnn8FDi7cJLaz5CtysaQ%2BtyKkVf4vboPUvqCHo3tj0AIjrNxn0u1Iz90LaUlHGvCN09cM8AXxjQ78BvS6yqqbj0AubDJRyrNSeEXD0NwDUFTfPPWsS7N0CyJISrQMQY5YVznre72L8CYF6YOFSUbGsERL2%2BuSWF8deZH9WJFwTaKxxNNYBQudf3VujScbWgJpz0UZn1NSZJtF7j0d7jSW57nMwaFqUDm0%2FiG4JZNba%2FJrBrtdcbU%2FQ%3D%3D&s2s=1&viewed=true
Title: Eine Investition von 250 € kann sich innerhalb eines Monats verdreifachen! Erfah In Bergbau-Aktien investieren

Search URL Search Domain Scan URL

URL: https://trends.revcontent.com/click.php?d=vtihLZyFWLdz5p6RfCkJ33gf3gDgQv5s%2FgSpXyv%2B4bh3KIFDebjggOUv1m%2FV%2FeZvVl2aP3ZKpMtRiz%2BvFF%2BK%2B6%2F9mRVf2u%2B0pKSjI4YE4RApWImehyBzQbcPNVE%2FHyUHi1RFq39qO7dShqPma%2F4VsZPJUN2ttHuPPlMteCrNU6Fmn%2FywlrtyMimYO2lRm0vNjLoP33p08cMDKFH536dnmUiIt4Hmo5VaNKBKxPpIZGVLtiTvYHEL1LY%2BqoXBKsOOVvhaZYLSHq7oUHADVJScikfzsQx79Zzh%2BNXgv4iQ0%2BEnrxDiND1sN9hXc274nHaA5fynZg9QY1i555G5otYICrZoUQkT%2FL5Y82Eub%2FmDY75U3t3VbVHy%2Ffr4BXQNgeYJezgWajGIaEpwVy3MxhOZBRZUoYixYSWzbWhxsCkqZs0T5OnqP2ENdkR84aJqzNokWBkR5%2B7j9aJpNVpnsIp0EbGle5onf0g9AQdJ2eZY1penuQiS3R5513l9CQbsfRi1EJzO7%2FiWsDp5rIlHDL2i0A%2BQ%2Fgg%2B2lF0U626kXuQGQ5DRB%2BrJyi8cPB8RxCLjv4gu3L9f7EfMKaH7s7vxd4Q6nCI%2BJP4C%2BSiD3GJgdQPZCLpOC44tGLkgxTREJla4725bSHGWBSx7nNdMt4danU9segMBAZDJ0hTTDOQGWNE9k7eruzLhO6aafFhuXPLpq%2FKN8%2FZjbxqLoHyZfvFfE1FXmzsBcug%2B6gyH%2FhIyU%2FbT%2FuB4UfPQ7c65FK8pQV4tZo2BMYl1HNBemBA9fHQ94Lq3c6Clk37SuqBAc80E8SHq9q6Zocnqa4RPpI9V28krNoXuamNXGo1V8K2CBv%2B%2F6xGXYouzY%2BCESgu1vFFAgczMdYsO1demaPz%2FFcI4pioYosmNasC483xFbnOWbK1UEIgp3I2QKIEL73XET6remwMClGC3vtTfm1rJ4hHmJkgUydTiE7lr%2FSRqRp2hBzmvv%2F8gyZKY96HNbDhkja%2FsgbE4Sl6pyNdyTX5dW0y%2FYyV9hT2S9zWpFwKlpZ782hrpsNv5glTar56xu3XpuMEyEEhknyjzFOBTDDejdi2Nst%2BR8IGqewEXG6FbiN3bAEEwrzf1TAY7r2TrujTiH27laj1Iq4cBTH%2FJGamMNG6wGFctdi8LKZbDQellQHfEILdWRP2AUhUm864SX8jYcmAOIs8SA8fRAm8XyPv1JgpaBgZV%2FPu17eDgpzHC%2F1KjN2xnYZ4KBnIf0ZXFNbIC2tFArBhiiidwlsphS14jR8zkdKwOZridx64v%2Fh4R3ykmNuHTde3Bm136xVz90ZMeU6Vo6h4ZhA%2BeLtlkCXgA535IHX2V%2BmxX%2Buc9qkseNr51YlltOAKDG6Tjn%2FEI8u%2FlQfsxfHLwMdkXUkjKUNCaqey%2FlImqPhk&s2s=1
Title: Internationaler IQ-Test: Test starten International IQ Test

Search URL Search Domain Scan URL

URL: https://trends.revcontent.com/click.php?d=4x0pdVv%2FC0sj%2B0F7j10RZtLVm8%2BTDRgZWYB5j0KrmZ9FqpHMiH3JOSpcr%2BMsseoQuhNunvok7Q9e1rUgfX5eC3yeRUfAV6zL9TCCi8K999wa6MtABUnD%2F2NakmROYygR1FN4YSqUkpQsLH2NkEtx8f7Y3F1IaZ8cNlTRKjrJQKDwyQT8RqMcpwRuTy1WkqhsaecQN93H%2BTx6aXYOaDhLVDBVepFecSY1A3SbL4XlSrgVJFCggAIDyeSXcr31ghlWyh%2Bnl2haGs8WUDw8cVuIo6fNqnchFgjeQWftybv8WvP0Cmr%2Bii4kQnBmn9cJmow2Uo29X7tbecjG1UQ9N6CuZRyz7JxsdhPiBtQNgoBfhYw%2BUbbnj3uxSKHUPJC9js8KHxeTo5ATMrzrbTIMlIo5oWwSK9GSimLEpNw4i1%2BxV2u2qJB%2BeeQALymD0TPnUFUFepK9c91yDddNNNYYV5IykJDACindQR%2Fiw5i3U5zkW4uwZse17QQjU%2BizNR8qNTOyMgD3KK2tf2w6HlbpFGmy%2Bb%2BiAGkaNnFtnKsLG4OQvqxeFoHjTjofbYI8ZzCCj3EfwJOvd%2Fnab4%2FH6672ky7CxCe6jDljj2i77qTZrh1mbwq3DrjSoISyyouwTwS9AwWAwOcy61Ef3WkphLP9P%2FW3hspzc2fUGDCiBC1dvbpz3RbgTGxWwJadTHlxCt0W1DPXlW8i45b7XEe8y4xBeBCV85pBm61OL0hdMp7%2BjRM5oZ9Zldzx9eBxusEcW70QPH5JhR9RlTmgfUjNHvBemwBqE7pkvXi%2BQsUnqAjAaeC1xbb52lhrqNavi6E006MgD4ZjNUrstnee7hWSq8w7%2FR9y4fpsZ11JhY62W1NYPcEXyfEmX0eGNhOQksFeP%2Be%2FvuLZMUVo6%2F%2FEuECUAm7qqOqkLjFM7j1fGGgzCHBQFR7sam%2FpadrRTaruCQLWihXMAmZ%2FYegFzg%2FwU1r34GZfOO0UR1u3yS45baE7Fim6BgEeqOStPNcb3tyJhnKGhMzgZLwc%2Ba%2Bn8KX5QAU2OG0cOu%2B5GHZOxA579DrZtkl4NmCNAAGCLCXbCQKBdlg6LI5x8DHeUg20Zs9mvzyWkbUWloZzsZZPbJcCdaWGElX4Hvpyok7rOhKhZEPaiIEgZrqA1aWhZumqedGiY2CxtO1tiLrKnYtQR4TPoHpkfLrc3SuunvcUShfiZKBtHkA5YDuZ1jyJpUbisjHTdghGFluMxJ0we%2F2CDXocyYwWwpLe4yJGP2b2p%2FA0H3TSuAFQK4rG8NyRPcDdWFYwz1zVQooZ40kj77fLF%2FRmFb1rRnBWfqSFODRtgE0fXD0D5KkV3lp7PV14h4Y%2FuO3qDG2kcDuE63tPD6m9rBvNhL117P0APuuW8LqoI8AtsT39hLckVQGI56NP5Akxg2j1Jg1DhE5Z%2BeM3gz%2B%2B3qvFLvOPhyTy3La3EwDakBb3tgZrNiHcCcrgmlv2Gg4a1cM%2FevdTkDTVf6ZfSZxiAU2ofB7inw7vJ0zYI0sfC%2Bmv9AuR0Ice4%2BeYY2qT&s2s=1
Title: Mama Bear Grabs Man After He Saves Her Cubs viralsharks

Search URL Search Domain Scan URL

URL: https://trends.revcontent.com/click.php?d=CccvUKsUtenNgmWWUIY3qzIA2%2BqDW0hFVSdDLxctE5wTurT1mcMLoz5oV2m43DfPJntF81a6WlLo8S1fRbja06jBbkaHL%2FtuRT8R0F54hta1ovwVNbXIZX58syUwyWaaZeB%2FIUPesdw415mYcY9k%2FTnK8nfsEHOXu6YB0KkzMVxBylN8qRrN7pfSOa9y2pFIM8TFBlyliq%2Flxw%2FBg1JvE7Eyibc6DcVK%2Bo7wqKCckTi5KZvx6iYzr4V47APK4lgUnfTLrZnOc7tU1Ze96PUQPNZd%2BbzUvNuoL7iA5u1PFBuy%2BSsBZ%2FrSgxM%2BGSoWpvdfhgaLLpibjUrbo7fbE%2B2rYkIUmUXMBQWfzqWk6lwGs9Wwhyg%2FZsywCU2K2TQL6XQQXXuts8t2jdZ4eyB0U4ahCM%2B%2F4QUi%2BNk2F7%2FcEriUV1RNUXvQPrLZG6fUD76BBnrsKR9THqmJ%2BEy8JLYP9R5fEo%2BccICJT9A2IquC%2BONwbY2Qy8gn6eEkaBjg%2BKA%2BpNwIvQU2z4QKzVCytlgfYbJoFUgY8ZF97mKyUIaGwjxtteyexCCTdCQAmvYcKxhcHI%2FGNBKWRaF%2BZloFsWPi5H1rfr0w1YUrNPfgTDC5NJ27PU9enmSnN%2FWxeguCOLqV0DGvkrOBrdSExQuQ9agVoqPVs9ytQJZkmnyceH3L28womSJ%2Fy3vHguoShgEXXFP%2FRh%2FIVXviehNvPZYXMHTdxVdg6jirbQBbDI4A9%2FQ0IMWalyedOFKARyCBcTrTyS1oRrISfT9OcDRinbeGPf9KpFumxmkSZLKTh%2FzmS7p9Ba3FgJMRkyYU5rE24q2N18WEf2j51t1lvMjBgwaQimAFrUa%2FbHhx3sxCzcmog4BsapuFSpo59P2mckXS3cwVjgc6fxcuBu2EVQXixUzVqJcD5sYElRn4DHLctoZuoCkmeQp3LXU1nmI04hrJwrHANrTIiN0Yeev2dXHDZixqWIchFOVr5u3kmlb9jGBb%2F%2BsQze7Ov7KaPnRImApfAKzwb2ylHKo9Fpz3afsrBc%2Fe%2BrL7n1akr17QkAUoA8ddjsyLzqlBmhFdZoDGZ7qXvMybFHbDwtj3xgYfevpD%2BdlPVAl%2Fl964ICSIpqFZZqWCXl%2B7da3TQlVYs3N%2BtrGSlE9KOYUxajf2oRbqCSSEsUWMKRwUwsXc%2F%2FfbjuRks%2BcmtFPoGEqfVjoKq6h7EQnoE6Enxt3mZVKXudosCAJL6kejR4LOmkuFSn1McU%2FBnc2gqzf%2B%2B0gEEzx4qI6%2FHJq9CZKoAPYt1oPfMlEXVlYZCEfzWTBPuRtYrggjBspw5QV%2FMs6CLJxLRpyVb4mDxtYtmz9KDFF7lLrPTj3gRFtL9EGmMy77WyxjXwMRPHYrngIblyQmE%2Fb7C3ctbTSYNccIXibYVm0NXxPJQFxIgYq6auLDWNuf2hmzjCctGFfYYYoyuF51H6%2FPLb6ENMQwlTy1xriFkRQNYPpmwM4va93I7VdnUYI604okEUhBgK8KaduVNY2EfeTsqMc58IUTLXKc52sfyQ9pt4d8qnmsKA8lAVP97X9RR426%2Fw%3D%3D&s2s=1
Title: Remember Her? Try Not to Gasp when You See Her Now viralsharks

Search URL Search Domain Scan URL

URL: https://trends.revcontent.com/click.php?d=B%2F9tY92ZF1hVwzWjQE%2FAy0JyWzJU2PiriQZBQockDE%2BwFyAW%2Bj45O1nDe4Es1LNr%2FrPRpKKS67R%2BW0ZwSHwcixHkHJNt8KxMAYSr33EUroc%2BWNvDBQa%2FW2mWEpveIVMl9b39oi%2BdmULF3u7fPgoxN1ZkleXoy%2FbXY045hdexiVtzQC236l3nOWSXgCWsa12nBrpR%2Fnv8VntZxMuk8lYOVu6M8N64Iu1ru%2Fjs8oo4ziRixyZ1t7EBRMpjME0e3KtmShC7doBU6%2FxoFRetsPHKoTRp7eMnm4isjUyCww9DoY2UZTGMsO3gLHhpaHNVl0jmIIC55iE7PjNgoQszaZG057i5mkFdlT3O70Da8xUlrbeVyvOLVzktKw0SBNKLR6hlVBfbDQE4j79864odMKcOaWy4BWvqC2gwRfL%2Bfb088txEFqEOxvNvKgbxUiqRKtd1SFm%2BDjtlS5mrEistaK1w5rUH9MAZmZKXCZxwD7NnLFEknEeX7g1%2FGo6Yfg3IX52upcurvmTe1yHe7n%2BKc5oTec9ZtrWd073j6DyHiFiV%2BZIBkmYwJWCj5kGgl9Ft4Vtxh9KmMEiM8X3Y%2FoV4kkmKbpqKo1SkyIdDhpLRRHXxJ7dM4nu3F2wYpdS2kfUvQABxOxlL%2Fzd9Y2pmE2VRaO%2BVLVaeN%2ByermBWRYtT9kcjLVwn2GhevDJs4ePQyfvtF4mWCKqdeNCNj8oXIoeIiHs5Hzf1cESmdAUbNtWN2Zq4kEVUfdtNYQ6eSpXaP%2BJ2yQ84fHciTIobqjUcKMQD1YK8c9Xfwj7iwLbSka1E5eahj1kcbYDoT%2Fz92ouu82gIBKsxVxb3nSido7QKA1DAtgehy%2BOcPAwo51wvqTZSapakCLGw9leMZAH0oaz4Io4H8bld4XILwZePYgr8UhEpCCRrzqYTVqX4GUXQhXdjPqI82puAVlQMjcq5cGm1PybtJMO5WBxjqyWtmJFWg5CrMzyKlGjYIUvtuEKikIGqOfsB%2FdCiH1jvwwxOgQ5F4%2F6yYlTUNZt1gfyxHhPvEqiS2Gc8I6c3el3yVbDRzko6Fs98M0imZuToX%2FCH7BrHnLCcRrpcBnNL1vMQdE47g%2B41A%2BCnBSicxu2WXPLTsbJEatRImSEEIDAq5HHY3FzbFF9Qh%2ByUZm%2FWRTOXeDhMW390ytQIkg8CjD0x8CWvlCK2DvxgrAJL1iFFLLcVjDFpHELXYD24N3DBboF6hs%2B5lV2Y%2Basvure1VtsOJe8N5J2mAvnSkE9NIM6fz1WzZBo8l%2BYkW3n6%2BBXhCBkCzGYo%2FgNHIa4E02Y19OYcaZJayg2ZuAjw6H9Iw%2BZ5ICmuhjSeV0I91YReOyp8%2FVRKknmw2URhKi9OYpF2KfAKJ%2B6O%2FIS32FM3nUU%3D&s2s=1
Title: Celeb Couples Who Don't Realize They Aren't Famous Anymore popcornews

Search URL Search Domain Scan URL

URL: http://www.cnn.com/
Title: CNN

Search URL Search Domain Scan URL

URL: http://www.bbc.com/news
Title: BBC News

Search URL Search Domain Scan URL

URL: http://www.cnbc.com/
Title: CNBC

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 156

https://pixel.onaudience.com/?partner=137085098&mapped=4C301631754377FF67FF8E3C8919DF42 HTTP 302
https://pixel.onaudience.com/?partner=109&icm&cver&smartmap=1&redirect=tags.bluekai.com%2Fsite%2F33141%3F%26id%3D%25m HTTP 302
https://tags.bluekai.com/site/33141?&id=2feef95fc8c0d44d

Request Chain 208

https://secure.adnxs.com/getuid?https://ids.ad.gt/api/v1/match?id=70ccee21-fe74-4339-b837-46b1d9a1721f&adnxs_id=$UID HTTP 307
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fmatch%3Fid%3D70ccee21-fe74-4339-b837-46b1d9a1721f%26adnxs_id%3D%24UID HTTP 302
https://ids.ad.gt/api/v1/match?id=70ccee21-fe74-4339-b837-46b1d9a1721f&adnxs_id=692294473516701639

Request Chain 209

https://match.adsrvr.org/track/cmf/generic?ttd_pid=8gkxb6n&ttd_tpi=1&gpdr=0&ttd_puid=70ccee21-fe74-4339-b837-46b1d9a1721f HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=8gkxb6n&ttd_tpi=1&gpdr=0&ttd_puid=70ccee21-fe74-4339-b837-46b1d9a1721f HTTP 302
https://ids.ad.gt/api/v1/t_match?tdid=a15bdabb-c3aa-4c50-8f55-12df19c523a9&id=70ccee21-fe74-4339-b837-46b1d9a1721f

Request Chain 210

https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fpbm_match%3Fpbm%3D%23PM_USER_ID%26id%3D70ccee21-fe74-4339-b837-46b1d9a1721f HTTP 302
https://image2.pubmatic.com/AdServer/UCookieSetPug?ird=1&rd=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fpbm_match%3Fpbm%3D%23PM_USER_ID%26id%3D70ccee21-fe74-4339-b837-46b1d9a1721f HTTP 302
https://ids.ad.gt/api/v1/pbm_match?pbm=9D35A074-4453-48D3-818E-01171824F295&id=70ccee21-fe74-4339-b837-46b1d9a1721f

Request Chain 211

https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_cm&google_sc&google_ula=450542624&id=70ccee21-fe74-4339-b837-46b1d9a1721f HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_cm=&google_sc=&google_ula=450542624&id=70ccee21-fe74-4339-b837-46b1d9a1721f&google_tc= HTTP 302
https://ids.ad.gt/api/v1/g_match?id=70ccee21-fe74-4339-b837-46b1d9a1721f&google_error=3

Request Chain 212

https://ids.ad.gt/api/v1/g_hosted?id=70ccee21-fe74-4339-b837-46b1d9a1721f HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_hm=NzBjY2VlMjEtZmU3NC00MzM5LWI4MzctNDZiMWQ5YTE3MjFm HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_hm=NzBjY2VlMjEtZmU3NC00MzM5LWI4MzctNDZiMWQ5YTE3MjFm&google_tc= HTTP 302
https://ids.ad.gt/api/v1/g_match?google_error=3

Request Chain 213

https://sync.smartadserver.com/getuid?url=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fsmart_match%3Fid%3D70ccee21-fe74-4339-b837-46b1d9a1721f%26sas_uid%3D%5bsas_uid%5d HTTP 302
https://sync.smartadserver.com/getuid?url=https://ids.ad.gt/api/v1/smart_match?id=70ccee21-fe74-4339-b837-46b1d9a1721f&sas_uid=[sas_uid]&cklb=1

Request Chain 214

https://match.prod.bidr.io/cookie-sync/audigent?buyer_user_id=70ccee21-fe74-4339-b837-46b1d9a1721f HTTP 303
https://match.prod.bidr.io/cookie-sync/audigent?buyer_user_id=70ccee21-fe74-4339-b837-46b1d9a1721f&_bee_ppp=1 HTTP 303
https://ids.ad.gt/api/v1/beeswax_match?beeswax_id=AABZDU7ChTEAAB0enEokTg&id=70ccee21-fe74-4339-b837-46b1d9a1721f

Request Chain 215

https://sync.mathtag.com/sync/img?redir=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fmediamath_match%3Fuser_id%3D%5BMM_UUID%5D%26id%3D70ccee21-fe74-4339-b837-46b1d9a1721f HTTP 302
https://ids.ad.gt/api/v1/mediamath_match?user_id=ce896142-988a-4000-9d86-8d6e6bdc91b4&id=70ccee21-fe74-4339-b837-46b1d9a1721f

Request Chain 264

https://u.openx.net/w/1.0/cm?id=998eaf06-9905-4eae-9e26-9fac75960c53&r=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fopenx%3Fopenx_id%3D%7BOPENX_ID%7D%26id%3D0201r1f1hl07jv2yg08xizqr0bwpa1w0evvljv1k7cm961o8b5po0ntek210qskvk40trr7270wqxik90zq3u2c12pa5j31k0gxf118nmsj91nelrdq1elzfjf1hl5r1i1kkc2jl%26auid%3D70ccee21-fe74-4339-b837-46b1d9a1721f HTTP 302
https://ids.ad.gt/api/v1/openx?openx_id=fcb91b9d-445d-03a7-043f-be9a83445e6d&id=0201r1f1hl07jv2yg08xizqr0bwpa1w0evvljv1k7cm961o8b5po0ntek210qskvk40trr7270wqxik90zq3u2c12pa5j31k0gxf118nmsj91nelrdq1elzfjf1hl5r1i1kkc2jl&auid=70ccee21-fe74-4339-b837-46b1d9a1721f

Request Chain 285

https://pixel.tapad.com/idsync/ex/receive?partner_id=LOTAME&partner_device_id=a6518660381342d9cc7ba26db469039e&gdpr=1&partner_url=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D10158%2Ftp%3DTPAD%2Ftpid%3D%24%7BTA_DEVICE_ID%7D HTTP 302
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=LOTAME&partner_device_id=a6518660381342d9cc7ba26db469039e&gdpr=1&partner_url=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D10158%2Ftp%3DTPAD%2Ftpid%3D%24%7BTA_DEVICE_ID%7D HTTP 302
https://sync.crwdcntrl.net/map/c=10158/tp=TPAD/tpid=85760efe-d417-473a-9c21-65c28eaa8ada

Request Chain 287

https://loadm.exelator.com/load/?p=204&g=260&buid=a6518660381342d9cc7ba26db469039e&j=0 HTTP 302
https://loadm.exelator.com/load/?p=204&g=260&buid=a6518660381342d9cc7ba26db469039e&j=0&xl8blockcheck=1

Request Chain 288

https://dpm.demdex.net/ibs:dpid=121998&dpuuid=a6518660381342d9cc7ba26db469039e&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D9828%2Ftp%3DADBE%2Ftpid%3D%24%7BDD_UUID%7D HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=121998&dpuuid=a6518660381342d9cc7ba26db469039e&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D9828%2Ftp%3DADBE%2Ftpid%3D%24%7BDD_UUID%7D HTTP 302
https://sync.crwdcntrl.net/map/c=9828/tp=ADBE/tpid=12801312672269143362195994664252593672

Request Chain 291

https://aorta.clickagy.com/pixel.gif?ch=120&cm=a6518660381342d9cc7ba26db469039e HTTP 302
https://idsync.rlcdn.com/420246.gif?partner_uid=c:939206e7a9a68c0dc2a8b2cdebb0b624

Request Chain 292

https://global.ib-ibi.com/image.sbxx?go=262106&pid=420&xid=a6518660381342d9cc7ba26db469039e HTTP 302
https://ib.mookie1.com/image.sbxx?go=262106&pid=420&xid=a6518660381342d9cc7ba26db469039e

Request Chain 294

https://sync.tidaltv.com/GenericUserSync.ashx?dpid=1695 HTTP 302
https://sync.tidaltv.com/genericusersync.ashx?dpid=1695&s_h=1 HTTP 302
https://bcp.crwdcntrl.net/map/c=6584/tp=VIDO/tpid=35477bd3-6534-4495-8735-5a3a4edf26f1?gdpr=1&gdpr_consent=

Request Chain 295

https://ps.eyeota.net/match?bid=51mdg9u&uid=a6518660381342d9cc7ba26db469039e HTTP 302
https://ps.eyeota.net/match/bounce/?bid=51mdg9u&uid=a6518660381342d9cc7ba26db469039e HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=eye&google_cm&google_sc&google_hm=MnBpZEVOX0FiVlJVR3FYbGNSMW9JZXFIaEVGSDd6ajJJUzJSWHVidktVUHc&gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&dc_rc=1&dc_mr=5&dc_orig=51mdg9u& HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=eye&google_cm=&google_sc=&google_hm=MnBpZEVOX0FiVlJVR3FYbGNSMW9JZXFIaEVGSDd6ajJJUzJSWHVidktVUHc&gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&dc_rc=1&dc_mr=5&dc_orig=51mdg9u&google_tc= HTTP 302
https://ps.eyeota.net/match?gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&dc_rc=1&dc_mr=5&dc_orig=51mdg9u&google_gid=CAESEDPiU-J55iqm_WDNc7VcFdQ&google_cver=1 HTTP 302
https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMjg0NTA1NDYvdC8w/url/https://ps.eyeota.net/match?bid=1mpjpn0&turn_id=$!{TURN_UUID}&newuser=1&dc_rc=2&dc_mr=5&dc_orig=51mdg9u& HTTP 302
https://ps.eyeota.net/match?bid=1mpjpn0&turn_id=7985646615991233108&newuser=1&dc_rc=2&dc_mr=5&dc_orig=51mdg9u& HTTP 302
https://sync.mathtag.com/sync/img?mt_exid=10015&redir=https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fbid%3D7vi0rg0%26uid%3D%5BMM_UUID%5D%26dc_rc%3D3%26dc_mr%3D5%26dc_orig%3D51mdg9u%26 HTTP 302
https://ps.eyeota.net/match?bid=7vi0rg0&uid=ce896142-988a-4000-9d86-8d6e6bdc91b4&dc_rc=3&dc_mr=5&dc_orig=51mdg9u& HTTP 302
https://sync-tm.everesttech.net/upi/pid/lons7jax?redir=https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fuid%3D%24%7BTM_USER_ID%7D%26bid%3D0rijhbu%26dc_rc%3D4%26dc_mr%3D5%26dc_orig%3D51mdg9u%26 HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/lons7jax?redir=https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fuid%3D%24%7BTM_USER_ID%7D%26bid%3D0rijhbu%26dc_rc%3D4%26dc_mr%3D5%26dc_orig%3D51mdg9u%26&_test=YUKYjAAAAd6mgQAR HTTP 302
https://ps.eyeota.net/match?uid=YUKYjAAAAd6mgQAR&bid=0rijhbu&dc_rc=4&dc_mr=5&dc_orig=51mdg9u&&_test=YUKYjAAAAd6mgQAR HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=eyeota&ttd_tpi=1 HTTP 302
https://ps.eyeota.net/match?uid=a15bdabb-c3aa-4c50-8f55-12df19c523a9&bid=1e2n4ou

Request Chain 297

https://sync.mathtag.com/sync/img?sync=auto&mt_exid=10040&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fqmap%3Fc%3D4735%26tp%3DMDMA%26tpid%3D%5BMM_UUID%5D HTTP 302
https://sync.crwdcntrl.net/qmap?c=4735&tp=MDMA&tpid=ce896142-988a-4000-9d86-8d6e6bdc91b4

Request Chain 298

https://pixel-sync.sitescout.com/connectors/lotame/usersync?redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1389%2Ftp%3DSTSC%2Ftpid%3D%24UUID HTTP 302
https://pixel-sync.sitescout.com/connectors/lotame/usersync?cookieQ=1&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1389%2Ftp%3DSTSC%2Ftpid%3D%24UUID HTTP 302
https://sync.crwdcntrl.net/map/c=1389/tp=STSC/tpid=43bcc6b3-411d-4b94-8564-060c209c8e09-6142988c-5553

Request Chain 299

https://sync-tm.everesttech.net/upi/pid/bsTd8NdE?redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1811%2Ftp%3DTBMG%2Ftpid%3D%24%7BTM_USER_ID%7D HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/bsTd8NdE?redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1811%2Ftp%3DTBMG%2Ftpid%3D%24%7BTM_USER_ID%7D&_test=YUKYjAAAAlArAgA6 HTTP 302
https://sync.crwdcntrl.net/map/c=1811/tp=TBMG/tpid=YUKYjAAAAlArAgA6&_test=YUKYjAAAAlArAgA6

Request Chain 300

https://cm.g.doubleclick.net/pixel?google_nid=lotame_dmp&google_hm=${base64_profileid} HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=lotame_dmp&google_hm=${base64_profileid}&google_tc= HTTP 302
https://bcp.crwdcntrl.net/gmap/?tp=GDMP&google_error=3

Request Chain 303

https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMzQ4ODM4MC90LzI/dpuid/a6518660381342d9cc7ba26db469039e/url/https://sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=$!%7BTURN_UUID%7D HTTP 302
https://sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=7625358645801593428

Request Chain 304

https://secure.adnxs.com/getuid?https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc=281%2Frand=430412040%2Ftpid%3D%24UID%2Ftp%3DANXS HTTP 302
https://sync.crwdcntrl.net/map/c=281/rand=430412040/tpid=692294473516701639/tp=ANXS

Request Chain 356

https://x.bidswitch.net/sync?ssp=themediagrid&us_privacy=1--- HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=themediagrid&us_privacy=1--- HTTP 302
https://ads.avct.cloud/getuid?url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dthemediagrid HTTP 307
https://ads.avct.cloud/getuid?bounce=true&url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dthemediagrid HTTP 302
https://x.bidswitch.net/sync?dsp_id=59&user_id=fa463166-37aa-49ec-a41e-c4ae660de116&ssp=themediagrid

Request Chain 357

https://pm.w55c.net/ping_match.gif?ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_ HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_ HTTP 302
https://eu-u.openx.net/w/1.0/sd?id=537072979&val=fU7PwUtk1MqFR35

Request Chain 358

https://x.bidswitch.net/sync?ssp=openx HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=openx HTTP 302
https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=openx&bsw_custom_parameter=52a2cf51-6e38-4e7d-a6a9-1d14e78bdb32 HTTP 302
https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=openx&bsw_custom_parameter=52a2cf51-6e38-4e7d-a6a9-1d14e78bdb32 HTTP 302
https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=8eea97ea-48c1-419d-9e54-1fb4bdc8abb2&user_group=1&ssp=openx&bsw_param=52a2cf51-6e38-4e7d-a6a9-1d14e78bdb32 HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072968&val=52a2cf51-6e38-4e7d-a6a9-1d14e78bdb32

Request Chain 359

https://ib.adnxs.com/getuid?https://eu-u.openx.net/w/1.0/sd?id=537072399&val=$UID HTTP 302
https://eu-u.openx.net/w/1.0/sd?id=537072399&val=692294473516701639

Request Chain 360

https://match.prod.bidr.io/cookie-sync/ox HTTP 303
https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFCWkRVN0NoVEVBQUIwZW5Fb2tUZw&bee_sync_partners=pm%2Cpp%2Csas%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&bee_sync_hop_count=1 HTTP 302
https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pm%2Cpp%2Csas%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&bee_sync_hop_count=1 HTTP 303
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AABZDU7ChTEAAB0enEokTg&r=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpp%252Csas%252Cox%26bee_sync_current_partner%3Dpm%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2 HTTP 302
https://match.prod.bidr.io/cookie-sync?bee_sync_partners=pp%2Csas%2Cox&bee_sync_current_partner=pm&bee_sync_initiator=adx&bee_sync_hop_count=2 HTTP 303
https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AABZDU7ChTEAAB0enEokTg&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dsas%252Cox%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3 HTTP 302
https://match.prod.bidr.io/cookie-sync?bee_sync_partners=sas%2Cox&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=3&ev=AABZDU7ChTEAAB0enEokTg&pid=558502&do=add HTTP 303
https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AABZDU7ChTEAAB0enEokTg&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dox%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D4%26userid%3DSMART_USER_ID

Request Chain 361

https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D HTTP 302
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=ce896142-988a-4000-9d86-8d6e6bdc91b4

Request Chain 362

https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0 HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=glKeWY1bkg-ZW8hS0AaHCYMBzl-ZAchbgleAOG8j

Request Chain 363

https://c1.adform.net/serving/cookie/match?party=22 HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=22 HTTP 302
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=1434594805993852912

Request Chain 366

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEEjR4i6FdHookltyl9UVs38&google_cver=1

Request Chain 367

https://pm.w55c.net/ping_match.gif?ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_ HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_ HTTP 302
https://eu-u.openx.net/w/1.0/sd?id=537072979&val=fU7PwUtk1MqFR35

Request Chain 368

https://x.bidswitch.net/sync?ssp=openx HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=openx HTTP 302
https://rtb.mfadsrvr.com/sync?ssp=bidswitch&bidswitch_ssp_id=openx&bsw_user_id=52a2cf51-6e38-4e7d-a6a9-1d14e78bdb32 HTTP 302
https://rtb.mfadsrvr.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=openx&bsw_user_id=52a2cf51-6e38-4e7d-a6a9-1d14e78bdb32 HTTP 302
https://x.bidswitch.net/sync?dsp_id=250&expires=14&user_id=63a736d0-29bc-43dd-b246-7518be62fa82&ssp=openx HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072968&val=52a2cf51-6e38-4e7d-a6a9-1d14e78bdb32

Request Chain 369

https://ib.adnxs.com/getuid?https://eu-u.openx.net/w/1.0/sd?id=537072399&val=$UID HTTP 302
https://eu-u.openx.net/w/1.0/sd?id=537072399&val=692294473516701639

Request Chain 370

https://match.prod.bidr.io/cookie-sync/ox HTTP 303
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AABZDU7ChTEAAB0enEokTg&r=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpp%252Csas%252Cox%26bee_sync_current_partner%3Dpm%26bee_sync_initiator%3Dox%26bee_sync_hop_count%3D1 HTTP 302
https://match.prod.bidr.io/cookie-sync?bee_sync_partners=pp%2Csas%2Cox&bee_sync_current_partner=pm&bee_sync_initiator=ox&bee_sync_hop_count=1 HTTP 303
https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AABZDU7ChTEAAB0enEokTg&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dsas%252Cox%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dox%26bee_sync_hop_count%3D2 HTTP 302
https://match.prod.bidr.io/cookie-sync?bee_sync_partners=sas%2Cox&bee_sync_current_partner=pp&bee_sync_initiator=ox&bee_sync_hop_count=2&ev=AABZDU7ChTEAAB0enEokTg&pid=558502&do=add HTTP 303
https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AABZDU7ChTEAAB0enEokTg&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dox%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dox%26bee_sync_hop_count%3D3%26userid%3DSMART_USER_ID

Request Chain 371

https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D HTTP 302
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=ce896142-988a-4000-9d86-8d6e6bdc91b4

Request Chain 372

https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0 HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=iAGhe4cIrS2TCPcojlO4ed8ArSqTCPct3Abv4zPp

Request Chain 373

https://c1.adform.net/serving/cookie/match?party=22 HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=22 HTTP 302
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=5127675554101310518

Request Chain 376

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEEjR4i6FdHookltyl9UVs38&google_cver=1

Request Chain 377

https://pm.w55c.net/ping_match.gif?ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_ HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_ HTTP 302
https://eu-u.openx.net/w/1.0/sd?id=537072979&val=fU7PwUtk1MqFR35

Request Chain 378

https://x.bidswitch.net/sync?ssp=openx HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=openx HTTP 302
https://ads.betweendigital.com/match?bidder_id=43092&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dopenx%26expires%3D30%26user_group%3D%24%7BUSER_GROUP%7D HTTP 302
https://ads.betweendigital.com/match?bidder_id=43092&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dopenx%26expires%3D30%26user_group%3D%24%7BUSER_GROUP%7D&crf=1 HTTP 302
https://x.bidswitch.net/sync?dsp_id=429&user_id=33e45775-5fc2-5203-bd7a-fb9edc386313&ssp=openx&expires=30&user_group=1 HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072968&val=52a2cf51-6e38-4e7d-a6a9-1d14e78bdb32

Request Chain 379

https://ib.adnxs.com/getuid?https://eu-u.openx.net/w/1.0/sd?id=537072399&val=$UID HTTP 302
https://eu-u.openx.net/w/1.0/sd?id=537072399&val=692294473516701639

Request Chain 380

https://match.prod.bidr.io/cookie-sync/ox HTTP 303
https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AABZDU7ChTEAAB0enEokTg&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dsas%252Cox%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dox%26bee_sync_hop_count%3D1 HTTP 302
https://match.prod.bidr.io/cookie-sync?bee_sync_partners=sas%2Cox&bee_sync_current_partner=pp&bee_sync_initiator=ox&bee_sync_hop_count=1&ev=AABZDU7ChTEAAB0enEokTg&pid=558502&do=add HTTP 303
https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AABZDU7ChTEAAB0enEokTg&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dox%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dox%26bee_sync_hop_count%3D2%26userid%3DSMART_USER_ID

Request Chain 381

https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D HTTP 302
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=ce896142-988a-4000-9d86-8d6e6bdc91b4

Request Chain 382

https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0 HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=jUwsy4JFIJ2WRXqYiUQ1yY5FKM2WSXrBikWJ7mNR

Request Chain 383

https://c1.adform.net/serving/cookie/match?party=22 HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=22 HTTP 302
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=1974670778981303957

Request Chain 386

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEEjR4i6FdHookltyl9UVs38&google_cver=1

Request Chain 387

https://pm.w55c.net/ping_match.gif?ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_ HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_ HTTP 302
https://eu-u.openx.net/w/1.0/sd?id=537072979&val=fU7PwUtk1MqFR35

Request Chain 388

https://x.bidswitch.net/sync?ssp=openx HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=openx HTTP 302
https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=52a2cf51-6e38-4e7d-a6a9-1d14e78bdb32&ssp=openx&gdpr=&gdpr_consent=

Request Chain 389

https://ib.adnxs.com/getuid?https://eu-u.openx.net/w/1.0/sd?id=537072399&val=$UID HTTP 302
https://eu-u.openx.net/w/1.0/sd?id=537072399&val=692294473516701639

Request Chain 390

https://match.prod.bidr.io/cookie-sync/ox HTTP 303
https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AABZDU7ChTEAAB0enEokTg&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dsas%252Cox%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dox%26bee_sync_hop_count%3D1 HTTP 302
https://match.prod.bidr.io/cookie-sync?bee_sync_partners=sas%2Cox&bee_sync_current_partner=pp&bee_sync_initiator=ox&bee_sync_hop_count=1&ev=AABZDU7ChTEAAB0enEokTg&pid=558502&do=add HTTP 303
https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AABZDU7ChTEAAB0enEokTg&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dox%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dox%26bee_sync_hop_count%3D2%26userid%3DSMART_USER_ID

Request Chain 391

https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D HTTP 302
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=ce896142-988a-4000-9d86-8d6e6bdc91b4

Request Chain 392

https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0 HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=vv3-ebH08i-l9Khy7K7nLrGu_XmlqPtzuPmt85nz

Request Chain 393

https://c1.adform.net/serving/cookie/match?party=22 HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=22 HTTP 302
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=5754003166861353392

Request Chain 396

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEEjR4i6FdHookltyl9UVs38&google_cver=1

Request Chain 397

https://pm.w55c.net/ping_match.gif?ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_ HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_ HTTP 302
https://eu-u.openx.net/w/1.0/sd?id=537072979&val=fU7PwUtk1MqFR35

Request Chain 398

https://x.bidswitch.net/sync?ssp=openx HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=openx HTTP 302
https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=openx&bsw_custom_parameter=52a2cf51-6e38-4e7d-a6a9-1d14e78bdb32 HTTP 302
https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=openx&bsw_custom_parameter=52a2cf51-6e38-4e7d-a6a9-1d14e78bdb32 HTTP 302
https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=8eea97ea-48c1-419d-9e54-1fb4bdc8abb2&user_group=1&ssp=openx&bsw_param=52a2cf51-6e38-4e7d-a6a9-1d14e78bdb32 HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072968&val=52a2cf51-6e38-4e7d-a6a9-1d14e78bdb32

Request Chain 399

https://ib.adnxs.com/getuid?https://eu-u.openx.net/w/1.0/sd?id=537072399&val=$UID HTTP 302
https://eu-u.openx.net/w/1.0/sd?id=537072399&val=692294473516701639

Request Chain 400

https://match.prod.bidr.io/cookie-sync/ox HTTP 303
https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AABZDU7ChTEAAB0enEokTg&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dox%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dox%26bee_sync_hop_count%3D1%26userid%3DSMART_USER_ID

Request Chain 401

https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D HTTP 302
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=ce896142-988a-4000-9d86-8d6e6bdc91b4

Request Chain 402

https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0 HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=ghppKI0TZX6ZEz970B9wedASOyqZT2gugRO5EC24

Request Chain 403

https://c1.adform.net/serving/cookie/match?party=22 HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=22 HTTP 302
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=9143517528726174768

Request Chain 406

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEEjR4i6FdHookltyl9UVs38&google_cver=1

Request Chain 407

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=12776 HTTP 301
https://eus.rubiconproject.com/usync.html?p=12776

Request Chain 408

https://ib.adnxs.com/getuidnb?https://usr.undertone.com/userPixel/sync?partner=appnexus&uid=$UID HTTP 302
https://usr.undertone.com/userPixel/sync?partner=appnexus&uid=692294473516701639

Request Chain 409

https://us-u.openx.net/w/1.0/cm?id=fba3d144-1026-4d31-a758-943b9545e305&r=https://usr.undertone.com/userPixel/sync?partnerId=39&uid= HTTP 302
https://usr.undertone.com/userPixel/sync?partnerId=39&uid=9e9465df-cd7e-0038-3d41-b50d6397b13b

Request Chain 410

https://pixel.advertising.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true HTTP 302
https://pixel.advertising.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true&verify=true HTTP 302
https://ups.analytics.yahoo.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true&apid=UP4e4a9096-168a-11ec-a15f-06be1e67faf8 HTTP 302
https://ups.analytics.yahoo.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true&apid=UP4e4a9096-168a-11ec-a15f-06be1e67faf8&verify=true HTTP 302
https://usr.undertone.com/userPixel/sync?partner=verizon&uid=y-JTczcgBE2uEigM905Qi4TJPU_84MUuvW~A~UP4e4a9096-168a-11ec-a15f-06be1e67faf8

Request Chain 411

https://match.adsrvr.org/track/cmf/generic?ttd_pid=sirnsvg&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://usr.undertone.com/userPixel/sync?partner=ttd&uid=a15bdabb-c3aa-4c50-8f55-12df19c523a9&ttl=1634346381

Request Chain 413

https://cs.admanmedia.com/sync/undertone?url=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3Fpartner%3Dacuityads%26uid%3D%24UID HTTP 302
https://usr.undertone.com/userPixel/sync?partner=acuityads&uid=b98b70f4a2063717c189127beac962f31ae76653

Request Chain 414

https://image8.pubmatic.com/AdServer/ImgSync?p=160318&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160318%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fusr.undertone.com%252FuserPixel%252Fsync%253FpartnerId%253D53%2526uid%253D%2523PMUID HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=OUQzNUEwNzQtNDQ1My00OEQzLTgxOEUtMDExNzE4MjRGMjk1&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent= HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=4e8cc9c6-168a-11ec-98c6-97c9ff4101b8&gdpr=0&gdpr_consent=

Request Chain 415

https://ib.adnxs.com/getuidnb?https://usr.undertone.com/userPixel/sync?partner=appnexus&uid=$UID HTTP 302
https://usr.undertone.com/userPixel/sync?partner=appnexus&uid=692294473516701639

Request Chain 416

https://us-u.openx.net/w/1.0/cm?id=fba3d144-1026-4d31-a758-943b9545e305&r=https://usr.undertone.com/userPixel/sync?partnerId=39&uid= HTTP 302
https://usr.undertone.com/userPixel/sync?partnerId=39&uid=9e9465df-cd7e-0038-3d41-b50d6397b13b

Request Chain 417

https://pixel.advertising.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true HTTP 302
https://pixel.advertising.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true&verify=true HTTP 302
https://ups.analytics.yahoo.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true&apid=UP4e4a9096-168a-11ec-a15f-06be1e67faf8 HTTP 302
https://ups.analytics.yahoo.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true&apid=UP4e4a9096-168a-11ec-a15f-06be1e67faf8&verify=true HTTP 302
https://usr.undertone.com/userPixel/sync?partner=verizon&uid=y-JTczcgBE2uEigM905Qi4TJPU_84MUuvW~A~UP4e4a9096-168a-11ec-a15f-06be1e67faf8

Request Chain 418

https://match.adsrvr.org/track/cmf/generic?ttd_pid=sirnsvg&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://usr.undertone.com/userPixel/sync?partner=ttd&uid=a15bdabb-c3aa-4c50-8f55-12df19c523a9&ttl=1634346381

Request Chain 420

https://cs.admanmedia.com/sync/undertone?url=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3Fpartner%3Dacuityads%26uid%3D%24UID HTTP 302
https://usr.undertone.com/userPixel/sync?partner=acuityads&uid=b98b70f4a2063717c189127beac962f31ae76653

Request Chain 421

https://image8.pubmatic.com/AdServer/ImgSync?p=160318&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160318%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fusr.undertone.com%252FuserPixel%252Fsync%253FpartnerId%253D53%2526uid%253D%2523PMUID HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=OUQzNUEwNzQtNDQ1My00OEQzLTgxOEUtMDExNzE4MjRGMjk1&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent= HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=4e8b69b1-168a-11ec-a77e-9f41112daab4&gdpr=0&gdpr_consent=

Request Chain 422

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=12776 HTTP 301
https://eus.rubiconproject.com/usync.html?p=12776

Request Chain 423

https://ib.adnxs.com/getuidnb?https://usr.undertone.com/userPixel/sync?partner=appnexus&uid=$UID HTTP 302
https://usr.undertone.com/userPixel/sync?partner=appnexus&uid=692294473516701639

Request Chain 424

https://us-u.openx.net/w/1.0/cm?id=fba3d144-1026-4d31-a758-943b9545e305&r=https://usr.undertone.com/userPixel/sync?partnerId=39&uid= HTTP 302
https://usr.undertone.com/userPixel/sync?partnerId=39&uid=9e9465df-cd7e-0038-3d41-b50d6397b13b

Request Chain 425

https://pixel.advertising.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true HTTP 302
https://pixel.advertising.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true&verify=true HTTP 302
https://ups.analytics.yahoo.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true&apid=UP4e4a9096-168a-11ec-a15f-06be1e67faf8 HTTP 302
https://ups.analytics.yahoo.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true&apid=UP4e4a9096-168a-11ec-a15f-06be1e67faf8&verify=true HTTP 302
https://usr.undertone.com/userPixel/sync?partner=verizon&uid=y-JTczcgBE2uEigM905Qi4TJPU_84MUuvW~A~UP4e4a9096-168a-11ec-a15f-06be1e67faf8

Request Chain 426

https://match.adsrvr.org/track/cmf/generic?ttd_pid=sirnsvg&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://usr.undertone.com/userPixel/sync?partner=ttd&uid=a15bdabb-c3aa-4c50-8f55-12df19c523a9&ttl=1634346381

Request Chain 428

https://cs.admanmedia.com/sync/undertone?url=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3Fpartner%3Dacuityads%26uid%3D%24UID HTTP 302
https://usr.undertone.com/userPixel/sync?partner=acuityads&uid=b98b70f4a2063717c189127beac962f31ae76653

Request Chain 429

https://image8.pubmatic.com/AdServer/ImgSync?p=160318&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160318%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fusr.undertone.com%252FuserPixel%252Fsync%253FpartnerId%253D53%2526uid%253D%2523PMUID HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=OUQzNUEwNzQtNDQ1My00OEQzLTgxOEUtMDExNzE4MjRGMjk1&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent= HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=4e8b1bc9-168a-11ec-bac0-0dcf7a401fce&gdpr=0&gdpr_consent=

Request Chain 430

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=12776 HTTP 301
https://eus.rubiconproject.com/usync.html?p=12776

Request Chain 436

https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=3608879414778471959 HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=

Request Chain 438

https://dsp.adfarm1.adition.com/cookie/?ssp=9 HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7008331701509486743 HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
https://image4.pubmatic.com/AdServer/SPug?p=160318&pmc=1&pr=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D53%26uid%3D9D35A074-4453-48D3-818E-01171824F295 HTTP 302
https://usr.undertone.com/userPixel/sync?partnerId=53&uid=9D35A074-4453-48D3-818E-01171824F295

Request Chain 439

https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent= HTTP 303
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AABZDU7ChTEAAB0enEokTg HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
https://image4.pubmatic.com/AdServer/SPug?p=160318&pmc=1&pr=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D53%26uid%3D9D35A074-4453-48D3-818E-01171824F295 HTTP 302
https://usr.undertone.com/userPixel/sync?partnerId=53&uid=9D35A074-4453-48D3-818E-01171824F295

Request Chain 440

https://csync.loopme.me/?redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={device_id}&gdpr=0&gdpr_consent= HTTP 307
https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0

Request Chain 441

https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=549566859 HTTP 302
https://sync.1rx.io/usersync/tradedesk/a15bdabb-c3aa-4c50-8f55-12df19c523a9 HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-67fe52ad-70a5-4b1f-9367-f2c5060ce4d9-003?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%3D%26piggybackCookie%3DRX-67fe52ad-70a5-4b1f-9367-f2c5060ce4d9-003 HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-67fe52ad-70a5-4b1f-9367-f2c5060ce4d9-003

Request Chain 444

https://green.erne.co/pubmatic/cm HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=j77VLQZQAioC6nbMsdQFXfTC

Request Chain 445

https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID} HTTP 302
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}

Request Chain 446

https://trc.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=uid:$UID HTTP 302
https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=02203537-41f2-43e7-9dc1-ea067be77035-tuct83c1e0d&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0

Request Chain 448

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=nTWgdERTSNOBjgEXGCTylQ%3D%3D HTTP 302
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=

Request Chain 449

https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D HTTP 302
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=ce896142-988a-4000-9d86-8d6e6bdc91b4

Request Chain 450

https://pixel.onaudience.com/?partner=214&mapped=9D35A074-4453-48D3-818E-01171824F295 HTTP 302
https://sync.crwdcntrl.net/map/c=8587/tp=CLOD?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D HTTP 302
https://pixel.onaudience.com/?partner=104&icm&cver&mapped=a6518660381342d9cc7ba26db469039e HTTP 302
https://spl.zeotap.com/?zdid=1332&zcluid=ee6fce9cb34d8e31 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=aff93236-2345-417d-5b11-5aa37f31f772&reqId=6a93eec5-689a-4779-73eb-7e1559fe3eb8&zcluid=ee6fce9cb34d8e31&zdid=1332 HTTP 302
https://mwzeom.zeotap.com/mw?google_gid=CAESECUbfQAeJXT72_GmBllD8tM&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=aff93236-2345-417d-5b11-5aa37f31f772&reqId=6a93eec5-689a-4779-73eb-7e1559fe3eb8&zcluid=ee6fce9cb34d8e31&zdid=1332

Request Chain 451

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=OUQzNUEwNzQtNDQ1My00OEQzLTgxOEUtMDExNzE4MjRGMjk1&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent= HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
https://image4.pubmatic.com/AdServer/SPug?p=160318&pmc=1&pr=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D53%26uid%3D9D35A074-4453-48D3-818E-01171824F295 HTTP 302
https://usr.undertone.com/userPixel/sync?partnerId=53&uid=9D35A074-4453-48D3-818E-01171824F295

Request Chain 452

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESECgfC6azDIihfis8DZvNb64&google_cver=1 HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
https://image4.pubmatic.com/AdServer/SPug?p=160318&pmc=1&pr=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D53%26uid%3D9D35A074-4453-48D3-818E-01171824F295 HTTP 302
https://usr.undertone.com/userPixel/sync?partnerId=53&uid=9D35A074-4453-48D3-818E-01171824F295

Request Chain 454

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=5754003166861353392 HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
https://image4.pubmatic.com/AdServer/SPug?p=160318&pmc=1&pr=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D53%26uid%3D9D35A074-4453-48D3-818E-01171824F295 HTTP 302
https://usr.undertone.com/userPixel/sync?partnerId=53&uid=9D35A074-4453-48D3-818E-01171824F295

Request Chain 455

https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:ce896142-988a-4000-9d86-8d6e6bdc91b4&gdpr=0&gdpr_consent= HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
https://image4.pubmatic.com/AdServer/SPug?p=160318&pmc=1&pr=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D53%26uid%3D9D35A074-4453-48D3-818E-01171824F295 HTTP 302
https://usr.undertone.com/userPixel/sync?partnerId=53&uid=9D35A074-4453-48D3-818E-01171824F295

Request Chain 456

https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=a15bdabb-c3aa-4c50-8f55-12df19c523a9 HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
https://image4.pubmatic.com/AdServer/SPug?p=160318&pmc=1&pr=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D53%26uid%3D9D35A074-4453-48D3-818E-01171824F295 HTTP 302
https://usr.undertone.com/userPixel/sync?partnerId=53&uid=9D35A074-4453-48D3-818E-01171824F295

Request Chain 457

https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=692294473516701639&gdpr=0&gdpr_consent= HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
https://image4.pubmatic.com/AdServer/SPug?p=160318&pmc=1&pr=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D53%26uid%3D9D35A074-4453-48D3-818E-01171824F295 HTTP 302
https://usr.undertone.com/userPixel/sync?partnerId=53&uid=9D35A074-4453-48D3-818E-01171824F295

Request Chain 458

https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=9D35A074-4453-48D3-818E-01171824F295&redir=true&gdpr=0&gdpr_consent= HTTP 302
https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=9D35A074-4453-48D3-818E-01171824F295&redir=true&gdpr=0&gdpr_consent=&verify=true HTTP 302
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-odq.nZtE2uUN5Ewru_jVNt_AF9R80_I-~A&gdpr=0&gdpr_consent=

Request Chain 460

https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=YdGylG7YvsJ62OTHZdmrlmLYtpJ61OSeZtin0WxC HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
https://image4.pubmatic.com/AdServer/SPug?p=160318&pmc=1&pr=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D53%26uid%3D9D35A074-4453-48D3-818E-01171824F295 HTTP 302
https://usr.undertone.com/userPixel/sync?partnerId=53&uid=9D35A074-4453-48D3-818E-01171824F295

Request Chain 461

https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
https://c1.adform.net/serving/cookie/match/?party=24&bidswitch_ssp_id=pubmatic HTTP 302
https://x.bidswitch.net/sync?dsp_id=70&user_id=5754003166861353392&ssp=pubmatic HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=52a2cf51-6e38-4e7d-a6a9-1d14e78bdb32&gdpr=&gdpr_consent=&gdpr_pd= HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=

Request Chain 462

https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YUKYjAAAAd6mgQAR&gdpr=0&gdpr_consent= HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
https://image4.pubmatic.com/AdServer/SPug?p=160318&pmc=1&pr=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D53%26uid%3D9D35A074-4453-48D3-818E-01171824F295 HTTP 302
https://usr.undertone.com/userPixel/sync?partnerId=53&uid=9D35A074-4453-48D3-818E-01171824F295

Request Chain 464

https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7625358645801593428&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=

Request Chain 465

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=43bcc6b3-411d-4b94-8564-060c209c8e09-6142988c-5553&gdpr=0&gdpr_consent= HTTP 302
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
https://image4.pubmatic.com/AdServer/SPug?p=160318&pmc=1&pr=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D53%26uid%3D9D35A074-4453-48D3-818E-01171824F295 HTTP 302
https://usr.undertone.com/userPixel/sync?partnerId=53&uid=9D35A074-4453-48D3-818E-01171824F295

Request Chain 467

https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=692294473516701639

Request Chain 468

https://rtb.gumgum.com/getuid/d1ba4609?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw%26piggybackCookie%3D HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw&piggybackCookie=e_0d967b28-ec45-4d3d-8409-9be49340b1d4

470 HTTP transactions
7 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request msnbc.html Show response
www.livenewsnow.com/featured/ 208 KB
30 KB 443ms
208ms Document
text/html 142.44.129.23
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://www.livenewsnow.com/featured/msnbc.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.44.129.23 , Canada, ASN16276 (OVH, FR),

Reverse DNS

ip23.ip-142-44-129.net

Software

LiteSpeed /

Resource Hash

fb288e712d084ea73fb2a10f2f23e14578851b001d7fac08fb9463411107cf12

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

:method: GET
:authority: www.livenewsnow.com
:scheme: https
:path: /featured/msnbc.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

cache-control: no-cache
wpo-cache-status: cached
last-modified: Thu, 16 Sep 2021 00:56:22 GMT
content-type: text/html; charset=UTF-8
content-encoding: gzip
vary: Accept-Encoding
date: Thu, 16 Sep 2021 01:06:16 GMT
server: LiteSpeed
x-frame-options: SAMEORIGIN
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"

GET
H2 200 blocks.style.build.css
www.livenewsnow.com/wp-content/plugins/social-warfare/assets/js/post-editor/dist/ 2 KB
720 B 104ms
101ms Stylesheet
text/css 142.44.129.23
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://www.livenewsnow.com/wp-content/plugins/social-warfare/assets/js/post-editor/dist/blocks.style.build.css?ver=5.8.1

Requested by

Host: www.livenewsnow.com
URL: https://www.livenewsnow.com/featured/msnbc.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.44.129.23 , Canada, ASN16276 (OVH, FR),

Reverse DNS

ip23.ip-142-44-129.net

Software

LiteSpeed /

Resource Hash

4834aa58000857ce42bdc4ae2322104fbbb5c0e96a7dbd4deab73900ae9d23a7

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

:path: /wp-content/plugins/social-warfare/assets/js/post-editor/dist/blocks.style.build.css?ver=5.8.1
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.livenewsnow.com
referer: https://www.livenewsnow.com/featured/msnbc.html
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.livenewsnow.com/featured/msnbc.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 01:06:16 GMT
content-encoding: br
vary: Accept-Encoding
last-modified: Wed, 21 Jul 2021 02:54:08 GMT
server: LiteSpeed
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 608
expires: Thu, 23 Sep 2021 01:06:16 GMT

GET
H2 200 theme.css
www.livenewsnow.com/wp-content/plugins/memberpress/css/ui/ 5 KB
1 KB 104ms
101ms Stylesheet
text/css 142.44.129.23
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://www.livenewsnow.com/wp-content/plugins/memberpress/css/ui/theme.css?ver=1.9.12

Requested by

Host: www.livenewsnow.com
URL: https://www.livenewsnow.com/featured/msnbc.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.44.129.23 , Canada, ASN16276 (OVH, FR),

Reverse DNS

ip23.ip-142-44-129.net

Software

LiteSpeed /

Resource Hash

9f4b16c3b48636de2f8409644e7f5c2a739c63365578ce35f08646f3f44af49f

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

:path: /wp-content/plugins/memberpress/css/ui/theme.css?ver=1.9.12
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.livenewsnow.com
referer: https://www.livenewsnow.com/featured/msnbc.html
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.livenewsnow.com/featured/msnbc.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 01:06:16 GMT
content-encoding: br
vary: Accept-Encoding
last-modified: Thu, 15 Apr 2021 17:44:03 GMT
server: LiteSpeed
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 1215
expires: Thu, 23 Sep 2021 01:06:16 GMT

GET
H2 200 style.min.css
www.livenewsnow.com/wp-includes/css/dist/block-library/ 79 KB
10 KB 104ms
101ms Stylesheet
text/css 142.44.129.23
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://www.livenewsnow.com/wp-includes/css/dist/block-library/style.min.css?ver=5.8.1

Requested by

Host: www.livenewsnow.com
URL: https://www.livenewsnow.com/featured/msnbc.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.44.129.23 , Canada, ASN16276 (OVH, FR),

Reverse DNS

ip23.ip-142-44-129.net

Software

LiteSpeed /

Resource Hash

9110fc122dda3067c424d9b8ff7747e2030b0bd9298f69a3683d399ad3373a6a

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

:path: /wp-includes/css/dist/block-library/style.min.css?ver=5.8.1
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.livenewsnow.com
referer: https://www.livenewsnow.com/featured/msnbc.html
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.livenewsnow.com/featured/msnbc.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 01:06:16 GMT
content-encoding: br
vary: Accept-Encoding
last-modified: Wed, 21 Jul 2021 02:54:11 GMT
server: LiteSpeed
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 9960
expires: Thu, 23 Sep 2021 01:06:16 GMT

GET
H2 200 blocks.style.build.css
www.livenewsnow.com/wp-content/plugins/quick-adsense-reloaded/includes/gutenberg/dist/ 184 B
239 B 105ms
102ms Stylesheet
text/css 142.44.129.23
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://www.livenewsnow.com/wp-content/plugins/quick-adsense-reloaded/includes/gutenberg/dist/blocks.style.build.css?ver=2.0.30

Requested by

Host: www.livenewsnow.com
URL: https://www.livenewsnow.com/featured/msnbc.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.44.129.23 , Canada, ASN16276 (OVH, FR),

Reverse DNS

ip23.ip-142-44-129.net

Software

LiteSpeed /

Resource Hash

36ed85dd058e4c2843e06146946e0ff1f9ace65760c22af5eb4f1b22319dddb5

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

:path: /wp-content/plugins/quick-adsense-reloaded/includes/gutenberg/dist/blocks.style.build.css?ver=2.0.30
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.livenewsnow.com
referer: https://www.livenewsnow.com/featured/msnbc.html
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.livenewsnow.com/featured/msnbc.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 01:06:16 GMT
last-modified: Wed, 25 Aug 2021 02:55:10 GMT
server: LiteSpeed
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 184
expires: Thu, 23 Sep 2021 01:06:16 GMT

GET
H2 200 smart-app-banner.css
www.livenewsnow.com/wp-content/plugins/add-smart-app-banner/ 6 KB
1 KB 105ms
102ms Stylesheet
text/css 142.44.129.23
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://www.livenewsnow.com/wp-content/plugins/add-smart-app-banner/smart-app-banner.css?ver=5.8.1

Requested by

Host: www.livenewsnow.com
URL: https://www.livenewsnow.com/featured/msnbc.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.44.129.23 , Canada, ASN16276 (OVH, FR),

Reverse DNS

ip23.ip-142-44-129.net

Software

LiteSpeed /

Resource Hash

d9ef53a13f05dbf0cdb2503825a538e034c9e19af2c340ad205199d237462db6

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

:path: /wp-content/plugins/add-smart-app-banner/smart-app-banner.css?ver=5.8.1
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.livenewsnow.com
referer: https://www.livenewsnow.com/featured/msnbc.html
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.livenewsnow.com/featured/msnbc.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 01:06:16 GMT
content-encoding: br
vary: Accept-Encoding
last-modified: Wed, 28 Oct 2020 23:38:58 GMT
server: LiteSpeed
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 1117
expires: Thu, 23 Sep 2021 01:06:16 GMT

GET
H2 200 rounded-thumbs.min.css
www.livenewsnow.com/wp-content/plugins/contextual-related-posts/css/ 1 KB
396 B 106ms
103ms Stylesheet
text/css 142.44.129.23
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://www.livenewsnow.com/wp-content/plugins/contextual-related-posts/css/rounded-thumbs.min.css?ver=1.0.1

Requested by

Host: www.livenewsnow.com
URL: https://www.livenewsnow.com/featured/msnbc.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.44.129.23 , Canada, ASN16276 (OVH, FR),

Reverse DNS

ip23.ip-142-44-129.net

Software

LiteSpeed /

Resource Hash

0ca7188912ef3473bb7943356daf3909fb28acf076110495dd4eff399334fe70

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

:path: /wp-content/plugins/contextual-related-posts/css/rounded-thumbs.min.css?ver=1.0.1
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.livenewsnow.com
referer: https://www.livenewsnow.com/featured/msnbc.html
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.livenewsnow.com/featured/msnbc.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 01:06:16 GMT
content-encoding: br
vary: Accept-Encoding
last-modified: Tue, 02 Mar 2021 14:54:18 GMT
server: LiteSpeed
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 339
expires: Thu, 23 Sep 2021 01:06:16 GMT

GET
H2 200 light_style.css
www.livenewsnow.com/wp-content/plugins/jquery-collapse-o-matic/ 1 KB
386 B 106ms
103ms Stylesheet
text/css 142.44.129.23
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://www.livenewsnow.com/wp-content/plugins/jquery-collapse-o-matic/light_style.css?ver=1.6

Requested by

Host: www.livenewsnow.com
URL: https://www.livenewsnow.com/featured/msnbc.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.44.129.23 , Canada, ASN16276 (OVH, FR),

Reverse DNS

ip23.ip-142-44-129.net

Software

LiteSpeed /

Resource Hash

8feeab8c1bf06b50257479af3e684756ee3e96f09c2f053ddd593c22a71e2de4

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

:path: /wp-content/plugins/jquery-collapse-o-matic/light_style.css?ver=1.6
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.livenewsnow.com
referer: https://www.livenewsnow.com/featured/msnbc.html
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.livenewsnow.com/featured/msnbc.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 01:06:16 GMT
content-encoding: br
vary: Accept-Encoding
last-modified: Wed, 28 Oct 2020 23:38:58 GMT
server: LiteSpeed
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 352
expires: Thu, 23 Sep 2021 01:06:16 GMT

GET
H2 200 style.css
www.livenewsnow.com/wp-content/plugins/so-widgets-bundle/widgets/cta/css/ 682 B
273 B 106ms
103ms Stylesheet
text/css 142.44.129.23
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://www.livenewsnow.com/wp-content/plugins/so-widgets-bundle/widgets/cta/css/style.css?ver=1.23.1

Requested by

Host: www.livenewsnow.com
URL: https://www.livenewsnow.com/featured/msnbc.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.44.129.23 , Canada, ASN16276 (OVH, FR),

Reverse DNS

ip23.ip-142-44-129.net

Software

LiteSpeed /

Resource Hash

34bf6a3042fa964fe680e78077db7119d49577b3a949af21b29170e632b5034a

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

:path: /wp-content/plugins/so-widgets-bundle/widgets/cta/css/style.css?ver=1.23.1
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.livenewsnow.com
referer: https://www.livenewsnow.com/featured/msnbc.html
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.livenewsnow.com/featured/msnbc.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 01:06:16 GMT
content-encoding: br
vary: Accept-Encoding
last-modified: Mon, 16 Aug 2021 14:55:17 GMT
server: LiteSpeed
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 217
expires: Thu, 23 Sep 2021 01:06:16 GMT

GET
H2 200 sow-cta-default-4208922e6c26.css
www.livenewsnow.com/wp-content/uploads/siteorigin-widgets/ 318 B
179 B 106ms
104ms Stylesheet
text/css 142.44.129.23
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://www.livenewsnow.com/wp-content/uploads/siteorigin-widgets/sow-cta-default-4208922e6c26.css?ver=5.8.1

Requested by

Host: www.livenewsnow.com
URL: https://www.livenewsnow.com/featured/msnbc.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.44.129.23 , Canada, ASN16276 (OVH, FR),

Reverse DNS

ip23.ip-142-44-129.net

Software

LiteSpeed /

Resource Hash

ee2332f35be0259aea3439f949cc562f4fb4eb96d898bcc241e1fd47be64c0b1

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

:path: /wp-content/uploads/siteorigin-widgets/sow-cta-default-4208922e6c26.css?ver=5.8.1
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.livenewsnow.com
referer: https://www.livenewsnow.com/featured/msnbc.html
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.livenewsnow.com/featured/msnbc.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 01:06:16 GMT
content-encoding: br
vary: Accept-Encoding
last-modified: Thu, 09 Sep 2021 14:54:07 GMT
server: LiteSpeed
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 123
expires: Thu, 23 Sep 2021 01:06:16 GMT

GET
H2 200 style.min.css
www.livenewsnow.com/wp-content/plugins/social-warfare/assets/css/ 87 KB
10 KB 107ms
104ms Stylesheet
text/css 142.44.129.23
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://www.livenewsnow.com/wp-content/plugins/social-warfare/assets/css/style.min.css?ver=4.3.0

Requested by

Host: www.livenewsnow.com
URL: https://www.livenewsnow.com/featured/msnbc.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.44.129.23 , Canada, ASN16276 (OVH, FR),

Reverse DNS

ip23.ip-142-44-129.net

Software

LiteSpeed /

Resource Hash

f975207e21041e251c165009f22311cc20b0acf1477d309fd62538beb50e0eb6

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

:path: /wp-content/plugins/social-warfare/assets/css/style.min.css?ver=4.3.0
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.livenewsnow.com
referer: https://www.livenewsnow.com/featured/msnbc.html
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.livenewsnow.com/featured/msnbc.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 01:06:16 GMT
content-encoding: br
vary: Accept-Encoding
last-modified: Wed, 21 Jul 2021 02:54:08 GMT
server: LiteSpeed
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 9983
expires: Thu, 23 Sep 2021 01:06:16 GMT

GET
H2 200 css
fonts.googleapis.com/ 11 KB
1 KB 69ms
26ms Stylesheet
text/css 142.250.186.170
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C600%2C700%7CRoboto+Condensed%3A400%2C500%2C700&display=swap&ver=5.1

Requested by

Host: www.livenewsnow.com
URL: https://www.livenewsnow.com/featured/msnbc.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.170 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f10.1e100.net

Software

ESF /

Resource Hash

7d8db964f309292a9e6eeba044c91fb1a0ea5b93ab0e8933deec11f89f956bd8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.livenewsnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 16 Sep 2021 00:19:29 GMT
server: ESF
date: Thu, 16 Sep 2021 01:06:16 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 16 Sep 2021 01:06:16 GMT

GET
H2 200 pum-site-styles.css
www.livenewsnow.com/wp-content/uploads/pum/ 21 KB
3 KB 188ms
186ms Stylesheet
text/css 142.44.129.23
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://www.livenewsnow.com/wp-content/uploads/pum/pum-site-styles.css?generated=1625669646&ver=1.16.2

Requested by

Host: www.livenewsnow.com
URL: https://www.livenewsnow.com/featured/msnbc.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.44.129.23 , Canada, ASN16276 (OVH, FR),

Reverse DNS

ip23.ip-142-44-129.net

Software

LiteSpeed /

Resource Hash

3ce731ea1723069dfdee5052b5aafbff6cc037cad0d7900ba41c8d9769aeb5d2

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

:path: /wp-content/uploads/pum/pum-site-styles.css?generated=1625669646&ver=1.16.2
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.livenewsnow.com
referer: https://www.livenewsnow.com/featured/msnbc.html
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.livenewsnow.com/featured/msnbc.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 01:06:16 GMT
content-encoding: br
vary: Accept-Encoding
last-modified: Wed, 07 Jul 2021 14:54:06 GMT
server: LiteSpeed
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 3219
expires: Thu, 23 Sep 2021 01:06:16 GMT

GET
H2 200 style.css
www.livenewsnow.com/wp-content/themes/Newsmag/ 149 KB
23 KB 189ms
186ms Stylesheet
text/css 142.44.129.23
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://www.livenewsnow.com/wp-content/themes/Newsmag/style.css?ver=5.1

Requested by

Host: www.livenewsnow.com
URL: https://www.livenewsnow.com/featured/msnbc.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.44.129.23 , Canada, ASN16276 (OVH, FR),

Reverse DNS

ip23.ip-142-44-129.net

Software

LiteSpeed /

Resource Hash

d8e793cbb81be2740a8c0e452e1fa51a9c025d6bc0a34b67170a49432b4fb60a

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

:path: /wp-content/themes/Newsmag/style.css?ver=5.1
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.livenewsnow.com
referer: https://www.livenewsnow.com/featured/msnbc.html
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.livenewsnow.com/featured/msnbc.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 01:06:16 GMT
content-encoding: br
vary: Accept-Encoding
last-modified: Wed, 18 Aug 2021 01:49:58 GMT
server: LiteSpeed
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 23368
expires: Thu, 23 Sep 2021 01:06:16 GMT

GET
H2 200 td_legacy_main.css
www.livenewsnow.com/wp-content/plugins/td-composer/legacy/Newsmag/assets/css/ 582 KB
61 KB 194ms
192ms Stylesheet
text/css 142.44.129.23
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://www.livenewsnow.com/wp-content/plugins/td-composer/legacy/Newsmag/assets/css/td_legacy_main.css?ver=5.1

Requested by

Host: www.livenewsnow.com
URL: https://www.livenewsnow.com/featured/msnbc.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.44.129.23 , Canada, ASN16276 (OVH, FR),

Reverse DNS

ip23.ip-142-44-129.net

Software

LiteSpeed /

Resource Hash

8834a2529034cb5ae496c07131f0f8f62e8715bed9f6eb9a6722cb90c195aec6

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

:path: /wp-content/plugins/td-composer/legacy/Newsmag/assets/css/td_legacy_main.css?ver=5.1
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.livenewsnow.com
referer: https://www.livenewsnow.com/featured/msnbc.html
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.livenewsnow.com/featured/msnbc.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 01:06:16 GMT
content-encoding: br
vary: Accept-Encoding
last-modified: Wed, 18 Aug 2021 01:50:12 GMT
server: LiteSpeed
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 62800
expires: Thu, 23 Sep 2021 01:06:16 GMT

GET
H2 200 smart-app-banner.js Show response
www.livenewsnow.com/wp-content/plugins/add-smart-app-banner/ 16 KB
6 KB 281ms
279ms Script
application/javascript 142.44.129.23
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://www.livenewsnow.com/wp-content/plugins/add-smart-app-banner/smart-app-banner.js?ver=5.8.1

Requested by

Host: www.livenewsnow.com
URL: https://www.livenewsnow.com/featured/msnbc.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.44.129.23 , Canada, ASN16276 (OVH, FR),

Reverse DNS

ip23.ip-142-44-129.net

Software

LiteSpeed /

Resource Hash

bf6a3b7717e31c6394292373dda60837a7fb5b6879714120d4c4c6ff30d1314c

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

:path: /wp-content/plugins/add-smart-app-banner/smart-app-banner.js?ver=5.8.1
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.livenewsnow.com
referer: https://www.livenewsnow.com/featured/msnbc.html
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.livenewsnow.com/featured/msnbc.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 01:06:16 GMT
content-encoding: br
vary: Accept-Encoding
last-modified: Wed, 28 Oct 2020 23:38:58 GMT
server: LiteSpeed
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 6174
expires: Thu, 23 Sep 2021 01:06:16 GMT

GET
H2 200 jquery.min.js Show response
www.livenewsnow.com/wp-includes/js/jquery/ 87 KB
30 KB 281ms
279ms Script
application/javascript 142.44.129.23
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://www.livenewsnow.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0

Requested by

Host: www.livenewsnow.com
URL: https://www.livenewsnow.com/featured/msnbc.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.44.129.23 , Canada, ASN16276 (OVH, FR),

Reverse DNS

ip23.ip-142-44-129.net

Software

LiteSpeed /

Resource Hash

bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

:path: /wp-includes/js/jquery/jquery.min.js?ver=3.6.0
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.livenewsnow.com
referer: https://www.livenewsnow.com/featured/msnbc.html
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.livenewsnow.com/featured/msnbc.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 01:06:16 GMT
content-encoding: br
vary: Accept-Encoding
last-modified: Wed, 21 Jul 2021 02:54:11 GMT
server: LiteSpeed
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 30273
expires: Thu, 23 Sep 2021 01:06:16 GMT

GET
H2 200 jquery-migrate.min.js Show response
www.livenewsnow.com/wp-includes/js/jquery/ 11 KB
4 KB 285ms
284ms Script
application/javascript 142.44.129.23
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://www.livenewsnow.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2

Requested by

Host: www.livenewsnow.com
URL: https://www.livenewsnow.com/featured/msnbc.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.44.129.23 , Canada, ASN16276 (OVH, FR),

Reverse DNS

ip23.ip-142-44-129.net

Software

LiteSpeed /

Resource Hash

029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

:path: /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.livenewsnow.com
referer: https://www.livenewsnow.com/featured/msnbc.html
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.livenewsnow.com/featured/msnbc.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 01:06:16 GMT
content-encoding: br
vary: Accept-Encoding
last-modified: Wed, 09 Dec 2020 02:54:02 GMT
server: LiteSpeed
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 3995
expires: Thu, 23 Sep 2021 01:06:16 GMT

GET
H2 200 cta.min.js Show response
www.livenewsnow.com/wp-content/plugins/so-widgets-bundle/widgets/cta/js/ 307 B
200 B 286ms
284ms Script
application/javascript 142.44.129.23
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://www.livenewsnow.com/wp-content/plugins/so-widgets-bundle/widgets/cta/js/cta.min.js?ver=1.23.1

Requested by

Host: www.livenewsnow.com
URL: https://www.livenewsnow.com/featured/msnbc.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.44.129.23 , Canada, ASN16276 (OVH, FR),

Reverse DNS

ip23.ip-142-44-129.net

Software

LiteSpeed /

Resource Hash

4267f35dc3ec8b915b7b408c012631a7f246004b052e7c95fc36dcf8ea333ee9

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

:path: /wp-content/plugins/so-widgets-bundle/widgets/cta/js/cta.min.js?ver=1.23.1
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.livenewsnow.com
referer: https://www.livenewsnow.com/featured/msnbc.html
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.livenewsnow.com/featured/msnbc.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 01:06:16 GMT
content-encoding: br
vary: Accept-Encoding
last-modified: Mon, 16 Aug 2021 14:55:17 GMT
server: LiteSpeed
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 166
expires: Thu, 23 Sep 2021 01:06:16 GMT

GET
H2 200 jwplayer.js Show response
www.livenewsnow.com/wp-content/player/ 84 KB
26 KB 286ms
285ms Script
application/javascript 142.44.129.23
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://www.livenewsnow.com/wp-content/player/jwplayer.js

Requested by

Host: www.livenewsnow.com
URL: https://www.livenewsnow.com/featured/msnbc.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.44.129.23 , Canada, ASN16276 (OVH, FR),

Reverse DNS

ip23.ip-142-44-129.net

Software

LiteSpeed /

Resource Hash

20909fdd81c01a8884704f8424d8421bba1bb83c42af1d2e0ed3af58d60d6c4a

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

:path: /wp-content/player/jwplayer.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.livenewsnow.com
referer: https://www.livenewsnow.com/featured/msnbc.html
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.livenewsnow.com/featured/msnbc.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 01:06:16 GMT
content-encoding: br
vary: Accept-Encoding
last-modified: Tue, 15 May 2018 01:08:48 GMT
server: LiteSpeed
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 26246
expires: Thu, 23 Sep 2021 01:06:16 GMT

GET
H2 200 / Show response
services.vlitag.com/adv1/ 925 B
1 KB 333ms
274ms Script
application/javascript 104.26.15.238
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://services.vlitag.com/adv1/?q=1ed9a59c326f515cb33a6b718188b4ea

Requested by

Host: www.livenewsnow.com
URL: https://www.livenewsnow.com/featured/msnbc.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.15.238 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

70c3faca124d1c7af1b2cb3b2b91600a4098aed41430417e70d81555ade9ba01

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.livenewsnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Sep 2021 01:06:16 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Thu, 16 Sep 2021 01:06:16 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mpl8fYNySNYYeYkje%2Fvc0Ul8SORZELb98huBgNYCb09p7HtABPmaqJB8h5AcXIoXo0VzJNTbz57e%2BJsbqUKp5%2BGq3WJ1obMHxnbfaoUgQXO5WlcFHTc8iRVphJxr%2FMNMWCHN69M%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
cf-ray: 68f630f4e80d4131-PRG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
expires: on, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK script.js Show response
powerad.ai/ 170 KB
35 KB 415ms
200ms Script
application/javascript 18.211.226.152
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://powerad.ai/script.js
Requested by: Host: www.livenewsnow.com
URL: https://www.livenewsnow.com/featured/msnbc.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 18.211.226.152 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-211-226-152.compute-1.amazonaws.com
Software: nginx/1.10.3 (Ubuntu) / Express
Resource Hash: 63721156438c4a8fad96c6cb93099d8a59e94706abc4bf0c391b393cff33aa9e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.livenewsnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Thu, 16 Sep 2021 01:06:17 GMT
Content-Encoding: gzip
Last-Modified: Thu, 02 Sep 2021 15:19:09 GMT
Server: nginx/1.10.3 (Ubuntu)
Transfer-Encoding: chunked
X-Powered-By: Express
ETag: W/"2a930-17ba717a506"
Vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=3600
Access-Control-Allow-Credentials: true
Connection: close
Access-Control-Allow-Headers: *

GET
H3 200 logo_new.png
www.livenewsnow.com/wp-content/uploads/2019/02/ 18 KB
18 KB 229ms
225ms Image
image/png 142.44.129.23
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.livenewsnow.com/wp-content/uploads/2019/02/logo_new.png

Requested by

Host: www.livenewsnow.com
URL: https://www.livenewsnow.com/featured/msnbc.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.44.129.23 , Canada, ASN16276 (OVH, FR),

Reverse DNS

ip23.ip-142-44-129.net

Software

LiteSpeed /

Resource Hash

b7c267c4d7985561c20bc59e50f61a31c096d8d6195af26e77690c5e671c74db

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

:path: /wp-content/uploads/2019/02/logo_new.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.livenewsnow.com
referer: https://www.livenewsnow.com/featured/msnbc.html
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.livenewsnow.com/featured/msnbc.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 01:06:16 GMT
last-modified: Sat, 02 Feb 2019 06:43:20 GMT
server: LiteSpeed
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 18259
expires: Thu, 23 Sep 2021 01:06:16 GMT

GET
H3 200 US_2020_Elections_Image-180x135.jpg
www.livenewsnow.com/wp-content/uploads/2021/01/ 10 KB
10 KB 271ms
268ms Image
image/jpeg 142.44.129.23
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.livenewsnow.com/wp-content/uploads/2021/01/US_2020_Elections_Image-180x135.jpg

Requested by

Host: www.livenewsnow.com
URL: https://www.livenewsnow.com/featured/msnbc.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.44.129.23 , Canada, ASN16276 (OVH, FR),

Reverse DNS

ip23.ip-142-44-129.net

Software

LiteSpeed /

Resource Hash

817213c281ba767c3d7939acf5495bb74c825aa76bbb5bdd8d0db7e43265727e

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

:path: /wp-content/uploads/2021/01/US_2020_Elections_Image-180x135.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.livenewsnow.com
referer: https://www.livenewsnow.com/featured/msnbc.html
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.livenewsnow.com/featured/msnbc.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 01:06:16 GMT
last-modified: Thu, 25 Feb 2021 19:15:24 GMT
server: LiteSpeed
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 9857
expires: Thu, 23 Sep 2021 01:06:16 GMT

GET
H3 200 First-Presedential-Debate2-1-180x135.jpg
www.livenewsnow.com/wp-content/uploads/2016/10/ 5 KB
5 KB 278ms
275ms Image
image/jpeg 142.44.129.23
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.livenewsnow.com/wp-content/uploads/2016/10/First-Presedential-Debate2-1-180x135.jpg

Requested by

Host: www.livenewsnow.com
URL: https://www.livenewsnow.com/featured/msnbc.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.44.129.23 , Canada, ASN16276 (OVH, FR),

Reverse DNS

ip23.ip-142-44-129.net

Software

LiteSpeed /

Resource Hash

718169d79a9251bb750dede09d5d04039199fc22066399c5e538bcc2c9d5428f

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

:path: /wp-content/uploads/2016/10/First-Presedential-Debate2-1-180x135.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.livenewsnow.com
referer: https://www.livenewsnow.com/featured/msnbc.html
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.livenewsnow.com/featured/msnbc.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 01:06:16 GMT
last-modified: Fri, 03 Aug 2018 03:45:30 GMT
server: LiteSpeed
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 4768
expires: Thu, 23 Sep 2021 01:06:16 GMT

GET
H3 200 cnbc-1-1-1-1-1-1-180x135.jpg
www.livenewsnow.com/wp-content/uploads/2015/05/ 7 KB
7 KB 282ms
279ms Image
image/jpeg 142.44.129.23
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.livenewsnow.com/wp-content/uploads/2015/05/cnbc-1-1-1-1-1-1-180x135.jpg

Requested by

Host: www.livenewsnow.com
URL: https://www.livenewsnow.com/featured/msnbc.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.44.129.23 , Canada, ASN16276 (OVH, FR),

Reverse DNS

ip23.ip-142-44-129.net

Software

LiteSpeed /

Resource Hash

6c07d4305604e750e24d560d1dfabe8d715ae67bed68db5eb689d498489b33e6

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

:path: /wp-content/uploads/2015/05/cnbc-1-1-1-1-1-1-180x135.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.livenewsnow.com
referer: https://www.livenewsnow.com/featured/msnbc.html
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.livenewsnow.com/featured/msnbc.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 01:06:16 GMT
last-modified: Fri, 03 Aug 2018 03:45:36 GMT
server: LiteSpeed
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 7236
expires: Thu, 23 Sep 2021 01:06:16 GMT

GET
H3 200 MSNBC-1-180x135.jpg
www.livenewsnow.com/wp-content/uploads/2014/11/ 6 KB
6 KB 286ms
283ms Image
image/jpeg 142.44.129.23
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.livenewsnow.com/wp-content/uploads/2014/11/MSNBC-1-180x135.jpg

Requested by

Host: www.livenewsnow.com
URL: https://www.livenewsnow.com/featured/msnbc.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.44.129.23 , Canada, ASN16276 (OVH, FR),

Reverse DNS

ip23.ip-142-44-129.net

Software

LiteSpeed /

Resource Hash

0030ff9feae5571ab64b66ce10d11702c5cd2075d0df6ade01d8605f649d76da

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

:path: /wp-content/uploads/2014/11/MSNBC-1-180x135.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.livenewsnow.com
referer: https://www.livenewsnow.com/featured/msnbc.html
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.livenewsnow.com/featured/msnbc.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 01:06:16 GMT
last-modified: Fri, 03 Aug 2018 03:36:38 GMT
server: LiteSpeed
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 6595
expires: Thu, 23 Sep 2021 01:06:16 GMT

GET
H3 200 CBS-News-1-180x135.png
www.livenewsnow.com/wp-content/uploads/2015/10/ 4 KB
4 KB 290ms
287ms Image
image/png 142.44.129.23
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.livenewsnow.com/wp-content/uploads/2015/10/CBS-News-1-180x135.png

Requested by

Host: www.livenewsnow.com
URL: https://www.livenewsnow.com/featured/msnbc.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.44.129.23 , Canada, ASN16276 (OVH, FR),

Reverse DNS

ip23.ip-142-44-129.net

Software

LiteSpeed /

Resource Hash

94010b3ba635f2406516002dc0afdd5779302d5d4acebcdfe11d24d0ad08042b

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

:path: /wp-content/uploads/2015/10/CBS-News-1-180x135.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.livenewsnow.com
referer: https://www.livenewsnow.com/featured/msnbc.html
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.livenewsnow.com/featured/msnbc.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 01:06:16 GMT
last-modified: Fri, 03 Aug 2018 03:38:24 GMT
server: LiteSpeed
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 4126
expires: Thu, 23 Sep 2021 01:06:16 GMT

GET
H3 200 Crypto-investors-to-Elon-Musk-Please-stop-tweeting-180x135.jpg
www.livenewsnow.com/wp-content/uploads/2021/05/ 5 KB
5 KB 294ms
291ms Image
image/jpeg 142.44.129.23
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.livenewsnow.com/wp-content/uploads/2021/05/Crypto-investors-to-Elon-Musk-Please-stop-tweeting-180x135.jpg

Requested by

Host: www.livenewsnow.com
URL: https://www.livenewsnow.com/featured/msnbc.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.44.129.23 , Canada, ASN16276 (OVH, FR),

Reverse DNS

ip23.ip-142-44-129.net

Software

LiteSpeed /

Resource Hash

3597aad78feffe7bfa7557d435aba8a0d1c4633829d4ccb6040e38d7e303a159

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

:path: /wp-content/uploads/2021/05/Crypto-investors-to-Elon-Musk-Please-stop-tweeting-180x135.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.livenewsnow.com
referer: https://www.livenewsnow.com/featured/msnbc.html
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.livenewsnow.com/featured/msnbc.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 01:06:16 GMT
last-modified: Tue, 25 May 2021 11:36:48 GMT
server: LiteSpeed
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 4972
expires: Thu, 23 Sep 2021 01:06:16 GMT

GET
H3 200 FBN-2-1-180x135.png
www.livenewsnow.com/wp-content/uploads/2017/12/ 16 KB
16 KB 296ms
293ms Image
image/png 142.44.129.23
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.livenewsnow.com/wp-content/uploads/2017/12/FBN-2-1-180x135.png

Requested by

Host: www.livenewsnow.com
URL: https://www.livenewsnow.com/featured/msnbc.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.44.129.23 , Canada, ASN16276 (OVH, FR),

Reverse DNS

ip23.ip-142-44-129.net

Software

LiteSpeed /

Resource Hash

90f08395f17d5416071cb55121dbc50b7ba385a370a93a645d9c41cce72cbfd0

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

:path: /wp-content/uploads/2017/12/FBN-2-1-180x135.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.livenewsnow.com
referer: https://www.livenewsnow.com/featured/msnbc.html
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.livenewsnow.com/featured/msnbc.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 01:06:16 GMT
last-modified: Fri, 03 Aug 2018 03:45:34 GMT
server: LiteSpeed
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 16772
expires: Thu, 23 Sep 2021 01:06:16 GMT

GET
H3 200 Bloomberg-HT-1-180x135.png
www.livenewsnow.com/wp-content/uploads/2015/05/ 29 KB
30 KB 309ms
307ms Image
image/png 142.44.129.23
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.livenewsnow.com/wp-content/uploads/2015/05/Bloomberg-HT-1-180x135.png

Requested by

Host: www.livenewsnow.com
URL: https://www.livenewsnow.com/featured/msnbc.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.44.129.23 , Canada, ASN16276 (OVH, FR),

Reverse DNS

ip23.ip-142-44-129.net

Software

LiteSpeed /

Resource Hash

3b9abcb1748115239e7080fb4f672f4369492f76c49324ca25ee0aae83a7b956

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

:path: /wp-content/uploads/2015/05/Bloomberg-HT-1-180x135.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.livenewsnow.com
referer: https://www.livenewsnow.com/featured/msnbc.html
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.livenewsnow.com/featured/msnbc.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 01:06:16 GMT
last-modified: Fri, 03 Aug 2018 03:37:46 GMT
server: LiteSpeed
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 30132
expires: Thu, 23 Sep 2021 01:06:16 GMT

GET
H3 200 CNBC-Europe-1-1-180x135.png
www.livenewsnow.com/wp-content/uploads/2015/05/ 18 KB
18 KB 337ms
334ms Image
image/png 142.44.129.23
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.livenewsnow.com/wp-content/uploads/2015/05/CNBC-Europe-1-1-180x135.png

Requested by

Host: www.livenewsnow.com
URL: https://www.livenewsnow.com/featured/msnbc.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.44.129.23 , Canada, ASN16276 (OVH, FR),

Reverse DNS

ip23.ip-142-44-129.net

Software

LiteSpeed /

Resource Hash

31a1042dc9214bc9b18ef566b408af2181a54e9dbb503c45c3c0aacdde48ad7d

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

:path: /wp-content/uploads/2015/05/CNBC-Europe-1-1-180x135.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.livenewsnow.com
referer: https://www.livenewsnow.com/featured/msnbc.html
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.livenewsnow.com/featured/msnbc.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 01:06:16 GMT
last-modified: Fri, 03 Aug 2018 03:38:08 GMT
server: LiteSpeed
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 18456
expires: Thu, 23 Sep 2021 01:06:16 GMT

GET
H3 200 wp-emoji-release.min.js Show response
www.livenewsnow.com/wp-includes/js/ 18 KB
4 KB 351ms
349ms Script
application/javascript 142.44.129.23
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://www.livenewsnow.com/wp-includes/js/wp-emoji-release.min.js?ver=5.8.1

Requested by

Host: www.livenewsnow.com
URL: https://www.livenewsnow.com/featured/msnbc.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.44.129.23 , Canada, ASN16276 (OVH, FR),

Reverse DNS

ip23.ip-142-44-129.net

Software

LiteSpeed /

Resource Hash

def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

:path: /wp-includes/js/wp-emoji-release.min.js?ver=5.8.1
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.livenewsnow.com
referer: https://www.livenewsnow.com/featured/msnbc.html
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.livenewsnow.com/featured/msnbc.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 01:06:16 GMT
content-encoding: br
vary: Accept-Encoding
last-modified: Wed, 21 Jul 2021 02:54:11 GMT
server: LiteSpeed
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 4539
expires: Thu, 23 Sep 2021 01:06:16 GMT

GET
H3 200 collapse.js Show response
www.livenewsnow.com/wp-content/plugins/jquery-collapse-o-matic/js/ 21 KB
4 KB 94ms
94ms Script
application/javascript 142.44.129.23
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://www.livenewsnow.com/wp-content/plugins/jquery-collapse-o-matic/js/collapse.js?ver=1.6.23

Requested by

Host: www.livenewsnow.com
URL: https://www.livenewsnow.com/featured/msnbc.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.44.129.23 , Canada, ASN16276 (OVH, FR),

Reverse DNS

ip23.ip-142-44-129.net

Software

LiteSpeed /

Resource Hash

ce71bd0b07d0835b92d387d4c3b715e6c452d9f772e62b15f37dee32eeb59bc6

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

:path: /wp-content/plugins/jquery-collapse-o-matic/js/collapse.js?ver=1.6.23
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.livenewsnow.com
referer: https://www.livenewsnow.com/featured/msnbc.html
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.livenewsnow.com/featured/msnbc.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 01:06:16 GMT
content-encoding: br
vary: Accept-Encoding
last-modified: Wed, 28 Oct 2020 23:38:58 GMT
server: LiteSpeed
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 4221
expires: Thu, 23 Sep 2021 01:06:16 GMT

GET
H3 200 ads.min.js Show response
www.livenewsnow.com/wp-content/plugins/deblocker/js/ 126 B
169 B 94ms
94ms Script
application/javascript 142.44.129.23
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://www.livenewsnow.com/wp-content/plugins/deblocker/js/ads.min.js?ver=3.1.2

Requested by

Host: www.livenewsnow.com
URL: https://www.livenewsnow.com/featured/msnbc.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.44.129.23 , Canada, ASN16276 (OVH, FR),

Reverse DNS

ip23.ip-142-44-129.net

Software

LiteSpeed /

Resource Hash

0a08d51c4d3bb6e480a9d1c15eead0d989ecf10433c67cc5865dc546fc3c6ceb

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

:path: /wp-content/plugins/deblocker/js/ads.min.js?ver=3.1.2
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.livenewsnow.com
referer: https://www.livenewsnow.com/featured/msnbc.html
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.livenewsnow.com/featured/msnbc.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 01:06:16 GMT
last-modified: Tue, 20 Jul 2021 12:43:52 GMT
server: LiteSpeed
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 126
expires: Thu, 23 Sep 2021 01:06:16 GMT

GET
H3 200 script.min.js Show response
www.livenewsnow.com/wp-content/plugins/social-warfare/assets/js/ 21 KB
6 KB 94ms
93ms Script
application/javascript 142.44.129.23
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://www.livenewsnow.com/wp-content/plugins/social-warfare/assets/js/script.min.js?ver=4.3.0

Requested by

Host: www.livenewsnow.com
URL: https://www.livenewsnow.com/featured/msnbc.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.44.129.23 , Canada, ASN16276 (OVH, FR),

Reverse DNS

ip23.ip-142-44-129.net

Software

LiteSpeed /

Resource Hash

824881cb24a4442381024afdf51da2932d717bb59cb549edc4cad3e00394bdce

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

:path: /wp-content/plugins/social-warfare/assets/js/script.min.js?ver=4.3.0
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.livenewsnow.com
referer: https://www.livenewsnow.com/featured/msnbc.html
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.livenewsnow.com/featured/msnbc.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 01:06:16 GMT
content-encoding: br
vary: Accept-Encoding
last-modified: Wed, 21 Jul 2021 02:54:08 GMT
server: LiteSpeed
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 5599
expires: Thu, 23 Sep 2021 01:06:16 GMT

GET
H3 200 tagdiv_theme.min.js Show response
www.livenewsnow.com/wp-content/plugins/td-composer/legacy/Newsmag/js/ 241 KB
53 KB 96ms
94ms Script
application/javascript 142.44.129.23
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://www.livenewsnow.com/wp-content/plugins/td-composer/legacy/Newsmag/js/tagdiv_theme.min.js?ver=5.1

Requested by

Host: www.livenewsnow.com
URL: https://www.livenewsnow.com/featured/msnbc.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.44.129.23 , Canada, ASN16276 (OVH, FR),

Reverse DNS

ip23.ip-142-44-129.net

Software

LiteSpeed /

Resource Hash

adc17ed4b80255bfb82799bbd6ddbc0f7b751369c86d2e48564afe3b717a2e14

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

:path: /wp-content/plugins/td-composer/legacy/Newsmag/js/tagdiv_theme.min.js?ver=5.1
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.livenewsnow.com
referer: https://www.livenewsnow.com/featured/msnbc.html
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.livenewsnow.com/featured/msnbc.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 01:06:16 GMT
content-encoding: br
vary: Accept-Encoding
last-modified: Wed, 18 Aug 2021 01:50:12 GMT
server: LiteSpeed
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 53968
expires: Thu, 23 Sep 2021 01:06:16 GMT

GET
H3 200 comment-reply.min.js Show response
www.livenewsnow.com/wp-includes/js/ 3 KB
1 KB 248ms
245ms Script
application/javascript 142.44.129.23
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://www.livenewsnow.com/wp-includes/js/comment-reply.min.js?ver=5.8.1

Requested by

Host: www.livenewsnow.com
URL: https://www.livenewsnow.com/featured/msnbc.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.44.129.23 , Canada, ASN16276 (OVH, FR),

Reverse DNS

ip23.ip-142-44-129.net

Software

LiteSpeed /

Resource Hash

143ce443c390db3b8598f951de20bd04623859a581a15b8cde43ebfa1f8ec103

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

:path: /wp-includes/js/comment-reply.min.js?ver=5.8.1
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.livenewsnow.com
referer: https://www.livenewsnow.com/featured/msnbc.html
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.livenewsnow.com/featured/msnbc.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 01:06:16 GMT
content-encoding: br
vary: Accept-Encoding
last-modified: Thu, 15 Apr 2021 17:34:51 GMT
server: LiteSpeed
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 1228
expires: Thu, 23 Sep 2021 01:06:16 GMT

GET
H3 200 q2w3-fixed-widget.min.js Show response
www.livenewsnow.com/wp-content/plugins/q2w3-fixed-widget/js/ 4 KB
1 KB 248ms
245ms Script
application/javascript 142.44.129.23
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://www.livenewsnow.com/wp-content/plugins/q2w3-fixed-widget/js/q2w3-fixed-widget.min.js?ver=5.3.0

Requested by

Host: www.livenewsnow.com
URL: https://www.livenewsnow.com/featured/msnbc.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.44.129.23 , Canada, ASN16276 (OVH, FR),

Reverse DNS

ip23.ip-142-44-129.net

Software

LiteSpeed /

Resource Hash

9a7d00291b90b8045d042a9a713a9cceba928a35c18c99d1eeea2ca14c09614d

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

:path: /wp-content/plugins/q2w3-fixed-widget/js/q2w3-fixed-widget.min.js?ver=5.3.0
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.livenewsnow.com
referer: https://www.livenewsnow.com/featured/msnbc.html
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.livenewsnow.com/featured/msnbc.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 01:06:16 GMT
content-encoding: br
vary: Accept-Encoding
last-modified: Wed, 10 Mar 2021 14:54:00 GMT
server: LiteSpeed
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 1270
expires: Thu, 23 Sep 2021 01:06:16 GMT

GET
H3 200 core.min.js Show response
www.livenewsnow.com/wp-includes/js/jquery/ui/ 20 KB
6 KB 249ms
246ms Script
application/javascript 142.44.129.23
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://www.livenewsnow.com/wp-includes/js/jquery/ui/core.min.js?ver=1.12.1

Requested by

Host: www.livenewsnow.com
URL: https://www.livenewsnow.com/featured/msnbc.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.44.129.23 , Canada, ASN16276 (OVH, FR),

Reverse DNS

ip23.ip-142-44-129.net

Software

LiteSpeed /

Resource Hash

0cd851e5b33af0fbb354df65506da39807b998e07723f3d08aba5179fa2ed97e

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

:path: /wp-includes/js/jquery/ui/core.min.js?ver=1.12.1
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.livenewsnow.com
referer: https://www.livenewsnow.com/featured/msnbc.html
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.livenewsnow.com/featured/msnbc.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 01:06:16 GMT
content-encoding: br
vary: Accept-Encoding
last-modified: Thu, 15 Apr 2021 17:34:51 GMT
server: LiteSpeed
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 6589
expires: Thu, 23 Sep 2021 01:06:16 GMT

GET
H3 200 pum-site-scripts.js Show response
www.livenewsnow.com/wp-content/uploads/pum/ 68 KB
16 KB 254ms
251ms Script
application/javascript 142.44.129.23
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://www.livenewsnow.com/wp-content/uploads/pum/pum-site-scripts.js?defer&generated=1625669646&ver=1.16.2

Requested by

Host: www.livenewsnow.com
URL: https://www.livenewsnow.com/featured/msnbc.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.44.129.23 , Canada, ASN16276 (OVH, FR),

Reverse DNS

ip23.ip-142-44-129.net

Software

LiteSpeed /

Resource Hash

87f6ff80470d506234afa21c8512ab5d1aa3b269932cac0a5e6549f7cb1b5e14

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

:path: /wp-content/uploads/pum/pum-site-scripts.js?defer&generated=1625669646&ver=1.16.2
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.livenewsnow.com
referer: https://www.livenewsnow.com/featured/msnbc.html
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.livenewsnow.com/featured/msnbc.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 01:06:16 GMT
content-encoding: br
vary: Accept-Encoding
last-modified: Wed, 07 Jul 2021 14:54:06 GMT
server: LiteSpeed
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 16592
expires: Thu, 23 Sep 2021 01:06:16 GMT

GET
H3 200 wp-embed.min.js Show response
www.livenewsnow.com/wp-includes/js/ 1 KB
709 B 266ms
263ms Script
application/javascript 142.44.129.23
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://www.livenewsnow.com/wp-includes/js/wp-embed.min.js?ver=5.8.1

Requested by

Host: www.livenewsnow.com
URL: https://www.livenewsnow.com/featured/msnbc.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.44.129.23 , Canada, ASN16276 (OVH, FR),

Reverse DNS

ip23.ip-142-44-129.net

Software

LiteSpeed /

Resource Hash

5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

:path: /wp-includes/js/wp-embed.min.js?ver=5.8.1
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.livenewsnow.com
referer: https://www.livenewsnow.com/featured/msnbc.html
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.livenewsnow.com/featured/msnbc.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 01:06:16 GMT
content-encoding: br
vary: Accept-Encoding
last-modified: Thu, 04 Feb 2021 02:54:52 GMT
server: LiteSpeed
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 663
expires: Thu, 23 Sep 2021 01:06:16 GMT

GET
H3 200 ads.js Show response
www.livenewsnow.com/wp-content/plugins/quick-adsense-reloaded/assets/js/ 78 B
121 B 267ms
263ms Script
application/javascript 142.44.129.23
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://www.livenewsnow.com/wp-content/plugins/quick-adsense-reloaded/assets/js/ads.js?ver=2.0.30

Requested by

Host: www.livenewsnow.com
URL: https://www.livenewsnow.com/featured/msnbc.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.44.129.23 , Canada, ASN16276 (OVH, FR),

Reverse DNS

ip23.ip-142-44-129.net

Software

LiteSpeed /

Resource Hash

2ecad403abe6094919937758649c7fe968b8339a0b958e232acab55ca87ef02b

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

:path: /wp-content/plugins/quick-adsense-reloaded/assets/js/ads.js?ver=2.0.30
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.livenewsnow.com
referer: https://www.livenewsnow.com/featured/msnbc.html
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.livenewsnow.com/featured/msnbc.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 01:06:16 GMT
last-modified: Wed, 25 Aug 2021 02:55:10 GMT
server: LiteSpeed
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 78
expires: Thu, 23 Sep 2021 01:06:16 GMT

GET
H/1.1 412
Precondition Failed img.fetch
udmserve.net/udm/ 0
0 644ms
160ms Script
application/x-javascript 68.71.249.118
ZEROLAG

General

Check archive.org

Show headers Download Go to

Full URL: https://udmserve.net/udm/img.fetch?sid=16427;tid=1;dt=6;
Requested by: Host: www.livenewsnow.com
URL: https://www.livenewsnow.com/featured/msnbc.html
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_CBC
Server: 68.71.249.118 , United States, ASN20093 (ZEROLAG, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.livenewsnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Thu, 16 Sep 2021 01:06:17 GMT
Connection: Keep-Alive
P3p: NOI DSP CURa ADMa DEVa PSAa PSDa OUR IND UNI COM NAV INT
Content-Length: 1
Content-Type: application/x-javascript

GET
H2 200 css
fonts.googleapis.com/ 2 KB
583 B 26ms
25ms Stylesheet
text/css 142.250.186.170
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat:100

Requested by

Host: www.livenewsnow.com
URL: https://www.livenewsnow.com/wp-content/uploads/pum/pum-site-styles.css?generated=1625669646&ver=1.16.2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.170 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f10.1e100.net

Software

ESF /

Resource Hash

5a07f92a3cf8e20cea7fdcabd0995605dd90fabfe3fe132cc6d21fe70f2f371b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.livenewsnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 16 Sep 2021 00:16:34 GMT
server: ESF
date: Thu, 16 Sep 2021 01:06:16 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 16 Sep 2021 01:06:16 GMT

GET
H3 200 / Show response
services.vlitag.com/uv/ 13 B
694 B 166ms
146ms XHR
application/json 104.26.15.238
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://services.vlitag.com/uv/?page_url=https%3A%2F%2Fwww.livenewsnow.com%2Ffeatured%2Fmsnbc.html&mtk=715

Requested by

Host: services.vlitag.com
URL: https://services.vlitag.com/adv1/?q=1ed9a59c326f515cb33a6b718188b4ea

Protocol

Security

QUIC, , AES_128_GCM

Server

104.26.15.238 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

76aacba4eece592e3a3281e69a5762c6f10b527a29fbba5eae5ac091f47ae554

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.livenewsnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 01:06:16 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 13
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Thu, 16 Sep 2021 01:06:16 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KTdR1zffivHMdKkF29TAMX5%2Fj0qCYIIz9Vbv4fhs03nnN8QXWjJMrOgeEqKkhJV4QQsP5SkgTmVtIS%2FaUhdd02JomgcuoMhipYXi7ErY48ayu153HJG%2BnyCfyXRyqLbiivZuBMg%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://www.livenewsnow.com
cache-control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
cf-ray: 68f630f6cbfe27c0-PRG
expires: on, 01 Jan 1970 00:00:00 GMT

GET
H2 200 1ed9a59c326f515cb33a6b718188b4ea.js Show response
tag.vlitag.com/v1/1631726988/ 496 KB
125 KB 52ms
29ms Script
application/javascript 104.26.15.238
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tag.vlitag.com/v1/1631726988/1ed9a59c326f515cb33a6b718188b4ea.js

Requested by

Host: services.vlitag.com
URL: https://services.vlitag.com/adv1/?q=1ed9a59c326f515cb33a6b718188b4ea

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.15.238 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9d5af9c989d724338ff6de200a697f1fbc046de6bed93a0a7fcd92f44f7da61b

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.livenewsnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 01:06:16 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 26825
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Wed, 15 Sep 2021 17:39:11 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ohCRhy5f%2FHc467LeYHCqHVuAZ1wW059M3oQ6iXcMNLBRgh52Ts%2FhcdV38YHbda3zOURv6cJT8d5JH8EHR45sIiJ3WQ4xrochT4MOy2zxlk0iRISgCip9OIfXr0YYTEKZ"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000, immutable
cf-ray: 68f630f6d8ea4131-PRG
cf-bgj: minify

GET
H2 200 mem5YaGs126MiZpBA-UN7rgOUuhp.woff2
fonts.gstatic.com/s/opensans/v23/ 15 KB
15 KB 29ms
7ms Font
font/woff2 142.250.186.131
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v23/mem5YaGs126MiZpBA-UN7rgOUuhp.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C600%2C700%7CRoboto+Condensed%3A400%2C500%2C700&display=swap&ver=5.1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f3.1e100.net

Software

sffe /

Resource Hash

c73575543a5c99018f842960f9882edaa0918965ea856e91de9717a0d58d3f1c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.livenewsnow.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 10 Sep 2021 08:00:30 GMT
x-content-type-options: nosniff
age: 493546
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15112
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 00:23:34 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 10 Sep 2022 08:00:30 GMT

GET
H3 200 newsmag.woff
www.livenewsnow.com/wp-content/themes/Newsmag/images/icons/ 19 KB
19 KB 126ms
125ms Font
font/woff 142.44.129.23
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://www.livenewsnow.com/wp-content/themes/Newsmag/images/icons/newsmag.woff?15

Requested by

Host: www.livenewsnow.com
URL: https://www.livenewsnow.com/wp-content/themes/Newsmag/style.css?ver=5.1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.44.129.23 , Canada, ASN16276 (OVH, FR),

Reverse DNS

ip23.ip-142-44-129.net

Software

LiteSpeed /

Resource Hash

b24763119a9aa6bc836fada5889c6f2ebde0a4a99621d417073bb7ff0d95bca7

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

:path: /wp-content/themes/Newsmag/images/icons/newsmag.woff?15
pragma: no-cache
origin: https://www.livenewsnow.com
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: font
:authority: www.livenewsnow.com
referer: https://www.livenewsnow.com/wp-content/themes/Newsmag/style.css?ver=5.1
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.livenewsnow.com/wp-content/themes/Newsmag/style.css?ver=5.1
Origin: https://www.livenewsnow.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 01:06:16 GMT
last-modified: Wed, 18 Aug 2021 01:49:58 GMT
server: LiteSpeed
x-frame-options: SAMEORIGIN
content-type: font/woff
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 19872
expires: Thu, 23 Sep 2021 01:06:16 GMT

GET
H2 200 jwplayer.core.controls.js Show response
ssl.p.jwpcdn.com/player/v/8.3.2/ 228 KB
56 KB 68ms
26ms Script
application/javascript 151.101.194.114
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ssl.p.jwpcdn.com/player/v/8.3.2/jwplayer.core.controls.js
Requested by: Host: www.livenewsnow.com
URL: https://www.livenewsnow.com/wp-content/player/jwplayer.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.194.114 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 67a988855f04ab3c9bbf3355934bc763205a7a64500351b8a877454a02b5ff40

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.livenewsnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 01:06:16 GMT
content-encoding: gzip
age: 605625
x-cache: HIT
content-length: 57410
via: 1.1 varnish
x-served-by: cache-hhn4043-HHN
last-modified: Mon, 14 May 2018 18:10:39 GMT
server: AmazonS3
x-timer: S1631754377.843431,VS0,VE1
etag: "c4781b5288eaf57c9cfd40e2cc96c49a"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000, immutable
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 jwpsrv.js Show response
ssl.p.jwpcdn.com/player/v/8.3.2/ 51 KB
16 KB 46ms
5ms Script
application/javascript 151.101.194.114
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ssl.p.jwpcdn.com/player/v/8.3.2/jwpsrv.js
Requested by: Host: www.livenewsnow.com
URL: https://www.livenewsnow.com/wp-content/player/jwplayer.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.194.114 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f44ac5619379731a4dd9a546101768c537a472dcbe049735c3740661a9f582d7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.livenewsnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 01:06:16 GMT
via: 1.1 varnish
age: 1066
x-cache: HIT
content-encoding: gzip
content-length: 16060
x-served-by: cache-hhn4043-HHN
last-modified: Wed, 25 Nov 2020 15:45:21 GMT
server: AmazonS3
x-timer: S1631754377.843509,VS0,VE0
etag: "9ce4655dbc7b8410f510da753f3be441"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
accept-ranges: bytes
x-cache-hits: 2

GET
H2 200 related.js Show response
ssl.p.jwpcdn.com/player/plugins/related/v/6.2.4/ 87 KB
21 KB 47ms
7ms Script
text/plain 151.101.194.114
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ssl.p.jwpcdn.com/player/plugins/related/v/6.2.4/related.js
Requested by: Host: www.livenewsnow.com
URL: https://www.livenewsnow.com/wp-content/player/jwplayer.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.194.114 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d7f211c00704e79b4ba02e0fb222761625185ea4a179e3331626dc1f9f1740a7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.livenewsnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 01:06:16 GMT
content-encoding: gzip
age: 4227365
x-cache: HIT
content-length: 21159
via: 1.1 varnish
x-served-by: cache-hhn4043-HHN
last-modified: Fri, 11 May 2018 22:34:53 GMT
server: AmazonS3
x-timer: S1631754377.843547,VS0,VE0
etag: "7bbdfe2a8a588c6df3bf256f3a486be3"
vary: Accept-Encoding
content-type: text/plain
access-control-allow-origin: *
cache-control: max-age=31536000, immutable
accept-ranges: bytes
x-cache-hits: 15725

GET
H2 200 provider.hlsjs.js Show response
ssl.p.jwpcdn.com/player/v/8.3.2/ 277 KB
79 KB 46ms
6ms Script
application/javascript 151.101.194.114
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ssl.p.jwpcdn.com/player/v/8.3.2/provider.hlsjs.js
Requested by: Host: www.livenewsnow.com
URL: https://www.livenewsnow.com/wp-content/player/jwplayer.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.194.114 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c749df536b233f5ae3981011f53f0c89255c9e9350da39c2af163469fecd2b13

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.livenewsnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 01:06:16 GMT
content-encoding: gzip
age: 1212207
x-cache: HIT
content-length: 80653
via: 1.1 varnish
x-served-by: cache-hhn4043-HHN
last-modified: Mon, 14 May 2018 18:10:43 GMT
server: AmazonS3
x-timer: S1631754377.843568,VS0,VE0
etag: "3d267ff733b39f1856957921420c75fb"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000, immutable
accept-ranges: bytes
x-cache-hits: 3

GET
H3 200 mem8YaGs126MiZpBA-UFVZ0b.woff2
fonts.gstatic.com/s/opensans/v23/ 14 KB
14 KB 21ms
7ms Font
font/woff2 142.250.186.131
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v23/mem8YaGs126MiZpBA-UFVZ0b.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C600%2C700%7CRoboto+Condensed%3A400%2C500%2C700&display=swap&ver=5.1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f3.1e100.net

Software

sffe /

Resource Hash

a42f2ec73409f2753ef17d737714c86303fa45fc3a3d484a9b0c8ed28ef0fd6b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.livenewsnow.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 12 Sep 2021 14:18:31 GMT
x-content-type-options: nosniff
age: 298065
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14440
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 00:23:25 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 12 Sep 2022 14:18:31 GMT

GET
DATA 200
OK truncated
/ 1 KB
1 KB Font
application/x-font-ttf

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2118c6cd532cb02a503f670da3b5fc94b10dc4d1ed912d5d57cfc8ed2d29167b

Request headers

Referer
Origin: https://www.livenewsnow.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type: application/x-font-ttf;charset=utf-8

GET
H2 200 ajs.js Show response
cdn2.lockerdomecdn.com/_js/ 5 KB
3 KB 62ms
6ms Script
application/javascript 151.139.242.29
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn2.lockerdomecdn.com/_js/ajs.js
Requested by: Host: www.livenewsnow.com
URL: https://www.livenewsnow.com/featured/msnbc.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.139.242.29 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: nginx /
Resource Hash: 17c017479dd90e883c66518bc09e8e77eb17fd4186fc172b5565e2014ad8e2e9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.livenewsnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 01:06:16 GMT
content-encoding: gzip
last-modified: Wed, 15 Sep 2021 16:14:14 GMT
server: nginx
etag: W/"14f4-17bea3cbdc8"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: https://lockerdome.com
content-length: 2348

GET
H2 200 serve.js.php Show response
trends.revcontent.com/ 4 KB
1 KB 123ms
36ms Script
text/html 52.50.197.208
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://trends.revcontent.com/serve.js.php?w=112299&t=rc_322&c=1631754376838&width=1600&referer=https%3A%2F%2Fwww.livenewsnow.com%2Ffeatured%2Fmsnbc.html

Requested by

Host: www.livenewsnow.com
URL: https://www.livenewsnow.com/featured/msnbc.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.50.197.208 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-50-197-208.eu-west-1.compute.amazonaws.com

Software

Apache/2.4.25 (Debian) /

Resource Hash

6d123a38a7904beef7741fac080742c9f15052e6dc31dd3a9560fdb322b4899a

Security Headers

Name	Value
Strict-Transport-Security	max-age=931536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.livenewsnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 01:06:16 GMT
content-encoding: gzip
server: Apache/2.4.25 (Debian)
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.livenewsnow.com
access-control-allow-credentials: true
strict-transport-security: max-age=931536000; includeSubDomains
content-length: 1251

GET
H3 200 mem5YaGs126MiZpBA-UNirkOUuhp.woff2
fonts.gstatic.com/s/opensans/v23/ 15 KB
15 KB 7ms
7ms Font
font/woff2 142.250.186.131
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v23/mem5YaGs126MiZpBA-UNirkOUuhp.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C600%2C700%7CRoboto+Condensed%3A400%2C500%2C700&display=swap&ver=5.1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f3.1e100.net

Software

sffe /

Resource Hash

c298433cc9eb86f4c0be0a447b0faf398dee9186d2bcf26683297de2758cddc7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.livenewsnow.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 13 Sep 2021 15:22:16 GMT
x-content-type-options: nosniff
age: 207840
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14956
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 00:23:40 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 13 Sep 2022 15:22:16 GMT

GET
H3 200 sw-icon-font.woff
www.livenewsnow.com/wp-content/plugins/social-warfare/assets/fonts/ 7 KB
7 KB 100ms
100ms Font
font/woff 142.44.129.23
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://www.livenewsnow.com/wp-content/plugins/social-warfare/assets/fonts/sw-icon-font.woff?ver=4.3.0

Requested by

Host: www.livenewsnow.com
URL: https://www.livenewsnow.com/featured/msnbc.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.44.129.23 , Canada, ASN16276 (OVH, FR),

Reverse DNS

ip23.ip-142-44-129.net

Software

LiteSpeed /

Resource Hash

607f69d2ac4f67c9ab5753f5176c18096b5b6d1128ab9f9da3720563c0824e64

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

:path: /wp-content/plugins/social-warfare/assets/fonts/sw-icon-font.woff?ver=4.3.0
pragma: no-cache
origin: https://www.livenewsnow.com
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: font
:authority: www.livenewsnow.com
referer: https://www.livenewsnow.com/featured/msnbc.html
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.livenewsnow.com/featured/msnbc.html
Origin: https://www.livenewsnow.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 01:06:16 GMT
last-modified: Wed, 21 Jul 2021 02:54:08 GMT
server: LiteSpeed
x-frame-options: SAMEORIGIN
content-type: font/woff
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 7556
expires: Thu, 23 Sep 2021 01:06:16 GMT

GET
H3 200 CNN_News_Live-e1493069416432-3-1-1-1-180x135.png
www.livenewsnow.com/wp-content/uploads/2015/02/ 21 KB
21 KB 230ms
229ms Image
image/png 142.44.129.23
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.livenewsnow.com/wp-content/uploads/2015/02/CNN_News_Live-e1493069416432-3-1-1-1-180x135.png

Requested by

Host: www.livenewsnow.com
URL: https://www.livenewsnow.com/featured/msnbc.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.44.129.23 , Canada, ASN16276 (OVH, FR),

Reverse DNS

ip23.ip-142-44-129.net

Software

LiteSpeed /

Resource Hash

33783e2056b0f8f81ceec5c822b6531a10d69dc0fdc2d34c01493fddabfdba32

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

:path: /wp-content/uploads/2015/02/CNN_News_Live-e1493069416432-3-1-1-1-180x135.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.livenewsnow.com
referer: https://www.livenewsnow.com/featured/msnbc.html
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.livenewsnow.com/featured/msnbc.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 01:06:16 GMT
last-modified: Fri, 03 Aug 2018 03:45:36 GMT
server: LiteSpeed
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 21011
expires: Thu, 23 Sep 2021 01:06:16 GMT

GET
H3 200 fox_news-180x135.jpg
www.livenewsnow.com/wp-content/uploads/2015/09/ 8 KB
8 KB 241ms
240ms Image
image/jpeg 142.44.129.23
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.livenewsnow.com/wp-content/uploads/2015/09/fox_news-180x135.jpg

Requested by

Host: www.livenewsnow.com
URL: https://www.livenewsnow.com/featured/msnbc.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.44.129.23 , Canada, ASN16276 (OVH, FR),

Reverse DNS

ip23.ip-142-44-129.net

Software

LiteSpeed /

Resource Hash

705ad2695d761a1bba5872f3db554d64893be6d3e6a51f7077d95467dec85345

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

:path: /wp-content/uploads/2015/09/fox_news-180x135.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.livenewsnow.com
referer: https://www.livenewsnow.com/featured/msnbc.html
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.livenewsnow.com/featured/msnbc.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 01:06:16 GMT
last-modified: Tue, 30 Oct 2018 11:11:32 GMT
server: LiteSpeed
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 8469
expires: Thu, 23 Sep 2021 01:06:16 GMT

GET
H3 200 Bill-and-Melinda-Gates-file-for-divorce-after-27-Years-180x135.jpg
www.livenewsnow.com/wp-content/uploads/2021/05/ 7 KB
7 KB 246ms
245ms Image
image/jpeg 142.44.129.23
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.livenewsnow.com/wp-content/uploads/2021/05/Bill-and-Melinda-Gates-file-for-divorce-after-27-Years-180x135.jpg

Requested by

Host: www.livenewsnow.com
URL: https://www.livenewsnow.com/featured/msnbc.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.44.129.23 , Canada, ASN16276 (OVH, FR),

Reverse DNS

ip23.ip-142-44-129.net

Software

LiteSpeed /

Resource Hash

1098f55a019d91eab778adaeafc1f1cddd1690c01a4554019f49e806ad8b68c4

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

:path: /wp-content/uploads/2021/05/Bill-and-Melinda-Gates-file-for-divorce-after-27-Years-180x135.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.livenewsnow.com
referer: https://www.livenewsnow.com/featured/msnbc.html
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.livenewsnow.com/featured/msnbc.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 01:06:16 GMT
last-modified: Tue, 04 May 2021 08:50:41 GMT
server: LiteSpeed
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 7592
expires: Thu, 23 Sep 2021 01:06:16 GMT

GET
H3 200 Melinda-Gates-Plans-to-work-with-ex-husband-for-2-Years-180x135.jpg
www.livenewsnow.com/wp-content/uploads/2021/07/ 6 KB
6 KB 249ms
247ms Image
image/jpeg 142.44.129.23
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.livenewsnow.com/wp-content/uploads/2021/07/Melinda-Gates-Plans-to-work-with-ex-husband-for-2-Years-180x135.jpg

Requested by

Host: www.livenewsnow.com
URL: https://www.livenewsnow.com/featured/msnbc.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.44.129.23 , Canada, ASN16276 (OVH, FR),

Reverse DNS

ip23.ip-142-44-129.net

Software

LiteSpeed /

Resource Hash

70beb5f1deda4d131adc07a99733d23e4a8fe8a50bb29b84c31316497023a0dc

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

:path: /wp-content/uploads/2021/07/Melinda-Gates-Plans-to-work-with-ex-husband-for-2-Years-180x135.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.livenewsnow.com
referer: https://www.livenewsnow.com/featured/msnbc.html
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.livenewsnow.com/featured/msnbc.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 01:06:16 GMT
last-modified: Thu, 08 Jul 2021 12:32:04 GMT
server: LiteSpeed
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 6502
expires: Thu, 23 Sep 2021 01:06:16 GMT

GET
H3 200 Tesla-Excluded-from-Biden-Electric-Vehicle-Summit-180x135.jpg
www.livenewsnow.com/wp-content/uploads/2021/08/ 8 KB
8 KB 252ms
251ms Image
image/jpeg 142.44.129.23
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.livenewsnow.com/wp-content/uploads/2021/08/Tesla-Excluded-from-Biden-Electric-Vehicle-Summit-180x135.jpg

Requested by

Host: www.livenewsnow.com
URL: https://www.livenewsnow.com/featured/msnbc.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.44.129.23 , Canada, ASN16276 (OVH, FR),

Reverse DNS

ip23.ip-142-44-129.net

Software

LiteSpeed /

Resource Hash

5bdd8ce5370d22e624976e91a94c2c1a59323a19ca9a3de0eb0c76d80f716788

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

:path: /wp-content/uploads/2021/08/Tesla-Excluded-from-Biden-Electric-Vehicle-Summit-180x135.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.livenewsnow.com
referer: https://www.livenewsnow.com/featured/msnbc.html
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.livenewsnow.com/featured/msnbc.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 01:06:16 GMT
last-modified: Fri, 06 Aug 2021 13:45:10 GMT
server: LiteSpeed
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 8124
expires: Thu, 23 Sep 2021 01:06:16 GMT

GET
H3 200 MSNBC-1-300x172.jpg
www.livenewsnow.com/wp-content/uploads/2014/11/ 10 KB
10 KB 256ms
255ms Image
image/jpeg 142.44.129.23
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.livenewsnow.com/wp-content/uploads/2014/11/MSNBC-1-300x172.jpg

Requested by

Host: www.livenewsnow.com
URL: https://www.livenewsnow.com/featured/msnbc.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.44.129.23 , Canada, ASN16276 (OVH, FR),

Reverse DNS

ip23.ip-142-44-129.net

Software

LiteSpeed /

Resource Hash

386d9248f9b1288499cb2f689cdb6e0c1323ea09ddb5c4b8b88f091c76887cf9

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

:path: /wp-content/uploads/2014/11/MSNBC-1-300x172.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.livenewsnow.com
referer: https://www.livenewsnow.com/featured/msnbc.html
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.livenewsnow.com/featured/msnbc.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 01:06:16 GMT
last-modified: Fri, 03 Aug 2018 03:36:38 GMT
server: LiteSpeed
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 9803
expires: Thu, 23 Sep 2021 01:06:16 GMT

GET
H3 200 fox_news-300x157.jpg
www.livenewsnow.com/wp-content/uploads/2015/09/ 11 KB
11 KB 259ms
258ms Image
image/jpeg 142.44.129.23
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.livenewsnow.com/wp-content/uploads/2015/09/fox_news-300x157.jpg

Requested by

Host: www.livenewsnow.com
URL: https://www.livenewsnow.com/featured/msnbc.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.44.129.23 , Canada, ASN16276 (OVH, FR),

Reverse DNS

ip23.ip-142-44-129.net

Software

LiteSpeed /

Resource Hash

0d612a19fbd151019216390cf44632dca89a06094a2fbcb0173a71a41ff4dc57

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

:path: /wp-content/uploads/2015/09/fox_news-300x157.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.livenewsnow.com
referer: https://www.livenewsnow.com/featured/msnbc.html
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.livenewsnow.com/featured/msnbc.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 01:06:16 GMT
last-modified: Tue, 30 Oct 2018 11:11:32 GMT
server: LiteSpeed
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 11419
expires: Thu, 23 Sep 2021 01:06:16 GMT

GET
H3 200 CNN_News_Live-e1493069416432-3-1-1-1-300x157.png
www.livenewsnow.com/wp-content/uploads/2015/02/ 34 KB
34 KB 262ms
261ms Image
image/png 142.44.129.23
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.livenewsnow.com/wp-content/uploads/2015/02/CNN_News_Live-e1493069416432-3-1-1-1-300x157.png

Requested by

Host: www.livenewsnow.com
URL: https://www.livenewsnow.com/featured/msnbc.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.44.129.23 , Canada, ASN16276 (OVH, FR),

Reverse DNS

ip23.ip-142-44-129.net

Software

LiteSpeed /

Resource Hash

b0beef92c18af6305dce9a0c316c9075ea7d0fd01b7acbc4520239f78239f97f

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

:path: /wp-content/uploads/2015/02/CNN_News_Live-e1493069416432-3-1-1-1-300x157.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.livenewsnow.com
referer: https://www.livenewsnow.com/featured/msnbc.html
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.livenewsnow.com/featured/msnbc.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 01:06:16 GMT
last-modified: Fri, 03 Aug 2018 03:45:36 GMT
server: LiteSpeed
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 35172
expires: Thu, 23 Sep 2021 01:06:16 GMT

GET
H2 200 cmp-v2.0.1.js Show response
assets.vlitag.com/plugins/cmptcf2/ 267 KB
72 KB 53ms
26ms Script
application/javascript 104.26.15.238
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.vlitag.com/plugins/cmptcf2/cmp-v2.0.1.js

Requested by

Host: tag.vlitag.com
URL: https://tag.vlitag.com/v1/1631726988/1ed9a59c326f515cb33a6b718188b4ea.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.15.238 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

645c745c972fa286538b481ff3da9a58bf2a8b2fba6b8a195853f6d221a4775e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.livenewsnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 01:06:16 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 832101
cf-polished: origSize=489839
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
x-robots-tag: noindex, nofollow
last-modified: Tue, 29 Dec 2020 02:18:12 GMT
server: cloudflare
etag: W/"5fea91e4-7796f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NdRWDmXQD1ogF97glhQMjJK%2FcCVXOBydwpmQ9q%2BRuHvTl2w4nwWf834ViT1Et3%2BaDfQ9S3hzukNGoJWuZCHxD13YxRyc19VV4KpbsyIpvLvmpVoaYN3wsx4RNpQ683U%2B0hwO"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=16070400
cf-ray: 68f630f7e94c4131-PRG
expires: Mon, 06 Sep 2021 10:27:55 GMT

GET
H2 200 prebid-v5.12.0.js Show response
assets.vlitag.com/prebid/default/ 465 KB
136 KB 60ms
35ms Script
application/javascript 104.26.15.238
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.vlitag.com/prebid/default/prebid-v5.12.0.js

Requested by

Host: tag.vlitag.com
URL: https://tag.vlitag.com/v1/1631726988/1ed9a59c326f515cb33a6b718188b4ea.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.15.238 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e69c37fdfb938853b195b56b6e47e215c275fc85f28be01017e9074fb38be736

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.livenewsnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 01:06:16 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 832101
cf-polished: origSize=476623
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
x-robots-tag: noindex, nofollow
last-modified: Thu, 02 Sep 2021 03:27:04 GMT
server: cloudflare
etag: W/"61304488-745cf"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RC%2FrN7fzK%2BqJ12NrAscr8wwpLHy%2FXaapezEs04CIrSUIGR8wNCXYLK1BOT2k5fPmSx9G6PVu%2BJSnFg7N7m%2F3iHHome2Fvl1cm7DBOYGAuhIdwG96rjGYE%2FwloPoS1utHkC%2Br"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=16070400
cf-ray: 68f630f7e94d4131-PRG
expires: Mon, 06 Sep 2021 10:27:55 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 71 KB
25 KB 37ms
16ms Script
text/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: tag.vlitag.com
URL: https://tag.vlitag.com/v1/1631726988/1ed9a59c326f515cb33a6b718188b4ea.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

sffe /

Resource Hash

ee417620a9b6c3e4301acb479edc4245d2c3f5f24c086bc14a6019ef7234eb0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.livenewsnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 01:06:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "988 / 409 of 1000 / last-modified: 1631750564"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25013
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 16 Sep 2021 01:06:16 GMT

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ 345 KB
119 KB 87ms
26ms Script
text/javascript 172.217.23.106
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: tag.vlitag.com
URL: https://tag.vlitag.com/v1/1631726988/1ed9a59c326f515cb33a6b718188b4ea.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.106 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f106.1e100.net

Software

sffe /

Resource Hash

7d63d874aa4977dd2c3d90a67ac741d4928e3ecf85d8f6f05d0f23f9fe90a672

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.livenewsnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 01:06:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 121208
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-instream-static"
expires: Thu, 16 Sep 2021 01:06:16 GMT

GET
H2 200 sf_host.min.js Show response
assets.vlitag.com/plugins/safeframe/src/js/ 38 KB
17 KB 49ms
24ms Script
application/javascript 104.26.15.238
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.vlitag.com/plugins/safeframe/src/js/sf_host.min.js

Requested by

Host: tag.vlitag.com
URL: https://tag.vlitag.com/v1/1631726988/1ed9a59c326f515cb33a6b718188b4ea.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.15.238 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1916cf4455a526aadafd82710bf7304154905dcdf69dd9e0b516a63cc82e27e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.livenewsnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 01:06:16 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 832101
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
x-robots-tag: noindex, nofollow
last-modified: Fri, 01 Nov 2019 05:04:50 GMT
server: cloudflare
etag: W/"5dbbbcf2-9806"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KQlpTp69DxrwI%2BosjHOKFFDMuc%2F6WY62o6rVnej8fBBlvssEAwGapHyl4V76Z1HYzE3kde6JyyB5InSmugp7u9MQ38mBk79yLbFLbsguJKoPOFbrH11xHK1j6NgxgcMvdQ4y"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=16070400
cf-ray: 68f630f7e94e4131-PRG
expires: Mon, 06 Sep 2021 10:27:55 GMT

GET
H2 200 js15_as.js Show response
s10.histats.com/ 11 KB
4 KB 46ms
12ms Script
text/javascript 46.105.201.240
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/js15_as.js
Requested by: Host: www.livenewsnow.com
URL: https://www.livenewsnow.com/featured/msnbc.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.105.201.240 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: 2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.livenewsnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 01:03:24 GMT
content-encoding: br
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
x-cdn-pop-ip: 137.74.120.0/27
etag: "-375139978"
x-cacheable: Matched cache
content-type: text/javascript
x-cdn-pop: sbg
accept-ranges: bytes
content-length: 4364
x-request-id: 6095420

GET
H3 200 live-news-logo-1.jpg
www.livenewsnow.com/wp-content/uploads/2016/10/ 25 KB
25 KB 99ms
98ms Image
image/jpeg 142.44.129.23
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.livenewsnow.com/wp-content/uploads/2016/10/live-news-logo-1.jpg

Requested by

Host: www.livenewsnow.com
URL: https://www.livenewsnow.com/featured/msnbc.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.44.129.23 , Canada, ASN16276 (OVH, FR),

Reverse DNS

ip23.ip-142-44-129.net

Software

LiteSpeed /

Resource Hash

67b0f78f61077a241474fbd179b890728a71736a7dff58373fa29c5592af8aad

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

:path: /wp-content/uploads/2016/10/live-news-logo-1.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.livenewsnow.com
referer: https://www.livenewsnow.com/featured/msnbc.html
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.livenewsnow.com/featured/msnbc.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 01:06:17 GMT
last-modified: Fri, 12 Jun 2020 22:54:59 GMT
server: LiteSpeed
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 25906
expires: Thu, 23 Sep 2021 01:06:17 GMT

GET
H2 200 provider.cast.js Show response
ssl.p.jwpcdn.com/player/v/8.3.2/ 22 KB
8 KB 10ms
10ms Script
application/javascript 151.101.194.114
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://ssl.p.jwpcdn.com/player/v/8.3.2/provider.cast.js
Requested by: Host: www.livenewsnow.com
URL: https://www.livenewsnow.com/wp-content/player/jwplayer.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.194.114 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 76137dea38db9d7880de4a2585770dd0f9e822b0196921f81c5122d57b2876fc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.livenewsnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 01:06:17 GMT
content-encoding: gzip
age: 1207527
x-cache: HIT
content-length: 7812
via: 1.1 varnish
x-served-by: cache-hhn4043-HHN
last-modified: Mon, 14 May 2018 18:10:43 GMT
server: AmazonS3
x-timer: S1631754377.013420,VS0,VE1
etag: "2aeed5bf6b5e27145fbb930b7028f054"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000, immutable
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 index.m3u8 Show response
1420543146.rsc.cdn77.org/aWZVPhaSUIM6No-EH32w-w==,1631767981/LS-ATL-54548-10/ 180 B
699 B 286ms
228ms XHR
application/vnd.apple.mpegurl 195.181.175.25
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://1420543146.rsc.cdn77.org/aWZVPhaSUIM6No-EH32w-w==,1631767981/LS-ATL-54548-10/index.m3u8
Requested by: Host: ssl.p.jwpcdn.com
URL: https://ssl.p.jwpcdn.com/player/v/8.3.2/provider.hlsjs.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.181.175.25 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: frankfurt-20.cdn77.com
Software: CDN77-Turbo /
Resource Hash: b08bd7f1468137eebf244f1816cbb8dee1612f0361dc1459a26024b86994fd59

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.livenewsnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Thu, 16 Sep 2021 01:06:17 GMT
content-encoding: br
x-cache: EXPIRED
x-run-time: 658
x-age: 254
x-sid: 614296bc-4b60-4175-807a-7fabbe0abc5b
x-77-nzt: AcO1rxd6IvLL/gAAAA==
pragma: no-cache
server: CDN77-Turbo
cache-control: no-cache, no-store, must-revalidate
x-77-nzt-ray: QTxIgwjxkl8=
x-77-cache: MISS
access-control-allow-methods: GET, PUT, DELETE, OPTIONS
content-type: application/vnd.apple.mpegurl
access-control-allow-origin: *
access-control-expose-headers: Server, range, X-Run-Time, Content-Length, Location
x-route-time: 840
access-control-allow-headers: x-vsaas-session, x-no-redirect, origin, authorization, accept, range
x-accel-expires: @1631754378

GET
H/1.1 200
OK Cookie set 14009239735841894 Show response
lockerdome.com/lad/ Frame B8F5 120 KB
28 KB 671ms
280ms Document
text/html 104.154.142.214
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://lockerdome.com/lad/14009239735841894?pubid=ld-5173-9605&pubo=https%3A%2F%2Fwww.livenewsnow.com&rid=&width=640
Requested by: Host: cdn2.lockerdomecdn.com
URL: https://cdn2.lockerdomecdn.com/_js/ajs.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.154.142.214 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 214.142.154.104.bc.googleusercontent.com
Software: /
Resource Hash: 4b49d21d9b4f1e095f4428e9b68e1f4f1c7b0bf2dd06e6062954ae144d0060ac

Request headers

Host: lockerdome.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.livenewsnow.com/
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.livenewsnow.com/

Response headers

Set-Cookie: account_id=14390389595691776; Domain=.lockerdome.com; Path=/; Expires=Fri, 16 Sep 2022 01:06:17 GMT; Secure; SameSite=None login_token=%2214390389595691776%7C1639530377482%3A%7Call%7CrrNinVxmAQ%2F2T8XtdObO4LHHHBdJccjyuXevm66rZEAgKAnsiLsFRf8hkJNcOnok9%2BBcP4Apfgi98VsEqwKH7A%3D%3D%22; Domain=.lockerdome.com; Path=/; Expires=Fri, 16 Sep 2022 01:06:17 GMT; Secure; SameSite=None ldrid=bqGRk1ybS4Nn30Y%2FVqJHN4yapaiCX341LJX6ZOqShU8CSF8kA5%2FFuoDvuKmjXHDfNFL%2BtpeKK3ulyYvlc3DEIXVKN4TtZS%2FGuljmXMwrP%2F65tEqK7ftieH6ahK7RFupV; Domain=.lockerdome.com; Path=/; Secure; SameSite=None
P3P: CP='LockerDome does not have a P3P policy. Learn why here: http://lockerdome.com/p3p'
Cache-Control: no-cache, max-age=0, must-revalidate, no-store
Content-Type: text/html; charset=utf-8
Content-Encoding: gzip
Content-Length: 27906
Date: Thu, 16 Sep 2021 01:06:17 GMT

GET
H3 200 bg2.jpg
www.livenewsnow.com/wp-content/uploads/2015/07/ 33 KB
33 KB 96ms
96ms Image
image/jpeg 142.44.129.23
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.livenewsnow.com/wp-content/uploads/2015/07/bg2.jpg

Requested by

Host: www.livenewsnow.com
URL: https://www.livenewsnow.com/featured/msnbc.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.44.129.23 , Canada, ASN16276 (OVH, FR),

Reverse DNS

ip23.ip-142-44-129.net

Software

LiteSpeed /

Resource Hash

de17e0ca10bb45ecb9a035136b03e607a35b2111dd21f97957c1b89bb24b39ad

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

:path: /wp-content/uploads/2015/07/bg2.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.livenewsnow.com
referer: https://www.livenewsnow.com/featured/msnbc.html
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.livenewsnow.com/featured/msnbc.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 01:06:17 GMT
last-modified: Fri, 23 Oct 2015 04:57:06 GMT
server: LiteSpeed
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 33994
expires: Thu, 23 Sep 2021 01:06:17 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 136 KB
48 KB 70ms
37ms XHR
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.livenewsnow.com
URL: https://www.livenewsnow.com/featured/msnbc.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

6b81df06ae875dc7cdbe72d5f6bc6b8105270e77881b49e3c7f39ccabe13ef8b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.livenewsnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 01:06:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48905
x-xss-protection: 0
server: cafe
etag: 2351837866449124911
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 16 Sep 2021 01:06:17 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 136 KB
48 KB 52ms
31ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.livenewsnow.com
URL: https://www.livenewsnow.com/featured/msnbc.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

6b81df06ae875dc7cdbe72d5f6bc6b8105270e77881b49e3c7f39ccabe13ef8b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.livenewsnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 01:06:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48905
x-xss-protection: 0
server: cafe
etag: 2351837866449124911
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 16 Sep 2021 01:06:17 GMT

GET
H/1.1 200
OK 0.php Show response
s4.histats.com/stats/ 381 B
516 B 302ms
96ms Script
text/html 192.99.8.27
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/0.php?4070290&@f16&@g1&@h1&@i1&@j1631754377121&@k0&@l1&@mMSNBC%20Live%20Stream%20free%20-%20MSNBC%20News%20Live%20Streaming%20Online&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1600&@b1:87911554&@b3:1631754377&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Fwww.livenewsnow.com%2Ffeatured%2Fmsnbc.html&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.99.8.27 Ajax, Canada, ASN16276 (OVH, FR),
Reverse DNS: ns500876.ip-192-99-8.net
Software: /
Resource Hash: 3a004449a902761aad16b864139debff60e5165b7740cd6e4939e3282ca2bd80

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.livenewsnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Thu, 16 Sep 2021 01:06:17 GMT
Connection: close
Content-Length: 381
Content-Type: text/html;charset=UTF-8

GET
H2 200 pubads_impl_2021091001.js Show response
securepubads.g.doubleclick.net/gpt/ 333 KB
117 KB 22ms
21ms Script
text/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021091001.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

sffe /

Resource Hash

7345db8b8745d32b70fbbb0867ab8488760e99ce94aa40a78e73ad7fcba15866

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.livenewsnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 01:06:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 119453
x-xss-protection: 0
last-modified: Fri, 10 Sep 2021 19:52:34 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 16 Sep 2021 01:06:17 GMT

GET
H2 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 119 B
756 B 64ms
24ms XHR
application/json 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.livenewsnow.com

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

7ee5de01d8589cc2dc2075187d4074d1bc52b7c37cde32839b66a535bd5eff50

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.livenewsnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 16 Sep 2021 01:06:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 99
x-xss-protection: 0
expires: Thu, 16 Sep 2021 01:06:17 GMT

GET
H2 200 cmp-list.json Show response
test.quantcast.mgr.consensu.org/GVL-v2/ 8 KB
3 KB 49ms
7ms XHR
application/json 13.225.78.59
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://test.quantcast.mgr.consensu.org/GVL-v2/cmp-list.json
Requested by: Host: assets.vlitag.com
URL: https://assets.vlitag.com/plugins/cmptcf2/cmp-v2.0.1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-59.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e471b6efa3a2b682b7057a68f7826651f7c932c91f65542cf31bd162270f2cbf

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.livenewsnow.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 03:00:37 GMT
content-encoding: gzip
age: 79541
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
access-control-max-age: 86400
access-control-allow-origin: *
last-modified: Mon, 06 Sep 2021 19:52:29 GMT
server: AmazonS3
etag: W/"47f3f3ad0905922709490823450c6feb"
vary: Accept-Encoding
access-control-allow-methods: GET
x-amz-version-id: AlP0zBEKPJPlZb6yVaUvANOTp9Jly4TY
via: 1.1 a10d58b5ce965502cc34c5b27682fe23.cloudfront.net (CloudFront)
cache-control: max-age=172800
x-amz-cf-pop: FRA2-C2
content-type: application/json
x-amz-cf-id: WIslZEO4qgxl_hYT7upXAXX3En4D7Qo0_wPmQI62CywvyWRcR191dw==

GET
H2 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ 4 KB
3 KB 34ms
14ms Script
text/javascript 142.250.185.131
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js?loadCastFramework=1

Requested by

Host: www.livenewsnow.com
URL: https://www.livenewsnow.com/wp-content/player/jwplayer.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f3.1e100.net

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.livenewsnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 01:06:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2007
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="cloudview"
expires: Thu, 16 Sep 2021 01:06:17 GMT

GET
H2 200 latest.json Show response
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 2 KB
1 KB 20ms
6ms XHR
application/json 151.101.65.229
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20210916

Requested by

Host: assets.vlitag.com
URL: https://assets.vlitag.com/prebid/default/prebid-v5.12.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.229 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

60e642785893759e29dca69afd93ff0f6fea591067850fe30d5d7235b0431de1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.livenewsnow.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 34722
x-jsd-version: 1.0.1101
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
content-length: 936
etag: W/"6a0-q87q6Z6a9/Iy8YRkFiPxS7SypnE"
x-served-by: cache-fra19148-FRA, cache-hhn4042-HHN
x-jsd-version-type: version
date: Thu, 16 Sep 2021 01:06:17 GMT
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
H3 200 1592801729.jpg
assets.vlitag.com/widget/2020/06/22/ 74 KB
75 KB 35ms
18ms Image
image/webp 104.26.14.238
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.vlitag.com/widget/2020/06/22/1592801729.jpg

Requested by

Host: www.livenewsnow.com
URL: https://www.livenewsnow.com/featured/msnbc.html

Protocol

Security

QUIC, , AES_128_GCM

Server

104.26.14.238 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b8341f341848ee9eec71870d976b0895ef1084190c2e0b0349d2ba1c9b9ef64e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.livenewsnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 01:06:17 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 10070
cf-polished: qual=85, origFmt=jpeg, origSize=103053
content-disposition: inline; filename="1592801729.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 75514
x-xss-protection: 1; mode=block
x-robots-tag: noindex, nofollow
last-modified: Mon, 22 Jun 2020 04:55:29 GMT
server: cloudflare
etag: "5ef039c1-1928d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rqjLVNtz7LRvO0NyyIegPiJ2CAfDdoE2b4HsZ5HmJAd1rjOF3mUJdpeRMAh%2F6dwoL1Tu9B38T7mq7iO6T%2BmRHjUZRUYx58IF1sX%2B78qoLL2TjA3H8Z7gEKRaBp2fLh9iIEA2"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
expires: Wed, 15 Sep 2021 22:48:27 GMT
cache-control: max-age=16070400
accept-ranges: bytes
cf-ray: 68f630fa09492798-PRG
cf-bgj: imgq:85,h2pri

GET
H2 200 vendor-list.json Show response
quantcast.mgr.consensu.org/GVL-v2/ 286 KB
34 KB 49ms
8ms XHR
application/json 13.225.78.27
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://quantcast.mgr.consensu.org/GVL-v2/vendor-list.json
Requested by: Host: assets.vlitag.com
URL: https://assets.vlitag.com/plugins/cmptcf2/cmp-v2.0.1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-27.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5c750ce976363fb5e2bd5f7c4ec8fcaa56ccfd6014470dea6bb0e5dcde0732af

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.livenewsnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 03:00:34 GMT
content-encoding: br
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
age: 79544
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
access-control-allow-origin: *
last-modified: Wed, 15 Sep 2021 03:00:32 GMT
server: AmazonS3
etag: W/"724e5a01243d095623def768f341ec76"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/json
via: 1.1 182ef5a8d12abb5df1553676864737b1.cloudfront.net (CloudFront)
cache-control: max-age=172800
access-control-allow-credentials: true
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: LdNL4_gELdYvx359VaLJCp_2uo10MxKOQD21sWk_ULI-R-DiRYQnvw==

POST
H/1.1 200
OK /
reporting.powerad.ai/ 2 B
412 B 327ms
101ms Ping
text/plain 54.234.151.247
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://reporting.powerad.ai/
Requested by: Host: powerad.ai
URL: https://powerad.ai/script.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 54.234.151.247 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-234-151-247.compute-1.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) / Express
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer: https://www.livenewsnow.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Thu, 16 Sep 2021 01:06:17 GMT
Server: nginx/1.14.0 (Ubuntu)
X-Powered-By: Express
ETag: W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
Access-Control-Allow-Methods: GET, POST, PATCH, PUT, DELETE, OPTIONS
Content-Type: text/plain; charset=utf-8
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: *
Content-Length: 2

GET
H2 200 pbjs_wrapper.v1.0.js Show response
hb.brainlyads.com/ Frame 1B61 30 KB
10 KB 307ms
94ms Script
application/javascript 23.20.158.212
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://hb.brainlyads.com/pbjs_wrapper.v1.0.js

Requested by

Host: powerad.ai
URL: https://powerad.ai/script.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

23.20.158.212 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-23-20-158-212.compute-1.amazonaws.com

Software

nginx/1.10.3 (Ubuntu) /

Resource Hash

be04875b9f8add7b65cf2440584e0547bbb26b118cf1f8ce542cd22a9bafd365

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.livenewsnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 01:06:17 GMT
content-encoding: gzip
last-modified: Mon, 13 Sep 2021 20:08:46 GMT
server: nginx/1.10.3 (Ubuntu)
etag: W/"613fafce-7921"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400
strict-transport-security: max-age=31536000; includeSubDomains; preload
expires: Fri, 17 Sep 2021 01:06:17 GMT

GET
H2 200 pbjs_wrapper.v1.1.js Show response
hb.brainlyads.com/ Frame 28C2 31 KB
10 KB 392ms
185ms Script
application/javascript 23.20.158.212
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://hb.brainlyads.com/pbjs_wrapper.v1.1.js

Requested by

Host: powerad.ai
URL: https://powerad.ai/script.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

23.20.158.212 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-23-20-158-212.compute-1.amazonaws.com

Software

nginx/1.10.3 (Ubuntu) /

Resource Hash

eea884f644cea2d7f6f70040660fe8ab41d0b21fd1b5eeb6549816751aa07935

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.livenewsnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 01:06:17 GMT
content-encoding: gzip
last-modified: Mon, 13 Sep 2021 20:08:46 GMT
server: nginx/1.10.3 (Ubuntu)
etag: W/"613fafce-7c1c"
vary: Accept-Encoding
content-type: application/javascript
strict-transport-security: max-age=31536000; includeSubDomains; preload

GET
H/1.1 200
OK / Show response
powerad.ai/pubPls/ 22 KB
3 KB 288ms
101ms XHR
text/html 18.211.226.152
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://powerad.ai/pubPls/?width=1600&url=https%3A%2F%2Fwww.livenewsnow.com%2Ffeatured%2Fmsnbc.html
Requested by: Host: powerad.ai
URL: https://powerad.ai/script.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 18.211.226.152 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-211-226-152.compute-1.amazonaws.com
Software: nginx/1.10.3 (Ubuntu) / Express
Resource Hash: bb83c0866801734cfc041dd87e72a5cac94baf9497b4d83fa0185ed9c5a14560

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.livenewsnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Thu, 16 Sep 2021 01:06:17 GMT
Content-Encoding: gzip
Server: nginx/1.10.3 (Ubuntu)
Transfer-Encoding: chunked
X-Powered-By: Express
ETag: W/"58e1-B5KTKF3xF5/V/ZwIPl2nvkLDj6w"
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: https://www.livenewsnow.com
Access-Control-Allow-Credentials: true
Connection: close
Access-Control-Allow-Headers: *

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20210913/r20190131/ Frame 2A0A 10 KB
5 KB 55ms
15ms Document
text/html 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20210913/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

bf5230ffb8745d28c11ae8b743868364f9be8379300bd59d235f402a53ea96ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20210913/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.livenewsnow.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.livenewsnow.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Wed, 15 Sep 2021 20:52:36 GMT
expires: Wed, 29 Sep 2021 20:52:36 GMT
content-type: text/html; charset=UTF-8
etag: 13836150016441684253
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4591
x-xss-protection: 0
age: 15221
cache-control: public, max-age=1209600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 cast_framework.js Show response
www.gstatic.com/cast/sdk/libs/sender/1.0/ 36 KB
12 KB 42ms
27ms Script
text/javascript 142.250.185.131
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cast/sdk/libs/sender/1.0/cast_framework.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js?loadCastFramework=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f3.1e100.net

Software

sffe /

Resource Hash

cf016295997068c6cd58f52c4fca8fdec2806b76e09b12521fcf734e0fcbf5f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.livenewsnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 01:06:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12390
x-xss-protection: 0
last-modified: Mon, 06 Jul 2020 23:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"chrome-dongle","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/chrome-dongle"}]}
content-type: text/javascript
cache-control: private, max-age=0
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="chrome-dongle"
expires: Thu, 16 Sep 2021 01:06:17 GMT

GET
H3 200 cast_sender.js Show response
www.gstatic.com/eureka/clank/92/ 52 KB
15 KB 24ms
9ms Script
text/javascript 142.250.185.131
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/eureka/clank/92/cast_sender.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js?loadCastFramework=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f3.1e100.net

Software

sffe /

Resource Hash

347929e823326917ec72df0adfe9a05f12ac69dca63e1c1ff0c9265bd87b1550

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.livenewsnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 17:41:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 26710
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15330
x-xss-protection: 0
last-modified: Mon, 14 Jun 2021 15:08:18 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type: text/javascript
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="cloudview-release"
expires: Thu, 16 Sep 2021 17:41:07 GMT

GET
H2 200 mono.m3u8 Show response
1420543146.rsc.cdn77.org/aWZVPhaSUIM6No-EH32w-w==,1631767981/LS-ATL-54548-10/tracks-v1a1/ 300 B
672 B 7ms
7ms XHR
application/vnd.apple.mpegurl 195.181.175.25
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://1420543146.rsc.cdn77.org/aWZVPhaSUIM6No-EH32w-w==,1631767981/LS-ATL-54548-10/tracks-v1a1/mono.m3u8
Requested by: Host: ssl.p.jwpcdn.com
URL: https://ssl.p.jwpcdn.com/player/v/8.3.2/provider.hlsjs.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.181.175.25 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: frankfurt-20.cdn77.com
Software: CDN77-Turbo /
Resource Hash: 423aa2a4808a60747f255a1481a9d9909565b8f2783e3239e953e82b7325b432

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.livenewsnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Thu, 16 Sep 2021 01:06:17 GMT
content-encoding: br
x-cache: HIT
x-run-time: 692
x-age: 0
x-sid: 614292c4-4c37-4ed1-babe-dd9a00333e3b
x-77-nzt: AcO1rxdUstDvAAAAAA==
pragma: no-cache
server: CDN77-Turbo
cache-control: no-cache, no-store, must-revalidate
x-77-nzt-ray: tkZwiHXJf3A=
x-77-cache: HIT
access-control-allow-methods: GET, PUT, DELETE, OPTIONS
content-type: application/vnd.apple.mpegurl
access-control-allow-origin: *
access-control-expose-headers: Server, range, X-Run-Time, Content-Length, Location
x-route-time: 1062
access-control-allow-headers: x-vsaas-session, x-no-redirect, origin, authorization, accept, range
x-accel-expires: @1631754378

POST
H2 200 serve.js.php Show response
trends.revcontent.com/ 91 KB
91 KB 191ms
190ms XHR
text/javascript 52.50.197.208
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://trends.revcontent.com/serve.js.php?w=112299&t=rc_322&c=1631754376838&width=1600&site_url=https%3A%2F%2Fwww.livenewsnow.com%2Ffeatured%2Fmsnbc.html&referer=&skip_iab=true

Requested by

Host: trends.revcontent.com
URL: https://trends.revcontent.com/serve.js.php?w=112299&t=rc_322&c=1631754376838&width=1600&referer=https%3A%2F%2Fwww.livenewsnow.com%2Ffeatured%2Fmsnbc.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.50.197.208 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-50-197-208.eu-west-1.compute.amazonaws.com

Software

Apache/2.4.25 (Debian) /

Resource Hash

7ba77ecceacb5216e170a452593d3d518340a202054332bb36608f9e523e9405

Security Headers

Name	Value
Strict-Transport-Security	max-age=931536000; includeSubDomains

Request headers

Referer: https://www.livenewsnow.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://www.livenewsnow.com
date: Thu, 16 Sep 2021 01:06:17 GMT
access-control-allow-credentials: true
server: Apache/2.4.25 (Debian)
strict-transport-security: max-age=931536000; includeSubDomains
content-type: text/javascript; charset=utf-8

GET
H2 200 cmp2ui-en.js Show response
quantcast.mgr.consensu.org/tcfv2/23/ 469 KB
134 KB 34ms
10ms Script
text/javascript 13.225.78.27
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://quantcast.mgr.consensu.org/tcfv2/23/cmp2ui-en.js
Requested by: Host: assets.vlitag.com
URL: https://assets.vlitag.com/plugins/cmptcf2/cmp-v2.0.1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-27.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 587e2e7350886d6b5fd31e385638ffe5cf3331c82260e8fe76523f99cda27a42

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.livenewsnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 19:20:40 GMT
content-encoding: gzip
age: 20738
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
access-control-max-age: 86400
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
last-modified: Fri, 18 Dec 2020 15:09:43 GMT
server: AmazonS3
etag: W/"b999c652510fc4edd897a1d667aaee33"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: text/javascript;charset=UTF-8
via: 1.1 784dd167d622737126ee2d76985e7d3c.cloudfront.net (CloudFront)
cache-control: max-age=172800
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: _6waBn9w4HwQ-reH5BstaSaPBwA7j5vlzJvoPpzKeFC487uOCZUkNQ==

GET
H2 200 50-06000.ts Show response
1420543146.rsc.cdn77.org/aWZVPhaSUIM6No-EH32w-w==,1631767981/LS-ATL-54548-10/tracks-v1a1/2021/09/16/01/05/ 499 KB
500 KB 10ms
10ms XHR
video/mp2t 195.181.175.25
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://1420543146.rsc.cdn77.org/aWZVPhaSUIM6No-EH32w-w==,1631767981/LS-ATL-54548-10/tracks-v1a1/2021/09/16/01/05/50-06000.ts
Requested by: Host: ssl.p.jwpcdn.com
URL: https://ssl.p.jwpcdn.com/player/v/8.3.2/provider.hlsjs.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.181.175.25 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: frankfurt-20.cdn77.com
Software: CDN77-Turbo /
Resource Hash: 003dd7b596a404268ba736e11666ae3003c64483cd3f41e1cb546ed0df20554c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.livenewsnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Thu, 16 Sep 2021 01:06:17 GMT
x-just-generated: false
x-77-cache: HIT
x-run-time: 56
x-cache: HIT
x-age: 17
content-length: 511360
x-sid: 614296bc-4b60-4175-807a-7fabbe0abc5b
x-77-nzt: AcO1rxcxECzvEQAAAA==
x-accel-expires: @1632791160
server: CDN77-Turbo
x-77-nzt-ray: CJbXz+X1Dq0=
x-memory: yes
access-control-allow-methods: GET, PUT, DELETE, OPTIONS
content-type: video/MP2T
access-control-allow-origin: *
access-control-expose-headers: Server, range, X-Run-Time, Content-Length, Location
x-route-time: 829
accept-ranges: bytes
access-control-allow-headers: x-vsaas-session, x-no-redirect, origin, authorization, accept, range

GET
BLOB 200
OK c15916b8-0293-4104-a143-ca0993a0fed2
https://www.livenewsnow.com/ 62 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.livenewsnow.com/c15916b8-0293-4104-a143-ca0993a0fed2
Requested by: Host: www.livenewsnow.com
URL: https://www.livenewsnow.com/featured/msnbc.html
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0ff82947b9b183f11dd7f5cb3bd52398e6f1757d1859181d577a653d5d4b3b4a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Length: 63777
Content-Type: text/javascript

GET
H2 200 / Show response
audit-tcfv2.quantcast.mgr.consensu.org/ 80 B
504 B 50ms
10ms XHR
text/html 13.224.193.80
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://audit-tcfv2.quantcast.mgr.consensu.org/?log=%7B%22domain%22%3A%22www.livenewsnow.com%22%2C%22publisher%22%3A%22%22%2C%22cmpId%22%3A10%2C%22cmpVersion%22%3A%222.23%22%2C%22displayType%22%3A%22tcfui%3Amandatory%22%2C%22configurationHashCode%22%3A%22%22%2C%22clientTimestamp%22%3A1631754377450%2C%22operationType%22%3A%22init%22%2C%22sessionId%22%3A%22GDPR-df5dn37cw47v41tr1y83%22%7D
Requested by: Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/tcfv2/23/cmp2ui-en.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.193.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-193-80.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2d0f6b590917e7d27ddeb026b280d62dde9d03bb92f47f56342fc5f68f0c24eb

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.livenewsnow.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 01:06:17 GMT
via: 1.1 8f20db43ba7579b7216cf908572d5054.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
access-control-max-age: 3000
content-length: 80
last-modified: Tue, 26 Nov 2019 14:21:44 GMT
server: AmazonS3
etag: "0614149d8033903db5de46d6c184bbfd"
vary: Origin
access-control-allow-methods: GET
content-type: text/html
access-control-allow-origin: *
accept-ranges: bytes
x-amz-cf-id: nhzU0_GfWPfnIovcA-7e9quDrolPp81G4Qp4mi_-LXdOm1U8rlutGA==

GET
H/1.1 200
OK / Show response
e.dtscout.com/e/ 7 KB
8 KB 318ms
97ms Script
application/javascript 158.69.139.229
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fwww.livenewsnow.com%2Ffeatured%2Fmsnbc.html&j=
Requested by: Host: s4.histats.com
URL: https://s4.histats.com/stats/0.php?4070290&@f16&@g1&@h1&@i1&@j1631754377121&@k0&@l1&@mMSNBC%20Live%20Stream%20free%20-%20MSNBC%20News%20Live%20Streaming%20Online&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1600&@b1:87911554&@b3:1631754377&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Fwww.livenewsnow.com%2Ffeatured%2Fmsnbc.html&@w
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 158.69.139.229 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: ip229.ip-158-69-139.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: fcfa6a1b37a40c248dae7bc50e11212bfad4eef8ddf5c7fe653b83065a81d7b7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.livenewsnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Thu, 16 Sep 2021 01:06:17 GMT
X-T: 0.697
Server: nginx/1.14.0 (Ubuntu)
Transfer-Encoding: chunked
Content-Type: application/javascript
Cache-Control: no-cache
Connection: close
X-S: mtl3
Expires: Thu, 16 Sep 2021 01:06:16 GMT

GET
H2 200 56-06000.ts Show response
1420543146.rsc.cdn77.org/aWZVPhaSUIM6No-EH32w-w==,1631767981/LS-ATL-54548-10/tracks-v1a1/2021/09/16/01/05/ 496 KB
497 KB 7ms
7ms XHR
video/mp2t 195.181.175.25
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://1420543146.rsc.cdn77.org/aWZVPhaSUIM6No-EH32w-w==,1631767981/LS-ATL-54548-10/tracks-v1a1/2021/09/16/01/05/56-06000.ts
Requested by: Host: ssl.p.jwpcdn.com
URL: https://ssl.p.jwpcdn.com/player/v/8.3.2/provider.hlsjs.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.181.175.25 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: frankfurt-20.cdn77.com
Software: CDN77-Turbo /
Resource Hash: fd03648f45388f7407839c493784719ceed0bb6dc1f00b9a306170705267cc84

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.livenewsnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Thu, 16 Sep 2021 01:06:17 GMT
x-just-generated: false
x-77-cache: HIT
x-run-time: 297
x-cache: HIT
x-age: 14
content-length: 508352
x-sid: 614292c4-4c37-4ed1-babe-dd9a00333e3b
x-77-nzt: AcO1rxfTgWHvDgAAAA==
x-accel-expires: @1632791163
server: CDN77-Turbo
x-77-nzt-ray: +4FHZLas0GA=
x-memory: yes
access-control-allow-methods: GET, PUT, DELETE, OPTIONS
content-type: video/MP2T
access-control-allow-origin: *
access-control-expose-headers: Server, range, X-Run-Time, Content-Length, Location
x-route-time: 743
accept-ranges: bytes
access-control-allow-headers: x-vsaas-session, x-no-redirect, origin, authorization, accept, range

GET
H/1.1 200 Hc6PdfQeAi.js Show response
pixel.zprk.io/v5/pixeljs/ 3 KB
3 KB 907ms
165ms Script
text/plain 3.1.182.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.zprk.io/v5/pixeljs/Hc6PdfQeAi.js?dne=1
Requested by: Host: powerad.ai
URL: https://powerad.ai/script.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 3.1.182.12 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-1-182-12.ap-southeast-1.compute.amazonaws.com
Software: /
Resource Hash: 8e521ebeb6ce59914c54f532b1577efd671f4b02bb3c331e01b4a7e79a02cfea

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.livenewsnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Thu, 16 Sep 2021 01:06:18 GMT
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Origin, Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers
Content-Length: 2753
Access-Control-Max-Age: 3600
Access-Control-Allow-Methods: POST, GET, DELETE, PUT
Content-Type: text/plain;charset=UTF-8

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 99 KB
40 KB 65ms
30ms Script
application/javascript 172.217.16.136
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-167135943-15

Requested by

Host: powerad.ai
URL: https://powerad.ai/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.136 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

de53bb899de0e7ac8347ac5b9f4950eead5e20188b771e2698386446fa39c19d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.livenewsnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 01:06:17 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 40289
x-xss-protection: 0
last-modified: Thu, 16 Sep 2021 00:14:51 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 16 Sep 2021 01:06:17 GMT

GET
H2 200 251 Show response
a.ad.gt/api/v1/u/matches/ 3 KB
4 KB 545ms
184ms Script
application/javascript 44.227.231.197
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://a.ad.gt/api/v1/u/matches/251?url=https%3A%2F%2Fwww.livenewsnow.com%2Ffeatured%2Fmsnbc.html&ref=
Requested by: Host: www.livenewsnow.com
URL: https://www.livenewsnow.com/featured/msnbc.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.227.231.197 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-227-231-197.us-west-2.compute.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: b3f54981ec71901307b6827d8364b19d6384af175db572cb080badf0a1662a9a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.livenewsnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 01:06:18 GMT
server: nginx/1.18.0
content-length: 3299
content-type: application/javascript

POST
H/1.1 200
OK /
reporting.powerad.ai/ 2 B
412 B 124ms
101ms Ping
text/plain 54.234.151.247
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://reporting.powerad.ai/
Requested by: Host: powerad.ai
URL: https://powerad.ai/script.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 54.234.151.247 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-234-151-247.compute-1.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) / Express
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer: https://www.livenewsnow.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Thu, 16 Sep 2021 01:06:17 GMT
Server: nginx/1.14.0 (Ubuntu)
X-Powered-By: Express
ETag: W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
Access-Control-Allow-Methods: GET, POST, PATCH, PUT, DELETE, OPTIONS
Content-Type: text/plain; charset=utf-8
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: *
Content-Length: 2

GET
H2 200 rev2.min.css
cdn.revcontent.com/build/css/ 83 KB
23 KB 70ms
12ms Stylesheet
text/css 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.revcontent.com/build/css/rev2.min.css?v=8a3a2a6978afdbc7f3ab19beaf8d5c256995dd86
Requested by: Host: www.livenewsnow.com
URL: https://www.livenewsnow.com/featured/msnbc.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: cfd9bd8cba6101b2aea532c6e97999727d60f644e4ac81acbbc5a97c2646eec4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.livenewsnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 01:06:17 GMT
content-encoding: gzip
last-modified: Mon, 13 Sep 2021 19:23:45 GMT
etag: "1631561025"
x-hw: 1631754377.cds103.fr8.hn,1631754377.cds286.fr8.c
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=13
accept-ranges: bytes
content-length: 23124

GET
H2 200 rev2.min.js Show response
cdn.revcontent.com/build/js/ 280 KB
84 KB 71ms
14ms Script
application/javascript 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.revcontent.com/build/js/rev2.min.js?v=8a3a2a6978afdbc7f3ab19beaf8d5c256995dd86&del=https://trends.revcontent.com/&lg=https://cdn.revcontent.com/assets/img/rc-logo.png&ci=https://cdn.revcontent.com/assets/img/icon-close.png&ab=https://trends.revcontent.com/rc-about.php&ldr=https://cdn.revcontent.com/assets/img/rc-spinner-md.gif&ht=https://trends.revcontent.com/rc-interests.php&env=p0&ca=0
Requested by: Host: www.livenewsnow.com
URL: https://www.livenewsnow.com/featured/msnbc.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: eded12927f58b27c9311a59faf78cff563208a205e1e179ac664b6d5ed32a10a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.livenewsnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 01:06:17 GMT
content-encoding: gzip
last-modified: Mon, 13 Sep 2021 19:23:45 GMT
etag: "1631561025"
x-hw: 1631754377.cds103.fr8.hn,1631754377.cds267.fr8.c
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=50
accept-ranges: bytes
content-length: 85555

GET
H2 200 /
img.revcontent.com/ 20 KB
20 KB 65ms
9ms Image
image/png 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.revcontent.com/?url=https://cdn.revcontent.com/assets/img/full_color.png&static=true
Requested by: Host: www.livenewsnow.com
URL: https://www.livenewsnow.com/featured/msnbc.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: c842ab9a59af3f3d62511fdb5488ad527d2193c3371b5561ade4a2a19a8e7062

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.livenewsnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 01:06:17 GMT
last-modified: Wed, 01 Jul 2020 17:13:25 GMT
etag: "1593623605"
x-hw: 1631754377.cds013.fr8.hn,1631754377.cds260.fr8.c
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 20438

GET
H2 200 6130d3046024a0-25015557.jpg
images.revcontent.com/revcontent/image/fetch/f_auto,h_315,w_420,c_fill,g_face/pg_1/https://revcontent-p0.s3.amazonaws.com/content/images/ 18 KB
18 KB 66ms
17ms Image
image/webp 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.revcontent.com/revcontent/image/fetch/f_auto,h_315,w_420,c_fill,g_face/pg_1/https://revcontent-p0.s3.amazonaws.com/content/images/6130d3046024a0-25015557.jpg

Requested by

Host: www.livenewsnow.com
URL: https://www.livenewsnow.com/featured/msnbc.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

f035c4a6afb58c56c65f07d66abf493568bfed413043836852549635d97c0c39

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.livenewsnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 01:06:17 GMT
strict-transport-security: max-age=604800
x-content-type-options: nosniff
content-disposition: inline; filename="6130d3046024a0-25015557.webp"
server-timing: fastly;dur=1;start=2021-09-09T11:39:01.012Z;desc=hit,rtt;dur=0
content-length: 18034
last-modified: Thu, 09 Sep 2021 11:38:12 GMT
server: Cloudinary
etag: "bff9a3186ac9bfc29c3486ed8c52be47"
vary: Accept
x-hw: 1631754377.cds136.fr8.hn,1631754377.cds130.fr8.c
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Disposition,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control: private, no-transform, immutable, max-age=604800
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 15783481871754702877.png
images.revcontent.com/revcontent/image/fetch/f_auto,h_315,w_420,c_fill,g_face/pg_1/https://revcontent-p0.s3.amazonaws.com/content/images/ 7 KB
7 KB 66ms
17ms Image
image/webp 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.revcontent.com/revcontent/image/fetch/f_auto,h_315,w_420,c_fill,g_face/pg_1/https://revcontent-p0.s3.amazonaws.com/content/images/15783481871754702877.png

Requested by

Host: www.livenewsnow.com
URL: https://www.livenewsnow.com/featured/msnbc.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

61d43897b23b0eb7b3a42b1c2659ebc7272c638380856b42292b92ddfac3714d

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.livenewsnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 01:06:17 GMT
strict-transport-security: max-age=604800
x-content-type-options: nosniff
content-disposition: inline; filename="15783481871754702877.webp"
server-timing: fastly;dur=1;cpu=0;start=2021-07-29T00:22:10.857Z;desc=hit,rtt;dur=0
content-length: 7108
last-modified: Wed, 02 Sep 2020 11:50:23 GMT
server: Cloudinary
etag: "0ebad65ab5558b52f6f979b48537beb5"
vary: Accept
x-hw: 1631754377.cds136.fr8.hn,1631754377.cds265.fr8.c
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Disposition,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control: private, no-transform, immutable, max-age=604800
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 81af12a11faf05e40e039461e196ca61.jpg
images.revcontent.com/revcontent/image/fetch/f_auto,h_315,w_420,c_fill,g_face/pg_1/https://revcontent-p0.s3.amazonaws.com/content/images/ 17 KB
17 KB 55ms
21ms Image
image/jp2 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.revcontent.com/revcontent/image/fetch/f_auto,h_315,w_420,c_fill,g_face/pg_1/https://revcontent-p0.s3.amazonaws.com/content/images/81af12a11faf05e40e039461e196ca61.jpg

Requested by

Host: www.livenewsnow.com
URL: https://www.livenewsnow.com/featured/msnbc.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.livenewsnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 01:06:17 GMT
strict-transport-security: max-age=604800
x-content-type-options: nosniff
server-timing: fastly;dur=1;cpu=0;start=2021-02-15T14:21:40.250Z;desc=hit,rtt;dur=0
content-length: 17222
last-modified: Thu, 13 Aug 2020 13:59:19 GMT
server: Cloudinary
etag: "593ce908ad14404bf6a7b5ebf8320031"
vary: Accept
x-hw: 1631754377.cds136.fr8.hn,1631754377.cds205.fr8.c
content-type: image/jp2
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control: private, no-transform, immutable, max-age=604800
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 636f3ea27ce95f2f9e404ef0b9911ccd.jpg
images.revcontent.com/revcontent/image/fetch/f_auto,h_315,w_420,c_fill,g_face/pg_1/https://revcontent-p0.s3.amazonaws.com/content/images/ 14 KB
14 KB 58ms
24ms Image
image/jp2 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.revcontent.com/revcontent/image/fetch/f_auto,h_315,w_420,c_fill,g_face/pg_1/https://revcontent-p0.s3.amazonaws.com/content/images/636f3ea27ce95f2f9e404ef0b9911ccd.jpg

Requested by

Host: www.livenewsnow.com
URL: https://www.livenewsnow.com/featured/msnbc.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.livenewsnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 01:06:17 GMT
strict-transport-security: max-age=604800
x-content-type-options: nosniff
server-timing: fastly;dur=1;cpu=0;start=2021-02-15T10:32:54.515Z;desc=hit,rtt;dur=0
content-length: 14149
last-modified: Thu, 13 Aug 2020 13:59:26 GMT
server: Cloudinary
etag: "1b41fd4e2b193b6d2ef4e8e2305663cb"
vary: Accept
x-hw: 1631754377.cds136.fr8.hn,1631754377.cds208.fr8.c
content-type: image/jp2
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control: private, no-transform, immutable, max-age=604800
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 79fceba335062b29a2b9106a9e07e87e.jpg
images.revcontent.com/revcontent/image/fetch/f_auto,h_315,w_420,c_fill,g_face/pg_1/https://revcontent-p0.s3.amazonaws.com/content/images/ 11 KB
11 KB 60ms
26ms Image
image/webp 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.revcontent.com/revcontent/image/fetch/f_auto,h_315,w_420,c_fill,g_face/pg_1/https://revcontent-p0.s3.amazonaws.com/content/images/79fceba335062b29a2b9106a9e07e87e.jpg

Requested by

Host: www.livenewsnow.com
URL: https://www.livenewsnow.com/featured/msnbc.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

9c109b741789481c91d709680cde5869af478b04c954ce4eb53cb7fe0ec91ee5

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.livenewsnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 01:06:17 GMT
strict-transport-security: max-age=604800
x-content-type-options: nosniff
content-disposition: inline; filename="79fceba335062b29a2b9106a9e07e87e.webp"
server-timing: fastly;dur=240;cpu=0;start=2021-01-21T06:29:02.641Z;desc=miss,rtt;dur=0,cloudinary;dur=150;start=2021-01-21T06:29:02.685Z
content-length: 11170
last-modified: Thu, 13 Aug 2020 13:59:38 GMT
server: Cloudinary
etag: "8ffb9746b713de9d9845b57155819e01"
vary: Accept
x-hw: 1631754377.cds136.fr8.hn,1631754377.cds258.fr8.c
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Disposition,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control: private, no-transform, immutable, max-age=604800
accept-ranges: bytes
timing-allow-origin: *

GET
H/1.1 200
OK vid_script.js Show response
powerad.ai/ 42 KB
11 KB 334ms
117ms Script
application/javascript 18.211.226.152
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://powerad.ai/vid_script.js
Requested by: Host: powerad.ai
URL: https://powerad.ai/script.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 18.211.226.152 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-211-226-152.compute-1.amazonaws.com
Software: nginx/1.10.3 (Ubuntu) / Express
Resource Hash: 0902efb215fa96af6fda4f5c9115bdab9b5596527dcb58e32919e12f4d59a839

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.livenewsnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Thu, 16 Sep 2021 01:06:17 GMT
Content-Encoding: gzip
Last-Modified: Thu, 02 Sep 2021 15:19:10 GMT
Server: nginx/1.10.3 (Ubuntu)
Transfer-Encoding: chunked
X-Powered-By: Express
ETag: W/"a9ab-17ba717a5c2"
Vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=3600
Access-Control-Allow-Credentials: true
Connection: close
Access-Control-Allow-Headers: *

GET
H2 200 / Show response
hb.brainlyads.com/json-parts/2421/ Frame 8D03 5 KB
2 KB 371ms
185ms XHR
application/json 23.20.158.212
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://hb.brainlyads.com/json-parts/2421/?ver=1.0&pageId=1164287288&sizes=[]&winbidder=&keyValues=[[%22refresh%22,0],[%22url%22,%22https://www.livenewsnow.com/featured/msnbc.html%22],[%22referrer%22,%22%22],[%22referrerCategory%22,%22Direct%22]]

Requested by

Host: www.livenewsnow.com
URL: https://www.livenewsnow.com/featured/msnbc.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

23.20.158.212 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-23-20-158-212.compute-1.amazonaws.com

Software

nginx/1.10.3 (Ubuntu) / Express

Resource Hash

97b39018452101a89e3d80afa142d42691cb19d52ebc4eb7adcf0d790d7a52c8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.livenewsnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 01:06:17 GMT
content-encoding: gzip
etag: W/"14a7-JJT8n6wdLwu0PaeMQsYikOeo6T8"
server: nginx/1.10.3 (Ubuntu)
x-powered-by: Express
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-headers: *

GET
H2 200 pwt.js Show response
ads.pubmatic.com/AdServer/js/pwt/157577/2378// Frame 1B61 175 KB
57 KB 587ms
162ms Script
text/javascript 184.26.16.208
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/pwt/157577/2378//pwt.js
Requested by: Host: www.livenewsnow.com
URL: https://www.livenewsnow.com/featured/msnbc.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.26.16.208 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-26-16-208.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 4f755dc598f2431fd9096811c85fa8483838e86824d658199ce03a13de765cd7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.livenewsnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 01:06:18 GMT
content-encoding: gzip
last-modified: Tue, 17 Aug 2021 18:51:36 GMT
server: Apache/2.2.15 (CentOS)
etag: "10a1110-2bd37-5c9c5cea2ce36"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: public, max-age=136315
accept-ranges: bytes
content-type: text/javascript
content-length: 57427
expires: Fri, 17 Sep 2021 14:58:13 GMT

GET
H2 200 / Show response
hb.brainlyads.com/json-parts/2435/ Frame 76E0 5 KB
2 KB 219ms
95ms XHR
application/json 23.20.158.212
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://hb.brainlyads.com/json-parts/2435/?ver=1.0&pageId=1164287288&sizes=[]&winbidder=&keyValues=[[%22refresh%22,0],[%22url%22,%22https://www.livenewsnow.com/featured/msnbc.html%22],[%22referrerCategory%22,%22Direct%22]]

Requested by

Host: www.livenewsnow.com
URL: https://www.livenewsnow.com/featured/msnbc.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

23.20.158.212 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-23-20-158-212.compute-1.amazonaws.com

Software

nginx/1.10.3 (Ubuntu) / Express

Resource Hash

637bbe2aa8c7feb51d668de212a5df8026792eb53ed6e0aed18fb50c07fa3ddf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.livenewsnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 01:06:17 GMT
content-encoding: gzip
etag: W/"13f1-jO784Pd6YJRh/iYo/kDuh1e8SfI"
server: nginx/1.10.3 (Ubuntu)
x-powered-by: Express
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-headers: *

GET
H2 200 / Show response
hb.brainlyads.com/json-parts/2423/ Frame FCC0 5 KB
2 KB 208ms
96ms XHR
application/json 23.20.158.212
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://hb.brainlyads.com/json-parts/2423/?ver=1.0&pageId=1164287288&sizes=[[160,600],[120,600]]&winbidder=&keyValues=[[%22refresh%22,0],[%22url%22,%22https://www.livenewsnow.com/featured/msnbc.html%22],[%22referrerCategory%22,%22Direct%22]]

Requested by

Host: www.livenewsnow.com
URL: https://www.livenewsnow.com/featured/msnbc.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

23.20.158.212 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-23-20-158-212.compute-1.amazonaws.com

Software

nginx/1.10.3 (Ubuntu) / Express

Resource Hash

5c58c43577c05ebf7c2f321976a7044736c7cb013b0806a11908824e0f8d1c0c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.livenewsnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 01:06:17 GMT
content-encoding: gzip
etag: W/"13c3-Ksn5dPRufp8UwEt/A2orl/8c5Wo"
server: nginx/1.10.3 (Ubuntu)
x-powered-by: Express
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-headers: *

GET
H2 200 / Show response
hb.brainlyads.com/json-parts/2435/ Frame 6A99 5 KB
2 KB 281ms
183ms XHR
application/json 23.20.158.212
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://hb.brainlyads.com/json-parts/2435/?ver=1.0&pageId=1164287288&sizes=[[300,250]]&winbidder=&keyValues=[[%22refresh%22,0],[%22url%22,%22https://www.livenewsnow.com/featured/msnbc.html%22],[%22referrerCategory%22,%22Direct%22]]

Requested by

Host: www.livenewsnow.com
URL: https://www.livenewsnow.com/featured/msnbc.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

23.20.158.212 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-23-20-158-212.compute-1.amazonaws.com

Software

nginx/1.10.3 (Ubuntu) / Express

Resource Hash

facb4dd8c9b18561f54b68484c2281637f6523c8fdcbf7e5118fa3da09cd759d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.livenewsnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 01:06:17 GMT
content-encoding: gzip
etag: W/"13f1-pSX8qujr5iNMUUSjcJYSspXbK7g"
server: nginx/1.10.3 (Ubuntu)
x-powered-by: Express
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-headers: *

GET
H2 200 / Show response
hb.brainlyads.com/json-parts/2423/ Frame 3EA0 5 KB
2 KB 178ms
95ms XHR
application/json 23.20.158.212
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.livenewsnow.com
URL: https://www.livenewsnow.com/featured/msnbc.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

23.20.158.212 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-23-20-158-212.compute-1.amazonaws.com

Software

nginx/1.10.3 (Ubuntu) / Express

Resource Hash

d068975c834f4eb8067de5001fc1f1a46e8fb1e2aa55d751bea4294cfa503909

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.livenewsnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 01:06:17 GMT
content-encoding: gzip
etag: W/"13c3-wUdvcaMKOjesYa8bSUBt3AJ9UOo"
server: nginx/1.10.3 (Ubuntu)
x-powered-by: Express
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-headers: *

GET
H2 200 / Show response
hb.brainlyads.com/json-parts/2435/ Frame 96DA 5 KB
2 KB 255ms
184ms XHR
application/json 23.20.158.212
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.livenewsnow.com
URL: https://www.livenewsnow.com/featured/msnbc.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

23.20.158.212 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-23-20-158-212.compute-1.amazonaws.com

Software

nginx/1.10.3 (Ubuntu) / Express

Resource Hash

3436c3752abf07e26bd0b8af7fc5a033db46bf95708c6231facd018746678e87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.livenewsnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 01:06:17 GMT
content-encoding: gzip
etag: W/"13f1-XmTgxJjlXnEMCw3b0UOO2hsQ+OE"
server: nginx/1.10.3 (Ubuntu)
x-powered-by: Express
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-headers: *

GET
H2 200 / Show response
hb.brainlyads.com/json-parts/2435/ Frame 3C29 5 KB
2 KB 241ms
184ms XHR
application/json 23.20.158.212
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.livenewsnow.com
URL: https://www.livenewsnow.com/featured/msnbc.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

23.20.158.212 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-23-20-158-212.compute-1.amazonaws.com

Software

nginx/1.10.3 (Ubuntu) / Express

Resource Hash

f78f966dc58db267ed3e4613b3aaf089cce662441d768dfea652c430ef49dbca

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.livenewsnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 01:06:17 GMT
content-encoding: gzip
etag: W/"13f1-eYxSWxDX2PvOe2J1TVTrigDGxsg"
server: nginx/1.10.3 (Ubuntu)
x-powered-by: Express
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-headers: *

GET
H2 200 pwt.js Show response
ads.pubmatic.com/AdServer/js/pwt/157577/2378// Frame 28C2 175 KB
57 KB 803ms
478ms Script
text/javascript 184.26.16.208
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/pwt/157577/2378//pwt.js
Requested by: Host: www.livenewsnow.com
URL: https://www.livenewsnow.com/featured/msnbc.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.26.16.208 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-26-16-208.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 4f755dc598f2431fd9096811c85fa8483838e86824d658199ce03a13de765cd7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.livenewsnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 01:06:18 GMT
content-encoding: gzip
last-modified: Tue, 17 Aug 2021 18:51:36 GMT
server: Apache/2.2.15 (CentOS)
etag: "10a1110-2bd37-5c9c5cea2ce36"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: public, max-age=136315
accept-ranges: bytes
content-type: text/javascript
content-length: 57427
expires: Fri, 17 Sep 2021 14:58:13 GMT

GET
H2 200 prebid.js Show response
hb.brainlyads.com/ Frame 1B61 458 KB
141 KB 95ms
95ms Script
application/javascript 23.20.158.212
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://hb.brainlyads.com/prebid.js

Requested by

Host: www.livenewsnow.com
URL: https://www.livenewsnow.com/featured/msnbc.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

23.20.158.212 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-23-20-158-212.compute-1.amazonaws.com

Software

nginx/1.10.3 (Ubuntu) /

Resource Hash

95681556a2cac442b700a7ec00bf924d22fb57b3fb9e9b39504da8a90e6496a7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.livenewsnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 01:06:17 GMT
content-encoding: gzip
last-modified: Wed, 15 Sep 2021 18:58:18 GMT
server: nginx/1.10.3 (Ubuntu)
etag: W/"6142424a-72705"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400
strict-transport-security: max-age=31536000; includeSubDomains; preload
expires: Fri, 17 Sep 2021 01:06:17 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
20 KB 27ms
6ms Script
text/javascript 142.250.185.110
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-167135943-15

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.livenewsnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 11 Aug 2021 00:32:57 GMT
server: Golfe2
age: 1160
date: Thu, 16 Sep 2021 00:46:57 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19747
expires: Thu, 16 Sep 2021 02:46:57 GMT

GET
H2 200 778edbd1cdba22f94f7adb8d0dd2ce5c2e01139bd16028b0f5c72759f052259b_small
cdn1.lockerdomecdn.com/uploads/ Frame B8F5 26 KB
26 KB 85ms
10ms Image
image/jpeg 151.139.241.28
HIGHWINDS2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn1.lockerdomecdn.com/uploads/778edbd1cdba22f94f7adb8d0dd2ce5c2e01139bd16028b0f5c72759f052259b_small
Requested by: Host: lockerdome.com
URL: https://lockerdome.com/lad/14009239735841894?pubid=ld-5173-9605&pubo=https%3A%2F%2Fwww.livenewsnow.com&rid=&width=640
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.139.241.28 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: nginx /
Resource Hash: 308b928d2ceac604566e6a11088dcc8e3793fd62299a80490389cd2f08480482

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://lockerdome.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 01:06:17 GMT
last-modified: Thu, 19 Dec 2019 17:46:51 GMT
server: nginx
etag: "4f437f604b605154865ca159a56f111c"
x-cache: HIT
content-type: image/jpeg
access-control-allow-origin: https://lockerdome.com
accept-ranges: bytes
timing-allow-origin: https://lockerdome.com
content-length: 26373

GET
H2 200 bcdc6c7d78a1b41691dafa3bfa03827744f5eae727f716de3b923eb46b2661c2_small
cdn1.lockerdomecdn.com/uploads/ Frame B8F5 10 KB
10 KB 89ms
14ms Image
image/jpeg 151.139.241.28
HIGHWINDS2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn1.lockerdomecdn.com/uploads/bcdc6c7d78a1b41691dafa3bfa03827744f5eae727f716de3b923eb46b2661c2_small
Requested by: Host: lockerdome.com
URL: https://lockerdome.com/lad/14009239735841894?pubid=ld-5173-9605&pubo=https%3A%2F%2Fwww.livenewsnow.com&rid=&width=640
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.139.241.28 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: nginx /
Resource Hash: 4751899227345ced29661715f739ea4bf38dd039f86e1d047d08d686779b2b56

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://lockerdome.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 01:06:17 GMT
last-modified: Fri, 03 Jan 2020 20:05:01 GMT
server: nginx
etag: "5f642c6b6e9abec75696442896b57f28"
x-cache: HIT
content-type: image/jpeg
access-control-allow-origin: https://lockerdome.com
accept-ranges: bytes
timing-allow-origin: https://lockerdome.com
content-length: 10131

GET
H2 200 82b75dfaac3223d4860c37f2ddff350790be5b70726d04b5aed125970eeb0eea_small
cdn1.lockerdomecdn.com/uploads/ Frame B8F5 13 KB
14 KB 96ms
22ms Image
image/jpeg 151.139.241.28
HIGHWINDS2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn1.lockerdomecdn.com/uploads/82b75dfaac3223d4860c37f2ddff350790be5b70726d04b5aed125970eeb0eea_small
Requested by: Host: lockerdome.com
URL: https://lockerdome.com/lad/14009239735841894?pubid=ld-5173-9605&pubo=https%3A%2F%2Fwww.livenewsnow.com&rid=&width=640
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.139.241.28 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: nginx /
Resource Hash: a6301fe7337ea60a74cabc205d7cab301f8210c5b50a1be09709112e3368f2a0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://lockerdome.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 01:06:17 GMT
last-modified: Fri, 23 Jul 2021 14:59:25 GMT
server: nginx
etag: "7306fde862f341cac0afafdcc1c87842"
x-cache: HIT
content-type: image/jpeg
access-control-allow-origin: https://lockerdome.com
accept-ranges: bytes
timing-allow-origin: https://lockerdome.com
content-length: 13639

GET
H2 200 98dc171132d453e3d4df2332eac7651d5ddd3d81730226f9fc3d1effe4f40c17_small
cdn1.lockerdomecdn.com/uploads/ Frame B8F5 8 KB
9 KB 94ms
20ms Image
image/jpeg 151.139.241.28
HIGHWINDS2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn1.lockerdomecdn.com/uploads/98dc171132d453e3d4df2332eac7651d5ddd3d81730226f9fc3d1effe4f40c17_small
Requested by: Host: lockerdome.com
URL: https://lockerdome.com/lad/14009239735841894?pubid=ld-5173-9605&pubo=https%3A%2F%2Fwww.livenewsnow.com&rid=&width=640
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.139.241.28 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: nginx /
Resource Hash: 4b85afc56de3932616dd63a9348d061ad7a5446d03b0c5dc7f5cec4a5c146ac4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://lockerdome.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 01:06:17 GMT
last-modified: Fri, 16 Apr 2021 21:22:46 GMT
server: nginx
etag: "0ae00ef00afb38a23b17b386129aa765"
x-cache: HIT
content-type: image/jpeg
access-control-allow-origin: https://lockerdome.com
accept-ranges: bytes
timing-allow-origin: https://lockerdome.com
content-length: 8524

GET
H2 200 dc.js Show response
stats.g.doubleclick.net/ Frame B8F5 45 KB
17 KB 42ms
13ms Script
text/javascript 64.233.167.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/dc.js

Requested by

Host: lockerdome.com
URL: https://lockerdome.com/lad/14009239735841894?pubid=ld-5173-9605&pubo=https%3A%2F%2Fwww.livenewsnow.com&rid=&width=640

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

64.233.167.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wl-in-f157.1e100.net

Software

Golfe2 /

Resource Hash

6181cd98fe270c2826d416574446841f86778bc45a0ab0bdd0c667b4e70fd6e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://lockerdome.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 11 Aug 2021 00:32:57 GMT
server: Golfe2
age: 208
date: Thu, 16 Sep 2021 01:02:49 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17093
expires: Thu, 16 Sep 2021 03:02:49 GMT

GET
H2 200 fca9093b18406a65526660cfd85fdd5a1464045e4f42bb49214952c262619e4f_small
cdn1.lockerdomecdn.com/uploads/ Frame B8F5 20 KB
21 KB 89ms
16ms Image
image/jpeg 151.139.241.28
HIGHWINDS2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn1.lockerdomecdn.com/uploads/fca9093b18406a65526660cfd85fdd5a1464045e4f42bb49214952c262619e4f_small
Requested by: Host: lockerdome.com
URL: https://lockerdome.com/lad/14009239735841894?pubid=ld-5173-9605&pubo=https%3A%2F%2Fwww.livenewsnow.com&rid=&width=640
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.139.241.28 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: nginx /
Resource Hash: 453e6d5e81d2f146606b9e92a4bb6b0a9667c242e2fa10327021dc41467dc362

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://lockerdome.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 01:06:17 GMT
last-modified: Fri, 12 Feb 2021 19:29:24 GMT
server: nginx
etag: "d4d79b9949b0acbc52cbf00319aa438f"
x-cache: HIT
content-type: image/jpeg
access-control-allow-origin: https://lockerdome.com
accept-ranges: bytes
timing-allow-origin: https://lockerdome.com
content-length: 20866

GET
H2 200 29afc79f0a7fae7051aef20ce6e6fa40bc8485454a1871616805471509c7447f_small
cdn1.lockerdomecdn.com/uploads/ Frame B8F5 14 KB
14 KB 92ms
20ms Image
image/jpeg 151.139.241.28
HIGHWINDS2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn1.lockerdomecdn.com/uploads/29afc79f0a7fae7051aef20ce6e6fa40bc8485454a1871616805471509c7447f_small
Requested by: Host: lockerdome.com
URL: https://lockerdome.com/lad/14009239735841894?pubid=ld-5173-9605&pubo=https%3A%2F%2Fwww.livenewsnow.com&rid=&width=640
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.139.241.28 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: nginx /
Resource Hash: 71f7a256bbe1ac64012c02d4eb1009b2e0c08cff3888fe73c563efd9d711ca27

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://lockerdome.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 01:06:17 GMT
last-modified: Fri, 09 Jul 2021 19:25:46 GMT
server: nginx
etag: "5da2e7c4a4e65471098a8157facc7eb3"
x-cache: HIT
content-type: image/jpeg
access-control-allow-origin: https://lockerdome.com
accept-ranges: bytes
timing-allow-origin: https://lockerdome.com
content-length: 14171

GET
DATA 200
OK truncated Show response
/ Frame B8F5 10 KB
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8e3619f7302a4a1603fab0e0e42146c9b3d3bf9b64126b3d4d6cabb71f2e9c1b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type: text/javascript;charset=utf-8

GET
DATA 200
OK truncated Show response
/ Frame B8F5 11 KB
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c61c1cc5c97d7fb256c91f6dc5923c3f2c926a523bf8318530db722816311df7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type: text/javascript;charset=utf-8

GET
DATA 200
OK truncated Show response
/ Frame B8F5 10 KB
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1028c1d6512de0936e5c8444d9d96ba4a6c65fffec0e78f0b7408408e4c9332d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type: text/javascript;charset=utf-8

GET
DATA 200
OK truncated Show response
/ Frame B8F5 11 KB
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: eca744c610ab8e2b64e84133227ac772569f3eaa9b40df75f227a8bb9f84dc49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type: text/javascript;charset=utf-8

GET
DATA 200
OK truncated Show response
/ Frame B8F5 11 KB
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 207c564dfd8b7510073414c7f9fc753208395e58d8f659adaccd143744451fa8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type: text/javascript;charset=utf-8

GET
DATA 200
OK truncated Show response
/ Frame B8F5 11 KB
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: af142dcee0234da04766c61d6ca45fbd8b34eb0957c915335ecc8fd915440b95

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type: text/javascript;charset=utf-8

POST
H2 200 imp.php Show response
trends.revcontent.com/ 0
199 B 96ms
36ms XHR
text/html 52.50.197.208
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://trends.revcontent.com/imp.php

Requested by

Host: cdn.revcontent.com
URL: https://cdn.revcontent.com/build/js/rev2.min.js?v=8a3a2a6978afdbc7f3ab19beaf8d5c256995dd86&del=https://trends.revcontent.com/&lg=https://cdn.revcontent.com/assets/img/rc-logo.png&ci=https://cdn.revcontent.com/assets/img/icon-close.png&ab=https://trends.revcontent.com/rc-about.php&ldr=https://cdn.revcontent.com/assets/img/rc-spinner-md.gif&ht=https://trends.revcontent.com/rc-interests.php&env=p0&ca=0

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.50.197.208 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-50-197-208.eu-west-1.compute.amazonaws.com

Software

Apache/2.4.25 (Debian) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=931536000; includeSubDomains

Request headers

Accept: */*
Referer: https://www.livenewsnow.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin: https://www.livenewsnow.com
date: Thu, 16 Sep 2021 01:06:17 GMT
access-control-allow-credentials: true
server: Apache/2.4.25 (Debian)
content-length: 0
strict-transport-security: max-age=931536000; includeSubDomains
content-type: text/html; charset=UTF-8

POST
H2 200 view.php Show response
trends.revcontent.com/ 0
198 B 88ms
41ms XHR
text/html 52.50.197.208
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://trends.revcontent.com/view.php

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.50.197.208 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-50-197-208.eu-west-1.compute.amazonaws.com

Software

Apache/2.4.25 (Debian) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=931536000; includeSubDomains

Request headers

Accept: */*
Referer: https://www.livenewsnow.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin: https://www.livenewsnow.com
date: Thu, 16 Sep 2021 01:06:17 GMT
access-control-allow-credentials: true
server: Apache/2.4.25 (Debian)
content-length: 0
strict-transport-security: max-age=931536000; includeSubDomains
content-type: text/html; charset=UTF-8

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 28ms
14ms XHR
text/plain 142.250.185.110
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j93&a=766313406&t=pageview&_s=1&dl=https%3A%2F%2Fwww.livenewsnow.com%2Ffeatured%2Fmsnbc.html&ul=en-us&de=UTF-8&dt=MSNBC%20Live%20Stream%20free%20-%20MSNBC%20News%20Live%20Streaming%20Online&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=1941618817&gjid=1879332955&cid=1736250168.1631754378&tid=UA-167135943-15&_gid=366847448.1631754378&_r=1&gtm=2ou9f0&z=1124522607

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.livenewsnow.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 16 Sep 2021 01:06:17 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.livenewsnow.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 prebid.js Show response
hb.brainlyads.com/ Frame 28C2 458 KB
141 KB 191ms
190ms Script
application/javascript 23.20.158.212
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://hb.brainlyads.com/prebid.js

Requested by

Host: www.livenewsnow.com
URL: https://www.livenewsnow.com/featured/msnbc.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

23.20.158.212 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-23-20-158-212.compute-1.amazonaws.com

Software

nginx/1.10.3 (Ubuntu) /

Resource Hash

95681556a2cac442b700a7ec00bf924d22fb57b3fb9e9b39504da8a90e6496a7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.livenewsnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 01:06:17 GMT
content-encoding: gzip
last-modified: Wed, 15 Sep 2021 18:58:18 GMT
server: nginx/1.10.3 (Ubuntu)
etag: W/"6142424a-72705"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400
strict-transport-security: max-age=31536000; includeSubDomains; preload
expires: Fri, 17 Sep 2021 01:06:17 GMT

GET
H/1.1 200
OK / Show response
t.dtscout.com/idg/ Frame 52DA 1 KB
754 B 69ms
8ms Document
text/html 51.89.24.69
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscout.com/idg/?su=4C301631754377FF67FF8E3C8919DF42
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fwww.livenewsnow.com%2Ffeatured%2Fmsnbc.html&j=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 51.89.24.69 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS: ip69.ip-51-89-24.eu
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: ce5ba1d607c9cdb61741e1c05fe0e11e26de5532b6182bf75e2020882735b8b4

Request headers

Host: t.dtscout.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.livenewsnow.com/
Accept-Encoding: gzip, deflate, br
Cookie: m=1; st=1; oa=1; df=1631754377; l=4C301631754377FF67FF8E3C8919DF42
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.livenewsnow.com/

Response headers

Server: nginx/1.14.0 (Ubuntu)
Date: Thu, 16 Sep 2021 01:06:17 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Expires: Thu, 16 Sep 2021 01:06:16 GMT
Cache-Control: no-cache
Content-Encoding: gzip

GET
H2 200 tag.min.js Show response
get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/ 30 KB
10 KB 61ms
7ms Script
text/javascript 13.225.78.44
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fwww.livenewsnow.com%2Ffeatured%2Fmsnbc.html&j=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-44.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d9262f833e999fddfae1cb297ae5f9e260529ca0ca737ed805a11fbf3ab92bcd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.livenewsnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id: BC1z2ASq_5A8fCLvu30SOKeIK4SZ9jqY
content-encoding: gzip
last-modified: Thu, 03 Jun 2021 13:27:46 GMT
server: AmazonS3
age: 26306
etag: W/"a1c6ef0f57fd5dc66dd46feb78238adf"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
via: 1.1 182ef5a8d12abb5df1553676864737b1.cloudfront.net (CloudFront)
cache-control: max-age=86400
date: Wed, 15 Sep 2021 17:47:52 GMT
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: qdLn_uJyTQnkqE1-Ucutc_ZGxoEEkOlBqT49p3_7inG42H-BBv2czQ==

GET
H/1.1 204
No Content dtscout Show response
pd.sharethis.com/pd/ 0
88 B 64ms
8ms Script
text/plain 18.195.98.10
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pd.sharethis.com/pd/dtscout
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fwww.livenewsnow.com%2Ffeatured%2Fmsnbc.html&j=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.195.98.10 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-98-10.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.livenewsnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Connection: keep-alive
Date: Thu, 16 Sep 2021 01:06:17 GMT

GET
H2 200 afwu.js Show response
cdn.tynt.com/ 10 KB
4 KB 98ms
20ms Script
application/javascript 104.16.88.26
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.tynt.com/afwu.js
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fwww.livenewsnow.com%2Ffeatured%2Fmsnbc.html&j=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.16.88.26 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7ee04154662e67cdd4a6694f6afacb682bb184617b5e81948524637dde2f31d3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.livenewsnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 01:06:18 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 27 Aug 2021 20:58:37 GMT
server: cloudflare
age: 26772
etag: W/"612951fd-288b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 68f630fe7d00412c-PRG
expires: Sun, 19 Sep 2021 01:06:18 GMT

GET
H/1.1 200
OK / Show response
t.dtscout.com/pv/ 50 B
318 B 69ms
8ms Script
application/javascript 51.89.24.69
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscout.com/pv/?_a=v&_h=livenewsnow.com&_ss=1q1p0fm95t&_pv=1&_ls=0&_u1=1&_u3=1&_cc=us&_pl=d&_cbid=2ic9&_cb=_dtspv.c
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fwww.livenewsnow.com%2Ffeatured%2Fmsnbc.html&j=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 51.89.24.69 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS: ip69.ip-51-89-24.eu
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: f9ef3cf4c5816505c9e9ced2569b97c0fdcb1fcc9b5e0d7fac6665b6a4283dcf

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.livenewsnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Thu, 16 Sep 2021 01:06:17 GMT
X-T: 0.142
Server: nginx/1.14.0 (Ubuntu)
Transfer-Encoding: chunked
X-C: 0
Content-Type: application/javascript
Cache-Control: no-cache
Connection: close
Expires: Thu, 16 Sep 2021 01:06:16 GMT

GET
H3 200 gpt.js Show response
www.googletagservices.com/tag/js/ Frame B137 71 KB
24 KB 67ms
40ms Script
text/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: hb.brainlyads.com
URL: https://hb.brainlyads.com/pbjs_wrapper.v1.0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

sffe /

Resource Hash

ee417620a9b6c3e4301acb479edc4245d2c3f5f24c086bc14a6019ef7234eb0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.livenewsnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 01:06:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "988 / 210 of 1000 / last-modified: 1631750564"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25013
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 16 Sep 2021 01:06:17 GMT

GET
H3 200 gpt.js Show response
www.googletagservices.com/tag/js/ Frame CD8E 71 KB
24 KB 46ms
23ms Script
text/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: hb.brainlyads.com
URL: https://hb.brainlyads.com/pbjs_wrapper.v1.0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

sffe /

Resource Hash

42d7267b917bee673bfe95904e8f81fed0d1b0028d76f50843c4db3d0a713243

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.livenewsnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 01:06:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "988 / 878 of 1000 / last-modified: 1631750674"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25014
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 16 Sep 2021 01:06:17 GMT

GET
H3 200 gpt.js Show response
www.googletagservices.com/tag/js/ Frame ABDD 71 KB
24 KB 51ms
31ms Script
text/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: hb.brainlyads.com
URL: https://hb.brainlyads.com/pbjs_wrapper.v1.0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

sffe /

Resource Hash

ee417620a9b6c3e4301acb479edc4245d2c3f5f24c086bc14a6019ef7234eb0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.livenewsnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 01:06:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "988 / 504 of 1000 / last-modified: 1631750564"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25013
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 16 Sep 2021 01:06:17 GMT

POST
H3 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
22 B 33ms
14ms XHR
text/plain 64.233.167.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j93&tid=UA-167135943-15&cid=1736250168.1631754378&jid=1941618817&gjid=1879332955&_gid=366847448.1631754378&_u=YEBAAUAAAAAAAC~&z=1253518225

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

64.233.167.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wl-in-f157.1e100.net

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.livenewsnow.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Thu, 16 Sep 2021 01:06:17 GMT
content-type: text/plain
access-control-allow-origin: https://www.livenewsnow.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 360163 Show response
vid.springserve.com/vast/ 2 KB
1 KB 119ms
28ms XHR
application/xml 52.17.148.138
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.springserve.com/vast/360163?w=640&h=360&cb=0.8667975305532527&url=https://www.livenewsnow.com/featured/msnbc.html
Requested by: Host: powerad.ai
URL: https://powerad.ai/vid_script.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.17.148.138 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-17-148-138.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: d3bce6bfe179c4c2e0a53af358e0e29ede278bcf28420e558bcc6a2c5b63f213

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.livenewsnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

access-control-allow-origin: https://www.livenewsnow.com
date: Thu, 16 Sep 2021 01:06:18 GMT
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: nginx
content-encoding: gzip
content-type: application/xml;charset=UTF-8

GET
H2 200 / Show response
onetag-geo.s-onetag.com/ 555 B
959 B 172ms
116ms Fetch
application/json 13.225.78.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://onetag-geo.s-onetag.com/
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-93.fra2.r.cloudfront.net
Software: /
Resource Hash: f51938710e179807bbf1be9a1e9d7e3441fa74e7dfe9f46841914fb12ca7de3c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.livenewsnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 01:06:18 GMT
via: 1.1 93b0598b43d63761f1a129690721f888.cloudfront.net (CloudFront), 1.1 eb1a8c1b1275e33a016e623478052111.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2, FRA2-C2
x-amzn-requestid: 1b3c296c-3832-42e4-af53-22635d6bce07
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=86400
x-amz-apigw-id: FuzFmFE-CYcF3Vg=
content-length: 555
x-amz-cf-id: NlPA3LOcY6E2miQ23C2afJY3oFKcdgaK_JtKCTVEWbqoDvTrIFg1Gg==

GET
H2 200 lt.min.js Show response
tags.crwdcntrl.net/lt/c/3825/ 38 KB
12 KB 52ms
7ms Script
text/javascript 13.225.78.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/3825/lt.min.js
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fwww.livenewsnow.com%2Ffeatured%2Fmsnbc.html&j=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-37.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: dc9dc5abccf3e062029d71dcdc0e04b7cc9a9be96103d07f98b4ff4a5459c668

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.livenewsnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 14:24:35 GMT
content-encoding: gzip
etag: W/"f321a7442b8087eba0d1817aa7dbb5f7"
last-modified: Tue, 16 Mar 2021 13:30:17 GMT
server: AmazonS3
age: 38504
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
via: 1.1 e5b93012e2bfb81dc9846f43efd610a6.cloudfront.net (CloudFront)
cache-control: max-age: 86400
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: xUg48cPvApeFacF4cw3yMIwIU0-bQk7p1jn4ofWEbpC12ha4v8Myzw==

GET
H/1.1 200
OK / Show response
t.dtscdn.com/widget/ 0
407 B 385ms
90ms Script
application/javascript 159.203.161.83
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dtscdn.com/widget/?d=4C301631754377FF67FF8E3C8919DF42&nid=300&p=836148727&t=0&s=1600x1200x24&u=https%3A%2F%2Fwww.livenewsnow.com%2Ffeatured%2Fmsnbc.html&r=
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fwww.livenewsnow.com%2Ffeatured%2Fmsnbc.html&j=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 159.203.161.83 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS: lb4.ny1.dtscdn.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.livenewsnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Thu, 16 Sep 2021 01:13:07 GMT
X-T: 0.91
x-server: web13.ny1.dtscdn.com
Cache-Control: no-cache
Content-Type: application/javascript; charset=UTF-8
Transfer-Encoding: chunked
Expires: Thu, 16 Sep 2021 01:13:06 GMT

GET
H/1.1

200
OK

33141
tags.bluekai.com/site/
Redirect Chain

https://pixel.onaudience.com/?partner=137085098&mapped=4C301631754377FF67FF8E3C8919DF42
https://pixel.onaudience.com/?partner=109&icm&cver&smartmap=1&redirect=tags.bluekai.com%2Fsite%2F33141%3F%26id%3D%25m
https://tags.bluekai.com/site/33141?&id=2feef95fc8c0d44d

62 B
304 B

461ms
151ms

Image
image/gif

104.118.220.232
COGENT-174

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.bluekai.com/site/33141?&id=2feef95fc8c0d44d
Requested by: Host: www.livenewsnow.com
URL: https://www.livenewsnow.com/featured/msnbc.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.118.220.232 Atlanta, United States, ASN174 (COGENT-174, US),
Reverse DNS: a104-118-220-232.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.livenewsnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Thu, 16 Sep 2021 01:06:18 GMT
Connection: keep-alive
P3P: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
Content-Length: 62
Content-Type: image/gif

Redirect headers

location: https://tags.bluekai.com/site/33141?&id=2feef95fc8c0d44d
content-length: 0

GET
H3 200 pubads_impl_2021091001.js Show response
securepubads.g.doubleclick.net/gpt/ Frame CD8E 333 KB
117 KB 23ms
23ms Script
text/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021091001.js?31062552

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

sffe /

Resource Hash

7345db8b8745d32b70fbbb0867ab8488760e99ce94aa40a78e73ad7fcba15866

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.livenewsnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 01:06:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 119453
x-xss-protection: 0
last-modified: Fri, 10 Sep 2021 19:52:34 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 16 Sep 2021 01:06:18 GMT

GET
H3 200 pubads_impl_2021091001.js Show response
securepubads.g.doubleclick.net/gpt/ Frame ABDD 333 KB
117 KB 30ms
29ms Script
text/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021091001.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

sffe /

Resource Hash

7345db8b8745d32b70fbbb0867ab8488760e99ce94aa40a78e73ad7fcba15866

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.livenewsnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 01:06:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 119453
x-xss-protection: 0
last-modified: Fri, 10 Sep 2021 19:52:34 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 16 Sep 2021 01:06:18 GMT

GET
H3 200 gpt.js Show response
www.googletagservices.com/tag/js/ Frame E935 71 KB
24 KB 24ms
24ms Script
text/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: hb.brainlyads.com
URL: https://hb.brainlyads.com/pbjs_wrapper.v1.0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

sffe /

Resource Hash

ee417620a9b6c3e4301acb479edc4245d2c3f5f24c086bc14a6019ef7234eb0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.livenewsnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 01:06:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "988 / 345 of 1000 / last-modified: 1631750564"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25013
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 16 Sep 2021 01:06:18 GMT

GET
H3 200 gpt.js Show response
www.googletagservices.com/tag/js/ Frame A93B 71 KB
24 KB 26ms
26ms Script
text/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: hb.brainlyads.com
URL: https://hb.brainlyads.com/pbjs_wrapper.v1.0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

sffe /

Resource Hash

ff429a30f937a2d58e941b9ac127fe5553cf2ff15703e77550a53ac505152fe0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.livenewsnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 01:06:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "988 / 113 of 1000 / last-modified: 1631750674"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25012
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 16 Sep 2021 01:06:18 GMT

GET
H3 200 gpt.js Show response
www.googletagservices.com/tag/js/ Frame 565B 71 KB
24 KB 31ms
31ms Script
text/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: hb.brainlyads.com
URL: https://hb.brainlyads.com/pbjs_wrapper.v1.0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

sffe /

Resource Hash

ee417620a9b6c3e4301acb479edc4245d2c3f5f24c086bc14a6019ef7234eb0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.livenewsnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 01:06:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "988 / 980 of 1000 / last-modified: 1631750564"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25013
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 16 Sep 2021 01:06:18 GMT

GET
H3 200 gpt.js Show response
www.googletagservices.com/tag/js/ Frame B0A0 71 KB
24 KB 34ms
34ms Script
text/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: hb.brainlyads.com
URL: https://hb.brainlyads.com/pbjs_wrapper.v1.0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

sffe /

Resource Hash

ee417620a9b6c3e4301acb479edc4245d2c3f5f24c086bc14a6019ef7234eb0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.livenewsnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 01:06:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "988 / 670 of 1000 / last-modified: 1631750564"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25013
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 16 Sep 2021 01:06:18 GMT

GET
H2 204 p
ic.tynt.com/b/ 0
227 B 355ms
108ms Image
text/plain 208.100.17.186
STEADFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ic.tynt.com/b/p?id=wu!&lm=0&ts=1631754378046&dn=AFWU&iso=0&img=https%3A%2F%2Fwww.livenewsnow.com%2Fwp-content%2Fuploads%2F2014%2F11%2FMSNBC-1.jpg&t=MSNBC%20Live%20Stream%20free%20-%20MSNBC%20News%20Live%20Streaming%20Online&cu=https%3A%2F%2Fwww.livenewsnow.com%2Ffeatured%2Fmsnbc.html
Requested by: Host: www.livenewsnow.com
URL: https://www.livenewsnow.com/featured/msnbc.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 208.100.17.186 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip186.208-100-17.static.steadfastdns.net
Software: nginx/1.16.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.livenewsnow.com/featured/msnbc.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 01:06:18 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
server: nginx/1.16.1
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"

GET
H3 200 pubads_impl_2021091001.js Show response
securepubads.g.doubleclick.net/gpt/ Frame B137 333 KB
117 KB 35ms
35ms Script
text/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021091001.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

sffe /

Resource Hash

7345db8b8745d32b70fbbb0867ab8488760e99ce94aa40a78e73ad7fcba15866

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.livenewsnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 01:06:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 119453
x-xss-protection: 0
last-modified: Fri, 10 Sep 2021 19:52:34 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 16 Sep 2021 01:06:18 GMT

GET
H3 200 pubads_impl_2021091001.js Show response
securepubads.g.doubleclick.net/gpt/ Frame E935 333 KB
117 KB 27ms
25ms Script
text/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021091001.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

sffe /

Resource Hash

7345db8b8745d32b70fbbb0867ab8488760e99ce94aa40a78e73ad7fcba15866

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.livenewsnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 01:06:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 119453
x-xss-protection: 0
last-modified: Fri, 10 Sep 2021 19:52:34 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 16 Sep 2021 01:06:18 GMT

GET
H3 200 pubads_impl_2021091001.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 565B 333 KB
117 KB 23ms
23ms Script
text/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021091001.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

sffe /

Resource Hash

7345db8b8745d32b70fbbb0867ab8488760e99ce94aa40a78e73ad7fcba15866

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.livenewsnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 01:06:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 119453
x-xss-protection: 0
last-modified: Fri, 10 Sep 2021 19:52:34 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 16 Sep 2021 01:06:18 GMT

GET
H3 200 pubads_impl_2021091501.js Show response
securepubads.g.doubleclick.net/gpt/ Frame A93B 334 KB
116 KB 23ms
23ms Script
text/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021091501.js?31062582

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

sffe /

Resource Hash

52c41152c7916b4cf3b3a90f790faa0ba7f746603671e286531bc50407d844ca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.livenewsnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 01:06:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 119151
x-xss-protection: 0
last-modified: Wed, 15 Sep 2021 08:39:44 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 16 Sep 2021 01:06:18 GMT

GET
H3 200 pubads_impl_2021091001.js Show response
securepubads.g.doubleclick.net/gpt/ Frame B0A0 333 KB
117 KB 30ms
29ms Script
text/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021091001.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

sffe /

Resource Hash

7345db8b8745d32b70fbbb0867ab8488760e99ce94aa40a78e73ad7fcba15866

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.livenewsnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 01:06:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 119453
x-xss-protection: 0
last-modified: Fri, 10 Sep 2021 19:52:34 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 16 Sep 2021 01:06:18 GMT

GET
H2 200 vpaid_44854a27.js Show response
vpaid.springserve.com/production/ Frame 5BCE 487 KB
87 KB 98ms
8ms Script
application/javascript 13.224.193.91
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vpaid.springserve.com/production/vpaid_44854a27.js
Requested by: Host: powerad.ai
URL: https://powerad.ai/vid_script.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.193.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-193-91.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 11e41d859e2bb2f97068bbbffff15522b7852828e938a464164ffbad62cfa389

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 25 Aug 2021 15:01:09 GMT
content-encoding: br
last-modified: Wed, 25 Aug 2021 15:00:31 GMT
server: AmazonS3
age: 1850710
etag: W/"d48d9d8b9aa42be3c59a03030903498a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 5076c8187f430eebe5e26fc594d6125a.cloudfront.net (CloudFront)
cache-control: max-age=2678400
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: 2Kx04If-lyDND4s2s7eZvi-U9n0yoIWMBx73Ow-db-GfcMNCh9Cyhg==

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 1B61 138 B
823 B 44ms
9ms XHR
application/json 37.252.173.22
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: hb.brainlyads.com
URL: https://hb.brainlyads.com/prebid.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.22 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

a10c7c5db5f156f98d0bc96334dea9e57ab06cd9e4137453b7c14a2c007c3aac

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.livenewsnow.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 16 Sep 2021 01:06:18 GMT
X-Proxy-Origin: 216.131.114.43; 216.131.114.43; 536.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: 21f39a97-e69e-4cf0-aef1-5dfd6a48ef47
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.livenewsnow.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 138
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 mvo Show response
tag.1rx.io/rmp/211242/0/ Frame 1B61 0
175 B 128ms
13ms XHR
text/plain 213.19.147.42
RHYTHMONE

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.1rx.io/rmp/211242/0/mvo?z=1r&hbv=4.39,2.1
Requested by: Host: hb.brainlyads.com
URL: https://hb.brainlyads.com/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 213.19.147.42 , United Kingdom, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software: Tengine /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.livenewsnow.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.livenewsnow.com
pragma: no-cache
date: Thu, 16 Sep 2021 01:06:18 GMT
cache-control: private, max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: Tengine

POST
H2 200 hb Show response
ssc.33across.com/api/v1/ Frame 1B61 65 B
157 B 216ms
100ms XHR
application/json 34.149.20.76
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ssc.33across.com/api/v1/hb?guid=bo6haih4Or65TXaKlId8sQ
Requested by: Host: hb.brainlyads.com
URL: https://hb.brainlyads.com/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 76.20.149.34.bc.googleusercontent.com
Software: / 33Across
Resource Hash: aaaeada0970ae719bbbec42f78e7049d4a43507cda2bb80657a3069cbdb3a6ad

Request headers

Referer: https://www.livenewsnow.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 16 Sep 2021 01:06:18 GMT
content-encoding: gzip
status: 200 OK
x-powered-by: 33Across
vary: Accept-Encoding, Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.livenewsnow.com
access-control-allow-credentials: true
alt-svc: clear
via: 1.1 google

GET
H2 204 prebid Show response
ads.yieldmo.com/exchange/ Frame 1B61 0
228 B 207ms
34ms XHR
text/plain 54.194.126.20
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.yieldmo.com/exchange/prebid?pbav=4.39.0&p=%5B%7B%22placement_id%22%3A%221-9674-%2F90814396%2C22488419775%2Flivenewsnow_adhesionskin_HB%22%2C%22callback_id%22%3A%229d14cd43659c8b%22%2C%22sizes%22%3A%5B%5B160%2C600%5D%2C%5B120%2C600%5D%5D%2C%22ym_placement_id%22%3A%222495061940728963600%22%7D%5D&page_url=https%3A%2F%2Fwww.livenewsnow.com%2Ffeatured%2Fmsnbc.html&bust=1631754378174&pr=&scrd=1&dnt=false&description=&title=MSNBC%20Live%20Stream%20free%20-%20MSNBC%20News%20Live%20Streaming%20Online&w=1600&h=1200&userConsent=%7B%22gdprApplies%22%3A%22%22%2C%22cmp%22%3A%22%22%7D&us_privacy=1---&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22nextmillennium.io%22%2C%22sid%22%3A%2215148%22%2C%22hp%22%3A1%7D%5D%7D
Requested by: Host: hb.brainlyads.com
URL: https://hb.brainlyads.com/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.194.126.20 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-194-126-20.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.livenewsnow.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.livenewsnow.com
pragma: no-cache
date: Thu, 16 Sep 2021 01:06:18 GMT
access-control-allow-credentials: true
x-robots-tag: none,NOINDEX,NOFOLLOW
access-control-allow-methods: POST, GET, OPTIONS
access-control-request-headers: Cache-Control, Pragma

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ Frame 1B61 0
119 B 205ms
71ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: hb.brainlyads.com
URL: https://hb.brainlyads.com/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.livenewsnow.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.livenewsnow.com
date: Thu, 16 Sep 2021 01:06:16 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H2 204 hb Show response
hb.undertone.com/ Frame 1B61 0
449 B 391ms
281ms XHR
text/plain 13.224.193.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.undertone.com/hb?pid=3757&domain=livenewsnow.com&ccpa=1---
Requested by: Host: hb.brainlyads.com
URL: https://hb.brainlyads.com/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.193.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-193-129.fra2.r.cloudfront.net
Software: istio-envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.livenewsnow.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 16 Sep 2021 01:06:18 GMT
via: 1.1 c379418fd6100691807f32f274ebe9ce.cloudfront.net (CloudFront)
server: istio-envoy
x-amz-cf-pop: FRA2-C1
x-cache: Miss from cloudfront
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSDo OUR BUS UNI COM NAV"
access-control-allow-origin: https://www.livenewsnow.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
x-envoy-upstream-service-time: 0
x-amz-cf-id: pe56wk3d7DYsC2ox8CQ8HtyyjA-N2Qu5ne2Catd59x54fiOtoAHyeg==
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H2 200 v1 Show response
hb-api.omnitagjs.com/hb-api/prebid/ Frame 1B61 180 B
317 B 302ms
197ms XHR
application/json 185.255.84.151
IGUANE-

General

Check archive.org

Show headers Download Go to

Full URL

https://hb-api.omnitagjs.com/hb-api/prebid/v1?RefererUrl=https%3A%2F%2Fwww.livenewsnow.com%2Ffeatured%2Fmsnbc.html&SafeFrame=true&CanonicalUrl=https%3A%2F%2Fwww.livenewsnow.com%2Ffeatured%2Fmsnbc.html&PublisherDomain=https%3A%2F%2Fwww.livenewsnow.com

Requested by

Host: hb.brainlyads.com
URL: https://hb.brainlyads.com/prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.255.84.151 Paris, France, ASN200271 (IGUANE-, FR),

Reverse DNS

Software

ayl-lb-fra02 /

Resource Hash

550c7c872d1554acc1d260587f1c90301a53a97ce370a73379cf7d2cad660307

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.livenewsnow.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 16 Sep 2021 01:06:18 GMT
x-content-type-options: nosniff
p3p: CP="CAO PSA OUR"
x-envoy-upstream-service-time: 176
vary: Accept-Encoding
content-length: 180
pragma: no-cache
server: ayl-lb-fra02
access-control-max-age: 3600
access-control-allow-methods: OPTIONS, POST
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.livenewsnow.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Accept-Encoding, Content-Type
expires: 0

POST
H2 200 prebid-request Show response
onetag-sys.com/ Frame 1B61 15 B
375 B 105ms
3ms XHR
application/json 51.89.9.254
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/prebid-request

Requested by

Host: hb.brainlyads.com
URL: https://hb.brainlyads.com/prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip254.ip-51-89-9.eu

Software

Resource Hash

663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://www.livenewsnow.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain

Response headers

strict-transport-security: max-age=15552000
content-encoding: gzip
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin: https://www.livenewsnow.com
cache-control: no-transform, no-cache
access-control-allow-credentials: true
content-type: application/json
access-control-allow-headers: content-type, origin, referer, user-agent
content-length: 41

GET
H2 200 arj Show response
u.openx.net/w/1.0/ Frame 1B61 189 B
574 B 119ms
16ms XHR
application/json 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://u.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.livenewsnow.com%2Ffeatured%2Fmsnbc.html&ch=UTF-8&res=1600x1200x24&ifr=true&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=c330b67f-ec29-4c48-b60a-9001969fd150&nocache=1631754378179&ph=85ac7b17-5271-4304-bcbc-5dddfff9683c&us_privacy=1---&schain=1.0%2C1!nextmillennium.io%2C15148%2C1%2C%2C%2C&aus=160x600%2C120x600&divIds=1-9674-%252F90814396%252C22488419775%252Flivenewsnow_adhesionskin_HB&auid=541135810
Requested by: Host: hb.brainlyads.com
URL: https://hb.brainlyads.com/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.216.0 /
Resource Hash: 9f79c54fc77c256aef081061b44cf77b924c9c689d91fdbf6d014eb31f2db482

Request headers

Referer: https://www.livenewsnow.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 16 Sep 2021 01:06:18 GMT
content-encoding: gzip
server: OXGW/16.216.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://www.livenewsnow.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: clear
content-length: 175
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H/1.1 200
OK hbjson Show response
grid.bidswitch.net/ Frame 1B61 2 B
274 B 119ms
12ms XHR
application/json 18.192.135.64
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://grid.bidswitch.net/hbjson
Requested by: Host: hb.brainlyads.com
URL: https://hb.brainlyads.com/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.192.135.64 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-192-135-64.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer: https://www.livenewsnow.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://www.livenewsnow.com
Date: Thu, 16 Sep 2021 01:06:18 GMT
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Content-Length: 2
Content-Type: application/json; charset=UTF-8

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ Frame 1B61 0
63 B 214ms
87ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: hb.brainlyads.com
URL: https://hb.brainlyads.com/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.livenewsnow.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.livenewsnow.com
date: Thu, 16 Sep 2021 01:06:17 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 1B61 139 B
824 B 45ms
10ms XHR
application/json 37.252.173.22
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: hb.brainlyads.com
URL: https://hb.brainlyads.com/prebid.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.22 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e600d0da39138efde7c8cceb6c81de305c9e9bd566621e16dca8b7b5644b0fae

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.livenewsnow.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 16 Sep 2021 01:06:18 GMT
X-Proxy-Origin: 216.131.114.43; 216.131.114.43; 536.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: e6ec9a0c-117d-461f-8c87-7b1e6124a9e4
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.livenewsnow.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 139
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 mvo Show response
tag.1rx.io/rmp/211242/0/ Frame 1B61 0
175 B 105ms
13ms XHR
text/plain 213.19.147.42
RHYTHMONE

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.1rx.io/rmp/211242/0/mvo?z=1r&hbv=4.39,2.1
Requested by: Host: hb.brainlyads.com
URL: https://hb.brainlyads.com/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 213.19.147.42 , United Kingdom, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software: Tengine /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.livenewsnow.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.livenewsnow.com
pragma: no-cache
date: Thu, 16 Sep 2021 01:06:18 GMT
cache-control: private, max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: Tengine

GET
H2 200 arj Show response
u.openx.net/w/1.0/ Frame 1B61 189 B
368 B 109ms
19ms XHR
application/json 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://u.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.livenewsnow.com%2Ffeatured%2Fmsnbc.html&ch=UTF-8&res=1600x1200x24&ifr=true&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=e6a745f4-8934-458c-a28f-f9c4b206f797&nocache=1631754378190&ph=85ac7b17-5271-4304-bcbc-5dddfff9683c&us_privacy=1---&schain=1.0%2C1!nextmillennium.io%2C15148%2C1%2C%2C%2C&aus=160x600%2C120x600&divIds=1-4c69-%252F90814396%252C22488419775%252Flivenewsnow_adhesionskin_HB&auid=541135810
Requested by: Host: hb.brainlyads.com
URL: https://hb.brainlyads.com/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.216.0 /
Resource Hash: 0e539c4d175fbfed76b5e9fa406c51ab15cb8bb0a9d1ef65eb54007d48371116

Request headers

Referer: https://www.livenewsnow.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 16 Sep 2021 01:06:18 GMT
content-encoding: gzip
server: OXGW/16.216.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://www.livenewsnow.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: clear
content-length: 175
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H2 200 prebid-request Show response
onetag-sys.com/ Frame 1B61 15 B
375 B 92ms
3ms XHR
application/json 51.89.9.254
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/prebid-request

Requested by

Host: hb.brainlyads.com
URL: https://hb.brainlyads.com/prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip254.ip-51-89-9.eu

Software

Resource Hash

663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://www.livenewsnow.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain

Response headers

strict-transport-security: max-age=15552000
content-encoding: gzip
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin: https://www.livenewsnow.com
cache-control: no-transform, no-cache
access-control-allow-credentials: true
content-type: application/json
access-control-allow-headers: content-type, origin, referer, user-agent
content-length: 41

POST
H/1.1 200
OK hbjson Show response
grid.bidswitch.net/ Frame 1B61 2 B
274 B 107ms
13ms XHR
application/json 18.192.135.64
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://grid.bidswitch.net/hbjson
Requested by: Host: hb.brainlyads.com
URL: https://hb.brainlyads.com/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.192.135.64 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-192-135-64.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer: https://www.livenewsnow.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://www.livenewsnow.com
Date: Thu, 16 Sep 2021 01:06:18 GMT
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Content-Length: 2
Content-Type: application/json; charset=UTF-8

POST
H2 200 v1 Show response
hb-api.omnitagjs.com/hb-api/prebid/ Frame 1B61 180 B
318 B 198ms
108ms XHR
application/json 185.255.84.151
IGUANE-

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: hb.brainlyads.com
URL: https://hb.brainlyads.com/prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.255.84.151 Paris, France, ASN200271 (IGUANE-, FR),

Reverse DNS

Software

ayl-lb-fra02 /

Resource Hash

65ce07ecd420d4ae6f15b183fbb40f8789c963964f9db96faed8b969f1a97fc0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.livenewsnow.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 16 Sep 2021 01:06:18 GMT
x-content-type-options: nosniff
p3p: CP="CAO PSA OUR"
x-envoy-upstream-service-time: 92
vary: Accept-Encoding
content-length: 180
pragma: no-cache
server: ayl-lb-fra02
access-control-max-age: 3600
access-control-allow-methods: OPTIONS, POST
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.livenewsnow.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Accept-Encoding, Content-Type
expires: 0

POST
H2 204 hb Show response
hb.undertone.com/ Frame 1B61 0
452 B 372ms
279ms XHR
text/plain 13.224.193.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.undertone.com/hb?pid=3757&domain=livenewsnow.com&ccpa=1---
Requested by: Host: hb.brainlyads.com
URL: https://hb.brainlyads.com/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.193.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-193-129.fra2.r.cloudfront.net
Software: istio-envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.livenewsnow.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 16 Sep 2021 01:06:18 GMT
via: 1.1 c379418fd6100691807f32f274ebe9ce.cloudfront.net (CloudFront)
server: istio-envoy
x-amz-cf-pop: FRA2-C1
x-cache: Miss from cloudfront
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSDo OUR BUS UNI COM NAV"
access-control-allow-origin: https://www.livenewsnow.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
x-envoy-upstream-service-time: 1
x-amz-cf-id: 9s4EO0PXUv40LuIyNvqbhIxzxeFxXkyVk84924rNbdEkQ9WIiwNwWw==
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H2 200 hb Show response
ssc.33across.com/api/v1/ Frame 1B61 66 B
158 B 190ms
98ms XHR
application/json 34.149.20.76
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ssc.33across.com/api/v1/hb?guid=bo6haih4Or65TXaKlId8sQ
Requested by: Host: hb.brainlyads.com
URL: https://hb.brainlyads.com/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 76.20.149.34.bc.googleusercontent.com
Software: / 33Across
Resource Hash: 5b146c4ad3127362bcb7f496d0fc8c31ec8dd6eb117a2c682dd48f3b8d235bac

Request headers

Referer: https://www.livenewsnow.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 16 Sep 2021 01:06:18 GMT
content-encoding: gzip
status: 200 OK
x-powered-by: 33Across
vary: Accept-Encoding, Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.livenewsnow.com
access-control-allow-credentials: true
alt-svc: clear
via: 1.1 google

POST
H2 200 prebid-request Show response
onetag-sys.com/ Frame 1B61 15 B
375 B 80ms
3ms XHR
application/json 51.89.9.254
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/prebid-request

Requested by

Host: hb.brainlyads.com
URL: https://hb.brainlyads.com/prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip254.ip-51-89-9.eu

Software

Resource Hash

663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://www.livenewsnow.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain

Response headers

strict-transport-security: max-age=15552000
content-encoding: gzip
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin: https://www.livenewsnow.com
cache-control: no-transform, no-cache
access-control-allow-credentials: true
content-type: application/json
access-control-allow-headers: content-type, origin, referer, user-agent
content-length: 41

POST
H2 204 mvo Show response
tag.1rx.io/rmp/211242/0/ Frame 1B61 0
175 B 90ms
15ms XHR
text/plain 213.19.147.42
RHYTHMONE

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.1rx.io/rmp/211242/0/mvo?z=1r&hbv=4.39,2.1
Requested by: Host: hb.brainlyads.com
URL: https://hb.brainlyads.com/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 213.19.147.42 , United Kingdom, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software: Tengine /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.livenewsnow.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.livenewsnow.com
pragma: no-cache
date: Thu, 16 Sep 2021 01:06:18 GMT
cache-control: private, max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: Tengine

GET
H2 200 arj Show response
u.openx.net/w/1.0/ Frame 1B61 190 B
374 B 96ms
25ms XHR
application/json 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://u.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.livenewsnow.com%2Ffeatured%2Fmsnbc.html&ch=UTF-8&res=1600x1200x24&ifr=true&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=8a5f4b79-7dc5-4781-88f5-9c4006111836&nocache=1631754378210&ph=85ac7b17-5271-4304-bcbc-5dddfff9683c&us_privacy=1---&schain=1.0%2C1!nextmillennium.io%2C15148%2C1%2C%2C%2C&aus=300x250&divIds=1-a92e-%252F90814396%252C22488419775%252Flivenewsnow_300x250_intext_HB&auid=541135809
Requested by: Host: hb.brainlyads.com
URL: https://hb.brainlyads.com/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.216.0 /
Resource Hash: c1cd004e7cedc6d29003a05b7b36f470ac31317e1ba9aa5b2ef148c5a3213a10

Request headers

Referer: https://www.livenewsnow.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 16 Sep 2021 01:06:18 GMT
content-encoding: gzip
server: OXGW/16.216.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://www.livenewsnow.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: clear
content-length: 178
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H2 200 hb Show response
ssc.33across.com/api/v1/ Frame 1B61 66 B
301 B 172ms
97ms XHR
application/json 34.149.20.76
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ssc.33across.com/api/v1/hb?guid=bo6haih4Or65TXaKlId8sQ
Requested by: Host: hb.brainlyads.com
URL: https://hb.brainlyads.com/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 76.20.149.34.bc.googleusercontent.com
Software: / 33Across
Resource Hash: ed3d88d7654c0fc6bc7950f70b41b18be37b0b852f0551e04812191c7e9ef54c

Request headers

Referer: https://www.livenewsnow.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 16 Sep 2021 01:06:18 GMT
content-encoding: gzip
status: 200 OK
x-powered-by: 33Across
vary: Accept-Encoding, Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.livenewsnow.com
access-control-allow-credentials: true
alt-svc: clear
via: 1.1 google

POST
H/1.1 200
OK hbjson Show response
grid.bidswitch.net/ Frame 1B61 2 B
274 B 87ms
13ms XHR
application/json 18.192.135.64
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://grid.bidswitch.net/hbjson
Requested by: Host: hb.brainlyads.com
URL: https://hb.brainlyads.com/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.192.135.64 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-192-135-64.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer: https://www.livenewsnow.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://www.livenewsnow.com
Date: Thu, 16 Sep 2021 01:06:18 GMT
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Content-Length: 2
Content-Type: application/json; charset=UTF-8

GET
H2 204 prebid Show response
ads.yieldmo.com/exchange/ Frame 1B61 0
227 B 167ms
36ms XHR
text/plain 54.194.126.20
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.yieldmo.com/exchange/prebid?pbav=4.39.0&p=%5B%7B%22placement_id%22%3A%221-a92e-%2F90814396%2C22488419775%2Flivenewsnow_300x250_intext_HB%22%2C%22callback_id%22%3A%22532e8d81e33a015%22%2C%22sizes%22%3A%5B%5B300%2C250%5D%5D%2C%22ym_placement_id%22%3A%222495061940728963600%22%7D%5D&page_url=https%3A%2F%2Fwww.livenewsnow.com%2Ffeatured%2Fmsnbc.html&bust=1631754378212&pr=&scrd=1&dnt=false&description=&title=MSNBC%20Live%20Stream%20free%20-%20MSNBC%20News%20Live%20Streaming%20Online&w=1600&h=1200&userConsent=%7B%22gdprApplies%22%3A%22%22%2C%22cmp%22%3A%22%22%7D&us_privacy=1---&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22nextmillennium.io%22%2C%22sid%22%3A%2215148%22%2C%22hp%22%3A1%7D%5D%7D
Requested by: Host: hb.brainlyads.com
URL: https://hb.brainlyads.com/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.194.126.20 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-194-126-20.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.livenewsnow.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.livenewsnow.com
pragma: no-cache
date: Thu, 16 Sep 2021 01:06:18 GMT
access-control-allow-credentials: true
x-robots-tag: none,NOINDEX,NOFOLLOW
access-control-allow-methods: POST, GET, OPTIONS
access-control-request-headers: Cache-Control, Pragma

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 1B61 139 B
824 B 21ms
9ms XHR
application/json 37.252.173.22
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: hb.brainlyads.com
URL: https://hb.brainlyads.com/prebid.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.22 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

a18f12becfea2fdba225ae8ef457c2ffaeb38d1f03e4b2ccbcb162245ca19887

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.livenewsnow.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 16 Sep 2021 01:06:18 GMT
X-Proxy-Origin: 216.131.114.43; 216.131.114.43; 536.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: edfeb315-84c8-4214-81cc-cb7e8477155c
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.livenewsnow.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 139
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 v1 Show response
hb-api.omnitagjs.com/hb-api/prebid/ Frame 1B61 180 B
317 B 246ms
201ms XHR
application/json 185.255.84.151
IGUANE-

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: hb.brainlyads.com
URL: https://hb.brainlyads.com/prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.255.84.151 Paris, France, ASN200271 (IGUANE-, FR),

Reverse DNS

Software

ayl-lb-fra02 /

Resource Hash

a22ecb1132b8bac5dacd3eba446a08869c58734fecb7d4180b07c925625e4c6b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.livenewsnow.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 16 Sep 2021 01:06:18 GMT
x-content-type-options: nosniff
p3p: CP="CAO PSA OUR"
x-envoy-upstream-service-time: 185
vary: Accept-Encoding
content-length: 180
pragma: no-cache
server: ayl-lb-fra02
access-control-max-age: 3600
access-control-allow-methods: OPTIONS, POST
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.livenewsnow.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Accept-Encoding, Content-Type
expires: 0

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ Frame 1B61 0
63 B 149ms
80ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: hb.brainlyads.com
URL: https://hb.brainlyads.com/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.livenewsnow.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.livenewsnow.com
date: Thu, 16 Sep 2021 01:06:17 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H2 200 v1 Show response
hb-api.omnitagjs.com/hb-api/prebid/ Frame 1B61 180 B
639 B 126ms
105ms XHR
application/json 185.255.84.151
IGUANE-

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: hb.brainlyads.com
URL: https://hb.brainlyads.com/prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.255.84.151 Paris, France, ASN200271 (IGUANE-, FR),

Reverse DNS

Software

ayl-lb-fra02 /

Resource Hash

faa3e7eb7a36ed4234eeb86fe3b46a0943300a0ae82971efd8387f74e02a956c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.livenewsnow.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 16 Sep 2021 01:06:18 GMT
x-content-type-options: nosniff
p3p: CP="CAO PSA OUR"
x-envoy-upstream-service-time: 89
vary: Accept-Encoding
content-length: 180
pragma: no-cache
server: ayl-lb-fra02
access-control-max-age: 3600
access-control-allow-methods: OPTIONS, POST
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.livenewsnow.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Accept-Encoding, Content-Type
expires: 0

POST
H/1.1 200
OK hbjson Show response
grid.bidswitch.net/ Frame 1B61 2 B
274 B 30ms
13ms XHR
application/json 18.192.135.64
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://grid.bidswitch.net/hbjson
Requested by: Host: hb.brainlyads.com
URL: https://hb.brainlyads.com/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.192.135.64 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-192-135-64.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer: https://www.livenewsnow.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://www.livenewsnow.com
Date: Thu, 16 Sep 2021 01:06:18 GMT
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Content-Length: 2
Content-Type: application/json; charset=UTF-8

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ Frame 1B61 0
63 B 101ms
72ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: hb.brainlyads.com
URL: https://hb.brainlyads.com/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.livenewsnow.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.livenewsnow.com
date: Thu, 16 Sep 2021 01:06:18 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H2 204 mvo Show response
tag.1rx.io/rmp/211242/0/ Frame 1B61 0
175 B 19ms
13ms XHR
text/plain 213.19.147.42
RHYTHMONE

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.1rx.io/rmp/211242/0/mvo?z=1r&hbv=4.39,2.1
Requested by: Host: hb.brainlyads.com
URL: https://hb.brainlyads.com/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 213.19.147.42 , United Kingdom, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software: Tengine /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.livenewsnow.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.livenewsnow.com
pragma: no-cache
date: Thu, 16 Sep 2021 01:06:18 GMT
cache-control: private, max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: Tengine

POST
H2 200 hb Show response
ssc.33across.com/api/v1/ Frame 1B61 66 B
158 B 104ms
99ms XHR
application/json 34.149.20.76
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ssc.33across.com/api/v1/hb?guid=bo6haih4Or65TXaKlId8sQ
Requested by: Host: hb.brainlyads.com
URL: https://hb.brainlyads.com/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 76.20.149.34.bc.googleusercontent.com
Software: / 33Across
Resource Hash: a23a8f6f8736c4956db144c89177ab581a5636ecbdbd6cc70c0c0bc862024026

Request headers

Referer: https://www.livenewsnow.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 16 Sep 2021 01:06:18 GMT
content-encoding: gzip
status: 200 OK
x-powered-by: 33Across
vary: Accept-Encoding, Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.livenewsnow.com
access-control-allow-credentials: true
alt-svc: clear
via: 1.1 google

POST
H2 200 prebid-request Show response
onetag-sys.com/ Frame 1B61 15 B
375 B 11ms
5ms XHR
application/json 51.89.9.254
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/prebid-request

Requested by

Host: hb.brainlyads.com
URL: https://hb.brainlyads.com/prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip254.ip-51-89-9.eu

Software

Resource Hash

663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://www.livenewsnow.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain

Response headers

strict-transport-security: max-age=15552000
content-encoding: gzip
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin: https://www.livenewsnow.com
cache-control: no-transform, no-cache
access-control-allow-credentials: true
content-type: application/json
access-control-allow-headers: content-type, origin, referer, user-agent
content-length: 41

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 1B61 138 B
823 B 9ms
7ms XHR
application/json 37.252.173.22
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: hb.brainlyads.com
URL: https://hb.brainlyads.com/prebid.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.22 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

c5f558a303640d99229181b36393b5ee6d4124d09edd0687cfac1da6de8f8151

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.livenewsnow.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 16 Sep 2021 01:06:18 GMT
X-Proxy-Origin: 216.131.114.43; 216.131.114.43; 536.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: cafcf078-224c-4278-9c4a-01b71a0cff0f
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.livenewsnow.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 138
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 arj Show response
u.openx.net/w/1.0/ Frame 1B61 189 B
367 B 29ms
24ms XHR
application/json 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://u.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.livenewsnow.com%2Ffeatured%2Fmsnbc.html&ch=UTF-8&res=1600x1200x24&ifr=true&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=441db356-16d0-4a99-9179-753204cd8f10&nocache=1631754378277&ph=85ac7b17-5271-4304-bcbc-5dddfff9683c&us_privacy=1---&schain=1.0%2C1!nextmillennium.io%2C15148%2C1%2C%2C%2C&aus=300x250&divIds=1-b6ed-%252F90814396%252C22488419775%252Flivenewsnow_300x250_intext_HB&auid=541135809
Requested by: Host: hb.brainlyads.com
URL: https://hb.brainlyads.com/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.216.0 /
Resource Hash: e26c48e3b5be6736358fa5feb2e85054fc75d3574083424bf41ca3791274b13c

Request headers

Referer: https://www.livenewsnow.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 16 Sep 2021 01:06:18 GMT
content-encoding: gzip
server: OXGW/16.216.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://www.livenewsnow.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: clear
content-length: 175
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 haloid Show response
aufp.io/api/v1/ 6 KB
3 KB 532ms
167ms Script
application/javascript 34.216.108.96
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aufp.io/api/v1/haloid
Requested by: Host: a.ad.gt
URL: https://a.ad.gt/api/v1/u/matches/251?url=https%3A%2F%2Fwww.livenewsnow.com%2Ffeatured%2Fmsnbc.html&ref=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.216.108.96 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-216-108-96.us-west-2.compute.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: 85e50082d7ce113bfa87dbade18dbf747d1bacfcffdbd628296dcffa98a08f94

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.livenewsnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 01:06:18 GMT
content-encoding: gzip
last-modified: Wed, 15 Sep 2021 20:36:14 GMT
server: nginx/1.18.0
etag: W/"1631738174.0-6132-2958560116"
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *, *
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
cache-control: public, max-age=43200
origin-trial: A/KTxPuSXtwcggydvUxw5B4dXspsb2iweedc7KDi2xv9M89MtnOpULTs7DQJVHBxGDV5wj5a3LW9S4ev3WfQkwIAAAB+eyJvcmlnaW4iOiJodHRwczovL2hhbG9mbG9jLmNvbTo0NDMiLCJmZWF0dXJlIjoiSW50ZXJlc3RDb2hvcnRBUEkiLCJleHBpcnkiOjE2MjYyMjA3OTksImlzU3ViZG9tYWluIjp0cnVlLCJpc1RoaXJkUGFydHkiOnRydWV9
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
expires: Thu, 16 Sep 2021 13:06:18 GMT

GET
H2 200 251 Show response
p.ad.gt/api/v1/p/ 25 KB
8 KB 535ms
171ms Script
application/javascript 54.213.79.211
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://p.ad.gt/api/v1/p/251
Requested by: Host: a.ad.gt
URL: https://a.ad.gt/api/v1/u/matches/251?url=https%3A%2F%2Fwww.livenewsnow.com%2Ffeatured%2Fmsnbc.html&ref=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.213.79.211 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-213-79-211.us-west-2.compute.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: 8027119f899b59c2af3b0ccb2c7d1323fb3891a1235ab54309fe5337b92cd1c6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.livenewsnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 01:06:18 GMT
content-encoding: gzip
last-modified: Wed, 15 Sep 2021 20:34:42 GMT
server: nginx/1.18.0
etag: W/"1631738082.0-26098-2710964840"
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
cache-control: public, max-age=43200
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
expires: Thu, 16 Sep 2021 13:06:18 GMT

GET
H2

200

match
ids.ad.gt/api/v1/
Redirect Chain

https://secure.adnxs.com/getuid?https://ids.ad.gt/api/v1/match?id=70ccee21-fe74-4339-b837-46b1d9a1721f&adnxs_id=$UID
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fmatch%3Fid%3D70ccee21-fe74-4339-b837-46b1d9a1721f%26adnxs_id%3D%24UID
https://ids.ad.gt/api/v1/match?id=70ccee21-fe74-4339-b837-46b1d9a1721f&adnxs_id=692294473516701639

43 B
563 B

541ms
182ms

Image
image/gif

52.42.90.222
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ids.ad.gt/api/v1/match?id=70ccee21-fe74-4339-b837-46b1d9a1721f&adnxs_id=692294473516701639
Requested by: Host: www.livenewsnow.com
URL: https://www.livenewsnow.com/featured/msnbc.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.42.90.222 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-42-90-222.us-west-2.compute.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.livenewsnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 01:06:18 GMT
cache-control: public, max-age=43200
server: nginx/1.18.0
content-type: image/gif
expires: Thu, 16 Sep 2021 13:06:18 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 16 Sep 2021 01:06:18 GMT
X-Proxy-Origin: 216.131.114.43; 216.131.114.43; 539.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: 24968304-14b7-4f5f-8fec-139e202d59e4
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://ids.ad.gt/api/v1/match?id=70ccee21-fe74-4339-b837-46b1d9a1721f&adnxs_id=692294473516701639
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

t_match
ids.ad.gt/api/v1/
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=8gkxb6n&ttd_tpi=1&gpdr=0&ttd_puid=70ccee21-fe74-4339-b837-46b1d9a1721f
https://match.adsrvr.org/track/cmb/generic?ttd_pid=8gkxb6n&ttd_tpi=1&gpdr=0&ttd_puid=70ccee21-fe74-4339-b837-46b1d9a1721f
https://ids.ad.gt/api/v1/t_match?tdid=a15bdabb-c3aa-4c50-8f55-12df19c523a9&id=70ccee21-fe74-4339-b837-46b1d9a1721f

43 B
567 B

623ms
334ms

Image
image/gif

52.42.90.222
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ids.ad.gt/api/v1/t_match?tdid=a15bdabb-c3aa-4c50-8f55-12df19c523a9&id=70ccee21-fe74-4339-b837-46b1d9a1721f
Requested by: Host: www.livenewsnow.com
URL: https://www.livenewsnow.com/featured/msnbc.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.42.90.222 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-42-90-222.us-west-2.compute.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.livenewsnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 01:06:18 GMT
cache-control: public, max-age=43200
server: nginx/1.18.0
content-type: image/gif
expires: Thu, 16 Sep 2021 13:06:18 GMT

Redirect headers

pragma: no-cache
date: Thu, 16 Sep 2021 01:06:18 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://ids.ad.gt/api/v1/t_match?tdid=a15bdabb-c3aa-4c50-8f55-12df19c523a9&id=70ccee21-fe74-4339-b837-46b1d9a1721f
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 259

GET
H2

200

pbm_match
ids.ad.gt/api/v1/
Redirect Chain

https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fpbm_match%3Fpbm%3D%23PM_USER_ID%26id%3D70ccee21-fe74-4339-b837-46b1d9a1721f
https://image2.pubmatic.com/AdServer/UCookieSetPug?ird=1&rd=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fpbm_match%3Fpbm%3D%23PM_USER_ID%26id%3D70ccee21-fe74-4339-b837-46b1d9a1721f
https://ids.ad.gt/api/v1/pbm_match?pbm=9D35A074-4453-48D3-818E-01171824F295&id=70ccee21-fe74-4339-b837-46b1d9a1721f

43 B
570 B

412ms
187ms

Image
image/gif

52.42.90.222
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ids.ad.gt/api/v1/pbm_match?pbm=9D35A074-4453-48D3-818E-01171824F295&id=70ccee21-fe74-4339-b837-46b1d9a1721f
Requested by: Host: www.livenewsnow.com
URL: https://www.livenewsnow.com/featured/msnbc.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.42.90.222 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-42-90-222.us-west-2.compute.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.livenewsnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 01:06:18 GMT
cache-control: public, max-age=43200
server: nginx/1.18.0
content-type: image/gif
expires: Thu, 16 Sep 2021 13:06:18 GMT

Redirect headers

location: https://ids.ad.gt/api/v1/pbm_match?pbm=9D35A074-4453-48D3-818E-01171824F295&id=70ccee21-fe74-4339-b837-46b1d9a1721f
date: Thu, 16 Sep 2021 01:06:18 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2

200

g_match
ids.ad.gt/api/v1/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_cm&google_sc&google_ula=450542624&id=70ccee21-fe74-4339-b837-46b1d9a1721f
https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_cm=&google_sc=&google_ula=450542624&id=70ccee21-fe74-4339-b837-46b1d9a1721f&google_tc=
https://ids.ad.gt/api/v1/g_match?id=70ccee21-fe74-4339-b837-46b1d9a1721f&google_error=3

43 B
179 B

442ms
170ms

Image
image/gif

52.42.90.222
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ids.ad.gt/api/v1/g_match?id=70ccee21-fe74-4339-b837-46b1d9a1721f&google_error=3
Requested by: Host: www.livenewsnow.com
URL: https://www.livenewsnow.com/featured/msnbc.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.42.90.222 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-42-90-222.us-west-2.compute.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.livenewsnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 01:06:18 GMT
cache-control: public, max-age=43200
server: nginx/1.18.0
content-type: image/gif
expires: Thu, 16 Sep 2021 13:06:18 GMT

Redirect headers

pragma: no-cache
date: Thu, 16 Sep 2021 01:06:18 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ids.ad.gt/api/v1/g_match?id=70ccee21-fe74-4339-b837-46b1d9a1721f&google_error=3
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 288
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

g_match
ids.ad.gt/api/v1/
Redirect Chain

https://ids.ad.gt/api/v1/g_hosted?id=70ccee21-fe74-4339-b837-46b1d9a1721f
https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_hm=NzBjY2VlMjEtZmU3NC00MzM5LWI4MzctNDZiMWQ5YTE3MjFm
https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_hm=NzBjY2VlMjEtZmU3NC00MzM5LWI4MzctNDZiMWQ5YTE3MjFm&google_tc=
https://ids.ad.gt/api/v1/g_match?google_error=3

43 B
179 B

165ms
165ms

Image
image/gif

52.42.90.222
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ids.ad.gt/api/v1/g_match?google_error=3
Requested by: Host: www.livenewsnow.com
URL: https://www.livenewsnow.com/featured/msnbc.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.42.90.222 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-42-90-222.us-west-2.compute.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.livenewsnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 01:06:19 GMT
cache-control: public, max-age=43200
server: nginx/1.18.0
content-type: image/gif
expires: Thu, 16 Sep 2021 13:06:19 GMT

Redirect headers

pragma: no-cache
date: Thu, 16 Sep 2021 01:06:18 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ids.ad.gt/api/v1/g_match?google_error=3
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 244
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

getuid
sync.smartadserver.com/
Redirect Chain

https://sync.smartadserver.com/getuid?url=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fsmart_match%3Fid%3D70ccee21-fe74-4339-b837-46b1d9a1721f%26sas_uid%3D%5bsas_uid%5d
https://sync.smartadserver.com/getuid?url=https://ids.ad.gt/api/v1/smart_match?id=70ccee21-fe74-4339-b837-46b1d9a1721f&sas_uid=[sas_uid]&cklb=1

0
436 B

18ms
18ms

Image
text/plain

185.86.137.131
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.smartadserver.com/getuid?url=https://ids.ad.gt/api/v1/smart_match?id=70ccee21-fe74-4339-b837-46b1d9a1721f&sas_uid=[sas_uid]&cklb=1
Requested by: Host: www.livenewsnow.com
URL: https://www.livenewsnow.com/featured/msnbc.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.137.131 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.livenewsnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Sep 2021 01:06:18 GMT
cache-control: no-cache,no-store
content-length: 0
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

location: https://sync.smartadserver.com:443/getuid?url=https://ids.ad.gt/api/v1/smart_match?id=70ccee21-fe74-4339-b837-46b1d9a1721f&sas_uid=[sas_uid]&cklb=1
pragma: no-cache
date: Thu, 16 Sep 2021 01:06:17 GMT
cache-control: no-cache,no-store
content-length: 0
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

GET
H2

200

beeswax_match
ids.ad.gt/api/v1/
Redirect Chain

https://match.prod.bidr.io/cookie-sync/audigent?buyer_user_id=70ccee21-fe74-4339-b837-46b1d9a1721f
https://match.prod.bidr.io/cookie-sync/audigent?buyer_user_id=70ccee21-fe74-4339-b837-46b1d9a1721f&_bee_ppp=1
https://ids.ad.gt/api/v1/beeswax_match?beeswax_id=AABZDU7ChTEAAB0enEokTg&id=70ccee21-fe74-4339-b837-46b1d9a1721f

43 B
476 B

270ms
270ms

Image
image/gif

52.42.90.222
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ids.ad.gt/api/v1/beeswax_match?beeswax_id=AABZDU7ChTEAAB0enEokTg&id=70ccee21-fe74-4339-b837-46b1d9a1721f
Requested by: Host: www.livenewsnow.com
URL: https://www.livenewsnow.com/featured/msnbc.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.42.90.222 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-42-90-222.us-west-2.compute.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.livenewsnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 01:06:18 GMT
cache-control: public, max-age=43200
server: nginx/1.18.0
content-type: image/gif
expires: Thu, 16 Sep 2021 13:06:18 GMT

Redirect headers

location: https://ids.ad.gt/api/v1/beeswax_match?beeswax_id=AABZDU7ChTEAAB0enEokTg&id=70ccee21-fe74-4339-b837-46b1d9a1721f
Date: Thu, 16 Sep 2021 01:06:18 GMT
Server: nginx
Connection: keep-alive
Content-Length: 0
strict-transport-security: max-age=2592000; includeSubDomains

GET
H2

200

mediamath_match
ids.ad.gt/api/v1/
Redirect Chain

https://sync.mathtag.com/sync/img?redir=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fmediamath_match%3Fuser_id%3D%5BMM_UUID%5D%26id%3D70ccee21-fe74-4339-b837-46b1d9a1721f
https://ids.ad.gt/api/v1/mediamath_match?user_id=ce896142-988a-4000-9d86-8d6e6bdc91b4&id=70ccee21-fe74-4339-b837-46b1d9a1721f

43 B
483 B

262ms
262ms

Image
image/gif

52.42.90.222
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ids.ad.gt/api/v1/mediamath_match?user_id=ce896142-988a-4000-9d86-8d6e6bdc91b4&id=70ccee21-fe74-4339-b837-46b1d9a1721f
Requested by: Host: www.livenewsnow.com
URL: https://www.livenewsnow.com/featured/msnbc.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.42.90.222 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-42-90-222.us-west-2.compute.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.livenewsnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 01:06:18 GMT
cache-control: public, max-age=43200
server: nginx/1.18.0
content-type: image/gif
expires: Thu, 16 Sep 2021 13:06:18 GMT

Redirect headers

Date: Thu, 16 Sep 2021 01:06:18 GMT
Server: MT3 3944 2bcb57b master cdg-pixel-x10 config:1.0.1
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://ids.ad.gt/api/v1/mediamath_match?user_id=ce896142-988a-4000-9d86-8d6e6bdc91b4&id=70ccee21-fe74-4339-b837-46b1d9a1721f
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Thu, 16 Sep 2021 01:06:17 GMT

GET
H2 200 v2 Show response
de.tynt.com/deb/ 4 B
202 B 353ms
110ms Script
application/javascript 208.100.17.190
STEADFAST

General

Check archive.org

Show headers Download Go to

Full URL: https://de.tynt.com/deb/v2?id=wu!&dn=AFWU&cc=1&r=&us_privacy=1---
Requested by: Host: cdn.tynt.com
URL: https://cdn.tynt.com/afwu.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 208.100.17.190 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip190.208-100-17.static.steadfastdns.net
Software: /
Resource Hash: d21021784cda31eeae5c8295e047a14bda6ed5a9b5963fca9e7ceb398a9c9179

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.livenewsnow.com/featured/msnbc.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 01:06:18 GMT
cache-control: max-age=86400
content-type: application/javascript
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
content-length: 4
expires: Fri, 17 Sep 2021 01:06:19 GMT

GET
H2 200 avjp Show response
next-millennium-d.openx.net/v/1.0/ Frame 5BCE 106 B
299 B 37ms
24ms XHR
application/json 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://next-millennium-d.openx.net/v/1.0/avjp?auid=540225762&url=https://www.livenewsnow.com/featured/msnbc.html&vht=360&vwd=640&openrtb=%7B%22imp%22%3A%5B%7B%22video%22%3A%7B%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22application%2Fjavascript%22%2C%22video%2Fwebm%22%2C%22video%2Fogg%22%5D%2C%22w%22%3A640%2C%22h%22%3A360%7D%7D%5D%7D&be=true&schain=
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_44854a27.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.216.0 /
Resource Hash: 730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 16 Sep 2021 01:06:18 GMT
via: 1.1 google
server: OXGW/16.216.0
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://www.livenewsnow.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: clear
content-length: 106
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 arj Show response
u.openx.net/w/1.0/ Frame 1B61 189 B
367 B 24ms
24ms XHR
application/json 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://u.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.livenewsnow.com%2Ffeatured%2Fmsnbc.html&ch=UTF-8&res=1600x1200x24&ifr=true&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=21f7f879-8be8-4d91-b4bd-5e78c7d9eec1&nocache=1631754378406&ph=85ac7b17-5271-4304-bcbc-5dddfff9683c&us_privacy=1---&schain=1.0%2C1!nextmillennium.io%2C15148%2C1%2C%2C%2C&aus=300x250&divIds=1-88c8-%252F90814396%252C22488419775%252Flivenewsnow_300x250_intext_HB&auid=541135809
Requested by: Host: hb.brainlyads.com
URL: https://hb.brainlyads.com/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.216.0 /
Resource Hash: 781141fd583b72c2e2cf27dcd5fed0e58eaeeea7532551de76200f5653ace1f0

Request headers

Referer: https://www.livenewsnow.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 16 Sep 2021 01:06:18 GMT
content-encoding: gzip
server: OXGW/16.216.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://www.livenewsnow.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: clear
content-length: 175
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H2 200 prebid-request Show response
onetag-sys.com/ Frame 1B61 15 B
375 B 8ms
8ms XHR
application/json 51.89.9.254
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/prebid-request

Requested by

Host: hb.brainlyads.com
URL: https://hb.brainlyads.com/prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip254.ip-51-89-9.eu

Software

Resource Hash

663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://www.livenewsnow.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain

Response headers

strict-transport-security: max-age=15552000
content-encoding: gzip
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin: https://www.livenewsnow.com
cache-control: no-transform, no-cache
access-control-allow-credentials: true
content-type: application/json
access-control-allow-headers: content-type, origin, referer, user-agent
content-length: 41

POST
H/1.1 200
OK hbjson Show response
grid.bidswitch.net/ Frame 1B61 2 B
274 B 12ms
12ms XHR
application/json 18.192.135.64
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://grid.bidswitch.net/hbjson
Requested by: Host: hb.brainlyads.com
URL: https://hb.brainlyads.com/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.192.135.64 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-192-135-64.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer: https://www.livenewsnow.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://www.livenewsnow.com
Date: Thu, 16 Sep 2021 01:06:18 GMT
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Content-Length: 2
Content-Type: application/json; charset=UTF-8

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 1B61 139 B
978 B 8ms
8ms XHR
application/json 37.252.173.22
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: hb.brainlyads.com
URL: https://hb.brainlyads.com/prebid.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.22 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

fe458d0079830d0c86e095d0c27441df26d9f586b6f61f2d6c7caa2480d4e3f1

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.livenewsnow.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 16 Sep 2021 01:06:18 GMT
X-Proxy-Origin: 216.131.114.43; 216.131.114.43; 536.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: cfbd434c-0532-4b0f-ab68-8247eecce8f9
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.livenewsnow.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 139
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ Frame 1B61 0
63 B 69ms
68ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: hb.brainlyads.com
URL: https://hb.brainlyads.com/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.livenewsnow.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.livenewsnow.com
date: Thu, 16 Sep 2021 01:06:17 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H2 200 v1 Show response
hb-api.omnitagjs.com/hb-api/prebid/ Frame 1B61 179 B
317 B 114ms
114ms XHR
application/json 185.255.84.151
IGUANE-

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: hb.brainlyads.com
URL: https://hb.brainlyads.com/prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.255.84.151 Paris, France, ASN200271 (IGUANE-, FR),

Reverse DNS

Software

ayl-lb-fra02 /

Resource Hash

5dc7c905debaa6b745ec1306e32b44b97ef84ef00fc6988063cd565bfde2259c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.livenewsnow.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 16 Sep 2021 01:06:18 GMT
x-content-type-options: nosniff
p3p: CP="CAO PSA OUR"
x-envoy-upstream-service-time: 98
vary: Accept-Encoding
content-length: 179
pragma: no-cache
server: ayl-lb-fra02
access-control-max-age: 3600
access-control-allow-methods: OPTIONS, POST
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.livenewsnow.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Accept-Encoding, Content-Type
expires: 0

POST
H2 200 hb Show response
ssc.33across.com/api/v1/ Frame 1B61 66 B
149 B 100ms
100ms XHR
application/json 34.149.20.76
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ssc.33across.com/api/v1/hb?guid=bo6haih4Or65TXaKlId8sQ
Requested by: Host: hb.brainlyads.com
URL: https://hb.brainlyads.com/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 76.20.149.34.bc.googleusercontent.com
Software: / 33Across
Resource Hash: e597e4132388d8c4b0130d24f0edc473a77e33909f83019fd07ae1a9b088f0f2

Request headers

Referer: https://www.livenewsnow.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 16 Sep 2021 01:06:18 GMT
content-encoding: gzip
status: 200 OK
x-powered-by: 33Across
vary: Accept-Encoding, Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.livenewsnow.com
access-control-allow-credentials: true
alt-svc: clear
via: 1.1 google

POST
H2 204 mvo Show response
tag.1rx.io/rmp/211242/0/ Frame 1B61 0
175 B 15ms
15ms XHR
text/plain 213.19.147.42
RHYTHMONE

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.1rx.io/rmp/211242/0/mvo?z=1r&hbv=4.39,2.1
Requested by: Host: hb.brainlyads.com
URL: https://hb.brainlyads.com/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 213.19.147.42 , United Kingdom, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software: Tengine /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.livenewsnow.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.livenewsnow.com
pragma: no-cache
date: Thu, 16 Sep 2021 01:06:18 GMT
cache-control: private, max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: Tengine

POST
H2 204 mvo Show response
tag.1rx.io/rmp/211242/0/ Frame 1B61 0
175 B 15ms
15ms XHR
text/plain 213.19.147.42
RHYTHMONE

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.1rx.io/rmp/211242/0/mvo?z=1r&hbv=4.39,2.1
Requested by: Host: hb.brainlyads.com
URL: https://hb.brainlyads.com/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 213.19.147.42 , United Kingdom, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software: Tengine /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.livenewsnow.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.livenewsnow.com
pragma: no-cache
date: Thu, 16 Sep 2021 01:06:18 GMT
cache-control: private, max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: Tengine

POST
H2 200 hb Show response
ssc.33across.com/api/v1/ Frame 1B61 66 B
158 B 101ms
100ms XHR
application/json 34.149.20.76
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ssc.33across.com/api/v1/hb?guid=bo6haih4Or65TXaKlId8sQ
Requested by: Host: hb.brainlyads.com
URL: https://hb.brainlyads.com/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 76.20.149.34.bc.googleusercontent.com
Software: / 33Across
Resource Hash: e470a22665f79439b5c03dfbe37987ad27f9fba8166e83e6396c0597b70f50dc

Request headers

Referer: https://www.livenewsnow.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 16 Sep 2021 01:06:18 GMT
content-encoding: gzip
status: 200 OK
x-powered-by: 33Across
vary: Accept-Encoding, Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.livenewsnow.com
access-control-allow-credentials: true
alt-svc: clear
via: 1.1 google

POST
H2 200 prebid-request Show response
onetag-sys.com/ Frame 1B61 15 B
375 B 8ms
7ms XHR
application/json 51.89.9.254
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/prebid-request

Requested by

Host: hb.brainlyads.com
URL: https://hb.brainlyads.com/prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip254.ip-51-89-9.eu

Software

Resource Hash

663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://www.livenewsnow.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain

Response headers

strict-transport-security: max-age=15552000
content-encoding: gzip
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin: https://www.livenewsnow.com
cache-control: no-transform, no-cache
access-control-allow-credentials: true
content-type: application/json
access-control-allow-headers: content-type, origin, referer, user-agent
content-length: 41

POST
H/1.1 200
OK hbjson Show response
grid.bidswitch.net/ Frame 1B61 2 B
274 B 12ms
11ms XHR
application/json 18.192.135.64
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://grid.bidswitch.net/hbjson
Requested by: Host: hb.brainlyads.com
URL: https://hb.brainlyads.com/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.192.135.64 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-192-135-64.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer: https://www.livenewsnow.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://www.livenewsnow.com
Date: Thu, 16 Sep 2021 01:06:18 GMT
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Content-Length: 2
Content-Type: application/json; charset=UTF-8

POST
H2 200 v1 Show response
hb-api.omnitagjs.com/hb-api/prebid/ Frame 1B61 181 B
315 B 114ms
113ms XHR
application/json 185.255.84.151
IGUANE-

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: hb.brainlyads.com
URL: https://hb.brainlyads.com/prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.255.84.151 Paris, France, ASN200271 (IGUANE-, FR),

Reverse DNS

Software

ayl-lb-fra02 /

Resource Hash

6e6ccac087ad76b6ea6521366164d204e5028affc84a6b6e8fe887218b7a9f9e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.livenewsnow.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 16 Sep 2021 01:06:18 GMT
x-content-type-options: nosniff
p3p: CP="CAO PSA OUR"
x-envoy-upstream-service-time: 98
vary: Accept-Encoding
content-length: 181
pragma: no-cache
server: ayl-lb-fra02
access-control-max-age: 3600
access-control-allow-methods: OPTIONS, POST
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.livenewsnow.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Accept-Encoding, Content-Type
expires: 0

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ Frame 1B61 0
63 B 68ms
67ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: hb.brainlyads.com
URL: https://hb.brainlyads.com/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.livenewsnow.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.livenewsnow.com
date: Thu, 16 Sep 2021 01:06:16 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 1B61 140 B
979 B 6ms
6ms XHR
application/json 37.252.173.22
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: hb.brainlyads.com
URL: https://hb.brainlyads.com/prebid.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.22 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

46acd42f9cf72f881923da6593e84b3712aa11935e868d72653448ffeda9b23e

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.livenewsnow.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 16 Sep 2021 01:06:18 GMT
X-Proxy-Origin: 216.131.114.43; 216.131.114.43; 536.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: 886917d8-958c-4402-a623-0c130614b00f
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.livenewsnow.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 140
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 arj Show response
u.openx.net/w/1.0/ Frame 1B61 189 B
367 B 25ms
24ms XHR
application/json 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://u.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.livenewsnow.com%2Ffeatured%2Fmsnbc.html&ch=UTF-8&res=1600x1200x24&ifr=true&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=6677a4f5-0eac-4eb0-8b96-171f7c6ee687&nocache=1631754378425&ph=85ac7b17-5271-4304-bcbc-5dddfff9683c&us_privacy=1---&schain=1.0%2C1!nextmillennium.io%2C15148%2C1%2C%2C%2C&aus=300x250&divIds=1-75b1-%252F90814396%252C22488419775%252Flivenewsnow_300x250_intext_HB&auid=541135809
Requested by: Host: hb.brainlyads.com
URL: https://hb.brainlyads.com/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.216.0 /
Resource Hash: 7706eaf965adc73f726e3d0feeac2d04116e0db9a134dbfdbd2d9bef95c65194

Request headers

Referer: https://www.livenewsnow.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 16 Sep 2021 01:06:18 GMT
content-encoding: gzip
server: OXGW/16.216.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://www.livenewsnow.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: clear
content-length: 175
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 ima3vpaid Show response
tpc.googlesyndication.com/ Frame 5BCE 839 B
1008 B 72ms
50ms XHR
text/xml 142.250.186.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/ima3vpaid?vad_format=linear&correlator=&adtagurl=https%3A%2F%2Fpubads.g.doubleclick.net%2Fgampad%2Flive%2Fads%3Fsz%3D640x480%26description_url%3Dhttps%253A%252F%252Fwww.livenewsnow.com%252F%26vpos%3Dpreroll%26iu%3D%2F90814396%2Flivenewsnow_video%26env%3Dvp%26gdfp_req%3D1%26output%3Dvast%26tfcd%3D0%26npa%3D0%26vpmute%3D0%26vpa%3D0%26type%3Djs%26unviewed_position_start%3D1

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_44854a27.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f1.1e100.net

Software

cafe /

Resource Hash

c6305635c3915fe288c4767d3a5af78c0c9106ed87eb3db881d8748210e1d833

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 16 Sep 2021 01:06:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: https://www.livenewsnow.com
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-type: text/xml; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 519
x-xss-protection: 0

GET
H2 204 p
ic.tynt.com/b/ 0
227 B 111ms
111ms Image
text/plain 208.100.17.186
STEADFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ic.tynt.com/b/p?id=wu!&lm=0&ts=1631754378046&dn=AFWU&iso=0&img=https%3A%2F%2Fwww.livenewsnow.com%2Fwp-content%2Fuploads%2F2014%2F11%2FMSNBC-1.jpg&t=MSNBC%20Live%20Stream%20free%20-%20MSNBC%20News%20Live%20Streaming%20Online&cu=https%3A%2F%2Fwww.livenewsnow.com%2Ffeatured%2Fmsnbc.html
Requested by: Host: www.livenewsnow.com
URL: https://www.livenewsnow.com/featured/msnbc.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 208.100.17.186 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip186.208-100-17.static.steadfastdns.net
Software: nginx/1.16.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.livenewsnow.com/featured/msnbc.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 01:06:18 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
server: nginx/1.16.1
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"

GET
H2 200 EU Show response
onetag-geo-grouping.s-onetag.com/regionalbloc/ 1 KB
840 B 51ms
9ms Fetch
application/json 13.225.78.3
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://onetag-geo-grouping.s-onetag.com/regionalbloc/EU
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-3.fra2.r.cloudfront.net
Software: restify /
Resource Hash: 6088012dda2274a27fa40ed153d9e3a6c96a22af1b177f8a2916368eb3e88bb0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.livenewsnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 15 Sep 2021 06:58:14 GMT
content-encoding: gzip
server: restify
age: 65284
vary: Accept-Encoding,origin
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: https://www.livenewsnow.com
access-control-expose-headers: api-version, content-length, content-md5, content-type, date, request-id, response-time
cache-control: max-age=86400
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: rjpU3ShObdytty5TZst68WdWjuuFF4hwzxVcbxsGih7vRYYurg3y7A==
via: 1.1 56fad5a50ef67bd961b9722ed0931839.cloudfront.net (CloudFront)

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 1B61 140 B
979 B 7ms
6ms XHR
application/json 37.252.173.22
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: hb.brainlyads.com
URL: https://hb.brainlyads.com/prebid.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.22 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

0031e851a43588a289137ca2bba9e2ba59221a504e0f0cb256331a36674f8bd0

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.livenewsnow.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 16 Sep 2021 01:06:18 GMT
X-Proxy-Origin: 216.131.114.43; 216.131.114.43; 536.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: b5084eaa-31a0-4f3e-9b72-52139fb4b290
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.livenewsnow.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 140
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 arj Show response
u.openx.net/w/1.0/ Frame 1B61 190 B
370 B 31ms
30ms XHR
application/json 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://u.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.livenewsnow.com%2Ffeatured%2Fmsnbc.html&ch=UTF-8&res=1600x1200x24&ifr=true&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=37a31d44-6882-4585-8fed-cfa89b73afe6&nocache=1631754378496&ph=85ac7b17-5271-4304-bcbc-5dddfff9683c&us_privacy=1---&schain=1.0%2C1!nextmillennium.io%2C15148%2C1%2C%2C%2C&aus=728x90&divIds=1-93c4-%252F90814396%252C22488419775%252Flivenewsnow_728x90_stickybottom_HB&auid=541135814
Requested by: Host: hb.brainlyads.com
URL: https://hb.brainlyads.com/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.216.0 /
Resource Hash: a2e3bc941699f0a3554c27814d246b20fc423b5f1a01b37dcb1f1d2dd107b688

Request headers

Referer: https://www.livenewsnow.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 16 Sep 2021 01:06:18 GMT
content-encoding: gzip
server: OXGW/16.216.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://www.livenewsnow.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: clear
content-length: 178
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H/1.1 200
OK hbjson Show response
grid.bidswitch.net/ Frame 1B61 2 B
274 B 22ms
22ms XHR
application/json 18.192.135.64
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://grid.bidswitch.net/hbjson
Requested by: Host: hb.brainlyads.com
URL: https://hb.brainlyads.com/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.192.135.64 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-192-135-64.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer: https://www.livenewsnow.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://www.livenewsnow.com
Date: Thu, 16 Sep 2021 01:06:18 GMT
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Content-Length: 2
Content-Type: application/json; charset=UTF-8

POST
H2 204 hb Show response
hb.undertone.com/ Frame 1B61 0
450 B 100ms
99ms XHR
text/plain 13.224.193.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.undertone.com/hb?pid=3757&domain=livenewsnow.com&ccpa=1---
Requested by: Host: hb.brainlyads.com
URL: https://hb.brainlyads.com/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.193.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-193-129.fra2.r.cloudfront.net
Software: istio-envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.livenewsnow.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 16 Sep 2021 01:06:18 GMT
via: 1.1 c379418fd6100691807f32f274ebe9ce.cloudfront.net (CloudFront)
server: istio-envoy
x-amz-cf-pop: FRA2-C1
x-cache: Miss from cloudfront
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSDo OUR BUS UNI COM NAV"
access-control-allow-origin: https://www.livenewsnow.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
x-envoy-upstream-service-time: 1
x-amz-cf-id: oZM1e42tAFOtuh8605ODp9uwjmgQvl1ijE_TfEKtieyWysrUX9wN1Q==
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H2 200 v1 Show response
hb-api.omnitagjs.com/hb-api/prebid/ Frame 1B61 181 B
317 B 115ms
115ms XHR
application/json 185.255.84.151
IGUANE-

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: hb.brainlyads.com
URL: https://hb.brainlyads.com/prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.255.84.151 Paris, France, ASN200271 (IGUANE-, FR),

Reverse DNS

Software

ayl-lb-fra02 /

Resource Hash

88995bada65f5b8244254e4684cc68aa3a2d49ba9bfeeb3d321056a09ac6eb94

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.livenewsnow.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 16 Sep 2021 01:06:18 GMT
x-content-type-options: nosniff
p3p: CP="CAO PSA OUR"
x-envoy-upstream-service-time: 100
vary: Accept-Encoding
content-length: 181
pragma: no-cache
server: ayl-lb-fra02
access-control-max-age: 3600
access-control-allow-methods: OPTIONS, POST
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.livenewsnow.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Accept-Encoding, Content-Type
expires: 0

POST
H2 200 prebid-request Show response
onetag-sys.com/ Frame 1B61 15 B
375 B 8ms
8ms XHR
application/json 51.89.9.254
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/prebid-request

Requested by

Host: hb.brainlyads.com
URL: https://hb.brainlyads.com/prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip254.ip-51-89-9.eu

Software

Resource Hash

663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://www.livenewsnow.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain

Response headers

strict-transport-security: max-age=15552000
content-encoding: gzip
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin: https://www.livenewsnow.com
cache-control: no-transform, no-cache
access-control-allow-credentials: true
content-type: application/json
access-control-allow-headers: content-type, origin, referer, user-agent
content-length: 41

GET
H2 200 imp Show response
g2.gumgum.com/hbid/ Frame 1B61 2 B
361 B 209ms
32ms XHR
application/json 52.18.52.16
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://g2.gumgum.com/hbid/imp?t=wh0syjah&pi=2&uspConsent=1---&schain=1.0%2C1!nextmillennium.io%2C15148%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.livenewsnow.com%2Ffeatured%2Fmsnbc.html&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%224.39.0%22%7D&ogu=null&ns=9523
Requested by: Host: hb.brainlyads.com
URL: https://hb.brainlyads.com/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.18.52.16 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-18-52-16.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer: https://www.livenewsnow.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 16 Sep 2021 01:06:18 GMT
content-type: application/json;charset=UTF-8
server: nginx
p3p: CP="This is not a P3P policy"
access-control-allow-origin: https://www.livenewsnow.com
cache-control: private, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 2
expires: 0

POST
H2 204 mvo Show response
tag.1rx.io/rmp/211242/0/ Frame 1B61 0
175 B 18ms
18ms XHR
text/plain 213.19.147.42
RHYTHMONE

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.1rx.io/rmp/211242/0/mvo?z=1r&hbv=4.39,2.1
Requested by: Host: hb.brainlyads.com
URL: https://hb.brainlyads.com/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 213.19.147.42 , United Kingdom, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software: Tengine /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.livenewsnow.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.livenewsnow.com
pragma: no-cache
date: Thu, 16 Sep 2021 01:06:18 GMT
cache-control: private, max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: Tengine

GET
H2 204 prebid Show response
ads.yieldmo.com/exchange/ Frame 1B61 0
227 B 36ms
36ms XHR
text/plain 54.194.126.20
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.yieldmo.com/exchange/prebid?pbav=4.39.0&p=%5B%7B%22placement_id%22%3A%221-93c4-%2F90814396%2C22488419775%2Flivenewsnow_728x90_stickybottom_HB%22%2C%22callback_id%22%3A%221294ccc5a58c45ad%22%2C%22sizes%22%3A%5B%5B728%2C90%5D%5D%2C%22ym_placement_id%22%3A%222495061940728963600%22%7D%5D&page_url=https%3A%2F%2Fwww.livenewsnow.com%2Ffeatured%2Fmsnbc.html&bust=1631754378501&pr=&scrd=1&dnt=false&description=&title=MSNBC%20Live%20Stream%20free%20-%20MSNBC%20News%20Live%20Streaming%20Online&w=1600&h=1200&userConsent=%7B%22gdprApplies%22%3A%22%22%2C%22cmp%22%3A%22%22%7D&us_privacy=1---&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22nextmillennium.io%22%2C%22sid%22%3A%2215148%22%2C%22hp%22%3A1%7D%5D%7D
Requested by: Host: hb.brainlyads.com
URL: https://hb.brainlyads.com/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.194.126.20 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-194-126-20.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.livenewsnow.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.livenewsnow.com
pragma: no-cache
date: Thu, 16 Sep 2021 01:06:18 GMT
access-control-allow-credentials: true
x-robots-tag: none,NOINDEX,NOFOLLOW
access-control-allow-methods: POST, GET, OPTIONS
access-control-request-headers: Cache-Control, Pragma

POST
H2 200 hb Show response
ssc.33across.com/api/v1/ Frame 1B61 67 B
159 B 101ms
100ms XHR
application/json 34.149.20.76
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ssc.33across.com/api/v1/hb?guid=bo6haih4Or65TXaKlId8sQ
Requested by: Host: hb.brainlyads.com
URL: https://hb.brainlyads.com/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 76.20.149.34.bc.googleusercontent.com
Software: / 33Across
Resource Hash: 92c4156a96ba520577ec5f575f45d0221cb950f29be399c5480ecfab81fdce4c

Request headers

Referer: https://www.livenewsnow.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 16 Sep 2021 01:06:18 GMT
content-encoding: gzip
status: 200 OK
x-powered-by: 33Across
vary: Accept-Encoding, Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.livenewsnow.com
access-control-allow-credentials: true
alt-svc: clear
via: 1.1 google

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ Frame 1B61 0
63 B 62ms
62ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: hb.brainlyads.com
URL: https://hb.brainlyads.com/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.livenewsnow.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.livenewsnow.com
date: Thu, 16 Sep 2021 01:06:17 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

GET
H3 200 vpaid_adapter.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame F85B 43 KB
15 KB 30ms
16ms Script
text/javascript 172.217.23.106
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/vpaid_adapter.js?adtagurl=https://pubads.g.doubleclick.net/gampad/live/ads%3Fsz%3D640x480%26description_url%3Dhttps%253A%252F%252Fwww.livenewsnow.com%252F%26vpos%3Dpreroll%26iu%3D/90814396/livenewsnow_video%26env%3Dvp%26gdfp_req%3D1%26output%3Dvast%26tfcd%3D0%26npa%3D0%26vpmute%3D0%26vpa%3D0%26type%3Djs%26unviewed_position_start%3D1%26channel%3Dvastadp

Requested by

Host: blank
URL: about:blank

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.23.106 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f106.1e100.net

Software

sffe /

Resource Hash

f0af58c4d93ab7f1762b126718d72bc5e73af0919c3c10b961ec9af1129cbadf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 01:06:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15845
x-xss-protection: 0
last-modified: Mon, 13 Sep 2021 20:30:55 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: public, max-age=900
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-instream-static"
expires: Thu, 16 Sep 2021 01:21:18 GMT

GET
H2 204 p
ic.tynt.com/b/ 0
227 B 110ms
110ms Image
text/plain 208.100.17.186
STEADFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ic.tynt.com/b/p?id=wu!&lm=0&ts=1631754378046&dn=AFWU&iso=0&img=https%3A%2F%2Fwww.livenewsnow.com%2Fwp-content%2Fuploads%2F2014%2F11%2FMSNBC-1.jpg&t=MSNBC%20Live%20Stream%20free%20-%20MSNBC%20News%20Live%20Streaming%20Online
Requested by: Host: www.livenewsnow.com
URL: https://www.livenewsnow.com/featured/msnbc.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 208.100.17.186 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip186.208-100-17.static.steadfastdns.net
Software: nginx/1.16.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.livenewsnow.com/featured/msnbc.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 01:06:18 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
server: nginx/1.16.1
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"

GET
H3 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame F85B 345 KB
118 KB 15ms
15ms Script
text/javascript 172.217.23.106
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/vpaid_adapter.js?adtagurl=https://pubads.g.doubleclick.net/gampad/live/ads%3Fsz%3D640x480%26description_url%3Dhttps%253A%252F%252Fwww.livenewsnow.com%252F%26vpos%3Dpreroll%26iu%3D/90814396/livenewsnow_video%26env%3Dvp%26gdfp_req%3D1%26output%3Dvast%26tfcd%3D0%26npa%3D0%26vpmute%3D0%26vpa%3D0%26type%3Djs%26unviewed_position_start%3D1%26channel%3Dvastadp

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.23.106 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f106.1e100.net

Software

sffe /

Resource Hash

7d63d874aa4977dd2c3d90a67ac741d4928e3ecf85d8f6f05d0f23f9fe90a672

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 01:06:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 121208
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-instream-static"
expires: Thu, 16 Sep 2021 01:06:18 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame F85B 0
20 B 30ms
15ms Ping
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=vpaid_adapter_js&event=init-dv3&vps=0.7363346269558593&wt=1631754378571&sdkv=h.3.480.1&xai=undefined&url=2,https%3A%2F%2Fwww.livenewsnow.com%2Ffeatured%2Fmsnbc.html$0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 16 Sep 2021 01:06:18 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 p
ic.tynt.com/b/ 0
227 B 110ms
109ms Image
text/plain 208.100.17.186
STEADFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ic.tynt.com/b/p?id=wu!&lm=0&ts=1631754378046&dn=AFWU&iso=0&img=https%3A%2F%2Fwww.livenewsnow.com%2Fwp-content%2Fuploads%2F2014%2F11%2FMSNBC-1.jpg
Requested by: Host: www.livenewsnow.com
URL: https://www.livenewsnow.com/featured/msnbc.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 208.100.17.186 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip186.208-100-17.static.steadfastdns.net
Software: nginx/1.16.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.livenewsnow.com/featured/msnbc.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 01:06:18 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
server: nginx/1.16.1
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"

GET
H3 200 bridge3.480.1_en.html Show response
imasdk.googleapis.com/js/core/ Frame 9D3E 575 KB
188 KB 7ms
7ms Document
text/html 172.217.23.106
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.480.1_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.23.106 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f106.1e100.net

Software

sffe /

Resource Hash

0b512e4da1bb261087cb3f73749af7b62bccf8655b68e21b38db19d98e8b73cb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: imasdk.googleapis.com
:scheme: https
:path: /js/core/bridge3.480.1_en.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.livenewsnow.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.livenewsnow.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 192935
date: Fri, 10 Sep 2021 20:43:10 GMT
expires: Sat, 10 Sep 2022 20:43:10 GMT
last-modified: Fri, 10 Sep 2021 20:37:27 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 447788
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 client.js Show response
s0.2mdn.net/instream/video/ Frame F85B 44 KB
17 KB 109ms
16ms Script
text/javascript 142.250.184.230
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f6.1e100.net

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 01:06:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16746
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 16 Sep 2021 01:06:18 GMT

GET
H3 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame A587 36 KB
12 KB 9ms
9ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

sffe /

Resource Hash

a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.livenewsnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 00:50:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 926
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12603
x-xss-protection: 0
last-modified: Mon, 14 Dec 2020 16:45:56 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Thu, 16 Sep 2021 01:50:52 GMT

OPTIONS
H/1.1 204
No Content statistics
report2.hb.brainlyads.com/ Frame 0
0 326ms
101ms Preflight 3.86.21.221
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://report2.hb.brainlyads.com/statistics
Protocol: HTTP/1.1
Server: 3.86.21.221 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-86-21-221.compute-1.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.livenewsnow.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Server: nginx/1.18.0 (Ubuntu)
Date: Thu, 16 Sep 2021 01:06:19 GMT
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *

POST
H/1.1 200
OK statistics Show response
report2.hb.brainlyads.com/ Frame 1B61 0
232 B 415ms
216ms XHR
text/plain 3.86.21.221
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://report2.hb.brainlyads.com/statistics
Requested by: Host: hb.brainlyads.com
URL: https://hb.brainlyads.com/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 3.86.21.221 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-86-21-221.compute-1.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) / Express
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.livenewsnow.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: application/json

Response headers

Access-Control-Allow-Origin: *
Date: Thu, 16 Sep 2021 01:06:19 GMT
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
X-Powered-By: Express
Access-Control-Allow-Headers: *
Transfer-Encoding: chunked

GET
H2 204 p
ic.tynt.com/b/ 0
227 B 110ms
110ms Image
text/plain 208.100.17.186
STEADFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ic.tynt.com/b/p?id=wu!&lm=0&ts=1631754378046&dn=AFWU&iso=0&img=https%3A%2F%2Fwww.livenewsnow.com%2Fwp-content%2Fuploads%2F2014%2F11%2FMSNBC-1.jpg
Requested by: Host: www.livenewsnow.com
URL: https://www.livenewsnow.com/featured/msnbc.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 208.100.17.186 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip186.208-100-17.static.steadfastdns.net
Software: nginx/1.16.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.livenewsnow.com/featured/msnbc.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 01:06:18 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
server: nginx/1.16.1
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"

GET
H2 200 halo_match
ids.ad.gt/api/v1/ 43 B
651 B 203ms
203ms Image
image/gif 52.42.90.222
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ids.ad.gt/api/v1/halo_match?id=70ccee21-fe74-4339-b837-46b1d9a1721f&halo_id=0201r1f1hl07jv2yg08xizqr0bwpa1w0evvljv1k7cm961o8b5po0ntek210qskvk40trr7270wqxik90zq3u2c12pa5j31k0gxf118nmsj91nelrdq1elzfjf1hl5r1i1kkc2jl
Requested by: Host: www.livenewsnow.com
URL: https://www.livenewsnow.com/featured/msnbc.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.42.90.222 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-42-90-222.us-west-2.compute.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.livenewsnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 01:06:18 GMT
cache-control: public, max-age=43200
server: nginx/1.18.0
content-type: image/gif
expires: Thu, 16 Sep 2021 13:06:18 GMT

GET
H2 204 getpixels Show response
pixels.ad.gt/api/v1/ 0
344 B 531ms
169ms Script
text/plain 52.89.213.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pixels.ad.gt/api/v1/getpixels?tagger_id=28cdd937794fb903c6be6ab595351dee&url=https%3A%2F%2Fwww.livenewsnow.com%2Ffeatured%2Fmsnbc.html&code=%27none%27
Requested by: Host: p.ad.gt
URL: https://p.ad.gt/api/v1/p/251
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.89.213.37 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-89-213-37.us-west-2.compute.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.livenewsnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 16 Sep 2021 01:06:19 GMT
server: nginx/1.18.0
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-allow-methods: GET, POST, OPTIONS
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 99 KB
26 KB 21ms
7ms Script
application/x-javascript 157.240.236.1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: p.ad.gt
URL: https://p.ad.gt/api/v1/p/251

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.236.1 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-frx5.fbcdn.net

Software

Resource Hash

335b59e615135313a66319e641cdad6ac3489a600e04d4181c859699bed4babe

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.livenewsnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 25999
x-xss-protection: 0
pragma: public
x-fb-debug: Bm9QfR2C5ADowtUPJ7z5u6/4k247h8V312EWy1ps8LBxvWJEGJJCLVTpVBHh5G2xhAX9+U22bWzeyryCXqvc5Q==
x-fb-trip-id: 917726464
x-frame-options: DENY
date: Thu, 16 Sep 2021 01:06:18 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 ecommerce.js Show response
www.google-analytics.com/plugins/ua/ 1 KB
763 B 7ms
7ms Script
text/javascript 142.250.185.110
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/ecommerce.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f14.1e100.net

Software

sffe /

Resource Hash

8e1b84265e633c043720dd0921476c16bc9f75e393e855c9116ca7c3a847b5c7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.livenewsnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 00:44:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1307
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 738
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Thu, 16 Sep 2021 01:44:31 GMT

GET
H3 200 ec.js Show response
www.google-analytics.com/plugins/ua/ 3 KB
1 KB 6ms
6ms Script
text/javascript 142.250.185.110
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/ec.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f14.1e100.net

Software

sffe /

Resource Hash

058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.livenewsnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 00:20:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2763
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1306
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Thu, 16 Sep 2021 01:20:15 GMT

GET
H2

200

openx
ids.ad.gt/api/v1/
Redirect Chain

https://u.openx.net/w/1.0/cm?id=998eaf06-9905-4eae-9e26-9fac75960c53&r=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fopenx%3Fopenx_id%3D%7BOPENX_ID%7D%26id%3D0201r1f1hl07jv2yg08xizqr0bwpa1w0evvljv1k7cm961o8...
https://ids.ad.gt/api/v1/openx?openx_id=fcb91b9d-445d-03a7-043f-be9a83445e6d&id=0201r1f1hl07jv2yg08xizqr0bwpa1w0evvljv1k7cm961o8b5po0ntek210qskvk40trr7270wqxik90zq3u2c12pa5j31k0gxf118nmsj91nelrdq1e...

43 B
481 B

198ms
198ms

Image
image/gif

52.42.90.222
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ids.ad.gt/api/v1/openx?openx_id=fcb91b9d-445d-03a7-043f-be9a83445e6d&id=0201r1f1hl07jv2yg08xizqr0bwpa1w0evvljv1k7cm961o8b5po0ntek210qskvk40trr7270wqxik90zq3u2c12pa5j31k0gxf118nmsj91nelrdq1elzfjf1hl5r1i1kkc2jl&auid=70ccee21-fe74-4339-b837-46b1d9a1721f
Requested by: Host: www.livenewsnow.com
URL: https://www.livenewsnow.com/featured/msnbc.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.42.90.222 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-42-90-222.us-west-2.compute.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.livenewsnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 01:06:19 GMT
cache-control: public, max-age=43200
server: nginx/1.18.0
content-type: image/gif
expires: Thu, 16 Sep 2021 13:06:18 GMT

Redirect headers

date: Thu, 16 Sep 2021 01:06:18 GMT
content-encoding: gzip
server: OXGW/16.216.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://ids.ad.gt/api/v1/openx?openx_id=fcb91b9d-445d-03a7-043f-be9a83445e6d&id=0201r1f1hl07jv2yg08xizqr0bwpa1w0evvljv1k7cm961o8b5po0ntek210qskvk40trr7270wqxik90zq3u2c12pa5j31k0gxf118nmsj91nelrdq1elzfjf1hl5r1i1kkc2jl&auid=70ccee21-fe74-4339-b837-46b1d9a1721f
content-type: image/gif
alt-svc: clear
content-length: 0
via: 1.1 google

POST
H3 200 collect Show response
www.google-analytics.com/j/ 4 B
24 B 20ms
19ms XHR
text/plain 142.250.185.110
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j93&aip=1&a=766313406&t=pageview&_s=1&dl=https%3A%2F%2Fwww.livenewsnow.com%2Ffeatured%2Fmsnbc.html&ul=en-us&de=UTF-8&dt=MSNBC%20Live%20Stream%20free%20-%20MSNBC%20News%20Live%20Streaming%20Online&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDAAUIZAAAAAC~&jid=204134456&gjid=62588927&cid=1736250168.1631754378&tid=UA-87198801-1&_gid=366847448.1631754378&_r=1&_slc=1&cd1=70ccee21-fe74-4339-b837-46b1d9a1721f&cd2=none&cd3=251&cd4=www.livenewsnow.com&cd5=%2Ffeatured%2Fmsnbc.html&cd6=Passive%20Tagger&cd7=28cdd937794fb903c6be6ab595351dee&z=1810576641

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.110 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.livenewsnow.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 16 Sep 2021 01:06:18 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.livenewsnow.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
stats.g.doubleclick.net/j/ 2 B
23 B 14ms
14ms XHR
text/plain 64.233.167.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j93&tid=UA-87198801-1&cid=1736250168.1631754378&jid=204134456&gjid=62588927&_gid=366847448.1631754378&_u=aGDAAUIZAAAAAC~&z=1611292382

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

64.233.167.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wl-in-f157.1e100.net

Software

Golfe2 /

Resource Hash

6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.livenewsnow.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Thu, 16 Sep 2021 01:06:18 GMT
content-type: text/plain
access-control-allow-origin: https://www.livenewsnow.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 p
ic.tynt.com/b/ 0
227 B 110ms
110ms Image
text/plain 208.100.17.186
STEADFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ic.tynt.com/b/p?id=wu!&lm=0&ts=1631754378046&dn=AFWU&iso=0&img=https%3A%2F%2Fwww.livenewsnow.com%2Fwp-content%2Fuploads%2F2014%2F11%2FMSNBC-1.jpg
Requested by: Host: www.livenewsnow.com
URL: https://www.livenewsnow.com/featured/msnbc.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 208.100.17.186 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip186.208-100-17.static.steadfastdns.net
Software: nginx/1.16.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.livenewsnow.com/featured/msnbc.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 01:06:18 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
server: nginx/1.16.1
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
522 B 40ms
19ms Image
image/gif 142.250.186.132
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j93&tid=UA-87198801-1&cid=1736250168.1631754378&jid=204134456&_u=aGDAAUIZAAAAAC~&z=824657061

Requested by

Host: www.livenewsnow.com
URL: https://www.livenewsnow.com/featured/msnbc.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.livenewsnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Sep 2021 01:06:18 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 1853083501571805 Show response
connect.facebook.net/signals/config/ 308 KB
89 KB 15ms
7ms Script
application/x-javascript 157.240.236.1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1853083501571805?v=2.9.45&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.236.1 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-frx5.fbcdn.net

Software

Resource Hash

b78058a9d11d1c8276e947456b0936d5a4ed2ca6e3f9d530a940711c5ea44656

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.livenewsnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 90816
x-xss-protection: 0
pragma: public
x-fb-debug: IIPmi6yisdsn1LuG50l/GiMLumqIqCDFCwWU8pMJi3OwhqIl1I/Xn0zDKZvAXDWy45BtA+MD8lREa3z0MtXdTA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Thu, 16 Sep 2021 01:06:18 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
313 B 23ms
7ms Image
image/gif 157.240.236.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1853083501571805&ev=PageView&dl=https%3A%2F%2Fwww.livenewsnow.com%2Ffeatured%2Fmsnbc.html&rl=&if=false&ts=1631754379004&cd[partner_id]=251&cd[tagger_id]=28cdd937794fb903c6be6ab595351dee&sw=1600&sh=1200&v=2.9.45&r=stable&ec=0&o=30&fbp=fb.1.1631754379003.1734344748&it=1631754378951&coo=false&tm=1&exp=p0&rqm=GET

Requested by

Host: www.livenewsnow.com
URL: https://www.livenewsnow.com/featured/msnbc.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.236.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-02-frx5.facebook.com

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.livenewsnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 01:06:19 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Thu, 16 Sep 2021 01:06:19 GMT

GET
H2 204 p
ic.tynt.com/b/ 0
227 B 110ms
109ms Image
text/plain 208.100.17.186
STEADFAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ic.tynt.com/b/p?id=wu!&lm=0&ts=1631754378046&dn=AFWU&iso=0
Requested by: Host: www.livenewsnow.com
URL: https://www.livenewsnow.com/featured/msnbc.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 208.100.17.186 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip186.208-100-17.static.steadfastdns.net
Software: nginx/1.16.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.livenewsnow.com/featured/msnbc.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 01:06:19 GMT
cache-control: "no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
expires: "Sat, 26 Jul 1997 05:00:00 GMT"
server: nginx/1.16.1
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"

GET
H3 303 ads Show response
pagead2.googlesyndication.com/gampad/live/ Frame 9D3E 136 B
167 B 80ms
66ms XHR
text/html 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/gampad/live/ads?sz=640x480&description_url=https%3A%2F%2Fwww.livenewsnow.com%2F&vpos=preroll&iu=%2F90814396%2Flivenewsnow_video&env=vp&gdfp_req=1&output=xml_vast4&tfcd=0&npa=0&vpmute=0&vpa=0&type=js&unviewed_position_start=1&channel=vastadp%2Bvpaidadp_html5&sdkv=h.3.480.1%2Fvpaid_adapter&osd=2&frm=1&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&u_so=l&ctv=0&gdpr=1&gdpr_consent=tcunavailable&sdki=44d&adk=882656546&sdk_apis=2%2C8&sid=07039DB8-7C26-4AD6-8B83-B9ED545C24E4&eid=44741233&url=https%3A%2F%2Fwww.livenewsnow.com%2Ffeatured%2Fmsnbc.html&dlt=1631754378514&idt=290&dt=1631754379226&correlator=1690711234859231&scor=727956928238283&ged=ve4_td0_tt0_pd0_la0_er0.0.0.0_vi0.0.1200.1600_vp0_eb16491

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.480.1_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

ltt /

Resource Hash

106b39f48e91ecd4e58145357095e1014ceba98a7b71c81e2a9388a36be77732

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 01:06:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 139
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: ltt
google-creative-id: -2
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 i Show response
vid-io-dub.springserve.com/vd/ Frame 5BCE 0
120 B 125ms
33ms XHR
text/plain 52.31.202.1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vid-io-dub.springserve.com/vd/i?suuid=307563ba&ps_id=360163&batch=1
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_44854a27.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.31.202.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-31-202-1.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.livenewsnow.com
date: Thu, 16 Sep 2021 01:06:19 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0

GET
H2 200 optimus_rules.json Show response
tags.crwdcntrl.net/lt/c/3825/ 4 KB
1 KB 26ms
9ms XHR
application/json 13.225.78.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/3825/optimus_rules.json
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/3825/lt.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-37.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9933d7066a22669cd5d48d0051aa5f2d7ea91bad0a9223f3d7884e93c3ca8a28

Request headers

Referer: https://www.livenewsnow.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 15 Sep 2021 13:12:12 GMT
content-encoding: gzip
age: 42848
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
access-control-allow-origin: *
last-modified: Tue, 16 Mar 2021 13:30:17 GMT
server: AmazonS3
etag: W/"6db43f44304c37d76768275ee4f01ba4"
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET
content-type: application/json
via: 1.1 ec9e3bc729d9c6d55ed32446408ad62f.cloudfront.net (CloudFront)
cache-control: max-age: 86400
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: 4DmcIov_a9ihtBC9VRrVirvFbsnFaFulX38GX90Nnaq33Ri8vh1gyg==

POST
H2 200 data Show response
bcp.crwdcntrl.net/6/ 614 B
1 KB 173ms
88ms XHR
application/json 52.30.140.199
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/6/data
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/3825/lt.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.30.140.199 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-30-140-199.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: a8d48b65657576ec82daae22e7b309cc1bb8ff1ffc16144dd40d961f34eb3418

Request headers

Referer: https://www.livenewsnow.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 16 Sep 2021 01:06:19 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://www.livenewsnow.com
cache-control: no-cache
x-server: 10.45.18.52
access-control-allow-credentials: true
content-type: application/json;charset=utf-8
content-length: 614
expires: 0

POST
H3 200 / Show response
www.facebook.com/tr/ Frame 6D92 0
18 B 16ms
7ms Document
text/plain 157.240.236.35
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.236.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-02-frx5.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

:method: POST
:authority: www.facebook.com
:scheme: https
:path: /tr/
content-length: 7355
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
origin: https://www.livenewsnow.com
content-type: application/x-www-form-urlencoded
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.livenewsnow.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
Origin: https://www.livenewsnow.com
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.livenewsnow.com/

Response headers

content-type: text/plain
access-control-allow-origin: https://www.livenewsnow.com
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i
date: Thu, 16 Sep 2021 01:06:19 GMT

GET
H2 200 / Show response
hb.brainlyads.com/json-parts/2501/ Frame 5DA3 5 KB
2 KB 96ms
96ms XHR
application/json 23.20.158.212
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://hb.brainlyads.com/json-parts/2501/?ver=1.0&pageId=1164287288&sizes=[]&winbidder=&keyValues=[[%22refresh%22,0],[%22url%22,%22https://www.livenewsnow.com/featured/msnbc.html%22],[%22referrerCategory%22,%22Direct%22]]

Requested by

Host: www.livenewsnow.com
URL: https://www.livenewsnow.com/featured/msnbc.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

23.20.158.212 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-23-20-158-212.compute-1.amazonaws.com

Software

nginx/1.10.3 (Ubuntu) / Express

Resource Hash

e79a3bdfa4bde87adecda8e17365b890fe3d0bfbf720b7c13a69dee01e7f8461

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.livenewsnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 01:06:19 GMT
content-encoding: gzip
etag: W/"1246-jRl2/Rnm/gdyj3OP4gNPFN063gI"
server: nginx/1.10.3 (Ubuntu)
x-powered-by: Express
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-headers: *

POST
H2 200 a
a.dtssrv.com/ 0
556 B 175ms
123ms Ping
text/html 104.21.78.98
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.dtssrv.com/a?i=4C301631754377FF67FF8E3C8919DF42&k=lotpano&v=220c0c1b8a16f32de1156ea2a1cd4945a702dccd90320c7b6a4e8b43af9163d5
Requested by: Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fwww.livenewsnow.com%2Ffeatured%2Fmsnbc.html&j=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.78.98 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.livenewsnow.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Thu, 16 Sep 2021 01:06:19 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NvOsk7IOQX1EjbBpARSgq2qBNQbDU31dj9Sg7p8Xu1ChxaIpxts%2B5Z9mzLdX7RXsKmk6RN7Z450EpGdloLal43nO1UilIkhxP0wqpVzoLq%2B5DtDF7ZrKPbIXDtZufow%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
cf-ray: 68f631093a40410d-PRG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 lt.iframe.html Show response
tags.crwdcntrl.net/lt/shared/2/ Frame 0D6B 2 KB
1 KB 7ms
7ms Document
text/html 13.225.78.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/shared/2/lt.iframe.html?c=3825
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/3825/lt.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-37.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 63cf7a38baaaaebc012cfc355797544949b60c040b5da57560f26d88502d1372

Request headers

:method: GET
:authority: tags.crwdcntrl.net
:scheme: https
:path: /lt/shared/2/lt.iframe.html?c=3825
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.livenewsnow.com/
accept-encoding: gzip, deflate, br
cookie: _cc_dc=1; _cc_id=a6518660381342d9cc7ba26db469039e; _cc_cc="ACZ4XmNQSDQzNbQwMzMwtjA0NjFKsUxONk9KNDJLSTIxszQwtkxlAIJEpxndIBoCeGffvSDL%2BFGW4T8jI8PxTVNYYOyPny1hzGeL58CFl%2F8phKs%2BeogZxt6977IAjP2h4T6cfRhJ6%2FQT6jAl75YgTFyz4Sk3TLxz8kktGBsAV3RA7g%3D%3D"; _cc_aud="ABR4XmNgYGBIdJrRDaQggJmBYVErmMk1A0QyPqwHkgBeLwT0"
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.livenewsnow.com/

Response headers

content-type: text/html
last-modified: Mon, 01 Feb 2021 20:35:17 GMT
x-amz-server-side-encryption: AES256
server: AmazonS3
content-encoding: gzip
date: Wed, 15 Sep 2021 17:42:49 GMT
cache-control: max-age: 86400
etag: W/"6fcf4f5197ab24c92d090f6ac8d87e01"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 e5b93012e2bfb81dc9846f43efd610a6.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: 89ET_syFz6zhpJY2RSwXyrBYaikXQbgqPKh6WyQEhUKLYFSXdxy9ZA==
age: 26611

GET
H2 200 pixels Show response
bcp.crwdcntrl.net/ Frame 907C 4 KB
4 KB 30ms
30ms Document
text/html 52.30.140.199
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/pixels?s=135%2C116%2C108%2C106%2C104%2C100%2C94%2C81%2C80%2C79%2C78%2C61%2C50%2C49%2C42%2C38%2C33%2C26%2C22%2C12%2C8%2C3%2C2&c=3825
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/shared/2/lt.iframe.html?c=3825
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.30.140.199 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-30-140-199.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 7f333f23fbd951f2f6ce57bf170e78ac90cd269f4b77d7ad2fcf692f8baea12f

Request headers

:method: GET
:authority: bcp.crwdcntrl.net
:scheme: https
:path: /pixels?s=135%2C116%2C108%2C106%2C104%2C100%2C94%2C81%2C80%2C79%2C78%2C61%2C50%2C49%2C42%2C38%2C33%2C26%2C22%2C12%2C8%2C3%2C2&c=3825
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://tags.crwdcntrl.net/
accept-encoding: gzip, deflate, br
cookie: _cc_dc=1; _cc_id=a6518660381342d9cc7ba26db469039e; _cc_cc="ACZ4XmNQSDQzNbQwMzMwtjA0NjFKsUxONk9KNDJLSTIxszQwtkxlAIJEpxndIBoCeGffvSDL%2BFGW4T8jI8PxTVNYYOyPny1hzGeL58CFl%2F8phKs%2BeogZxt6977IAjP2h4T6cfRhJ6%2FQT6jAl75YgTFyz4Sk3TLxz8kktGBsAV3RA7g%3D%3D"; _cc_aud="ABR4XmNgYGBIdJrRDaQggJmBYVErmMk1A0QyPqwHkgBeLwT0"
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://tags.crwdcntrl.net/

Response headers

date: Thu, 16 Sep 2021 01:06:19 GMT
content-type: text/html
content-length: 3746
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
cache-control: no-cache
pragma: no-cache
expires: 0
x-server: 10.45.22.238
server: Jetty(9.4.38.v20210224)

GET
H3 200 gpt.js Show response
www.googletagservices.com/tag/js/ Frame 3823 71 KB
24 KB 23ms
22ms Script
text/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: hb.brainlyads.com
URL: https://hb.brainlyads.com/pbjs_wrapper.v1.0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

sffe /

Resource Hash

ee417620a9b6c3e4301acb479edc4245d2c3f5f24c086bc14a6019ef7234eb0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.livenewsnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 01:06:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "988 / 388 of 1000 / last-modified: 1631750564"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25013
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 16 Sep 2021 01:06:19 GMT

GET 9.gif
id5-sync.com/s/19/ Frame 907C 0
0

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame 907C 70 B
264 B 30ms
30ms Image
image/gif 76.223.111.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=lotame&ttd_tpi=1&gdpr=1
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=135%2C116%2C108%2C106%2C104%2C100%2C94%2C81%2C80%2C79%2C78%2C61%2C50%2C49%2C42%2C38%2C33%2C26%2C22%2C12%2C8%2C3%2C2&c=3825
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 76.223.111.131 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a97adde81b00f2ca4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Sep 2021 01:06:19 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 200 cm
trc.taboola.com/sg/lotame/1/ Frame 907C 43 B
229 B 52ms
14ms Image
image/gif 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/sg/lotame/1/cm
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=135%2C116%2C108%2C106%2C104%2C100%2C94%2C81%2C80%2C79%2C78%2C61%2C50%2C49%2C42%2C38%2C33%2C26%2C22%2C12%2C8%2C3%2C2&c=3825
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 0d9762a1a60deef8aa093c473ad27c38eed77184d6940e7df06d89d77cbd3e94

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-vcl-time-ms: 8
pragma: no-cache
date: Thu, 16 Sep 2021 01:06:19 GMT
via: 1.1 varnish
server: nginx
x-timer: S1631754380.770757,VS0,VE8
x-served-by: cache-hhn4059-HHN
x-cache: MISS
cache-control: no-cache, no-store
accept-ranges: bytes
x-cache-hits: 0

GET
H2

200

tpid=85760efe-d417-473a-9c21-65c28eaa8ada
sync.crwdcntrl.net/map/c=10158/tp=TPAD/ Frame 907C
Redirect Chain

https://pixel.tapad.com/idsync/ex/receive?partner_id=LOTAME&partner_device_id=a6518660381342d9cc7ba26db469039e&gdpr=1&partner_url=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D10158%2Ftp%3DTPAD%2Ftp...
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=LOTAME&partner_device_id=a6518660381342d9cc7ba26db469039e&gdpr=1&partner_url=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D10158%2Ftp%3DTPA...
https://sync.crwdcntrl.net/map/c=10158/tp=TPAD/tpid=85760efe-d417-473a-9c21-65c28eaa8ada

49 B
265 B

56ms
33ms

Image
image/gif

52.30.140.199
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/map/c=10158/tp=TPAD/tpid=85760efe-d417-473a-9c21-65c28eaa8ada
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=135%2C116%2C108%2C106%2C104%2C100%2C94%2C81%2C80%2C79%2C78%2C61%2C50%2C49%2C42%2C38%2C33%2C26%2C22%2C12%2C8%2C3%2C2&c=3825
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.30.140.199 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-30-140-199.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Sep 2021 01:06:19 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.45.30.102
content-type: image/gif
content-length: 49
expires: 0

Redirect headers

location: https://sync.crwdcntrl.net/map/c=10158/tp=TPAD/tpid=85760efe-d417-473a-9c21-65c28eaa8ada
date: Thu, 16 Sep 2021 01:06:19 GMT
via: 1.1 google
alt-svc: clear
content-length: 0
strict-transport-security: max-age=31536000
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

GET
H2 403 sync.gif
dmp.truoptik.com/f2d2e39fc16bc9cc/ Frame 907C 0
0 83ms
22ms Image
text/html 104.16.92.60
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dmp.truoptik.com/f2d2e39fc16bc9cc/sync.gif?cbp=tpid&cbk=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D10832%2Ftp%3DTRUP
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=135%2C116%2C108%2C106%2C104%2C100%2C94%2C81%2C80%2C79%2C78%2C61%2C50%2C49%2C42%2C38%2C33%2C26%2C22%2C12%2C8%2C3%2C2&c=3825
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.92.60 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

GET
H2

204

/
loadm.exelator.com/load/ Frame 907C
Redirect Chain

https://loadm.exelator.com/load/?p=204&g=260&buid=a6518660381342d9cc7ba26db469039e&j=0
https://loadm.exelator.com/load/?p=204&g=260&buid=a6518660381342d9cc7ba26db469039e&j=0&xl8blockcheck=1

0
608 B

30ms
30ms

Image
text/plain

34.254.143.3
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://loadm.exelator.com/load/?p=204&g=260&buid=a6518660381342d9cc7ba26db469039e&j=0&xl8blockcheck=1
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=135%2C116%2C108%2C106%2C104%2C100%2C94%2C81%2C80%2C79%2C78%2C61%2C50%2C49%2C42%2C38%2C33%2C26%2C22%2C12%2C8%2C3%2C2&c=3825
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.254.143.3 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-254-143-3.eu-west-1.compute.amazonaws.com
Software: nginx / Undertow/1
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 01:06:19 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
x-powered-by: Undertow/1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA

Redirect headers

date: Thu, 16 Sep 2021 01:06:19 GMT
server: nginx
x-powered-by: Undertow/1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
location: https://loadm.exelator.com/load/?p=204&g=260&buid=a6518660381342d9cc7ba26db469039e&j=0&xl8blockcheck=1
cache-control: no-cache
access-control-allow-credentials: true
content-type: image/gif
content-length: 0

GET
H2

200

tpid=12801312672269143362195994664252593672
sync.crwdcntrl.net/map/c=9828/tp=ADBE/ Frame 907C
Redirect Chain

https://dpm.demdex.net/ibs:dpid=121998&dpuuid=a6518660381342d9cc7ba26db469039e&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D9828%2Ftp%3DADBE%2Ftpid%3D%24%7BDD_UUID%7D
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=121998&dpuuid=a6518660381342d9cc7ba26db469039e&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D9828%2Ftp%3DADBE%2Ftpid%3D%24%7BDD_UUID%7D
https://sync.crwdcntrl.net/map/c=9828/tp=ADBE/tpid=12801312672269143362195994664252593672

49 B
265 B

37ms
36ms

Image
image/gif

52.30.140.199
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/map/c=9828/tp=ADBE/tpid=12801312672269143362195994664252593672
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=135%2C116%2C108%2C106%2C104%2C100%2C94%2C81%2C80%2C79%2C78%2C61%2C50%2C49%2C42%2C38%2C33%2C26%2C22%2C12%2C8%2C3%2C2&c=3825
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.30.140.199 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-30-140-199.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Sep 2021 01:06:19 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.45.22.238
content-type: image/gif
content-length: 49
expires: 0

Redirect headers

DCS: dcs-prod-irl1-2-v016-0885d7ceb.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: noCBJeE0SzY=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://sync.crwdcntrl.net/map/c=9828/tp=ADBE/tpid=12801312672269143362195994664252593672
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H/1.1 200
OK lotame
sync.sharethis.com/ Frame 907C 42 B
167 B 82ms
8ms Image
image/gif 18.198.109.212
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.sharethis.com/lotame?uid=a6518660381342d9cc7ba26db469039e&gdpr=1
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=135%2C116%2C108%2C106%2C104%2C100%2C94%2C81%2C80%2C79%2C78%2C61%2C50%2C49%2C42%2C38%2C33%2C26%2C22%2C12%2C8%2C3%2C2&c=3825
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.198.109.212 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-198-109-212.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Thu, 16 Sep 2021 01:06:19 GMT
Connection: keep-alive
Content-Length: 42
Content-Type: image/gif

GET
H2 204 usermatch.gif
beacon.krxd.net/ Frame 907C 0
338 B 131ms
33ms Image
text/plain 54.72.203.75
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?partner=lotame&partner_uid=a6518660381342d9cc7ba26db469039e
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=135%2C116%2C108%2C106%2C104%2C100%2C94%2C81%2C80%2C79%2C78%2C61%2C50%2C49%2C42%2C38%2C33%2C26%2C22%2C12%2C8%2C3%2C2&c=3825
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.72.203.75 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-72-203-75.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 01:06:19 GMT
cache-control: private, no-cache, no-store
x-request-time: D=36 t=1631754379
x-served-by: beacon-n021-dub-prod.krxd.net
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2

451

420246.gif
idsync.rlcdn.com/ Frame 907C
Redirect Chain

https://aorta.clickagy.com/pixel.gif?ch=120&cm=a6518660381342d9cc7ba26db469039e
https://idsync.rlcdn.com/420246.gif?partner_uid=c:939206e7a9a68c0dc2a8b2cdebb0b624

0
66 B

65ms
22ms

Image
text/plain

35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/420246.gif?partner_uid=c:939206e7a9a68c0dc2a8b2cdebb0b624
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=135%2C116%2C108%2C106%2C104%2C100%2C94%2C81%2C80%2C79%2C78%2C61%2C50%2C49%2C42%2C38%2C33%2C26%2C22%2C12%2C8%2C3%2C2&c=3825
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 01:06:20 GMT
via: 1.1 google
alt-svc: clear
content-length: 0

Redirect headers

date: Thu, 16 Sep 2021 01:06:20 GMT
server: Aorta/20210715-1901da7
access-control-allow-origin
access-control-max-age: 31536000
access-control-allow-methods: POST, GET, OPTIONS
Content-Type: application/json
Location: https://idsync.rlcdn.com/420246.gif?partner_uid=c:939206e7a9a68c0dc2a8b2cdebb0b624
access-control-expose-headers: Set-Cookie
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
X-Aorta-Region: us-east-1
Connection: keep-alive
X-Aorta-Host: ip-10-42-23-84.ec2.internal
access-control-allow-headers: Origin,cache-control,content-type,man,messagetype,soapaction
Content-Length: 0

GET
H/1.1

200
OK

image.sbxx
ib.mookie1.com/ Frame 907C
Redirect Chain

https://global.ib-ibi.com/image.sbxx?go=262106&pid=420&xid=a6518660381342d9cc7ba26db469039e
https://ib.mookie1.com/image.sbxx?go=262106&pid=420&xid=a6518660381342d9cc7ba26db469039e

120 B
992 B

890ms
175ms

Image
image/png

64.58.232.177
ASN-VINS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ib.mookie1.com/image.sbxx?go=262106&pid=420&xid=a6518660381342d9cc7ba26db469039e
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=135%2C116%2C108%2C106%2C104%2C100%2C94%2C81%2C80%2C79%2C78%2C61%2C50%2C49%2C42%2C38%2C33%2C26%2C22%2C12%2C8%2C3%2C2&c=3825
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 64.58.232.177 , United States, ASN13649 (ASN-VINS, US),
Reverse DNS: be31-199.crrt01.las04.flexential.net
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 42b601bc0d93dfca6e350b46d113bf8e7ff9e40a87a0c57ab9b3c9c219062423

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 16 Sep 2021 01:06:21 GMT
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
p3p: CP=\"DSP COR ADM DEV PSA PSD OUR\", CP="DSP COR ADM DEV PSA PSD OUR"
Access-Control-Allow-Origin: *
Cache-Control: no-cache
X-Server: LAS12
Content-Type: image/png
Content-Length: 120
Expires: -1

Redirect headers

Date: Thu, 16 Sep 2021 01:06:20 GMT
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Location: https://ib.mookie1.com:443/image.sbxx?go=262106&pid=420&xid=a6518660381342d9cc7ba26db469039e
p3p: CP="DSP COR ADM DEV PSA PSD OUR"
Access-Control-Allow-Origin: *
Cache-Control: private
X-Server: LAS06
Content-Type: text/html; charset=utf-8
Content-Length: 217

GET
H/1.1 200
OK utsync.ashx
ml314.com/ Frame 907C 43 B
422 B 148ms
31ms Image
image/gif 52.211.195.119
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ml314.com/utsync.ashx?eid=50146&et=0&fp=a6518660381342d9cc7ba26db469039e&gdpr=1
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=135%2C116%2C108%2C106%2C104%2C100%2C94%2C81%2C80%2C79%2C78%2C61%2C50%2C49%2C42%2C38%2C33%2C26%2C22%2C12%2C8%2C3%2C2&c=3825
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.211.195.119 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-211-195-119.eu-west-1.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 16 Sep 2021 01:06:19 GMT
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
p3P: CP="NON DSP COR ADMo PSAo DEVo BUS COM UNI NAV DEM STA"
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: 0,Thu, 16 Sep 2021 21:06:19 GMT

GET
H2

200

tpid=35477bd3-6534-4495-8735-5a3a4edf26f1
bcp.crwdcntrl.net/map/c=6584/tp=VIDO/ Frame 907C
Redirect Chain

https://sync.tidaltv.com/GenericUserSync.ashx?dpid=1695
https://sync.tidaltv.com/genericusersync.ashx?dpid=1695&s_h=1
https://bcp.crwdcntrl.net/map/c=6584/tp=VIDO/tpid=35477bd3-6534-4495-8735-5a3a4edf26f1?gdpr=1&gdpr_consent=

49 B
264 B

33ms
33ms

Image
image/gif

52.30.140.199
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bcp.crwdcntrl.net/map/c=6584/tp=VIDO/tpid=35477bd3-6534-4495-8735-5a3a4edf26f1?gdpr=1&gdpr_consent=
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=135%2C116%2C108%2C106%2C104%2C100%2C94%2C81%2C80%2C79%2C78%2C61%2C50%2C49%2C42%2C38%2C33%2C26%2C22%2C12%2C8%2C3%2C2&c=3825
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.30.140.199 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-30-140-199.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Sep 2021 01:06:20 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.45.8.64
content-type: image/gif
content-length: 49
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 16 Sep 2021 01:06:19 GMT
server: Apache-Coyote/1.1
location: https://bcp.crwdcntrl.net/map/c=6584/tp=VIDO/tpid=35477bd3-6534-4495-8735-5a3a4edf26f1?gdpr=1&gdpr_consent=
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0
x-xss-protection: 1; mode=block
expires: 0

GET
H/1.1

200
OK

match
ps.eyeota.net/ Frame 907C
Redirect Chain

https://ps.eyeota.net/match?bid=51mdg9u&uid=a6518660381342d9cc7ba26db469039e
https://ps.eyeota.net/match/bounce/?bid=51mdg9u&uid=a6518660381342d9cc7ba26db469039e
https://cm.g.doubleclick.net/pixel?google_nid=eye&google_cm&google_sc&google_hm=MnBpZEVOX0FiVlJVR3FYbGNSMW9JZXFIaEVGSDd6ajJJUzJSWHVidktVUHc&gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&dc_rc=1&...
https://cm.g.doubleclick.net/pixel?google_nid=eye&google_cm=&google_sc=&google_hm=MnBpZEVOX0FiVlJVR3FYbGNSMW9JZXFIaEVGSDd6ajJJUzJSWHVidktVUHc&gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&dc_rc=...
https://ps.eyeota.net/match?gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&dc_rc=1&dc_mr=5&dc_orig=51mdg9u&google_gid=CAESEDPiU-J55iqm_WDNc7VcFdQ&google_cver=1
https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMjg0NTA1NDYvdC8w/url/https://ps.eyeota.net/match?bid=1mpjpn0&turn_id=$!{TURN_UUID}&newuser=1&dc_rc=2&dc_mr=5&dc_orig=51mdg9u&
https://ps.eyeota.net/match?bid=1mpjpn0&turn_id=7985646615991233108&newuser=1&dc_rc=2&dc_mr=5&dc_orig=51mdg9u&
https://sync.mathtag.com/sync/img?mt_exid=10015&redir=https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fbid%3D7vi0rg0%26uid%3D%5BMM_UUID%5D%26dc_rc%3D3%26dc_mr%3D5%26dc_orig%3D51mdg9u%26
https://ps.eyeota.net/match?bid=7vi0rg0&uid=ce896142-988a-4000-9d86-8d6e6bdc91b4&dc_rc=3&dc_mr=5&dc_orig=51mdg9u&
https://sync-tm.everesttech.net/upi/pid/lons7jax?redir=https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fuid%3D%24%7BTM_USER_ID%7D%26bid%3D0rijhbu%26dc_rc%3D4%26dc_mr%3D5%26dc_orig%3D51mdg9u%26
https://sync-tm.everesttech.net/ct/upi/pid/lons7jax?redir=https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fuid%3D%24%7BTM_USER_ID%7D%26bid%3D0rijhbu%26dc_rc%3D4%26dc_mr%3D5%26dc_orig%3D51mdg9u%26&_test=YUKYjA...
https://ps.eyeota.net/match?uid=YUKYjAAAAd6mgQAR&bid=0rijhbu&dc_rc=4&dc_mr=5&dc_orig=51mdg9u&&_test=YUKYjAAAAd6mgQAR
https://match.adsrvr.org/track/cmf/generic?ttd_pid=eyeota&ttd_tpi=1
https://ps.eyeota.net/match?uid=a15bdabb-c3aa-4c50-8f55-12df19c523a9&bid=1e2n4ou

70 B
440 B

8ms
8ms

Image
image/gif

3.125.70.222
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ps.eyeota.net/match?uid=a15bdabb-c3aa-4c50-8f55-12df19c523a9&bid=1e2n4ou
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=135%2C116%2C108%2C106%2C104%2C100%2C94%2C81%2C80%2C79%2C78%2C61%2C50%2C49%2C42%2C38%2C33%2C26%2C22%2C12%2C8%2C3%2C2&c=3825
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 3.125.70.222 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-125-70-222.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Thu, 16 Sep 2021 01:06:20 GMT
Content-Type: image/gif
Content-Length: 70
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

pragma: no-cache
date: Thu, 16 Sep 2021 01:06:20 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://ps.eyeota.net/match?uid=a15bdabb-c3aa-4c50-8f55-12df19c523a9&bid=1e2n4ou
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 191

GET
H/1.1 200
OK bridge
cm.adgrx.com/ Frame 907C 43 B
408 B 86ms
13ms Image
image/gif 173.231.180.197
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.adgrx.com/bridge?AG_SETCOOKIE&AG_PID=lotame&AG_REDIR=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D363%2Ftp%3DADGR%2Ftpid%3D__AG_UID__
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=135%2C116%2C108%2C106%2C104%2C100%2C94%2C81%2C80%2C79%2C78%2C61%2C50%2C49%2C42%2C38%2C33%2C26%2C22%2C12%2C8%2C3%2C2&c=3825
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 173.231.180.197 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: Cowboy /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 16 Sep 2021 01:06:19 GMT
server: Cowboy
P3P: CP="NOI OTC OTP OUR NOR"
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate, proxy-revalidate
Connection: keep-alive
Content-Type: image/gif
X-RealServer-NX: ams-delivery-1
Content-Length: 43
Expires: Thu, 23 Sep 2004 17:42:04 GMT

GET
H2

200

qmap
sync.crwdcntrl.net/ Frame 907C
Redirect Chain

https://sync.mathtag.com/sync/img?sync=auto&mt_exid=10040&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fqmap%3Fc%3D4735%26tp%3DMDMA%26tpid%3D%5BMM_UUID%5D
https://sync.crwdcntrl.net/qmap?c=4735&tp=MDMA&tpid=ce896142-988a-4000-9d86-8d6e6bdc91b4

49 B
264 B

33ms
33ms

Image
image/gif

52.30.140.199
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/qmap?c=4735&tp=MDMA&tpid=ce896142-988a-4000-9d86-8d6e6bdc91b4
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=135%2C116%2C108%2C106%2C104%2C100%2C94%2C81%2C80%2C79%2C78%2C61%2C50%2C49%2C42%2C38%2C33%2C26%2C22%2C12%2C8%2C3%2C2&c=3825
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.30.140.199 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-30-140-199.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Sep 2021 01:06:19 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.45.18.52
content-type: image/gif
content-length: 49
expires: 0

Redirect headers

Date: Thu, 16 Sep 2021 01:06:19 GMT
Server: MT3 3944 2bcb57b master cdg-pixel-x27 config:1.0.0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://sync.crwdcntrl.net/qmap?c=4735&tp=MDMA&tpid=ce896142-988a-4000-9d86-8d6e6bdc91b4
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Thu, 16 Sep 2021 01:06:18 GMT

GET
H2

200

tpid=43bcc6b3-411d-4b94-8564-060c209c8e09-6142988c-5553
sync.crwdcntrl.net/map/c=1389/tp=STSC/ Frame 907C
Redirect Chain

https://pixel-sync.sitescout.com/connectors/lotame/usersync?redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1389%2Ftp%3DSTSC%2Ftpid%3D%24UUID
https://pixel-sync.sitescout.com/connectors/lotame/usersync?cookieQ=1&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1389%2Ftp%3DSTSC%2Ftpid%3D%24UUID
https://sync.crwdcntrl.net/map/c=1389/tp=STSC/tpid=43bcc6b3-411d-4b94-8564-060c209c8e09-6142988c-5553

49 B
264 B

33ms
33ms

Image
image/gif

52.30.140.199
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/map/c=1389/tp=STSC/tpid=43bcc6b3-411d-4b94-8564-060c209c8e09-6142988c-5553
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=135%2C116%2C108%2C106%2C104%2C100%2C94%2C81%2C80%2C79%2C78%2C61%2C50%2C49%2C42%2C38%2C33%2C26%2C22%2C12%2C8%2C3%2C2&c=3825
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.30.140.199 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-30-140-199.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Sep 2021 01:06:20 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.45.18.52
content-type: image/gif
content-length: 49
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 16 Sep 2021 01:06:19 GMT
server: AC1.1
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location: https://sync.crwdcntrl.net/map/c=1389/tp=STSC/tpid=43bcc6b3-411d-4b94-8564-060c209c8e09-6142988c-5553
cache-control: max-age=0,no-cache,no-store
content-length: 0
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H2

200

tpid=YUKYjAAAAlArAgA6&_test=YUKYjAAAAlArAgA6
sync.crwdcntrl.net/map/c=1811/tp=TBMG/ Frame 907C
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/bsTd8NdE?redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1811%2Ftp%3DTBMG%2Ftpid%3D%24%7BTM_USER_ID%7D
https://sync-tm.everesttech.net/ct/upi/pid/bsTd8NdE?redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1811%2Ftp%3DTBMG%2Ftpid%3D%24%7BTM_USER_ID%7D&_test=YUKYjAAAAlArAgA6
https://sync.crwdcntrl.net/map/c=1811/tp=TBMG/tpid=YUKYjAAAAlArAgA6&_test=YUKYjAAAAlArAgA6

49 B
264 B

38ms
38ms

Image
image/gif

52.30.140.199
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/map/c=1811/tp=TBMG/tpid=YUKYjAAAAlArAgA6&_test=YUKYjAAAAlArAgA6
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=135%2C116%2C108%2C106%2C104%2C100%2C94%2C81%2C80%2C79%2C78%2C61%2C50%2C49%2C42%2C38%2C33%2C26%2C22%2C12%2C8%2C3%2C2&c=3825
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.30.140.199 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-30-140-199.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Sep 2021 01:06:20 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.45.1.148
content-type: image/gif
content-length: 49
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 16 Sep 2021 01:06:20 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1631754380.092564,VS0,VE0
x-served-by: cache-fra19140-FRA
x-cache: HIT
location: https://sync.crwdcntrl.net/map/c=1811/tp=TBMG/tpid=YUKYjAAAAlArAgA6&_test=YUKYjAAAAlArAgA6
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H2

204

/
bcp.crwdcntrl.net/gmap/ Frame 907C
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=lotame_dmp&google_hm=${base64_profileid}
https://cm.g.doubleclick.net/pixel?google_nid=lotame_dmp&google_hm=${base64_profileid}&google_tc=
https://bcp.crwdcntrl.net/gmap/?tp=GDMP&google_error=3

0
134 B

30ms
29ms

Image
text/plain

52.30.140.199
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bcp.crwdcntrl.net/gmap/?tp=GDMP&google_error=3
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=135%2C116%2C108%2C106%2C104%2C100%2C94%2C81%2C80%2C79%2C78%2C61%2C50%2C49%2C42%2C38%2C33%2C26%2C22%2C12%2C8%2C3%2C2&c=3825
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.30.140.199 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-30-140-199.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Sep 2021 01:06:19 GMT
x-server: 10.45.1.148
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV

Redirect headers

pragma: no-cache
date: Thu, 16 Sep 2021 01:06:19 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://bcp.crwdcntrl.net/gmap/?tp=GDMP&google_error=3
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 255
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK 5907
tags.bluekai.com/site/ Frame 907C 62 B
304 B 171ms
171ms Image
image/gif 104.118.220.232
COGENT-174

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.bluekai.com/site/5907?limit=0&id=8da176be3d236ef2bbf5d45bd02f4f21
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=135%2C116%2C108%2C106%2C104%2C100%2C94%2C81%2C80%2C79%2C78%2C61%2C50%2C49%2C42%2C38%2C33%2C26%2C22%2C12%2C8%2C3%2C2&c=3825
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.118.220.232 Atlanta, United States, ASN174 (COGENT-174, US),
Reverse DNS: a104-118-220-232.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Thu, 16 Sep 2021 01:06:20 GMT
Connection: keep-alive
P3P: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
Content-Length: 62
Content-Type: image/gif

GET
H2 200 g.json Show response
aa.agkn.com/adscores/ Frame 907C 103 B
412 B 65ms
7ms Script
application/json 3.127.52.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aa.agkn.com/adscores/g.json?sid=9202507693
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=135%2C116%2C108%2C106%2C104%2C100%2C94%2C81%2C80%2C79%2C78%2C61%2C50%2C49%2C42%2C38%2C33%2C26%2C22%2C12%2C8%2C3%2C2&c=3825
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.127.52.31 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-127-52-31.eu-central-1.compute.amazonaws.com
Software: AAWebServer /
Resource Hash: e1ce17fd79478fbb0830c687ff4046c86993acb5fd14fc35b4fd29bed00ce94a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Sep 2021 01:06:19 GMT
server: AAWebServer
p3p: policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
cache-control: no-cache, no-store, must-revalidate
content-type: application/json
content-length: 103
expires: 0

GET
H2

200

tpid=7625358645801593428
sync.crwdcntrl.net/map/c=10915/tp=TRNN/ Frame 907C
Redirect Chain

https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMzQ4ODM4MC90LzI/dpuid/a6518660381342d9cc7ba26db469039e/url/https://sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=$!%7BTURN_UUID%7D
https://sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=7625358645801593428

49 B
264 B

33ms
33ms

Image
image/gif

52.30.140.199
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=7625358645801593428
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=135%2C116%2C108%2C106%2C104%2C100%2C94%2C81%2C80%2C79%2C78%2C61%2C50%2C49%2C42%2C38%2C33%2C26%2C22%2C12%2C8%2C3%2C2&c=3825
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.30.140.199 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-30-140-199.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Sep 2021 01:06:20 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.45.2.37
content-type: image/gif
content-length: 49
expires: 0

Redirect headers

location: https://sync.crwdcntrl.net/map/c=10915/tp=TRNN/tpid=7625358645801593428
pragma: no-cache
date: Thu, 16 Sep 2021 01:06:19 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H2

200

tp=ANXS
sync.crwdcntrl.net/map/c=281/rand=430412040/tpid=692294473516701639/ Frame 907C
Redirect Chain

https://secure.adnxs.com/getuid?https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc=281%2Frand=430412040%2Ftpid%3D%24UID%2Ftp%3DANXS
https://sync.crwdcntrl.net/map/c=281/rand=430412040/tpid=692294473516701639/tp=ANXS

49 B
264 B

33ms
33ms

Image
image/gif

52.30.140.199
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/map/c=281/rand=430412040/tpid=692294473516701639/tp=ANXS
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/pixels?s=135%2C116%2C108%2C106%2C104%2C100%2C94%2C81%2C80%2C79%2C78%2C61%2C50%2C49%2C42%2C38%2C33%2C26%2C22%2C12%2C8%2C3%2C2&c=3825
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.30.140.199 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-30-140-199.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Sep 2021 01:06:20 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.45.1.148
content-type: image/gif
content-length: 49
expires: 0

Redirect headers

Pragma: no-cache
Date: Thu, 16 Sep 2021 01:06:20 GMT
X-Proxy-Origin: 216.131.114.43; 216.131.114.43; 539.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: 07999481-5ea9-49b3-be4f-5ff49a6509c9
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://sync.crwdcntrl.net/map/c=281/rand=430412040/tpid=692294473516701639/tp=ANXS
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 pubads_impl_2021091001.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 3823 333 KB
117 KB 24ms
23ms Script
text/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021091001.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

sffe /

Resource Hash

7345db8b8745d32b70fbbb0867ab8488760e99ce94aa40a78e73ad7fcba15866

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.livenewsnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 01:06:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 119453
x-xss-protection: 0
last-modified: Fri, 10 Sep 2021 19:52:34 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 16 Sep 2021 01:06:19 GMT

POST
H2 200 prebid-request Show response
onetag-sys.com/ Frame 1B61 15 B
375 B 8ms
7ms XHR
application/json 51.89.9.254
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/prebid-request

Requested by

Host: hb.brainlyads.com
URL: https://hb.brainlyads.com/prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip254.ip-51-89-9.eu

Software

Resource Hash

663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://www.livenewsnow.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain

Response headers

strict-transport-security: max-age=15552000
content-encoding: gzip
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin: https://www.livenewsnow.com
cache-control: no-transform, no-cache
access-control-allow-credentials: true
content-type: application/json
access-control-allow-headers: content-type, origin, referer, user-agent
content-length: 41

GET
H2 204 prebid Show response
ads.yieldmo.com/exchange/ Frame 1B61 0
227 B 35ms
35ms XHR
text/plain 54.194.126.20
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.yieldmo.com/exchange/prebid?pbav=4.39.0&p=%5B%7B%22placement_id%22%3A%221-0db0-%2F90814396%2C22488419775%2FLivenewsnow_300x250_intext_tier2_HB%22%2C%22callback_id%22%3A%22138e7e26bab444dc%22%2C%22sizes%22%3A%5B%5B300%2C250%5D%5D%2C%22ym_placement_id%22%3A%222495061940728963600%22%7D%5D&page_url=https%3A%2F%2Fwww.livenewsnow.com%2Ffeatured%2Fmsnbc.html&bust=1631754379818&pr=&scrd=1&dnt=false&description=&title=MSNBC%20Live%20Stream%20free%20-%20MSNBC%20News%20Live%20Streaming%20Online&w=1600&h=1200&userConsent=%7B%22gdprApplies%22%3A%22%22%2C%22cmp%22%3A%22%22%7D&us_privacy=1---&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22nextmillennium.io%22%2C%22sid%22%3A%2215148%22%2C%22hp%22%3A1%7D%5D%7D
Requested by: Host: hb.brainlyads.com
URL: https://hb.brainlyads.com/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.194.126.20 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-194-126-20.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.livenewsnow.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.livenewsnow.com
pragma: no-cache
date: Thu, 16 Sep 2021 01:06:19 GMT
access-control-allow-credentials: true
x-robots-tag: none,NOINDEX,NOFOLLOW
access-control-allow-methods: POST, GET, OPTIONS
access-control-request-headers: Cache-Control, Pragma

POST
H2 200 v1 Show response
hb-api.omnitagjs.com/hb-api/prebid/ Frame 1B61 181 B
342 B 194ms
194ms XHR
application/json 185.255.84.151
IGUANE-

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: hb.brainlyads.com
URL: https://hb.brainlyads.com/prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.255.84.151 Paris, France, ASN200271 (IGUANE-, FR),

Reverse DNS

Software

ayl-lb-fra02 /

Resource Hash

3c76ba0e571382c10f84cbda7a0696799496eccacef1f5949a193fb18ed18fc6

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.livenewsnow.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 16 Sep 2021 01:06:19 GMT
x-content-type-options: nosniff
p3p: CP="CAO PSA OUR"
x-envoy-upstream-service-time: 178
vary: Accept-Encoding
content-length: 181
pragma: no-cache
server: ayl-lb-fra02
access-control-max-age: 3600
access-control-allow-methods: OPTIONS, POST
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.livenewsnow.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Accept-Encoding, Content-Type
expires: 0

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 1B61 140 B
979 B 7ms
7ms XHR
application/json 37.252.173.22
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: hb.brainlyads.com
URL: https://hb.brainlyads.com/prebid.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.22 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

5bf3e835f77c2c55fbcf049743ca22309dd62fba440c336f0137060518a7fe46

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.livenewsnow.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 16 Sep 2021 01:06:19 GMT
X-Proxy-Origin: 216.131.114.43; 216.131.114.43; 536.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: 128564e3-d261-400c-8355-08f0c91edafd
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.livenewsnow.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 140
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK hbjson Show response
grid.bidswitch.net/ Frame 1B61 2 B
274 B 12ms
12ms XHR
application/json 18.192.135.64
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://grid.bidswitch.net/hbjson
Requested by: Host: hb.brainlyads.com
URL: https://hb.brainlyads.com/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.192.135.64 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-192-135-64.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer: https://www.livenewsnow.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://www.livenewsnow.com
Date: Thu, 16 Sep 2021 01:06:19 GMT
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Content-Length: 2
Content-Type: application/json; charset=UTF-8

GET
H2 200 arj Show response
u.openx.net/w/1.0/ Frame 1B61 189 B
372 B 24ms
24ms XHR
application/json 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://u.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.livenewsnow.com%2Ffeatured%2Fmsnbc.html&ch=UTF-8&res=1600x1200x24&ifr=true&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=01d990a3-56a8-46f2-989f-c930b3eb7a82&nocache=1631754379820&ph=85ac7b17-5271-4304-bcbc-5dddfff9683c&us_privacy=1---&schain=1.0%2C1!nextmillennium.io%2C15148%2C1%2C%2C%2C&aus=300x250&divIds=1-0db0-%252F90814396%252C22488419775%252FLivenewsnow_300x250_intext_tier2_HB&auid=541141513
Requested by: Host: hb.brainlyads.com
URL: https://hb.brainlyads.com/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.216.0 /
Resource Hash: be425b38c84031a06248388075b1f7a34b1f95b60e3046143de44ddaf1ee90e4

Request headers

Referer: https://www.livenewsnow.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 16 Sep 2021 01:06:19 GMT
content-encoding: gzip
server: OXGW/16.216.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://www.livenewsnow.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: clear
content-length: 176
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H2 204 mvo Show response
tag.1rx.io/rmp/211242/0/ Frame 1B61 0
175 B 15ms
14ms XHR
text/plain 213.19.147.42
RHYTHMONE

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.1rx.io/rmp/211242/0/mvo?z=1r&hbv=4.39,2.1
Requested by: Host: hb.brainlyads.com
URL: https://hb.brainlyads.com/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 213.19.147.42 , United Kingdom, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software: Tengine /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.livenewsnow.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.livenewsnow.com
pragma: no-cache
date: Thu, 16 Sep 2021 01:06:19 GMT
cache-control: private, max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: Tengine

POST
H2 200 hb Show response
ssc.33across.com/api/v1/ Frame 1B61 67 B
150 B 99ms
99ms XHR
application/json 34.149.20.76
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ssc.33across.com/api/v1/hb?guid=bo6haih4Or65TXaKlId8sQ
Requested by: Host: hb.brainlyads.com
URL: https://hb.brainlyads.com/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 76.20.149.34.bc.googleusercontent.com
Software: / 33Across
Resource Hash: 9956765470e0c5d15bf869241eebad8d3674a77146780cd1329fcfff57ca4577

Request headers

Referer: https://www.livenewsnow.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 16 Sep 2021 01:06:19 GMT
content-encoding: gzip
status: 200 OK
x-powered-by: 33Across
vary: Accept-Encoding, Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.livenewsnow.com
access-control-allow-credentials: true
alt-svc: clear
via: 1.1 google

OPTIONS
H/1.1 204
No Content statistics
report2.hb.brainlyads.com/ Frame 0
0 100ms
100ms Preflight 3.86.21.221
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://report2.hb.brainlyads.com/statistics
Protocol: HTTP/1.1
Server: 3.86.21.221 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-86-21-221.compute-1.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.livenewsnow.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Server: nginx/1.18.0 (Ubuntu)
Date: Thu, 16 Sep 2021 01:06:20 GMT
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *

POST
H/1.1 200
OK statistics Show response
report2.hb.brainlyads.com/ Frame 1B61 0
232 B 103ms
103ms XHR
text/plain 3.86.21.221
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://report2.hb.brainlyads.com/statistics
Requested by: Host: hb.brainlyads.com
URL: https://hb.brainlyads.com/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 3.86.21.221 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-86-21-221.compute-1.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) / Express
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.livenewsnow.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: application/json

Response headers

Access-Control-Allow-Origin: *
Date: Thu, 16 Sep 2021 01:06:20 GMT
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
X-Powered-By: Express
Access-Control-Allow-Headers: *
Transfer-Encoding: chunked

OPTIONS
H/1.1 204
No Content statistics
report.hb.brainlyads.com/ Frame 0
0 553ms
99ms Preflight 3.215.247.12
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://report.hb.brainlyads.com/statistics
Protocol: HTTP/1.1
Server: 3.215.247.12 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-215-247-12.compute-1.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.livenewsnow.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Server: nginx/1.14.0 (Ubuntu)
Date: Thu, 16 Sep 2021 01:06:20 GMT
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *

POST
H/1.1 200
OK statistics Show response
report.hb.brainlyads.com/ Frame 28C2 0
232 B 111ms
111ms XHR
text/plain 3.215.247.12
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://report.hb.brainlyads.com/statistics
Requested by: Host: hb.brainlyads.com
URL: https://hb.brainlyads.com/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 3.215.247.12 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-215-247-12.compute-1.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) / Express
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.livenewsnow.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: application/json

Response headers

Access-Control-Allow-Origin: *
Date: Thu, 16 Sep 2021 01:06:20 GMT
Server: nginx/1.14.0 (Ubuntu)
Connection: keep-alive
X-Powered-By: Express
Access-Control-Allow-Headers: *
Transfer-Encoding: chunked

GET
H2 200 / Show response
hb.brainlyads.com/json-parts/2501/ Frame 81EE 5 KB
2 KB 95ms
94ms XHR
application/json 23.20.158.212
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://hb.brainlyads.com/json-parts/2501/?ver=1.0&pageId=1164287288&sizes=[[1,1],[300,600],[300,250]]&winbidder=&keyValues=[[%22refresh%22,0],[%22url%22,%22https://www.livenewsnow.com/featured/msnbc.html%22],[%22referrerCategory%22,%22Direct%22]]

Requested by

Host: www.livenewsnow.com
URL: https://www.livenewsnow.com/featured/msnbc.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

23.20.158.212 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-23-20-158-212.compute-1.amazonaws.com

Software

nginx/1.10.3 (Ubuntu) / Express

Resource Hash

781b4fa701f66916629ec542d6f6b99648593d096784de8bbf4b442e5845a310

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.livenewsnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 01:06:20 GMT
content-encoding: gzip
etag: W/"1266-ecyk0AceQnA5TWqYhZ4mks9kkCs"
server: nginx/1.10.3 (Ubuntu)
x-powered-by: Express
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-headers: *

GET
H3 200 gpt.js Show response
www.googletagservices.com/tag/js/ Frame 2D03 71 KB
24 KB 24ms
24ms Script
text/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: hb.brainlyads.com
URL: https://hb.brainlyads.com/pbjs_wrapper.v1.0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

sffe /

Resource Hash

ee417620a9b6c3e4301acb479edc4245d2c3f5f24c086bc14a6019ef7234eb0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.livenewsnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 01:06:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "988 / 993 of 1000 / last-modified: 1631750564"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25013
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 16 Sep 2021 01:06:20 GMT

GET
H3 200 pubads_impl_2021091001.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 2D03 333 KB
117 KB 23ms
22ms Script
text/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021091001.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

sffe /

Resource Hash

7345db8b8745d32b70fbbb0867ab8488760e99ce94aa40a78e73ad7fcba15866

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.livenewsnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 01:06:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 119453
x-xss-protection: 0
last-modified: Fri, 10 Sep 2021 19:52:34 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 16 Sep 2021 01:06:20 GMT

POST
H/1.1 200
OK hbjson Show response
grid.bidswitch.net/ Frame 1B61 2 B
274 B 13ms
12ms XHR
application/json 18.192.135.64
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://grid.bidswitch.net/hbjson
Requested by: Host: hb.brainlyads.com
URL: https://hb.brainlyads.com/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.192.135.64 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-192-135-64.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer: https://www.livenewsnow.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://www.livenewsnow.com
Date: Thu, 16 Sep 2021 01:06:20 GMT
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Content-Length: 2
Content-Type: application/json; charset=UTF-8

POST
H2 204 mvo Show response
tag.1rx.io/rmp/211242/0/ Frame 1B61 0
175 B 16ms
16ms XHR
text/plain 213.19.147.42
RHYTHMONE

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.1rx.io/rmp/211242/0/mvo?z=1r&hbv=4.39,2.1
Requested by: Host: hb.brainlyads.com
URL: https://hb.brainlyads.com/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 213.19.147.42 , United Kingdom, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software: Tengine /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.livenewsnow.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.livenewsnow.com
pragma: no-cache
date: Thu, 16 Sep 2021 01:06:20 GMT
cache-control: private, max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: Tengine

POST
H2 200 v1 Show response
hb-api.omnitagjs.com/hb-api/prebid/ Frame 1B61 181 B
337 B 193ms
193ms XHR
application/json 185.255.84.151
IGUANE-

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: hb.brainlyads.com
URL: https://hb.brainlyads.com/prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.255.84.151 Paris, France, ASN200271 (IGUANE-, FR),

Reverse DNS

Software

ayl-lb-fra02 /

Resource Hash

8b113846c68e22ae45c55350b1da05398b4e94099fbabee5ff057e3aa571bcdf

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.livenewsnow.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 16 Sep 2021 01:06:20 GMT
x-content-type-options: nosniff
p3p: CP="CAO PSA OUR"
x-envoy-upstream-service-time: 178
vary: Accept-Encoding
content-length: 181
pragma: no-cache
server: ayl-lb-fra02
access-control-max-age: 3600
access-control-allow-methods: OPTIONS, POST
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.livenewsnow.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Accept-Encoding, Content-Type
expires: 0

POST
H2 200 prebid-request Show response
onetag-sys.com/ Frame 1B61 15 B
375 B 8ms
8ms XHR
application/json 51.89.9.254
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/prebid-request

Requested by

Host: hb.brainlyads.com
URL: https://hb.brainlyads.com/prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip254.ip-51-89-9.eu

Software

Resource Hash

663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://www.livenewsnow.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain

Response headers

strict-transport-security: max-age=15552000
content-encoding: gzip
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin: https://www.livenewsnow.com
cache-control: no-transform, no-cache
access-control-allow-credentials: true
content-type: application/json
access-control-allow-headers: content-type, origin, referer, user-agent
content-length: 41

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 1B61 140 B
979 B 7ms
6ms XHR
application/json 37.252.173.22
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: hb.brainlyads.com
URL: https://hb.brainlyads.com/prebid.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.22 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4af33dd281859a417474adb4e2710259f803754801d2d8a68c41851306b70550

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.livenewsnow.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 16 Sep 2021 01:06:20 GMT
X-Proxy-Origin: 216.131.114.43; 216.131.114.43; 536.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: 78ecc4d4-6c20-4ce8-b6fc-7b74abe8f2d4
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.livenewsnow.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 140
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 arj Show response
u.openx.net/w/1.0/ Frame 1B61 190 B
373 B 27ms
27ms XHR
application/json 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://u.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.livenewsnow.com%2Ffeatured%2Fmsnbc.html&ch=UTF-8&res=1600x1200x24&ifr=true&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=33797232-42cf-4158-a6d8-8efbc2a1f3b0&nocache=1631754380809&ph=85ac7b17-5271-4304-bcbc-5dddfff9683c&us_privacy=1---&schain=1.0%2C1!nextmillennium.io%2C15148%2C1%2C%2C%2C&aus=1x1%2C300x600%2C300x250&divIds=1-bbf9-%252F90814396%252C22488419775%252FLivenewsnow_300x250_intext_tier2_HB&auid=541141513
Requested by: Host: hb.brainlyads.com
URL: https://hb.brainlyads.com/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.216.0 /
Resource Hash: 6ff67e9698ccf85007cd047170059dede48ff74484e2aaa7e1228ae628a028ab

Request headers

Referer: https://www.livenewsnow.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 16 Sep 2021 01:06:20 GMT
content-encoding: gzip
server: OXGW/16.216.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://www.livenewsnow.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: clear
content-length: 177
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H2 200 hb Show response
ssc.33across.com/api/v1/ Frame 1B61 67 B
159 B 107ms
107ms XHR
application/json 34.149.20.76
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ssc.33across.com/api/v1/hb?guid=bo6haih4Or65TXaKlId8sQ
Requested by: Host: hb.brainlyads.com
URL: https://hb.brainlyads.com/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 76.20.149.34.bc.googleusercontent.com
Software: / 33Across
Resource Hash: f29c7147d6c35f628a241c677d925d5615a30c15c6a07efbd08545fa6f85a632

Request headers

Referer: https://www.livenewsnow.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 16 Sep 2021 01:06:20 GMT
content-encoding: gzip
status: 200 OK
x-powered-by: 33Across
vary: Accept-Encoding, Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.livenewsnow.com
access-control-allow-credentials: true
alt-svc: clear
via: 1.1 google

OPTIONS
H/1.1 204
No Content statistics
report2.hb.brainlyads.com/ Frame 0
0 100ms
100ms Preflight 3.86.21.221
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://report2.hb.brainlyads.com/statistics
Protocol: HTTP/1.1
Server: 3.86.21.221 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-86-21-221.compute-1.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.livenewsnow.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Server: nginx/1.18.0 (Ubuntu)
Date: Thu, 16 Sep 2021 01:06:21 GMT
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *

POST
H/1.1 200
OK statistics Show response
report2.hb.brainlyads.com/ Frame 1B61 0
232 B 203ms
203ms XHR
text/plain 3.86.21.221
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://report2.hb.brainlyads.com/statistics
Requested by: Host: hb.brainlyads.com
URL: https://hb.brainlyads.com/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 3.86.21.221 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-86-21-221.compute-1.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) / Express
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.livenewsnow.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: application/json

Response headers

Access-Control-Allow-Origin: *
Date: Thu, 16 Sep 2021 01:06:21 GMT
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
X-Powered-By: Express
Access-Control-Allow-Headers: *
Transfer-Encoding: chunked

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 0985 52 KB
17 KB 523ms
163ms Document
text/html 184.26.16.194
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: hb.brainlyads.com
URL: https://hb.brainlyads.com/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.26.16.194 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-26-16-194.deploy.static.akamaitechnologies.com
Software: nginx/1.13.10 /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Host: acdn.adnxs.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.livenewsnow.com/
Accept-Encoding: gzip, deflate, br
Cookie: uuid2=692294473516701639
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.livenewsnow.com/

Response headers

Last-Modified: Wed, 02 Dec 2020 20:56:47 GMT
ETag: "5fc7ff8f-cf34"
Server: nginx/1.13.10
Access-Control-Allow-Origin: *
Content-Type: text/html
Content-Encoding: gzip
Content-Length: 17053
Cache-Control: max-age=86402
Expires: Fri, 17 Sep 2021 01:06:23 GMT
Date: Thu, 16 Sep 2021 01:06:21 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H2 200 showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame A8B6 38 KB
14 KB 174ms
174ms Document
text/html 184.26.16.208
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js
Requested by: Host: hb.brainlyads.com
URL: https://hb.brainlyads.com/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.26.16.208 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-26-16-208.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 9005ef18fcfb3897cd13c7ec73f90d2b0da0cc7d6153be58cdbe90ad5e2741c8

Request headers

:method: GET
:authority: ads.pubmatic.com
:scheme: https
:path: /AdServer/js/showad.js
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.livenewsnow.com/
accept-encoding: gzip, deflate, br
cookie: KTPCACOOKIE=true; KADUSERCOOKIE=9D35A074-4453-48D3-818E-01171824F295
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.livenewsnow.com/

Response headers

last-modified: Tue, 15 Jun 2021 06:07:52 GMT
etag: "13006b6-974e-5c4c7cb53d8cb"
server: Apache/2.2.15 (CentOS)
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 13946
content-type: text/html; charset=UTF-8
cache-control: public, max-age=90232
expires: Fri, 17 Sep 2021 02:10:13 GMT
date: Thu, 16 Sep 2021 01:06:21 GMT
vary: Accept-Encoding

GET
H2 204 /
ssc-cms.33across.com/ps/ Frame 6C32 0
0 376ms
109ms Document
text/plain 208.100.17.171
STEADFAST

General

Check archive.org

Show headers Download Go to

Full URL: https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=bo6haih4Or65TXaKlId8sQ&gdpr_consent=undefined&us_privacy=1---
Requested by: Host: hb.brainlyads.com
URL: https://hb.brainlyads.com/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 208.100.17.171 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip171.208-100-17.static.steadfastdns.net
Software: 33XP005 /
Resource Hash

Request headers

:method: GET
:authority: ssc-cms.33across.com
:scheme: https
:path: /ps/?m=xch&rt=html&ru=deb&id=bo6haih4Or65TXaKlId8sQ&gdpr_consent=undefined&us_privacy=1---
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.livenewsnow.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.livenewsnow.com/

Response headers

x-33x-status: 200000000000000002000208
server: 33XP005
date: Thu, 16 Sep 2021 01:06:21 GMT

GET
H2 200 usersync.html Show response
cdn.undertone.com/js/ Frame A0E1 8 KB
3 KB 73ms
7ms Document
text/html 13.225.78.120
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.undertone.com/js/usersync.html?ccpa=1---
Requested by: Host: hb.brainlyads.com
URL: https://hb.brainlyads.com/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.120 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-120.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f0c6c17bbefb440a7e7ee03a4363aeba33a7c57345af065c670848e8fd40a4b5

Request headers

:method: GET
:authority: cdn.undertone.com
:scheme: https
:path: /js/usersync.html?ccpa=1---
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.livenewsnow.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.livenewsnow.com/

Response headers

content-type: text/html
x-amz-replication-status: COMPLETED
last-modified: Thu, 08 Jul 2021 07:16:59 GMT
x-amz-version-id: 6994YJvhVK.G.S8wNruUeW.ksGihHjjx
server: AmazonS3
content-encoding: gzip
date: Wed, 15 Sep 2021 19:49:25 GMT
etag: W/"71d386aa3a4939b04d8b4f9c237f4eaf"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 27f665df26bde4a7226480b4a2890ff9.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: fOf4uiT1NPw6HEvHOPixhd1xze_ePL-j1tibVbStqjj5tO05SEKANQ==
age: 19017

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame D55D 52 KB
17 KB 527ms
167ms Document
text/html 184.26.16.194
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: hb.brainlyads.com
URL: https://hb.brainlyads.com/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.26.16.194 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-26-16-194.deploy.static.akamaitechnologies.com
Software: nginx/1.13.10 /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Host: acdn.adnxs.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.livenewsnow.com/
Accept-Encoding: gzip, deflate, br
Cookie: uuid2=692294473516701639
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.livenewsnow.com/

Response headers

Last-Modified: Wed, 02 Dec 2020 20:56:47 GMT
ETag: "5fc7ff8f-cf34"
Server: nginx/1.13.10
Access-Control-Allow-Origin: *
Content-Type: text/html
Content-Encoding: gzip
Content-Length: 17053
Cache-Control: max-age=86402
Expires: Fri, 17 Sep 2021 01:06:23 GMT
Date: Thu, 16 Sep 2021 01:06:21 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H2 200 pd Show response
eu-u.openx.net/w/1.0/ Frame 97D2 1006 B
846 B 29ms
16ms Document
text/html 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=85ac7b17-5271-4304-bcbc-5dddfff9683c&gdpr=0&us_privacy=1---
Requested by: Host: hb.brainlyads.com
URL: https://hb.brainlyads.com/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.216.0 /
Resource Hash: 1845d229137e5f0aeb6e2c2e4a98024e88b8a0ba5c2103f9000e84a2c2ee7e46

Request headers

:method: GET
:authority: eu-u.openx.net
:scheme: https
:path: /w/1.0/pd?plm=10&ph=85ac7b17-5271-4304-bcbc-5dddfff9683c&gdpr=0&us_privacy=1---
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.livenewsnow.com/
accept-encoding: gzip, deflate, br
cookie: i=06553da1-6456-03ac-0d12-6222f01ca294|1631754378
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.livenewsnow.com/

Response headers

vary: Accept, Accept-Encoding
set-cookie: i=06553da1-6456-03ac-0d12-6222f01ca294|1631754378; Version=1; Expires=Fri, 16-Sep-2022 01:06:21 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None pd=v2|1631754381|mOgeginskin0vNomiygu; Version=1; Expires=Fri, 01-Oct-2021 01:06:21 GMT; Max-Age=1296000; Secure; Domain=.openx.net; Path=/; SameSite=None
server: OXGW/16.216.0
p3p: CP="CUR ADM OUR NOR STA NID"
date: Thu, 16 Sep 2021 01:06:21 GMT
content-type: text/html
content-length: 541
content-encoding: gzip
via: 1.1 google
alt-svc: clear

GET
H2 200 usersync.html Show response
cdn.undertone.com/js/ Frame FC07 8 KB
3 KB 71ms
8ms Document
text/html 13.225.78.120
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.undertone.com/js/usersync.html?ccpa=1---
Requested by: Host: hb.brainlyads.com
URL: https://hb.brainlyads.com/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.120 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-120.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f0c6c17bbefb440a7e7ee03a4363aeba33a7c57345af065c670848e8fd40a4b5

Request headers

:method: GET
:authority: cdn.undertone.com
:scheme: https
:path: /js/usersync.html?ccpa=1---
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.livenewsnow.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.livenewsnow.com/

Response headers

content-type: text/html
x-amz-replication-status: COMPLETED
last-modified: Thu, 08 Jul 2021 07:16:59 GMT
x-amz-version-id: 6994YJvhVK.G.S8wNruUeW.ksGihHjjx
server: AmazonS3
content-encoding: gzip
date: Wed, 15 Sep 2021 19:49:25 GMT
etag: W/"71d386aa3a4939b04d8b4f9c237f4eaf"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 27f665df26bde4a7226480b4a2890ff9.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: -W1qXkumDRo2-16X2XmefHaSYqZ9EkjX5_L6G-XJCO7wPGATUlWp2w==
age: 19017

GET
H2 200 showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame 380D 38 KB
14 KB 184ms
184ms Document
text/html 184.26.16.208
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js
Requested by: Host: hb.brainlyads.com
URL: https://hb.brainlyads.com/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.26.16.208 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-26-16-208.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 9005ef18fcfb3897cd13c7ec73f90d2b0da0cc7d6153be58cdbe90ad5e2741c8

Request headers

:method: GET
:authority: ads.pubmatic.com
:scheme: https
:path: /AdServer/js/showad.js
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.livenewsnow.com/
accept-encoding: gzip, deflate, br
cookie: KTPCACOOKIE=true; KADUSERCOOKIE=9D35A074-4453-48D3-818E-01171824F295
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.livenewsnow.com/

Response headers

last-modified: Tue, 15 Jun 2021 06:07:52 GMT
etag: "13006b6-974e-5c4c7cb53d8cb"
server: Apache/2.2.15 (CentOS)
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 13946
content-type: text/html; charset=UTF-8
cache-control: public, max-age=90232
expires: Fri, 17 Sep 2021 02:10:13 GMT
date: Thu, 16 Sep 2021 01:06:21 GMT
vary: Accept-Encoding

GET
H2 204 /
ssc-cms.33across.com/ps/ Frame 20F6 0
0 370ms
110ms Document
text/plain 208.100.17.171
STEADFAST

General

Check archive.org

Show headers Download Go to

Full URL: https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=bo6haih4Or65TXaKlId8sQ&gdpr_consent=undefined&us_privacy=1---
Requested by: Host: hb.brainlyads.com
URL: https://hb.brainlyads.com/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 208.100.17.171 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip171.208-100-17.static.steadfastdns.net
Software: 33XP003 /
Resource Hash

Request headers

:method: GET
:authority: ssc-cms.33across.com
:scheme: https
:path: /ps/?m=xch&rt=html&ru=deb&id=bo6haih4Or65TXaKlId8sQ&gdpr_consent=undefined&us_privacy=1---
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.livenewsnow.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.livenewsnow.com/

Response headers

x-33x-status: 2000208
server: 33XP003
date: Thu, 16 Sep 2021 01:06:21 GMT

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 84D1 52 KB
17 KB 547ms
176ms Document
text/html 184.26.16.194
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: hb.brainlyads.com
URL: https://hb.brainlyads.com/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.26.16.194 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-26-16-194.deploy.static.akamaitechnologies.com
Software: nginx/1.13.10 /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Host: acdn.adnxs.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.livenewsnow.com/
Accept-Encoding: gzip, deflate, br
Cookie: uuid2=692294473516701639
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.livenewsnow.com/

Response headers

Last-Modified: Wed, 02 Dec 2020 20:56:47 GMT
ETag: "5fc7ff8f-cf34"
Server: nginx/1.13.10
Access-Control-Allow-Origin: *
Content-Type: text/html
Content-Encoding: gzip
Content-Length: 17053
Cache-Control: max-age=86402
Expires: Fri, 17 Sep 2021 01:06:23 GMT
Date: Thu, 16 Sep 2021 01:06:21 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H2 204 /
ssc-cms.33across.com/ps/ Frame DE40 0
0 368ms
109ms Document
text/plain 208.100.17.171
STEADFAST

General

Check archive.org

Show headers Download Go to

Full URL: https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=bo6haih4Or65TXaKlId8sQ&gdpr_consent=undefined&us_privacy=1---
Requested by: Host: hb.brainlyads.com
URL: https://hb.brainlyads.com/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 208.100.17.171 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip171.208-100-17.static.steadfastdns.net
Software: 33XP001 /
Resource Hash

Request headers

:method: GET
:authority: ssc-cms.33across.com
:scheme: https
:path: /ps/?m=xch&rt=html&ru=deb&id=bo6haih4Or65TXaKlId8sQ&gdpr_consent=undefined&us_privacy=1---
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.livenewsnow.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.livenewsnow.com/

Response headers

x-33x-status: 2000208
server: 33XP001
date: Thu, 16 Sep 2021 01:06:21 GMT

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 5E05 52 KB
17 KB 559ms
180ms Document
text/html 184.26.16.194
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: hb.brainlyads.com
URL: https://hb.brainlyads.com/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.26.16.194 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-26-16-194.deploy.static.akamaitechnologies.com
Software: nginx/1.13.10 /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Host: acdn.adnxs.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.livenewsnow.com/
Accept-Encoding: gzip, deflate, br
Cookie: uuid2=692294473516701639
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.livenewsnow.com/

Response headers

Last-Modified: Wed, 02 Dec 2020 20:56:47 GMT
ETag: "5fc7ff8f-cf34"
Server: nginx/1.13.10
Access-Control-Allow-Origin: *
Content-Type: text/html
Content-Encoding: gzip
Content-Length: 17053
Cache-Control: max-age=86402
Expires: Fri, 17 Sep 2021 01:06:23 GMT
Date: Thu, 16 Sep 2021 01:06:21 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H2 200 pd Show response
eu-u.openx.net/w/1.0/ Frame 3115 1006 B
858 B 22ms
15ms Document
text/html 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=85ac7b17-5271-4304-bcbc-5dddfff9683c&gdpr=0&us_privacy=1---
Requested by: Host: hb.brainlyads.com
URL: https://hb.brainlyads.com/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.216.0 /
Resource Hash: 1845d229137e5f0aeb6e2c2e4a98024e88b8a0ba5c2103f9000e84a2c2ee7e46

Request headers

:method: GET
:authority: eu-u.openx.net
:scheme: https
:path: /w/1.0/pd?plm=10&ph=85ac7b17-5271-4304-bcbc-5dddfff9683c&gdpr=0&us_privacy=1---
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.livenewsnow.com/
accept-encoding: gzip, deflate, br
cookie: i=06553da1-6456-03ac-0d12-6222f01ca294|1631754378
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.livenewsnow.com/

Response headers

vary: Accept, Accept-Encoding
set-cookie: i=06553da1-6456-03ac-0d12-6222f01ca294|1631754378; Version=1; Expires=Fri, 16-Sep-2022 01:06:21 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None pd=v2|1631754381|mOgeginskin0vNomiygu; Version=1; Expires=Fri, 01-Oct-2021 01:06:21 GMT; Max-Age=1296000; Secure; Domain=.openx.net; Path=/; SameSite=None
server: OXGW/16.216.0
p3p: CP="CUR ADM OUR NOR STA NID"
date: Thu, 16 Sep 2021 01:06:21 GMT
content-type: text/html
content-length: 541
content-encoding: gzip
via: 1.1 google
alt-svc: clear

GET
H2 200 usersync.html Show response
cdn.undertone.com/js/ Frame 7F92 8 KB
3 KB 64ms
8ms Document
text/html 13.225.78.120
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.undertone.com/js/usersync.html?ccpa=1---
Requested by: Host: hb.brainlyads.com
URL: https://hb.brainlyads.com/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.120 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-120.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f0c6c17bbefb440a7e7ee03a4363aeba33a7c57345af065c670848e8fd40a4b5

Request headers

:method: GET
:authority: cdn.undertone.com
:scheme: https
:path: /js/usersync.html?ccpa=1---
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.livenewsnow.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.livenewsnow.com/

Response headers

content-type: text/html
x-amz-replication-status: COMPLETED
last-modified: Thu, 08 Jul 2021 07:16:59 GMT
x-amz-version-id: 6994YJvhVK.G.S8wNruUeW.ksGihHjjx
server: AmazonS3
content-encoding: gzip
date: Wed, 15 Sep 2021 19:49:25 GMT
etag: W/"71d386aa3a4939b04d8b4f9c237f4eaf"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 27f665df26bde4a7226480b4a2890ff9.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: 1LdthoPPhagbXj8Gio7w2a5dhHKpsNeof_0VB7hnVYLzvmsJdR0wHQ==
age: 19017

GET
H2 200 showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame C6C1 38 KB
14 KB 194ms
194ms Document
text/html 184.26.16.208
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js
Requested by: Host: hb.brainlyads.com
URL: https://hb.brainlyads.com/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.26.16.208 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-26-16-208.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 9005ef18fcfb3897cd13c7ec73f90d2b0da0cc7d6153be58cdbe90ad5e2741c8

Request headers

:method: GET
:authority: ads.pubmatic.com
:scheme: https
:path: /AdServer/js/showad.js
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.livenewsnow.com/
accept-encoding: gzip, deflate, br
cookie: KTPCACOOKIE=true; KADUSERCOOKIE=9D35A074-4453-48D3-818E-01171824F295
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.livenewsnow.com/

Response headers

last-modified: Tue, 15 Jun 2021 06:07:52 GMT
etag: "13006b6-974e-5c4c7cb53d8cb"
server: Apache/2.2.15 (CentOS)
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 13946
content-type: text/html; charset=UTF-8
cache-control: public, max-age=90232
expires: Fri, 17 Sep 2021 02:10:13 GMT
date: Thu, 16 Sep 2021 01:06:21 GMT
vary: Accept-Encoding

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 44D3 52 KB
17 KB 703ms
193ms Document
text/html 184.26.16.194
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: hb.brainlyads.com
URL: https://hb.brainlyads.com/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.26.16.194 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-26-16-194.deploy.static.akamaitechnologies.com
Software: nginx/1.13.10 /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Host: acdn.adnxs.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.livenewsnow.com/
Accept-Encoding: gzip, deflate, br
Cookie: uuid2=692294473516701639
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.livenewsnow.com/

Response headers

Last-Modified: Wed, 02 Dec 2020 20:56:47 GMT
ETag: "5fc7ff8f-cf34"
Server: nginx/1.13.10
Access-Control-Allow-Origin: *
Content-Type: text/html
Content-Encoding: gzip
Content-Length: 17053
Cache-Control: max-age=86402
Expires: Fri, 17 Sep 2021 01:06:24 GMT
Date: Thu, 16 Sep 2021 01:06:22 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H2 204 /
ssc-cms.33across.com/ps/ Frame 4C9F 0
0 363ms
109ms Document
text/plain 208.100.17.171
STEADFAST

General

Check archive.org

Show headers Download Go to

Full URL: https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=bo6haih4Or65TXaKlId8sQ&gdpr_consent=undefined&us_privacy=1---
Requested by: Host: hb.brainlyads.com
URL: https://hb.brainlyads.com/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 208.100.17.171 , United States, ASN32748 (STEADFAST, US),
Reverse DNS: ip171.208-100-17.static.steadfastdns.net
Software: 33XP004 /
Resource Hash

Request headers

:method: GET
:authority: ssc-cms.33across.com
:scheme: https
:path: /ps/?m=xch&rt=html&ru=deb&id=bo6haih4Or65TXaKlId8sQ&gdpr_consent=undefined&us_privacy=1---
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.livenewsnow.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.livenewsnow.com/

Response headers

x-33x-status: 200000000000000002000208
server: 33XP004
date: Thu, 16 Sep 2021 01:06:20 GMT

GET
H2 200 / Show response
onetag-sys.com/usync/ Frame E696 2 KB
823 B 8ms
7ms Document
text/html 51.89.9.254
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?cb=1631754378333&us_privacy=1---

Requested by

Host: hb.brainlyads.com
URL: https://hb.brainlyads.com/prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip254.ip-51-89-9.eu

Software

Resource Hash

37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

:method: GET
:authority: onetag-sys.com
:scheme: https
:path: /usync/?cb=1631754378333&us_privacy=1---
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.livenewsnow.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.livenewsnow.com/

Response headers

content-type: text/html
cache-control: no-transform, no-cache
content-encoding: gzip
content-length: 731
strict-transport-security: max-age=15552000

GET
H2 200 / Show response
onetag-sys.com/usync/ Frame 762B 2 KB
823 B 7ms
7ms Document
text/html 51.89.9.254
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?cb=1631754378334&us_privacy=1---

Requested by

Host: hb.brainlyads.com
URL: https://hb.brainlyads.com/prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip254.ip-51-89-9.eu

Software

Resource Hash

37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

:method: GET
:authority: onetag-sys.com
:scheme: https
:path: /usync/?cb=1631754378334&us_privacy=1---
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.livenewsnow.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.livenewsnow.com/

Response headers

content-type: text/html
cache-control: no-transform, no-cache
content-encoding: gzip
content-length: 731
strict-transport-security: max-age=15552000

GET
H2 200 showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame E8FD 38 KB
14 KB 205ms
204ms Document
text/html 184.26.16.208
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js
Requested by: Host: hb.brainlyads.com
URL: https://hb.brainlyads.com/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.26.16.208 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-26-16-208.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 9005ef18fcfb3897cd13c7ec73f90d2b0da0cc7d6153be58cdbe90ad5e2741c8

Request headers

:method: GET
:authority: ads.pubmatic.com
:scheme: https
:path: /AdServer/js/showad.js
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.livenewsnow.com/
accept-encoding: gzip, deflate, br
cookie: KTPCACOOKIE=true; KADUSERCOOKIE=9D35A074-4453-48D3-818E-01171824F295
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.livenewsnow.com/

Response headers

last-modified: Tue, 15 Jun 2021 06:07:52 GMT
etag: "13006b6-974e-5c4c7cb53d8cb"
server: Apache/2.2.15 (CentOS)
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 13946
content-type: text/html; charset=UTF-8
cache-control: public, max-age=90232
expires: Fri, 17 Sep 2021 02:10:13 GMT
date: Thu, 16 Sep 2021 01:06:21 GMT
vary: Accept-Encoding

GET
H2 200 / Show response
onetag-sys.com/usync/ Frame 50C2 2 KB
823 B 7ms
7ms Document
text/html 51.89.9.254
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?cb=1631754378333&us_privacy=1---

Requested by

Host: hb.brainlyads.com
URL: https://hb.brainlyads.com/prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip254.ip-51-89-9.eu

Software

Resource Hash

37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

:method: GET
:authority: onetag-sys.com
:scheme: https
:path: /usync/?cb=1631754378333&us_privacy=1---
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.livenewsnow.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.livenewsnow.com/

Response headers

content-type: text/html
cache-control: no-transform, no-cache
content-encoding: gzip
content-length: 731
strict-transport-security: max-age=15552000

GET
H2 200 pd Show response
eu-u.openx.net/w/1.0/ Frame 5F87 1006 B
846 B 16ms
16ms Document
text/html 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=85ac7b17-5271-4304-bcbc-5dddfff9683c&gdpr=0&us_privacy=1---
Requested by: Host: hb.brainlyads.com
URL: https://hb.brainlyads.com/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.216.0 /
Resource Hash: 1845d229137e5f0aeb6e2c2e4a98024e88b8a0ba5c2103f9000e84a2c2ee7e46

Request headers

:method: GET
:authority: eu-u.openx.net
:scheme: https
:path: /w/1.0/pd?plm=10&ph=85ac7b17-5271-4304-bcbc-5dddfff9683c&gdpr=0&us_privacy=1---
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.livenewsnow.com/
accept-encoding: gzip, deflate, br
cookie: i=06553da1-6456-03ac-0d12-6222f01ca294|1631754378
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.livenewsnow.com/

Response headers

vary: Accept, Accept-Encoding
set-cookie: i=06553da1-6456-03ac-0d12-6222f01ca294|1631754378; Version=1; Expires=Fri, 16-Sep-2022 01:06:21 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None pd=v2|1631754381|mOgeginskin0vNomiygu; Version=1; Expires=Fri, 01-Oct-2021 01:06:21 GMT; Max-Age=1296000; Secure; Domain=.openx.net; Path=/; SameSite=None
server: OXGW/16.216.0
p3p: CP="CUR ADM OUR NOR STA NID"
date: Thu, 16 Sep 2021 01:06:21 GMT
content-type: text/html
content-length: 541
content-encoding: gzip
via: 1.1 google
alt-svc: clear

GET
H2 200 pd Show response
eu-u.openx.net/w/1.0/ Frame C989 1006 B
846 B 17ms
17ms Document
text/html 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=85ac7b17-5271-4304-bcbc-5dddfff9683c&gdpr=0&us_privacy=1---
Requested by: Host: hb.brainlyads.com
URL: https://hb.brainlyads.com/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.216.0 /
Resource Hash: 1845d229137e5f0aeb6e2c2e4a98024e88b8a0ba5c2103f9000e84a2c2ee7e46

Request headers

:method: GET
:authority: eu-u.openx.net
:scheme: https
:path: /w/1.0/pd?plm=10&ph=85ac7b17-5271-4304-bcbc-5dddfff9683c&gdpr=0&us_privacy=1---
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.livenewsnow.com/
accept-encoding: gzip, deflate, br
cookie: i=06553da1-6456-03ac-0d12-6222f01ca294|1631754378
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.livenewsnow.com/

Response headers

vary: Accept, Accept-Encoding
set-cookie: i=06553da1-6456-03ac-0d12-6222f01ca294|1631754378; Version=1; Expires=Fri, 16-Sep-2022 01:06:21 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None pd=v2|1631754381|mOgeginskin0vNomiygu; Version=1; Expires=Fri, 01-Oct-2021 01:06:21 GMT; Max-Age=1296000; Secure; Domain=.openx.net; Path=/; SameSite=None
server: OXGW/16.216.0
p3p: CP="CUR ADM OUR NOR STA NID"
date: Thu, 16 Sep 2021 01:06:21 GMT
content-type: text/html
content-length: 541
content-encoding: gzip
via: 1.1 google
alt-svc: clear

GET
H2 200 showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame 3425 38 KB
14 KB 219ms
219ms Document
text/html 184.26.16.208
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js
Requested by: Host: hb.brainlyads.com
URL: https://hb.brainlyads.com/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.26.16.208 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-26-16-208.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 9005ef18fcfb3897cd13c7ec73f90d2b0da0cc7d6153be58cdbe90ad5e2741c8

Request headers

:method: GET
:authority: ads.pubmatic.com
:scheme: https
:path: /AdServer/js/showad.js
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.livenewsnow.com/
accept-encoding: gzip, deflate, br
cookie: KTPCACOOKIE=true; KADUSERCOOKIE=9D35A074-4453-48D3-818E-01171824F295
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.livenewsnow.com/

Response headers

last-modified: Tue, 15 Jun 2021 06:07:52 GMT
etag: "13006b6-974e-5c4c7cb53d8cb"
server: Apache/2.2.15 (CentOS)
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 13946
content-type: text/html; charset=UTF-8
cache-control: public, max-age=90232
expires: Fri, 17 Sep 2021 02:10:13 GMT
date: Thu, 16 Sep 2021 01:06:21 GMT
vary: Accept-Encoding

GET
H2 200 pd Show response
eu-u.openx.net/w/1.0/ Frame 7D16 1006 B
846 B 16ms
16ms Document
text/html 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=85ac7b17-5271-4304-bcbc-5dddfff9683c&gdpr=0&us_privacy=1---
Requested by: Host: hb.brainlyads.com
URL: https://hb.brainlyads.com/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.216.0 /
Resource Hash: 1845d229137e5f0aeb6e2c2e4a98024e88b8a0ba5c2103f9000e84a2c2ee7e46

Request headers

:method: GET
:authority: eu-u.openx.net
:scheme: https
:path: /w/1.0/pd?plm=10&ph=85ac7b17-5271-4304-bcbc-5dddfff9683c&gdpr=0&us_privacy=1---
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.livenewsnow.com/
accept-encoding: gzip, deflate, br
cookie: i=06553da1-6456-03ac-0d12-6222f01ca294|1631754378
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.livenewsnow.com/

Response headers

vary: Accept, Accept-Encoding
set-cookie: i=06553da1-6456-03ac-0d12-6222f01ca294|1631754378; Version=1; Expires=Fri, 16-Sep-2022 01:06:21 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None pd=v2|1631754381|mOgeginskin0vNomiygu; Version=1; Expires=Fri, 01-Oct-2021 01:06:21 GMT; Max-Age=1296000; Secure; Domain=.openx.net; Path=/; SameSite=None
server: OXGW/16.216.0
p3p: CP="CUR ADM OUR NOR STA NID"
date: Thu, 16 Sep 2021 01:06:21 GMT
content-type: text/html
content-length: 541
content-encoding: gzip
via: 1.1 google
alt-svc: clear

GET
H2 204 /
onetag-sys.com/usync/ Frame 1B61 0
52 B 8ms
7ms Image
text/plain 51.89.9.254
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/usync/?tag=img&us_privacy=1---

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip254.ip-51-89-9.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.livenewsnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-cache, no-transform

GET
H2

200

sync
x.bidswitch.net/ Frame 1B61
Redirect Chain

https://x.bidswitch.net/sync?ssp=themediagrid&us_privacy=1---
https://x.bidswitch.net/ul_cb/sync?ssp=themediagrid&us_privacy=1---
https://ads.avct.cloud/getuid?url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dthemediagrid
https://ads.avct.cloud/getuid?bounce=true&url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dthemediagrid
https://x.bidswitch.net/sync?dsp_id=59&user_id=fa463166-37aa-49ec-a41e-c4ae660de116&ssp=themediagrid

43 B
145 B

9ms
7ms

Image
image/gif

52.29.23.197
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?dsp_id=59&user_id=fa463166-37aa-49ec-a41e-c4ae660de116&ssp=themediagrid
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.29.23.197 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-29-23-197.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.livenewsnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 01:06:21 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

Redirect headers

location: //x.bidswitch.net/sync?dsp_id=59&user_id=fa463166-37aa-49ec-a41e-c4ae660de116&ssp=themediagrid
date: Thu, 16 Sep 2021 01:06:21 GMT
p3p: policyref="http://cdn.avocet.io/w3c/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-length: 125
content-type: text/html; charset=utf-8

GET
H2

200

sd
eu-u.openx.net/w/1.0/ Frame 3115
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_
https://pm.w55c.net/ping_match.gif?scc=1&ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_
https://eu-u.openx.net/w/1.0/sd?id=537072979&val=fU7PwUtk1MqFR35

43 B
106 B

17ms
16ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?id=537072979&val=fU7PwUtk1MqFR35
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=85ac7b17-5271-4304-bcbc-5dddfff9683c&gdpr=0&us_privacy=1---
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.216.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Sep 2021 01:06:21 GMT
via: 1.1 google
server: OXGW/16.216.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 16 Sep 2021 01:06:20 GMT
Server: PingMatch/8a430fa#rel-ec2-master i-0066ec59cc187b8a7@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Strict-Transport-Security: max-age=2592000; includeSubDomains
P3P: policyref="https://cts.w55c.net/ct/p3p_policy_ref.xml", CP="UNI PUR COM INT STA OTC STP OUR CUR TAIo COR DSP NOI"
Location: https://eu-u.openx.net/w/1.0/sd?id=537072979&val=fU7PwUtk1MqFR35
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 3115
Redirect Chain

https://x.bidswitch.net/sync?ssp=openx
https://x.bidswitch.net/ul_cb/sync?ssp=openx
https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=openx&bsw_custom_parameter=52a2cf51-6e38-4e7d-a6a9-1d14e78bdb32
https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=openx&bsw_custom_parameter=52a2cf51-6e38-4e7d-a6a9-1d14e78bdb32
https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=8eea97ea-48c1-419d-9e54-1fb4bdc8abb2&user_group=1&ssp=openx&bsw_param=52a2cf51-6e38-4e7d-a6a9-1d14e78bdb32
https://us-u.openx.net/w/1.0/sd?id=537072968&val=52a2cf51-6e38-4e7d-a6a9-1d14e78bdb32

43 B
106 B

15ms
15ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072968&val=52a2cf51-6e38-4e7d-a6a9-1d14e78bdb32
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=85ac7b17-5271-4304-bcbc-5dddfff9683c&gdpr=0&us_privacy=1---
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.216.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Sep 2021 01:06:22 GMT
via: 1.1 google
server: OXGW/16.216.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location: //us-u.openx.net/w/1.0/sd?id=537072968&val=52a2cf51-6e38-4e7d-a6a9-1d14e78bdb32
date: Thu, 16 Sep 2021 01:06:22 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H2

200

sd
eu-u.openx.net/w/1.0/ Frame 3115
Redirect Chain

https://ib.adnxs.com/getuid?https://eu-u.openx.net/w/1.0/sd?id=537072399&val=$UID
https://eu-u.openx.net/w/1.0/sd?id=537072399&val=692294473516701639

43 B
114 B

16ms
15ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?id=537072399&val=692294473516701639
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=85ac7b17-5271-4304-bcbc-5dddfff9683c&gdpr=0&us_privacy=1---
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.216.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Sep 2021 01:06:21 GMT
via: 1.1 google
server: OXGW/16.216.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 16 Sep 2021 01:06:21 GMT
X-Proxy-Origin: 216.131.114.43; 216.131.114.43; 536.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: c103649a-9a5b-49e5-b100-ff0486fcd28b
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://eu-u.openx.net/w/1.0/sd?id=537072399&val=692294473516701639
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

redir
rtb-csync.smartadserver.com/ Frame 3115
Redirect Chain

https://match.prod.bidr.io/cookie-sync/ox
https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFCWkRVN0NoVEVBQUIwZW5Fb2tUZw&bee_sync_partners=pm%2Cpp%2Csas%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&b...
https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pm%2Cpp%2Csas%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&bee_sync_hop_count=1
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AABZDU7ChTEAAB0enEokTg&r=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3...
https://match.prod.bidr.io/cookie-sync?bee_sync_partners=pp%2Csas%2Cox&bee_sync_current_partner=pm&bee_sync_initiator=adx&bee_sync_hop_count=2
https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AABZDU7ChTEAAB0enEokTg&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dsas%252Cox%26bee_sync_current_partner%3Dpp%2...
https://match.prod.bidr.io/cookie-sync?bee_sync_partners=sas%2Cox&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=3&ev=AABZDU7ChTEAAB0enEokTg&pid=558502&do=add
https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AABZDU7ChTEAAB0enEokTg&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dox%26bee_sync_current_part...

43 B
163 B

52ms
16ms

Image
image/gif

185.86.137.132
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AABZDU7ChTEAAB0enEokTg&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dox%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D4%26userid%3DSMART_USER_ID
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=85ac7b17-5271-4304-bcbc-5dddfff9683c&gdpr=0&us_privacy=1---
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.137.132 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 01:06:21 GMT
transfer-encoding: chunked
content-type: image/gif

Redirect headers

location: https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AABZDU7ChTEAAB0enEokTg&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dox%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D4%26userid%3DSMART_USER_ID
Date: Thu, 16 Sep 2021 01:06:21 GMT
Server: nginx
Connection: keep-alive
Content-Length: 0
strict-transport-security: max-age=2592000; includeSubDomains

GET
H2

200

sd
eu-u.openx.net/w/1.0/ Frame 3115
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=ce896142-988a-4000-9d86-8d6e6bdc91b4

43 B
106 B

19ms
19ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?id=536872786&val=ce896142-988a-4000-9d86-8d6e6bdc91b4
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=85ac7b17-5271-4304-bcbc-5dddfff9683c&gdpr=0&us_privacy=1---
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.216.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Sep 2021 01:06:21 GMT
via: 1.1 google
server: OXGW/16.216.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date: Thu, 16 Sep 2021 01:06:21 GMT
Server: MT3 3944 2bcb57b master cdg-pixel-x3 config:1.0.0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://eu-u.openx.net/w/1.0/sd?id=536872786&val=ce896142-988a-4000-9d86-8d6e6bdc91b4
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Thu, 16 Sep 2021 01:06:20 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 3115
Redirect Chain

https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=glKeWY1bkg-ZW8hS0AaHCYMBzl-ZAchbgleAOG8j

43 B
106 B

18ms
17ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=glKeWY1bkg-ZW8hS0AaHCYMBzl-ZAchbgleAOG8j
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=85ac7b17-5271-4304-bcbc-5dddfff9683c&gdpr=0&us_privacy=1---
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.216.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Sep 2021 01:06:21 GMT
via: 1.1 google
server: OXGW/16.216.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 16 Sep 2021 01:06:21 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location: https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=glKeWY1bkg-ZW8hS0AaHCYMBzl-ZAchbgleAOG8j
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2

200

sd
eu-u.openx.net/w/1.0/ Frame 3115
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=22
https://c1.adform.net/serving/cookie/match?CC=1&party=22
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=1434594805993852912

43 B
106 B

15ms
14ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?id=537113484&val=1434594805993852912
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=85ac7b17-5271-4304-bcbc-5dddfff9683c&gdpr=0&us_privacy=1---
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.216.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Sep 2021 01:06:21 GMT
via: 1.1 google
server: OXGW/16.216.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 16 Sep 2021 01:06:21 GMT
server: nginx
location: https://eu-u.openx.net/w/1.0/sd?id=537113484&val=1434594805993852912
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 200 openx
match.adsrvr.org/track/cmf/ Frame 3115 70 B
264 B 34ms
29ms Image
image/gif 76.223.111.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/openx?oxid=d5f902f8-cdd1-3c5b-57c4-aaca943b9169&gdpr=0
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=85ac7b17-5271-4304-bcbc-5dddfff9683c&gdpr=0&us_privacy=1---
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 76.223.111.131 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a97adde81b00f2ca4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Sep 2021 01:06:21 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H3 200 pixel
cm.g.doubleclick.net/ Frame 3115 170 B
188 B 19ms
16ms Image
image/png 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=Zjk5NmQxMzItMDRhNi02MmZmLTQyMjQtZjA3MzVlZDk1ZjA5

Requested by

Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=85ac7b17-5271-4304-bcbc-5dddfff9683c&gdpr=0&us_privacy=1---

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Sep 2021 01:06:21 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 3115
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEEjR4i6FdHookltyl9UVs38&google_cver=1

43 B
106 B

30ms
17ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEEjR4i6FdHookltyl9UVs38&google_cver=1
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=85ac7b17-5271-4304-bcbc-5dddfff9683c&gdpr=0&us_privacy=1---
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.216.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Sep 2021 01:06:21 GMT
via: 1.1 google
server: OXGW/16.216.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 16 Sep 2021 01:06:21 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEEjR4i6FdHookltyl9UVs38&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sd
eu-u.openx.net/w/1.0/ Frame 97D2
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_
https://pm.w55c.net/ping_match.gif?scc=1&ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_
https://eu-u.openx.net/w/1.0/sd?id=537072979&val=fU7PwUtk1MqFR35

43 B
106 B

18ms
17ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?id=537072979&val=fU7PwUtk1MqFR35
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=85ac7b17-5271-4304-bcbc-5dddfff9683c&gdpr=0&us_privacy=1---
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.216.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Sep 2021 01:06:21 GMT
via: 1.1 google
server: OXGW/16.216.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 16 Sep 2021 01:06:20 GMT
Server: PingMatch/8a430fa#rel-ec2-master i-0066ec59cc187b8a7@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Strict-Transport-Security: max-age=2592000; includeSubDomains
P3P: policyref="https://cts.w55c.net/ct/p3p_policy_ref.xml", CP="UNI PUR COM INT STA OTC STP OUR CUR TAIo COR DSP NOI"
Location: https://eu-u.openx.net/w/1.0/sd?id=537072979&val=fU7PwUtk1MqFR35
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 97D2
Redirect Chain

https://x.bidswitch.net/sync?ssp=openx
https://x.bidswitch.net/ul_cb/sync?ssp=openx
https://rtb.mfadsrvr.com/sync?ssp=bidswitch&bidswitch_ssp_id=openx&bsw_user_id=52a2cf51-6e38-4e7d-a6a9-1d14e78bdb32
https://rtb.mfadsrvr.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=openx&bsw_user_id=52a2cf51-6e38-4e7d-a6a9-1d14e78bdb32
https://x.bidswitch.net/sync?dsp_id=250&expires=14&user_id=63a736d0-29bc-43dd-b246-7518be62fa82&ssp=openx
https://us-u.openx.net/w/1.0/sd?id=537072968&val=52a2cf51-6e38-4e7d-a6a9-1d14e78bdb32

43 B
106 B

15ms
15ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072968&val=52a2cf51-6e38-4e7d-a6a9-1d14e78bdb32
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=85ac7b17-5271-4304-bcbc-5dddfff9683c&gdpr=0&us_privacy=1---
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.216.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Sep 2021 01:06:21 GMT
via: 1.1 google
server: OXGW/16.216.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location: //us-u.openx.net/w/1.0/sd?id=537072968&val=52a2cf51-6e38-4e7d-a6a9-1d14e78bdb32
date: Thu, 16 Sep 2021 01:06:21 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H2

200

sd
eu-u.openx.net/w/1.0/ Frame 97D2
Redirect Chain

https://ib.adnxs.com/getuid?https://eu-u.openx.net/w/1.0/sd?id=537072399&val=$UID
https://eu-u.openx.net/w/1.0/sd?id=537072399&val=692294473516701639

43 B
106 B

16ms
16ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?id=537072399&val=692294473516701639
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=85ac7b17-5271-4304-bcbc-5dddfff9683c&gdpr=0&us_privacy=1---
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.216.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Sep 2021 01:06:21 GMT
via: 1.1 google
server: OXGW/16.216.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 16 Sep 2021 01:06:21 GMT
X-Proxy-Origin: 216.131.114.43; 216.131.114.43; 536.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: d79cb0ad-3f84-4a1a-8923-de3764e61982
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://eu-u.openx.net/w/1.0/sd?id=537072399&val=692294473516701639
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

redir
rtb-csync.smartadserver.com/ Frame 97D2
Redirect Chain

https://match.prod.bidr.io/cookie-sync/ox
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AABZDU7ChTEAAB0enEokTg&r=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3...
https://match.prod.bidr.io/cookie-sync?bee_sync_partners=pp%2Csas%2Cox&bee_sync_current_partner=pm&bee_sync_initiator=ox&bee_sync_hop_count=1
https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AABZDU7ChTEAAB0enEokTg&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dsas%252Cox%26bee_sync_current_partner%3Dpp%2...
https://match.prod.bidr.io/cookie-sync?bee_sync_partners=sas%2Cox&bee_sync_current_partner=pp&bee_sync_initiator=ox&bee_sync_hop_count=2&ev=AABZDU7ChTEAAB0enEokTg&pid=558502&do=add
https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AABZDU7ChTEAAB0enEokTg&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dox%26bee_sync_current_part...

43 B
163 B

52ms
17ms

Image
image/gif

185.86.137.132
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AABZDU7ChTEAAB0enEokTg&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dox%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dox%26bee_sync_hop_count%3D3%26userid%3DSMART_USER_ID
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=85ac7b17-5271-4304-bcbc-5dddfff9683c&gdpr=0&us_privacy=1---
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.137.132 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 01:06:21 GMT
transfer-encoding: chunked
content-type: image/gif

Redirect headers

location: https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AABZDU7ChTEAAB0enEokTg&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dox%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dox%26bee_sync_hop_count%3D3%26userid%3DSMART_USER_ID
Date: Thu, 16 Sep 2021 01:06:21 GMT
Server: nginx
Connection: keep-alive
Content-Length: 0
strict-transport-security: max-age=2592000; includeSubDomains

GET
H2

200

sd
eu-u.openx.net/w/1.0/ Frame 97D2
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=ce896142-988a-4000-9d86-8d6e6bdc91b4

43 B
106 B

22ms
22ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?id=536872786&val=ce896142-988a-4000-9d86-8d6e6bdc91b4
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=85ac7b17-5271-4304-bcbc-5dddfff9683c&gdpr=0&us_privacy=1---
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.216.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Sep 2021 01:06:21 GMT
via: 1.1 google
server: OXGW/16.216.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date: Thu, 16 Sep 2021 01:06:21 GMT
Server: MT3 3944 2bcb57b master cdg-pixel-x25 config:1.0.0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://eu-u.openx.net/w/1.0/sd?id=536872786&val=ce896142-988a-4000-9d86-8d6e6bdc91b4
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Thu, 16 Sep 2021 01:06:20 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 97D2
Redirect Chain

https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=iAGhe4cIrS2TCPcojlO4ed8ArSqTCPct3Abv4zPp

43 B
106 B

18ms
17ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=iAGhe4cIrS2TCPcojlO4ed8ArSqTCPct3Abv4zPp
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=85ac7b17-5271-4304-bcbc-5dddfff9683c&gdpr=0&us_privacy=1---
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.216.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Sep 2021 01:06:21 GMT
via: 1.1 google
server: OXGW/16.216.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 16 Sep 2021 01:06:21 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location: https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=iAGhe4cIrS2TCPcojlO4ed8ArSqTCPct3Abv4zPp
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2

200

sd
eu-u.openx.net/w/1.0/ Frame 97D2
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=22
https://c1.adform.net/serving/cookie/match?CC=1&party=22
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=5127675554101310518

43 B
106 B

15ms
15ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?id=537113484&val=5127675554101310518
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=85ac7b17-5271-4304-bcbc-5dddfff9683c&gdpr=0&us_privacy=1---
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.216.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Sep 2021 01:06:21 GMT
via: 1.1 google
server: OXGW/16.216.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 16 Sep 2021 01:06:21 GMT
server: nginx
location: https://eu-u.openx.net/w/1.0/sd?id=537113484&val=5127675554101310518
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 200 openx
match.adsrvr.org/track/cmf/ Frame 97D2 70 B
264 B 35ms
28ms Image
image/gif 76.223.111.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/openx?oxid=d5f902f8-cdd1-3c5b-57c4-aaca943b9169&gdpr=0
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=85ac7b17-5271-4304-bcbc-5dddfff9683c&gdpr=0&us_privacy=1---
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 76.223.111.131 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a97adde81b00f2ca4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Sep 2021 01:06:21 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H3 200 pixel
cm.g.doubleclick.net/ Frame 97D2 170 B
188 B 19ms
16ms Image
image/png 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=Zjk5NmQxMzItMDRhNi02MmZmLTQyMjQtZjA3MzVlZDk1ZjA5

Requested by

Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=85ac7b17-5271-4304-bcbc-5dddfff9683c&gdpr=0&us_privacy=1---

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Sep 2021 01:06:21 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 97D2
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEEjR4i6FdHookltyl9UVs38&google_cver=1

43 B
106 B

31ms
18ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEEjR4i6FdHookltyl9UVs38&google_cver=1
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=85ac7b17-5271-4304-bcbc-5dddfff9683c&gdpr=0&us_privacy=1---
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.216.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Sep 2021 01:06:21 GMT
via: 1.1 google
server: OXGW/16.216.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 16 Sep 2021 01:06:21 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEEjR4i6FdHookltyl9UVs38&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sd
eu-u.openx.net/w/1.0/ Frame 5F87
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_
https://pm.w55c.net/ping_match.gif?scc=1&ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_
https://eu-u.openx.net/w/1.0/sd?id=537072979&val=fU7PwUtk1MqFR35

43 B
106 B

17ms
17ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?id=537072979&val=fU7PwUtk1MqFR35
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=85ac7b17-5271-4304-bcbc-5dddfff9683c&gdpr=0&us_privacy=1---
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.216.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Sep 2021 01:06:21 GMT
via: 1.1 google
server: OXGW/16.216.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 16 Sep 2021 01:06:20 GMT
Server: PingMatch/8a430fa#rel-ec2-master i-036989daef33ebbfa@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Strict-Transport-Security: max-age=2592000; includeSubDomains
P3P: policyref="https://cts.w55c.net/ct/p3p_policy_ref.xml", CP="UNI PUR COM INT STA OTC STP OUR CUR TAIo COR DSP NOI"
Location: https://eu-u.openx.net/w/1.0/sd?id=537072979&val=fU7PwUtk1MqFR35
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 5F87
Redirect Chain

https://x.bidswitch.net/sync?ssp=openx
https://x.bidswitch.net/ul_cb/sync?ssp=openx
https://ads.betweendigital.com/match?bidder_id=43092&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dopenx%26expires%3D30%26user_group%3D%24%7B...
https://ads.betweendigital.com/match?bidder_id=43092&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dopenx%26expires%3D30%26user_group%3D%24%7B...
https://x.bidswitch.net/sync?dsp_id=429&user_id=33e45775-5fc2-5203-bd7a-fb9edc386313&ssp=openx&expires=30&user_group=1
https://us-u.openx.net/w/1.0/sd?id=537072968&val=52a2cf51-6e38-4e7d-a6a9-1d14e78bdb32

43 B
106 B

15ms
14ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072968&val=52a2cf51-6e38-4e7d-a6a9-1d14e78bdb32
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=85ac7b17-5271-4304-bcbc-5dddfff9683c&gdpr=0&us_privacy=1---
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.216.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Sep 2021 01:06:21 GMT
via: 1.1 google
server: OXGW/16.216.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location: //us-u.openx.net/w/1.0/sd?id=537072968&val=52a2cf51-6e38-4e7d-a6a9-1d14e78bdb32
date: Thu, 16 Sep 2021 01:06:21 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H2

200

sd
eu-u.openx.net/w/1.0/ Frame 5F87
Redirect Chain

https://ib.adnxs.com/getuid?https://eu-u.openx.net/w/1.0/sd?id=537072399&val=$UID
https://eu-u.openx.net/w/1.0/sd?id=537072399&val=692294473516701639

43 B
106 B

17ms
17ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?id=537072399&val=692294473516701639
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=85ac7b17-5271-4304-bcbc-5dddfff9683c&gdpr=0&us_privacy=1---
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.216.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Sep 2021 01:06:21 GMT
via: 1.1 google
server: OXGW/16.216.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 16 Sep 2021 01:06:21 GMT
X-Proxy-Origin: 216.131.114.43; 216.131.114.43; 536.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: b220fdbf-07f2-44ca-a12c-013a966e506d
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://eu-u.openx.net/w/1.0/sd?id=537072399&val=692294473516701639
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

redir
rtb-csync.smartadserver.com/ Frame 5F87
Redirect Chain

https://match.prod.bidr.io/cookie-sync/ox
https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AABZDU7ChTEAAB0enEokTg&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dsas%252Cox%26bee_sync_current_partner%3Dpp%2...
https://match.prod.bidr.io/cookie-sync?bee_sync_partners=sas%2Cox&bee_sync_current_partner=pp&bee_sync_initiator=ox&bee_sync_hop_count=1&ev=AABZDU7ChTEAAB0enEokTg&pid=558502&do=add
https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AABZDU7ChTEAAB0enEokTg&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dox%26bee_sync_current_part...

43 B
163 B

18ms
17ms

Image
image/gif

185.86.137.132
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AABZDU7ChTEAAB0enEokTg&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dox%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dox%26bee_sync_hop_count%3D2%26userid%3DSMART_USER_ID
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=85ac7b17-5271-4304-bcbc-5dddfff9683c&gdpr=0&us_privacy=1---
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.137.132 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 01:06:21 GMT
transfer-encoding: chunked
content-type: image/gif

Redirect headers

location: https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AABZDU7ChTEAAB0enEokTg&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dox%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dox%26bee_sync_hop_count%3D2%26userid%3DSMART_USER_ID
Date: Thu, 16 Sep 2021 01:06:21 GMT
Server: nginx
Connection: keep-alive
Content-Length: 0
strict-transport-security: max-age=2592000; includeSubDomains

GET
H2

200

sd
eu-u.openx.net/w/1.0/ Frame 5F87
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=ce896142-988a-4000-9d86-8d6e6bdc91b4

43 B
106 B

19ms
17ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?id=536872786&val=ce896142-988a-4000-9d86-8d6e6bdc91b4
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=85ac7b17-5271-4304-bcbc-5dddfff9683c&gdpr=0&us_privacy=1---
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.216.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Sep 2021 01:06:21 GMT
via: 1.1 google
server: OXGW/16.216.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date: Thu, 16 Sep 2021 01:06:21 GMT
Server: MT3 3944 2bcb57b master cdg-pixel-x30 config:1.0.0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://eu-u.openx.net/w/1.0/sd?id=536872786&val=ce896142-988a-4000-9d86-8d6e6bdc91b4
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Thu, 16 Sep 2021 01:06:20 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 5F87
Redirect Chain

https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=jUwsy4JFIJ2WRXqYiUQ1yY5FKM2WSXrBikWJ7mNR

43 B
106 B

17ms
16ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=jUwsy4JFIJ2WRXqYiUQ1yY5FKM2WSXrBikWJ7mNR
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=85ac7b17-5271-4304-bcbc-5dddfff9683c&gdpr=0&us_privacy=1---
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.216.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Sep 2021 01:06:21 GMT
via: 1.1 google
server: OXGW/16.216.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 16 Sep 2021 01:06:21 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location: https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=jUwsy4JFIJ2WRXqYiUQ1yY5FKM2WSXrBikWJ7mNR
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2

200

sd
eu-u.openx.net/w/1.0/ Frame 5F87
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=22
https://c1.adform.net/serving/cookie/match?CC=1&party=22
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=1974670778981303957

43 B
106 B

16ms
15ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?id=537113484&val=1974670778981303957
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=85ac7b17-5271-4304-bcbc-5dddfff9683c&gdpr=0&us_privacy=1---
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.216.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Sep 2021 01:06:21 GMT
via: 1.1 google
server: OXGW/16.216.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 16 Sep 2021 01:06:21 GMT
server: nginx
location: https://eu-u.openx.net/w/1.0/sd?id=537113484&val=1974670778981303957
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 200 openx
match.adsrvr.org/track/cmf/ Frame 5F87 70 B
264 B 34ms
29ms Image
image/gif 76.223.111.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/openx?oxid=d5f902f8-cdd1-3c5b-57c4-aaca943b9169&gdpr=0
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=85ac7b17-5271-4304-bcbc-5dddfff9683c&gdpr=0&us_privacy=1---
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 76.223.111.131 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a97adde81b00f2ca4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Sep 2021 01:06:21 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H3 200 pixel
cm.g.doubleclick.net/ Frame 5F87 170 B
188 B 19ms
17ms Image
image/png 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=Zjk5NmQxMzItMDRhNi02MmZmLTQyMjQtZjA3MzVlZDk1ZjA5

Requested by

Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=85ac7b17-5271-4304-bcbc-5dddfff9683c&gdpr=0&us_privacy=1---

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Sep 2021 01:06:21 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 5F87
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEEjR4i6FdHookltyl9UVs38&google_cver=1

43 B
106 B

28ms
17ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEEjR4i6FdHookltyl9UVs38&google_cver=1
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=85ac7b17-5271-4304-bcbc-5dddfff9683c&gdpr=0&us_privacy=1---
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.216.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Sep 2021 01:06:21 GMT
via: 1.1 google
server: OXGW/16.216.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 16 Sep 2021 01:06:21 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEEjR4i6FdHookltyl9UVs38&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sd
eu-u.openx.net/w/1.0/ Frame C989
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_
https://pm.w55c.net/ping_match.gif?scc=1&ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_
https://eu-u.openx.net/w/1.0/sd?id=537072979&val=fU7PwUtk1MqFR35

43 B
106 B

17ms
17ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?id=537072979&val=fU7PwUtk1MqFR35
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=85ac7b17-5271-4304-bcbc-5dddfff9683c&gdpr=0&us_privacy=1---
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.216.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Sep 2021 01:06:21 GMT
via: 1.1 google
server: OXGW/16.216.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 16 Sep 2021 01:06:20 GMT
Server: PingMatch/8a430fa#rel-ec2-master i-0ab67c5d8ba5329d8@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Strict-Transport-Security: max-age=2592000; includeSubDomains
P3P: policyref="https://cts.w55c.net/ct/p3p_policy_ref.xml", CP="UNI PUR COM INT STA OTC STP OUR CUR TAIo COR DSP NOI"
Location: https://eu-u.openx.net/w/1.0/sd?id=537072979&val=fU7PwUtk1MqFR35
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sync
odr.mookie1.com/t/v2/ Frame C989
Redirect Chain

https://x.bidswitch.net/sync?ssp=openx
https://x.bidswitch.net/ul_cb/sync?ssp=openx
https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=52a2cf51-6e38-4e7d-a6a9-1d14e78bdb32&ssp=openx&gdpr=&gdpr_consent=

43 B
607 B

40ms
15ms

Image
image/gif

34.98.67.61
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=52a2cf51-6e38-4e7d-a6a9-1d14e78bdb32&ssp=openx&gdpr=&gdpr_consent=
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=85ac7b17-5271-4304-bcbc-5dddfff9683c&gdpr=0&us_privacy=1---
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.67.61 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 61.67.98.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Sep 2021 01:06:21 GMT
via: 1.1 google
server: Apache
p3p: CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif;charset=UTF-8
alt-svc: clear
content-length: 43
x-application-context: application
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: //odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=52a2cf51-6e38-4e7d-a6a9-1d14e78bdb32&ssp=openx&gdpr=&gdpr_consent=
date: Thu, 16 Sep 2021 01:06:21 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H2

200

sd
eu-u.openx.net/w/1.0/ Frame C989
Redirect Chain

https://ib.adnxs.com/getuid?https://eu-u.openx.net/w/1.0/sd?id=537072399&val=$UID
https://eu-u.openx.net/w/1.0/sd?id=537072399&val=692294473516701639

43 B
106 B

23ms
23ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?id=537072399&val=692294473516701639
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=85ac7b17-5271-4304-bcbc-5dddfff9683c&gdpr=0&us_privacy=1---
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.216.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Sep 2021 01:06:21 GMT
via: 1.1 google
server: OXGW/16.216.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 16 Sep 2021 01:06:21 GMT
X-Proxy-Origin: 216.131.114.43; 216.131.114.43; 536.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: f397bc66-176c-4aa2-9fe5-77f49480d5b8
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://eu-u.openx.net/w/1.0/sd?id=537072399&val=692294473516701639
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

redir
rtb-csync.smartadserver.com/ Frame C989
Redirect Chain

https://match.prod.bidr.io/cookie-sync/ox
https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AABZDU7ChTEAAB0enEokTg&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dsas%252Cox%26bee_sync_current_partner%3Dpp%2...
https://match.prod.bidr.io/cookie-sync?bee_sync_partners=sas%2Cox&bee_sync_current_partner=pp&bee_sync_initiator=ox&bee_sync_hop_count=1&ev=AABZDU7ChTEAAB0enEokTg&pid=558502&do=add
https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AABZDU7ChTEAAB0enEokTg&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dox%26bee_sync_current_part...

43 B
163 B

35ms
17ms

Image
image/gif

185.86.137.132
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AABZDU7ChTEAAB0enEokTg&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dox%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dox%26bee_sync_hop_count%3D2%26userid%3DSMART_USER_ID
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=85ac7b17-5271-4304-bcbc-5dddfff9683c&gdpr=0&us_privacy=1---
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.137.132 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 01:06:21 GMT
transfer-encoding: chunked
content-type: image/gif

Redirect headers

location: https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AABZDU7ChTEAAB0enEokTg&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dox%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dox%26bee_sync_hop_count%3D2%26userid%3DSMART_USER_ID
Date: Thu, 16 Sep 2021 01:06:21 GMT
Server: nginx
Connection: keep-alive
Content-Length: 0
strict-transport-security: max-age=2592000; includeSubDomains

GET
H2

200

sd
eu-u.openx.net/w/1.0/ Frame C989
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=ce896142-988a-4000-9d86-8d6e6bdc91b4

43 B
106 B

17ms
16ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?id=536872786&val=ce896142-988a-4000-9d86-8d6e6bdc91b4
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=85ac7b17-5271-4304-bcbc-5dddfff9683c&gdpr=0&us_privacy=1---
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.216.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Sep 2021 01:06:21 GMT
via: 1.1 google
server: OXGW/16.216.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date: Thu, 16 Sep 2021 01:06:21 GMT
Server: MT3 3944 2bcb57b master cdg-pixel-x24 config:1.0.0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://eu-u.openx.net/w/1.0/sd?id=536872786&val=ce896142-988a-4000-9d86-8d6e6bdc91b4
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Thu, 16 Sep 2021 01:06:20 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame C989
Redirect Chain

https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=vv3-ebH08i-l9Khy7K7nLrGu_XmlqPtzuPmt85nz

43 B
106 B

17ms
17ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=vv3-ebH08i-l9Khy7K7nLrGu_XmlqPtzuPmt85nz
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=85ac7b17-5271-4304-bcbc-5dddfff9683c&gdpr=0&us_privacy=1---
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.216.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Sep 2021 01:06:21 GMT
via: 1.1 google
server: OXGW/16.216.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 16 Sep 2021 01:06:21 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location: https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=vv3-ebH08i-l9Khy7K7nLrGu_XmlqPtzuPmt85nz
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2

200

sd
eu-u.openx.net/w/1.0/ Frame C989
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=22
https://c1.adform.net/serving/cookie/match?CC=1&party=22
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=5754003166861353392

43 B
106 B

15ms
14ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?id=537113484&val=5754003166861353392
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=85ac7b17-5271-4304-bcbc-5dddfff9683c&gdpr=0&us_privacy=1---
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.216.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Sep 2021 01:06:21 GMT
via: 1.1 google
server: OXGW/16.216.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 16 Sep 2021 01:06:21 GMT
server: nginx
location: https://eu-u.openx.net/w/1.0/sd?id=537113484&val=5754003166861353392
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 200 openx
match.adsrvr.org/track/cmf/ Frame C989 70 B
264 B 34ms
30ms Image
image/gif 76.223.111.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/openx?oxid=d5f902f8-cdd1-3c5b-57c4-aaca943b9169&gdpr=0
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=85ac7b17-5271-4304-bcbc-5dddfff9683c&gdpr=0&us_privacy=1---
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 76.223.111.131 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a97adde81b00f2ca4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Sep 2021 01:06:21 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H3 200 pixel
cm.g.doubleclick.net/ Frame C989 170 B
188 B 19ms
16ms Image
image/png 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=Zjk5NmQxMzItMDRhNi02MmZmLTQyMjQtZjA3MzVlZDk1ZjA5

Requested by

Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=85ac7b17-5271-4304-bcbc-5dddfff9683c&gdpr=0&us_privacy=1---

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Sep 2021 01:06:21 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame C989
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEEjR4i6FdHookltyl9UVs38&google_cver=1

43 B
106 B

16ms
16ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEEjR4i6FdHookltyl9UVs38&google_cver=1
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=85ac7b17-5271-4304-bcbc-5dddfff9683c&gdpr=0&us_privacy=1---
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.216.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Sep 2021 01:06:21 GMT
via: 1.1 google
server: OXGW/16.216.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 16 Sep 2021 01:06:21 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEEjR4i6FdHookltyl9UVs38&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sd
eu-u.openx.net/w/1.0/ Frame 7D16
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_
https://pm.w55c.net/ping_match.gif?scc=1&ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_
https://eu-u.openx.net/w/1.0/sd?id=537072979&val=fU7PwUtk1MqFR35

43 B
106 B

17ms
17ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?id=537072979&val=fU7PwUtk1MqFR35
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=85ac7b17-5271-4304-bcbc-5dddfff9683c&gdpr=0&us_privacy=1---
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.216.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Sep 2021 01:06:21 GMT
via: 1.1 google
server: OXGW/16.216.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 16 Sep 2021 01:06:21 GMT
Server: PingMatch/8a430fa#rel-ec2-master i-0f1a9d8b7eed06fb2@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Strict-Transport-Security: max-age=2592000; includeSubDomains
P3P: policyref="https://cts.w55c.net/ct/p3p_policy_ref.xml", CP="UNI PUR COM INT STA OTC STP OUR CUR TAIo COR DSP NOI"
Location: https://eu-u.openx.net/w/1.0/sd?id=537072979&val=fU7PwUtk1MqFR35
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 7D16
Redirect Chain

https://x.bidswitch.net/sync?ssp=openx
https://x.bidswitch.net/ul_cb/sync?ssp=openx
https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=openx&bsw_custom_parameter=52a2cf51-6e38-4e7d-a6a9-1d14e78bdb32
https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=openx&bsw_custom_parameter=52a2cf51-6e38-4e7d-a6a9-1d14e78bdb32
https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=8eea97ea-48c1-419d-9e54-1fb4bdc8abb2&user_group=1&ssp=openx&bsw_param=52a2cf51-6e38-4e7d-a6a9-1d14e78bdb32
https://us-u.openx.net/w/1.0/sd?id=537072968&val=52a2cf51-6e38-4e7d-a6a9-1d14e78bdb32

43 B
106 B

15ms
15ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072968&val=52a2cf51-6e38-4e7d-a6a9-1d14e78bdb32
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=85ac7b17-5271-4304-bcbc-5dddfff9683c&gdpr=0&us_privacy=1---
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.216.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Sep 2021 01:06:22 GMT
via: 1.1 google
server: OXGW/16.216.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location: //us-u.openx.net/w/1.0/sd?id=537072968&val=52a2cf51-6e38-4e7d-a6a9-1d14e78bdb32
date: Thu, 16 Sep 2021 01:06:22 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H2

200

sd
eu-u.openx.net/w/1.0/ Frame 7D16
Redirect Chain

https://ib.adnxs.com/getuid?https://eu-u.openx.net/w/1.0/sd?id=537072399&val=$UID
https://eu-u.openx.net/w/1.0/sd?id=537072399&val=692294473516701639

43 B
106 B

23ms
23ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?id=537072399&val=692294473516701639
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=85ac7b17-5271-4304-bcbc-5dddfff9683c&gdpr=0&us_privacy=1---
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.216.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Sep 2021 01:06:21 GMT
via: 1.1 google
server: OXGW/16.216.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 16 Sep 2021 01:06:21 GMT
X-Proxy-Origin: 216.131.114.43; 216.131.114.43; 536.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: 39decc4f-f261-4f84-9dfc-91838139952d
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://eu-u.openx.net/w/1.0/sd?id=537072399&val=692294473516701639
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

redir
rtb-csync.smartadserver.com/ Frame 7D16
Redirect Chain

https://match.prod.bidr.io/cookie-sync/ox
https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AABZDU7ChTEAAB0enEokTg&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dox%26bee_sync_current_part...

43 B
163 B

51ms
16ms

Image
image/gif

185.86.137.132
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AABZDU7ChTEAAB0enEokTg&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dox%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dox%26bee_sync_hop_count%3D1%26userid%3DSMART_USER_ID
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=85ac7b17-5271-4304-bcbc-5dddfff9683c&gdpr=0&us_privacy=1---
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.137.132 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 01:06:20 GMT
transfer-encoding: chunked
content-type: image/gif

Redirect headers

location: https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AABZDU7ChTEAAB0enEokTg&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dox%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dox%26bee_sync_hop_count%3D1%26userid%3DSMART_USER_ID
Date: Thu, 16 Sep 2021 01:06:21 GMT
Server: nginx
Connection: keep-alive
Content-Length: 0
strict-transport-security: max-age=2592000; includeSubDomains

GET
H2

200

sd
eu-u.openx.net/w/1.0/ Frame 7D16
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=ce896142-988a-4000-9d86-8d6e6bdc91b4

43 B
106 B

17ms
16ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?id=536872786&val=ce896142-988a-4000-9d86-8d6e6bdc91b4
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=85ac7b17-5271-4304-bcbc-5dddfff9683c&gdpr=0&us_privacy=1---
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.216.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Sep 2021 01:06:21 GMT
via: 1.1 google
server: OXGW/16.216.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date: Thu, 16 Sep 2021 01:06:21 GMT
Server: MT3 3944 2bcb57b master cdg-pixel-x12 config:1.0.0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://eu-u.openx.net/w/1.0/sd?id=536872786&val=ce896142-988a-4000-9d86-8d6e6bdc91b4
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Thu, 16 Sep 2021 01:06:20 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 7D16
Redirect Chain

https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=ghppKI0TZX6ZEz970B9wedASOyqZT2gugRO5EC24

43 B
106 B

17ms
17ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=ghppKI0TZX6ZEz970B9wedASOyqZT2gugRO5EC24
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=85ac7b17-5271-4304-bcbc-5dddfff9683c&gdpr=0&us_privacy=1---
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.216.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Sep 2021 01:06:21 GMT
via: 1.1 google
server: OXGW/16.216.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 16 Sep 2021 01:06:21 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location: https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=ghppKI0TZX6ZEz970B9wedASOyqZT2gugRO5EC24
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2

200

sd
eu-u.openx.net/w/1.0/ Frame 7D16
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=22
https://c1.adform.net/serving/cookie/match?CC=1&party=22
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=9143517528726174768

43 B
106 B

16ms
15ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?id=537113484&val=9143517528726174768
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=85ac7b17-5271-4304-bcbc-5dddfff9683c&gdpr=0&us_privacy=1---
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.216.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Sep 2021 01:06:21 GMT
via: 1.1 google
server: OXGW/16.216.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 16 Sep 2021 01:06:21 GMT
server: nginx
location: https://eu-u.openx.net/w/1.0/sd?id=537113484&val=9143517528726174768
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 200 openx
match.adsrvr.org/track/cmf/ Frame 7D16 70 B
264 B 31ms
29ms Image
image/gif 76.223.111.131
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/openx?oxid=d5f902f8-cdd1-3c5b-57c4-aaca943b9169&gdpr=0
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=85ac7b17-5271-4304-bcbc-5dddfff9683c&gdpr=0&us_privacy=1---
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 76.223.111.131 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a97adde81b00f2ca4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Sep 2021 01:06:21 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H3 200 pixel
cm.g.doubleclick.net/ Frame 7D16 170 B
188 B 18ms
16ms Image
image/png 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=Zjk5NmQxMzItMDRhNi02MmZmLTQyMjQtZjA3MzVlZDk1ZjA5

Requested by

Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=85ac7b17-5271-4304-bcbc-5dddfff9683c&gdpr=0&us_privacy=1---

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Sep 2021 01:06:21 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 7D16
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEEjR4i6FdHookltyl9UVs38&google_cver=1

43 B
106 B

19ms
19ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEEjR4i6FdHookltyl9UVs38&google_cver=1
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=85ac7b17-5271-4304-bcbc-5dddfff9683c&gdpr=0&us_privacy=1---
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.216.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Sep 2021 01:06:21 GMT
via: 1.1 google
server: OXGW/16.216.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 16 Sep 2021 01:06:21 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEEjR4i6FdHookltyl9UVs38&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame AC30
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=12776
https://eus.rubiconproject.com/usync.html?p=12776

281 B
554 B

47ms
7ms

Document
text/html

23.37.42.132
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=12776
Requested by: Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?ccpa=1---
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-42-132.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Host: eus.rubiconproject.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://cdn.undertone.com/
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.undertone.com/

Response headers

Server: Apache/2.2.15 (CentOS)
Last-Modified: Tue, 23 Feb 2021 20:47:52 GMT
ETag: "402b0-119-5bc0708346e00"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Thu, 16 Sep 2021 01:06:21 GMT
Connection: keep-alive
Vary: Accept-Encoding

Redirect headers

Server: AkamaiGHost
Content-Length: 0
Location: https://eus.rubiconproject.com/usync.html?p=12776
Date: Thu, 16 Sep 2021 01:06:21 GMT
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *

GET
H/1.1

200
OK

sync
usr.undertone.com/userPixel/ Frame A0E1
Redirect Chain

https://ib.adnxs.com/getuidnb?https://usr.undertone.com/userPixel/sync?partner=appnexus&uid=$UID
https://usr.undertone.com/userPixel/sync?partner=appnexus&uid=692294473516701639

0
154 B

552ms
95ms

Image
text/plain

107.23.252.174
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usr.undertone.com/userPixel/sync?partner=appnexus&uid=692294473516701639
Requested by: Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?ccpa=1---
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 107.23.252.174 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-107-23-252-174.compute-1.amazonaws.com
Software: istio-envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.undertone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 01:06:21 GMT
x-envoy-upstream-service-time: 1
server: istio-envoy
Connection: keep-alive
Content-Length: 0

Redirect headers

Pragma: no-cache
Date: Thu, 16 Sep 2021 01:06:21 GMT
X-Proxy-Origin: 216.131.114.43; 216.131.114.43; 536.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: 9aa0a97a-bc54-4703-b743-47796ffc15be
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://usr.undertone.com/userPixel/sync?partner=appnexus&uid=692294473516701639
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

sync
usr.undertone.com/userPixel/ Frame A0E1
Redirect Chain

https://us-u.openx.net/w/1.0/cm?id=fba3d144-1026-4d31-a758-943b9545e305&r=https://usr.undertone.com/userPixel/sync?partnerId=39&uid=
https://usr.undertone.com/userPixel/sync?partnerId=39&uid=9e9465df-cd7e-0038-3d41-b50d6397b13b

0
308 B

604ms
112ms

Image
text/plain

107.23.252.174
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usr.undertone.com/userPixel/sync?partnerId=39&uid=9e9465df-cd7e-0038-3d41-b50d6397b13b
Requested by: Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?ccpa=1---
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 107.23.252.174 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-107-23-252-174.compute-1.amazonaws.com
Software: istio-envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.undertone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 01:06:22 GMT
x-envoy-upstream-service-time: 1
server: istio-envoy
Connection: keep-alive
Content-Length: 0

Redirect headers

date: Thu, 16 Sep 2021 01:06:21 GMT
content-encoding: gzip
server: OXGW/16.216.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://usr.undertone.com/userPixel/sync?partnerId=39&uid=9e9465df-cd7e-0038-3d41-b50d6397b13b
content-type: image/gif
alt-svc: clear
content-length: 0
via: 1.1 google

GET
H/1.1

200
OK

sync
usr.undertone.com/userPixel/ Frame A0E1
Redirect Chain

https://pixel.advertising.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true
https://pixel.advertising.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true&verify=true
https://ups.analytics.yahoo.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true&apid=UP4e4a9096-168a-11ec-a15f-06be1e67faf8
https://ups.analytics.yahoo.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true&apid=UP4e4a9096-168a-11ec-a15f-06be1e67faf8&verify=true
https://usr.undertone.com/userPixel/sync?partner=verizon&uid=y-JTczcgBE2uEigM905Qi4TJPU_84MUuvW~A~UP4e4a9096-168a-11ec-a15f-06be1e67faf8

0
154 B

495ms
111ms

Image
text/plain

107.23.252.174
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usr.undertone.com/userPixel/sync?partner=verizon&uid=y-JTczcgBE2uEigM905Qi4TJPU_84MUuvW~A~UP4e4a9096-168a-11ec-a15f-06be1e67faf8
Requested by: Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?ccpa=1---
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 107.23.252.174 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-107-23-252-174.compute-1.amazonaws.com
Software: istio-envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.undertone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 01:06:21 GMT
x-envoy-upstream-service-time: 1
server: istio-envoy
Connection: keep-alive
Content-Length: 0

Redirect headers

Date: Thu, 16 Sep 2021 01:06:21 GMT
Server: ATS/7.1.2.138
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location: https://usr.undertone.com/userPixel/sync?partner=verizon&uid=y-JTczcgBE2uEigM905Qi4TJPU_84MUuvW~A~UP4e4a9096-168a-11ec-a15f-06be1e67faf8
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200
OK

sync
usr.undertone.com/userPixel/ Frame A0E1
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=sirnsvg&ttd_tpi=1&gdpr=0&gdpr_consent=
https://usr.undertone.com/userPixel/sync?partner=ttd&uid=a15bdabb-c3aa-4c50-8f55-12df19c523a9&ttl=1634346381

0
154 B

633ms
96ms

Image
text/plain

107.23.252.174
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usr.undertone.com/userPixel/sync?partner=ttd&uid=a15bdabb-c3aa-4c50-8f55-12df19c523a9&ttl=1634346381
Requested by: Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?ccpa=1---
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 107.23.252.174 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-107-23-252-174.compute-1.amazonaws.com
Software: istio-envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.undertone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 01:06:21 GMT
x-envoy-upstream-service-time: 1
server: istio-envoy
Connection: keep-alive
Content-Length: 0

Redirect headers

pragma: no-cache
date: Thu, 16 Sep 2021 01:06:21 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://usr.undertone.com/userPixel/sync?partner=ttd&uid=a15bdabb-c3aa-4c50-8f55-12df19c523a9&ttl=1634346381
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 247

GET
H/1.1 204
No Content sync.php
pixel.rubiconproject.com/exchange/ Frame A0E1 0
239 B 36ms
9ms Image
image/gif 69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/exchange/sync.php?p=12776
Requested by: Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?ccpa=1---
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.undertone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 3bafef7aa4e37890defcd73f0a080481
Content-Type: image/gif

GET
H/1.1

200
OK

sync
usr.undertone.com/userPixel/ Frame A0E1
Redirect Chain

https://cs.admanmedia.com/sync/undertone?url=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3Fpartner%3Dacuityads%26uid%3D%24UID
https://usr.undertone.com/userPixel/sync?partner=acuityads&uid=b98b70f4a2063717c189127beac962f31ae76653

0
154 B

644ms
94ms

Image
text/plain

107.23.252.174
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usr.undertone.com/userPixel/sync?partner=acuityads&uid=b98b70f4a2063717c189127beac962f31ae76653
Requested by: Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?ccpa=1---
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 107.23.252.174 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-107-23-252-174.compute-1.amazonaws.com
Software: istio-envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.undertone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 01:06:21 GMT
x-envoy-upstream-service-time: 0
server: istio-envoy
Connection: keep-alive
Content-Length: 0

Redirect headers

Location: https://usr.undertone.com/userPixel/sync?partner=acuityads&uid=b98b70f4a2063717c189127beac962f31ae76653
Date: Thu, 16 Sep 2021 01:06:21 GMT
Transfer-Encoding: chunked
Server: nginx
Connection: keep-alive
X-Frame-Options: DENY
Strict-Transport-Security: max-age=63072000; includeSubdomains; preload

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame A0E1
Redirect Chain

https://image8.pubmatic.com/AdServer/ImgSync?p=160318&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160318%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fusr.undertone...
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=OUQzNUEwNzQtNDQ1My00OEQzLTgxOEUtMDExNzE4MjRGMjk1&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_cons...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=4e8cc9c6-168a-11ec-98c6-97c9ff4101b8&gdpr=0&gdpr_consent=

1 B
215 B

17ms
17ms

Image
text/html

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=4e8cc9c6-168a-11ec-98c6-97c9ff4101b8&gdpr=0&gdpr_consent=
Requested by: Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?ccpa=1---
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.undertone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 01:06:22 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug009:0:507
server: nginx
content-type: text/html; charset=utf-8
content-length: 1
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=4e8cc9c6-168a-11ec-98c6-97c9ff4101b8&gdpr=0&gdpr_consent=
Date: Thu, 16 Sep 2021 01:06:21 GMT
Server: Apache-Coyote/1.1
Connection: keep-alive
Content-Length: 0
X-CI-RTID: 4e8cc9c7-168a-11ec-98c6-97c9ff4101b8

GET
H/1.1

200
OK

sync
usr.undertone.com/userPixel/ Frame 7F92
Redirect Chain

https://ib.adnxs.com/getuidnb?https://usr.undertone.com/userPixel/sync?partner=appnexus&uid=$UID
https://usr.undertone.com/userPixel/sync?partner=appnexus&uid=692294473516701639

0
154 B

560ms
97ms

Image
text/plain

107.23.252.174
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usr.undertone.com/userPixel/sync?partner=appnexus&uid=692294473516701639
Requested by: Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?ccpa=1---
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 107.23.252.174 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-107-23-252-174.compute-1.amazonaws.com
Software: istio-envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.undertone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 01:06:22 GMT
x-envoy-upstream-service-time: 1
server: istio-envoy
Connection: keep-alive
Content-Length: 0

Redirect headers

Pragma: no-cache
Date: Thu, 16 Sep 2021 01:06:21 GMT
X-Proxy-Origin: 216.131.114.43; 216.131.114.43; 536.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: 2e059bb2-4298-4301-9eaf-8338314bed0a
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://usr.undertone.com/userPixel/sync?partner=appnexus&uid=692294473516701639
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

sync
usr.undertone.com/userPixel/ Frame 7F92
Redirect Chain

https://us-u.openx.net/w/1.0/cm?id=fba3d144-1026-4d31-a758-943b9545e305&r=https://usr.undertone.com/userPixel/sync?partnerId=39&uid=
https://usr.undertone.com/userPixel/sync?partnerId=39&uid=9e9465df-cd7e-0038-3d41-b50d6397b13b

0
308 B

636ms
95ms

Image
text/plain

107.23.252.174
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usr.undertone.com/userPixel/sync?partnerId=39&uid=9e9465df-cd7e-0038-3d41-b50d6397b13b
Requested by: Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?ccpa=1---
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 107.23.252.174 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-107-23-252-174.compute-1.amazonaws.com
Software: istio-envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.undertone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 01:06:21 GMT
x-envoy-upstream-service-time: 1
server: istio-envoy
Connection: keep-alive
Content-Length: 0

Redirect headers

date: Thu, 16 Sep 2021 01:06:21 GMT
content-encoding: gzip
server: OXGW/16.216.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://usr.undertone.com/userPixel/sync?partnerId=39&uid=9e9465df-cd7e-0038-3d41-b50d6397b13b
content-type: image/gif
alt-svc: clear
content-length: 0
via: 1.1 google

GET
H/1.1

200
OK

sync
usr.undertone.com/userPixel/ Frame 7F92
Redirect Chain

https://pixel.advertising.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true
https://pixel.advertising.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true&verify=true
https://ups.analytics.yahoo.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true&apid=UP4e4a9096-168a-11ec-a15f-06be1e67faf8
https://ups.analytics.yahoo.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true&apid=UP4e4a9096-168a-11ec-a15f-06be1e67faf8&verify=true
https://usr.undertone.com/userPixel/sync?partner=verizon&uid=y-JTczcgBE2uEigM905Qi4TJPU_84MUuvW~A~UP4e4a9096-168a-11ec-a15f-06be1e67faf8

0
154 B

511ms
94ms

Image
text/plain

107.23.252.174
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usr.undertone.com/userPixel/sync?partner=verizon&uid=y-JTczcgBE2uEigM905Qi4TJPU_84MUuvW~A~UP4e4a9096-168a-11ec-a15f-06be1e67faf8
Requested by: Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?ccpa=1---
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 107.23.252.174 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-107-23-252-174.compute-1.amazonaws.com
Software: istio-envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.undertone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 01:06:22 GMT
x-envoy-upstream-service-time: 1
server: istio-envoy
Connection: keep-alive
Content-Length: 0

Redirect headers

Date: Thu, 16 Sep 2021 01:06:21 GMT
Server: ATS/7.1.2.138
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location: https://usr.undertone.com/userPixel/sync?partner=verizon&uid=y-JTczcgBE2uEigM905Qi4TJPU_84MUuvW~A~UP4e4a9096-168a-11ec-a15f-06be1e67faf8
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200
OK

sync
usr.undertone.com/userPixel/ Frame 7F92
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=sirnsvg&ttd_tpi=1&gdpr=0&gdpr_consent=
https://usr.undertone.com/userPixel/sync?partner=ttd&uid=a15bdabb-c3aa-4c50-8f55-12df19c523a9&ttl=1634346381

0
154 B

632ms
97ms

Image
text/plain

107.23.252.174
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usr.undertone.com/userPixel/sync?partner=ttd&uid=a15bdabb-c3aa-4c50-8f55-12df19c523a9&ttl=1634346381
Requested by: Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?ccpa=1---
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 107.23.252.174 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-107-23-252-174.compute-1.amazonaws.com
Software: istio-envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.undertone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 01:06:22 GMT
x-envoy-upstream-service-time: 1
server: istio-envoy
Connection: keep-alive
Content-Length: 0

Redirect headers

pragma: no-cache
date: Thu, 16 Sep 2021 01:06:21 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://usr.undertone.com/userPixel/sync?partner=ttd&uid=a15bdabb-c3aa-4c50-8f55-12df19c523a9&ttl=1634346381
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 247

GET
H/1.1 204
No Content sync.php
pixel.rubiconproject.com/exchange/ Frame 7F92 0
239 B 40ms
14ms Image
image/gif 69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/exchange/sync.php?p=12776
Requested by: Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?ccpa=1---
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.undertone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 3bafef7aa4e37890defcd73f0a080481
Content-Type: image/gif

GET
H/1.1

200
OK

sync
usr.undertone.com/userPixel/ Frame 7F92
Redirect Chain

https://cs.admanmedia.com/sync/undertone?url=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3Fpartner%3Dacuityads%26uid%3D%24UID
https://usr.undertone.com/userPixel/sync?partner=acuityads&uid=b98b70f4a2063717c189127beac962f31ae76653

0
154 B

648ms
111ms

Image
text/plain

107.23.252.174
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usr.undertone.com/userPixel/sync?partner=acuityads&uid=b98b70f4a2063717c189127beac962f31ae76653
Requested by: Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?ccpa=1---
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 107.23.252.174 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-107-23-252-174.compute-1.amazonaws.com
Software: istio-envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.undertone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 01:06:22 GMT
x-envoy-upstream-service-time: 1
server: istio-envoy
Connection: keep-alive
Content-Length: 0

Redirect headers

Location: https://usr.undertone.com/userPixel/sync?partner=acuityads&uid=b98b70f4a2063717c189127beac962f31ae76653
Date: Thu, 16 Sep 2021 01:06:21 GMT
Transfer-Encoding: chunked
Server: nginx
Connection: keep-alive
X-Frame-Options: DENY
Strict-Transport-Security: max-age=63072000; includeSubdomains; preload

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 7F92
Redirect Chain

https://image8.pubmatic.com/AdServer/ImgSync?p=160318&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160318%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fusr.undertone...
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=OUQzNUEwNzQtNDQ1My00OEQzLTgxOEUtMDExNzE4MjRGMjk1&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_cons...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=4e8b69b1-168a-11ec-a77e-9f41112daab4&gdpr=0&gdpr_consent=

1 B
215 B

17ms
17ms

Image
text/html

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=4e8b69b1-168a-11ec-a77e-9f41112daab4&gdpr=0&gdpr_consent=
Requested by: Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?ccpa=1---
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.undertone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 01:06:22 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug011:0:464
server: nginx
content-type: text/html; charset=utf-8
content-length: 1
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=4e8b69b1-168a-11ec-a77e-9f41112daab4&gdpr=0&gdpr_consent=
Date: Thu, 16 Sep 2021 01:06:21 GMT
Server: Apache-Coyote/1.1
Connection: keep-alive
Content-Length: 0
X-CI-RTID: 4e8b69b2-168a-11ec-a77e-9f41112daab4

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame 7EE9
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=12776
https://eus.rubiconproject.com/usync.html?p=12776

281 B
554 B

46ms
6ms

Document
text/html

23.37.42.132
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=12776
Requested by: Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?ccpa=1---
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-42-132.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Host: eus.rubiconproject.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://cdn.undertone.com/
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.undertone.com/

Response headers

Server: Apache/2.2.15 (CentOS)
Last-Modified: Tue, 23 Feb 2021 20:47:52 GMT
ETag: "402b0-119-5bc0708346e00"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Thu, 16 Sep 2021 01:06:21 GMT
Connection: keep-alive
Vary: Accept-Encoding

Redirect headers

Server: AkamaiGHost
Content-Length: 0
Location: https://eus.rubiconproject.com/usync.html?p=12776
Date: Thu, 16 Sep 2021 01:06:21 GMT
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *

GET
H/1.1

200
OK

sync
usr.undertone.com/userPixel/ Frame FC07
Redirect Chain

https://ib.adnxs.com/getuidnb?https://usr.undertone.com/userPixel/sync?partner=appnexus&uid=$UID
https://usr.undertone.com/userPixel/sync?partner=appnexus&uid=692294473516701639

0
154 B

562ms
99ms

Image
text/plain

107.23.252.174
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usr.undertone.com/userPixel/sync?partner=appnexus&uid=692294473516701639
Requested by: Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?ccpa=1---
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 107.23.252.174 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-107-23-252-174.compute-1.amazonaws.com
Software: istio-envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.undertone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 01:06:21 GMT
x-envoy-upstream-service-time: 1
server: istio-envoy
Connection: keep-alive
Content-Length: 0

Redirect headers

Pragma: no-cache
Date: Thu, 16 Sep 2021 01:06:21 GMT
X-Proxy-Origin: 216.131.114.43; 216.131.114.43; 536.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: 3d790a4e-0510-4263-b029-884b01b83397
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://usr.undertone.com/userPixel/sync?partner=appnexus&uid=692294473516701639
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

sync
usr.undertone.com/userPixel/ Frame FC07
Redirect Chain

https://us-u.openx.net/w/1.0/cm?id=fba3d144-1026-4d31-a758-943b9545e305&r=https://usr.undertone.com/userPixel/sync?partnerId=39&uid=
https://usr.undertone.com/userPixel/sync?partnerId=39&uid=9e9465df-cd7e-0038-3d41-b50d6397b13b

0
308 B

637ms
95ms

Image
text/plain

107.23.252.174
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usr.undertone.com/userPixel/sync?partnerId=39&uid=9e9465df-cd7e-0038-3d41-b50d6397b13b
Requested by: Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?ccpa=1---
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 107.23.252.174 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-107-23-252-174.compute-1.amazonaws.com
Software: istio-envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.undertone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 01:06:21 GMT
x-envoy-upstream-service-time: 1
server: istio-envoy
Connection: keep-alive
Content-Length: 0

Redirect headers

date: Thu, 16 Sep 2021 01:06:21 GMT
content-encoding: gzip
server: OXGW/16.216.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://usr.undertone.com/userPixel/sync?partnerId=39&uid=9e9465df-cd7e-0038-3d41-b50d6397b13b
content-type: image/gif
alt-svc: clear
content-length: 0
via: 1.1 google

GET
H/1.1

200
OK

sync
usr.undertone.com/userPixel/ Frame FC07
Redirect Chain

https://pixel.advertising.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true
https://pixel.advertising.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true&verify=true
https://ups.analytics.yahoo.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true&apid=UP4e4a9096-168a-11ec-a15f-06be1e67faf8
https://ups.analytics.yahoo.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true&apid=UP4e4a9096-168a-11ec-a15f-06be1e67faf8&verify=true
https://usr.undertone.com/userPixel/sync?partner=verizon&uid=y-JTczcgBE2uEigM905Qi4TJPU_84MUuvW~A~UP4e4a9096-168a-11ec-a15f-06be1e67faf8

0
154 B

511ms
94ms

Image
text/plain

107.23.252.174
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usr.undertone.com/userPixel/sync?partner=verizon&uid=y-JTczcgBE2uEigM905Qi4TJPU_84MUuvW~A~UP4e4a9096-168a-11ec-a15f-06be1e67faf8
Requested by: Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?ccpa=1---
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 107.23.252.174 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-107-23-252-174.compute-1.amazonaws.com
Software: istio-envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.undertone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 01:06:21 GMT
x-envoy-upstream-service-time: 0
server: istio-envoy
Connection: keep-alive
Content-Length: 0

Redirect headers

Date: Thu, 16 Sep 2021 01:06:21 GMT
Server: ATS/7.1.2.138
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location: https://usr.undertone.com/userPixel/sync?partner=verizon&uid=y-JTczcgBE2uEigM905Qi4TJPU_84MUuvW~A~UP4e4a9096-168a-11ec-a15f-06be1e67faf8
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200
OK

sync
usr.undertone.com/userPixel/ Frame FC07
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=sirnsvg&ttd_tpi=1&gdpr=0&gdpr_consent=
https://usr.undertone.com/userPixel/sync?partner=ttd&uid=a15bdabb-c3aa-4c50-8f55-12df19c523a9&ttl=1634346381

0
154 B

635ms
99ms

Image
text/plain

107.23.252.174
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usr.undertone.com/userPixel/sync?partner=ttd&uid=a15bdabb-c3aa-4c50-8f55-12df19c523a9&ttl=1634346381
Requested by: Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?ccpa=1---
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 107.23.252.174 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-107-23-252-174.compute-1.amazonaws.com
Software: istio-envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.undertone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 01:06:21 GMT
x-envoy-upstream-service-time: 0
server: istio-envoy
Connection: keep-alive
Content-Length: 0

Redirect headers

pragma: no-cache
date: Thu, 16 Sep 2021 01:06:21 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://usr.undertone.com/userPixel/sync?partner=ttd&uid=a15bdabb-c3aa-4c50-8f55-12df19c523a9&ttl=1634346381
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 247

GET
H/1.1 204
No Content sync.php
pixel.rubiconproject.com/exchange/ Frame FC07 0
239 B 42ms
11ms Image
image/gif 69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/exchange/sync.php?p=12776
Requested by: Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?ccpa=1---
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.undertone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 3bafef7aa4e37890defcd73f0a080481
Content-Type: image/gif

GET
H/1.1

200
OK

sync
usr.undertone.com/userPixel/ Frame FC07
Redirect Chain

https://cs.admanmedia.com/sync/undertone?url=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3Fpartner%3Dacuityads%26uid%3D%24UID
https://usr.undertone.com/userPixel/sync?partner=acuityads&uid=b98b70f4a2063717c189127beac962f31ae76653

0
154 B

643ms
94ms

Image
text/plain

107.23.252.174
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usr.undertone.com/userPixel/sync?partner=acuityads&uid=b98b70f4a2063717c189127beac962f31ae76653
Requested by: Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?ccpa=1---
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 107.23.252.174 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-107-23-252-174.compute-1.amazonaws.com
Software: istio-envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.undertone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 01:06:21 GMT
x-envoy-upstream-service-time: 1
server: istio-envoy
Connection: keep-alive
Content-Length: 0

Redirect headers

Location: https://usr.undertone.com/userPixel/sync?partner=acuityads&uid=b98b70f4a2063717c189127beac962f31ae76653
Date: Thu, 16 Sep 2021 01:06:21 GMT
Transfer-Encoding: chunked
Server: nginx
Connection: keep-alive
X-Frame-Options: DENY
Strict-Transport-Security: max-age=63072000; includeSubdomains; preload

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame FC07
Redirect Chain

https://image8.pubmatic.com/AdServer/ImgSync?p=160318&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160318%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fusr.undertone...
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=OUQzNUEwNzQtNDQ1My00OEQzLTgxOEUtMDExNzE4MjRGMjk1&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_cons...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=4e8b1bc9-168a-11ec-bac0-0dcf7a401fce&gdpr=0&gdpr_consent=

1 B
373 B

18ms
18ms

Image
text/html

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=4e8b1bc9-168a-11ec-bac0-0dcf7a401fce&gdpr=0&gdpr_consent=
Requested by: Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?ccpa=1---
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.undertone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 01:06:22 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug010:0:403
server: nginx
content-type: text/html; charset=utf-8
content-length: 1
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=4e8b1bc9-168a-11ec-bac0-0dcf7a401fce&gdpr=0&gdpr_consent=
Date: Thu, 16 Sep 2021 01:06:21 GMT
Server: Apache-Coyote/1.1
Connection: keep-alive
Content-Length: 0
X-CI-RTID: 4e8b1bca-168a-11ec-bac0-0dcf7a401fce

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame D9B2
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=12776
https://eus.rubiconproject.com/usync.html?p=12776

281 B
554 B

9ms
9ms

Document
text/html

23.37.42.132
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=12776
Requested by: Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?ccpa=1---
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-42-132.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Host: eus.rubiconproject.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://cdn.undertone.com/
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.undertone.com/

Response headers

Server: Apache/2.2.15 (CentOS)
Last-Modified: Tue, 23 Feb 2021 20:47:52 GMT
ETag: "402b0-119-5bc0708346e00"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Thu, 16 Sep 2021 01:06:21 GMT
Connection: keep-alive
Vary: Accept-Encoding

Redirect headers

Server: AkamaiGHost
Content-Length: 0
Location: https://eus.rubiconproject.com/usync.html?p=12776
Date: Thu, 16 Sep 2021 01:06:21 GMT
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame A8B6 5 KB
6 KB 54ms
13ms Script
text/html 185.64.189.115
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=79694970&p=157577&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.115 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: ed91bd5b1b226f3264d24a3cb70488071a97a150b3bff7d4123acf5e1d66b1d2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 01:06:19 GMT
content-type: text/html; charset=UTF-8
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 7EE9 31 KB
10 KB 8ms
8ms Script
text/html 23.37.42.132
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=12776
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-42-132.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 2f87e084a7e972b2a348c0c76df759ec44774446f24e707ca0edb9db944b0255

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=12776
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Thu, 16 Sep 2021 01:06:21 GMT
Content-Encoding: gzip
Last-Modified: Tue, 24 Aug 2021 22:28:41 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=17908
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9360
Expires: Thu, 16 Sep 2021 06:04:49 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame AC30 31 KB
10 KB 7ms
6ms Script
text/html 23.37.42.132
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=12776
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-42-132.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 2f87e084a7e972b2a348c0c76df759ec44774446f24e707ca0edb9db944b0255

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=12776
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Thu, 16 Sep 2021 01:06:21 GMT
Content-Encoding: gzip
Last-Modified: Tue, 24 Aug 2021 22:28:41 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=17908
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9360
Expires: Thu, 16 Sep 2021 06:04:49 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame D9B2 31 KB
10 KB 7ms
7ms Script
text/html 23.37.42.132
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=12776
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-42-132.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 2f87e084a7e972b2a348c0c76df759ec44774446f24e707ca0edb9db944b0255

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=12776
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Thu, 16 Sep 2021 01:06:21 GMT
Content-Encoding: gzip
Last-Modified: Tue, 24 Aug 2021 22:28:41 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=17908
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9360
Expires: Thu, 16 Sep 2021 06:04:49 GMT

GET
H2 200 match Show response
c1.adform.net/serving/cookie/ Frame EE35 35 B
468 B 19ms
17ms Document
image/gif 37.157.4.40
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://c1.adform.net/serving/cookie/match?party=14&cid=9D35A074-4453-48D3-818E-01171824F295

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.40 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

:method: GET
:authority: c1.adform.net
:scheme: https
:path: /serving/cookie/match?party=14&cid=9D35A074-4453-48D3-818E-01171824F295
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
cookie: C=1; uid=5754003166861353392
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
date: Thu, 16 Sep 2021 01:06:21 GMT
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
expires: -1
set-cookie: uid=5754003166861353392; expires=Mon, 15 Nov 2021 01:06:21 GMT; domain=adform.net; path=/; secure; samesite=none
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
strict-transport-security: max-age=31536000; includeSubDomains

GET
H2

204

ImgSync
image8.pubmatic.com/AdServer/ Frame 9CF1
Redirect Chain

https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=3608879414778471959
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=

0
0

13ms
12ms

Document
text/plain

185.64.189.216
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.216 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash

Request headers

:method: GET
:authority: image8.pubmatic.com
:scheme: https
:path: /AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
cookie: KADUSERCOOKIE=9D35A074-4453-48D3-818E-01171824F295; KRTBCOOKIE_699=22727-AABZDU7ChTEAAB0enEokTg; PugT=1631754381; PUBMDCID=3; DPSync3=1632960000%3A201_197_219%7C1631836800%3A174; SyncRTB3=1632614400%3A63%7C1632960000%3A204_230_3_220_81_99_56_54_222_22_234_189_71_55_104_176_161_13_231_165_88_8_7_166_21%7C1633046400%3A35%7C1634342400%3A203%7C1632355200%3A2_223_15; KRTBCOOKIE_57=22776-692294473516701639; KRTBCOOKIE_153=19420-YdGylG7YvsJ62OTHZdmrlmLYtpJ61OSeZtin0WxC&KRTB&22979-YdGylG7YvsJ62OTHZdmrlmLYtpJ61OSeZtin0WxC; KRTBCOOKIE_80=22987-CAESECgfC6azDIihfis8DZvNb64&KRTB&16514-CAESECgfC6azDIihfis8DZvNb64&KRTB&23025-CAESECgfC6azDIihfis8DZvNb64; KRTBCOOKIE_188=3189-43bcc6b3-411d-4b94-8564-060c209c8e09-6142988c-5553; KRTBCOOKIE_1101=23040-7008331701509486743; KRTBCOOKIE_218=22978-YUKYjAAAAd6mgQAR&KRTB&23194-YUKYjAAAAd6mgQAR&KRTB&23209-YUKYjAAAAd6mgQAR&KRTB&23244-YUKYjAAAAd6mgQAR; KRTBCOOKIE_391=22924-5754003166861353392&KRTB&23263-5754003166861353392; KRTBCOOKIE_27=16735-uid:ce896142-988a-4000-9d86-8d6e6bdc91b4&KRTB&16736-uid:ce896142-988a-4000-9d86-8d6e6bdc91b4&KRTB&23019-uid:ce896142-988a-4000-9d86-8d6e6bdc91b4&KRTB&23114-uid:ce896142-988a-4000-9d86-8d6e6bdc91b4; KRTBCOOKIE_377=6810-a15bdabb-c3aa-4c50-8f55-12df19c523a9&KRTB&22918-a15bdabb-c3aa-4c50-8f55-12df19c523a9&KRTB&23031-a15bdabb-c3aa-4c50-8f55-12df19c523a9; KRTBCOOKIE_466=16530-52a2cf51-6e38-4e7d-a6a9-1d14e78bdb32; KRTBCOOKIE_409=22966-j77VLQZQAioC6nbMsdQFXfTC; ipc=0^^0^0; chkChromeAb67Sec=4; SPugT=1631754379; KRTBCOOKIE_22=14911-7625358645801593428; KRTBCOOKIE_336=5844-3608879414778471959
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

cache-control: private,max-age=86400
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
set-cookie: ipc=; domain=pubmatic.com; path=/; max-age=0; SameSite=None; secure; KADUSERCOOKIE=9D35A074-4453-48D3-818E-01171824F295; domain=pubmatic.com; path=/; max-age=7776000; SameSite=None; secure; chkChromeAb67Sec=5; domain=pubmatic.com; path=/; max-age=7776000; SameSite=None; secure;
date: Thu, 16 Sep 2021 01:06:21 GMT

Redirect headers

server: nginx
date: Thu, 16 Sep 2021 01:06:21 GMT
set-cookie: KRTBCOOKIE_336=5844-3608879414778471959; domain=pubmatic.com; SameSite=None; secure; expires=Sat, 16-Oct-2021 01:06:21 GMT; path=/ PugT=1631754381; domain=pubmatic.com; SameSite=None; secure; expires=Sat, 16-Oct-2021 01:06:21 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Wed, 15-Dec-2021 01:06:21 GMT; path=/
x-lat: lhrpug002:0:502
location: https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private

GET
H2 200 usersync.aspx Show response
dis.criteo.com/dis/ Frame B69C 43 B
334 B 45ms
14ms Document
image/gif 178.250.2.151
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.2.151 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: Kestrel /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

:method: GET
:authority: dis.criteo.com
:scheme: https
:path: /dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

date: Thu, 16 Sep 2021 01:06:20 GMT
content-type: image/gif
server: Kestrel
cache-control: no-cache
pragma: no-cache
expires: Thu, 16 Sep 2021 00:00:00 GMT
x-errorlevel: 0
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 596723

GET
H/1.1

200
OK

sync Show response
usr.undertone.com/userPixel/ Frame AEC9
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?ssp=9
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7008331701509486743
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
https://image4.pubmatic.com/AdServer/SPug?p=160318&pmc=1&pr=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D53%26uid%3D9D35A074-4453-48D3-818E-01171824F295
https://usr.undertone.com/userPixel/sync?partnerId=53&uid=9D35A074-4453-48D3-818E-01171824F295

0
308 B

285ms
94ms

Document
text/plain

107.23.252.174
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://usr.undertone.com/userPixel/sync?partnerId=53&uid=9D35A074-4453-48D3-818E-01171824F295
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 107.23.252.174 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-107-23-252-174.compute-1.amazonaws.com
Software: istio-envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Host: usr.undertone.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ads.pubmatic.com/
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

date: Thu, 16 Sep 2021 01:06:22 GMT
server: istio-envoy
set-cookie: UID_EXT_53=9D35A074-4453-48D3-818E-01171824F295; Path=/; Domain=undertone.com; Expires=Fri, 16-Sep-2022 06:55:34 GMT; SameSite=None; Secure;
x-envoy-upstream-service-time: 1
Content-Length: 0
Connection: keep-alive

Redirect headers

server: nginx
date: Thu, 16 Sep 2021 01:06:19 GMT
set-cookie: SPugT=1631754379; domain=pubmatic.com; SameSite=None; secure; expires=Sat, 16-Oct-2021 01:06:19 GMT; path=/
location: https://usr.undertone.com/userPixel/sync?partnerId=53&uid=9D35A074-4453-48D3-818E-01171824F295
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private

GET
H/1.1

200
OK

sync Show response
usr.undertone.com/userPixel/ Frame 1DF2
Redirect Chain

https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AABZDU7ChTEAAB0enEokTg
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
https://image4.pubmatic.com/AdServer/SPug?p=160318&pmc=1&pr=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D53%26uid%3D9D35A074-4453-48D3-818E-01171824F295
https://usr.undertone.com/userPixel/sync?partnerId=53&uid=9D35A074-4453-48D3-818E-01171824F295

0
308 B

286ms
95ms

Document
text/plain

107.23.252.174
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://usr.undertone.com/userPixel/sync?partnerId=53&uid=9D35A074-4453-48D3-818E-01171824F295
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 107.23.252.174 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-107-23-252-174.compute-1.amazonaws.com
Software: istio-envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Host: usr.undertone.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ads.pubmatic.com/
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

date: Thu, 16 Sep 2021 01:06:21 GMT
server: istio-envoy
set-cookie: UID_EXT_53=9D35A074-4453-48D3-818E-01171824F295; Path=/; Domain=undertone.com; Expires=Fri, 16-Sep-2022 06:55:34 GMT; SameSite=None; Secure;
x-envoy-upstream-service-time: 1
Content-Length: 0
Connection: keep-alive

Redirect headers

server: nginx
date: Thu, 16 Sep 2021 01:06:21 GMT
set-cookie: SPugT=1631754381; domain=pubmatic.com; SameSite=None; secure; expires=Sat, 16-Oct-2021 01:06:21 GMT; path=/
location: https://usr.undertone.com/userPixel/sync?partnerId=53&uid=9D35A074-4453-48D3-818E-01171824F295
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame FD63
Redirect Chain

https://csync.loopme.me/?redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={device_id}&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0

0
107 B

19ms
17ms

Document
text/html

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method: GET
:authority: simage2.pubmatic.com
:scheme: https
:path: /AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
cookie: KADUSERCOOKIE=9D35A074-4453-48D3-818E-01171824F295; KRTBCOOKIE_699=22727-AABZDU7ChTEAAB0enEokTg; PugT=1631754381; PUBMDCID=3; DPSync3=1632960000%3A201_197_219%7C1631836800%3A174; SyncRTB3=1632614400%3A63%7C1632960000%3A204_230_3_220_81_99_56_54_222_22_234_189_71_55_104_176_161_13_231_165_88_8_7_166_21%7C1633046400%3A35%7C1634342400%3A203%7C1632355200%3A2_223_15; KRTBCOOKIE_57=22776-692294473516701639; KRTBCOOKIE_153=19420-YdGylG7YvsJ62OTHZdmrlmLYtpJ61OSeZtin0WxC&KRTB&22979-YdGylG7YvsJ62OTHZdmrlmLYtpJ61OSeZtin0WxC; KRTBCOOKIE_80=22987-CAESECgfC6azDIihfis8DZvNb64&KRTB&16514-CAESECgfC6azDIihfis8DZvNb64&KRTB&23025-CAESECgfC6azDIihfis8DZvNb64; KRTBCOOKIE_188=3189-43bcc6b3-411d-4b94-8564-060c209c8e09-6142988c-5553; KRTBCOOKIE_1101=23040-7008331701509486743; KRTBCOOKIE_218=22978-YUKYjAAAAd6mgQAR&KRTB&23194-YUKYjAAAAd6mgQAR&KRTB&23209-YUKYjAAAAd6mgQAR&KRTB&23244-YUKYjAAAAd6mgQAR; KRTBCOOKIE_391=22924-5754003166861353392&KRTB&23263-5754003166861353392; KRTBCOOKIE_27=16735-uid:ce896142-988a-4000-9d86-8d6e6bdc91b4&KRTB&16736-uid:ce896142-988a-4000-9d86-8d6e6bdc91b4&KRTB&23019-uid:ce896142-988a-4000-9d86-8d6e6bdc91b4&KRTB&23114-uid:ce896142-988a-4000-9d86-8d6e6bdc91b4; KRTBCOOKIE_377=6810-a15bdabb-c3aa-4c50-8f55-12df19c523a9&KRTB&22918-a15bdabb-c3aa-4c50-8f55-12df19c523a9&KRTB&23031-a15bdabb-c3aa-4c50-8f55-12df19c523a9; chkChromeAb67Sec=3; KRTBCOOKIE_466=16530-52a2cf51-6e38-4e7d-a6a9-1d14e78bdb32; KRTBCOOKIE_409=22966-j77VLQZQAioC6nbMsdQFXfTC
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
date: Thu, 16 Sep 2021 01:06:21 GMT
content-type: text/html; charset=utf-8
x-lat: lhrpug018:2:207
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private
content-encoding: gzip

Redirect headers

set-cookie: viewer_token=516c9746-b658-4e74-88be-7ac299ac19e8; path=/; domain=csync.loopme.me; Expires=Sat, 16-Oct-2021 01:06:21 GMT
location: https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0
content-length: 0
date: Thu, 16 Sep 2021 01:06:21 GMT
server: _

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 869E
Redirect Chain

https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=549566859
https://sync.1rx.io/usersync/tradedesk/a15bdabb-c3aa-4c50-8f55-12df19c523a9
https://sync.targeting.unrulymedia.com/csync/RX-67fe52ad-70a5-4b1f-9367-f2c5060ce4d9-003?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-67fe52ad-70a5-4b1f-9367-f2c5060ce4d9-003

42 B
393 B

17ms
17ms

Document
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-67fe52ad-70a5-4b1f-9367-f2c5060ce4d9-003
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

:method: GET
:authority: simage2.pubmatic.com
:scheme: https
:path: /AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-67fe52ad-70a5-4b1f-9367-f2c5060ce4d9-003
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
cookie: KADUSERCOOKIE=9D35A074-4453-48D3-818E-01171824F295; KRTBCOOKIE_699=22727-AABZDU7ChTEAAB0enEokTg; PugT=1631754381; PUBMDCID=3; DPSync3=1632960000%3A201_197_219%7C1631836800%3A174; SyncRTB3=1632614400%3A63%7C1632960000%3A204_230_3_220_81_99_56_54_222_22_234_189_71_55_104_176_161_13_231_165_88_8_7_166_21%7C1633046400%3A35%7C1634342400%3A203%7C1632355200%3A2_223_15; KRTBCOOKIE_57=22776-692294473516701639; KRTBCOOKIE_153=19420-YdGylG7YvsJ62OTHZdmrlmLYtpJ61OSeZtin0WxC&KRTB&22979-YdGylG7YvsJ62OTHZdmrlmLYtpJ61OSeZtin0WxC; KRTBCOOKIE_80=22987-CAESECgfC6azDIihfis8DZvNb64&KRTB&16514-CAESECgfC6azDIihfis8DZvNb64&KRTB&23025-CAESECgfC6azDIihfis8DZvNb64; KRTBCOOKIE_188=3189-43bcc6b3-411d-4b94-8564-060c209c8e09-6142988c-5553; KRTBCOOKIE_1101=23040-7008331701509486743; KRTBCOOKIE_218=22978-YUKYjAAAAd6mgQAR&KRTB&23194-YUKYjAAAAd6mgQAR&KRTB&23209-YUKYjAAAAd6mgQAR&KRTB&23244-YUKYjAAAAd6mgQAR; KRTBCOOKIE_391=22924-5754003166861353392&KRTB&23263-5754003166861353392; KRTBCOOKIE_27=16735-uid:ce896142-988a-4000-9d86-8d6e6bdc91b4&KRTB&16736-uid:ce896142-988a-4000-9d86-8d6e6bdc91b4&KRTB&23019-uid:ce896142-988a-4000-9d86-8d6e6bdc91b4&KRTB&23114-uid:ce896142-988a-4000-9d86-8d6e6bdc91b4; KRTBCOOKIE_377=6810-a15bdabb-c3aa-4c50-8f55-12df19c523a9&KRTB&22918-a15bdabb-c3aa-4c50-8f55-12df19c523a9&KRTB&23031-a15bdabb-c3aa-4c50-8f55-12df19c523a9; KRTBCOOKIE_466=16530-52a2cf51-6e38-4e7d-a6a9-1d14e78bdb32; KRTBCOOKIE_409=22966-j77VLQZQAioC6nbMsdQFXfTC; SPugT=1631754379; KRTBCOOKIE_22=14911-7625358645801593428; KRTBCOOKIE_336=5844-3608879414778471959; chkChromeAb67Sec=5
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
date: Thu, 16 Sep 2021 01:06:21 GMT
content-type: image/gif; charset=utf-8
content-length: 42
set-cookie: KRTBCOOKIE_594=17105-RX-67fe52ad-70a5-4b1f-9367-f2c5060ce4d9-003&KRTB&17107-RX-67fe52ad-70a5-4b1f-9367-f2c5060ce4d9-003; domain=pubmatic.com; SameSite=None; secure; expires=Wed, 15-Dec-2021 01:06:21 GMT; path=/ PugT=1631754381; domain=pubmatic.com; SameSite=None; secure; expires=Sat, 16-Oct-2021 01:06:21 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Wed, 15-Dec-2021 01:06:21 GMT; path=/
x-lat: lhrpug012:0:434
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private

Redirect headers

server: Tengine
date: Thu, 16 Sep 2021 01:06:21 GMT
content-type: text/html
set-cookie: _rxuuid=%7B%22rx_uuid%22%3A%22RX-67fe52ad-70a5-4b1f-9367-f2c5060ce4d9-003%22%7D; path=/; expires=Fri, 16 Sep 2022 01:06:21 GMT; domain=.targeting.unrulymedia.com; samesite=none; secure; httponly
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-67fe52ad-70a5-4b1f-9367-f2c5060ce4d9-003
etag: RX67fe52ad70a54b1f9367f2c5060ce4d9003

GET
H/1.1 200
OK bridge Show response
cm.adgrx.com/ Frame BAFC 43 B
408 B 13ms
12ms Document
image/gif 173.231.180.197
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 173.231.180.197 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: Cowboy /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Host: cm.adgrx.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ads.pubmatic.com/
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

Date: Thu, 16 Sep 2021 01:06:21 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
server: Cowboy
X-RealServer-NX: ams-delivery-1
Cache-Control: no-cache, no-store, must-revalidate, proxy-revalidate
Pragma: no-cache
Expires: Thu, 23 Sep 2004 17:42:04 GMT
P3P: CP="NOI OTC OTP OUR NOR"
Access-Control-Allow-Origin: *

GET
H2 200 dpe Show response
ad4m.at/ad/ Frame 5502 42 B
974 B 80ms
28ms Document
image/gif 172.67.74.129
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ad4m.at/ad/dpe?b=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjkmdGw9MTI5NjAw&piggybackCookie=$UID

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.74.129 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint; report-uri https://as.ad4m.at/ad/rcv; upgrade-insecure-requests; sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox

Request headers

:method: GET
:authority: ad4m.at
:scheme: https
:path: /ad/dpe?b=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjkmdGw9MTI5NjAw&piggybackCookie=$UID
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

date: Thu, 16 Sep 2021 01:06:21 GMT
content-type: image/gif
content-length: 42
report-to: {"endpoints":[{"url":"https://as.ad4m.at/ad/vre"}],"group":"report-endpoint","max_age":86400}
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0"}
expires: 0
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
content-security-policy: block-all-mixed-content; report-to report-endpoint; report-uri https://as.ad4m.at/ad/rcv; upgrade-insecure-requests; sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
referrer-policy: same-origin
pragma: no-cache
surrogate-control: no-store
x-fastcgi-cache: BYPASS
x-backend-server: adsrv-7b12
via: 1.1 google
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 68f63115ff5c27a0-PRG

GET
H2

200

Pug Show response
image2.pubmatic.com/AdServer/ Frame 58A8
Redirect Chain

https://green.erne.co/pubmatic/cm?
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=j77VLQZQAioC6nbMsdQFXfTC

42 B
235 B

17ms
17ms

Document
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=j77VLQZQAioC6nbMsdQFXfTC
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

:method: GET
:authority: image2.pubmatic.com
:scheme: https
:path: /AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=j77VLQZQAioC6nbMsdQFXfTC
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
cookie: KADUSERCOOKIE=9D35A074-4453-48D3-818E-01171824F295; KRTBCOOKIE_699=22727-AABZDU7ChTEAAB0enEokTg; PugT=1631754381; PUBMDCID=3; DPSync3=1632960000%3A201_197_219%7C1631836800%3A174; SyncRTB3=1632614400%3A63%7C1632960000%3A204_230_3_220_81_99_56_54_222_22_234_189_71_55_104_176_161_13_231_165_88_8_7_166_21%7C1633046400%3A35%7C1634342400%3A203%7C1632355200%3A2_223_15; KRTBCOOKIE_57=22776-692294473516701639; KRTBCOOKIE_153=19420-YdGylG7YvsJ62OTHZdmrlmLYtpJ61OSeZtin0WxC&KRTB&22979-YdGylG7YvsJ62OTHZdmrlmLYtpJ61OSeZtin0WxC; KRTBCOOKIE_80=22987-CAESECgfC6azDIihfis8DZvNb64&KRTB&16514-CAESECgfC6azDIihfis8DZvNb64&KRTB&23025-CAESECgfC6azDIihfis8DZvNb64; KRTBCOOKIE_188=3189-43bcc6b3-411d-4b94-8564-060c209c8e09-6142988c-5553; KRTBCOOKIE_1101=23040-7008331701509486743; KRTBCOOKIE_218=22978-YUKYjAAAAd6mgQAR&KRTB&23194-YUKYjAAAAd6mgQAR&KRTB&23209-YUKYjAAAAd6mgQAR&KRTB&23244-YUKYjAAAAd6mgQAR; KRTBCOOKIE_391=22924-5754003166861353392&KRTB&23263-5754003166861353392; KRTBCOOKIE_27=16735-uid:ce896142-988a-4000-9d86-8d6e6bdc91b4&KRTB&16736-uid:ce896142-988a-4000-9d86-8d6e6bdc91b4&KRTB&23019-uid:ce896142-988a-4000-9d86-8d6e6bdc91b4&KRTB&23114-uid:ce896142-988a-4000-9d86-8d6e6bdc91b4; KRTBCOOKIE_377=6810-a15bdabb-c3aa-4c50-8f55-12df19c523a9&KRTB&22918-a15bdabb-c3aa-4c50-8f55-12df19c523a9&KRTB&23031-a15bdabb-c3aa-4c50-8f55-12df19c523a9; chkChromeAb67Sec=3
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
date: Thu, 16 Sep 2021 01:06:21 GMT
content-type: image/gif; charset=utf-8
content-length: 42
set-cookie: KRTBCOOKIE_409=22966-j77VLQZQAioC6nbMsdQFXfTC; domain=pubmatic.com; SameSite=None; secure; expires=Sat, 16-Oct-2021 01:06:21 GMT; path=/ PugT=1631754381; domain=pubmatic.com; SameSite=None; secure; expires=Sat, 16-Oct-2021 01:06:21 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Wed, 15-Dec-2021 01:06:21 GMT; path=/
x-lat: lhrpug015:0:439
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private

Redirect headers

server: openresty
date: Thu, 16 Sep 2021 01:06:21 GMT
content-length: 0
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
set-cookie: u=j77VLQZQAioC6nbMsdQFXfTC; Max-Age=31536000; Domain=.erne.co; Path=/; Secure; SameSite=None
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=j77VLQZQAioC6nbMsdQFXfTC
strict-transport-security: max-age=0; includeSubDomains;

GET
H2

200

i.match Show response
s.tribalfusion.com/z/ Frame 87DF
Redirect Chain

https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATI...
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMA...

43 B
447 B

210ms
186ms

Document
image/gif

104.18.13.5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.13.5 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0

Request headers

:method: GET
:authority: s.tribalfusion.com
:scheme: https
:path: /z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
cookie: ANON_ID=aAnoeUqO2cpU2OqtwxgEEIZdav0WEadeDNHREmB6T
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

date: Thu, 16 Sep 2021 01:06:22 GMT
content-type: image/gif; charset=utf-8
content-length: 43
p3p: CP="NOI DEVo TAIa OUR BUS"
x-function: 302
cache-control: no-cache private
expires: Thu, 01 Jan 1970 00:00:00 GMT
pragma: no-cache
set-cookie: ANON_ID=aSnsIHN3IdbSIdwFUNGJykxyY2sTtpxKxMvWBKkVGoKqUaX2aZan43EeDOOCJphO7ie6SPLMWfpZdfY0Zda79ZdXGLgs; path=/; domain=.tribalfusion.com; expires=Wed, 15-Dec-2021 01:06:22 GMT; SameSite=None; Secure; ANON_ID_old=aSnsIHN3IdbSIdwFUNGJykxyY2sTtpxKxMvWBKkVGoKqUaX2aZan43EeDOOCJphO7ie6SPLMWfpZdfY0Zda79ZdXGLgs; path=/; domain=.tribalfusion.com; expires=Wed, 15-Dec-2021 01:06:22 GMT;
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 68f6311768384120-PRG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

date: Thu, 16 Sep 2021 01:06:21 GMT
content-type: text/html
p3p: CP="NOI DEVo TAIa OUR BUS"
x-function: 206
x-reuse-index: 598
cache-control: no-cache private
expires: Thu, 01 Jan 1970 00:00:00 GMT
pragma: no-cache
set-cookie: ANON_ID=aAnoeUqO2cpU2OqtwxgEEIZdav0WEadeDNHREmB6T; path=/; domain=.tribalfusion.com; expires=Wed, 15-Dec-2021 01:06:21 GMT; SameSite=None; Secure; ANON_ID_old=aAnoeUqO2cpU2OqtwxgEEIZdav0WEadeDNHREmB6T; path=/; domain=.tribalfusion.com; expires=Wed, 15-Dec-2021 01:06:21 GMT;
location: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 68f631160f864120-PRG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2

200

rtb-h Show response
match.taboola.com/sg/pubmatic-ssp-network/1/ Frame 6253
Redirect Chain

https://trc.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=uid:$UID
https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=02203537-41f2-43e7-9dc1-ea067be77035-tuct83c1e0d&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdSe...

0
53 B

26ms
14ms

Document
text/plain

151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=02203537-41f2-43e7-9dc1-ea067be77035-tuct83c1e0d&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method: GET
:authority: match.taboola.com
:scheme: https
:path: /sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=02203537-41f2-43e7-9dc1-ea067be77035-tuct83c1e0d&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
cookie: t_gid=02203537-41f2-43e7-9dc1-ea067be77035-tuct83c1e0d
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
accept-ranges: bytes
date: Thu, 16 Sep 2021 01:06:21 GMT
via: 1.1 varnish
x-served-by: cache-hhn4059-HHN
x-cache: MISS
x-cache-hits: 0
x-timer: S1631754382.731153,VS0,VE9
content-length: 0

Redirect headers

server: nginx
set-cookie: t_gid=02203537-41f2-43e7-9dc1-ea067be77035-tuct83c1e0d;Version=1;Path=/;Domain=.taboola.com;Expires=Fri, 16-Sep-2022 01:06:21 GMT;Max-Age=31536000;Secure;SameSite=None
location: https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=02203537-41f2-43e7-9dc1-ea067be77035-tuct83c1e0d&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
accept-ranges: bytes
date: Thu, 16 Sep 2021 01:06:21 GMT
via: 1.1 varnish
x-served-by: cache-hhn4059-HHN
x-cache: MISS
x-cache-hits: 0
x-timer: S1631754382.703645,VS0,VE9
x-vcl-time-ms: 9
content-length: 0

GET
H2 200 141 Show response
match.deepintent.com/usersync/ Frame 05DB 0
44 B 316ms
96ms Document
text/plain 169.197.150.7
DEEPINTENT

General

Check archive.org

Show headers Download Go to

Full URL: https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 169.197.150.7 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS: g.deepintent.com
Software: a /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method: GET
:authority: match.deepintent.com
:scheme: https
:path: /usersync/141?gdpr=0&gdpr_consent=
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

content-length: 0
date: Thu, 16 Sep 2021 01:06:21 GMT
server: a

GET
H2

200

user_sync.html
ads.pubmatic.com/AdServer/js/ Frame A8B6
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=nTWgdERTSNOBjgEXGCTylQ%3D%3D
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=

14 KB
14 KB

164ms
163ms

Image
text/html

184.26.16.208
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.26.16.208 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-26-16-208.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 01:06:21 GMT
content-encoding: gzip
last-modified: Tue, 15 Jun 2021 06:08:03 GMT
server: Apache/2.2.15 (CentOS)
etag: "1300708-3945-5c4c7cc02bd56"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: max-age=45773
accept-ranges: bytes
content-type: text/html; charset=UTF-8
content-length: 5054
expires: Thu, 16 Sep 2021 13:49:14 GMT

Redirect headers

pragma: no-cache
date: Thu, 16 Sep 2021 01:06:21 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 272
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

SPug
image4.pubmatic.com/AdServer/ Frame A8B6
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=ce896142-988a-4000-9d86-8d6e6bdc91b4

0
48 B

82ms
13ms

Image
text/plain

185.64.189.114
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=ce896142-988a-4000-9d86-8d6e6bdc91b4
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.114 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 01:06:20 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date: Thu, 16 Sep 2021 01:06:21 GMT
Server: MT3 3944 2bcb57b master cdg-pixel-x14 config:1.0.0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=ce896142-988a-4000-9d86-8d6e6bdc91b4
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Thu, 16 Sep 2021 01:06:20 GMT

GET
H2

200

mw
mwzeom.zeotap.com/ Frame A8B6
Redirect Chain

https://pixel.onaudience.com/?partner=214&mapped=9D35A074-4453-48D3-818E-01171824F295
https://sync.crwdcntrl.net/map/c=8587/tp=CLOD?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D
https://pixel.onaudience.com/?partner=104&icm&cver&mapped=a6518660381342d9cc7ba26db469039e
https://spl.zeotap.com/?zdid=1332&zcluid=ee6fce9cb34d8e31
https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=aff93236-2345-417d-5b11-5aa37f31f772&reqId=6a93eec5-689a-4779-73eb-7e1559fe3eb8&zclui...
https://mwzeom.zeotap.com/mw?google_gid=CAESECUbfQAeJXT72_GmBllD8tM&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=aff93236-2345-417d-5b11-5aa37f31f772&reqId=6a93eec5-689a-4779-73eb-7e1...

95 B
164 B

57ms
32ms

Image
image/png

104.22.24.87
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?google_gid=CAESECUbfQAeJXT72_GmBllD8tM&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=aff93236-2345-417d-5b11-5aa37f31f772&reqId=6a93eec5-689a-4779-73eb-7e1559fe3eb8&zcluid=ee6fce9cb34d8e31&zdid=1332
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.24.87 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 01:06:21 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://ads.pubmatic.com
access-control-allow-credentials: true
cf-ray: 68f631172f654131-PRG
access-control-allow-headers: *
content-length: 95

Redirect headers

pragma: no-cache
date: Thu, 16 Sep 2021 01:06:21 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://mwzeom.zeotap.com/mw?google_gid=CAESECUbfQAeJXT72_GmBllD8tM&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=aff93236-2345-417d-5b11-5aa37f31f772&reqId=6a93eec5-689a-4779-73eb-7e1559fe3eb8&zcluid=ee6fce9cb34d8e31&zdid=1332
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 469
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

sync
usr.undertone.com/userPixel/ Frame A8B6
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=OUQzNUEwNzQtNDQ1My00OEQzLTgxOEUtMDExNzE4MjRGMjk1&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
https://image4.pubmatic.com/AdServer/SPug?p=160318&pmc=1&pr=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D53%26uid%3D9D35A074-4453-48D3-818E-01171824F295
https://usr.undertone.com/userPixel/sync?partnerId=53&uid=9D35A074-4453-48D3-818E-01171824F295

0
308 B

570ms
112ms

Image
text/plain

107.23.252.174
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usr.undertone.com/userPixel/sync?partnerId=53&uid=9D35A074-4453-48D3-818E-01171824F295
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 107.23.252.174 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-107-23-252-174.compute-1.amazonaws.com
Software: istio-envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 01:06:21 GMT
x-envoy-upstream-service-time: 2
server: istio-envoy
Connection: keep-alive
Content-Length: 0

Redirect headers

location: https://usr.undertone.com/userPixel/sync?partnerId=53&uid=9D35A074-4453-48D3-818E-01171824F295
date: Thu, 16 Sep 2021 01:06:21 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H/1.1

200
OK

sync
usr.undertone.com/userPixel/ Frame A8B6
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESECgfC6azDIihfis8DZvNb64&google_cver=1
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
https://image4.pubmatic.com/AdServer/SPug?p=160318&pmc=1&pr=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D53%26uid%3D9D35A074-4453-48D3-818E-01171824F295
https://usr.undertone.com/userPixel/sync?partnerId=53&uid=9D35A074-4453-48D3-818E-01171824F295

0
308 B

585ms
98ms

Image
text/plain

107.23.252.174
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usr.undertone.com/userPixel/sync?partnerId=53&uid=9D35A074-4453-48D3-818E-01171824F295
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 107.23.252.174 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-107-23-252-174.compute-1.amazonaws.com
Software: istio-envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 01:06:22 GMT
x-envoy-upstream-service-time: 1
server: istio-envoy
Connection: keep-alive
Content-Length: 0

Redirect headers

location: https://usr.undertone.com/userPixel/sync?partnerId=53&uid=9D35A074-4453-48D3-818E-01171824F295
date: Thu, 16 Sep 2021 01:06:20 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2 200 pubmatic
um.simpli.fi/ Frame A8B6 43 B
610 B 65ms
12ms Image
image/gif 159.253.128.183
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

159.253.128.183 Amsterdam, Netherlands, ASN36351 (SOFTLAYER, US),

Reverse DNS

b7.80.fd9f.ip4.static.sl-reverse.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 01:06:21 GMT
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Wed, 15 Sep 2021 01:06:21 GMT

GET
H/1.1

200
OK

sync
usr.undertone.com/userPixel/ Frame A8B6
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=5754003166861353392
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
https://image4.pubmatic.com/AdServer/SPug?p=160318&pmc=1&pr=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D53%26uid%3D9D35A074-4453-48D3-818E-01171824F295
https://usr.undertone.com/userPixel/sync?partnerId=53&uid=9D35A074-4453-48D3-818E-01171824F295

0
308 B

569ms
95ms

Image
text/plain

107.23.252.174
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usr.undertone.com/userPixel/sync?partnerId=53&uid=9D35A074-4453-48D3-818E-01171824F295
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 107.23.252.174 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-107-23-252-174.compute-1.amazonaws.com
Software: istio-envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 01:06:21 GMT
x-envoy-upstream-service-time: 1
server: istio-envoy
Connection: keep-alive
Content-Length: 0

Redirect headers

location: https://usr.undertone.com/userPixel/sync?partnerId=53&uid=9D35A074-4453-48D3-818E-01171824F295
date: Thu, 16 Sep 2021 01:06:20 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H/1.1

200
OK

sync
usr.undertone.com/userPixel/ Frame A8B6
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:ce896142-988a-4000-9d86-8d6e6bdc91b4&gdpr=0&gdpr_consent=
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
https://image4.pubmatic.com/AdServer/SPug?p=160318&pmc=1&pr=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D53%26uid%3D9D35A074-4453-48D3-818E-01171824F295
https://usr.undertone.com/userPixel/sync?partnerId=53&uid=9D35A074-4453-48D3-818E-01171824F295

0
308 B

569ms
94ms

Image
text/plain

107.23.252.174
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usr.undertone.com/userPixel/sync?partnerId=53&uid=9D35A074-4453-48D3-818E-01171824F295
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 107.23.252.174 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-107-23-252-174.compute-1.amazonaws.com
Software: istio-envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 01:06:22 GMT
x-envoy-upstream-service-time: 1
server: istio-envoy
Connection: keep-alive
Content-Length: 0

Redirect headers

location: https://usr.undertone.com/userPixel/sync?partnerId=53&uid=9D35A074-4453-48D3-818E-01171824F295
date: Thu, 16 Sep 2021 01:06:20 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H/1.1

200
OK

sync
usr.undertone.com/userPixel/ Frame A8B6
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=a15bdabb-c3aa-4c50-8f55-12df19c523a9
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
https://image4.pubmatic.com/AdServer/SPug?p=160318&pmc=1&pr=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D53%26uid%3D9D35A074-4453-48D3-818E-01171824F295
https://usr.undertone.com/userPixel/sync?partnerId=53&uid=9D35A074-4453-48D3-818E-01171824F295

0
308 B

597ms
98ms

Image
text/plain

107.23.252.174
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usr.undertone.com/userPixel/sync?partnerId=53&uid=9D35A074-4453-48D3-818E-01171824F295
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 107.23.252.174 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-107-23-252-174.compute-1.amazonaws.com
Software: istio-envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 01:06:22 GMT
x-envoy-upstream-service-time: 1
server: istio-envoy
Connection: keep-alive
Content-Length: 0

Redirect headers

location: https://usr.undertone.com/userPixel/sync?partnerId=53&uid=9D35A074-4453-48D3-818E-01171824F295
date: Thu, 16 Sep 2021 01:06:19 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H/1.1

200
OK

sync
usr.undertone.com/userPixel/ Frame A8B6
Redirect Chain

https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=692294473516701639&gdpr=0&gdpr_consent=
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
https://image4.pubmatic.com/AdServer/SPug?p=160318&pmc=1&pr=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D53%26uid%3D9D35A074-4453-48D3-818E-01171824F295
https://usr.undertone.com/userPixel/sync?partnerId=53&uid=9D35A074-4453-48D3-818E-01171824F295

0
308 B

491ms
99ms

Image
text/plain

107.23.252.174
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usr.undertone.com/userPixel/sync?partnerId=53&uid=9D35A074-4453-48D3-818E-01171824F295
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 107.23.252.174 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-107-23-252-174.compute-1.amazonaws.com
Software: istio-envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 01:06:21 GMT
x-envoy-upstream-service-time: 1
server: istio-envoy
Connection: keep-alive
Content-Length: 0

Redirect headers

location: https://usr.undertone.com/userPixel/sync?partnerId=53&uid=9D35A074-4453-48D3-818E-01171824F295
date: Thu, 16 Sep 2021 01:06:21 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2

200

SPug
image4.pubmatic.com/AdServer/ Frame A8B6
Redirect Chain

https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=9D35A074-4453-48D3-818E-01171824F295&redir=true&gdpr=0&gdpr_consent=
https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=9D35A074-4453-48D3-818E-01171824F295&redir=true&gdpr=0&gdpr_consent=&verify=true
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-odq.nZtE2uUN5Ewru_jVNt_AF9R80_I-~A&gdpr=0&gdpr_consent=

0
48 B

31ms
14ms

Image
text/plain

185.64.189.114
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-odq.nZtE2uUN5Ewru_jVNt_AF9R80_I-~A&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.114 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 01:06:21 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date: Thu, 16 Sep 2021 01:06:21 GMT
Server: ATS/7.1.2.138
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location: https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-odq.nZtE2uUN5Ewru_jVNt_AF9R80_I-~A&gdpr=0&gdpr_consent=
Connection: keep-alive
Content-Length: 0

GET 9D35A074-4453-48D3-818E-01171824F295
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame A8B6 0
0

GET
H/1.1

200
OK

sync
usr.undertone.com/userPixel/ Frame A8B6
Redirect Chain

https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=YdGylG7YvsJ62OTHZdmrlmLYtpJ61OSeZtin0WxC
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
https://image4.pubmatic.com/AdServer/SPug?p=160318&pmc=1&pr=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D53%26uid%3D9D35A074-4453-48D3-818E-01171824F295
https://usr.undertone.com/userPixel/sync?partnerId=53&uid=9D35A074-4453-48D3-818E-01171824F295

0
308 B

480ms
95ms

Image
text/plain

107.23.252.174
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usr.undertone.com/userPixel/sync?partnerId=53&uid=9D35A074-4453-48D3-818E-01171824F295
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 107.23.252.174 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-107-23-252-174.compute-1.amazonaws.com
Software: istio-envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 01:06:22 GMT
x-envoy-upstream-service-time: 1
server: istio-envoy
Connection: keep-alive
Content-Length: 0

Redirect headers

location: https://usr.undertone.com/userPixel/sync?partnerId=53&uid=9D35A074-4453-48D3-818E-01171824F295
date: Thu, 16 Sep 2021 01:06:20 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2

204

ImgSync
image8.pubmatic.com/AdServer/ Frame A8B6
Redirect Chain

https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
https://c1.adform.net/serving/cookie/match/?party=24&bidswitch_ssp_id=pubmatic
https://x.bidswitch.net/sync?dsp_id=70&user_id=5754003166861353392&ssp=pubmatic
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=52a2cf51-6e38-4e7d-a6a9-1d14e78bdb32&gdpr=&gdpr_consent=&gdpr_pd=
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=

0
184 B

15ms
12ms

Image
text/plain

185.64.189.216
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.216 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 01:06:20 GMT
cache-control: private,max-age=86400
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location: https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
date: Thu, 16 Sep 2021 01:06:21 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug017:0:427
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H/1.1

200
OK

sync
usr.undertone.com/userPixel/ Frame A8B6
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YUKYjAAAAd6mgQAR&gdpr=0&gdpr_consent=
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
https://image4.pubmatic.com/AdServer/SPug?p=160318&pmc=1&pr=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D53%26uid%3D9D35A074-4453-48D3-818E-01171824F295
https://usr.undertone.com/userPixel/sync?partnerId=53&uid=9D35A074-4453-48D3-818E-01171824F295

0
308 B

568ms
94ms

Image
text/plain

107.23.252.174
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usr.undertone.com/userPixel/sync?partnerId=53&uid=9D35A074-4453-48D3-818E-01171824F295
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 107.23.252.174 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-107-23-252-174.compute-1.amazonaws.com
Software: istio-envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 01:06:22 GMT
x-envoy-upstream-service-time: 1
server: istio-envoy
Connection: keep-alive
Content-Length: 0

Redirect headers

location: https://usr.undertone.com/userPixel/sync?partnerId=53&uid=9D35A074-4453-48D3-818E-01171824F295
date: Thu, 16 Sep 2021 01:06:20 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2 204 current
pubmatic-match.dotomi.com/match/bounce/ Frame A8B6 0
104 B 96ms
18ms Image
text/plain 64.158.223.140
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=9D35A074-4453-48D3-818E-01171824F295&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.158.223.140 Amsterdam, Netherlands, ASN41041 (VCLK-EU-SE, US),
Reverse DNS: ams02-login.dotomi.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 16 Sep 2021 01:06:21 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H2

204

ImgSync
image8.pubmatic.com/AdServer/ Frame A8B6
Redirect Chain

https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7625358645801593428&gdpr=0&gdpr_consent=&us_privacy=
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=

0
160 B

12ms
12ms

Image
text/plain

185.64.189.216
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.216 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 01:06:21 GMT
cache-control: private,max-age=86400
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location: https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
date: Thu, 16 Sep 2021 01:06:21 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug003:0:484
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H/1.1

200
OK

sync
usr.undertone.com/userPixel/ Frame A8B6
Redirect Chain

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=43bcc6b3-411d-4b94-8564-060c209c8e09-6142988c-5553&gdpr=0&gdpr_consent=
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
https://image4.pubmatic.com/AdServer/SPug?p=160318&pmc=1&pr=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D53%26uid%3D9D35A074-4453-48D3-818E-01171824F295
https://usr.undertone.com/userPixel/sync?partnerId=53&uid=9D35A074-4453-48D3-818E-01171824F295

0
308 B

503ms
104ms

Image
text/plain

107.23.252.174
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usr.undertone.com/userPixel/sync?partnerId=53&uid=9D35A074-4453-48D3-818E-01171824F295
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 107.23.252.174 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-107-23-252-174.compute-1.amazonaws.com
Software: istio-envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 01:06:21 GMT
x-envoy-upstream-service-time: 1
server: istio-envoy
Connection: keep-alive
Content-Length: 0

Redirect headers

location: https://usr.undertone.com/userPixel/sync?partnerId=53&uid=9D35A074-4453-48D3-818E-01171824F295
date: Thu, 16 Sep 2021 01:06:20 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET pubmaticmatch
match.adsby.bidtheatre.com/ Frame A8B6 0
0

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame A8B6
Redirect Chain

https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=692294473516701639

42 B
115 B

17ms
17ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=692294473516701639
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 01:06:21 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug006:0:296
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Pragma: no-cache
Date: Thu, 16 Sep 2021 01:06:21 GMT
X-Proxy-Origin: 216.131.114.43; 216.131.114.43; 539.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: 2b291763-a752-41c9-87b5-67211c2f91ee
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=692294473516701639
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame A8B6
Redirect Chain

https://rtb.gumgum.com/getuid/d1ba4609?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw%26piggybackCookie%3D
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw&piggybackCookie=e_0d967b28-ec45-4d3d-8409-9be49340b1d4

42 B
224 B

18ms
17ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw&piggybackCookie=e_0d967b28-ec45-4d3d-8409-9be49340b1d4
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 01:06:21 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug014:0:409
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw&piggybackCookie=e_0d967b28-ec45-4d3d-8409-9be49340b1d4
date: Thu, 16 Sep 2021 01:06:21 GMT
p3p: CP="This is not a P3P policy"
server: nginx
timing-allow-origin: *
content-length: 0
content-language: de-DE

GET
H/1.1 200
OK khaos.jpg
token.rubiconproject.com/ Frame 7EE9 284 B
536 B 26ms
6ms Image
image/jpg 69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/khaos.jpg?
Requested by: Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?ccpa=1---
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 284
X-RPHost: a66cbf3142c6ef39e3614b84a34262cf
Content-Type: image/jpg

GET
H/1.1 200
OK khaos.jpg
token.rubiconproject.com/ Frame AC30 284 B
536 B 25ms
6ms Image
image/jpg 69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/khaos.jpg?
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 284
X-RPHost: a66cbf3142c6ef39e3614b84a34262cf
Content-Type: image/jpg

GET
H/1.1 200
OK khaos.jpg
token.rubiconproject.com/ Frame D9B2 284 B
536 B 20ms
7ms Image
image/jpg 69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/khaos.jpg?
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 284
X-RPHost: a66cbf3142c6ef39e3614b84a34262cf
Content-Type: image/jpg

GET
H2 200 mono.m3u8 Show response
1420543146.rsc.cdn77.org/aWZVPhaSUIM6No-EH32w-w==,1631767981/LS-ATL-54548-10/tracks-v1a1/ 300 B
673 B 6ms
6ms XHR
application/vnd.apple.mpegurl 195.181.175.25
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://1420543146.rsc.cdn77.org/aWZVPhaSUIM6No-EH32w-w==,1631767981/LS-ATL-54548-10/tracks-v1a1/mono.m3u8
Requested by: Host: ssl.p.jwpcdn.com
URL: https://ssl.p.jwpcdn.com/player/v/8.3.2/provider.hlsjs.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 195.181.175.25 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: frankfurt-20.cdn77.com
Software: CDN77-Turbo /
Resource Hash: edf32f08c159982d0b2a5be918a4f301c898aad0be812730d0d7814e4dc5f09b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.livenewsnow.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Thu, 16 Sep 2021 01:06:23 GMT
content-encoding: br
x-cache: HIT
x-run-time: 1508
x-age: 1
x-sid: 614296bc-4b60-4175-807a-7fabbe0abc5b
x-77-nzt: AcO1rxf/C6/vAQAAAA==
pragma: no-cache
server: CDN77-Turbo
cache-control: no-cache, no-store, must-revalidate
x-77-nzt-ray: QMkVarABCKc=
x-77-cache: HIT
access-control-allow-methods: GET, PUT, DELETE, OPTIONS
content-type: application/vnd.apple.mpegurl
access-control-allow-origin: *
access-control-expose-headers: Server, range, X-Run-Time, Content-Length, Location
x-route-time: 583
access-control-allow-headers: x-vsaas-session, x-no-redirect, origin, authorization, accept, range
x-accel-expires: @1631754383

GET
H3 200 offer_watch_news-1.jpg
www.livenewsnow.com/wp-content/uploads/2020/01/ 81 KB
81 KB 95ms
94ms Image
image/jpeg 142.44.129.23
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.livenewsnow.com/wp-content/uploads/2020/01/offer_watch_news-1.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

142.44.129.23 , Canada, ASN16276 (OVH, FR),

Reverse DNS

ip23.ip-142-44-129.net

Software

LiteSpeed /

Resource Hash

109106584651217169f5ea67693ef9d3db9f5a689a79bcf4dd2558338944ab3f

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

:path: /wp-content/uploads/2020/01/offer_watch_news-1.jpg
pragma: no-cache
cookie: HstCfa4070290=1631754377121; HstCla4070290=1631754377121; HstCmu4070290=1631754377121; HstPn4070290=1; HstPt4070290=1; HstCnv4070290=1; HstCns4070290=1; _ga=GA1.2.1736250168.1631754378; _gid=GA1.2.366847448.1631754378; _gat_gtag_UA_167135943_15=1; __dtsu=4C301631754377FF67FF8E3C8919DF42; lotame_domain_check=livenewsnow.com; _gat_auPassiveTagger=1; _fbp=fb.1.1631754379003.1734344748; _cc_id=a6518660381342d9cc7ba26db469039e; _cc_cc=ACZ4XmNQSDQzNbQwMzMwtjA0NjFKsUxONk9KNDJLSTIxszQwtkxlAIJEpxndIBoCeGffvSDL%2BFGW4T8jI8PxTVNYYOyPny1hzGeL58CFl%2F8phKs%2BeogZxt6977IAjP2h4T6cfRhJ6%2FQT6jAl75YgTFyz4Sk3TLxz8kktGBsAV3RA7g%3D%3D; _cc_aud=ABR4XmNgYGBIdJrRDaQggJmBYVErmMk1A0QyPqwHkgBeLwT0; panoramaId_expiry=1632359179584; panoramaId=220c0c1b8a16f32de1156ea2a1cd4945a702dccd90320c7b6a4e8b43af9163d5
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.livenewsnow.com
referer: https://www.livenewsnow.com/featured/msnbc.html
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.livenewsnow.com/featured/msnbc.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 01:06:23 GMT
last-modified: Tue, 21 Jan 2020 11:52:26 GMT
server: LiteSpeed
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 83232
expires: Thu, 23 Sep 2021 01:06:23 GMT

GET /
www.livenewsnow.com/wp-json/pum/v1/analytics/ 0
0

GET
H2 200 SPug Show response
simage4.pubmatic.com/AdServer/ Frame A8B6 0
128 B 29ms
16ms Script
text/plain 185.64.189.114
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage4.pubmatic.com/AdServer/SPug?partnerID=157577&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.114 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 16 Sep 2021 01:06:23 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: id5-sync.com
URL: https://id5-sync.com/s/19/9.gif?puid=a6518660381342d9cc7ba26db469039e&gdpr=1

Domain: pr-bh.ybp.yahoo.com
URL: https://pr-bh.ybp.yahoo.com/sync/pubmatic/9D35A074-4453-48D3-818E-01171824F295?gdpr=0&gdpr_consent=

Domain: match.adsby.bidtheatre.com
URL: https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=

Domain: www.livenewsnow.com
URL: https://www.livenewsnow.com/wp-json/pum/v1/analytics/?event=open&pid=5735&_cache=1631754383621

Verdicts & Comments Add Verdict or Comment

438 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

170 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.livenewsnow.com/featured	1969-12-31 23:59:59	Name: quads_browser_width Value: 1600
www.livenewsnow.com/	1970-01-20 06:01:30	Name: HstCfa4070290 Value: 1631754377121
www.livenewsnow.com/	1970-01-20 06:01:30	Name: HstCla4070290 Value: 1631754377121
www.livenewsnow.com/	1970-01-20 06:01:30	Name: HstCmu4070290 Value: 1631754377121
www.livenewsnow.com/	1970-01-20 06:01:30	Name: HstPn4070290 Value: 1
www.livenewsnow.com/	1970-01-20 06:01:30	Name: HstPt4070290 Value: 1
www.livenewsnow.com/	1970-01-20 06:01:30	Name: HstCnv4070290 Value: 1
www.livenewsnow.com/	1970-01-20 06:01:30	Name: HstCns4070290 Value: 1
.udmserve.net/	1970-01-20 06:01:30	Name: udmts Value: 1631754377.0
.udmserve.net/	1970-01-20 06:01:30	Name: dt Value: 89266223-4BD2-302B-9927-98C30ECC88E1
powerad.ai/	1969-12-31 23:59:59	Name: 7695dcr Value: 1
.lockerdome.com/	1970-01-20 06:01:30	Name: account_id Value: 14390389595691776
.lockerdome.com/	1970-01-20 06:01:30	Name: login_token Value: %2214390389595691776%7C1639530377482%3A%7Call%7CrrNinVxmAQ%2F2T8XtdObO4LHHHBdJccjyuXevm66rZEAgKAnsiLsFRf8hkJNcOnok9%2BBcP4Apfgi98VsEqwKH7A%3D%3D%22
.lockerdome.com/	1969-12-31 23:59:59	Name: ldrid Value: bqGRk1ybS4Nn30Y%2FVqJHN4yapaiCX341LJX6ZOqShU8CSF8kA5%2FFuoDvuKmjXHDfNFL%2BtpeKK3ulyYvlc3DEIXVKN4TtZS%2FGuljmXMwrP%2F65tEqK7ftieH6ahK7RFupV
.dtscout.com/	1970-01-19 21:15:59	Name: m Value: 1
.dtscout.com/	1970-01-19 21:15:57	Name: st Value: 1
.dtscout.com/	1970-01-19 21:16:08	Name: oa Value: 1
.dtscout.com/	1970-01-19 23:39:54	Name: df Value: 1631754377
.dtscout.com/	1970-01-19 23:24:03	Name: l Value: 4C301631754377FF67FF8E3C8919DF42
.livenewsnow.com/	1970-01-20 14:47:06	Name: _ga Value: GA1.2.1736250168.1631754378
.livenewsnow.com/	1970-01-19 21:17:20	Name: _gid Value: GA1.2.366847448.1631754378
.livenewsnow.com/	1970-01-19 21:15:54	Name: _gat_gtag_UA_167135943_15 Value: 1
.livenewsnow.com/	1970-01-19 23:21:11	Name: __dtsu Value: 4C301631754377FF67FF8E3C8919DF42
.onaudience.com/	1970-01-20 06:01:30	Name: cookie Value: ee6fce9cb34d8e31
.onaudience.com/	1970-01-19 21:17:20	Name: done_redirects109 Value: 1
.livenewsnow.com/	1970-01-19 21:15:54	Name: lotame_domain_check Value: livenewsnow.com
.ad.gt/	1970-01-20 14:47:06	Name: au_id Value: 70ccee21-fe74-4339-b837-46b1d9a1721f
.ad.gt/	1970-01-19 21:17:20	Name: au_idmatch Value: {"apn": "2021-09-16", "ttd": "2021-09-16", "pub": "2021-09-16", "adx": "2021-09-16", "halo": "2021-09-16", "goo": "2021-09-16", "smart": "2021-09-16", "bees": "2021-09-16", "mediamath": "2021-09-16"}
.openx.net/	1970-01-20 06:01:30	Name: i Value: 06553da1-6456-03ac-0d12-6222f01ca294\|1631754378
.adnxs.com/	1970-01-19 23:25:30	Name: uuid2 Value: 692294473516701639
.dtscdn.com/	1970-01-20 01:33:39	Name: uid Value: 4C301631754377FF67FF8E3C8919DF42
.adsrvr.org/	1970-01-20 06:01:30	Name: TDID Value: a15bdabb-c3aa-4c50-8f55-12df19c523a9
.pubmatic.com/	1970-01-19 23:25:30	Name: KADUSERCOOKIE Value: 9D35A074-4453-48D3-818E-01171824F295
.omnitagjs.com/	1970-01-19 22:42:18	Name: ayl_visitor Value: 0b430a82cfc479e7a5d3bc4012be89a2
.smartadserver.com/	1970-01-20 06:44:42	Name: TestIfCookieP Value: ok
.smartadserver.com/	1970-01-20 06:44:42	Name: pbw Value: %24b%3d16920%3b%24o%3d11100
.gumgum.com/	1970-01-20 06:01:30	Name: cs Value: true
.smartadserver.com/	1970-01-20 06:44:42	Name: pid Value: 4065204778030219780
.smartadserver.com/	1970-01-20 06:44:42	Name: pdomid Value: 10
.bidr.io/	1970-01-20 06:44:27	Name: bito Value: AABZDU7ChTEAAB0enEokTg
.bidr.io/	1970-01-20 06:44:27	Name: bitoIsSecure Value: ok
.mathtag.com/	1970-01-20 06:41:49	Name: uuid Value: ce896142-988a-4000-9d86-8d6e6bdc91b4
.livenewsnow.com/	1970-01-19 21:15:54	Name: _gat_auPassiveTagger Value: 1
.ad.gt/	1970-01-20 14:47:06	Name: last_seeng_hosted Value: 1631754378827
.ad.gt/	1970-01-20 14:47:06	Name: g_hosted Value:
.ad.gt/	1970-01-20 14:47:06	Name: last_seenadnxs Value: 1631754378844
.ad.gt/	1970-01-20 14:47:06	Name: adnxs_id Value: 692294473516701639
.ad.gt/	1970-01-20 14:47:06	Name: first_seenadnxs Value: 1631754378844
.ad.gt/	1970-01-20 14:47:06	Name: last_seenpbm Value: 1631754378847
.ad.gt/	1970-01-20 14:47:06	Name: pbm Value: 9D35A074-4453-48D3-818E-01171824F295
.ad.gt/	1970-01-20 14:47:06	Name: first_seenpbm Value: 1631754378847
.livenewsnow.com/	1970-01-19 23:25:30	Name: _fbp Value: fb.1.1631754379003.1734344748
.ad.gt/	1970-01-20 14:47:06	Name: last_seentd Value: 1631754378855
.ad.gt/	1970-01-20 14:47:06	Name: tdid Value: a15bdabb-c3aa-4c50-8f55-12df19c523a9
.ad.gt/	1970-01-20 14:47:06	Name: first_seentd Value: 1631754378855
.ad.gt/	1970-01-20 14:47:06	Name: last_seenbeeswax Value: 1631754378907
.ad.gt/	1970-01-20 14:47:06	Name: beeswax_id Value: AABZDU7ChTEAAB0enEokTg
.ad.gt/	1970-01-20 14:47:06	Name: last_seenmediamath Value: 1631754378919
.ad.gt/	1970-01-20 14:47:06	Name: user_id Value: ce896142-988a-4000-9d86-8d6e6bdc91b4
.ad.gt/	1970-01-20 14:47:06	Name: last_seenhaloid Value: 1631754378971
.ad.gt/	1970-01-20 14:47:06	Name: halo_id Value: 0201r1f1hl07jv2yg08xizqr0bwpa1w0evvljv1k7cm961o8b5po0ntek210qskvk40trr7270wqxik90zq3u2c12pa5j31k0gxf118nmsj91nelrdq1elzfjf1hl5r1i1kkc2jl
.ad.gt/	1970-01-20 14:47:06	Name: first_seenhaloid Value: 1631754378971
.ad.gt/	1970-01-20 14:47:06	Name: last_seenopenx Value: 1631754379014
.ad.gt/	1970-01-20 14:47:06	Name: openx_id Value: fcb91b9d-445d-03a7-043f-be9a83445e6d
.crwdcntrl.net/	1970-01-20 03:44:42	Name: _cc_dc Value: 1
.crwdcntrl.net/	1970-01-20 03:44:42	Name: _cc_id Value: a6518660381342d9cc7ba26db469039e
.crwdcntrl.net/	1970-01-20 03:44:42	Name: _cc_cc Value: "ACZ4XmNQSDQzNbQwMzMwtjA0NjFKsUxONk9KNDJLSTIxszQwtkxlAIJEpxndIBoCeGffvSDL%2BFGW4T8jI8PxTVNYYOyPny1hzGeL58CFl%2F8phKs%2BeogZxt6977IAjP2h4T6cfRhJ6%2FQT6jAl75YgTFyz4Sk3TLxz8kktGBsAV3RA7g%3D%3D"
.crwdcntrl.net/	1970-01-20 03:44:42	Name: _cc_aud Value: "ABR4XmNgYGBIdJrRDaQggJmBYVErmMk1A0QyPqwHkgBeLwT0"
.livenewsnow.com/	1970-01-20 03:44:42	Name: _cc_id Value: a6518660381342d9cc7ba26db469039e
.livenewsnow.com/	1970-01-20 03:44:42	Name: _cc_cc Value: ACZ4XmNQSDQzNbQwMzMwtjA0NjFKsUxONk9KNDJLSTIxszQwtkxlAIJEpxndIBoCeGffvSDL%2BFGW4T8jI8PxTVNYYOyPny1hzGeL58CFl%2F8phKs%2BeogZxt6977IAjP2h4T6cfRhJ6%2FQT6jAl75YgTFyz4Sk3TLxz8kktGBsAV3RA7g%3D%3D
.livenewsnow.com/	1970-01-20 03:44:42	Name: _cc_aud Value: ABR4XmNgYGBIdJrRDaQggJmBYVErmMk1A0QyPqwHkgBeLwT0
.livenewsnow.com/	1970-01-19 21:25:59	Name: panoramaId_expiry Value: 1632359179584
.livenewsnow.com/	1970-01-19 21:25:59	Name: panoramaId Value: 220c0c1b8a16f32de1156ea2a1cd4945a702dccd90320c7b6a4e8b43af9163d5
.agkn.com/	1970-01-20 06:01:30	Name: ab Value: 0001%3A6N17lr9tlRnR6ly0QlVCWHGguKYwGTcI
.tapad.com/	1970-01-19 22:42:18	Name: TapAd_TS Value: 1631754379793
.tapad.com/	1970-01-19 22:42:18	Name: TapAd_DID Value: 85760efe-d417-473a-9c21-65c28eaa8ada
.tapad.com/	1970-01-19 22:42:18	Name: TapAd_3WAY_SYNCS Value:
.krxd.net/	1970-01-20 01:35:06	Name: _kuid_ Value: OXUtiiND
.eyeota.net/	1970-01-20 06:01:30	Name: mako_uid Value: 17bec23e255-7bb60000010f5e45
.eyeota.net/	1970-01-19 21:15:54	Name: SERVERID Value: 24133~DM
.exelator.com/	1970-01-20 00:08:42	Name: EE Value: "740d256e7292b91b576f346a376cac1f"
.exelator.com/	1970-01-20 00:08:42	Name: ud Value: "eJxrXxzq6XKLQcHcxCDFyNQs1dzI0ijJ0jDJ1NwszdjELNHY3Cw5MdkwbXFZatGCpaXFqSlJh5ZU5JTkNK0uiw91jHdz9PX0iVywAswJcw1asCS%252FKDN9kYvr4qKUNMZFJcWngvd%252BEwIAJoAnAw%253D%253D"
.doubleclick.net/	1970-01-20 14:47:06	Name: IDE Value: AHWqTUkE6vaxa7XbzC4acKn315L5hyhaKnefaBdGawrpL-OeoI0SCv4EDf7EV797XLM
.demdex.net/	1970-01-20 01:35:06	Name: demdex Value: 12801312672269143362195994664252593672
.dpm.demdex.net/	1970-01-20 01:35:06	Name: dpm Value: 12801312672269143362195994664252593672
.tidaltv.com/	1970-01-20 06:01:30	Name: tidal_ttid Value: 35477bd3-6534-4495-8735-5a3a4edf26f1
.tidaltv.com/	1970-01-20 06:01:30	Name: sync-his Value: "H4sIAAAAAAAAADM0sjA3tzI0NAAA9Yzi0wkAAAA="
.turn.com/	1970-01-20 01:35:06	Name: uid Value: 7625358645801593428
.sitescout.com/	1970-01-20 06:01:30	Name: ssi Value: 43bcc6b3-411d-4b94-8564-060c209c8e09#1631754380044
.everesttech.net/	1970-01-20 06:01:30	Name: everest_g_v2 Value: g_surferid~YUKYjAAAAd6mgQAR
global.ib-ibi.com/	1969-12-31 23:59:59	Name: ASP.NET_SessionId Value: xj0wz13xkaxyslfxyjzonj1w
ib.mookie1.com/	1969-12-31 23:59:59	Name: ASP.NET_SessionId Value: hsd1opi335d3ybir35injvr0
.ib.mookie1.com/	1970-01-20 06:01:30	Name: ibkukiuno Value: s=72518448-8702-4e86-a7a8-de55d411cdf4&h=&v=3984394051&l=-8585698525042324521&op=&hl=0&vlu=3&tcs=1&dcc=-8585698525042324521
.ib.mookie1.com/	1970-01-20 06:01:30	Name: ibkukinet Value: 3632493099=-8585698525042324521
.openx.net/	1970-01-19 21:37:30	Name: pd Value: v2\|1631754381\|mOgeginskin0vNomiygu
.bidswitch.net/	1970-01-20 06:01:30	Name: c Value: 1631754381
.bidswitch.net/	1970-01-20 06:01:30	Name: tuuid_lu Value: 1631754381
.bidswitch.net/	1970-01-20 06:01:30	Name: tuuid Value: 52a2cf51-6e38-4e7d-a6a9-1d14e78bdb32
.w55c.net/	1970-01-20 06:44:42	Name: wfivefivec Value: fU7PwUtk1MqFR35
.quantserve.com/	1970-01-20 06:46:08	Name: mc Value: 6142988d-8ba29-05804-4b818
.w55c.net/	1970-01-19 21:59:06	Name: matchopenx Value: 5
.pubmatic.com/	1970-01-19 21:59:06	Name: KRTBCOOKIE_699 Value: 22727-AABZDU7ChTEAAB0enEokTg
.pubmatic.com/	1970-01-19 23:25:30	Name: PUBMDCID Value: 3
.ads.pubmatic.com/	1970-01-19 21:17:20	Name: KCCH Value: YES
.mookie1.com/	1970-01-20 06:44:42	Name: id Value: 10828342354175547081
.mookie1.com/	1970-01-20 06:44:42	Name: mdata Value: 1\|10828342354175547081\|1631754381612
.mookie1.com/	1970-01-20 06:44:42	Name: ov Value: 28ca98aa8b3722dd39cd0b0e3f613376
.adform.net/	1970-01-19 21:59:06	Name: C Value: 1
.adform.net/	1970-01-19 22:42:18	Name: uid Value: 5754003166861353392
.advertising.com/	1970-01-20 06:02:56	Name: APID Value: UP4e4a9096-168a-11ec-a15f-06be1e67faf8
.betweendigital.com/	1970-01-20 06:01:30	Name: dc Value: lux1
.betweendigital.com/	1970-01-20 06:01:30	Name: tuuid Value: 33e45775-5fc2-5203-bd7a-fb9edc386313
.betweendigital.com/	1970-01-20 06:01:30	Name: ss Value: 1
.pubmatic.com/	1970-01-19 23:25:30	Name: DPSync3 Value: 1632960000%3A201_197_219%7C1631836800%3A174
.betweendigital.com/	1970-01-20 06:01:30	Name: ut Value: YUKYjQAKIcDV5Z7VcZ36WNv8PamtZH52vWl3Og==
.pubmatic.com/	1970-01-19 23:25:30	Name: SyncRTB3 Value: 1632614400%3A63%7C1632960000%3A204_230_3_220_81_99_56_54_222_22_234_189_71_55_104_176_161_13_231_165_88_8_7_166_21%7C1633046400%3A35%7C1634342400%3A203%7C1632355200%3A2_223_15
.quantserve.com/	1970-01-19 23:25:30	Name: d Value: ENwBEQGhJPijCJiTAA
.taboola.com/	1970-01-20 06:01:30	Name: t_gid Value: 02203537-41f2-43e7-9dc1-ea067be77035-tuct83c1e0d
.adfarm1.adition.com/	1970-01-19 23:25:30	Name: UserID1 Value: 7008331701509486743
.sitescout.com/	1970-01-19 21:59:06	Name: _ssuma Value: eyI0NSI6MTYzMTc1NDM4MTcxMiwiNyI6MTYzMTc1NDM4MDA3MH0
ads.avct.cloud/	1970-01-20 06:01:30	Name: uuid Value: fa463166-37aa-49ec-a41e-c4ae660de116
.pubmatic.com/	1970-01-19 23:25:30	Name: KRTBCOOKIE_57 Value: 22776-692294473516701639
.onaudience.com/	1970-01-19 21:17:20	Name: done_redirects104 Value: 1
.pubmatic.com/	1970-01-19 23:25:30	Name: KRTBCOOKIE_153 Value: 19420-YdGylG7YvsJ62OTHZdmrlmLYtpJ61OSeZtin0WxC&KRTB&22979-YdGylG7YvsJ62OTHZdmrlmLYtpJ61OSeZtin0WxC
.pubmatic.com/	1970-01-19 23:25:30	Name: KRTBCOOKIE_80 Value: 22987-CAESECgfC6azDIihfis8DZvNb64&KRTB&16514-CAESECgfC6azDIihfis8DZvNb64&KRTB&23025-CAESECgfC6azDIihfis8DZvNb64
.pubmatic.com/	1970-01-20 01:35:06	Name: KRTBCOOKIE_188 Value: 3189-43bcc6b3-411d-4b94-8564-060c209c8e09-6142988c-5553
.pubmatic.com/	1970-01-19 21:59:06	Name: KRTBCOOKIE_1101 Value: 23040-7008331701509486743
.pubmatic.com/	1970-01-19 23:25:30	Name: KRTBCOOKIE_218 Value: 22978-YUKYjAAAAd6mgQAR&KRTB&23194-YUKYjAAAAd6mgQAR&KRTB&23209-YUKYjAAAAd6mgQAR&KRTB&23244-YUKYjAAAAd6mgQAR
.pubmatic.com/	1970-01-19 21:59:06	Name: KRTBCOOKIE_391 Value: 22924-5754003166861353392&KRTB&23263-5754003166861353392
.pubmatic.com/	1970-01-19 21:59:06	Name: KRTBCOOKIE_27 Value: 16735-uid:ce896142-988a-4000-9d86-8d6e6bdc91b4&KRTB&16736-uid:ce896142-988a-4000-9d86-8d6e6bdc91b4&KRTB&23019-uid:ce896142-988a-4000-9d86-8d6e6bdc91b4&KRTB&23114-uid:ce896142-988a-4000-9d86-8d6e6bdc91b4
.pubmatic.com/	1970-01-19 23:25:30	Name: KRTBCOOKIE_377 Value: 6810-a15bdabb-c3aa-4c50-8f55-12df19c523a9&KRTB&22918-a15bdabb-c3aa-4c50-8f55-12df19c523a9&KRTB&23031-a15bdabb-c3aa-4c50-8f55-12df19c523a9
.erne.co/	1970-01-20 06:01:30	Name: u Value: j77VLQZQAioC6nbMsdQFXfTC
.yahoo.com/	1970-01-20 06:01:51	Name: A3 Value: d=AQABBI2YQmECEPMPTatSwITBs2_1y8m7n_AFEgEBAQHqQ2FMYQAAAAAA_eMAAA&S=AQAAAmOMotW9qlrrDrHnKlp0xNA
.simpli.fi/	1970-01-20 06:02:56	Name: suid Value: CD9B232C8BF34FA2B6D2919F0AE6F03E
.pubmatic.com/	1970-01-19 23:25:30	Name: KRTBCOOKIE_466 Value: 16530-52a2cf51-6e38-4e7d-a6a9-1d14e78bdb32
.analytics.yahoo.com/	1970-01-20 06:02:56	Name: IDSYNC Value: 18z9~20fd
.yahoo.com/	1970-01-19 23:49:55	Name: APID Value: UP4e4a9096-168a-11ec-a15f-06be1e67faf8
.yahoo.com/	1970-01-19 21:17:20	Name: APIDTS Value: 1631754381
.pubmatic.com/	1970-01-19 21:59:06	Name: KRTBCOOKIE_409 Value: 22966-j77VLQZQAioC6nbMsdQFXfTC
.de17a.com/	1970-01-20 05:54:18	Name: guid2 Value: 1.3608879414778471959
.adsrvr.org/	1970-01-20 06:01:30	Name: TDCPM Value: CAESFwoIcHVibWF0aWMSCwiqxJ-th678ORAFGAEgASgCMgsIoMfu2p2u_DkQBTgBWgthZGNvbmR1Y3RvcmAC
.onaudience.com/	1970-01-19 21:17:20	Name: done_redirects219 Value: 1
.mfadsrvr.com/	1970-01-20 14:47:06	Name: tuuid Value: 63a736d0-29bc-43dd-b246-7518be62fa82
.mfadsrvr.com/	1970-01-20 14:47:06	Name: c Value: 1631754381
.mfadsrvr.com/	1970-01-20 14:47:06	Name: tuuid_lu Value: 1631754381
.1rx.io/	1970-01-20 06:01:30	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-67fe52ad-70a5-4b1f-9367-f2c5060ce4d9-003%22%7D
.pubmatic.com/	1970-01-19 21:59:06	Name: SPugT Value: 1631754379
.mfadsrvr.com/	1970-01-20 14:47:06	Name: bsw_uid Value: 52a2cf51-6e38-4e7d-a6a9-1d14e78bdb32
.mfadsrvr.com/	1970-01-20 14:47:06	Name: ssh Value: !bidswitch,1631754381
.pubmatic.com/	1970-01-19 21:59:06	Name: KRTBCOOKIE_22 Value: 14911-7625358645801593428
.pubmatic.com/	1970-01-19 21:59:06	Name: KRTBCOOKIE_336 Value: 5844-3608879414778471959
ads.playground.xyz/	1970-01-19 21:24:54	Name: connect.sid Value: s%3AcnhYdWTGgV-_GgOf3vyZrlOB5vcFv0QL.Ehnx1HQYfVb8l2iGUY7kfIMSgNlwngkKZKOMMxrlpLg
.admanmedia.com/	1970-01-20 06:01:30	Name: admtr Value: b98b70f4a2063717c189127beac962f31ae76653
.pubmatic.com/	1970-01-19 23:25:30	Name: chkChromeAb67Sec Value: 5
.targeting.unrulymedia.com/	1970-01-20 06:01:30	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-67fe52ad-70a5-4b1f-9367-f2c5060ce4d9-003%22%7D
.zeotap.com/	1970-01-20 06:01:30	Name: zc Value: aff93236-2345-417d-5b11-5aa37f31f772
.zeotap.com/	1970-01-19 21:17:20	Name: zsc Value: %15N%D6%85%98%FF%E3%FB%98%1C%C4%84ou%0A1%7D%CD%03%BC%E6%3C%C7.%FD%DF5%240%3F%86P%83%B6%1D%2F4%0DA%12I%DAJ%2A%5B%9D%1C%B3%FA%213%B5%0D%B85O%24%08+%A6fQ%1B%80%B7%98%A8%D7%C4%91%A1v%03%BC2%C2%F3%EE%7F%CC%95os
.pubmatic.com/	1970-01-19 23:25:30	Name: KRTBCOOKIE_594 Value: 17105-RX-67fe52ad-70a5-4b1f-9367-f2c5060ce4d9-003&KRTB&17107-RX-67fe52ad-70a5-4b1f-9367-f2c5060ce4d9-003
.gumgum.com/	1970-01-20 06:01:30	Name: vst Value: e_0d967b28-ec45-4d3d-8409-9be49340b1d4
bh.contextweb.com/	1969-12-31 23:59:59	Name: INGRESSCOOKIE Value: 63f9ac0688c6f854
.pubmatic.com/	1970-01-19 21:59:06	Name: KRTBCOOKIE_1074 Value: 22956-e_0d967b28-ec45-4d3d-8409-9be49340b1d4
pool.admedo.com/	1970-01-20 06:01:30	Name: c Value: 1631754382
pool.admedo.com/	1970-01-20 06:01:30	Name: tuuid_lu Value: 1631754382
pool.admedo.com/	1970-01-20 06:01:30	Name: tuuid Value: 8eea97ea-48c1-419d-9e54-1fb4bdc8abb2
.undertone.com/	1970-01-20 06:01:51	Name: UID_EXT_53 Value: 9D35A074-4453-48D3-818E-01171824F295
.ipredictive.com/	1970-01-20 06:01:30	Name: cu Value: 4e8cc9c6-168a-11ec-98c6-97c9ff4101b8\|1631754382079
.pubmatic.com/	1970-01-19 21:59:06	Name: PugT Value: 1631754382
.pubmatic.com/	1970-01-19 21:59:06	Name: KRTBCOOKIE_279 Value: 22890-4e8cc9c6-168a-11ec-98c6-97c9ff4101b8&KRTB&23011-4e8cc9c6-168a-11ec-98c6-97c9ff4101b8
.tribalfusion.com/	1970-01-19 23:25:30	Name: ANON_ID Value: aSnsIHN3IdbSIdwFUNGJykxyY2sTtpxKxMvWBKkVGoKqUaX2aZan43EeDOOCJphO7ie6SPLMWfpZdfY0Zda79ZdXGLgs
.undertone.com/	1970-01-20 06:01:51	Name: UID_EXT_39 Value: 9e9465df-cd7e-0038-3d41-b50d6397b13b

6 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://udmserve.net/udm/img.fetch?sid=16427;tid=1;dt=6; Message: Failed to load resource: the server responded with a status of 412 (Precondition Failed)
other	warning	URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js(Line 72) Message: Origin trial controlled feature not enabled: 'trust-token-redemption'.
other	warning	URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js(Line 72) Message: Origin trial controlled feature not enabled: 'attribution-reporting'.
network	error	URL: https://dmp.truoptik.com/f2d2e39fc16bc9cc/sync.gif?cbp=tpid&cbk=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D10832%2Ftp%3DTRUP Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://idsync.rlcdn.com/420246.gif?partner_uid=c:939206e7a9a68c0dc2a8b2cdebb0b624 Message: Failed to load resource: the server responded with a status of 451 ()
network	error	URL: https://id5-sync.com/s/19/9.gif?puid=a6518660381342d9cc7ba26db469039e&gdpr=1 Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1420543146.rsc.cdn77.org
a.ad.gt
a.dtssrv.com
a.tribalfusion.com
aa.agkn.com
acdn.adnxs.com
ad.turn.com
ad4m.at
ads.avct.cloud
ads.betweendigital.com
ads.playground.xyz
ads.pubmatic.com
ads.yieldmo.com
aorta.clickagy.com
assets.vlitag.com
audit-tcfv2.quantcast.mgr.consensu.org
aufp.io
bcp.crwdcntrl.net
beacon.krxd.net
bh.contextweb.com
c1.adform.net
cdn.jsdelivr.net
cdn.revcontent.com
cdn.tynt.com
cdn.undertone.com
cdn1.lockerdomecdn.com
cdn2.lockerdomecdn.com
cm.adgrx.com
cm.g.doubleclick.net
connect.facebook.net
cs.admanmedia.com
csync.loopme.me
d.turn.com
d5p.de17a.com
de.tynt.com
dis.criteo.com
dmp.truoptik.com
dpm.demdex.net
dsp.adfarm1.adition.com
e.dtscout.com
eu-u.openx.net
eus.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
g2.gumgum.com
get.s-onetag.com
global.ib-ibi.com
googleads.g.doubleclick.net
green.erne.co
grid.bidswitch.net
hb-api.omnitagjs.com
hb.brainlyads.com
hb.undertone.com
hbopenbid.pubmatic.com
ib.adnxs.com
ib.mookie1.com
ic.tynt.com
id5-sync.com
ids.ad.gt
idsync.rlcdn.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
image8.pubmatic.com
images.revcontent.com
imasdk.googleapis.com
img.revcontent.com
loadm.exelator.com
lockerdome.com
match.adsby.bidtheatre.com
match.adsrvr.org
match.deepintent.com
match.prod.bidr.io
match.taboola.com
ml314.com
mwzeom.zeotap.com
next-millennium-d.openx.net
odr.mookie1.com
onetag-geo-grouping.s-onetag.com
onetag-geo.s-onetag.com
onetag-sys.com
p.ad.gt
pagead2.googlesyndication.com
pd.sharethis.com
pixel-sync.sitescout.com
pixel.advertising.com
pixel.onaudience.com
pixel.quantserve.com
pixel.rubiconproject.com
pixel.tapad.com
pixel.zprk.io
pixels.ad.gt
pm.w55c.net
pool.admedo.com
powerad.ai
pr-bh.ybp.yahoo.com
ps.eyeota.net
pubmatic-match.dotomi.com
quantcast.mgr.consensu.org
report.hb.brainlyads.com
report2.hb.brainlyads.com
reporting.powerad.ai
rtb-csync.smartadserver.com
rtb.gumgum.com
rtb.mfadsrvr.com
s.tribalfusion.com
s0.2mdn.net
s10.histats.com
s4.histats.com
secure-assets.rubiconproject.com
secure.adnxs.com
securepubads.g.doubleclick.net
services.vlitag.com
simage2.pubmatic.com
simage4.pubmatic.com
spl.zeotap.com
ssc-cms.33across.com
ssc.33across.com
ssl.p.jwpcdn.com
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.1rx.io
sync.crwdcntrl.net
sync.ipredictive.com
sync.mathtag.com
sync.sharethis.com
sync.smartadserver.com
sync.targeting.unrulymedia.com
sync.tidaltv.com
t.dtscdn.com
t.dtscout.com
tag.1rx.io
tag.vlitag.com
tags.bluekai.com
tags.crwdcntrl.net
test.quantcast.mgr.consensu.org
token.rubiconproject.com
tpc.googlesyndication.com
trc.taboola.com
trends.revcontent.com
u.openx.net
udmserve.net
um.simpli.fi
ups.analytics.yahoo.com
us-u.openx.net
usr.undertone.com
vid-io-dub.springserve.com
vid.springserve.com
vpaid.springserve.com
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.livenewsnow.com
x.bidswitch.net
id5-sync.com
match.adsby.bidtheatre.com
pr-bh.ybp.yahoo.com
www.livenewsnow.com
104.118.220.232
104.154.142.214
104.16.88.26
104.16.92.60
104.18.13.5
104.21.78.98
104.22.24.87
104.26.14.238
104.26.15.238
107.23.252.174
13.224.193.129
13.224.193.80
13.224.193.91
13.225.78.120
13.225.78.27
13.225.78.3
13.225.78.37
13.225.78.44
13.225.78.59
13.225.78.93
142.250.184.226
142.250.184.230
142.250.185.110
142.250.185.130
142.250.185.131
142.250.185.226
142.250.186.129
142.250.186.131
142.250.186.132
142.250.186.170
142.250.186.34
142.44.129.23
151.101.1.44
151.101.194.114
151.101.2.49
151.101.65.229
151.139.128.11
151.139.241.28
151.139.242.29
157.240.236.1
157.240.236.35
158.69.139.229
159.203.161.83
159.253.128.183
162.55.6.212
169.197.150.7
172.217.16.136
172.217.23.106
172.67.74.129
173.231.180.197
178.250.2.151
18.156.0.31
18.192.135.64
18.195.98.10
18.196.60.85
18.198.109.212
18.211.226.152
184.26.16.194
184.26.16.208
185.255.84.151
185.29.134.244
185.64.189.112
185.64.189.114
185.64.189.115
185.64.189.216
185.64.190.80
185.86.137.131
185.86.137.132
188.42.191.196
192.99.8.27
195.181.175.25
198.148.27.140
208.100.17.171
208.100.17.186
208.100.17.190
213.155.156.185
213.19.147.42
213.19.147.45
23.20.158.212
23.37.42.132
3.1.182.12
3.125.70.222
3.127.52.31
3.215.247.12
3.86.21.221
34.149.20.76
34.216.108.96
34.239.198.206
34.251.173.19
34.254.143.3
34.98.107.212
34.98.64.218
34.98.67.61
35.157.177.200
35.210.53.219
35.227.248.159
35.244.174.68
37.157.4.40
37.252.173.22
37.252.173.27
44.227.231.197
46.105.201.240
46.228.164.11
46.228.164.13
51.210.112.63
51.89.24.69
51.89.9.254
52.17.148.138
52.18.52.16
52.211.195.119
52.214.235.66
52.29.23.197
52.30.140.199
52.31.202.1
52.42.90.222
52.48.53.255
52.50.197.208
52.57.110.162
52.7.51.190
52.89.213.37
54.194.126.20
54.213.79.211
54.234.151.247
54.246.13.173
54.247.138.82
54.72.203.75
64.158.223.140
64.233.167.157
64.58.232.177
64.58.232.179
66.155.71.25
68.71.249.118
69.173.144.138
69.173.144.165
76.223.111.131
85.114.159.118
87.98.242.60
88.214.206.142
91.228.74.134
0030ff9feae5571ab64b66ce10d11702c5cd2075d0df6ade01d8605f649d76da
0031e851a43588a289137ca2bba9e2ba59221a504e0f0cb256331a36674f8bd0
003dd7b596a404268ba736e11666ae3003c64483cd3f41e1cb546ed0df20554c
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
0902efb215fa96af6fda4f5c9115bdab9b5596527dcb58e32919e12f4d59a839
0a08d51c4d3bb6e480a9d1c15eead0d989ecf10433c67cc5865dc546fc3c6ceb
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0b512e4da1bb261087cb3f73749af7b62bccf8655b68e21b38db19d98e8b73cb
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0ca7188912ef3473bb7943356daf3909fb28acf076110495dd4eff399334fe70
0cd851e5b33af0fbb354df65506da39807b998e07723f3d08aba5179fa2ed97e
0d612a19fbd151019216390cf44632dca89a06094a2fbcb0173a71a41ff4dc57
0d9762a1a60deef8aa093c473ad27c38eed77184d6940e7df06d89d77cbd3e94
0e539c4d175fbfed76b5e9fa406c51ab15cb8bb0a9d1ef65eb54007d48371116
0ff82947b9b183f11dd7f5cb3bd52398e6f1757d1859181d577a653d5d4b3b4a
1028c1d6512de0936e5c8444d9d96ba4a6c65fffec0e78f0b7408408e4c9332d
106b39f48e91ecd4e58145357095e1014ceba98a7b71c81e2a9388a36be77732
109106584651217169f5ea67693ef9d3db9f5a689a79bcf4dd2558338944ab3f
1098f55a019d91eab778adaeafc1f1cddd1690c01a4554019f49e806ad8b68c4
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
11e41d859e2bb2f97068bbbffff15522b7852828e938a464164ffbad62cfa389
143ce443c390db3b8598f951de20bd04623859a581a15b8cde43ebfa1f8ec103
17c017479dd90e883c66518bc09e8e77eb17fd4186fc172b5565e2014ad8e2e9
1845d229137e5f0aeb6e2c2e4a98024e88b8a0ba5c2103f9000e84a2c2ee7e46
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
1916cf4455a526aadafd82710bf7304154905dcdf69dd9e0b516a63cc82e27e0
207c564dfd8b7510073414c7f9fc753208395e58d8f659adaccd143744451fa8
20909fdd81c01a8884704f8424d8421bba1bb83c42af1d2e0ed3af58d60d6c4a
2118c6cd532cb02a503f670da3b5fc94b10dc4d1ed912d5d57cfc8ed2d29167b
2d0f6b590917e7d27ddeb026b280d62dde9d03bb92f47f56342fc5f68f0c24eb
2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2ecad403abe6094919937758649c7fe968b8339a0b958e232acab55ca87ef02b
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
2f87e084a7e972b2a348c0c76df759ec44774446f24e707ca0edb9db944b0255
308b928d2ceac604566e6a11088dcc8e3793fd62299a80490389cd2f08480482
31a1042dc9214bc9b18ef566b408af2181a54e9dbb503c45c3c0aacdde48ad7d
335b59e615135313a66319e641cdad6ac3489a600e04d4181c859699bed4babe
33783e2056b0f8f81ceec5c822b6531a10d69dc0fdc2d34c01493fddabfdba32
3436c3752abf07e26bd0b8af7fc5a033db46bf95708c6231facd018746678e87
347929e823326917ec72df0adfe9a05f12ac69dca63e1c1ff0c9265bd87b1550
34bf6a3042fa964fe680e78077db7119d49577b3a949af21b29170e632b5034a
3597aad78feffe7bfa7557d435aba8a0d1c4633829d4ccb6040e38d7e303a159
36ed85dd058e4c2843e06146946e0ff1f9ace65760c22af5eb4f1b22319dddb5
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
386d9248f9b1288499cb2f689cdb6e0c1323ea09ddb5c4b8b88f091c76887cf9
3a004449a902761aad16b864139debff60e5165b7740cd6e4939e3282ca2bd80
3b9abcb1748115239e7080fb4f672f4369492f76c49324ca25ee0aae83a7b956
3c76ba0e571382c10f84cbda7a0696799496eccacef1f5949a193fb18ed18fc6
3ce731ea1723069dfdee5052b5aafbff6cc037cad0d7900ba41c8d9769aeb5d2
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
423aa2a4808a60747f255a1481a9d9909565b8f2783e3239e953e82b7325b432
4267f35dc3ec8b915b7b408c012631a7f246004b052e7c95fc36dcf8ea333ee9
42b601bc0d93dfca6e350b46d113bf8e7ff9e40a87a0c57ab9b3c9c219062423
42d7267b917bee673bfe95904e8f81fed0d1b0028d76f50843c4db3d0a713243
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
453e6d5e81d2f146606b9e92a4bb6b0a9667c242e2fa10327021dc41467dc362
46acd42f9cf72f881923da6593e84b3712aa11935e868d72653448ffeda9b23e
4751899227345ced29661715f739ea4bf38dd039f86e1d047d08d686779b2b56
4834aa58000857ce42bdc4ae2322104fbbb5c0e96a7dbd4deab73900ae9d23a7
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
4af33dd281859a417474adb4e2710259f803754801d2d8a68c41851306b70550
4b49d21d9b4f1e095f4428e9b68e1f4f1c7b0bf2dd06e6062954ae144d0060ac
4b85afc56de3932616dd63a9348d061ad7a5446d03b0c5dc7f5cec4a5c146ac4
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0
4f755dc598f2431fd9096811c85fa8483838e86824d658199ce03a13de765cd7
52c41152c7916b4cf3b3a90f790faa0ba7f746603671e286531bc50407d844ca
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
550c7c872d1554acc1d260587f1c90301a53a97ce370a73379cf7d2cad660307
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
587e2e7350886d6b5fd31e385638ffe5cf3331c82260e8fe76523f99cda27a42
5a07f92a3cf8e20cea7fdcabd0995605dd90fabfe3fe132cc6d21fe70f2f371b
5b146c4ad3127362bcb7f496d0fc8c31ec8dd6eb117a2c682dd48f3b8d235bac
5bdd8ce5370d22e624976e91a94c2c1a59323a19ca9a3de0eb0c76d80f716788
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
5bf3e835f77c2c55fbcf049743ca22309dd62fba440c336f0137060518a7fe46
5c58c43577c05ebf7c2f321976a7044736c7cb013b0806a11908824e0f8d1c0c
5c750ce976363fb5e2bd5f7c4ec8fcaa56ccfd6014470dea6bb0e5dcde0732af
5dc7c905debaa6b745ec1306e32b44b97ef84ef00fc6988063cd565bfde2259c
6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2
607f69d2ac4f67c9ab5753f5176c18096b5b6d1128ab9f9da3720563c0824e64
6088012dda2274a27fa40ed153d9e3a6c96a22af1b177f8a2916368eb3e88bb0
60e642785893759e29dca69afd93ff0f6fea591067850fe30d5d7235b0431de1
6181cd98fe270c2826d416574446841f86778bc45a0ab0bdd0c667b4e70fd6e8
61d43897b23b0eb7b3a42b1c2659ebc7272c638380856b42292b92ddfac3714d
63721156438c4a8fad96c6cb93099d8a59e94706abc4bf0c391b393cff33aa9e
637bbe2aa8c7feb51d668de212a5df8026792eb53ed6e0aed18fb50c07fa3ddf
63cf7a38baaaaebc012cfc355797544949b60c040b5da57560f26d88502d1372
645c745c972fa286538b481ff3da9a58bf2a8b2fba6b8a195853f6d221a4775e
65ce07ecd420d4ae6f15b183fbb40f8789c963964f9db96faed8b969f1a97fc0
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
67a988855f04ab3c9bbf3355934bc763205a7a64500351b8a877454a02b5ff40
67b0f78f61077a241474fbd179b890728a71736a7dff58373fa29c5592af8aad
6b81df06ae875dc7cdbe72d5f6bc6b8105270e77881b49e3c7f39ccabe13ef8b
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c07d4305604e750e24d560d1dfabe8d715ae67bed68db5eb689d498489b33e6
6d123a38a7904beef7741fac080742c9f15052e6dc31dd3a9560fdb322b4899a
6e6ccac087ad76b6ea6521366164d204e5028affc84a6b6e8fe887218b7a9f9e
6ff67e9698ccf85007cd047170059dede48ff74484e2aaa7e1228ae628a028ab
705ad2695d761a1bba5872f3db554d64893be6d3e6a51f7077d95467dec85345
70beb5f1deda4d131adc07a99733d23e4a8fe8a50bb29b84c31316497023a0dc
70c3faca124d1c7af1b2cb3b2b91600a4098aed41430417e70d81555ade9ba01
718169d79a9251bb750dede09d5d04039199fc22066399c5e538bcc2c9d5428f
71f7a256bbe1ac64012c02d4eb1009b2e0c08cff3888fe73c563efd9d711ca27
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658
7345db8b8745d32b70fbbb0867ab8488760e99ce94aa40a78e73ad7fcba15866
76137dea38db9d7880de4a2585770dd0f9e822b0196921f81c5122d57b2876fc
76aacba4eece592e3a3281e69a5762c6f10b527a29fbba5eae5ac091f47ae554
7706eaf965adc73f726e3d0feeac2d04116e0db9a134dbfdbd2d9bef95c65194
781141fd583b72c2e2cf27dcd5fed0e58eaeeea7532551de76200f5653ace1f0
781b4fa701f66916629ec542d6f6b99648593d096784de8bbf4b442e5845a310
7ba77ecceacb5216e170a452593d3d518340a202054332bb36608f9e523e9405
7d63d874aa4977dd2c3d90a67ac741d4928e3ecf85d8f6f05d0f23f9fe90a672
7d8db964f309292a9e6eeba044c91fb1a0ea5b93ab0e8933deec11f89f956bd8
7ee04154662e67cdd4a6694f6afacb682bb184617b5e81948524637dde2f31d3
7ee5de01d8589cc2dc2075187d4074d1bc52b7c37cde32839b66a535bd5eff50
7f333f23fbd951f2f6ce57bf170e78ac90cd269f4b77d7ad2fcf692f8baea12f
8027119f899b59c2af3b0ccb2c7d1323fb3891a1235ab54309fe5337b92cd1c6
817213c281ba767c3d7939acf5495bb74c825aa76bbb5bdd8d0db7e43265727e
824881cb24a4442381024afdf51da2932d717bb59cb549edc4cad3e00394bdce
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
85e50082d7ce113bfa87dbade18dbf747d1bacfcffdbd628296dcffa98a08f94
87f6ff80470d506234afa21c8512ab5d1aa3b269932cac0a5e6549f7cb1b5e14
8834a2529034cb5ae496c07131f0f8f62e8715bed9f6eb9a6722cb90c195aec6
88995bada65f5b8244254e4684cc68aa3a2d49ba9bfeeb3d321056a09ac6eb94
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8b113846c68e22ae45c55350b1da05398b4e94099fbabee5ff057e3aa571bcdf
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e1b84265e633c043720dd0921476c16bc9f75e393e855c9116ca7c3a847b5c7
8e3619f7302a4a1603fab0e0e42146c9b3d3bf9b64126b3d4d6cabb71f2e9c1b
8e521ebeb6ce59914c54f532b1577efd671f4b02bb3c331e01b4a7e79a02cfea
8feeab8c1bf06b50257479af3e684756ee3e96f09c2f053ddd593c22a71e2de4
9005ef18fcfb3897cd13c7ec73f90d2b0da0cc7d6153be58cdbe90ad5e2741c8
90f08395f17d5416071cb55121dbc50b7ba385a370a93a645d9c41cce72cbfd0
9110fc122dda3067c424d9b8ff7747e2030b0bd9298f69a3683d399ad3373a6a
92c4156a96ba520577ec5f575f45d0221cb950f29be399c5480ecfab81fdce4c
94010b3ba635f2406516002dc0afdd5779302d5d4acebcdfe11d24d0ad08042b
95681556a2cac442b700a7ec00bf924d22fb57b3fb9e9b39504da8a90e6496a7
97b39018452101a89e3d80afa142d42691cb19d52ebc4eb7adcf0d790d7a52c8
9933d7066a22669cd5d48d0051aa5f2d7ea91bad0a9223f3d7884e93c3ca8a28
9956765470e0c5d15bf869241eebad8d3674a77146780cd1329fcfff57ca4577
9a7d00291b90b8045d042a9a713a9cceba928a35c18c99d1eeea2ca14c09614d
9c109b741789481c91d709680cde5869af478b04c954ce4eb53cb7fe0ec91ee5
9d5af9c989d724338ff6de200a697f1fbc046de6bed93a0a7fcd92f44f7da61b
9f4b16c3b48636de2f8409644e7f5c2a739c63365578ce35f08646f3f44af49f
9f79c54fc77c256aef081061b44cf77b924c9c689d91fdbf6d014eb31f2db482
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a10c7c5db5f156f98d0bc96334dea9e57ab06cd9e4137453b7c14a2c007c3aac
a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e
a18f12becfea2fdba225ae8ef457c2ffaeb38d1f03e4b2ccbcb162245ca19887
a22ecb1132b8bac5dacd3eba446a08869c58734fecb7d4180b07c925625e4c6b
a23a8f6f8736c4956db144c89177ab581a5636ecbdbd6cc70c0c0bc862024026
a2e3bc941699f0a3554c27814d246b20fc423b5f1a01b37dcb1f1d2dd107b688
a42f2ec73409f2753ef17d737714c86303fa45fc3a3d484a9b0c8ed28ef0fd6b
a6301fe7337ea60a74cabc205d7cab301f8210c5b50a1be09709112e3368f2a0
a8d48b65657576ec82daae22e7b309cc1bb8ff1ffc16144dd40d961f34eb3418
aaaeada0970ae719bbbec42f78e7049d4a43507cda2bb80657a3069cbdb3a6ad
adc17ed4b80255bfb82799bbd6ddbc0f7b751369c86d2e48564afe3b717a2e14
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
af142dcee0234da04766c61d6ca45fbd8b34eb0957c915335ecc8fd915440b95
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
b08bd7f1468137eebf244f1816cbb8dee1612f0361dc1459a26024b86994fd59
b0beef92c18af6305dce9a0c316c9075ea7d0fd01b7acbc4520239f78239f97f
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b24763119a9aa6bc836fada5889c6f2ebde0a4a99621d417073bb7ff0d95bca7
b3f54981ec71901307b6827d8364b19d6384af175db572cb080badf0a1662a9a
b78058a9d11d1c8276e947456b0936d5a4ed2ca6e3f9d530a940711c5ea44656
b7c267c4d7985561c20bc59e50f61a31c096d8d6195af26e77690c5e671c74db
b8341f341848ee9eec71870d976b0895ef1084190c2e0b0349d2ba1c9b9ef64e
bb83c0866801734cfc041dd87e72a5cac94baf9497b4d83fa0185ed9c5a14560
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
be04875b9f8add7b65cf2440584e0547bbb26b118cf1f8ce542cd22a9bafd365
be425b38c84031a06248388075b1f7a34b1f95b60e3046143de44ddaf1ee90e4
bf5230ffb8745d28c11ae8b743868364f9be8379300bd59d235f402a53ea96ee
bf6a3b7717e31c6394292373dda60837a7fb5b6879714120d4c4c6ff30d1314c
c1cd004e7cedc6d29003a05b7b36f470ac31317e1ba9aa5b2ef148c5a3213a10
c298433cc9eb86f4c0be0a447b0faf398dee9186d2bcf26683297de2758cddc7
c5f558a303640d99229181b36393b5ee6d4124d09edd0687cfac1da6de8f8151
c61c1cc5c97d7fb256c91f6dc5923c3f2c926a523bf8318530db722816311df7
c6305635c3915fe288c4767d3a5af78c0c9106ed87eb3db881d8748210e1d833
c73575543a5c99018f842960f9882edaa0918965ea856e91de9717a0d58d3f1c
c749df536b233f5ae3981011f53f0c89255c9e9350da39c2af163469fecd2b13
c842ab9a59af3f3d62511fdb5488ad527d2193c3371b5561ade4a2a19a8e7062
ce5ba1d607c9cdb61741e1c05fe0e11e26de5532b6182bf75e2020882735b8b4
ce71bd0b07d0835b92d387d4c3b715e6c452d9f772e62b15f37dee32eeb59bc6
cf016295997068c6cd58f52c4fca8fdec2806b76e09b12521fcf734e0fcbf5f5
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cfd9bd8cba6101b2aea532c6e97999727d60f644e4ac81acbbc5a97c2646eec4
d068975c834f4eb8067de5001fc1f1a46e8fb1e2aa55d751bea4294cfa503909
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d21021784cda31eeae5c8295e047a14bda6ed5a9b5963fca9e7ceb398a9c9179
d3bce6bfe179c4c2e0a53af358e0e29ede278bcf28420e558bcc6a2c5b63f213
d7f211c00704e79b4ba02e0fb222761625185ea4a179e3331626dc1f9f1740a7
d8e793cbb81be2740a8c0e452e1fa51a9c025d6bc0a34b67170a49432b4fb60a
d9262f833e999fddfae1cb297ae5f9e260529ca0ca737ed805a11fbf3ab92bcd
d9ef53a13f05dbf0cdb2503825a538e034c9e19af2c340ad205199d237462db6
dc9dc5abccf3e062029d71dcdc0e04b7cc9a9be96103d07f98b4ff4a5459c668
de17e0ca10bb45ecb9a035136b03e607a35b2111dd21f97957c1b89bb24b39ad
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de53bb899de0e7ac8347ac5b9f4950eead5e20188b771e2698386446fa39c19d
de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98
def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7
e1ce17fd79478fbb0830c687ff4046c86993acb5fd14fc35b4fd29bed00ce94a
e26c48e3b5be6736358fa5feb2e85054fc75d3574083424bf41ca3791274b13c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e470a22665f79439b5c03dfbe37987ad27f9fba8166e83e6396c0597b70f50dc
e471b6efa3a2b682b7057a68f7826651f7c932c91f65542cf31bd162270f2cbf
e597e4132388d8c4b0130d24f0edc473a77e33909f83019fd07ae1a9b088f0f2
e600d0da39138efde7c8cceb6c81de305c9e9bd566621e16dca8b7b5644b0fae
e69c37fdfb938853b195b56b6e47e215c275fc85f28be01017e9074fb38be736
e79a3bdfa4bde87adecda8e17365b890fe3d0bfbf720b7c13a69dee01e7f8461
eca744c610ab8e2b64e84133227ac772569f3eaa9b40df75f227a8bb9f84dc49
ed3d88d7654c0fc6bc7950f70b41b18be37b0b852f0551e04812191c7e9ef54c
ed91bd5b1b226f3264d24a3cb70488071a97a150b3bff7d4123acf5e1d66b1d2
eded12927f58b27c9311a59faf78cff563208a205e1e179ac664b6d5ed32a10a
edf32f08c159982d0b2a5be918a4f301c898aad0be812730d0d7814e4dc5f09b
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
ee2332f35be0259aea3439f949cc562f4fb4eb96d898bcc241e1fd47be64c0b1
ee417620a9b6c3e4301acb479edc4245d2c3f5f24c086bc14a6019ef7234eb0c
eea884f644cea2d7f6f70040660fe8ab41d0b21fd1b5eeb6549816751aa07935
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f035c4a6afb58c56c65f07d66abf493568bfed413043836852549635d97c0c39
f0af58c4d93ab7f1762b126718d72bc5e73af0919c3c10b961ec9af1129cbadf
f0c6c17bbefb440a7e7ee03a4363aeba33a7c57345af065c670848e8fd40a4b5
f29c7147d6c35f628a241c677d925d5615a30c15c6a07efbd08545fa6f85a632
f44ac5619379731a4dd9a546101768c537a472dcbe049735c3740661a9f582d7
f51938710e179807bbf1be9a1e9d7e3441fa74e7dfe9f46841914fb12ca7de3c
f78f966dc58db267ed3e4613b3aaf089cce662441d768dfea652c430ef49dbca
f975207e21041e251c165009f22311cc20b0acf1477d309fd62538beb50e0eb6
f9ef3cf4c5816505c9e9ced2569b97c0fdcb1fcc9b5e0d7fac6665b6a4283dcf
faa3e7eb7a36ed4234eeb86fe3b46a0943300a0ae82971efd8387f74e02a956c
facb4dd8c9b18561f54b68484c2281637f6523c8fdcbf7e5118fa3da09cd759d
fb288e712d084ea73fb2a10f2f23e14578851b001d7fac08fb9463411107cf12
fcfa6a1b37a40c248dae7bc50e11212bfad4eef8ddf5c7fe653b83065a81d7b7
fd03648f45388f7407839c493784719ceed0bb6dc1f00b9a306170705267cc84
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
fe458d0079830d0c86e095d0c27441df26d9f586b6f61f2d6c7caa2480d4e3f1
ff429a30f937a2d58e941b9ac127fe5553cf2ff15703e77550a53ac505152fe0

www.livenewsnow.com Open in urlscan Pro 142.44.129.23 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

470 Requests

99 %HTTPS

0 %IPv6

98 Domains

157 Subdomains

109 IPs

13 Countries

6058 kBTransfer

16103 kBSize

170 Cookies

15 Outgoing links

Redirected requests

470 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 7 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.livenewsnow.com Open in urlscan Pro
142.44.129.23 Public Scan

Screenshot
Live screenshot

Full Image

470
Requests

99 %
HTTPS

0 %
IPv6

98
Domains

157
Subdomains

109
IPs

13
Countries

6058 kB
Transfer

16103 kB
Size

170
Cookies

470 HTTP transactions
7 data transactions