urlscan.io logo urlscan.io
SecurityTrails logo

www.sfweekly.com Open in urlscan Pro
34.71.19.215  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.sfweekly.com/sponsored/black-friday-cbd-oil-sales/
Submission: On October 01 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 99 IPs in 12 countries across 90 domains to perform 483 HTTP transactions. The main IP is 34.71.19.215, located in Council Bluffs, United States and belongs to GOOGLE, US. The main domain is www.sfweekly.com.
TLS certificate: Issued by R3 on August 21st 2021. Valid for: 3 months.
This is the only time www.sfweekly.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 34.71.19.215 15169 (GOOGLE)
37 94.31.29.99 33438 (HIGHWINDS2)
2 142.250.185.202 15169 (GOOGLE)
2 18.211.226.152 14618 (AMAZON-AES)
5 151.101.129.194 54113 (FASTLY)
14 49 142.250.185.130 15169 (GOOGLE)
7 142.250.186.46 15169 (GOOGLE)
5 13.225.84.106 16509 (AMAZON-02)
1 13.225.87.40 16509 (AMAZON-02)
8 142.250.185.99 15169 (GOOGLE)
7 13.225.87.117 16509 (AMAZON-02)
1 13.226.145.122 16509 (AMAZON-02)
2 35.190.74.157 15169 (GOOGLE)
13 13.225.87.3 16509 (AMAZON-02)
2 142.251.5.157 15169 (GOOGLE)
13 142.250.186.130 15169 (GOOGLE)
2 172.217.16.130 15169 (GOOGLE)
7 142.250.186.129 15169 (GOOGLE)
1 13.226.145.106 16509 (AMAZON-02)
3 142.250.184.196 15169 (GOOGLE)
1 142.250.185.195 15169 (GOOGLE)
3 54.234.151.247 14618 (AMAZON-AES)
9 23.20.158.212 14618 (AMAZON-AES)
12 142.250.186.98 15169 (GOOGLE)
1 13.225.87.97 16509 (AMAZON-02)
1 185.86.137.113 201081 (SMARTADSE...)
2 2 2.19.35.65 16625 (AKAMAI-AS)
6 104.109.78.125 16625 (AKAMAI-AS)
2 2 185.86.137.132 201081 (SMARTADSE...)
1 2 34.192.216.94 14618 (AMAZON-AES)
2 2 88.214.206.247 46636 (NATCOWEB)
1 18.198.69.109 16509 (AMAZON-02)
2 142.250.185.138 15169 (GOOGLE)
1 54.75.159.38 16509 (AMAZON-02)
1 3.1.182.12 16509 (AMAZON-02)
1 142.250.186.168 15169 (GOOGLE)
1 52.40.160.59 16509 (AMAZON-02)
7 2.18.233.180 16625 (AKAMAI-AS)
2 54.197.107.87 14618 (AMAZON-AES)
2 35.173.5.42 14618 (AMAZON-AES)
3 69.173.144.138 26667 (RUBICONPR...)
14 142.250.185.225 15169 (GOOGLE)
32 72.251.249.14 29791 (VOXEL-DOT...)
3 142.250.185.131 15169 (GOOGLE)
3 13.225.87.127 16509 (AMAZON-02)
16 13.224.186.4 16509 (AMAZON-02)
5 172.217.168.195 15169 (GOOGLE)
1 34.216.108.96 16509 (AMAZON-02)
1 54.213.79.211 16509 (AMAZON-02)
3 3 37.252.173.22 29990 (ASN-APPNEX)
1 10 34.211.237.159 16509 (AMAZON-02)
7 11 13.248.242.197 16509 (AMAZON-02)
3 10 185.64.190.80 62713 (AS-PUBMATIC)
6 6 52.49.53.128 16509 (AMAZON-02)
4 4 185.29.132.245 30419 (MEDIAMATH...)
2 2 34.250.85.122 16509 (AMAZON-02)
1 1 142.250.185.206 15169 (GOOGLE)
1 1 172.217.130.73 15169 (GOOGLE)
1 173.194.166.92 15169 (GOOGLE)
4 3.132.32.164 16509 (AMAZON-02)
2 178.250.2.146 44788 (ASN-CRITE...)
4 185.64.189.112 62713 (AS-PUBMATIC)
4 213.19.147.42 3356 (LEVEL3)
4 184.31.84.150 16625 (AKAMAI-AS)
2 14 37.252.172.37 29990 (ASN-APPNEX)
4 69.173.144.141 26667 (RUBICONPR...)
1 13.224.193.35 16509 (AMAZON-02)
1 54.194.126.20 16509 (AMAZON-02)
2 34.251.173.19 16509 (AMAZON-02)
1 54.189.240.181 16509 (AMAZON-02)
2 185.60.216.19 32934 (FACEBOOK)
3 3 35.244.159.8 15169 (GOOGLE)
4 104.18.0.190 13335 (CLOUDFLAR...)
8 104.111.233.227 16625 (AKAMAI-AS)
1 216.52.2.30 30282 (AS-INAPCD...)
2 185.60.216.35 32934 (FACEBOOK)
4 3.86.21.221 14618 (AMAZON-AES)
4 142.250.185.98 15169 (GOOGLE)
8 34 2.18.234.21 16625 (AKAMAI-AS)
1 13.225.87.36 16509 (AMAZON-02)
4 151.101.129.108 54113 (FASTLY)
4 185.64.189.115 62713 (AS-PUBMATIC)
3 5 37.157.2.236 198622 (ADFORM)
2 2 213.155.156.167 1299 (TWELVE99 ...)
3 6 185.64.190.79 62713 (AS-PUBMATIC)
2 4 185.64.189.114 62713 (AS-PUBMATIC)
7 52.5.246.171 14618 (AMAZON-AES)
1 178.250.0.163 44788 (ASN-CRITE...)
1 1 85.114.159.118 24961 (MYLOC-AS ...)
4 24 185.64.189.110 62713 (AS-PUBMATIC)
1 1 198.148.27.139 19189 (PULSEPOINT)
1 1 185.86.137.131 201081 (SMARTADSE...)
1 1 162.55.6.212 24940 (HETZNER-AS)
3 3 213.19.147.44 26120 (RHYTHMONE)
2 172.67.74.129 13335 (CLOUDFLAR...)
1 1 94.23.73.243 16276 (OVH)
1 72.251.241.196 29791 (VOXEL-DOT...)
1 2 104.18.12.5 13335 (CLOUDFLAR...)
1 38.91.45.7 398989 (DEEPINTENT)
1 2 151.101.129.44 54113 (FASTLY)
3 3 146.59.148.16 16276 (OVH)
6 7 52.57.150.20 16509 (AMAZON-02)
1 1 46.228.164.13 56396 (AMOBEE)
3 3 151.101.2.49 54113 (FASTLY)
6 7 159.253.128.183 36351 (SOFTLAYER)
2 2 91.228.74.226 16509 (AMAZON-02)
3 5 18.156.0.31 16509 (AMAZON-02)
2 212.82.100.176 34010 (YAHOO-IRD)
3 5 18.184.35.118 16509 (AMAZON-02)
2 2 188.42.29.196 7979 (SERVERS-COM)
1 89.207.16.140 41041 (VCLK-EU-SE)
1 1 46.228.164.11 56396 (AMOBEE)
4 4 66.155.71.25 13768 (COGECO-PEER1)
1 1 178.62.202.251 14061 (DIGITALOC...)
1 1 34.98.107.212 15169 (GOOGLE)
2 2 35.157.177.200 16509 (AMAZON-02)
1 1 52.21.104.248 14618 (AMAZON-AES)
4 8 209.54.178.82 16509 (AMAZON-02)
2 3 104.111.242.53 16625 (AKAMAI-AS)
1 1 52.19.99.3 16509 (AMAZON-02)
1 1 154.59.122.79 174 (COGENT-174)
1 192.132.33.46 18568 (BIDTELLECT)
1 1 35.171.112.188 14618 (AMAZON-AES)
1 52.55.122.95 14618 (AMAZON-AES)
4 185.64.190.81 ()
6 6 38.27.122.101 ()
6 6 18.194.125.59 ()
3 3 54.209.16.83 ()
6 6 35.201.96.126 ()
3 185.64.189.229 ()
3 6 77.243.60.138 ()
3 172.67.13.182 ()
3 6 3.213.248.174 ()
483 99
2    34.71.19.215 (Council Bluffs, United States)

ASN15169 (GOOGLE, US)
PTR: 215.19.71.34.bc.googleusercontent.com
www.sfweekly.com
37    94.31.29.99 (United Kingdom)

ASN33438 (HIGHWINDS2, US)
PTR: 94.31.29.99.IPYX-077437-ZYO.above.net
1ryzas42x65e2oosia40bgli-wpengine.netdna-ssl.com
2    142.250.185.202 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f10.1e100.net
fonts.googleapis.com
2    18.211.226.152 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-211-226-152.compute-1.amazonaws.com
powerad.ai
5    151.101.129.194 (United States)

ASN54113 (FASTLY, US)
includemodal.global.ssl.fastly.net
49    142.250.185.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net
securepubads.g.doubleclick.net
cm.g.doubleclick.net
7    142.250.186.46 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f14.1e100.net
www.google-analytics.com
5    13.225.84.106 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-84-106.fra2.r.cloudfront.net
d2s8wlbatk24s7.cloudfront.net
1    13.225.87.40 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-87-40.fra2.r.cloudfront.net
static.hotjar.com
8    142.250.185.99 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f3.1e100.net
fonts.gstatic.com
7    13.225.87.117 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-87-117.fra2.r.cloudfront.net
static.freeskreen.com
1    13.226.145.122 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-145-122.dus51.r.cloudfront.net
script.hotjar.com
2    35.190.74.157 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 157.74.190.35.bc.googleusercontent.com
richstring.com
13    13.225.87.3 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-87-3.fra2.r.cloudfront.net
sb.freeskreen.com
2    142.251.5.157 (United States)

ASN15169 (GOOGLE, US)
PTR: wg-in-f157.1e100.net
stats.g.doubleclick.net
13    142.250.186.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net
adservice.google.de
www.googletagservices.com
2    172.217.16.130 (United States)

ASN15169 (GOOGLE, US)
PTR: zrh04s06-in-f130.1e100.net
adservice.google.com
7    142.250.186.129 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f1.1e100.net
8f4b3a34c719de7bcf70047dfa1b93cb.safeframe.googlesyndication.com
a6688555ed4ceca06e63e736254abbf3.safeframe.googlesyndication.com
1    13.226.145.106 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-145-106.dus51.r.cloudfront.net
vars.hotjar.com
3    142.250.184.196 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f4.1e100.net
www.google.com
1    142.250.185.195 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f3.1e100.net
www.google.de
3    54.234.151.247 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-234-151-247.compute-1.amazonaws.com
reporting.powerad.ai
9    23.20.158.212 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-23-20-158-212.compute-1.amazonaws.com
hb.brainlyads.com
12    142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net
pagead2.googlesyndication.com
1    13.225.87.97 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-87-97.fra2.r.cloudfront.net
static.adsafeprotected.com
1    185.86.137.113 (France)

ASN201081 (SMARTADSERVER, FR)
ww1772.smartadserver.com
2    2.19.35.65 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-19-35-65.deploy.static.akamaitechnologies.com
secure-assets.rubiconproject.com
6    104.109.78.125 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-109-78-125.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
2    185.86.137.132 (France)

ASN201081 (SMARTADSERVER, FR)
sync.smartadserver.com
2    34.192.216.94 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-192-216-94.compute-1.amazonaws.com
scm.publishers.tremorhub.com
2    88.214.206.247 (United Kingdom)

ASN46636 (NATCOWEB, US)
PTR: buycheapfags.com
cs.admanmedia.com
1    18.198.69.109 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-198-69-109.eu-central-1.compute.amazonaws.com
loadeu.exelator.com
2    142.250.185.138 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f10.1e100.net
ajax.googleapis.com
1    54.75.159.38 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-75-159-38.eu-west-1.compute.amazonaws.com
in.hotjar.com
1    3.1.182.12 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-1-182-12.ap-southeast-1.compute.amazonaws.com
pixel.zprk.io
1    142.250.186.168 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f8.1e100.net
www.googletagmanager.com
1    52.40.160.59 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-40-160-59.us-west-2.compute.amazonaws.com
a.ad.gt
7    2.18.233.180 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-180.deploy.static.akamaitechnologies.com
ads.pubmatic.com
2    54.197.107.87 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-197-107-87.compute-1.amazonaws.com
51uav-eqocf.ads.tremorhub.com
51uav-sg2ba.ads.tremorhub.com
2    35.173.5.42 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-173-5-42.compute-1.amazonaws.com
ads.freeskreen.com
3    69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
pixel.rubiconproject.com
14    142.250.185.225 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f1.1e100.net
tpc.googlesyndication.com
32    72.251.249.14 (Amsterdam, Netherlands)

ASN29791 (VOXEL-DOT-NET, US)
ap.lijit.com
vap1ams1.lijit.com
3    142.250.185.131 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f3.1e100.net
www.gstatic.com
3    13.225.87.127 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-87-127.fra2.r.cloudfront.net
tagan.adlightning.com
16    13.224.186.4 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-186-4.fra2.r.cloudfront.net
c.amazon-adsystem.com
5    172.217.168.195 (United States)

ASN15169 (GOOGLE, US)
PTR: ams16s32-in-f3.1e100.net
csi.gstatic.com
1    34.216.108.96 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-216-108-96.us-west-2.compute.amazonaws.com
aufp.io
1    54.213.79.211 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-213-79-211.us-west-2.compute.amazonaws.com
p.ad.gt
3    37.252.173.22 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
secure.adnxs.com
10    34.211.237.159 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-211-237-159.us-west-2.compute.amazonaws.com
ids.ad.gt
11    13.248.242.197 (United States)

ASN16509 (AMAZON-02, US)
PTR: a97adde81b00f2ca4.awsglobalaccelerator.com
match.adsrvr.org
10    185.64.190.80 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
6    52.49.53.128 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-49-53-128.eu-west-1.compute.amazonaws.com
match.prod.bidr.io
4    185.29.132.245 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
2    34.250.85.122 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-250-85-122.eu-west-1.compute.amazonaws.com
dpm.demdex.net
1    142.250.185.206 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f14.1e100.net
redirector.gvt1.com
1    172.217.130.73 (United States)

ASN15169 (GOOGLE, US)
PTR: prg03s08-in-f9.1e100.net
r4---sn-2gb7sn7r.gvt1.com
1    173.194.166.92 (United States)

ASN15169 (GOOGLE, US)
PTR: lax28s12-in-f12.1e100.net
r6---sn-a5mlrnel.gvt1.com
4    3.132.32.164 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-132-32-164.us-east-2.compute.amazonaws.com
includemodal.com
2    178.250.2.146 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
4    185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
4    213.19.147.42 (United Kingdom)

ASN3356 (LEVEL3, US)
tag.1rx.io
4    184.31.84.150 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-31-84-150.deploy.static.akamaitechnologies.com
htlb.casalemedia.com
14    37.252.172.37 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 691.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
ib.adnxs.com
4    69.173.144.141 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
1    13.224.193.35 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-193-35.fra2.r.cloudfront.net
hb.undertone.com
1    54.194.126.20 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-194-126-20.eu-west-1.compute.amazonaws.com
ads.yieldmo.com
2    34.251.173.19 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-251-173-19.eu-west-1.compute.amazonaws.com
g2.gumgum.com
rtb.gumgum.com
1    54.189.240.181 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-189-240-181.us-west-2.compute.amazonaws.com
pixels.ad.gt
2    185.60.216.19 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-01-frx5.fbcdn.net
connect.facebook.net
3    35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
u.openx.net
us-u.openx.net
4    104.18.0.190 (None, )

ASN13335 (CLOUDFLARENET, US)
surgeprice.com
8    104.111.233.227 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-233-227.deploy.static.akamaitechnologies.com
pxdrop.lijit.com
1    216.52.2.30 (United States)

ASN30282 (AS-INAPCDN-OCY, US)
gslbeacon.lijit.com
2    185.60.216.35 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-01-frx5.facebook.com
www.facebook.com
4    3.86.21.221 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-86-21-221.compute-1.amazonaws.com
report2.hb.brainlyads.com
4    142.250.185.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net
adservice.google.de
googleads.g.doubleclick.net
34    2.18.234.21 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com
js-sec.indexww.com
ssum-sec.casalemedia.com
dsum-sec.casalemedia.com
1    13.225.87.36 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-87-36.fra2.r.cloudfront.net
cdn.undertone.com
4    151.101.129.108 (United States)

ASN54113 (FASTLY, US)
acdn.adnxs.com
4    185.64.189.115 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
5    37.157.2.236 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
2    213.155.156.167 (Uppsala, Sweden)

ASN1299 (TWELVE99 Twelve99, Telia Carrier, SE)
PTR: 213-155-156-167.teliacarrier-cust.com
d5p.de17a.com
6    185.64.190.79 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image8.pubmatic.com
4    185.64.189.114 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image4.pubmatic.com
7    52.5.246.171 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-5-246-171.compute-1.amazonaws.com
usr.undertone.com
1    178.250.0.163 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.criteo.com
1    85.114.159.118 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com
dsp.adfarm1.adition.com
24    185.64.189.110 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
simage2.pubmatic.com
1    198.148.27.139 (New York, United States)

ASN19189 (PULSEPOINT, US)
bh.contextweb.com
1    185.86.137.131 (France)

ASN201081 (SMARTADSERVER, FR)
rtb-csync.smartadserver.com
1    162.55.6.212 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.212.6.55.162.clients.your-server.de
csync.loopme.me
3    213.19.147.44 (United Kingdom)

ASN26120 (RHYTHMONE, US)
sync.1rx.io
sync.targeting.unrulymedia.com
2    172.67.74.129 (United States)

ASN13335 (CLOUDFLARENET, US)
ad4m.at
1    94.23.73.243 (Lisbon, Portugal)

ASN16276 (OVH, FR)
PTR: ip243.ip-94-23-73.eu
green.erne.co
1    72.251.241.196 (Amsterdam, Netherlands)

ASN29791 (VOXEL-DOT-NET, US)
cm.adgrx.com
2    104.18.12.5 (None, )

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
1    38.91.45.7 (United States)

ASN398989 (DEEPINTENT, US)
match.deepintent.com
2    151.101.129.44 (United States)

ASN54113 (FASTLY, US)
trc.taboola.com
match.taboola.com
3    146.59.148.16 (France)

ASN16276 (OVH, FR)
PTR: pikafka-2.cloudy.ovh
pixel.onaudience.com
7    52.57.150.20 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-57-150-20.eu-central-1.compute.amazonaws.com
ps.eyeota.net
1    46.228.164.13 (United Kingdom)

ASN56396 (AMOBEE, GB)
d.turn.com
3    151.101.2.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
7    159.253.128.183 (Amsterdam, Netherlands)

ASN36351 (SOFTLAYER, US)
PTR: b7.80.fd9f.ip4.static.sl-reverse.com
um.simpli.fi
2    91.228.74.226 (United Kingdom)

ASN16509 (AMAZON-02, US)
pixel.quantserve.com
5    18.156.0.31 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-0-31.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
2    212.82.100.176 (Dublin, Ireland)

ASN34010 (YAHOO-IRD, GB)
PTR: pr-bh-ing.pbp.vip.ir2.yahoo.com
pr-bh.ybp.yahoo.com
5    18.184.35.118 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-184-35-118.eu-central-1.compute.amazonaws.com
x.bidswitch.net
2    188.42.29.196 (Luxembourg)

ASN7979 (SERVERS-COM, US)
ads.betweendigital.com
1    89.207.16.140 (Roydon, United Kingdom)

ASN41041 (VCLK-EU-SE, US)
PTR: ams03-login.dotomi.com
pubmatic-match.dotomi.com
1    46.228.164.11 (United Kingdom)

ASN56396 (AMOBEE, GB)
ad.turn.com
4    66.155.71.25 (Portsmouth, United Kingdom)

ASN13768 (COGECO-PEER1, CA)
pixel-sync.sitescout.com
1    178.62.202.251 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)
match.adsby.bidtheatre.com
1    34.98.107.212 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 212.107.98.34.bc.googleusercontent.com
ads.playground.xyz
2    35.157.177.200 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-177-200.eu-central-1.compute.amazonaws.com
pixel.advertising.com
1    52.21.104.248 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-21-104-248.compute-1.amazonaws.com
sync.ipredictive.com
8    209.54.178.82 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
3    104.111.242.53 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-242-53.deploy.static.akamaitechnologies.com
px.owneriq.net
1    52.19.99.3 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-19-99-3.eu-west-1.compute.amazonaws.com
d.adroll.com
1    154.59.122.79 (United States)

ASN174 (COGENT-174, US)
ums.acuityplatform.com
1    192.132.33.46 (United States)

ASN18568 (BIDTELLECT, US)
PTR: 46.bidtellect.com
bttrack.com
1    35.171.112.188 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-171-112-188.compute-1.amazonaws.com
sync.extend.tv
1    52.55.122.95 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-55-122-95.compute-1.amazonaws.com
rtb.adentifi.com
4    185.64.190.81 (None, )

ASN- ()
simage4.pubmatic.com
6    38.27.122.101 (None, )

ASN- ()
match.bnmla.com
6    18.194.125.59 (None, )

ASN- ()
pm.w55c.net
3    54.209.16.83 (None, )

ASN- ()
sync.srv.stackadapt.com
6    35.201.96.126 (None, )

ASN- ()
visitor.fiftyt.com
3    185.64.189.229 (None, )

ASN- ()
aud.pubmatic.com
6    77.243.60.138 (None, )

ASN- ()
uipglob.semasio.net
3    172.67.13.182 (None, )

ASN- ()
mwzeom.zeotap.com
6    3.213.248.174 (None, )

ASN- ()
a.audrte.com
Apex Domain
Subdomains		 Transfer
66 pubmatic.com
ads.pubmatic.com
image2.pubmatic.com
hbopenbid.pubmatic.com
image6.pubmatic.com
image8.pubmatic.com
image4.pubmatic.com
simage2.pubmatic.com
simage4.pubmatic.com
aud.pubmatic.com
206 KB
54 doubleclick.net
securepubads.g.doubleclick.net
stats.g.doubleclick.net
cm.g.doubleclick.net
googleads.g.doubleclick.net
715 KB
41 lijit.com
ap.lijit.com
pxdrop.lijit.com
gslbeacon.lijit.com
vap1ams1.lijit.com
111 KB
37 netdna-ssl.com
1ryzas42x65e2oosia40bgli-wpengine.netdna-ssl.com
7 MB
33 googlesyndication.com
8f4b3a34c719de7bcf70047dfa1b93cb.safeframe.googlesyndication.com
pagead2.googlesyndication.com
tpc.googlesyndication.com
a6688555ed4ceca06e63e736254abbf3.safeframe.googlesyndication.com
183 KB
30 casalemedia.com
htlb.casalemedia.com
ssum-sec.casalemedia.com
dsum-sec.casalemedia.com
30 KB
24 amazon-adsystem.com
c.amazon-adsystem.com
s.amazon-adsystem.com
164 KB
22 freeskreen.com
static.freeskreen.com
sb.freeskreen.com
ads.freeskreen.com
299 KB
21 adnxs.com
secure.adnxs.com
ib.adnxs.com
acdn.adnxs.com
108 KB
16 gstatic.com
fonts.gstatic.com
www.gstatic.com
csi.gstatic.com
307 KB
15 rubiconproject.com
secure-assets.rubiconproject.com
eus.rubiconproject.com
token.rubiconproject.com
fastlane.rubiconproject.com
pixel.rubiconproject.com
36 KB
13 ad.gt
a.ad.gt
p.ad.gt
ids.ad.gt
pixels.ad.gt
17 KB
13 brainlyads.com
hb.brainlyads.com
report2.hb.brainlyads.com
328 KB
12 googletagservices.com
www.googletagservices.com
378 KB
11 adsrvr.org
match.adsrvr.org
4 KB
9 undertone.com
hb.undertone.com
cdn.undertone.com
usr.undertone.com
5 KB
8 indexww.com
js-sec.indexww.com
8 KB
7 yahoo.com
ups.analytics.yahoo.com
pr-bh.ybp.yahoo.com
4 KB
7 simpli.fi
um.simpli.fi
3 KB
7 eyeota.net
ps.eyeota.net
4 KB
7 google-analytics.com
www.google-analytics.com
42 KB
6 audrte.com
a.audrte.com
6 KB
6 semasio.net
uipglob.semasio.net
4 KB
6 fiftyt.com
visitor.fiftyt.com
3 KB
6 w55c.net
pm.w55c.net
5 KB
6 bnmla.com
match.bnmla.com
3 KB
6 1rx.io
tag.1rx.io
sync.1rx.io
2 KB
6 bidr.io
match.prod.bidr.io
3 KB
5 bidswitch.net
x.bidswitch.net
2 KB
5 adform.net
c1.adform.net
2 KB
5 google.com
adservice.google.com
www.google.com
2 KB
5 cloudfront.net
d2s8wlbatk24s7.cloudfront.net
2 KB
5 fastly.net
includemodal.global.ssl.fastly.net
64 KB
5 powerad.ai
powerad.ai
reporting.powerad.ai
39 KB
4 sitescout.com
pixel-sync.sitescout.com
2 KB
4 surgeprice.com
surgeprice.com
4 includemodal.com
includemodal.com
529 B
4 mathtag.com
sync.mathtag.com
2 KB
4 tremorhub.com
scm.publishers.tremorhub.com
51uav-eqocf.ads.tremorhub.com
51uav-sg2ba.ads.tremorhub.com
1 KB
4 smartadserver.com
ww1772.smartadserver.com
sync.smartadserver.com
rtb-csync.smartadserver.com
3 KB
4 hotjar.com
static.hotjar.com
script.hotjar.com
vars.hotjar.com
in.hotjar.com
63 KB
4 googleapis.com
fonts.googleapis.com
ajax.googleapis.com
68 KB
3 zeotap.com
mwzeom.zeotap.com
920 B
3 stackadapt.com
sync.srv.stackadapt.com
2 KB
3 owneriq.net
px.owneriq.net
1 KB
3 everesttech.net
sync-tm.everesttech.net
879 B
3 onaudience.com
pixel.onaudience.com
1 KB
3 openx.net
u.openx.net
us-u.openx.net
1 KB
3 criteo.com
gum.criteo.com
dis.criteo.com
957 B
3 gvt1.com
redirector.gvt1.com
r4---sn-2gb7sn7r.gvt1.com
r6---sn-a5mlrnel.gvt1.com
778 KB
3 adlightning.com
tagan.adlightning.com
65 KB
3 google.de
adservice.google.de
www.google.de
1 KB
2 advertising.com
pixel.advertising.com
677 B
2 betweendigital.com
ads.betweendigital.com
1 KB
2 quantserve.com
pixel.quantserve.com
953 B
2 turn.com
d.turn.com
ad.turn.com
990 B
2 taboola.com
trc.taboola.com
match.taboola.com
556 B
2 tribalfusion.com
a.tribalfusion.com
s.tribalfusion.com
1 KB
2 ad4m.at
ad4m.at
974 B
2 de17a.com
d5p.de17a.com
637 B
2 facebook.com
www.facebook.com
444 B
2 facebook.net
connect.facebook.net
171 KB
2 gumgum.com
g2.gumgum.com
rtb.gumgum.com
1 KB
2 demdex.net
dpm.demdex.net
2 KB
2 admanmedia.com
cs.admanmedia.com
953 B
2 richstring.com
richstring.com
30 KB
2 sfweekly.com
www.sfweekly.com
35 KB
1 adentifi.com
rtb.adentifi.com
88 B
1 extend.tv
sync.extend.tv
546 B
1 bttrack.com
bttrack.com
380 B
1 acuityplatform.com
ums.acuityplatform.com
637 B
1 adroll.com
d.adroll.com
112 B
1 ipredictive.com
sync.ipredictive.com
522 B
1 playground.xyz
ads.playground.xyz
486 B
1 bidtheatre.com
match.adsby.bidtheatre.com
550 B
1 dotomi.com
pubmatic-match.dotomi.com
104 B
1 deepintent.com
match.deepintent.com
44 B
1 adgrx.com
cm.adgrx.com
408 B
1 erne.co
green.erne.co
327 B
1 unrulymedia.com
sync.targeting.unrulymedia.com
535 B
1 loopme.me
csync.loopme.me
217 B
1 contextweb.com
bh.contextweb.com
497 B
1 adition.com
dsp.adfarm1.adition.com
501 B
1 yieldmo.com
ads.yieldmo.com
226 B
1 aufp.io
aufp.io
3 KB
1 googletagmanager.com
www.googletagmanager.com
39 KB
1 zprk.io
pixel.zprk.io
3 KB
1 exelator.com
loadeu.exelator.com
324 B
1 adsafeprotected.com
static.adsafeprotected.com
480 B
0 id5-sync.com Failed
id5-sync.com Failed
483 90
Domain Requested by
37 1ryzas42x65e2oosia40bgli-wpengine.netdna-ssl.com www.sfweekly.com
1ryzas42x65e2oosia40bgli-wpengine.netdna-ssl.com
34 securepubads.g.doubleclick.net www.sfweekly.com
securepubads.g.doubleclick.net
8f4b3a34c719de7bcf70047dfa1b93cb.safeframe.googlesyndication.com
www.googletagservices.com
tagan.adlightning.com
24 simage2.pubmatic.com 4 redirects ads.pubmatic.com
cdn.undertone.com
24 ap.lijit.com 8f4b3a34c719de7bcf70047dfa1b93cb.safeframe.googlesyndication.com
ap.lijit.com
16 c.amazon-adsystem.com hb.brainlyads.com
c.amazon-adsystem.com
15 cm.g.doubleclick.net 14 redirects www.sfweekly.com
14 dsum-sec.casalemedia.com 4 redirects ssum-sec.casalemedia.com
14 ib.adnxs.com 2 redirects hb.brainlyads.com
acdn.adnxs.com
14 tpc.googlesyndication.com 8f4b3a34c719de7bcf70047dfa1b93cb.safeframe.googlesyndication.com
securepubads.g.doubleclick.net
tagan.adlightning.com
tpc.googlesyndication.com
13 sb.freeskreen.com static.freeskreen.com
www.sfweekly.com
12 ssum-sec.casalemedia.com 4 redirects js-sec.indexww.com
ssum-sec.casalemedia.com
12 www.googletagservices.com securepubads.g.doubleclick.net
8f4b3a34c719de7bcf70047dfa1b93cb.safeframe.googlesyndication.com
hb.brainlyads.com
tagan.adlightning.com
12 pagead2.googlesyndication.com securepubads.g.doubleclick.net
www.googletagservices.com
tpc.googlesyndication.com
11 match.adsrvr.org 7 redirects ssum-sec.casalemedia.com
10 image2.pubmatic.com 3 redirects ads.pubmatic.com
10 ids.ad.gt 1 redirects www.sfweekly.com
9 hb.brainlyads.com powerad.ai
www.sfweekly.com
tagan.adlightning.com
8 s.amazon-adsystem.com 4 redirects ssum-sec.casalemedia.com
8 js-sec.indexww.com hb.brainlyads.com
ssum-sec.casalemedia.com
8 vap1ams1.lijit.com 8f4b3a34c719de7bcf70047dfa1b93cb.safeframe.googlesyndication.com
8 pxdrop.lijit.com ap.lijit.com
www.sfweekly.com
8 fonts.gstatic.com fonts.googleapis.com
7 um.simpli.fi 6 redirects ads.pubmatic.com
7 ps.eyeota.net 6 redirects ads.pubmatic.com
7 usr.undertone.com ads.pubmatic.com
cdn.undertone.com
7 ads.pubmatic.com www.sfweekly.com
hb.brainlyads.com
ads.pubmatic.com
7 static.freeskreen.com www.sfweekly.com
7 www.google-analytics.com www.sfweekly.com
www.google-analytics.com
www.googletagmanager.com
6 a.audrte.com 3 redirects
6 uipglob.semasio.net 3 redirects
6 visitor.fiftyt.com 6 redirects
6 pm.w55c.net 6 redirects
6 match.bnmla.com 6 redirects
6 image8.pubmatic.com 3 redirects ads.pubmatic.com
6 match.prod.bidr.io 6 redirects
6 eus.rubiconproject.com sb.freeskreen.com
eus.rubiconproject.com
hb.brainlyads.com
cdn.undertone.com
6 8f4b3a34c719de7bcf70047dfa1b93cb.safeframe.googlesyndication.com securepubads.g.doubleclick.net
5 x.bidswitch.net 3 redirects ssum-sec.casalemedia.com
5 ups.analytics.yahoo.com 3 redirects ssum-sec.casalemedia.com
5 c1.adform.net 3 redirects ads.pubmatic.com
ssum-sec.casalemedia.com
5 csi.gstatic.com www.gstatic.com
5 d2s8wlbatk24s7.cloudfront.net includemodal.global.ssl.fastly.net
5 includemodal.global.ssl.fastly.net www.sfweekly.com
8f4b3a34c719de7bcf70047dfa1b93cb.safeframe.googlesyndication.com
4 simage4.pubmatic.com ads.pubmatic.com
4 pixel-sync.sitescout.com 4 redirects
4 image4.pubmatic.com 2 redirects ads.pubmatic.com
4 image6.pubmatic.com ads.pubmatic.com
4 acdn.adnxs.com hb.brainlyads.com
4 report2.hb.brainlyads.com hb.brainlyads.com
4 surgeprice.com ap.lijit.com
4 fastlane.rubiconproject.com hb.brainlyads.com
4 htlb.casalemedia.com hb.brainlyads.com
4 tag.1rx.io hb.brainlyads.com
4 hbopenbid.pubmatic.com hb.brainlyads.com
4 includemodal.com 8f4b3a34c719de7bcf70047dfa1b93cb.safeframe.googlesyndication.com
4 sync.mathtag.com 4 redirects
3 mwzeom.zeotap.com ads.pubmatic.com
3 aud.pubmatic.com
3 sync.srv.stackadapt.com 3 redirects
3 px.owneriq.net 2 redirects ssum-sec.casalemedia.com
3 sync-tm.everesttech.net 3 redirects
3 pixel.onaudience.com 3 redirects
3 googleads.g.doubleclick.net www.sfweekly.com
3 secure.adnxs.com 3 redirects
3 tagan.adlightning.com www.sfweekly.com
tagan.adlightning.com
3 www.gstatic.com 8f4b3a34c719de7bcf70047dfa1b93cb.safeframe.googlesyndication.com
3 reporting.powerad.ai powerad.ai
3 www.google.com www.sfweekly.com
tpc.googlesyndication.com
tagan.adlightning.com
2 pixel.rubiconproject.com cdn.undertone.com
eus.rubiconproject.com
2 pixel.advertising.com 2 redirects
2 ads.betweendigital.com 2 redirects
2 pr-bh.ybp.yahoo.com ads.pubmatic.com
ssum-sec.casalemedia.com
2 pixel.quantserve.com 2 redirects
2 ad4m.at ads.pubmatic.com
ssum-sec.casalemedia.com
2 sync.1rx.io 2 redirects
2 d5p.de17a.com 2 redirects
2 www.facebook.com www.sfweekly.com
2 u.openx.net 2 redirects
2 connect.facebook.net p.ad.gt
connect.facebook.net
2 gum.criteo.com ads.pubmatic.com
2 dpm.demdex.net 2 redirects
2 ads.freeskreen.com ajax.googleapis.com
2 ajax.googleapis.com www.sfweekly.com
2 cs.admanmedia.com 2 redirects
2 scm.publishers.tremorhub.com 1 redirects www.sfweekly.com
2 sync.smartadserver.com 2 redirects
2 secure-assets.rubiconproject.com 2 redirects
2 adservice.google.com securepubads.g.doubleclick.net
tagan.adlightning.com
2 adservice.google.de securepubads.g.doubleclick.net
tagan.adlightning.com
2 stats.g.doubleclick.net www.google-analytics.com
2 richstring.com www.sfweekly.com
richstring.com
2 powerad.ai www.sfweekly.com
powerad.ai
2 fonts.googleapis.com www.sfweekly.com
8f4b3a34c719de7bcf70047dfa1b93cb.safeframe.googlesyndication.com
2 www.sfweekly.com 1ryzas42x65e2oosia40bgli-wpengine.netdna-ssl.com
1 rtb.adentifi.com ssum-sec.casalemedia.com
1 sync.extend.tv 1 redirects
1 bttrack.com ssum-sec.casalemedia.com
1 ums.acuityplatform.com 1 redirects
1 d.adroll.com 1 redirects
1 sync.ipredictive.com 1 redirects
1 us-u.openx.net 1 redirects
1 rtb.gumgum.com ads.pubmatic.com
1 ads.playground.xyz 1 redirects
1 match.adsby.bidtheatre.com 1 redirects
1 ad.turn.com 1 redirects
1 pubmatic-match.dotomi.com ads.pubmatic.com
1 d.turn.com 1 redirects
1 match.taboola.com ads.pubmatic.com
1 trc.taboola.com 1 redirects
1 match.deepintent.com ads.pubmatic.com
1 s.tribalfusion.com ads.pubmatic.com
1 a.tribalfusion.com 1 redirects
1 cm.adgrx.com ads.pubmatic.com
1 green.erne.co 1 redirects
1 sync.targeting.unrulymedia.com 1 redirects
1 csync.loopme.me 1 redirects
1 rtb-csync.smartadserver.com 1 redirects
1 bh.contextweb.com 1 redirects
1 dsp.adfarm1.adition.com 1 redirects
1 dis.criteo.com ads.pubmatic.com
1 cdn.undertone.com hb.brainlyads.com
1 a6688555ed4ceca06e63e736254abbf3.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 gslbeacon.lijit.com ap.lijit.com
1 pixels.ad.gt p.ad.gt
1 g2.gumgum.com hb.brainlyads.com
1 ads.yieldmo.com hb.brainlyads.com
1 hb.undertone.com hb.brainlyads.com
1 r6---sn-a5mlrnel.gvt1.com 8f4b3a34c719de7bcf70047dfa1b93cb.safeframe.googlesyndication.com
1 r4---sn-2gb7sn7r.gvt1.com 1 redirects
1 redirector.gvt1.com 1 redirects
1 p.ad.gt a.ad.gt
1 aufp.io a.ad.gt
1 51uav-sg2ba.ads.tremorhub.com ajax.googleapis.com
1 token.rubiconproject.com eus.rubiconproject.com
1 51uav-eqocf.ads.tremorhub.com ajax.googleapis.com
1 a.ad.gt www.sfweekly.com
1 www.googletagmanager.com powerad.ai
1 pixel.zprk.io powerad.ai
1 in.hotjar.com script.hotjar.com
1 loadeu.exelator.com www.sfweekly.com
1 ww1772.smartadserver.com sb.freeskreen.com
1 static.adsafeprotected.com www.sfweekly.com
1 www.google.de www.sfweekly.com
1 vars.hotjar.com static.hotjar.com
1 script.hotjar.com static.hotjar.com
1 static.hotjar.com www.sfweekly.com
0 id5-sync.com Failed
483 147
Subject Issuer Validity Valid
www.sfweekly.com
R3		 2021-08-21 -
2021-11-19		 3 months crt.sh
*.netdna-ssl.com
Sectigo RSA Domain Validation Secure Server CA		 2021-02-22 -
2022-03-18		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2021-08-30 -
2021-11-22		 3 months crt.sh
*.powerad.ai
Go Daddy Secure Certificate Authority - G2		 2021-08-13 -
2022-09-14		 a year crt.sh
*.freetls.fastly.net
GlobalSign Atlas R3 DV TLS CA 2020		 2021-04-27 -
2022-05-29		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
*.cloudfront.net
Amazon		 2021-03-19 -
2022-03-17		 a year crt.sh
*.hotjar.com
Amazon		 2020-12-25 -
2022-01-23		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
*.freeskreen.com
Amazon		 2021-01-19 -
2022-02-16		 a year crt.sh
richstring.com
R3		 2021-08-21 -
2021-11-19		 3 months crt.sh
*.google.de
GTS CA 1C3		 2021-08-30 -
2021-11-22		 3 months crt.sh
*.google.com
GTS CA 1C3		 2021-08-30 -
2021-11-22		 3 months crt.sh
www.google.com
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
www.google.de
GTS CA 1C3		 2021-08-30 -
2021-11-22		 3 months crt.sh
hb.brainlyads.com
Go Daddy Secure Certificate Authority - G2		 2020-11-23 -
2021-12-25		 a year crt.sh
static.adsafeprotected.com
Amazon		 2021-09-05 -
2022-10-04		 a year crt.sh
*.smartadserver.com
DigiCert ECC Secure Server CA		 2020-01-30 -
2022-02-03		 2 years crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-04-01 -
2022-04-04		 a year crt.sh
*.tremorhub.com
Amazon		 2021-06-27 -
2022-07-26		 a year crt.sh
*.exelator.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-06-02 -
2022-06-07		 a year crt.sh
*.zprk.io
DigiCert TLS RSA SHA256 2020 CA1		 2020-12-11 -
2021-12-15		 a year crt.sh
*.ad.gt
Amazon		 2021-06-09 -
2022-07-08		 a year crt.sh
*.pubmatic.com
DigiCert SHA2 Secure Server CA		 2021-03-30 -
2022-04-04		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2021-08-30 -
2021-11-22		 3 months crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2021-03-11 -
2022-04-12		 a year crt.sh
*.adlightning.com
Amazon		 2021-06-24 -
2022-07-23		 a year crt.sh
c.amazon-adsystem.com
Amazon		 2021-07-06 -
2022-06-27		 a year crt.sh
aufp.io
Amazon		 2020-12-26 -
2022-01-24		 a year crt.sh
*.c.docs.google.com
GTS CA 1C3		 2021-09-21 -
2021-11-30		 2 months crt.sh
includemodal.com
Amazon		 2020-11-15 -
2021-12-14		 a year crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-09-09 -
2021-12-07		 3 months crt.sh
*.1rx.io
Sectigo RSA Domain Validation Secure Server CA		 2021-06-01 -
2022-07-02		 a year crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018		 2021-02-05 -
2022-02-09		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2021-03-05 -
2022-02-19		 a year crt.sh
*.undertone.com
Amazon		 2020-11-03 -
2021-12-02		 a year crt.sh
*.yieldmo.com
Amazon		 2021-05-25 -
2022-06-23		 a year crt.sh
*.gumgum.com
Amazon		 2021-06-05 -
2022-07-04		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2021-09-09 -
2021-12-08		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2020-12-29 -
2021-12-28		 a year crt.sh
cert1.a2.atm.aqfer.net
R3		 2021-09-20 -
2021-12-19		 3 months crt.sh
report2.hb.brainlyads.com
R3		 2021-09-13 -
2021-12-12		 3 months crt.sh
cdn.adnxs.com
GlobalSign Organization Validated CA - SHA256 - G4		 2021-05-10 -
2022-06-11		 a year crt.sh
track.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-06 -
2022-10-07		 a year crt.sh
*.k8s-cluster-p-us-east-1.ramp-ut.io
Amazon		 2020-11-18 -
2021-12-18		 a year crt.sh
public1.adgear.com
Sectigo RSA Domain Validation Secure Server CA		 2021-02-24 -
2022-03-26		 a year crt.sh
*.deepintent.com
Go Daddy Secure Certificate Authority - G2		 2020-04-09 -
2022-06-08		 2 years crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1		 2020-11-25 -
2021-12-26		 a year crt.sh
*.eyeota.net
R3		 2021-08-27 -
2021-11-25		 3 months crt.sh
*.simpli.fi
DigiCert SHA2 Secure Server CA		 2019-09-18 -
2021-12-12		 2 years crt.sh
*.pbp.bf2.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2021-08-18 -
2021-11-17		 3 months crt.sh
*.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2021-08-10 -
2022-09-11		 a year crt.sh
s.amazon-adsystem.com
Amazon		 2021-07-14 -
2022-06-27		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2021-03-18 -
2022-04-19		 a year crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2020-04-23 -
2022-05-04		 2 years crt.sh
*.owneriq.net
GeoTrust RSA CA 2018		 2021-01-29 -
2022-02-02		 a year crt.sh
*.bttrack.com
Sectigo RSA Domain Validation Secure Server CA		 2021-03-29 -
2022-03-29		 a year crt.sh
ups.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2021-08-17 -
2022-02-09		 6 months crt.sh
adentifi.com
Amazon		 2021-09-04 -
2022-10-03		 a year crt.sh
*.semasio.net
GlobalSign GCC R3 DV TLS CA 2020		 2021-03-09 -
2022-04-10		 a year crt.sh
*.audrte.com
Amazon		 2021-01-26 -
2022-02-24		 a year crt.sh

This page contains 72 frames:

Primary Page: https://www.sfweekly.com/sponsored/black-friday-cbd-oil-sales/
Frame ID: E643B9AE2F1CC0B86E136A9AC6B691D0
Requests: 119 HTTP requests in this frame

Frame: https://8f4b3a34c719de7bcf70047dfa1b93cb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 0EF51EAD2E32CC4BC683A8EC981521C1
Requests: 1 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-dfc01efbdc94bb0936d9a35a502b0b64.html
Frame ID: DC65166643795E3C6CED59FBE677832A
Requests: 1 HTTP requests in this frame

Frame: https://hb.brainlyads.com/pbjs_wrapper.v1.0.js
Frame ID: 8C9DBECDF3AB969C2709A21EE33221A7
Requests: 29 HTTP requests in this frame

Frame: https://hb.brainlyads.com/pbjs_wrapper.v1.1.js
Frame ID: 31FDC71BA81D3151D1371FADB3D28063
Requests: 4 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=123456&endpoint=us-west
Frame ID: D59998DCD734BD578AF9A1FC65C5B1BE
Requests: 3 HTTP requests in this frame

Frame: https://ajax.googleapis.com/ajax/libs/jquery/1.9.1/jquery.min.js
Frame ID: 4E1AB2AD2FF4D714F149A444AF69F6BC
Requests: 11 HTTP requests in this frame

Frame: https://ajax.googleapis.com/ajax/libs/jquery/1.9.1/jquery.min.js
Frame ID: B870D0F8A287BCCF3D8CDE2E8C5CE6E0
Requests: 11 HTTP requests in this frame

Frame: https://8f4b3a34c719de7bcf70047dfa1b93cb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: C698DF6314EE94FFE22B2080FD06D572
Requests: 21 HTTP requests in this frame

Frame: https://8f4b3a34c719de7bcf70047dfa1b93cb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 9A841D882454CF9950476FB8C35CCD2A
Requests: 21 HTTP requests in this frame

Frame: https://8f4b3a34c719de7bcf70047dfa1b93cb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 1104B51EB46D08A67A64D298DE91DDBD
Requests: 22 HTTP requests in this frame

Frame: https://8f4b3a34c719de7bcf70047dfa1b93cb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: C63D8C8005CBE32E90CEBCCAF6709B5D
Requests: 21 HTTP requests in this frame

Frame: https://hb.brainlyads.com/json-parts/2260/?ver=1.0&pageId=1522836807&sizes=[[728,90],[970,90]]&winbidder=&keyValues=[[%22refresh%22,0],[%22url%22,%22https://www.sfweekly.com/sponsored/black-friday-cbd-oil-sales/%22],[%22referrer%22,%22%22],[%22referrerCategory%22,%22Direct%22]]
Frame ID: A3C625EAB40B4496D4EBDE15EFBFEBDC
Requests: 1 HTTP requests in this frame

Frame: https://8f4b3a34c719de7bcf70047dfa1b93cb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 975EE31F9A3CE82BAFD3BADA9E40F9D3
Requests: 29 HTTP requests in this frame

Frame: https://hb.brainlyads.com/json-parts/2262/?ver=1.0&pageId=1522836807&sizes=[[300,250]]&winbidder=&keyValues=[[%22refresh%22,0],[%22url%22,%22https://www.sfweekly.com/sponsored/black-friday-cbd-oil-sales/%22],[%22referrerCategory%22,%22Direct%22]]
Frame ID: A109337E21646E14ED8A7C4F4D5AB6DD
Requests: 1 HTTP requests in this frame

Frame: https://hb.brainlyads.com/json-parts/2262/?ver=1.0&pageId=1522836807&sizes=[[300,250]]&winbidder=&keyValues=[[%22refresh%22,0],[%22url%22,%22https://www.sfweekly.com/sponsored/black-friday-cbd-oil-sales/%22],[%22referrerCategory%22,%22Direct%22]]
Frame ID: 5C6FC162C0F54DCC5EC1DAE2A1B19A62
Requests: 1 HTTP requests in this frame

Frame: https://hb.brainlyads.com/json-parts/2262/?ver=1.0&pageId=1522836807&sizes=[[300,250]]&winbidder=&keyValues=[[%22refresh%22,0],[%22url%22,%22https://www.sfweekly.com/sponsored/black-friday-cbd-oil-sales/%22],[%22referrerCategory%22,%22Direct%22]]
Frame ID: 27B85DCAE035EA6338356628EB4A0408
Requests: 1 HTTP requests in this frame

Frame: https://tagan.adlightning.com/nextmillenium/op.js
Frame ID: EC272CEBCF88A3C6A9A29250EDC564CE
Requests: 22 HTTP requests in this frame

Frame: https://c.amazon-adsystem.com/aax2/apstag.js
Frame ID: E4EEFDF7933BEF22D1E1CC90A59CF9A2
Requests: 6 HTTP requests in this frame

Frame: https://c.amazon-adsystem.com/aax2/apstag.js
Frame ID: 00D38EF74C75D5B31CD08746E960A7F1
Requests: 6 HTTP requests in this frame

Frame: https://c.amazon-adsystem.com/aax2/apstag.js
Frame ID: 22B8A993805BF7E9AFB61EBAF8CFA970
Requests: 6 HTTP requests in this frame

Frame: https://gslbeacon.lijit.com/beacon?viewId=a_435515_27dec086467e471eac73961770d60b60&rand=8216&informer=13390776&type=fpads&loc=https%3A%2F%2Fwww.sfweekly.com%2F&v=1.2
Frame ID: 74397BAE3B25CC37C3A4DDF6B13FFDB4
Requests: 1 HTTP requests in this frame

Frame: https://a6688555ed4ceca06e63e736254abbf3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Frame ID: 09DB4219FCB927E9AB46E1E0D367B434
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 8E8147E1712C98051D84EB4702E89B2E
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: A5B3F77A3922E134E2C8A8B8A91A166B
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: FD8D1CC83CCF72F3D1098FECAF332DDD
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: A5738D9DB43854D93400B1D9BC7EEFED
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: B054B25EFC7EA305CA018928461CE428
Requests: 2 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 244559B971BD53EA3E88D920837ADBF5
Requests: 1 HTTP requests in this frame

Frame: https://cdn.undertone.com/js/usersync.html
Frame ID: D6DA0FFFEA25009F0F4AEADF35E6C292
Requests: 8 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: C9028425AAA358A57853543348395709
Requests: 24 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 63DC5704420B8E3B2F6571210DD74A3A
Requests: 3 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 402D3CBB9F54319D5A85DA62C342ABA4
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 64F2639770BA99FB8AE919E2B80C6516
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 8D04ECFC4DEA5CD755D6CDBAA354450B
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: C327DCDC30F5A3A7CFF89A6F0FAB9A9E
Requests: 7 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: F5D49C01852287357A06017F59BB8B87
Requests: 7 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: D02619F6F5A7ACB0BB4601D7D1E3FBA7
Requests: 3 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: E7FFDBFCCD2D5698376C126CFD89594E
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: DDD3E23A8DBB780A260FB471C5D878E5
Requests: 3 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 5A7FA98C2ACB5D97BFD6111C2392917C
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: EDA77B3F02A94472EEC2DE808E30EE0A
Requests: 7 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https://www.sfweekly.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Frame ID: C5DF4CBE9F7DB3567E19975296D44483
Requests: 10 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=F81EBD4E-0CF0-45F5-92DA-18DBAAD0E44A
Frame ID: 9C608CD7828130CA4EA3A80E7C746F35
Requests: 1 HTTP requests in this frame

Frame: https://usr.undertone.com/userPixel/sync?partnerId=53&uid=F81EBD4E-0CF0-45F5-92DA-18DBAAD0E44A
Frame ID: 88B01A744F4B1B43C1A355293EE8B969
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: 5FB1C77616F2F8E7EAA78E67D9248C10
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7014038493271226508
Frame ID: F93C3C74ED24CA85F4987F22CD8CF3DD
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAEYRk7Crb4AABSSK-ZW0Q
Frame ID: F4180BD5B50880AD10C36F56953B0C46
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0
Frame ID: 424FB5A46832A5FBD69D1A81B8D54592
Requests: 1 HTTP requests in this frame

Frame: https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Frame ID: 2E3DED511ED72EC1FA9BF8AFD13F49BD
Requests: 1 HTTP requests in this frame

Frame: https://ad4m.at/ad/dpe?b=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjkmdGw9MTI5NjAw&piggybackCookie=$UID
Frame ID: C62FB4F75FA31E54015C0FC9BEB881FA
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=2aZSAGWS8llKICBlqJhRXktD
Frame ID: A7021E4A5801851B222794848CEA0DBF
Requests: 1 HTTP requests in this frame

Frame: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Frame ID: 9AF9CBDD4F32BBBDFB0C23C84343E6C6
Requests: 1 HTTP requests in this frame

Frame: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: F68AEDF81CEC55CB6A16DD460C423C1F
Requests: 1 HTTP requests in this frame

Frame: https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent=
Frame ID: 609E84BEF7430DC6E06121807F6CD8BE
Requests: 1 HTTP requests in this frame

Frame: https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=52b20f26-cd0d-44e7-b36a-021a783e34d5-tuct8506459&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Frame ID: 54ABBD74F4F08A707829F428B6BA3919
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https://www.sfweekly.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Frame ID: 670B06D7FA447BF256C9FED8B63E8A64
Requests: 10 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https://www.sfweekly.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Frame ID: EDD696CF1584D04767DC09735FE870B5
Requests: 10 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https://www.sfweekly.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Frame ID: 5C14E4DEB2EFB263BE69D4B1A8F9EC5A
Requests: 10 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=12776
Frame ID: D2AEB14313D66AF6ED17C30F9690760E
Requests: 3 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NzUmdGw9MTI5NjAw&piggybackCookie=6fe1ad76-b777-42db-b78d-6e7413220bdb
Frame ID: 75C20806D913A2BB64EF9FA62645203C
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:EKJVDsTh1Mwfw05&gdpr=0&gdpr_consent=
Frame ID: 5A0597D37B34873A00D1C6CC9E8ACC56
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:E45975EBD15D458C8D63926C4697E0BE
Frame ID: 4C8F9F4DFAED07F94EF2A4767B22BBF2
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=sVmbgO7ZRUJkVaSIRmofRNiDby0
Frame ID: CF84D796C61A51042B796BB292ED6C31
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NzUmdGw9MTI5NjAw&piggybackCookie=6fe1ad76-b777-42db-b78d-6e7413220bdb
Frame ID: 36670E4A1CF1D999D15B4442A74E81A2
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:EKJVDsTh1Mwfw05&gdpr=0&gdpr_consent=
Frame ID: 6C68B0B84A9C4C5F69B3D8017204E4B0
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:E45975EBD15D458C8D63926C4697E0BE
Frame ID: 36AE527E8140E9EBE11C5FE2D3E46A2F
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=MpcL_Mt5Rh5PdqAJ6a4QltiDby0
Frame ID: D2B8CCBC56EEF82AAF34D6632ACF6DB7
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NzUmdGw9MTI5NjAw&piggybackCookie=6fe1ad76-b777-42db-b78d-6e7413220bdb
Frame ID: 6A3F9D800ED7E51198FF07317B5CFA65
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:EKJVDsTh1Mwfw05&gdpr=0&gdpr_consent=
Frame ID: 61590355965A3F8327D3C301A7652F50
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:E45975EBD15D458C8D63926C4697E0BE
Frame ID: DEC4F374F386FDCF99AC3709050E6C25
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=vEVXBdemTeJCOPMaZ0f6LdiDby0
Frame ID: 2F0A21928C7B82056360362215A3F616
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Black Friday CBD Oil Sales: The Best CBD Oil Deals for Black Friday and Cyber Monday - SF Weekly

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
  • wp-embed\.min\.js\?ver=([\d.]+)
Overall confidence: 100%
Detected patterns
  • <link rel="amphtml"
Overall confidence: 100%
Detected patterns
  • <!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • tpc\.googlesyndication\.com/safeframe
Overall confidence: 100%
Detected patterns
  • googletagservices\.com/tag/js/gpt(?:_mobile)?\.js
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • //static\.hotjar\.com/
Overall confidence: 100%
Detected patterns
  • /prebid\.js
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • sweetalert2(?:\.all)?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
  • /([\d.]+)/jquery(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

483
Requests

99 %
HTTPS

0 %
IPv6

90
Domains

147
Subdomains

99
IPs

12
Countries

11058 kB
Transfer

18263 kB
Size

167
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 85
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=123456&endpoint=us-west HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=123456&endpoint=us-west
Request Chain 86
  • https://sync.smartadserver.com/getuid?url=https%3A%2F%2Fsb.freeskreen.com%2Fum%3Fsa%3D%5Bsas_uid%5D HTTP 302
  • https://sync.smartadserver.com/getuid?url=https://sb.freeskreen.com/um?sa=[sas_uid]&cklb=1 HTTP 302
  • https://sb.freeskreen.com/um?sa=7205702882258895689
Request Chain 87
  • https://scm.publishers.tremorhub.com/pubsync?redir=https%3A%2F%2Fsb.freeskreen.com%2Fum%3Ftlr%3D%5Btvid%5D HTTP 302
  • https://scm.publishers.tremorhub.com/pubsync/verify?redir=https%3A%2F%2Fsb.freeskreen.com%2Fum%3Ftlr%3D%5Btvid%5D
Request Chain 88
  • https://cs.admanmedia.com/sync/smaato?redir=https%3A%2F%2Fsb.freeskreen.com%2Fum%3Fac%3D{$UID} HTTP 302
  • https://sb.freeskreen.com/um?ac={$UID}
Request Chain 183
  • https://secure.adnxs.com/getuid?https://ids.ad.gt/api/v1/match?id=6e52ce68-ecc0-4328-82e5-b5972013fe7a&adnxs_id=$UID HTTP 307
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fmatch%3Fid%3D6e52ce68-ecc0-4328-82e5-b5972013fe7a%26adnxs_id%3D%24UID HTTP 302
  • https://ids.ad.gt/api/v1/match?id=6e52ce68-ecc0-4328-82e5-b5972013fe7a&adnxs_id=8024006013844445723
Request Chain 184
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8gkxb6n&ttd_tpi=1&gpdr=0&ttd_puid=6e52ce68-ecc0-4328-82e5-b5972013fe7a HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=8gkxb6n&ttd_tpi=1&gpdr=0&ttd_puid=6e52ce68-ecc0-4328-82e5-b5972013fe7a HTTP 302
  • https://ids.ad.gt/api/v1/t_match?tdid=117b351e-56e1-4502-abfd-e86c5570ad18&id=6e52ce68-ecc0-4328-82e5-b5972013fe7a
Request Chain 185
  • https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fpbm_match%3Fpbm%3D%23PM_USER_ID%26id%3D6e52ce68-ecc0-4328-82e5-b5972013fe7a HTTP 302
  • https://image2.pubmatic.com/AdServer/UCookieSetPug?ird=1&rd=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fpbm_match%3Fpbm%3D%23PM_USER_ID%26id%3D6e52ce68-ecc0-4328-82e5-b5972013fe7a HTTP 302
  • https://ids.ad.gt/api/v1/pbm_match?pbm=F81EBD4E-0CF0-45F5-92DA-18DBAAD0E44A&id=6e52ce68-ecc0-4328-82e5-b5972013fe7a
Request Chain 186
  • https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_cm&google_sc&google_ula=450542624&id=6e52ce68-ecc0-4328-82e5-b5972013fe7a HTTP 302
  • https://ids.ad.gt/api/v1/g_match?id=6e52ce68-ecc0-4328-82e5-b5972013fe7a&google_gid=CAESEHg4otRItfZwXLcEmvmOanI&google_cver=1&google_ula=450542624,0
Request Chain 187
  • https://ids.ad.gt/api/v1/g_hosted?id=6e52ce68-ecc0-4328-82e5-b5972013fe7a HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_hm=NmU1MmNlNjgtZWNjMC00MzI4LTgyZTUtYjU5NzIwMTNmZTdh
Request Chain 188
  • https://match.prod.bidr.io/cookie-sync/audigent?buyer_user_id=6e52ce68-ecc0-4328-82e5-b5972013fe7a HTTP 303
  • https://match.prod.bidr.io/cookie-sync/audigent?buyer_user_id=6e52ce68-ecc0-4328-82e5-b5972013fe7a&_bee_ppp=1 HTTP 303
  • https://ids.ad.gt/api/v1/beeswax_match?beeswax_id=AAEYRk7Crb4AABSSK-ZW0Q&id=6e52ce68-ecc0-4328-82e5-b5972013fe7a
Request Chain 189
  • https://sync.mathtag.com/sync/img?redir=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fmediamath_match%3Fuser_id%3D%5BMM_UUID%5D%26id%3D6e52ce68-ecc0-4328-82e5-b5972013fe7a HTTP 302
  • https://ids.ad.gt/api/v1/mediamath_match?user_id=57de6156-ded5-4200-bf94-c7d95625e804&id=6e52ce68-ecc0-4328-82e5-b5972013fe7a
Request Chain 190
  • https://dpm.demdex.net/ibs:dpid=348447&dpuuid=6e52ce68-ecc0-4328-82e5-b5972013fe7a&redir=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fadb_match%3Fadb%3D%24%7BDD_UUID%7D%26id%3D6e52ce68-ecc0-4328-82e5-b5972013fe7a HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=348447&dpuuid=6e52ce68-ecc0-4328-82e5-b5972013fe7a&redir=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fadb_match%3Fadb%3D%24%7BDD_UUID%7D%26id%3D6e52ce68-ecc0-4328-82e5-b5972013fe7a HTTP 302
  • https://ids.ad.gt/api/v1/adb_match?adb=31484824399336767402015332676687979971&id=6e52ce68-ecc0-4328-82e5-b5972013fe7a
Request Chain 203
  • https://redirector.gvt1.com/videoplayback?id=0f7c009142f88e41&itag=18&source=web_video_ads&requiressl=yes&cmo=secure_transport=yes&ip=0.0.0.0&ipbits=0&expire=1633090292&sparams=ip,ipbits,expire,id,itag,source,requiressl&signature=AF4947C870C2AAB3F82693A19EAC44A399A06E25.1DD6B95FDE6BFDF85E9FDC06651FAEBFF5370C&key=ck2 HTTP 302
  • https://r4---sn-2gb7sn7r.gvt1.com/videoplayback?id=0f7c009142f88e41&itag=18&source=web_video_ads&requiressl=yes&ip=0.0.0.0&ipbits=0&expire=1633090292&sparams=expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,requiressl,source&signature=6C3FCF6B392DE1BD3264769A88A8EEAA95AD8D64.54E500DA1291DA322A33889385E6F36A1BB8C56E&key=cms1&cms_redirect=yes&mh=A8&mip=216.131.111.45&mm=28&mn=sn-2gb7sn7r&ms=nvh&mt=1633082416&mv=m&mvi=4&pl=24 HTTP 302
  • https://r6---sn-a5mlrnel.gvt1.com/videoplayback?id=0f7c009142f88e41&itag=18&source=web_video_ads&requiressl=yes&ip=0.0.0.0&ipbits=0&expire=1633090292&sparams=expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,requiressl,source&signature=30B0A8CDF724CB23ECCCB0BCA94BC0ED47B50239.2FA36E3B86ACFB3FB013B384037C44F55B11CD93&key=cms1&mh=A8&pl=24&redirect_counter=1&cm2rm=sn-2gbek7z&req_id=9eaa3b38c17a36e2&cms_redirect=yes&mip=216.131.111.45&mm=34&mn=sn-a5mlrnel&ms=ltu&mt=1633082431&mv=m&mvi=6
Request Chain 267
  • https://u.openx.net/w/1.0/cm?id=998eaf06-9905-4eae-9e26-9fac75960c53&r=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fopenx%3Fopenx_id%3D%7BOPENX_ID%7D%26id%3D0200b69q6w07jv2yg08xizqr0bwpa1w0evvljv1k7cm961o8b5po0ntek210qskvk40trr7270wqxik90zq3u2c12pa5j31k0gxf118nmsj91nelrdq1elzfjf1hl5r1i1kkc2jl%26auid%3D6e52ce68-ecc0-4328-82e5-b5972013fe7a HTTP 302
  • https://u.openx.net/w/1.0/cm?cc=1&id=998eaf06-9905-4eae-9e26-9fac75960c53&r=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fopenx%3Fopenx_id%3D%7BOPENX_ID%7D%26id%3D0200b69q6w07jv2yg08xizqr0bwpa1w0evvljv1k7cm961o8b5po0ntek210qskvk40trr7270wqxik90zq3u2c12pa5j31k0gxf118nmsj91nelrdq1elzfjf1hl5r1i1kkc2jl%26auid%3D6e52ce68-ecc0-4328-82e5-b5972013fe7a HTTP 302
  • https://ids.ad.gt/api/v1/openx?openx_id=769bd6e8-5601-4f59-96af-351b970f206f&id=0200b69q6w07jv2yg08xizqr0bwpa1w0evvljv1k7cm961o8b5po0ntek210qskvk40trr7270wqxik90zq3u2c12pa5j31k0gxf118nmsj91nelrdq1elzfjf1hl5r1i1kkc2jl&auid=6e52ce68-ecc0-4328-82e5-b5972013fe7a
Request Chain 362
  • https://id5-sync.com/s/441/9.gif?puid=e_1edbcb18-77c5-49be-93a1-49e7091e8c3d&gdpr=1&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/441/441/9/1.gif?puid=e_1edbcb18-77c5-49be-93a1-49e7091e8c3d&gdpr=1&gdpr_consent= HTTP 302
  • https://ice.360yield.com/match?publisher_dsp_id=313&dsp_callback=1&external_user_id=ID5-ZHMOFSIKsxvih4RhKih28Jny1qjZa7tFgyABL6qD1w&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F441%2F916%2F8%2F2.gif%3Fpuid%3D%7BPUB_USER_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
  • https://ice.360yield.com/ul_cb/match?publisher_dsp_id=313&dsp_callback=1&external_user_id=ID5-ZHMOFSIKsxvih4RhKih28Jny1qjZa7tFgyABL6qD1w&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F441%2F916%2F8%2F2.gif%3Fpuid%3D%7BPUB_USER_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
  • https://id5-sync.com/cq/441/916/8/2.gif?puid=0326701a-d791-4c78-bb96-9b1d181a8963&gdpr=1&gdpr_consent=&gdpr=1&gdpr_consent= HTTP 302
  • https://ice.360yield.com/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMOFSIKsxvih4RhKih28Jny1qjZa7tFgyABL6qD1w&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F441%2F124%2F7%2F3.gif%3Fpuid%3D%7BPUB_USER_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
  • https://id5-sync.com/cq/441/124/7/3.gif?puid=0326701a-d791-4c78-bb96-9b1d181a8963&gdpr=1&gdpr_consent=&gdpr=1&gdpr_consent= HTTP 302
  • https://ads.avocet.io/getuid?url=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F146%2F6%2F4.gif%3Fpuid%3D%7B%7BUUID%7D%7D%26gdpr%3D1%26gdpr_consent%3D HTTP 301
  • https://ads.avct.cloud/getuid?r=1&url=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F146%2F6%2F4.gif%3Fpuid%3D%7B%7BUUID%7D%7D%26gdpr%3D1%26gdpr_consent%3D HTTP 307
  • https://ads.avct.cloud/getuid?bounce=true&r=1&url=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F146%2F6%2F4.gif%3Fpuid%3D%7B%7BUUID%7D%7D%26gdpr%3D1%26gdpr_consent%3D HTTP 302
  • https://id5-sync.com/c/441/146/6/4.gif?puid=e6700eeb-4f4c-4139-a2d2-0fb81837e055&gdpr=1&gdpr_consent= HTTP 302
  • https://cookie-matching.mediarithmics.com/v1/get_user_agent_id?dom_token=id517&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9NSZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY HTTP 303
  • https://cookie-matching.mediarithmics.com/v1/get_or_create?sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9NSZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY&domid=1033 HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=medr&google_cm&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9NSZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY&action=GET_ID&opid=goo&etid=&domid=1033&ops=apx HTTP 302
  • https://cookie-matching.mediarithmics.com/input?key=GOO&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9NSZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY&action=GET_ID&opid=goo&etid=&domid=1033&ops=apx&google_gid=CAESEO2EoYNG2WHG5qJFgSDGHVc&google_cver=1 HTTP 303
  • https://ib.adnxs.com/getuid?https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=$UID&opid=apx&ops=&utidl=tech:goo:CAESEO2EoYNG2WHG5qJFgSDGHVc&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9NSZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY&action=GET_ID&etid=&domid=1033 HTTP 302
  • https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=8024006013844445723&opid=apx&ops=&utidl=tech:goo:CAESEO2EoYNG2WHG5qJFgSDGHVc&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9NSZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY&action=GET_ID&etid=&domid=1033 HTTP 303
  • https://id5-sync.com/qp/18.gif?puid=vec%3A21165419680&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9NSZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY HTTP 302
  • https://sync.crwdcntrl.net/map/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/441/19/4/6.gif?puid=${profile_id}&gdpr=1&gdpr_consent= HTTP 302
  • https://sync.crwdcntrl.net/map/ct=y/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/441/19/4/6.gif?puid=${profile_id}&gdpr=1&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/441/19/4/6.gif?puid=54d24ff3f09adfa5ad5df1bd6623a1d0&gdpr=1&gdpr_consent=
Request Chain 369
  • https://ssum-sec.casalemedia.com/usermatch?d=https://www.sfweekly.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F HTTP 302
  • https://ssum-sec.casalemedia.com/usermatch?d=https://www.sfweekly.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Request Chain 370
  • https://c1.adform.net/serving/cookie/match?party=14&cid=F81EBD4E-0CF0-45F5-92DA-18DBAAD0E44A HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=F81EBD4E-0CF0-45F5-92DA-18DBAAD0E44A
Request Chain 371
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=9169346895279784238 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?p=160318&pmc=1&pr=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D53%26uid%3DF81EBD4E-0CF0-45F5-92DA-18DBAAD0E44A HTTP 302
  • https://usr.undertone.com/userPixel/sync?partnerId=53&uid=F81EBD4E-0CF0-45F5-92DA-18DBAAD0E44A
Request Chain 373
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7014038493271226508
Request Chain 374
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent= HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFFWVJrN0NyYjRBQUJTU0stWlcwUQ&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 303
  • https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AAEYRk7Crb4AABSSK-ZW0Q&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dsas%252Cpm%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?bee_sync_partners=sas%2Cpm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=2&ev=AAEYRk7Crb4AABSSK-ZW0Q&pid=558502&do=add HTTP 303
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAEYRk7Crb4AABSSK-ZW0Q&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3%26userid%3DSMART_USER_ID HTTP 302
  • https://match.prod.bidr.io/cookie-sync?bee_sync_partners=pm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=3&userid=7205702882258895689 HTTP 303
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAEYRk7Crb4AABSSK-ZW0Q
Request Chain 375
  • https://csync.loopme.me/?redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={device_id}&gdpr=0&gdpr_consent= HTTP 307
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0
Request Chain 376
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=2963742874 HTTP 302
  • https://sync.1rx.io/usersync/tradedesk/117b351e-56e1-4502-abfd-e86c5570ad18 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-51300f6b-ba71-4745-9193-d0880a824dcf-003?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%3D%26piggybackCookie%3DRX-51300f6b-ba71-4745-9193-d0880a824dcf-003 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-51300f6b-ba71-4745-9193-d0880a824dcf-003 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Request Chain 378
  • https://green.erne.co/pubmatic/cm HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=2aZSAGWS8llKICBlqJhRXktD
Request Chain 380
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID} HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Request Chain 382
  • https://trc.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=uid:$UID HTTP 302
  • https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=52b20f26-cd0d-44e7-b36a-021a783e34d5-tuct8506459&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Request Chain 383
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=-B69TgzwRfWS2hjbqtDkSg%3D%3D HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Request Chain 384
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=57de6156-ded5-4200-bf94-c7d95625e804
Request Chain 385
  • https://pixel.onaudience.com/?partner=214&mapped=F81EBD4E-0CF0-45F5-92DA-18DBAAD0E44A HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1 HTTP 302
  • https://pixel.onaudience.com/?partner=147&mapped=117b351e-56e1-4502-abfd-e86c5570ad18&icm HTTP 302
  • https://pixel.onaudience.com/?partner=236&icm&cver&smartmap=1&redirect=ps.eyeota.net%2Fpixel%3Fgdpr%3D%26gdpr_consent%3D%26pid%3D3b2cb90%26t%3Dgif%26uid%3D%25m HTTP 302
  • https://ps.eyeota.net/pixel?gdpr=&gdpr_consent=&pid=3b2cb90&t=gif&uid=423a44d6f6bc6983 HTTP 302
  • https://ps.eyeota.net/pixel/bounce/?gdpr=&gdpr_consent=&pid=3b2cb90&t=gif&uid=423a44d6f6bc6983 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=eye&google_cm&google_sc&google_hm=MnFFdDZjRDJHU0Y2bVRFMGVDczd4c1pzVnBJcE5jVlJWLVNhSTZ0NWhBV2c&gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&dc_rc=1&dc_mr=5&dc_orig=3b2cb90&&referrer_pid=3b2cb90 HTTP 302
  • https://ps.eyeota.net/match?gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&dc_rc=1&dc_mr=5&dc_orig=3b2cb90&referrer_pid=3b2cb90&google_gid=CAESEDijbM-CkD7U6RaPfBFObgw&google_cver=1 HTTP 302
  • https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMjg0NTA1NDYvdC8w/url/https://ps.eyeota.net/match?bid=1mpjpn0&turn_id=$!{TURN_UUID}&newuser=1&dc_rc=2&dc_mr=5&dc_orig=3b2cb90&&referrer_pid=3b2cb90 HTTP 302
  • https://ps.eyeota.net/match?bid=1mpjpn0&turn_id=8354336131457789763&newuser=1&dc_rc=2&dc_mr=5&dc_orig=3b2cb90&&referrer_pid=3b2cb90 HTTP 302
  • https://sync.mathtag.com/sync/img?mt_exid=10015&redir=https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fbid%3D7vi0rg0%26uid%3D%5BMM_UUID%5D%26dc_rc%3D3%26dc_mr%3D5%26dc_orig%3D3b2cb90%26%26referrer_pid%3D3b2cb90 HTTP 302
  • https://ps.eyeota.net/match?bid=7vi0rg0&uid=57de6156-ded5-4200-bf94-c7d95625e804&dc_rc=3&dc_mr=5&dc_orig=3b2cb90&&referrer_pid=3b2cb90 HTTP 302
  • https://sync-tm.everesttech.net/upi/pid/lons7jax?redir=https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fuid%3D%24%7BTM_USER_ID%7D%26bid%3D0rijhbu%26dc_rc%3D4%26dc_mr%3D5%26dc_orig%3D3b2cb90%26%26referrer_pid%3D3b2cb90 HTTP 302
  • https://ps.eyeota.net/match?uid=YVbe2QAFvmUTsAA6&bid=0rijhbu&dc_rc=4&dc_mr=5&dc_orig=3b2cb90&&referrer_pid=3b2cb90 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=eyeota&ttd_tpi=1 HTTP 302
  • https://ps.eyeota.net/match?uid=117b351e-56e1-4502-abfd-e86c5570ad18&bid=1e2n4ou
Request Chain 386
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=RjgxRUJENEUtMENGMC00NUY1LTkyREEtMThEQkFBRDBFNDRB&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 387
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEKyG5vFjqM23fQR1kCnWnYo&google_cver=1
Request Chain 389
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=6820726720678911436 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?p=160318&pmc=1&pr=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D53%26uid%3DF81EBD4E-0CF0-45F5-92DA-18DBAAD0E44A HTTP 302
  • https://usr.undertone.com/userPixel/sync?partnerId=53&uid=F81EBD4E-0CF0-45F5-92DA-18DBAAD0E44A
Request Chain 390
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:57de6156-ded5-4200-bf94-c7d95625e804&gdpr=0&gdpr_consent=
Request Chain 391
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=117b351e-56e1-4502-abfd-e86c5570ad18
Request Chain 392
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=8024006013844445723&gdpr=0&gdpr_consent=
Request Chain 393
  • https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=oQObpvNXyqm6Bpep8gOD8adRzaO6Bsr29QE0PtTL
Request Chain 394
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=F81EBD4E-0CF0-45F5-92DA-18DBAAD0E44A&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=F81EBD4E-0CF0-45F5-92DA-18DBAAD0E44A&redir=true&gdpr=0&gdpr_consent=&verify=true HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-VL603m9E2uUKczhIPqSxKR_GgXNOQAs-~A&gdpr=0&gdpr_consent=
Request Chain 396
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=43092&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dpubmatic%26expires%3D30%26user_group%3D%24%7BUSER_GROUP%7D HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=43092&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dpubmatic%26expires%3D30%26user_group%3D%24%7BUSER_GROUP%7D&crf=1 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=429&user_id=a01691ff-2e63-5112-b5ce-26ddd498f804&ssp=pubmatic&expires=30&user_group=1 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=800f4375-b8b2-4cf7-9f2c-0b1fb371fc3f&gdpr=&gdpr_consent=&gdpr_pd=
Request Chain 398
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D&_test=YVbe2QAFvmUTsAA6 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YVbe2QAFvmUTsAA6&gdpr=0&gdpr_consent=&_test=YVbe2QAFvmUTsAA6 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Request Chain 399
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=8354336131457789763&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Request Chain 400
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=3&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=69bce38d-da38-4741-b143-da81c49889cb-6156ded9-5553&gdpr=0&gdpr_consent=
Request Chain 401
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:41fb2e56-f756-4211-9be0-2f930194e3ab&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Request Chain 402
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=8024006013844445723
Request Chain 404
  • https://ssum-sec.casalemedia.com/usermatch?d=https://www.sfweekly.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F HTTP 302
  • https://ssum-sec.casalemedia.com/usermatch?d=https://www.sfweekly.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Request Chain 405
  • https://ssum-sec.casalemedia.com/usermatch?d=https://www.sfweekly.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F HTTP 302
  • https://ssum-sec.casalemedia.com/usermatch?d=https://www.sfweekly.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Request Chain 406
  • https://ssum-sec.casalemedia.com/usermatch?d=https://www.sfweekly.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F HTTP 302
  • https://ssum-sec.casalemedia.com/usermatch?d=https://www.sfweekly.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Request Chain 407
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=12776 HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=12776
Request Chain 408
  • https://ib.adnxs.com/getuidnb?https://usr.undertone.com/userPixel/sync?partner=appnexus&uid=$UID HTTP 302
  • https://usr.undertone.com/userPixel/sync?partner=appnexus&uid=8024006013844445723
Request Chain 409
  • https://us-u.openx.net/w/1.0/cm?id=fba3d144-1026-4d31-a758-943b9545e305&r=https://usr.undertone.com/userPixel/sync?partnerId=39&uid= HTTP 302
  • https://usr.undertone.com/userPixel/sync?partnerId=39&uid=14b6a8aa-df22-4cc6-afd1-3e8c77dccf39
Request Chain 410
  • https://pixel.advertising.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true HTTP 302
  • https://pixel.advertising.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true&verify=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true&apid=UPf688fd68-229f-11ec-b37f-02c99423f47e HTTP 302
  • https://usr.undertone.com/userPixel/sync?partner=verizon&uid=y-SQnW8CdE2uHWJRtJ3wOz5RmHkpEMUkyf~A~UPf688fd68-229f-11ec-b37f-02c99423f47e
Request Chain 411
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sirnsvg&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://usr.undertone.com/userPixel/sync?partner=ttd&uid=117b351e-56e1-4502-abfd-e86c5570ad18&ttl=1635675097
Request Chain 413
  • https://cs.admanmedia.com/sync/undertone?url=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3Fpartner%3Dacuityads%26uid%3D%24UID HTTP 302
  • https://usr.undertone.com/userPixel/sync?partner=acuityads&uid=477c44c11e2a94142f746bc70bf1dca8648b4fd2
Request Chain 414
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160318&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160318%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fusr.undertone.com%252FuserPixel%252Fsync%253FpartnerId%253D53%2526uid%253D%2523PMUID HTTP 302
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=f6c9d721-229f-11ec-aa16-4dbb093d86b7&gdpr=0&gdpr_consent=
Request Chain 417
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YVbe2UU77.TBD8FqKu7ekQAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESECXtlUg37X6Z_qTcH2CAMBE&google_cver=1&gdpr=1&google_hm=2
Request Chain 418
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YVbe2UU77-TBD8FqKu7ejgAABGEAAAIB HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YVbe2UU77-TBD8FqKu7ejgAABGEAAAIB&dcc=t
Request Chain 420
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YVbe2UU77-TBD8FqKu7ejgAABGEAAAIB&gdpr_consent=&us_privacy=&gdpr=1 HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESELtY3YjEt04OSN6JMbF5TNQ&google_cver=1
Request Chain 422
  • https://px.owneriq.net/eucm/p/cc?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D31%26external_user_id%3D(OIQ_UUID) HTTP 302
  • https://px.owneriq.net/ecc?redir=https%3a%2f%2fdsum-sec.casalemedia.com%2fcrum%3fcm_dsp_id%3d31%26external_user_id%3dQ6863694971096429505&uid=Q6863694971096429505&ref=%2Feucm%2Fp%2Fcc HTTP 302
  • https://px.owneriq.net/noop?ct=image%2Fgif
Request Chain 423
  • https://d.adroll.com/cm/index/ssp?gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0
Request Chain 424
  • https://ums.acuityplatform.com/tum?umid=8 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=10&external_user_id=611361532471
Request Chain 427
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YVbe2VEe-14l7tFzDBqOsQAABIAAAAIB HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YVbe2VEe-14l7tFzDBqOsQAABIAAAAIB&dcc=t
Request Chain 428
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YVbe2VEe-14l7tFzDBqOsQAABIAAAAIB&gdpr_consent=&us_privacy=&gdpr=1 HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESELtY3YjEt04OSN6JMbF5TNQ&google_cver=1
Request Chain 429
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YVbe2UU77.TBD8FqKu7ekQAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESECXtlUg37X6Z_qTcH2CAMBE&google_cver=1&gdpr=1&google_hm=2
Request Chain 432
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=48&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=64&external_user_id=no-consent&expiration=1635675097
Request Chain 433
  • https://pixel.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=1&external_user_id=O3wUB2koRQggeRgIaHwMUD0uQgIgeUVXb353ovAZ
Request Chain 435
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YVbe2VEe-14l7tFzDBqOsgAABLkAAAIB&gdpr_consent=&us_privacy=&gdpr=1 HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESELtY3YjEt04OSN6JMbF5TNQ&google_cver=1
Request Chain 436
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YVbe2VEe-14l7tFzDBqOsgAABLkAAAIB HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YVbe2VEe-14l7tFzDBqOsgAABLkAAAIB&dcc=t
Request Chain 438
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YVbe2UU77.TBD8FqKu7ekQAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESECXtlUg37X6Z_qTcH2CAMBE&google_cver=1&gdpr=1&google_hm=2
Request Chain 441
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=48&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=64&external_user_id=no-consent&expiration=1635675097
Request Chain 444
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YVbe2UU77-TBD8FqKu7ekQAABIUAAAAB HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YVbe2UU77-TBD8FqKu7ekQAABIUAAAAB&dcc=t
Request Chain 446
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YVbe2UU77-TBD8FqKu7ekQAABIUAAAAB&gdpr_consent=&us_privacy=&gdpr=1 HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESELtY3YjEt04OSN6JMbF5TNQ&google_cver=1
Request Chain 447
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YVbe2UU77.TBD8FqKu7ekQAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESECXtlUg37X6Z_qTcH2CAMBE&google_cver=1&gdpr=1&google_hm=2
Request Chain 449
  • https://sync.extend.tv/r.gif?exchange=index HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=0349c543-d4f2-4d48-a18d-fe35b3213d8e
Request Chain 462
  • https://match.bnmla.com/usersync?sspid=10738&redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3NzUmdGw9MTI5NjAw%26piggybackCookie%3D%5BUUID%5D HTTP 302
  • https://um.simpli.fi/match_redirect?sifi_redir=https%3A%2F%2Fmatch.bnmla.com%2Fusersync%3Fdspid%3D6%26uuid%3D%24UID HTTP 302
  • https://match.bnmla.com/usersync?dspid=6&uuid=E45975EBD15D458C8D63926C4697E0BE HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NzUmdGw9MTI5NjAw&piggybackCookie=6fe1ad76-b777-42db-b78d-6e7413220bdb
Request Chain 463
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:EKJVDsTh1Mwfw05&gdpr=0&gdpr_consent=
Request Chain 464
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:E45975EBD15D458C8D63926C4697E0BE
Request Chain 465
  • https://sync.srv.stackadapt.com/sync?nid=11 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=sVmbgO7ZRUJkVaSIRmofRNiDby0
Request Chain 466
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=F81EBD4E-0CF0-45F5-92DA-18DBAAD0E44A&gdpr= HTTP 302
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=F81EBD4E-0CF0-45F5-92DA-18DBAAD0E44A&gdpr=&fbounce=1 HTTP 302
  • https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=F81EBD4E-0CF0-45F5-92DA-18DBAAD0E44A&addseg=19,36,42
Request Chain 467
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=F81EBD4E-0CF0-45F5-92DA-18DBAAD0E44A&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=F81EBD4E-0CF0-45F5-92DA-18DBAAD0E44A&sInitiator=external&gdpr=0&gdpr_consent=
Request Chain 469
  • https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=F81EBD4E-0CF0-45F5-92DA-18DBAAD0E44A HTTP 302
  • https://a.audrte.com/p
Request Chain 470
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=F81EBD4E-0CF0-45F5-92DA-18DBAAD0E44A&gdpr= HTTP 302
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=F81EBD4E-0CF0-45F5-92DA-18DBAAD0E44A&gdpr=&fbounce=1 HTTP 302
  • https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=F81EBD4E-0CF0-45F5-92DA-18DBAAD0E44A&addseg=19,36,42
Request Chain 471
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=F81EBD4E-0CF0-45F5-92DA-18DBAAD0E44A&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=F81EBD4E-0CF0-45F5-92DA-18DBAAD0E44A&sInitiator=external&gdpr=0&gdpr_consent=
Request Chain 473
  • https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=F81EBD4E-0CF0-45F5-92DA-18DBAAD0E44A HTTP 302
  • https://a.audrte.com/p
Request Chain 474
  • https://match.bnmla.com/usersync?sspid=10738&redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3NzUmdGw9MTI5NjAw%26piggybackCookie%3D%5BUUID%5D HTTP 302
  • https://um.simpli.fi/match_redirect?sifi_redir=https%3A%2F%2Fmatch.bnmla.com%2Fusersync%3Fdspid%3D6%26uuid%3D%24UID HTTP 302
  • https://match.bnmla.com/usersync?dspid=6&uuid=E45975EBD15D458C8D63926C4697E0BE HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NzUmdGw9MTI5NjAw&piggybackCookie=6fe1ad76-b777-42db-b78d-6e7413220bdb
Request Chain 475
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:EKJVDsTh1Mwfw05&gdpr=0&gdpr_consent=
Request Chain 476
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:E45975EBD15D458C8D63926C4697E0BE
Request Chain 477
  • https://sync.srv.stackadapt.com/sync?nid=11 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=MpcL_Mt5Rh5PdqAJ6a4QltiDby0
Request Chain 478
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=F81EBD4E-0CF0-45F5-92DA-18DBAAD0E44A&gdpr= HTTP 302
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=F81EBD4E-0CF0-45F5-92DA-18DBAAD0E44A&gdpr=&fbounce=1 HTTP 302
  • https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=F81EBD4E-0CF0-45F5-92DA-18DBAAD0E44A&addseg=19,36,42
Request Chain 479
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=F81EBD4E-0CF0-45F5-92DA-18DBAAD0E44A&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=F81EBD4E-0CF0-45F5-92DA-18DBAAD0E44A&sInitiator=external&gdpr=0&gdpr_consent=
Request Chain 481
  • https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=F81EBD4E-0CF0-45F5-92DA-18DBAAD0E44A HTTP 302
  • https://a.audrte.com/p
Request Chain 482
  • https://match.bnmla.com/usersync?sspid=10738&redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3NzUmdGw9MTI5NjAw%26piggybackCookie%3D%5BUUID%5D HTTP 302
  • https://um.simpli.fi/match_redirect?sifi_redir=https%3A%2F%2Fmatch.bnmla.com%2Fusersync%3Fdspid%3D6%26uuid%3D%24UID HTTP 302
  • https://match.bnmla.com/usersync?dspid=6&uuid=E45975EBD15D458C8D63926C4697E0BE HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NzUmdGw9MTI5NjAw&piggybackCookie=6fe1ad76-b777-42db-b78d-6e7413220bdb
Request Chain 483
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:EKJVDsTh1Mwfw05&gdpr=0&gdpr_consent=
Request Chain 484
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:E45975EBD15D458C8D63926C4697E0BE
Request Chain 485
  • https://sync.srv.stackadapt.com/sync?nid=11 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=vEVXBdemTeJCOPMaZ0f6LdiDby0

483 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.sfweekly.com/sponsored/black-friday-cbd-oil-sales/ 		140 KB
35 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.sfweekly.com/sponsored/black-friday-cbd-oil-sales/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.71.19.215 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
215.19.71.34.bc.googleusercontent.com
Software
nginx / WP Engine
Resource Hash
dd1cf588102222676bda1808bd1e8d87f86dca705addbc63f3d29ee160b62262
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

:method
GET
:authority
www.sfweekly.com
:scheme
https
:path
/sponsored/black-friday-cbd-oil-sales/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx
date
Fri, 01 Oct 2021 10:11:31 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding Accept-Encoding Accept-Encoding,Cookie
link
<https://www.sfweekly.com/wp-json/>; rel="https://api.w.org/" <https://www.sfweekly.com/?p=249539>; rel=shortlink
x-powered-by
WP Engine
content-security-policy
upgrade-insecure-requests
x-cacheable
SHORT
cache-control
max-age=600, must-revalidate
x-cache
HIT: 7
x-cache-group
normal
content-encoding
br
style.min.css
1ryzas42x65e2oosia40bgli-wpengine.netdna-ssl.com/wp-includes/css/dist/block-library/ 		40 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://1ryzas42x65e2oosia40bgli-wpengine.netdna-ssl.com/wp-includes/css/dist/block-library/style.min.css?ver=5.3.8
Requested by
Host: www.sfweekly.com
URL: https://www.sfweekly.com/sponsored/black-friday-cbd-oil-sales/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.31.29.99 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS
94.31.29.99.IPYX-077437-ZYO.above.net
Software
NetDNA-cache/2.2 /
Resource Hash
dfd6d929422d1f69a727fb6b525f610562eab183a333576516bec0b0503cb049

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.sfweekly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 10:11:31 GMT
content-encoding
gzip
last-modified
Wed, 10 Jun 2020 15:48:08 GMT
server
NetDNA-cache/2.2
etag
W/"5ee100b8-a055"
vary
Accept-Encoding, Accept-Encoding
x-cache
HIT
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
ai-aos.css
1ryzas42x65e2oosia40bgli-wpengine.netdna-ssl.com/wp-content/plugins/ad-inserter-pro/includes/aos/ 		33 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://1ryzas42x65e2oosia40bgli-wpengine.netdna-ssl.com/wp-content/plugins/ad-inserter-pro/includes/aos/ai-aos.css?ver=2.6.2
Requested by
Host: www.sfweekly.com
URL: https://www.sfweekly.com/sponsored/black-friday-cbd-oil-sales/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.31.29.99 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS
94.31.29.99.IPYX-077437-ZYO.above.net
Software
NetDNA-cache/2.2 /
Resource Hash
522cc4ddf3c2daf42d71bd1ce57b9bd0c118068c0b4e363ebcb438f48dab7c0a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.sfweekly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 10:11:31 GMT
content-encoding
gzip
last-modified
Mon, 29 Mar 2021 10:26:12 GMT
server
NetDNA-cache/2.2
etag
W/"6061ab44-85c7"
vary
Accept-Encoding, Accept-Encoding
x-cache
HIT
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
mmenu.css
1ryzas42x65e2oosia40bgli-wpengine.netdna-ssl.com/wp-content/plugins/mmenu/css/ 		55 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://1ryzas42x65e2oosia40bgli-wpengine.netdna-ssl.com/wp-content/plugins/mmenu/css/mmenu.css?ver=3
Requested by
Host: www.sfweekly.com
URL: https://www.sfweekly.com/sponsored/black-friday-cbd-oil-sales/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.31.29.99 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS
94.31.29.99.IPYX-077437-ZYO.above.net
Software
NetDNA-cache/2.2 /
Resource Hash
38a1e8685db844db2f4fdf44030186e2054286aad8a8e7d00a7d35b1a4d62bf3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.sfweekly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 10:11:31 GMT
content-encoding
gzip
last-modified
Mon, 29 Mar 2021 10:26:12 GMT
server
NetDNA-cache/2.2
etag
W/"6061ab44-dce0"
vary
Accept-Encoding, Accept-Encoding
x-cache
HIT
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
frontend.css
1ryzas42x65e2oosia40bgli-wpengine.netdna-ssl.com/wp-content/plugins/pc-google-analytics/assets/css/ 		0
222 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://1ryzas42x65e2oosia40bgli-wpengine.netdna-ssl.com/wp-content/plugins/pc-google-analytics/assets/css/frontend.css?ver=1.0.0
Requested by
Host: www.sfweekly.com
URL: https://www.sfweekly.com/sponsored/black-friday-cbd-oil-sales/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.31.29.99 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS
94.31.29.99.IPYX-077437-ZYO.above.net
Software
NetDNA-cache/2.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.sfweekly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 10:11:31 GMT
last-modified
Mon, 29 Mar 2021 10:26:12 GMT
server
NetDNA-cache/2.2
etag
"6061ab44-0"
vary
Accept-Encoding
x-cache
HIT
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
0
css
fonts.googleapis.com/ 		38 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans%3A300%2C300i%2C400%2C400i%2C600%2C600i%2C700%2C700i%2C800%2C800i%7CMerriweather%3A400%2C400i%2C700%2C700i%2C900%2C900i&display=swap&ver=5.3.8
Requested by
Host: www.sfweekly.com
URL: https://www.sfweekly.com/sponsored/black-friday-cbd-oil-sales/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.202 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f10.1e100.net
Software
ESF /
Resource Hash
6a82dd2bffbc511573ebc14890e18f21ca1f2f810ff7b4784171ef48a32f35b4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.sfweekly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 01 Oct 2021 10:11:31 GMT
server
ESF
date
Fri, 01 Oct 2021 10:11:31 GMT
x-frame-options
SAMEORIGIN
report-to
{"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only
same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"
expires
Fri, 01 Oct 2021 10:11:31 GMT
theme.min.css
1ryzas42x65e2oosia40bgli-wpengine.netdna-ssl.com/wp-content/themes/SF-Weekly-2020/css/ 		381 KB
63 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://1ryzas42x65e2oosia40bgli-wpengine.netdna-ssl.com/wp-content/themes/SF-Weekly-2020/css/theme.min.css?ver=1.1.1617013572
Requested by
Host: www.sfweekly.com
URL: https://www.sfweekly.com/sponsored/black-friday-cbd-oil-sales/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.31.29.99 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS
94.31.29.99.IPYX-077437-ZYO.above.net
Software
NetDNA-cache/2.2 /
Resource Hash
dbf45a4ab6a93d6ed8919dbbb2a99ea1bb7b56dbcae714530f5f6f627a59f977

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.sfweekly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 10:11:31 GMT
content-encoding
gzip
last-modified
Mon, 29 Mar 2021 10:26:12 GMT
server
NetDNA-cache/2.2
etag
W/"6061ab44-5f57b"
vary
Accept-Encoding, Accept-Encoding
x-cache
HIT
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
highlight-and-share-emails.css
1ryzas42x65e2oosia40bgli-wpengine.netdna-ssl.com/wp-content/plugins/highlight-and-share/css/ 		2 KB
938 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://1ryzas42x65e2oosia40bgli-wpengine.netdna-ssl.com/wp-content/plugins/highlight-and-share/css/highlight-and-share-emails.css?ver=3.1.5
Requested by
Host: www.sfweekly.com
URL: https://www.sfweekly.com/sponsored/black-friday-cbd-oil-sales/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.31.29.99 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS
94.31.29.99.IPYX-077437-ZYO.above.net
Software
NetDNA-cache/2.2 /
Resource Hash
cc46822c1efd215f4382b351af79ca830874c08b9177a5131b6cc6a971a3832c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.sfweekly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 10:11:31 GMT
content-encoding
gzip
last-modified
Mon, 29 Mar 2021 10:26:12 GMT
server
NetDNA-cache/2.2
etag
W/"6061ab44-8a7"
vary
Accept-Encoding, Accept-Encoding
x-cache
HIT
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
highlight-and-share-black.css
1ryzas42x65e2oosia40bgli-wpengine.netdna-ssl.com/wp-content/plugins/highlight-and-share/css/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://1ryzas42x65e2oosia40bgli-wpengine.netdna-ssl.com/wp-content/plugins/highlight-and-share/css/highlight-and-share-black.css?ver=3.1.5
Requested by
Host: www.sfweekly.com
URL: https://www.sfweekly.com/sponsored/black-friday-cbd-oil-sales/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.31.29.99 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS
94.31.29.99.IPYX-077437-ZYO.above.net
Software
NetDNA-cache/2.2 /
Resource Hash
156187e022caad5e50fc56c6fd80ab78c62897281a9db23a4edc3ebc0a92824a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.sfweekly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 10:11:31 GMT
content-encoding
gzip
last-modified
Mon, 29 Mar 2021 10:26:12 GMT
server
NetDNA-cache/2.2
etag
W/"6061ab44-e60"
vary
Accept-Encoding, Accept-Encoding
x-cache
HIT
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
jquery.js
1ryzas42x65e2oosia40bgli-wpengine.netdna-ssl.com/wp-includes/js/jquery/ 		95 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://1ryzas42x65e2oosia40bgli-wpengine.netdna-ssl.com/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
Requested by
Host: www.sfweekly.com
URL: https://www.sfweekly.com/sponsored/black-friday-cbd-oil-sales/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.31.29.99 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS
94.31.29.99.IPYX-077437-ZYO.above.net
Software
NetDNA-cache/2.2 /
Resource Hash
1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.sfweekly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 10:11:31 GMT
content-encoding
gzip
last-modified
Fri, 17 May 2019 04:25:54 GMT
server
NetDNA-cache/2.2
etag
W/"5cde37d2-17a69"
vary
Accept-Encoding, Accept-Encoding
x-cache
HIT
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
jquery-migrate.min.js
1ryzas42x65e2oosia40bgli-wpengine.netdna-ssl.com/wp-includes/js/jquery/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://1ryzas42x65e2oosia40bgli-wpengine.netdna-ssl.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.4.1
Requested by
Host: www.sfweekly.com
URL: https://www.sfweekly.com/sponsored/black-friday-cbd-oil-sales/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.31.29.99 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS
94.31.29.99.IPYX-077437-ZYO.above.net
Software
NetDNA-cache/2.2 /
Resource Hash
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.sfweekly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 10:11:31 GMT
content-encoding
gzip
last-modified
Fri, 20 May 2016 06:11:28 GMT
server
NetDNA-cache/2.2
etag
W/"573eaa90-2748"
vary
Accept-Encoding, Accept-Encoding
x-cache
HIT
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
ai-jquery.js
1ryzas42x65e2oosia40bgli-wpengine.netdna-ssl.com/wp-content/plugins/ad-inserter-pro/includes/js/ 		18 B
252 B 		Script
General
Check archive.org
Download Go to
Full URL
https://1ryzas42x65e2oosia40bgli-wpengine.netdna-ssl.com/wp-content/plugins/ad-inserter-pro/includes/js/ai-jquery.js?ver=5.3.8+2.6.2
Requested by
Host: www.sfweekly.com
URL: https://www.sfweekly.com/sponsored/black-friday-cbd-oil-sales/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.31.29.99 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS
94.31.29.99.IPYX-077437-ZYO.above.net
Software
NetDNA-cache/2.2 /
Resource Hash
5257f9ca13e924a41ca83bdec64768c6b1eaaa16fbb0e9a0fe22873f0c6efa7c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.sfweekly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 10:11:31 GMT
last-modified
Mon, 29 Mar 2021 10:26:13 GMT
server
NetDNA-cache/2.2
etag
"6061ab45-12"
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
18
mmenu.js
1ryzas42x65e2oosia40bgli-wpengine.netdna-ssl.com/wp-content/plugins/mmenu/js/ 		75 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://1ryzas42x65e2oosia40bgli-wpengine.netdna-ssl.com/wp-content/plugins/mmenu/js/mmenu.js?ver=3
Requested by
Host: www.sfweekly.com
URL: https://www.sfweekly.com/sponsored/black-friday-cbd-oil-sales/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.31.29.99 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS
94.31.29.99.IPYX-077437-ZYO.above.net
Software
NetDNA-cache/2.2 /
Resource Hash
bc91edebf695ab675bb36ce72cd9437ab7edcb66091224cf03066d98b575fb9d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.sfweekly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 10:11:31 GMT
content-encoding
gzip
last-modified
Mon, 29 Mar 2021 10:26:12 GMT
server
NetDNA-cache/2.2
etag
W/"6061ab44-12bd2"
vary
Accept-Encoding, Accept-Encoding
x-cache
HIT
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
frontend.min.js
1ryzas42x65e2oosia40bgli-wpengine.netdna-ssl.com/wp-content/plugins/pc-google-analytics/assets/js/ 		37 B
271 B 		Script
General
Check archive.org
Download Go to
Full URL
https://1ryzas42x65e2oosia40bgli-wpengine.netdna-ssl.com/wp-content/plugins/pc-google-analytics/assets/js/frontend.min.js?ver=1.0.0
Requested by
Host: www.sfweekly.com
URL: https://www.sfweekly.com/sponsored/black-friday-cbd-oil-sales/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.31.29.99 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS
94.31.29.99.IPYX-077437-ZYO.above.net
Software
NetDNA-cache/2.2 /
Resource Hash
9120fc5e7b83f3083c39b6ee71d2cd0322451890f95440289b32dca28294e68f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.sfweekly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 10:11:31 GMT
last-modified
Mon, 29 Mar 2021 10:26:12 GMT
server
NetDNA-cache/2.2
etag
"6061ab44-25"
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
37
script.js
powerad.ai/ 		170 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://powerad.ai/script.js
Requested by
Host: www.sfweekly.com
URL: https://www.sfweekly.com/sponsored/black-friday-cbd-oil-sales/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
18.211.226.152 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-211-226-152.compute-1.amazonaws.com
Software
nginx/1.10.3 (Ubuntu) / Express
Resource Hash
63721156438c4a8fad96c6cb93099d8a59e94706abc4bf0c391b393cff33aa9e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.sfweekly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 01 Oct 2021 10:11:32 GMT
Content-Encoding
gzip
Last-Modified
Thu, 02 Sep 2021 15:19:09 GMT
Server
nginx/1.10.3 (Ubuntu)
Transfer-Encoding
chunked
X-Powered-By
Express
ETag
W/"2a930-17ba717a506"
Vary
Accept-Encoding
Content-Type
application/javascript; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=3600
Access-Control-Allow-Credentials
true
Connection
close
Access-Control-Allow-Headers
*
sp.js
includemodal.global.ssl.fastly.net/ 		48 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://includemodal.global.ssl.fastly.net/sp.js
Requested by
Host: www.sfweekly.com
URL: https://www.sfweekly.com/sponsored/black-friday-cbd-oil-sales/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.194 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
991159e96e1c30f49fcbf524432ea76895879adf95c54b23c409248e3108d348

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.sfweekly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
UBPek.qnuPj7Tp1u_GRk9LjS069Hvfew
Content-Encoding
gzip
ETag
"3ca4eeaa545b9c2682f32d3c03459012"
Age
1707
X-Cache
HIT
Connection
keep-alive
Content-Length
13812
x-amz-id-2
j0/uMRgNqlFh7s8wNK/lealXkx+HAT3DEb7xvr4YGsbvciXhUPlPQUhVgRrDnxc667t4fLtJECY=
X-Served-By
cache-hhn4079-HHN
Last-Modified
Tue, 21 Sep 2021 19:02:25 GMT
Server
AmazonS3
X-Timer
S1633083092.787295,VS0,VE0
Date
Fri, 01 Oct 2021 10:11:31 GMT
Vary
Accept-Encoding
x-amz-request-id
N6AMK1B9YRJXZSTQ
Via
1.1 varnish
Accept-Ranges
bytes
Content-Type
application/javascript
X-Cache-Hits
51
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		73 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: www.sfweekly.com
URL: https://www.sfweekly.com/sponsored/black-friday-cbd-oil-sales/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
sffe /
Resource Hash
e313c7c5a771195fe5fc6ded33c8b4072667f2cf615509e6ed370e3bfd292c69
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.sfweekly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 10:11:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1002 / 791 of 1000 / last-modified: 1633039585"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
25726
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 01 Oct 2021 10:11:31 GMT
image1-30-1-838x520.png
1ryzas42x65e2oosia40bgli-wpengine.netdna-ssl.com/wp-content/uploads/2020/11/ 		151 KB
151 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1ryzas42x65e2oosia40bgli-wpengine.netdna-ssl.com/wp-content/uploads/2020/11/image1-30-1-838x520.png
Requested by
Host: www.sfweekly.com
URL: https://www.sfweekly.com/sponsored/black-friday-cbd-oil-sales/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.31.29.99 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS
94.31.29.99.IPYX-077437-ZYO.above.net
Software
NetDNA-cache/2.2 /
Resource Hash
f4aefc7dc69aecc61a9fc6d49a072167e2a3a9053b3c1fbbf54096b4d6d84152

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.sfweekly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 10:11:32 GMT
last-modified
Mon, 29 Mar 2021 10:25:35 GMT
server
NetDNA-cache/2.2
etag
"6061ab1f-25bd4"
vary
Accept-Encoding
x-cache
MISS
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2592000, public, max-age=31536000
accept-ranges
bytes
content-length
154580
expires
Sun, 31 Oct 2021 10:11:32 GMT
image6-32-1024x1024.png
1ryzas42x65e2oosia40bgli-wpengine.netdna-ssl.com/wp-content/uploads/2020/11/ 		1 MB
1 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1ryzas42x65e2oosia40bgli-wpengine.netdna-ssl.com/wp-content/uploads/2020/11/image6-32-1024x1024.png
Requested by
Host: www.sfweekly.com
URL: https://www.sfweekly.com/sponsored/black-friday-cbd-oil-sales/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.31.29.99 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS
94.31.29.99.IPYX-077437-ZYO.above.net
Software
NetDNA-cache/2.2 /
Resource Hash
aa8270bb838e8eef5874a2e323b83128c51271b226c8ffd33cd751156ccc68bd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.sfweekly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 10:11:32 GMT
last-modified
Mon, 29 Mar 2021 10:25:35 GMT
server
NetDNA-cache/2.2
etag
"6061ab1f-139e04"
vary
Accept-Encoding
x-cache
MISS
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2592000, public, max-age=31536000
accept-ranges
bytes
content-length
1285636
expires
Sun, 31 Oct 2021 10:11:32 GMT
image2-34-1024x1024.png
1ryzas42x65e2oosia40bgli-wpengine.netdna-ssl.com/wp-content/uploads/2020/11/ 		249 KB
249 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1ryzas42x65e2oosia40bgli-wpengine.netdna-ssl.com/wp-content/uploads/2020/11/image2-34-1024x1024.png
Requested by
Host: www.sfweekly.com
URL: https://www.sfweekly.com/sponsored/black-friday-cbd-oil-sales/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.31.29.99 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS
94.31.29.99.IPYX-077437-ZYO.above.net
Software
NetDNA-cache/2.2 /
Resource Hash
8e26290142f79a490931a86a9664db77aaa781fc5479a49af1fdace29d09c20b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.sfweekly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 10:11:32 GMT
last-modified
Mon, 29 Mar 2021 10:25:35 GMT
server
NetDNA-cache/2.2
etag
"6061ab1f-3e2f3"
vary
Accept-Encoding
x-cache
MISS
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2592000, public, max-age=31536000
accept-ranges
bytes
content-length
254707
expires
Sun, 31 Oct 2021 10:11:32 GMT
image4-36-1-1024x1024.png
1ryzas42x65e2oosia40bgli-wpengine.netdna-ssl.com/wp-content/uploads/2020/11/ 		1 MB
1 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1ryzas42x65e2oosia40bgli-wpengine.netdna-ssl.com/wp-content/uploads/2020/11/image4-36-1-1024x1024.png
Requested by
Host: www.sfweekly.com
URL: https://www.sfweekly.com/sponsored/black-friday-cbd-oil-sales/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.31.29.99 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS
94.31.29.99.IPYX-077437-ZYO.above.net
Software
NetDNA-cache/2.2 /
Resource Hash
48f88630b865b8523979a301bad40a0d1d029845a8e9468c412b06ce127832ab

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.sfweekly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 10:11:32 GMT
last-modified
Mon, 29 Mar 2021 10:25:35 GMT
server
NetDNA-cache/2.2
etag
"6061ab1f-16c190"
vary
Accept-Encoding
x-cache
MISS
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2592000, public, max-age=31536000
accept-ranges
bytes
content-length
1491344
expires
Sun, 31 Oct 2021 10:11:32 GMT
image7-38-1024x1024.png
1ryzas42x65e2oosia40bgli-wpengine.netdna-ssl.com/wp-content/uploads/2020/11/ 		652 KB
653 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1ryzas42x65e2oosia40bgli-wpengine.netdna-ssl.com/wp-content/uploads/2020/11/image7-38-1024x1024.png
Requested by
Host: www.sfweekly.com
URL: https://www.sfweekly.com/sponsored/black-friday-cbd-oil-sales/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.31.29.99 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS
94.31.29.99.IPYX-077437-ZYO.above.net
Software
NetDNA-cache/2.2 /
Resource Hash
fb830de30288331b25a1a204de22d03593831202612e669fcb41f90c982c716b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.sfweekly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 10:11:32 GMT
last-modified
Mon, 29 Mar 2021 10:25:35 GMT
server
NetDNA-cache/2.2
etag
"6061ab1f-a2ebf"
vary
Accept-Encoding
x-cache
MISS
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2592000, public, max-age=31536000
accept-ranges
bytes
content-length
667327
expires
Sun, 31 Oct 2021 10:11:32 GMT
image3-40-1024x1024.png
1ryzas42x65e2oosia40bgli-wpengine.netdna-ssl.com/wp-content/uploads/2020/11/ 		1 MB
1 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1ryzas42x65e2oosia40bgli-wpengine.netdna-ssl.com/wp-content/uploads/2020/11/image3-40-1024x1024.png
Requested by
Host: www.sfweekly.com
URL: https://www.sfweekly.com/sponsored/black-friday-cbd-oil-sales/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.31.29.99 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS
94.31.29.99.IPYX-077437-ZYO.above.net
Software
NetDNA-cache/2.2 /
Resource Hash
b2e64ff74f82bd2b379aabc47c0dce23fe237fa31d568013593aa352712f9395

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.sfweekly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 10:11:32 GMT
last-modified
Mon, 29 Mar 2021 10:25:35 GMT
server
NetDNA-cache/2.2
etag
"6061ab1f-16388a"
vary
Accept-Encoding
x-cache
MISS
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2592000, public, max-age=31536000
accept-ranges
bytes
content-length
1456266
expires
Sun, 31 Oct 2021 10:11:32 GMT
analytics.js
www.google-analytics.com/ 		48 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.sfweekly.com
URL: https://www.sfweekly.com/sponsored/black-friday-cbd-oil-sales/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.46 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.sfweekly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 11 Aug 2021 00:32:57 GMT
server
Golfe2
age
4771
date
Fri, 01 Oct 2021 08:52:00 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19747
expires
Fri, 01 Oct 2021 10:52:00 GMT
91532438-f31b-4086-8018-7cd68ddba2a3.js
d2s8wlbatk24s7.cloudfront.net/service/js/ 		8 B
458 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://d2s8wlbatk24s7.cloudfront.net/service/js/91532438-f31b-4086-8018-7cd68ddba2a3.js
Requested by
Host: includemodal.global.ssl.fastly.net
URL: https://includemodal.global.ssl.fastly.net/sp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.84.106 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-84-106.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0a8306d480a1b8a0e5803a1262635cd285075571c2529c91f40e22b6564ec272

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.sfweekly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
muWssJlaTMhwNx39U6iumwhuke5LXV1E
via
1.1 ccfe5851ecd4194e2d976fb32dec7539.cloudfront.net (CloudFront)
etag
"c11a86e571fe7b35adcfb229bea0b483"
age
65888
x-edge-origin-shield-skipped
0
x-cache
Hit from cloudfront
content-length
8
last-modified
Mon, 30 Aug 2021 16:50:12 GMT
server
AmazonS3
date
Thu, 30 Sep 2021 15:53:24 GMT
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
x-amz-cf-id
mVghVS-q5Q6S2dsvNd18JALPOOQkx8gwRuMZ64scBa10OQ-I1zjGvw==
hotjar-1671606.js
static.hotjar.com/c/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.hotjar.com/c/hotjar-1671606.js?sv=6
Requested by
Host: www.sfweekly.com
URL: https://www.sfweekly.com/sponsored/black-friday-cbd-oil-sales/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.87.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-87-40.fra2.r.cloudfront.net
Software
/
Resource Hash
279f8010673112d690aff9a0f4feb54555bda6ba238b0d76767aa3063eba89bd
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.sfweekly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 10:11:10 GMT
content-encoding
br
x-content-type-options
nosniff
age
21
x-edge-origin-shield-skipped
0
x-cache
Hit from cloudfront
content-length
1911
access-control-allow-origin
*
cache-control
max-age=60
etag
W/ced4910ed4f8c147a5fe0c18f1cb2f35
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
via
1.1 cc0ab20766d57035422a2c4c69fe0620.cloudfront.net (CloudFront)
x-cache-hit
1
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
zd-GoRAOTBpguUfhZy5GqA7Pvt9bwJObkLMH1CfwWh1irmsG_cmPJQ==
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v26/ 		44 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v26/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A300%2C300i%2C400%2C400i%2C600%2C600i%2C700%2C700i%2C800%2C800i%7CMerriweather%3A400%2C400i%2C700%2C700i%2C900%2C900i&display=swap&ver=5.3.8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f3.1e100.net
Software
sffe /
Resource Hash
538dd4ff6e384a44155168326ac40a6c20a93cd212b1fbf88ae7b0c44f9ab0bd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.sfweekly.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 30 Sep 2021 17:04:31 GMT
x-content-type-options
nosniff
age
61620
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44760
x-xss-protection
0
last-modified
Thu, 23 Sep 2021 16:50:17 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Fri, 30 Sep 2022 17:04:31 GMT
fa-regular-400.woff2
1ryzas42x65e2oosia40bgli-wpengine.netdna-ssl.com/wp-content/themes/SF-Weekly-2020/fonts/ 		156 KB
157 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://1ryzas42x65e2oosia40bgli-wpengine.netdna-ssl.com/wp-content/themes/SF-Weekly-2020/fonts/fa-regular-400.woff2
Requested by
Host: 1ryzas42x65e2oosia40bgli-wpengine.netdna-ssl.com
URL: https://1ryzas42x65e2oosia40bgli-wpengine.netdna-ssl.com/wp-content/themes/SF-Weekly-2020/css/theme.min.css?ver=1.1.1617013572
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.31.29.99 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS
94.31.29.99.IPYX-077437-ZYO.above.net
Software
NetDNA-cache/2.2 /
Resource Hash
42d979d54a12b76d10c5f34709c774b14aedcbf25f268f332a7e9163011b658b

Request headers

Referer
https://1ryzas42x65e2oosia40bgli-wpengine.netdna-ssl.com/wp-content/themes/SF-Weekly-2020/css/theme.min.css?ver=1.1.1617013572
Origin
https://www.sfweekly.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 10:11:31 GMT
last-modified
Mon, 29 Mar 2021 10:26:12 GMT
server
NetDNA-cache/2.2
etag
"6061ab44-2708c"
vary
Accept-Encoding
x-cache
HIT
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
159884
fa-brands-400.woff2
1ryzas42x65e2oosia40bgli-wpengine.netdna-ssl.com/wp-content/themes/SF-Weekly-2020/fonts/ 		74 KB
74 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://1ryzas42x65e2oosia40bgli-wpengine.netdna-ssl.com/wp-content/themes/SF-Weekly-2020/fonts/fa-brands-400.woff2
Requested by
Host: 1ryzas42x65e2oosia40bgli-wpengine.netdna-ssl.com
URL: https://1ryzas42x65e2oosia40bgli-wpengine.netdna-ssl.com/wp-content/themes/SF-Weekly-2020/css/theme.min.css?ver=1.1.1617013572
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.31.29.99 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS
94.31.29.99.IPYX-077437-ZYO.above.net
Software
NetDNA-cache/2.2 /
Resource Hash
b55616e4eada60d4e94a044efa03f45c3550056a0e93a55a993b0b85a7e7689b

Request headers

Referer
https://1ryzas42x65e2oosia40bgli-wpengine.netdna-ssl.com/wp-content/themes/SF-Weekly-2020/css/theme.min.css?ver=1.1.1617013572
Origin
https://www.sfweekly.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 10:11:31 GMT
last-modified
Mon, 29 Mar 2021 10:26:12 GMT
server
NetDNA-cache/2.2
etag
"6061ab44-1262c"
vary
Accept-Encoding
x-cache
HIT
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
75308
memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2
fonts.gstatic.com/s/opensans/v26/ 		47 KB
47 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v26/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A300%2C300i%2C400%2C400i%2C600%2C600i%2C700%2C700i%2C800%2C800i%7CMerriweather%3A400%2C400i%2C700%2C700i%2C900%2C900i&display=swap&ver=5.3.8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f3.1e100.net
Software
sffe /
Resource Hash
d8dee5bb67e8a759f73dfbaeadba9220ad478a8187f58a59a50f906b0e51f65b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.sfweekly.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 20:32:05 GMT
x-content-type-options
nosniff
age
135566
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47804
x-xss-protection
0
last-modified
Thu, 23 Sep 2021 16:51:13 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 29 Sep 2022 20:32:05 GMT
fa-solid-900.woff2
1ryzas42x65e2oosia40bgli-wpengine.netdna-ssl.com/wp-content/themes/SF-Weekly-2020/fonts/ 		127 KB
127 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://1ryzas42x65e2oosia40bgli-wpengine.netdna-ssl.com/wp-content/themes/SF-Weekly-2020/fonts/fa-solid-900.woff2
Requested by
Host: 1ryzas42x65e2oosia40bgli-wpengine.netdna-ssl.com
URL: https://1ryzas42x65e2oosia40bgli-wpengine.netdna-ssl.com/wp-content/themes/SF-Weekly-2020/css/theme.min.css?ver=1.1.1617013572
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.31.29.99 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS
94.31.29.99.IPYX-077437-ZYO.above.net
Software
NetDNA-cache/2.2 /
Resource Hash
0c103ae844c36c58f5947f4ffac0ef3edf1d447d0650fe33437071d3e13645ca

Request headers

Referer
https://1ryzas42x65e2oosia40bgli-wpengine.netdna-ssl.com/wp-content/themes/SF-Weekly-2020/css/theme.min.css?ver=1.1.1617013572
Origin
https://www.sfweekly.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 10:11:31 GMT
last-modified
Mon, 29 Mar 2021 10:26:12 GMT
server
NetDNA-cache/2.2
etag
"6061ab44-1fb28"
vary
Accept-Encoding
x-cache
HIT
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
129832
u-440qyriQwlOrhSvowK_l5-fCZM.woff2
fonts.gstatic.com/s/merriweather/v25/ 		20 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/merriweather/v25/u-440qyriQwlOrhSvowK_l5-fCZM.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A300%2C300i%2C400%2C400i%2C600%2C600i%2C700%2C700i%2C800%2C800i%7CMerriweather%3A400%2C400i%2C700%2C700i%2C900%2C900i&display=swap&ver=5.3.8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f3.1e100.net
Software
sffe /
Resource Hash
c435a36c4117826fc7b7b8023aaf45d65e59bcb814c8f1b1e28bea7c49318c13
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.sfweekly.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 04:35:40 GMT
x-content-type-options
nosniff
age
365751
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20016
x-xss-protection
0
last-modified
Tue, 10 Aug 2021 00:21:51 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 27 Sep 2022 04:35:40 GMT
u-4n0qyriQwlOrhSvowK_l52xwNZWMf6.woff2
fonts.gstatic.com/s/merriweather/v25/ 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/merriweather/v25/u-4n0qyriQwlOrhSvowK_l52xwNZWMf6.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A300%2C300i%2C400%2C400i%2C600%2C600i%2C700%2C700i%2C800%2C800i%7CMerriweather%3A400%2C400i%2C700%2C700i%2C900%2C900i&display=swap&ver=5.3.8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f3.1e100.net
Software
sffe /
Resource Hash
1ecaf445d3f1e63f15b6e423e287813a5675461cc9454184d0b49123b286cea4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.sfweekly.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 28 Sep 2021 04:04:01 GMT
x-content-type-options
nosniff
age
281250
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19696
x-xss-protection
0
last-modified
Tue, 10 Aug 2021 00:22:18 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 28 Sep 2022 04:04:01 GMT
image5-42-1024x576.png
1ryzas42x65e2oosia40bgli-wpengine.netdna-ssl.com/wp-content/uploads/2020/11/ 		219 KB
219 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1ryzas42x65e2oosia40bgli-wpengine.netdna-ssl.com/wp-content/uploads/2020/11/image5-42-1024x576.png
Requested by
Host: www.sfweekly.com
URL: https://www.sfweekly.com/sponsored/black-friday-cbd-oil-sales/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.31.29.99 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS
94.31.29.99.IPYX-077437-ZYO.above.net
Software
NetDNA-cache/2.2 /
Resource Hash
4a92b7342f2e0c455c3c2f7587bfb41e7b8ff233910999731a0b20ea4104d389

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.sfweekly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 10:11:32 GMT
last-modified
Mon, 29 Mar 2021 10:25:35 GMT
server
NetDNA-cache/2.2
etag
"6061ab1f-36b8d"
vary
Accept-Encoding
x-cache
MISS
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2592000, public, max-age=31536000
accept-ranges
bytes
content-length
224141
expires
Sun, 31 Oct 2021 10:11:32 GMT
Picture1-2.png
1ryzas42x65e2oosia40bgli-wpengine.netdna-ssl.com/wp-content/uploads/2021/09/ 		37 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1ryzas42x65e2oosia40bgli-wpengine.netdna-ssl.com/wp-content/uploads/2021/09/Picture1-2.png
Requested by
Host: www.sfweekly.com
URL: https://www.sfweekly.com/sponsored/black-friday-cbd-oil-sales/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.31.29.99 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS
94.31.29.99.IPYX-077437-ZYO.above.net
Software
NetDNA-cache/2.2 /
Resource Hash
44f4c32b8979abf0fd63db2f62ec7023ab09e02b68c4a81474431c7cd88f855f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.sfweekly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 10:11:31 GMT
last-modified
Wed, 29 Sep 2021 17:55:36 GMT
server
NetDNA-cache/2.2
etag
"6154a898-92f4"
vary
Accept-Encoding
x-cache
HIT
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2592000, public, max-age=31536000
accept-ranges
bytes
content-length
37620
expires
Sun, 31 Oct 2021 07:03:35 GMT
Untitled-1-570x355.jpg
1ryzas42x65e2oosia40bgli-wpengine.netdna-ssl.com/wp-content/uploads/2021/09/ 		38 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1ryzas42x65e2oosia40bgli-wpengine.netdna-ssl.com/wp-content/uploads/2021/09/Untitled-1-570x355.jpg
Requested by
Host: www.sfweekly.com
URL: https://www.sfweekly.com/sponsored/black-friday-cbd-oil-sales/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.31.29.99 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS
94.31.29.99.IPYX-077437-ZYO.above.net
Software
NetDNA-cache/2.2 /
Resource Hash
02a94698e0ed730b359e2b4987a1bcd6cbbbe6c00d4d5b1048c2ad3e321a8946

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.sfweekly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 10:11:31 GMT
last-modified
Thu, 30 Sep 2021 17:51:20 GMT
server
NetDNA-cache/2.2
etag
"6155f918-9772"
vary
Accept-Encoding
x-cache
HIT
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=2592000, public, max-age=31536000
accept-ranges
bytes
content-length
38770
expires
Sun, 31 Oct 2021 07:03:38 GMT
Emergency-570x355.png
1ryzas42x65e2oosia40bgli-wpengine.netdna-ssl.com/wp-content/uploads/2021/09/ 		264 KB
264 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1ryzas42x65e2oosia40bgli-wpengine.netdna-ssl.com/wp-content/uploads/2021/09/Emergency-570x355.png
Requested by
Host: www.sfweekly.com
URL: https://www.sfweekly.com/sponsored/black-friday-cbd-oil-sales/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.31.29.99 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS
94.31.29.99.IPYX-077437-ZYO.above.net
Software
NetDNA-cache/2.2 /
Resource Hash
5e313adc997e9df9e640fafe4a678a3ea1e4ecf058bd755c6bcdd6f8618eef4c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.sfweekly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 10:11:31 GMT
last-modified
Thu, 30 Sep 2021 21:55:33 GMT
server
NetDNA-cache/2.2
etag
"61563255-41ece"
vary
Accept-Encoding
x-cache
HIT
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2592000, public, max-age=31536000
accept-ranges
bytes
content-length
270030
expires
Sun, 31 Oct 2021 07:09:22 GMT
1-1-570x355.jpg
1ryzas42x65e2oosia40bgli-wpengine.netdna-ssl.com/wp-content/uploads/2021/09/ 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1ryzas42x65e2oosia40bgli-wpengine.netdna-ssl.com/wp-content/uploads/2021/09/1-1-570x355.jpg
Requested by
Host: www.sfweekly.com
URL: https://www.sfweekly.com/sponsored/black-friday-cbd-oil-sales/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.31.29.99 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS
94.31.29.99.IPYX-077437-ZYO.above.net
Software
NetDNA-cache/2.2 /
Resource Hash
85827e08a6e5017cdb983eb9a93ed3de32e64543d2fcbb97e9a5496540b3d617

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.sfweekly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 10:11:31 GMT
last-modified
Tue, 28 Sep 2021 18:12:29 GMT
server
NetDNA-cache/2.2
etag
"61535b0d-7034"
vary
Accept-Encoding
x-cache
HIT
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=2592000, public, max-age=31536000
accept-ranges
bytes
content-length
28724
expires
Sat, 30 Oct 2021 07:09:43 GMT
aos.js
1ryzas42x65e2oosia40bgli-wpengine.netdna-ssl.com/wp-content/plugins/ad-inserter-pro/includes/aos/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://1ryzas42x65e2oosia40bgli-wpengine.netdna-ssl.com/wp-content/plugins/ad-inserter-pro/includes/aos/aos.js?ver=2.6.2
Requested by
Host: www.sfweekly.com
URL: https://www.sfweekly.com/sponsored/black-friday-cbd-oil-sales/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.31.29.99 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS
94.31.29.99.IPYX-077437-ZYO.above.net
Software
NetDNA-cache/2.2 /
Resource Hash
8acb04628394993656dad11f23029fc6ad13cf90cfaa1f5df89150b2727684a9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.sfweekly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 10:11:31 GMT
content-encoding
gzip
last-modified
Mon, 29 Mar 2021 10:26:12 GMT
server
NetDNA-cache/2.2
etag
W/"6061ab44-37a4"
vary
Accept-Encoding, Accept-Encoding
x-cache
HIT
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
theme.min.js
1ryzas42x65e2oosia40bgli-wpengine.netdna-ssl.com/wp-content/themes/SF-Weekly-2020/js/ 		78 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://1ryzas42x65e2oosia40bgli-wpengine.netdna-ssl.com/wp-content/themes/SF-Weekly-2020/js/theme.min.js?ver=1.1.1617013572
Requested by
Host: www.sfweekly.com
URL: https://www.sfweekly.com/sponsored/black-friday-cbd-oil-sales/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.31.29.99 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS
94.31.29.99.IPYX-077437-ZYO.above.net
Software
NetDNA-cache/2.2 /
Resource Hash
47c3a2686255802406b8e765d65380930ada5fa4bbcd35ca5c32c6459b1288c0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.sfweekly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 10:11:31 GMT
content-encoding
gzip
last-modified
Mon, 29 Mar 2021 10:26:12 GMT
server
NetDNA-cache/2.2
etag
W/"6061ab44-13977"
vary
Accept-Encoding, Accept-Encoding
x-cache
HIT
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
comment-reply.min.js
1ryzas42x65e2oosia40bgli-wpengine.netdna-ssl.com/wp-includes/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://1ryzas42x65e2oosia40bgli-wpengine.netdna-ssl.com/wp-includes/js/comment-reply.min.js?ver=5.3.8
Requested by
Host: www.sfweekly.com
URL: https://www.sfweekly.com/sponsored/black-friday-cbd-oil-sales/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.31.29.99 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS
94.31.29.99.IPYX-077437-ZYO.above.net
Software
NetDNA-cache/2.2 /
Resource Hash
3d5ae546163be6946a8ae9f9040891688b6ef62d1852a0d5d72f8e04ddbe7af5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.sfweekly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 10:11:31 GMT
content-encoding
gzip
last-modified
Fri, 26 Mar 2021 19:23:55 GMT
server
NetDNA-cache/2.2
etag
W/"605e34cb-921"
vary
Accept-Encoding, Accept-Encoding
x-cache
HIT
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
sweetalert2.all.min.js
1ryzas42x65e2oosia40bgli-wpengine.netdna-ssl.com/wp-content/plugins/highlight-and-share/js/ 		62 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://1ryzas42x65e2oosia40bgli-wpengine.netdna-ssl.com/wp-content/plugins/highlight-and-share/js/sweetalert2.all.min.js?ver=7.28.4
Requested by
Host: www.sfweekly.com
URL: https://www.sfweekly.com/sponsored/black-friday-cbd-oil-sales/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.31.29.99 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS
94.31.29.99.IPYX-077437-ZYO.above.net
Software
NetDNA-cache/2.2 /
Resource Hash
aadc94f9bdb8f6bc3fe4f435297191b718e5820ea17d4d842b9d183a57349f9d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.sfweekly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 10:11:31 GMT
content-encoding
gzip
last-modified
Mon, 29 Mar 2021 10:26:12 GMT
server
NetDNA-cache/2.2
etag
W/"6061ab44-f863"
vary
Accept-Encoding, Accept-Encoding
x-cache
HIT
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
wp-polyfill.min.js
1ryzas42x65e2oosia40bgli-wpengine.netdna-ssl.com/wp-includes/js/dist/vendor/ 		97 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://1ryzas42x65e2oosia40bgli-wpengine.netdna-ssl.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=7.4.4
Requested by
Host: www.sfweekly.com
URL: https://www.sfweekly.com/sponsored/black-friday-cbd-oil-sales/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.31.29.99 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS
94.31.29.99.IPYX-077437-ZYO.above.net
Software
NetDNA-cache/2.2 /
Resource Hash
96ed609b415be6ee67eadb8d2de7ce64d13de9c928bce8e1373bec97e233e74c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.sfweekly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 10:11:31 GMT
content-encoding
gzip
last-modified
Thu, 19 Sep 2019 15:19:18 GMT
server
NetDNA-cache/2.2
etag
W/"5d839c76-1833d"
vary
Accept-Encoding, Accept-Encoding
x-cache
HIT
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
i18n.min.js
1ryzas42x65e2oosia40bgli-wpengine.netdna-ssl.com/wp-includes/js/dist/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://1ryzas42x65e2oosia40bgli-wpengine.netdna-ssl.com/wp-includes/js/dist/i18n.min.js?ver=3.6.1
Requested by
Host: www.sfweekly.com
URL: https://www.sfweekly.com/sponsored/black-friday-cbd-oil-sales/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.31.29.99 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS
94.31.29.99.IPYX-077437-ZYO.above.net
Software
NetDNA-cache/2.2 /
Resource Hash
5f4e00ecd9e1a6d454db55802d379f4d3ce99bbfa046fbf9b98aac9d443fb8ff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.sfweekly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 10:11:31 GMT
content-encoding
gzip
last-modified
Fri, 05 Feb 2021 03:16:11 GMT
server
NetDNA-cache/2.2
etag
W/"601cb87b-233d"
vary
Accept-Encoding, Accept-Encoding
x-cache
HIT
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
highlight-and-share.js
1ryzas42x65e2oosia40bgli-wpengine.netdna-ssl.com/wp-content/plugins/highlight-and-share/js/ 		24 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://1ryzas42x65e2oosia40bgli-wpengine.netdna-ssl.com/wp-content/plugins/highlight-and-share/js/highlight-and-share.js?ver=3.1.5
Requested by
Host: www.sfweekly.com
URL: https://www.sfweekly.com/sponsored/black-friday-cbd-oil-sales/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.31.29.99 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS
94.31.29.99.IPYX-077437-ZYO.above.net
Software
NetDNA-cache/2.2 /
Resource Hash
d32a36d8dc793802de2280a21161e890801c411e4e0cab83d78d64f7fd5248ff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.sfweekly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 10:11:31 GMT
content-encoding
gzip
last-modified
Mon, 29 Mar 2021 10:26:12 GMT
server
NetDNA-cache/2.2
etag
W/"6061ab44-6079"
vary
Accept-Encoding, Accept-Encoding
x-cache
HIT
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
wp-embed.min.js
1ryzas42x65e2oosia40bgli-wpengine.netdna-ssl.com/wp-includes/js/ 		1 KB
990 B 		Script
General
Check archive.org
Download Go to
Full URL
https://1ryzas42x65e2oosia40bgli-wpengine.netdna-ssl.com/wp-includes/js/wp-embed.min.js?ver=5.3.8
Requested by
Host: www.sfweekly.com
URL: https://www.sfweekly.com/sponsored/black-friday-cbd-oil-sales/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.31.29.99 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS
94.31.29.99.IPYX-077437-ZYO.above.net
Software
NetDNA-cache/2.2 /
Resource Hash
5138d39633dc69fcd0ed7f33a5e38dc339123f682fa7f5242066879c2bbc8c9b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.sfweekly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 10:11:31 GMT
content-encoding
gzip
last-modified
Fri, 05 Feb 2021 03:16:11 GMT
server
NetDNA-cache/2.2
etag
W/"601cb87b-56f"
vary
Accept-Encoding, Accept-Encoding
x-cache
HIT
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
freeskreen.min.js
static.freeskreen.com/publisher/4329/ 		25 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.freeskreen.com/publisher/4329/freeskreen.min.js
Requested by
Host: www.sfweekly.com
URL: https://www.sfweekly.com/sponsored/black-friday-cbd-oil-sales/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.225.87.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-87-117.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4fc81f46ab48df9279cdf0b17cb6e8e1e2990b76ece6d17f8cb3e3cb47da98e4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.sfweekly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
kgVtLemKbS_sOl3J7Jc3hRpIhsR0wLIl
Content-Encoding
gzip
ETag
"0bf6e3033d4c4f3d50c3ecb5e046feae"
Age
26812
X-Edge-Origin-Shield-Skipped
0
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
9109
Last-Modified
Thu, 07 Jan 2021 17:19:38 GMT
Server
AmazonS3
Date
Fri, 01 Oct 2021 02:44:40 GMT
Content-Type
text/javascript
Via
1.1 e5b93012e2bfb81dc9846f43efd610a6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA2-C2
Accept-Ranges
bytes
X-Amz-Cf-Id
D2QX16G7CWw66FqhoRQYWdpLVSy2UqwoweDhRSOxfbG7GipXXqwtbQ==
modules.e95f6e2deb67f1b24d8e.js
script.hotjar.com/ 		221 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.hotjar.com/modules.e95f6e2deb67f1b24d8e.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1671606.js?sv=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.145.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-145-122.dus51.r.cloudfront.net
Software
/
Resource Hash
3e4dcf5d937c6cd9bd580358e83d9bff9769f73cc2364ed9af22c88571959adb
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.sfweekly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 28 Sep 2021 08:27:05 GMT
content-encoding
br
x-content-type-options
nosniff
age
265466
x-amz-server-side-encryption
AES256
x-edge-origin-shield-skipped
0
x-cache
Hit from cloudfront
content-length
59787
access-control-allow-origin
*
last-modified
Tue, 28 Sep 2021 08:26:22 GMT
etag
"4c2c45df8457d0c2a07b3285a23cd7a4"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 e542677c3bd2d6c30a5ed3dab78f8476.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
DUS51-C1
accept-ranges
bytes
x-robots-tag
none
x-amz-cf-id
9Yc7wQx9vzSuHIyajSn9lSriotwwjxeIXE0820FeLGpRgz_gH0rJOA==
fa-duotone-900.woff2
1ryzas42x65e2oosia40bgli-wpengine.netdna-ssl.com/wp-content/themes/SF-Weekly-2020/fonts/ 		171 KB
171 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://1ryzas42x65e2oosia40bgli-wpengine.netdna-ssl.com/wp-content/themes/SF-Weekly-2020/fonts/fa-duotone-900.woff2
Requested by
Host: 1ryzas42x65e2oosia40bgli-wpengine.netdna-ssl.com
URL: https://1ryzas42x65e2oosia40bgli-wpengine.netdna-ssl.com/wp-content/themes/SF-Weekly-2020/css/theme.min.css?ver=1.1.1617013572
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.31.29.99 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS
94.31.29.99.IPYX-077437-ZYO.above.net
Software
NetDNA-cache/2.2 /
Resource Hash
9f116dbbaf4f0d636fa01fba1c0a0fbed796632077c936724150f2346e74f649

Request headers

Referer
https://1ryzas42x65e2oosia40bgli-wpengine.netdna-ssl.com/wp-content/themes/SF-Weekly-2020/css/theme.min.css?ver=1.1.1617013572
Origin
https://www.sfweekly.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 10:11:31 GMT
last-modified
Mon, 29 Mar 2021 10:26:12 GMT
server
NetDNA-cache/2.2
etag
"6061ab44-2aa84"
vary
Accept-Encoding
x-cache
HIT
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
174724
linkid.js
www.google-analytics.com/plugins/ua/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/plugins/ua/linkid.js
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.46 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f14.1e100.net
Software
sffe /
Resource Hash
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.sfweekly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 09:43:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1693
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
859
x-xss-protection
0
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Fri, 01 Oct 2021 10:43:18 GMT
newsletter-background.jpg
1ryzas42x65e2oosia40bgli-wpengine.netdna-ssl.com/wp-content/themes/SF-Weekly-2020/img/ 		50 KB
50 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://1ryzas42x65e2oosia40bgli-wpengine.netdna-ssl.com/wp-content/themes/SF-Weekly-2020/img/newsletter-background.jpg
Requested by
Host: 1ryzas42x65e2oosia40bgli-wpengine.netdna-ssl.com
URL: https://1ryzas42x65e2oosia40bgli-wpengine.netdna-ssl.com/wp-content/themes/SF-Weekly-2020/css/theme.min.css?ver=1.1.1617013572
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.31.29.99 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS
94.31.29.99.IPYX-077437-ZYO.above.net
Software
NetDNA-cache/2.2 /
Resource Hash
75a315598423af7b8dbc25b957c07b5c90c1c9705ff81957e2fa7e6b08f285b4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://1ryzas42x65e2oosia40bgli-wpengine.netdna-ssl.com/wp-content/themes/SF-Weekly-2020/css/theme.min.css?ver=1.1.1617013572
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 10:11:31 GMT
last-modified
Mon, 29 Mar 2021 10:26:12 GMT
server
NetDNA-cache/2.2
etag
"6061ab44-c798"
vary
Accept-Encoding
x-cache
HIT
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
51096
fa-light-300.woff2
1ryzas42x65e2oosia40bgli-wpengine.netdna-ssl.com/wp-content/themes/SF-Weekly-2020/fonts/ 		170 KB
170 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://1ryzas42x65e2oosia40bgli-wpengine.netdna-ssl.com/wp-content/themes/SF-Weekly-2020/fonts/fa-light-300.woff2
Requested by
Host: 1ryzas42x65e2oosia40bgli-wpengine.netdna-ssl.com
URL: https://1ryzas42x65e2oosia40bgli-wpengine.netdna-ssl.com/wp-content/themes/SF-Weekly-2020/css/theme.min.css?ver=1.1.1617013572
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.31.29.99 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS
94.31.29.99.IPYX-077437-ZYO.above.net
Software
NetDNA-cache/2.2 /
Resource Hash
f6d6e49e8971c9b702e31bb9ad580eb9d374a13af6e713e3673282c9e52ac7bc

Request headers

Referer
https://1ryzas42x65e2oosia40bgli-wpengine.netdna-ssl.com/wp-content/themes/SF-Weekly-2020/css/theme.min.css?ver=1.1.1617013572
Origin
https://www.sfweekly.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 10:11:31 GMT
last-modified
Mon, 29 Mar 2021 10:26:12 GMT
server
NetDNA-cache/2.2
etag
"6061ab44-2a62c"
vary
Accept-Encoding
x-cache
HIT
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
173612
u-4n0qyriQwlOrhSvowK_l52_wFZWMf6.woff2
fonts.gstatic.com/s/merriweather/v25/ 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/merriweather/v25/u-4n0qyriQwlOrhSvowK_l52_wFZWMf6.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A300%2C300i%2C400%2C400i%2C600%2C600i%2C700%2C700i%2C800%2C800i%7CMerriweather%3A400%2C400i%2C700%2C700i%2C900%2C900i&display=swap&ver=5.3.8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f3.1e100.net
Software
sffe /
Resource Hash
32872225c70cc59428eea5fa412b86aa82e4f73ac5fa20fbe34ee1702ba270aa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.sfweekly.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 26 Sep 2021 20:47:52 GMT
x-content-type-options
nosniff
age
393819
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19792
x-xss-protection
0
last-modified
Tue, 10 Aug 2021 00:22:18 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 26 Sep 2022 20:47:52 GMT
pubads_impl_2021092001.js
securepubads.g.doubleclick.net/gpt/ 		336 KB
117 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021092001.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
sffe /
Resource Hash
1530727d7a9de276d5934149bfd08e535021a6596ace5c87fbad802580189d0b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.sfweekly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 10:11:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
120245
x-xss-protection
0
last-modified
Mon, 20 Sep 2021 08:37:28 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 01 Oct 2021 10:11:32 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		111 B
119 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.sfweekly.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
2682df2044deafc87144269baba470bfe2b34c978ce8e13975a177d54cf31a28
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.sfweekly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 01 Oct 2021 10:11:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
94
x-xss-protection
0
expires
Fri, 01 Oct 2021 10:11:32 GMT
249fa1afb610589da05d00c0896a527e7f57951f93f9c34b74f70cfbcd77141aab669461f9d66998bccc5e08775954d565fc7102835c600098515927fb1d
richstring.com/ 		103 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://richstring.com/249fa1afb610589da05d00c0896a527e7f57951f93f9c34b74f70cfbcd77141aab669461f9d66998bccc5e08775954d565fc7102835c600098515927fb1d
Requested by
Host: www.sfweekly.com
URL: https://www.sfweekly.com/sponsored/black-friday-cbd-oil-sales/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.74.157 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
157.74.190.35.bc.googleusercontent.com
Software
/
Resource Hash
c78b50d1e9ea3df444980f1280f03bb25b3d4fb5f4565111b3018c3322357235
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.sfweekly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; preload
content-encoding
br
x-datacenter
gce-europe-west1
etag
"ae353adf06739f460a51a5ce7d51970f1c967afc9b20cc99082fc543f9c2ad80"
vary
Accept-Encoding, Accept-Language
x-hostname
0f8346e1
content-type
text/javascript; charset=utf-8
cache-control
private, must-revalidate, max-age=21600
date
Fri, 01 Oct 2021 10:11:32 GMT
timing-allow-origin
*
script.js
sb.freeskreen.com/publisher/ 		79 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.freeskreen.com/publisher/script.js?pid=4329&ut=&uts=&flc=sponsored&slc=&windowlocation=https%3A%2F%2Fwww.sfweekly.com%2Fsponsored%2Fblack-friday-cbd-oil-sales%2F&usp=&gdpr=-1&cs=-1
Requested by
Host: static.freeskreen.com
URL: https://static.freeskreen.com/publisher/4329/freeskreen.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.87.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-87-3.fra2.r.cloudfront.net
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
b57ed06197b5ef1287a96679fe0ac59ea53e0952b132d5adb7cbcb60073091b3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.sfweekly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Oct 2021 10:11:32 GMT
content-encoding
gzip
server
Apache/2.4.29 (Ubuntu)
x-amz-cf-pop
FRA2-C2
vary
Accept-Encoding
x-cache
Miss from cloudfront
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI INT DEM STA PRE COM NAV NOI DSP COR"
via
1.1 96c1c36adc76f99239fd3220e5be7e6a.cloudfront.net (CloudFront)
cache-control
no-cache, no-store, must-revalidate
content-type
text/html;charset=UTF-8
content-length
21749
x-amz-cf-id
FtxdfIWQLHUJzaDGPnLJvFUgRd23kiypLUGeikU3mKA9S1Cnt3Wtug==
expires
Thu, 01 Jan 1970 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
464 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j93&tid=UA-58316615-2&cid=1144439161.1633083092&jid=1443408124&gjid=1221180970&_gid=1855232428.1633083092&_u=KGBAgEAjAAAAAE~&z=434576654
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.5.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wg-in-f157.1e100.net
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.sfweekly.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Fri, 01 Oct 2021 10:11:32 GMT
content-type
text/plain
access-control-allow-origin
https://www.sfweekly.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j93&a=2093099692&t=pageview&_s=1&dl=https%3A%2F%2Fwww.sfweekly.com%2Fsponsored%2Fblack-friday-cbd-oil-sales%2F&ul=en-us&de=UTF-8&dt=Black%20Friday%20CBD%20Oil%20Sales%3A%20The%20Best%20CBD%20Oil%20Deals%20for%20Black%20Friday%20and%20Cyber%20Monday%20-%20SF%20Weekly&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=KGBAgEAj~&jid=1443408124&gjid=1221180970&cid=1144439161.1633083092&tid=UA-58316615-2&_gid=1855232428.1633083092&z=1473775753
Requested by
Host: www.sfweekly.com
URL: https://www.sfweekly.com/sponsored/black-friday-cbd-oil-sales/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.46 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.sfweekly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Oct 2021 06:48:07 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
12205
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
integrator.js
adservice.google.de/adsid/ 		107 B
853 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.sfweekly.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021092001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.sfweekly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 01 Oct 2021 10:11:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
570 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.sfweekly.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021092001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f130.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.sfweekly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 01 Oct 2021 10:11:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		449 B
260 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1644757340794941&correlator=2849632969377899&output=ldjh&impl=fif&vrg=2021092001&ptt=17&sc=1&sfv=1-0-38&ecs=20211001&iu_parts=8565528%2CSFW-ROS_320x480&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x480&eri=1&cookie_enabled=1&bc=31&abxe=1&lmt=1633083092&dt=1633083092260&dlt=1633083091737&idt=441&frm=20&biw=1600&bih=1200&oid=3&adxs=-12245933&adys=-12245933&adks=4003218774&ucis=1&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.sfweekly.com%2Fsponsored%2Fblack-friday-cbd-oil-sales%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1600x480&msz=0x-1&ga_vid=1144439161.1633083092&ga_sid=1633083092&ga_hid=2093099692&ga_fc=false&fws=128&ohw=0&btvi=-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021092001.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
631bd20ca4b8bd54128f9c73c5437248ada5ee5ed76dc3e418600c8c3eaf7e4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.sfweekly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 10:11:32 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
230
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.sfweekly.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
8f4b3a34c719de7bcf70047dfa1b93cb.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 0EF5 		6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://8f4b3a34c719de7bcf70047dfa1b93cb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021092001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f1.1e100.net
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
8f4b3a34c719de7bcf70047dfa1b93cb.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.sfweekly.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.sfweekly.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Fri, 01 Oct 2021 10:11:32 GMT
expires
Sat, 01 Oct 2022 10:11:32 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
ads
securepubads.g.doubleclick.net/gampad/ 		449 B
267 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1644757340794941&correlator=810261776742837&output=ldjh&impl=fif&vrg=2021092001&ptt=17&sc=1&sfv=1-0-38&ecs=20211001&iu_parts=8565528%2CSFW-ROS_600x480&enc_prev_ius=%2F0%2F1&prev_iu_szs=550x400%7C600x480&eri=1&cookie_enabled=1&bc=31&abxe=1&lmt=1633083092&dt=1633083092265&dlt=1633083091737&idt=441&frm=20&biw=1600&bih=1200&oid=3&adxs=-12245933&adys=-12245933&adks=3249242924&ucis=2&ifi=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.sfweekly.com%2Fsponsored%2Fblack-friday-cbd-oil-sales%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1600x0&msz=0x0&ga_vid=1144439161.1633083092&ga_sid=1633083092&ga_hid=2093099692&ga_fc=false&fws=128&ohw=0&btvi=-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021092001.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
5d1e60e74af6b42b559301a55018075d09e094031bebfced866a604912b998a9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.sfweekly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 10:11:32 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
237
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.sfweekly.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		453 B
268 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1644757340794941&correlator=3456656947101671&output=ldjh&impl=fif&vrg=2021092001&ptt=17&sc=1&sfv=1-0-38&ecs=20211001&iu_parts=8565528%2CSFW-ROS_Left300x900&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x900&eri=1&cookie_enabled=1&bc=31&abxe=1&lmt=1633083092&dt=1633083092267&dlt=1633083091737&idt=441&frm=20&biw=1600&bih=1200&oid=3&adxs=-12245933&adys=-12245933&adks=2545910887&ucis=3&ifi=3&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.sfweekly.com%2Fsponsored%2Fblack-friday-cbd-oil-sales%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x-1&msz=0x-1&ga_vid=1144439161.1633083092&ga_sid=1633083092&ga_hid=2093099692&ga_fc=false&fws=640&ohw=0&btvi=-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021092001.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
5f56aceea6a79909a616500f1c0acea28fc363b48a2fb200c9704d844214e3d9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.sfweekly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 10:11:32 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
238
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.sfweekly.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		454 B
267 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1644757340794941&correlator=3520673885084657&output=ldjh&impl=fif&vrg=2021092001&ptt=17&sc=1&sfv=1-0-38&ecs=20211001&iu_parts=8565528%2CSFW-ROS_Right300x900&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x900&eri=1&cookie_enabled=1&bc=31&abxe=1&lmt=1633083092&dt=1633083092268&dlt=1633083091737&idt=441&frm=20&biw=1600&bih=1200&oid=3&adxs=-12245933&adys=-12245933&adks=3696297429&ucis=4&ifi=4&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.sfweekly.com%2Fsponsored%2Fblack-friday-cbd-oil-sales%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x-1&msz=0x-1&ga_vid=1144439161.1633083092&ga_sid=1633083092&ga_hid=2093099692&ga_fc=false&fws=640&ohw=0&btvi=-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021092001.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
cd75a772111fad89997cb08170f0ba9d2c49f47ed1096dc3bb3e2b11351230d3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.sfweekly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 10:11:32 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
237
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.sfweekly.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
box-dfc01efbdc94bb0936d9a35a502b0b64.html
vars.hotjar.com/ Frame DC65 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://vars.hotjar.com/box-dfc01efbdc94bb0936d9a35a502b0b64.html
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1671606.js?sv=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.145.106 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-145-106.dus51.r.cloudfront.net
Software
/
Resource Hash
88ca677c14d4217c2f6b8c8964a1d172027974c4c0839e4d531ad7d3d6de1987

Request headers

:method
GET
:authority
vars.hotjar.com
:scheme
https
:path
/box-dfc01efbdc94bb0936d9a35a502b0b64.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.sfweekly.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.sfweekly.com/

Response headers

content-type
text/html
content-length
1044
date
Tue, 20 Jul 2021 13:05:05 GMT
accept-ranges
bytes
cache-control
max-age=31536000
content-encoding
br
etag
"10714b84569172431728622d7c8098e4"
last-modified
Tue, 20 Jul 2021 13:04:43 GMT
x-amz-server-side-encryption
AES256
x-robots-tag
none
vary
Accept-Encoding
x-cache
Hit from cloudfront
via
1.1 3c2fca5c3988bc152e874a83fac74f4a.cloudfront.net (CloudFront)
x-amz-cf-pop
DUS51-C1
x-amz-cf-id
nuohrGvw7P-HjNqqh7bnX5SQylzzL6pBMEg1PxTsyT15ZIqejnzvZw==
age
6296787
ads
securepubads.g.doubleclick.net/gampad/ 		444 B
258 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1644757340794941&correlator=51619007578839&output=ldjh&impl=fif&vrg=2021092001&ptt=17&sc=1&sfv=1-0-38&ecs=20211001&iu_parts=8565528%2CSFW-ROS_975x30&enc_prev_ius=%2F0%2F1&prev_iu_szs=975x30&eri=1&cookie_enabled=1&bc=31&abxe=1&lmt=1633083092&dt=1633083092293&dlt=1633083091737&idt=441&frm=20&biw=1600&bih=1200&oid=3&adxs=313&adys=206&adks=3325031515&ucis=5&ifi=5&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.sfweekly.com%2Fsponsored%2Fblack-friday-cbd-oil-sales%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1600x38&msz=975x-1&ga_vid=1144439161.1633083092&ga_sid=1633083092&ga_hid=2093099692&ga_fc=false&fws=0&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021092001.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
89da494fadad771b55a01560275b2d4b53db806111719efb1702d65f2f24665f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.sfweekly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 10:11:32 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
228
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.sfweekly.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		16 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1644757340794941&correlator=2056656022625006&output=ldjh&impl=fif&vrg=2021092001&ptt=17&sc=1&sfv=1-0-38&ecs=20211001&iu_parts=8565528%2CSFW-ROS_728x90-3&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&eri=1&cookie_enabled=1&bc=31&abxe=1&lmt=1633083092&dt=1633083092296&dlt=1633083091737&idt=441&frm=20&biw=1600&bih=1200&oid=3&adxs=224&adys=8551&adks=2758185213&ucis=6&ifi=6&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.sfweekly.com%2Fsponsored%2Fblack-friday-cbd-oil-sales%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=832x0&msz=832x0&ga_vid=1144439161.1633083092&ga_sid=1633083092&ga_hid=2093099692&ga_fc=false&fws=0&ohw=0&btvi=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021092001.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
6c2dd2c293391e6fd4cb87b460e2d4453b1fbf34583e93a6812b577e53dd5417
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.sfweekly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 10:11:32 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8225
x-xss-protection
0
google-lineitem-id
166604408
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138219866849
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.sfweekly.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		82 KB
22 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1644757340794941&correlator=164963709283843&output=ldjh&impl=fif&vrg=2021092001&ptt=17&sc=1&sfv=1-0-38&ecs=20211001&iu_parts=8565528%2CSFW-ROS_300x250-3&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&eri=1&cookie_enabled=1&bc=31&abxe=1&lmt=1633083092&dt=1633083092299&dlt=1633083091737&idt=441&frm=20&biw=1600&bih=1200&oid=3&adxs=1076&adys=305&adks=2748941098&ucis=7&ifi=7&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.sfweekly.com%2Fsponsored%2Fblack-friday-cbd-oil-sales%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x250&msz=300x-1&ga_vid=1144439161.1633083092&ga_sid=1633083092&ga_hid=2093099692&ga_fc=false&fws=0&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021092001.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
f10dbbb6b1e25ce420a6bb373312e06c77265034245364e92276da66f13eaef1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.sfweekly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 10:11:32 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
22784
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.sfweekly.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		17 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1644757340794941&correlator=120324067774555&output=ldjh&impl=fif&vrg=2021092001&ptt=17&sc=1&sfv=1-0-38&ecs=20211001&iu_parts=8565528%2CSFW-ROS_300x250-2&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&eri=1&cookie_enabled=1&bc=31&abxe=1&lmt=1633083092&dt=1633083092301&dlt=1633083091737&idt=441&frm=20&biw=1600&bih=1200&oid=3&adxs=1076&adys=1330&adks=3566212782&ucis=8&ifi=8&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.sfweekly.com%2Fsponsored%2Fblack-friday-cbd-oil-sales%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x256&msz=300x-1&ga_vid=1144439161.1633083092&ga_sid=1633083092&ga_hid=2093099692&ga_fc=false&fws=0&ohw=0&btvi=2&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021092001.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
796d745752c9d7a1b6b939bced085c239ffe0ec886238aafe701f3f92a070dd7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.sfweekly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 10:11:32 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7931
x-xss-protection
0
google-lineitem-id
166604528
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138219895740
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.sfweekly.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		16 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1644757340794941&correlator=2300615753946367&output=ldjh&impl=fif&vrg=2021092001&ptt=17&sc=1&sfv=1-0-38&ecs=20211001&iu_parts=8565528%2CSFW-ROS_728x90-6&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&eri=1&cookie_enabled=1&bc=31&abxe=1&lmt=1633083092&dt=1633083092305&dlt=1633083091737&idt=441&frm=20&biw=1600&bih=1200&oid=3&adxs=224&adys=6883&adks=3750489042&ucis=9&ifi=9&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.sfweekly.com%2Fsponsored%2Fblack-friday-cbd-oil-sales%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=832x0&msz=832x0&ga_vid=1144439161.1633083092&ga_sid=1633083092&ga_hid=2093099692&ga_fc=false&fws=0&ohw=0&btvi=3&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021092001.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
659bc2d64efaeb353261b484804f7b2ff3d0bb3849dcf7fd97e6f8ac2b912df6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.sfweekly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 10:11:32 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8227
x-xss-protection
0
google-lineitem-id
166604408
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138219866831
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.sfweekly.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		16 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1644757340794941&correlator=3297649262916906&output=ldjh&impl=fif&vrg=2021092001&ptt=17&sc=1&sfv=1-0-38&ecs=20211001&iu_parts=8565528%2CSFW-ROS_Top728x90&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&eri=1&cookie_enabled=1&bc=31&abxe=1&lmt=1633083092&dt=1633083092309&dlt=1633083091737&idt=441&frm=20&biw=1600&bih=1200&oid=3&adxs=648&adys=56&adks=1696152264&ucis=a&ifi=10&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.sfweekly.com%2Fsponsored%2Fblack-friday-cbd-oil-sales%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=728x90&msz=728x0&ga_vid=1144439161.1633083092&ga_sid=1633083092&ga_hid=2093099692&ga_fc=false&fws=0&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021092001.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
aa30cf5fb07cb30ece1f49b93011b785248132e8e158d8a96d65fd35ba8b9f51
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.sfweekly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 10:11:32 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8229
x-xss-protection
0
google-lineitem-id
166604408
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138219866831
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.sfweekly.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		16 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1644757340794941&correlator=4220479322623276&output=ldjh&impl=fif&vrg=2021092001&ptt=17&sc=1&sfv=1-0-38&ecs=20211001&iu_parts=8565528%2CSFW-ROS_728x90-5&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&eri=1&cookie_enabled=1&bc=31&abxe=1&lmt=1633083092&dt=1633083092313&dlt=1633083091737&idt=441&frm=20&biw=1600&bih=1200&oid=3&adxs=224&adys=2112&adks=1003928959&ucis=b&ifi=11&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.sfweekly.com%2Fsponsored%2Fblack-friday-cbd-oil-sales%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=832x0&msz=832x0&ga_vid=1144439161.1633083092&ga_sid=1633083092&ga_hid=2093099692&ga_fc=false&fws=0&ohw=0&btvi=4&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021092001.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
53fe02c7803cf38912e8616d5e597a5456f65048c11606aba1dea3a90d86d708
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.sfweekly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 10:11:32 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8003
x-xss-protection
0
google-lineitem-id
166604408
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138219866864
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.sfweekly.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		46 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1644757340794941&correlator=3107069801363770&output=ldjh&impl=fif&vrg=2021092001&ptt=17&sc=1&sfv=1-0-38&ecs=20211001&iu_parts=8565528%2CSFW-ROS_300x600-2&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x600&eri=1&cookie_enabled=1&bc=31&abxe=1&lmt=1633083092&dt=1633083092318&dlt=1633083091737&idt=441&frm=20&biw=1600&bih=1200&oid=3&adxs=1076&adys=1316&adks=1942432000&ucis=c&ifi=12&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.sfweekly.com%2Fsponsored%2Fblack-friday-cbd-oil-sales%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x24&msz=300x0&ga_vid=1144439161.1633083092&ga_sid=1633083092&ga_hid=2093099692&ga_fc=false&fws=0&ohw=0&btvi=5&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021092001.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
2139f777d0c43392703e8e844e3329e6df8e12203ddefdeb3169bd7e1c4891bb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.sfweekly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 10:11:32 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11476
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.sfweekly.com
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		16 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1644757340794941&correlator=3009695795278122&output=ldjh&impl=fif&vrg=2021092001&ptt=17&sc=1&sfv=1-0-38&ecs=20211001&iu_parts=8565528%2CSFW-ROS_300x250-6&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&eri=1&cookie_enabled=1&bc=31&abxe=1&lmt=1633083092&dt=1633083092320&dlt=1633083091737&idt=441&frm=20&biw=1600&bih=1200&oid=3&adxs=224&adys=5065&adks=3140460954&ucis=d&ifi=13&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.sfweekly.com%2Fsponsored%2Fblack-friday-cbd-oil-sales%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=832x0&msz=832x0&ga_vid=1144439161.1633083092&ga_sid=1633083092&ga_hid=2093099692&ga_fc=false&fws=0&ohw=0&btvi=6&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021092001.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
fde1ff98ac079ccd96e34a72dc00e9b2183ed069872fff11279807b1e2d7402e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.sfweekly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 10:11:32 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7712
x-xss-protection
0
google-lineitem-id
166604528
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138219895683
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.sfweekly.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		16 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1644757340794941&correlator=2953277666637523&output=ldjh&impl=fif&vrg=2021092001&ptt=17&sc=1&sfv=1-0-38&ecs=20211001&iu_parts=8565528%2CSFW-ROS_728x90-4&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&eri=1&cookie_enabled=1&bc=31&abxe=1&lmt=1633083092&dt=1633083092323&dlt=1633083091737&idt=441&frm=20&biw=1600&bih=1200&oid=3&adxs=224&adys=9502&adks=2171617908&ucis=e&ifi=14&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.sfweekly.com%2Fsponsored%2Fblack-friday-cbd-oil-sales%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=832x0&msz=832x0&ga_vid=1144439161.1633083092&ga_sid=1633083092&ga_hid=2093099692&ga_fc=false&fws=0&ohw=0&btvi=7&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021092001.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
8fac460ee63a3faf6cb4b3d59103b745978eb3fc1db32b00abb53727e3c01af8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.sfweekly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 10:11:32 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7998
x-xss-protection
0
google-lineitem-id
166604408
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138219866864
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.sfweekly.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
522 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j93&tid=UA-58316615-2&cid=1144439161.1633083092&jid=1443408124&_u=KGBAgEAjAAAAAE~&z=366829194
Requested by
Host: www.sfweekly.com
URL: https://www.sfweekly.com/sponsored/black-friday-cbd-oil-sales/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.196 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f4.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.sfweekly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Oct 2021 10:11:32 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
522 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j93&tid=UA-58316615-2&cid=1144439161.1633083092&jid=1443408124&_u=KGBAgEAjAAAAAE~&z=366829194
Requested by
Host: www.sfweekly.com
URL: https://www.sfweekly.com/sponsored/black-friday-cbd-oil-sales/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.sfweekly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Oct 2021 10:11:32 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
reporting.powerad.ai/ 		2 B
412 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://reporting.powerad.ai/
Requested by
Host: powerad.ai
URL: https://powerad.ai/script.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
54.234.151.247 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-234-151-247.compute-1.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) / Express
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer
https://www.sfweekly.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Fri, 01 Oct 2021 10:11:32 GMT
Server
nginx/1.14.0 (Ubuntu)
X-Powered-By
Express
ETag
W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
Access-Control-Allow-Methods
GET, POST, PATCH, PUT, DELETE, OPTIONS
Content-Type
text/plain; charset=utf-8
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
*
Content-Length
2
pbjs_wrapper.v1.0.js
hb.brainlyads.com/ Frame 8C9D 		61 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.brainlyads.com/pbjs_wrapper.v1.0.js
Requested by
Host: powerad.ai
URL: https://powerad.ai/script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.20.158.212 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-23-20-158-212.compute-1.amazonaws.com
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
368c94f8a26ed6a99ca46c4b565e4f2586994d513b47e35cf17cd9a01c423251
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.sfweekly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 10:11:32 GMT
content-encoding
gzip
last-modified
Wed, 22 Sep 2021 18:35:05 GMT
server
nginx/1.10.3 (Ubuntu)
etag
W/"614b7759-f5ff"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=86400
strict-transport-security
max-age=31536000; includeSubDomains; preload
expires
Sat, 02 Oct 2021 10:11:32 GMT
pbjs_wrapper.v1.1.js
hb.brainlyads.com/ Frame 31FD 		63 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.brainlyads.com/pbjs_wrapper.v1.1.js
Requested by
Host: powerad.ai
URL: https://powerad.ai/script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.20.158.212 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-23-20-158-212.compute-1.amazonaws.com
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
62a241b5bb0abbb690e5fca0412be810b9c22316fbb958c6a9539df6fab09c58
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.sfweekly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 10:11:32 GMT
content-encoding
gzip
last-modified
Wed, 22 Sep 2021 18:35:05 GMT
server
nginx/1.10.3 (Ubuntu)
etag
W/"614b7759-fbe5"
vary
Accept-Encoding
content-type
application/javascript
strict-transport-security
max-age=31536000; includeSubDomains; preload
/
powerad.ai/pubPls/ 		15 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://powerad.ai/pubPls/?width=1600&url=https%3A%2F%2Fwww.sfweekly.com%2Fsponsored%2Fblack-friday-cbd-oil-sales%2F
Requested by
Host: powerad.ai
URL: https://powerad.ai/script.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
18.211.226.152 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-211-226-152.compute-1.amazonaws.com
Software
nginx/1.10.3 (Ubuntu) / Express
Resource Hash
e3e93b6f311b8924906992bbae0524c1e177e7f7317d0acb7e153171d011d344

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.sfweekly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 01 Oct 2021 10:11:32 GMT
Content-Encoding
gzip
Server
nginx/1.10.3 (Ubuntu)
Transfer-Encoding
chunked
X-Powered-By
Express
ETag
W/"3be7-GLB8zT5cwwRvsLICTqXIU2W50r8"
Vary
Accept-Encoding
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
https://www.sfweekly.com
Access-Control-Allow-Credentials
true
Connection
close
Access-Control-Allow-Headers
*
gen_204
pagead2.googlesyndication.com/pagead/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=gfp_cw_status&domain=sfweekly.com&host=www.sfweekly.com&success=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021092001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.sfweekly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Oct 2021 10:11:32 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
skeleton.gif
static.adsafeprotected.com/ 		43 B
480 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.adsafeprotected.com/skeleton.gif
Requested by
Host: www.sfweekly.com
URL: https://www.sfweekly.com/sponsored/black-friday-cbd-oil-sales/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.87.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-87-97.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.sfweekly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 06 Aug 2021 16:14:35 GMT
via
1.1 a10d58b5ce965502cc34c5b27682fe23.cloudfront.net (CloudFront)
age
4816618
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
43
last-modified
Mon, 17 Aug 2020 23:55:15 GMT
server
AmazonS3
etag
"45cf913e5d9d3c9b2058033056d3dd23"
x-amz-version-id
iiN8XkcmZQdDIQeKkzAiegPwcD.5WPja
cache-control
max-age=315360000
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
content-type
image/gif
x-amz-cf-id
BsJvmZsP2l4xrVIydEKQ4DLdgTtTW4elvGW51Jm0ImTttd8B6LpILQ==
ac
ww1772.smartadserver.com/ 		212 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ww1772.smartadserver.com/ac?pgid=662773&insid=7974420&tmstp=1177088881&out=js
Requested by
Host: sb.freeskreen.com
URL: https://sb.freeskreen.com/publisher/script.js?pid=4329&ut=&uts=&flc=sponsored&slc=&windowlocation=https%3A%2F%2Fwww.sfweekly.com%2Fsponsored%2Fblack-friday-cbd-oil-sales%2F&usp=&gdpr=-1&cs=-1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.137.113 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
461b345c9be55a5a6d0a2b3c9b39b060cdd4d5c7bff2c410b3c6f8b77f17cb25

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.sfweekly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Oct 2021 10:11:31 GMT
content-encoding
br
vary
Accept-Encoding
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
x-smrt-i
7974420
cache-control
no-cache,no-store
transfer-encoding
chunked
content-type
application/javascript; charset=UTF-8
usync.html
eus.rubiconproject.com/ Frame D599
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=123456&endpoint=us-west
  • https://eus.rubiconproject.com/usync.html?p=123456&endpoint=us-west
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=123456&endpoint=us-west
Requested by
Host: sb.freeskreen.com
URL: https://sb.freeskreen.com/publisher/script.js?pid=4329&ut=&uts=&flc=sponsored&slc=&windowlocation=https%3A%2F%2Fwww.sfweekly.com%2Fsponsored%2Fblack-friday-cbd-oil-sales%2F&usp=&gdpr=-1&cs=-1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-78-125.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Host
eus.rubiconproject.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.sfweekly.com/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.sfweekly.com/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Fri, 24 Sep 2021 19:54:05 GMT
ETag
"40333-119-5ccc31c0f3140"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Fri, 01 Oct 2021 10:11:32 GMT
Connection
keep-alive
Vary
Accept-Encoding

Redirect headers

Server
AkamaiGHost
Content-Length
0
Location
https://eus.rubiconproject.com/usync.html?p=123456&endpoint=us-west
Date
Fri, 01 Oct 2021 10:11:32 GMT
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
um
sb.freeskreen.com/
Redirect Chain
  • https://sync.smartadserver.com/getuid?url=https%3A%2F%2Fsb.freeskreen.com%2Fum%3Fsa%3D%5Bsas_uid%5D
  • https://sync.smartadserver.com/getuid?url=https://sb.freeskreen.com/um?sa=[sas_uid]&cklb=1
  • https://sb.freeskreen.com/um?sa=7205702882258895689
43 B
612 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.freeskreen.com/um?sa=7205702882258895689
Requested by
Host: www.sfweekly.com
URL: https://www.sfweekly.com/sponsored/black-friday-cbd-oil-sales/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.87.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-87-3.fra2.r.cloudfront.net
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.sfweekly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Oct 2021 10:11:32 GMT
via
1.1 96c1c36adc76f99239fd3220e5be7e6a.cloudfront.net (CloudFront)
server
Apache/2.4.29 (Ubuntu)
x-amz-cf-pop
FRA2-C2
x-cache
Miss from cloudfront
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI INT DEM STA PRE COM NAV NOI DSP COR"
cache-control
no-cache, no-store
content-type
image/gif
content-length
43
x-amz-cf-id
r-XcbhQFXAMZUrZMNWLIZ8mUwDcJvk5ktmlzLMa9RHxV1yxY2zpgng==
expires
-1

Redirect headers

location
https://sb.freeskreen.com/um?sa=7205702882258895689
pragma
no-cache
date
Fri, 01 Oct 2021 10:11:32 GMT
cache-control
no-cache,no-store
content-length
0
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
verify
scm.publishers.tremorhub.com/pubsync/
Redirect Chain
  • https://scm.publishers.tremorhub.com/pubsync?redir=https%3A%2F%2Fsb.freeskreen.com%2Fum%3Ftlr%3D%5Btvid%5D
  • https://scm.publishers.tremorhub.com/pubsync/verify?redir=https%3A%2F%2Fsb.freeskreen.com%2Fum%3Ftlr%3D%5Btvid%5D
43 B
182 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://scm.publishers.tremorhub.com/pubsync/verify?redir=https%3A%2F%2Fsb.freeskreen.com%2Fum%3Ftlr%3D%5Btvid%5D
Requested by
Host: www.sfweekly.com
URL: https://www.sfweekly.com/sponsored/black-friday-cbd-oil-sales/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.192.216.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-192-216-94.compute-1.amazonaws.com
Software
Apache-Coyote/1.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.sfweekly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 10:11:32 GMT
server
Apache-Coyote/1.1
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
content-type
image/gif

Redirect headers

location
pubsync/verify?redir=https%3A%2F%2Fsb.freeskreen.com%2Fum%3Ftlr%3D%5Btvid%5D
date
Fri, 01 Oct 2021 10:11:32 GMT
server
Apache-Coyote/1.1
content-length
0
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
um
sb.freeskreen.com/
Redirect Chain
  • https://cs.admanmedia.com/sync/smaato?redir=https%3A%2F%2Fsb.freeskreen.com%2Fum%3Fac%3D{$UID}
  • https://sb.freeskreen.com/um?ac={$UID}
43 B
622 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.freeskreen.com/um?ac={$UID}
Requested by
Host: www.sfweekly.com
URL: https://www.sfweekly.com/sponsored/black-friday-cbd-oil-sales/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.87.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-87-3.fra2.r.cloudfront.net
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.sfweekly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Oct 2021 10:11:32 GMT
via
1.1 96c1c36adc76f99239fd3220e5be7e6a.cloudfront.net (CloudFront)
server
Apache/2.4.29 (Ubuntu)
x-amz-cf-pop
FRA2-C2
x-cache
Miss from cloudfront
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI INT DEM STA PRE COM NAV NOI DSP COR"
cache-control
no-cache, no-store
content-type
image/gif
content-length
43
x-amz-cf-id
p5HoUeQho2VE_wN6lPOQPB3RPXe8tWXsHNnaUf4o-wwb_9l-9U8m2w==
expires
-1

Redirect headers

Location
https://sb.freeskreen.com/um?ac={$UID}
Date
Fri, 01 Oct 2021 10:11:32 GMT
Transfer-Encoding
chunked
Server
nginx
Connection
keep-alive
X-Frame-Options
DENY
Strict-Transport-Security
max-age=63072000; includeSubdomains; preload
/
loadeu.exelator.com/load/ 		0
324 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://loadeu.exelator.com/load/?p=204&g=1300&j=0
Requested by
Host: www.sfweekly.com
URL: https://www.sfweekly.com/sponsored/black-friday-cbd-oil-sales/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.198.69.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-198-69-109.eu-central-1.compute.amazonaws.com
Software
nginx / Undertow/1
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.sfweekly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 10:11:32 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
x-powered-by
Undertow/1
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.9.1/ Frame 4E1A 		90 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.9.1/jquery.min.js
Requested by
Host: www.sfweekly.com
URL: https://www.sfweekly.com/sponsored/black-friday-cbd-oil-sales/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f10.1e100.net
Software
sffe /
Resource Hash
c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.sfweekly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 10:05:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
385
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33018
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="hosted-libraries-pushers"
expires
Sat, 01 Oct 2022 10:05:07 GMT
fsk.css
static.freeskreen.com/css/20210107205009/default/ Frame 4E1A 		50 KB
29 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.freeskreen.com/css/20210107205009/default/fsk.css
Requested by
Host: www.sfweekly.com
URL: https://www.sfweekly.com/sponsored/black-friday-cbd-oil-sales/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.225.87.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-87-117.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
31ace63fa339896dc045f21da77b1ffdc57160e2db5690b132766b0086d6f58e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.sfweekly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
5DtU9pV9aPv90d5PMlXs6Og9O1cWT0Fu
Content-Encoding
gzip
ETag
"ba07184144408ada0c1691c69221a457"
Age
49387
X-Edge-Origin-Shield-Skipped
0
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
28958
Last-Modified
Thu, 07 Jan 2021 20:54:53 GMT
Server
AmazonS3
x-amz-meta-s3cmd-attrs
atime:1610052891/ctime:1610052892/gid:497/gname:jenkins/md5:ba07184144408ada0c1691c69221a457/mode:33188/mtime:1610052892/uid:498/uname:jenkins
Date
Thu, 30 Sep 2021 20:28:31 GMT
Content-Type
text/css
Via
1.1 e5b93012e2bfb81dc9846f43efd610a6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA2-C2
Accept-Ranges
bytes
X-Amz-Cf-Id
uHk7sRhF_BHDMPhM4_vhh00OM9XYTbAqt1DZxXbnGzw6upKwShDSeg==
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.9.1/ Frame B870 		90 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.9.1/jquery.min.js
Requested by
Host: www.sfweekly.com
URL: https://www.sfweekly.com/sponsored/black-friday-cbd-oil-sales/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f10.1e100.net
Software
sffe /
Resource Hash
c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.sfweekly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 10:05:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
385
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33018
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="hosted-libraries-pushers"
expires
Sat, 01 Oct 2022 10:05:07 GMT
fsk.css
static.freeskreen.com/css/20210107205009/default/ Frame B870 		50 KB
29 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.freeskreen.com/css/20210107205009/default/fsk.css
Requested by
Host: www.sfweekly.com
URL: https://www.sfweekly.com/sponsored/black-friday-cbd-oil-sales/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.225.87.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-87-117.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
31ace63fa339896dc045f21da77b1ffdc57160e2db5690b132766b0086d6f58e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.sfweekly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
5DtU9pV9aPv90d5PMlXs6Og9O1cWT0Fu
Content-Encoding
gzip
ETag
"ba07184144408ada0c1691c69221a457"
Age
49387
X-Edge-Origin-Shield-Skipped
0
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
28958
Last-Modified
Thu, 07 Jan 2021 20:54:53 GMT
Server
AmazonS3
x-amz-meta-s3cmd-attrs
atime:1610052891/ctime:1610052892/gid:497/gname:jenkins/md5:ba07184144408ada0c1691c69221a457/mode:33188/mtime:1610052892/uid:498/uname:jenkins
Date
Thu, 30 Sep 2021 20:28:31 GMT
Content-Type
text/css
Via
1.1 e5b93012e2bfb81dc9846f43efd610a6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA2-C2
Accept-Ranges
bytes
X-Amz-Cf-Id
BgJEsT5NvXMYqwH30B1PqPkB2KAoyJZt1SKtAyF_s0nFm3a3L6P8aw==
visit-data
in.hotjar.com/api/v2/client/sites/1671606/ 		146 B
323 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://in.hotjar.com/api/v2/client/sites/1671606/visit-data?sv=6
Requested by
Host: script.hotjar.com
URL: https://script.hotjar.com/modules.e95f6e2deb67f1b24d8e.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.75.159.38 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-75-159-38.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
1f89364a8b7cb1d0faba155a385638c1c6b3a196488f251012f635fb3c47abd7

Request headers

Referer
https://www.sfweekly.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain; charset=UTF-8

Response headers

date
Fri, 01 Oct 2021 10:11:32 GMT
content-encoding
br
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store
access-control-allow-credentials
true
player-hb.js
static.freeskreen.com/scm/player/20210119a/ Frame 4E1A 		265 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.freeskreen.com/scm/player/20210119a/player-hb.js
Requested by
Host: www.sfweekly.com
URL: https://www.sfweekly.com/sponsored/black-friday-cbd-oil-sales/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.225.87.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-87-117.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
eb8b1b4a5fe4e1a1e7ee49bcd6cb07b6e56241a8d2718c1dc9928b3e5b727359

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.sfweekly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
YDT3w.3tTghYPiJN2Xp7Eh4mZtOYFe5I
Content-Encoding
gzip
ETag
"c60d74c8a8cea6a2ea292e3e380da599"
Age
12925
X-Edge-Origin-Shield-Skipped
0
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
69007
Last-Modified
Tue, 19 Jan 2021 09:08:10 GMT
Server
AmazonS3
x-amz-meta-s3cmd-attrs
atime:1611047278/ctime:1611047286/gid:20/gname:staff/md5:c60d74c8a8cea6a2ea292e3e380da599/mode:33188/mtime:1611047278/uid:501/uname:mickael
Date
Fri, 01 Oct 2021 06:36:42 GMT
Content-Type
text/javascript
Via
1.1 e5b93012e2bfb81dc9846f43efd610a6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA2-C2
Accept-Ranges
bytes
X-Amz-Cf-Id
NQY3F6G-kaS92IGGensq4HB5XqkVK_baNVy7tP1v9HU55hXxxAL4KA==
F44630BFF8F3C6CE4CE115B339AF014D.cache.js
static.freeskreen.com/gwt/20210107205009/advertisement/freeskreen_splitbox_client/ Frame 4E1A 		98 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.freeskreen.com/gwt/20210107205009/advertisement/freeskreen_splitbox_client/F44630BFF8F3C6CE4CE115B339AF014D.cache.js
Requested by
Host: www.sfweekly.com
URL: https://www.sfweekly.com/sponsored/black-friday-cbd-oil-sales/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.225.87.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-87-117.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
19ac7f7f03270e923c602d544845da674a088cbb610a4c76a6445f0d075b7d0f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.sfweekly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 30 Sep 2021 15:42:25 GMT
Content-Encoding
gzip
Age
66548
X-Edge-Origin-Shield-Skipped
0
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
34110
Last-Modified
Thu, 07 Jan 2021 20:54:06 GMT
Server
AmazonS3
x-amz-meta-s3cmd-attrs
atime:1610052721/ctime:1610052845/gid:497/gname:jenkins/md5:ffc2c23e98e50d5acfafe8ccfc4dc585/mode:33188/mtime:1610052721/uid:498/uname:jenkins
ETag
"ffc2c23e98e50d5acfafe8ccfc4dc585"
x-amz-version-id
jP3BhKySKcISIxarwq4cPXWHxkq.8vAk
Via
1.1 e5b93012e2bfb81dc9846f43efd610a6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA2-C2
Accept-Ranges
bytes
Content-Type
application/javascript
X-Amz-Cf-Id
MoTNS_YemmR7BoQBhx7hjBtRoguK4Gn5Rst-AQHhy3ElRkbvRPTVnA==
t.gif
sb.freeskreen.com/ Frame 4E1A 		43 B
411 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.freeskreen.com/t.gif?tm=1633083092&p=4329&c=5635&s=undefined&d=&v=&t=ce9c0a0a-bc59-4de3-862b-703d460dee99&co=US&pr=TX&ci=Dallas&dm=623&flc=sponsored&slc=&ttm=1633083092237&gdpr=0&gdpr_consent=&e=AdOpened&m=2&x=null
Requested by
Host: www.sfweekly.com
URL: https://www.sfweekly.com/sponsored/black-friday-cbd-oil-sales/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.87.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-87-3.fra2.r.cloudfront.net
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.sfweekly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Oct 2021 10:11:32 GMT
via
1.1 96c1c36adc76f99239fd3220e5be7e6a.cloudfront.net (CloudFront)
server
Apache/2.4.29 (Ubuntu)
x-amz-cf-pop
FRA2-C2
x-cache
Miss from cloudfront
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI INT DEM STA PRE COM NAV NOI DSP COR"
cache-control
no-cache, no-store
content-type
image/gif
content-length
43
x-amz-cf-id
uOCs0xxH8VNur28cVAN1rlyk3wGNcardkogFQTlzbcs9Hj1Q60SdCA==
expires
-1
player-hb.js
static.freeskreen.com/scm/player/20210119a/ Frame B870 		265 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.freeskreen.com/scm/player/20210119a/player-hb.js
Requested by
Host: www.sfweekly.com
URL: https://www.sfweekly.com/sponsored/black-friday-cbd-oil-sales/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.225.87.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-87-117.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
eb8b1b4a5fe4e1a1e7ee49bcd6cb07b6e56241a8d2718c1dc9928b3e5b727359

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.sfweekly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
YDT3w.3tTghYPiJN2Xp7Eh4mZtOYFe5I
Content-Encoding
gzip
ETag
"c60d74c8a8cea6a2ea292e3e380da599"
Age
12925
X-Edge-Origin-Shield-Skipped
0
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
69007
Last-Modified
Tue, 19 Jan 2021 09:08:10 GMT
Server
AmazonS3
x-amz-meta-s3cmd-attrs
atime:1611047278/ctime:1611047286/gid:20/gname:staff/md5:c60d74c8a8cea6a2ea292e3e380da599/mode:33188/mtime:1611047278/uid:501/uname:mickael
Date
Fri, 01 Oct 2021 06:36:42 GMT
Content-Type
text/javascript
Via
1.1 e5b93012e2bfb81dc9846f43efd610a6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA2-C2
Accept-Ranges
bytes
X-Amz-Cf-Id
zj3248pS0KCGgBdl10llkdNvzWDVfR96TJ50xJXbxOaTnSdH-2p49w==
Hc6PdfQeAi.js
pixel.zprk.io/v5/pixeljs/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.zprk.io/v5/pixeljs/Hc6PdfQeAi.js?dne=1
Requested by
Host: powerad.ai
URL: https://powerad.ai/script.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
3.1.182.12 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-1-182-12.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
8e521ebeb6ce59914c54f532b1577efd671f4b02bb3c331e01b4a7e79a02cfea

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.sfweekly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 01 Oct 2021 10:11:32 GMT
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Origin, Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers
Content-Length
2753
Access-Control-Max-Age
3600
Access-Control-Allow-Methods
POST, GET, DELETE, PUT
Content-Type
text/plain;charset=UTF-8
js
www.googletagmanager.com/gtag/ 		96 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-137034616-164
Requested by
Host: powerad.ai
URL: https://powerad.ai/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.168 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
2ada6bc846dc7f21dc5603c3b497fde0ed8c3de96bc5bb71a83e48e9212b0341
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.sfweekly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 10:11:32 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38937
x-xss-protection
0
last-modified
Fri, 01 Oct 2021 09:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 01 Oct 2021 10:11:32 GMT
251
a.ad.gt/api/v1/u/matches/ 		3 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.ad.gt/api/v1/u/matches/251?url=https%3A%2F%2Fwww.sfweekly.com%2Fsponsored%2Fblack-friday-cbd-oil-sales%2F&ref=
Requested by
Host: www.sfweekly.com
URL: https://www.sfweekly.com/sponsored/black-friday-cbd-oil-sales/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.40.160.59 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-40-160-59.us-west-2.compute.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
553c4f8ca4eaefa6599dd02b8089263fde1055a0e68ee3793a1971495a323dba

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.sfweekly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 10:11:33 GMT
server
nginx/1.18.0
content-length
3341
content-type
application/javascript
/
reporting.powerad.ai/ 		2 B
412 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://reporting.powerad.ai/
Requested by
Host: powerad.ai
URL: https://powerad.ai/script.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
54.234.151.247 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-234-151-247.compute-1.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) / Express
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer
https://www.sfweekly.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Fri, 01 Oct 2021 10:11:32 GMT
Server
nginx/1.14.0 (Ubuntu)
X-Powered-By
Express
ETag
W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
Access-Control-Allow-Methods
GET, POST, PATCH, PUT, DELETE, OPTIONS
Content-Type
text/plain; charset=utf-8
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
*
Content-Length
2
container.html
8f4b3a34c719de7bcf70047dfa1b93cb.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame C698 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://8f4b3a34c719de7bcf70047dfa1b93cb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021092001.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f1.1e100.net
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
8f4b3a34c719de7bcf70047dfa1b93cb.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.sfweekly.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.sfweekly.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Fri, 01 Oct 2021 10:11:32 GMT
expires
Sat, 01 Oct 2022 10:11:32 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
osd.js
www.googletagservices.com/activeview/js/current/ 		72 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021092001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
sffe /
Resource Hash
c72976d3b4c427a85952b5cea1ad2efafcc4b2dc6fdd9ef5a505e5e582e62928
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.sfweekly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 10:11:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27601
x-xss-protection
0
server
sffe
etag
"1632957222552500"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="active-view-scs-read-write-acl"
expires
Fri, 01 Oct 2021 10:11:32 GMT
container.html
8f4b3a34c719de7bcf70047dfa1b93cb.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 9A84 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://8f4b3a34c719de7bcf70047dfa1b93cb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021092001.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f1.1e100.net
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
8f4b3a34c719de7bcf70047dfa1b93cb.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.sfweekly.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.sfweekly.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Fri, 01 Oct 2021 10:11:32 GMT
expires
Sat, 01 Oct 2022 10:11:32 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
usync.js
eus.rubiconproject.com/ Frame D599 		31 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=123456&endpoint=us-west
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-78-125.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
6eac4f1bf5bf8976cc74f9d784adc40029ac907cf2ba54cc3c5a50c8e38cd122

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=123456&endpoint=us-west
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 01 Oct 2021 10:11:32 GMT
Content-Encoding
gzip
Last-Modified
Thu, 30 Sep 2021 18:24:26 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=46351
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9275
Expires
Fri, 01 Oct 2021 23:04:03 GMT
F44630BFF8F3C6CE4CE115B339AF014D.cache.js
static.freeskreen.com/gwt/20210107205009/advertisement/freeskreen_splitbox_client/ Frame B870 		98 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.freeskreen.com/gwt/20210107205009/advertisement/freeskreen_splitbox_client/F44630BFF8F3C6CE4CE115B339AF014D.cache.js
Requested by
Host: www.sfweekly.com
URL: https://www.sfweekly.com/sponsored/black-friday-cbd-oil-sales/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.225.87.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-87-117.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
19ac7f7f03270e923c602d544845da674a088cbb610a4c76a6445f0d075b7d0f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.sfweekly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 30 Sep 2021 15:42:25 GMT
Content-Encoding
gzip
Age
66548
X-Edge-Origin-Shield-Skipped
0
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
34110
Last-Modified
Thu, 07 Jan 2021 20:54:06 GMT
Server
AmazonS3
x-amz-meta-s3cmd-attrs
atime:1610052721/ctime:1610052845/gid:497/gname:jenkins/md5:ffc2c23e98e50d5acfafe8ccfc4dc585/mode:33188/mtime:1610052721/uid:498/uname:jenkins
ETag
"ffc2c23e98e50d5acfafe8ccfc4dc585"
x-amz-version-id
jP3BhKySKcISIxarwq4cPXWHxkq.8vAk
Via
1.1 e5b93012e2bfb81dc9846f43efd610a6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA2-C2
Accept-Ranges
bytes
Content-Type
application/javascript
X-Amz-Cf-Id
KPT_nNimUL87JngyqMfiofM2EeHP5omTDm17J2F5RzdADc1RxrlBbQ==
t.gif
sb.freeskreen.com/ Frame B870 		43 B
411 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.freeskreen.com/t.gif?tm=1633083092&p=4329&c=5636&s=undefined&d=&v=&t=90189ecf-4be2-4249-9505-681b89843bc0&co=US&pr=TX&ci=Dallas&dm=623&flc=sponsored&slc=&ttm=1633083092311&gdpr=0&gdpr_consent=&e=AdOpened&m=2&x=null
Requested by
Host: www.sfweekly.com
URL: https://www.sfweekly.com/sponsored/black-friday-cbd-oil-sales/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.87.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-87-3.fra2.r.cloudfront.net
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.sfweekly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Oct 2021 10:11:32 GMT
via
1.1 96c1c36adc76f99239fd3220e5be7e6a.cloudfront.net (CloudFront)
server
Apache/2.4.29 (Ubuntu)
x-amz-cf-pop
FRA2-C2
x-cache
Miss from cloudfront
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI INT DEM STA PRE COM NAV NOI DSP COR"
cache-control
no-cache, no-store
content-type
image/gif
content-length
43
x-amz-cf-id
jwQjgl7mRHtb9ii3PrwCzxvsl0wza49BcOuiaiHOOiVk7FH1JSGX2g==
expires
-1
pwt.js
ads.pubmatic.com/AdServer/js/pwt/157577/2378// Frame 8C9D 		175 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/pwt/157577/2378//pwt.js
Requested by
Host: www.sfweekly.com
URL: https://www.sfweekly.com/sponsored/black-friday-cbd-oil-sales/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
4f755dc598f2431fd9096811c85fa8483838e86824d658199ce03a13de765cd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.sfweekly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 10:11:32 GMT
content-encoding
gzip
last-modified
Tue, 17 Aug 2021 18:51:36 GMT
server
Apache/2.2.15 (CentOS)
etag
"10a1110-2bd37-5c9c5cea2ce36"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
public, max-age=50073
accept-ranges
bytes
content-type
text/javascript
content-length
57427
expires
Sat, 02 Oct 2021 00:06:05 GMT
container.html
8f4b3a34c719de7bcf70047dfa1b93cb.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 1104 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://8f4b3a34c719de7bcf70047dfa1b93cb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021092001.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f1.1e100.net
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
8f4b3a34c719de7bcf70047dfa1b93cb.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.sfweekly.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.sfweekly.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Fri, 01 Oct 2021 10:11:32 GMT
expires
Sat, 01 Oct 2022 10:11:32 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
container.html
8f4b3a34c719de7bcf70047dfa1b93cb.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame C63D 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://8f4b3a34c719de7bcf70047dfa1b93cb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021092001.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f1.1e100.net
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
8f4b3a34c719de7bcf70047dfa1b93cb.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.sfweekly.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.sfweekly.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Fri, 01 Oct 2021 10:11:32 GMT
expires
Sat, 01 Oct 2022 10:11:32 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
/
hb.brainlyads.com/json-parts/2260/ Frame A3C6 		5 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.brainlyads.com/json-parts/2260/?ver=1.0&pageId=1522836807&sizes=[[728,90],[970,90]]&winbidder=&keyValues=[[%22refresh%22,0],[%22url%22,%22https://www.sfweekly.com/sponsored/black-friday-cbd-oil-sales/%22],[%22referrer%22,%22%22],[%22referrerCategory%22,%22Direct%22]]
Requested by
Host: www.sfweekly.com
URL: https://www.sfweekly.com/sponsored/black-friday-cbd-oil-sales/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.20.158.212 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-23-20-158-212.compute-1.amazonaws.com
Software
nginx/1.10.3 (Ubuntu) / Express
Resource Hash
cd388d087fc4852787f6ace807ed5083e0d569a6858191ad73078f8e5bf56135
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.sfweekly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 10:11:33 GMT
content-encoding
gzip
etag
W/"13d2-hA7RYDXy0opJTZXiALGQa2H1lIM"
server
nginx/1.10.3 (Ubuntu)
x-powered-by
Express
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
strict-transport-security
max-age=31536000; includeSubDomains; preload
access-control-allow-headers
*
tag
51uav-eqocf.ads.tremorhub.com/ad/ Frame 4E1A 		55 B
502 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://51uav-eqocf.ads.tremorhub.com/ad/tag?adCode=51uav-p4tyo&playerWidth=603&playerHeight=338&playerPosition=3&srcPageUrl=https%3A%2F%2Fwww.sfweekly.com%2Fsponsored%2Fblack-friday-cbd-oil-sales%2F&gdpr=0&gdpr_consent=&custom=5635&c2=en-us&floor=USD:5&us_privacy=&fmt=json
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.9.1/jquery.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.197.107.87 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-197-107-87.compute-1.amazonaws.com
Software
Apache-Coyote/1.1 /
Resource Hash
ac20ecc8bbe678d11bfb1446f17854ebf37c7ee67ba1fe9a0657c647a932f698

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://www.sfweekly.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Oct 2021 10:11:33 GMT
content-encoding
gzip
server
Apache-Coyote/1.1
vary
accept-encoding
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
access-control-allow-origin
https://www.sfweekly.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-tremorvideo-status
NO_AD
content-type
application/json;charset=UTF-8
bid
ads.freeskreen.com/ Frame 4E1A 		0
198 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.freeskreen.com/bid?pid=4329&tid=ce9c0a0a-bc59-4de3-862b-703d460dee99&w=603&h=338&u=https%3A%2F%2Fwww.sfweekly.com%2Fsponsored%2Fblack-friday-cbd-oil-sales%2F&ip=216.131.111.45&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F89.0.4389.72%20Safari%2F537.36&g_co=US&g_p=TX&g_ci=Dallas&g_d=623&s_1=sponsored&s_2=&cid=5635&sid=undefined&vid=298&did=893310&pf=500&ttm=1633083092237&eu_c=&eu_g=0&eu_ggl=0
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.9.1/jquery.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.173.5.42 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-173-5-42.compute-1.amazonaws.com
Software
Apache-Coyote/1.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/xml, text/xml, */*; q=0.01
Referer
https://www.sfweekly.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Oct 2021 10:11:33 GMT
server
Apache-Coyote/1.1
access-control-allow-methods
GET
access-control-allow-origin
https://www.sfweekly.com
cache-control
no-cache, no-store
access-control-allow-credentials
true
expires
-1
pwt.js
ads.pubmatic.com/AdServer/js/pwt/157577/2378// Frame 31FD 		175 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/pwt/157577/2378//pwt.js
Requested by
Host: www.sfweekly.com
URL: https://www.sfweekly.com/sponsored/black-friday-cbd-oil-sales/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
4f755dc598f2431fd9096811c85fa8483838e86824d658199ce03a13de765cd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.sfweekly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 10:11:32 GMT
content-encoding
gzip
last-modified
Tue, 17 Aug 2021 18:51:36 GMT
server
Apache/2.2.15 (CentOS)
etag
"10a1110-2bd37-5c9c5cea2ce36"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
public, max-age=50073
accept-ranges
bytes
content-type
text/javascript
content-length
57427
expires
Sat, 02 Oct 2021 00:06:05 GMT
container.html
8f4b3a34c719de7bcf70047dfa1b93cb.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 975E 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://8f4b3a34c719de7bcf70047dfa1b93cb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021092001.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f1.1e100.net
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
8f4b3a34c719de7bcf70047dfa1b93cb.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.sfweekly.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.sfweekly.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Fri, 01 Oct 2021 10:11:32 GMT
expires
Sat, 01 Oct 2022 10:11:32 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
khaos.jpg
token.rubiconproject.com/ Frame D599 		284 B
536 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/khaos.jpg?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=123456&endpoint=us-west
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
284
X-RPHost
66ef90d06496cfd000aab8206f2b6221
Content-Type
image/jpg
/
hb.brainlyads.com/json-parts/2262/ Frame A109 		4 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.brainlyads.com/json-parts/2262/?ver=1.0&pageId=1522836807&sizes=[[300,250]]&winbidder=&keyValues=[[%22refresh%22,0],[%22url%22,%22https://www.sfweekly.com/sponsored/black-friday-cbd-oil-sales/%22],[%22referrerCategory%22,%22Direct%22]]
Requested by
Host: www.sfweekly.com
URL: https://www.sfweekly.com/sponsored/black-friday-cbd-oil-sales/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.20.158.212 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-23-20-158-212.compute-1.amazonaws.com
Software
nginx/1.10.3 (Ubuntu) / Express
Resource Hash
fc254f169f36a85568389494b77ab522ec1f39d44d751928f7dd7f452fa53bb3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.sfweekly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 10:11:33 GMT
content-encoding
gzip
etag
W/"1121-BWEPvJ6USuVPZ4YKGYOLCFLv7KE"
server
nginx/1.10.3 (Ubuntu)
x-powered-by
Express
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
strict-transport-security
max-age=31536000; includeSubDomains; preload
access-control-allow-headers
*
/
hb.brainlyads.com/json-parts/2262/ Frame 5C6F 		4 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.brainlyads.com/json-parts/2262/?ver=1.0&pageId=1522836807&sizes=[[300,250]]&winbidder=&keyValues=[[%22refresh%22,0],[%22url%22,%22https://www.sfweekly.com/sponsored/black-friday-cbd-oil-sales/%22],[%22referrerCategory%22,%22Direct%22]]
Requested by
Host: www.sfweekly.com
URL: https://www.sfweekly.com/sponsored/black-friday-cbd-oil-sales/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.20.158.212 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-23-20-158-212.compute-1.amazonaws.com
Software
nginx/1.10.3 (Ubuntu) / Express
Resource Hash
795c87c932ca572e0fe91de71a61cbc6e5156b337a209c6f8ba328a2cdcabca8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.sfweekly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 10:11:33 GMT
content-encoding
gzip
etag
W/"1121-/c/JYTkyRyRmuXoeSc5TMfIT1hk"
server
nginx/1.10.3 (Ubuntu)
x-powered-by
Express
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
strict-transport-security
max-age=31536000; includeSubDomains; preload
access-control-allow-headers
*
prebid.js
hb.brainlyads.com/ Frame 8C9D 		462 KB
142 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.brainlyads.com/prebid.js
Requested by
Host: www.sfweekly.com
URL: https://www.sfweekly.com/sponsored/black-friday-cbd-oil-sales/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.20.158.212 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-23-20-158-212.compute-1.amazonaws.com
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
c9057126ea1f0a44bc850d540403adfad8b718b55ff27b768087585c32a7c4fd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.sfweekly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 10:11:33 GMT
content-encoding
gzip
last-modified
Wed, 22 Sep 2021 18:32:40 GMT
server
nginx/1.10.3 (Ubuntu)
etag
W/"614b76c8-736dd"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=86400
strict-transport-security
max-age=31536000; includeSubDomains; preload
expires
Sat, 02 Oct 2021 10:11:33 GMT
/
hb.brainlyads.com/json-parts/2262/ Frame 27B8 		4 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.brainlyads.com/json-parts/2262/?ver=1.0&pageId=1522836807&sizes=[[300,250]]&winbidder=&keyValues=[[%22refresh%22,0],[%22url%22,%22https://www.sfweekly.com/sponsored/black-friday-cbd-oil-sales/%22],[%22referrerCategory%22,%22Direct%22]]
Requested by
Host: www.sfweekly.com
URL: https://www.sfweekly.com/sponsored/black-friday-cbd-oil-sales/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.20.158.212 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-23-20-158-212.compute-1.amazonaws.com
Software
nginx/1.10.3 (Ubuntu) / Express
Resource Hash
bacf44fcf0df1337a4ac8e8e9277a20ae2f0c3faaa5454235674a0143fcda762
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.sfweekly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 10:11:33 GMT
content-encoding
gzip
etag
W/"1121-XRbRdcXClZyWaBzkF1ZNo7y1ATI"
server
nginx/1.10.3 (Ubuntu)
x-powered-by
Express
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
strict-transport-security
max-age=31536000; includeSubDomains; preload
access-control-allow-headers
*
prebid.js
hb.brainlyads.com/ Frame 31FD 		462 KB
142 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.brainlyads.com/prebid.js
Requested by
Host: www.sfweekly.com
URL: https://www.sfweekly.com/sponsored/black-friday-cbd-oil-sales/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.20.158.212 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-23-20-158-212.compute-1.amazonaws.com
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
c9057126ea1f0a44bc850d540403adfad8b718b55ff27b768087585c32a7c4fd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.sfweekly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 10:11:33 GMT
content-encoding
gzip
last-modified
Wed, 22 Sep 2021 18:32:40 GMT
server
nginx/1.10.3 (Ubuntu)
etag
W/"614b76c8-736dd"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=86400
strict-transport-security
max-age=31536000; includeSubDomains; preload
expires
Sat, 02 Oct 2021 10:11:33 GMT
pw.js
includemodal.global.ssl.fastly.net/ Frame 9A84 		42 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://includemodal.global.ssl.fastly.net/pw.js
Requested by
Host: 8f4b3a34c719de7bcf70047dfa1b93cb.safeframe.googlesyndication.com
URL: https://8f4b3a34c719de7bcf70047dfa1b93cb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.194 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bf5ce06047e22884c9e26601c0cafd3f5719583a61b9cf151a4adda5bc633e4e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://8f4b3a34c719de7bcf70047dfa1b93cb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
68vsyWlzLUYIQAa74JXuIH_TfJ_DACgZ
Content-Encoding
gzip
ETag
"6d14a3450392fd1ef383f69d3a23fa8a"
Age
3283
X-Cache
HIT
Connection
keep-alive
Content-Length
12267
x-amz-id-2
4Cj4WC+VUtPuJDbRInatHVQbmiZq+rmRrgdDuHx4+glhpBhHOwXSkKdxS/y+yd2dy9wmSlpI2e4=
X-Served-By
cache-hhn4079-HHN
Last-Modified
Thu, 23 Sep 2021 21:12:03 GMT
Server
AmazonS3
X-Timer
S1633083093.074727,VS0,VE0
Date
Fri, 01 Oct 2021 10:11:33 GMT
Vary
Accept-Encoding
x-amz-request-id
9TWQFBG6EV13KR49
Via
1.1 varnish
Accept-Ranges
bytes
Content-Type
application/javascript
X-Cache-Hits
77
ext.js
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 9A84 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js
Requested by
Host: 8f4b3a34c719de7bcf70047dfa1b93cb.safeframe.googlesyndication.com
URL: https://8f4b3a34c719de7bcf70047dfa1b93cb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f1.1e100.net
Software
sffe /
Resource Hash
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://8f4b3a34c719de7bcf70047dfa1b93cb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 30 Sep 2021 10:02:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
86930
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7022
x-xss-protection
0
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 30 Sep 2022 10:02:43 GMT
fpi.js
ap.lijit.com/www/delivery/ Frame 9A84 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/www/delivery/fpi.js?z=435515&width=728&height=90
Requested by
Host: 8f4b3a34c719de7bcf70047dfa1b93cb.safeframe.googlesyndication.com
URL: https://8f4b3a34c719de7bcf70047dfa1b93cb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.14 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx /
Resource Hash
53d3b513684b230591b0203df937048eb52f4e03e470ecf1ac2bf2477476da70

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://8f4b3a34c719de7bcf70047dfa1b93cb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 01 Oct 2021 10:11:33 GMT
Content-Encoding
gzip
Server
nginx
ETag
W/"61542a57-1540"
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
private, no-cache, no-store, must-revalidate, max-age=0
Transfer-Encoding
chunked
X-Sovrn-Pod
ad_ap1ams1
Expires
Thu, 01 Jan 1970 00:00:01 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 9A84 		122 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 8f4b3a34c719de7bcf70047dfa1b93cb.safeframe.googlesyndication.com
URL: https://8f4b3a34c719de7bcf70047dfa1b93cb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
sffe /
Resource Hash
eb35e2fc6b44a1ba314358847a3ecffb044ac056ff0b374ec17856062cc75ee3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://8f4b3a34c719de7bcf70047dfa1b93cb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 10:11:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37846
x-xss-protection
0
server
sffe
etag
"1632957210746890"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="active-view-scs-read-write-acl"
expires
Fri, 01 Oct 2021 10:11:33 GMT
pw.js
includemodal.global.ssl.fastly.net/ Frame C698 		42 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://includemodal.global.ssl.fastly.net/pw.js
Requested by
Host: 8f4b3a34c719de7bcf70047dfa1b93cb.safeframe.googlesyndication.com
URL: https://8f4b3a34c719de7bcf70047dfa1b93cb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.194 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bf5ce06047e22884c9e26601c0cafd3f5719583a61b9cf151a4adda5bc633e4e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://8f4b3a34c719de7bcf70047dfa1b93cb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
68vsyWlzLUYIQAa74JXuIH_TfJ_DACgZ
Content-Encoding
gzip
ETag
"6d14a3450392fd1ef383f69d3a23fa8a"
Age
3283
X-Cache
HIT
Connection
keep-alive
Content-Length
12267
x-amz-id-2
4Cj4WC+VUtPuJDbRInatHVQbmiZq+rmRrgdDuHx4+glhpBhHOwXSkKdxS/y+yd2dy9wmSlpI2e4=
X-Served-By
cache-hhn4079-HHN
Last-Modified
Thu, 23 Sep 2021 21:12:03 GMT
Server
AmazonS3
X-Timer
S1633083093.082452,VS0,VE0
Date
Fri, 01 Oct 2021 10:11:33 GMT
Vary
Accept-Encoding
x-amz-request-id
9TWQFBG6EV13KR49
Via
1.1 varnish
Accept-Ranges
bytes
Content-Type
application/javascript
X-Cache-Hits
78
ext.js
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame C698 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js
Requested by
Host: 8f4b3a34c719de7bcf70047dfa1b93cb.safeframe.googlesyndication.com
URL: https://8f4b3a34c719de7bcf70047dfa1b93cb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f1.1e100.net
Software
sffe /
Resource Hash
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://8f4b3a34c719de7bcf70047dfa1b93cb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 30 Sep 2021 10:02:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
86930
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7022
x-xss-protection
0
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 30 Sep 2022 10:02:43 GMT
fpi.js
ap.lijit.com/www/delivery/ Frame C698 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/www/delivery/fpi.js?z=435514&width=300&height=250
Requested by
Host: 8f4b3a34c719de7bcf70047dfa1b93cb.safeframe.googlesyndication.com
URL: https://8f4b3a34c719de7bcf70047dfa1b93cb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.14 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx /
Resource Hash
53d3b513684b230591b0203df937048eb52f4e03e470ecf1ac2bf2477476da70

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://8f4b3a34c719de7bcf70047dfa1b93cb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 01 Oct 2021 10:11:33 GMT
Content-Encoding
gzip
Server
nginx
ETag
W/"61542a57-1540"
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
private, no-cache, no-store, must-revalidate, max-age=0
Transfer-Encoding
chunked
X-Sovrn-Pod
ad_ap1ams1
Expires
Thu, 01 Jan 1970 00:00:01 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame C698 		122 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 8f4b3a34c719de7bcf70047dfa1b93cb.safeframe.googlesyndication.com
URL: https://8f4b3a34c719de7bcf70047dfa1b93cb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
sffe /
Resource Hash
eb35e2fc6b44a1ba314358847a3ecffb044ac056ff0b374ec17856062cc75ee3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://8f4b3a34c719de7bcf70047dfa1b93cb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 10:11:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37846
x-xss-protection
0
server
sffe
etag
"1632957210746890"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="active-view-scs-read-write-acl"
expires
Fri, 01 Oct 2021 10:11:33 GMT
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j93&a=2093099692&t=pageview&_s=1&dl=https%3A%2F%2Fwww.sfweekly.com%2Fsponsored%2Fblack-friday-cbd-oil-sales%2F&ul=en-us&de=UTF-8&dt=Black%20Friday%20CBD%20Oil%20Sales%3A%20The%20Best%20CBD%20Oil%20Deals%20for%20Black%20Friday%20and%20Cyber%20Monday%20-%20SF%20Weekly&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDAAUAjAAAAAG~&jid=327575845&gjid=1856362164&cid=1144439161.1633083092&tid=UA-137034616-164&_gid=1855232428.1633083092&_r=1&gtm=2ou9r0&z=2128097793
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.46 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.sfweekly.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 01 Oct 2021 10:11:33 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.sfweekly.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
analytics.js
www.google-analytics.com/ 		48 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-137034616-164
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.46 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.sfweekly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 11 Aug 2021 00:32:57 GMT
server
Golfe2
age
4773
date
Fri, 01 Oct 2021 08:52:00 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19747
expires
Fri, 01 Oct 2021 10:52:00 GMT
pw.js
includemodal.global.ssl.fastly.net/ Frame 1104 		42 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://includemodal.global.ssl.fastly.net/pw.js
Requested by
Host: 8f4b3a34c719de7bcf70047dfa1b93cb.safeframe.googlesyndication.com
URL: https://8f4b3a34c719de7bcf70047dfa1b93cb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.194 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bf5ce06047e22884c9e26601c0cafd3f5719583a61b9cf151a4adda5bc633e4e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://8f4b3a34c719de7bcf70047dfa1b93cb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
68vsyWlzLUYIQAa74JXuIH_TfJ_DACgZ
Content-Encoding
gzip
ETag
"6d14a3450392fd1ef383f69d3a23fa8a"
Age
3283
X-Cache
HIT
Connection
keep-alive
Content-Length
12267
x-amz-id-2
4Cj4WC+VUtPuJDbRInatHVQbmiZq+rmRrgdDuHx4+glhpBhHOwXSkKdxS/y+yd2dy9wmSlpI2e4=
X-Served-By
cache-hhn4079-HHN
Last-Modified
Thu, 23 Sep 2021 21:12:03 GMT
Server
AmazonS3
X-Timer
S1633083093.140462,VS0,VE0
Date
Fri, 01 Oct 2021 10:11:33 GMT
Vary
Accept-Encoding
x-amz-request-id
9TWQFBG6EV13KR49
Via
1.1 varnish
Accept-Ranges
bytes
Content-Type
application/javascript
X-Cache-Hits
79
ext.js
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 1104 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js
Requested by
Host: 8f4b3a34c719de7bcf70047dfa1b93cb.safeframe.googlesyndication.com
URL: https://8f4b3a34c719de7bcf70047dfa1b93cb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f1.1e100.net
Software
sffe /
Resource Hash
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://8f4b3a34c719de7bcf70047dfa1b93cb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 30 Sep 2021 10:02:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
86930
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7022
x-xss-protection
0
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 30 Sep 2022 10:02:43 GMT
fpi.js
ap.lijit.com/www/delivery/ Frame 1104 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/www/delivery/fpi.js?z=435515&width=728&height=90
Requested by
Host: 8f4b3a34c719de7bcf70047dfa1b93cb.safeframe.googlesyndication.com
URL: https://8f4b3a34c719de7bcf70047dfa1b93cb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.14 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx /
Resource Hash
53d3b513684b230591b0203df937048eb52f4e03e470ecf1ac2bf2477476da70

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://8f4b3a34c719de7bcf70047dfa1b93cb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 01 Oct 2021 10:11:33 GMT
Content-Encoding
gzip
Server
nginx
ETag
W/"61542a57-1540"
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
private, no-cache, no-store, must-revalidate, max-age=0
Transfer-Encoding
chunked
X-Sovrn-Pod
ad_ap1ams1
Expires
Thu, 01 Jan 1970 00:00:01 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 1104 		122 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 8f4b3a34c719de7bcf70047dfa1b93cb.safeframe.googlesyndication.com
URL: https://8f4b3a34c719de7bcf70047dfa1b93cb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
sffe /
Resource Hash
eb35e2fc6b44a1ba314358847a3ecffb044ac056ff0b374ec17856062cc75ee3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://8f4b3a34c719de7bcf70047dfa1b93cb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 10:11:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37846
x-xss-protection
0
server
sffe
etag
"1632957210746890"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="active-view-scs-read-write-acl"
expires
Fri, 01 Oct 2021 10:11:33 GMT
pw.js
includemodal.global.ssl.fastly.net/ Frame C63D 		42 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://includemodal.global.ssl.fastly.net/pw.js
Requested by
Host: 8f4b3a34c719de7bcf70047dfa1b93cb.safeframe.googlesyndication.com
URL: https://8f4b3a34c719de7bcf70047dfa1b93cb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.194 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bf5ce06047e22884c9e26601c0cafd3f5719583a61b9cf151a4adda5bc633e4e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://8f4b3a34c719de7bcf70047dfa1b93cb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
68vsyWlzLUYIQAa74JXuIH_TfJ_DACgZ
Content-Encoding
gzip
ETag
"6d14a3450392fd1ef383f69d3a23fa8a"
Age
3283
X-Cache
HIT
Connection
keep-alive
Content-Length
12267
x-amz-id-2
4Cj4WC+VUtPuJDbRInatHVQbmiZq+rmRrgdDuHx4+glhpBhHOwXSkKdxS/y+yd2dy9wmSlpI2e4=
X-Served-By
cache-hhn4032-HHN
Last-Modified
Thu, 23 Sep 2021 21:12:03 GMT
Server
AmazonS3
X-Timer
S1633083093.140642,VS0,VE0
Date
Fri, 01 Oct 2021 10:11:33 GMT
Vary
Accept-Encoding
x-amz-request-id
9TWQFBG6EV13KR49
Via
1.1 varnish
Accept-Ranges
bytes
Content-Type
application/javascript
X-Cache-Hits
70
ext.js
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame C63D 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js
Requested by
Host: 8f4b3a34c719de7bcf70047dfa1b93cb.safeframe.googlesyndication.com
URL: https://8f4b3a34c719de7bcf70047dfa1b93cb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f1.1e100.net
Software
sffe /
Resource Hash
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://8f4b3a34c719de7bcf70047dfa1b93cb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 30 Sep 2021 10:02:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
86930
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7022
x-xss-protection
0
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 30 Sep 2022 10:02:43 GMT
fpi.js
ap.lijit.com/www/delivery/ Frame C63D 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/www/delivery/fpi.js?z=435514&width=300&height=250
Requested by
Host: 8f4b3a34c719de7bcf70047dfa1b93cb.safeframe.googlesyndication.com
URL: https://8f4b3a34c719de7bcf70047dfa1b93cb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.14 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx /
Resource Hash
53d3b513684b230591b0203df937048eb52f4e03e470ecf1ac2bf2477476da70

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://8f4b3a34c719de7bcf70047dfa1b93cb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 01 Oct 2021 10:11:33 GMT
Content-Encoding
gzip
Server
nginx
ETag
W/"61542a57-1540"
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
private, no-cache, no-store, must-revalidate, max-age=0
Transfer-Encoding
chunked
X-Sovrn-Pod
ad_ap1ams1
Expires
Thu, 01 Jan 1970 00:00:01 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame C63D 		122 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 8f4b3a34c719de7bcf70047dfa1b93cb.safeframe.googlesyndication.com
URL: https://8f4b3a34c719de7bcf70047dfa1b93cb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
sffe /
Resource Hash
eb35e2fc6b44a1ba314358847a3ecffb044ac056ff0b374ec17856062cc75ee3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://8f4b3a34c719de7bcf70047dfa1b93cb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 10:11:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37846
x-xss-protection
0
server
sffe
etag
"1632957210746890"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="active-view-scs-read-write-acl"
expires
Fri, 01 Oct 2021 10:11:33 GMT
f14dc7a62bcf992c762f7db4d8023af3.js
www.gstatic.com/mysidia/ Frame 975E 		7 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/f14dc7a62bcf992c762f7db4d8023af3.js?tag=client_fast_engine_2019
Requested by
Host: 8f4b3a34c719de7bcf70047dfa1b93cb.safeframe.googlesyndication.com
URL: https://8f4b3a34c719de7bcf70047dfa1b93cb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f3.1e100.net
Software
sffe /
Resource Hash
becadbd507adae917ccd1498c88f26a85a348c349c45471af0cf23529b424c70
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://8f4b3a34c719de7bcf70047dfa1b93cb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 19:23:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
139700
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3144
x-xss-protection
0
last-modified
Wed, 29 Sep 2021 18:59:01 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="mysidia"
expires
Tue, 28 Dec 2021 19:23:13 GMT
1dddcf558b055f9fb2aa658608e709ba.js
www.gstatic.com/mysidia/ Frame 975E 		129 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/1dddcf558b055f9fb2aa658608e709ba.js?tag=video_mra/web_raspberry
Requested by
Host: 8f4b3a34c719de7bcf70047dfa1b93cb.safeframe.googlesyndication.com
URL: https://8f4b3a34c719de7bcf70047dfa1b93cb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f3.1e100.net
Software
sffe /
Resource Hash
ebd6869fd25c132d0aa40ba2d10559af61c49c2d55485dcfc119dcd6f155401d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://8f4b3a34c719de7bcf70047dfa1b93cb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 20:30:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
135638
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48671
x-xss-protection
0
last-modified
Wed, 29 Sep 2021 18:59:01 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="mysidia"
expires
Tue, 28 Dec 2021 20:30:55 GMT
css
fonts.googleapis.com/ Frame 975E 		7 KB
638 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Ubuntu%3A300%2C400%2C500%2C700
Requested by
Host: 8f4b3a34c719de7bcf70047dfa1b93cb.safeframe.googlesyndication.com
URL: https://8f4b3a34c719de7bcf70047dfa1b93cb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.202 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f10.1e100.net
Software
ESF /
Resource Hash
9769961274520466f30da2f63030d5adbaaabfcdfba561471df48ec282d30ef3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://8f4b3a34c719de7bcf70047dfa1b93cb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 01 Oct 2021 09:30:10 GMT
server
ESF
date
Fri, 01 Oct 2021 10:11:33 GMT
x-frame-options
SAMEORIGIN
report-to
{"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only
same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"
expires
Fri, 01 Oct 2021 10:11:33 GMT
load_preloaded_resource_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210928/r20110914/client/ Frame 975E 		1 KB
879 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210928/r20110914/client/load_preloaded_resource_fy2019.js
Requested by
Host: 8f4b3a34c719de7bcf70047dfa1b93cb.safeframe.googlesyndication.com
URL: https://8f4b3a34c719de7bcf70047dfa1b93cb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f1.1e100.net
Software
cafe /
Resource Hash
2911b334d84ae35bdef7cb396241b38425398b6ae5f91f13a72943e805309ab6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://8f4b3a34c719de7bcf70047dfa1b93cb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 10:11:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
26
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
852
x-xss-protection
0
server
cafe
etag
14170629819630813772
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 15 Oct 2021 10:11:07 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210928/r20110914/ Frame 975E 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210928/r20110914/abg_lite_fy2019.js
Requested by
Host: 8f4b3a34c719de7bcf70047dfa1b93cb.safeframe.googlesyndication.com
URL: https://8f4b3a34c719de7bcf70047dfa1b93cb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f1.1e100.net
Software
cafe /
Resource Hash
da48b97b44f32bd333c5ca822e07f0997269db7bbd7e85f514035e02a57624f7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://8f4b3a34c719de7bcf70047dfa1b93cb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 10:05:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
346
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7607
x-xss-protection
0
server
cafe
etag
5036643633216217121
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 15 Oct 2021 10:05:47 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210928/r20110914/client/ Frame 975E 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210928/r20110914/client/window_focus_fy2019.js
Requested by
Host: 8f4b3a34c719de7bcf70047dfa1b93cb.safeframe.googlesyndication.com
URL: https://8f4b3a34c719de7bcf70047dfa1b93cb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f1.1e100.net
Software
cafe /
Resource Hash
c178b294f465f8c802b3f20752a384d2304c8628f8908d30ff13d02e861c2442
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://8f4b3a34c719de7bcf70047dfa1b93cb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 10:03:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
479
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1358
x-xss-protection
0
server
cafe
etag
15351394696698642166
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 15 Oct 2021 10:03:34 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 975E 		122 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 8f4b3a34c719de7bcf70047dfa1b93cb.safeframe.googlesyndication.com
URL: https://8f4b3a34c719de7bcf70047dfa1b93cb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
sffe /
Resource Hash
eb35e2fc6b44a1ba314358847a3ecffb044ac056ff0b374ec17856062cc75ee3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://8f4b3a34c719de7bcf70047dfa1b93cb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 10:11:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37846
x-xss-protection
0
server
sffe
etag
"1632957210746890"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="active-view-scs-read-write-acl"
expires
Fri, 01 Oct 2021 10:11:33 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210928/r20110914/client/ Frame 975E 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210928/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 8f4b3a34c719de7bcf70047dfa1b93cb.safeframe.googlesyndication.com
URL: https://8f4b3a34c719de7bcf70047dfa1b93cb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f1.1e100.net
Software
cafe /
Resource Hash
4f430df1926f8f2c1211de662c1070de2b98259bfc9bbdd8cf70c7b53d6777cd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://8f4b3a34c719de7bcf70047dfa1b93cb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 09:58:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
806
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6194
x-xss-protection
0
server
cafe
etag
2541472377268313288
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 15 Oct 2021 09:58:07 GMT
8400539943eb1c96fa551c508d61e34e.js
www.gstatic.com/mysidia/ Frame 975E 		26 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/8400539943eb1c96fa551c508d61e34e.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: 8f4b3a34c719de7bcf70047dfa1b93cb.safeframe.googlesyndication.com
URL: https://8f4b3a34c719de7bcf70047dfa1b93cb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f3.1e100.net
Software
sffe /
Resource Hash
cd1aa1b17ad107887c38eedf2e24ab209a184dfd3abdae3484d36e10d74cbbb2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://8f4b3a34c719de7bcf70047dfa1b93cb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 19:09:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
140501
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11136
x-xss-protection
0
last-modified
Wed, 29 Sep 2021 18:59:01 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="mysidia"
expires
Tue, 28 Dec 2021 19:09:52 GMT
tag
51uav-sg2ba.ads.tremorhub.com/ad/ Frame B870 		55 B
492 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://51uav-sg2ba.ads.tremorhub.com/ad/tag?adCode=51uav-1mn6p&playerWidth=832&playerHeight=467&playerPosition=3&srcPageUrl=https%3A%2F%2Fwww.sfweekly.com%2Fsponsored%2Fblack-friday-cbd-oil-sales%2F&gdpr=0&gdpr_consent=&custom=5636&c2=en-us&floor=USD:5&us_privacy=&fmt=json
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.9.1/jquery.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.197.107.87 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-197-107-87.compute-1.amazonaws.com
Software
Apache-Coyote/1.1 /
Resource Hash
7dacf873a81080aed26d63310b29ea888a3131784dc10416093fb2c52189eeea

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://www.sfweekly.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Oct 2021 10:11:33 GMT
content-encoding
gzip
server
Apache-Coyote/1.1
vary
accept-encoding
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
access-control-allow-origin
https://www.sfweekly.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-tremorvideo-status
NO_AD
content-type
application/json;charset=UTF-8
bid
ads.freeskreen.com/ Frame B870 		0
197 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.freeskreen.com/bid?pid=4329&tid=90189ecf-4be2-4249-9505-681b89843bc0&w=832&h=467&u=https%3A%2F%2Fwww.sfweekly.com%2Fsponsored%2Fblack-friday-cbd-oil-sales%2F&ip=216.131.111.45&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F89.0.4389.72%20Safari%2F537.36&g_co=US&g_p=TX&g_ci=Dallas&g_d=623&s_1=sponsored&s_2=&cid=5636&sid=undefined&vid=298&did=893311&pf=500&ttm=1633083092311&eu_c=&eu_g=0&eu_ggl=0
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.9.1/jquery.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.173.5.42 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-173-5-42.compute-1.amazonaws.com
Software
Apache-Coyote/1.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/xml, text/xml, */*; q=0.01
Referer
https://www.sfweekly.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Oct 2021 10:11:33 GMT
server
Apache-Coyote/1.1
access-control-allow-methods
GET
access-control-allow-origin
https://www.sfweekly.com
cache-control
no-cache, no-store
access-control-allow-credentials
true
expires
-1
op.js
tagan.adlightning.com/nextmillenium/ Frame EC27 		44 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/nextmillenium/op.js
Requested by
Host: www.sfweekly.com
URL: https://www.sfweekly.com/sponsored/black-friday-cbd-oil-sales/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.87.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-87-127.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d1f1eea7087c17ea5f497200c8244121645089a8a00131448b34ccdb5dca653a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.sfweekly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
kZOdfUw8XgZz672YfJvrC7Z9iQ81nv3o
content-encoding
gzip
etag
"8a907e1e5881fe143d020636657e81f4"
age
1801
x-edge-origin-shield-skipped
0
x-cache
Hit from cloudfront
content-length
18355
x-amz-meta-git_commit
7b120a5
last-modified
Thu, 30 Sep 2021 15:39:27 GMT
server
AmazonS3
date
Fri, 01 Oct 2021 09:41:34 GMT
content-type
application/javascript
via
1.1 f99b5b46e77cfe9c3413f99dc8a4088c.cloudfront.net (CloudFront)
cache-control
max-age=3600
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
x-amz-cf-id
E0qsJgxxjuQCe1cCxITdUzAymlScBhEUnqJYSwqIcyEuDfBmxhmWZw==
apstag.js
c.amazon-adsystem.com/aax2/ Frame E4EE 		133 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: hb.brainlyads.com
URL: https://hb.brainlyads.com/pbjs_wrapper.v1.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.186.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-186-4.fra2.r.cloudfront.net
Software
Server /
Resource Hash
975b62423e82390a1b54f47625f46f5b4451a8ea69945b2e85008a194bb55edd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.sfweekly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 10:10:24 GMT
content-encoding
gzip
age
69
x-edge-origin-shield-skipped
0
x-cache
Hit from cloudfront
timing-allow-origin
*
server
Server
x-amz-rid
1WD5H59MW6QKC0G3HJ91
etag
3900a2c2d757386fb762bfd86288f882
vary
Accept-Encoding
x-amz-version-id
8N42zakBwOFy.ZF9LMqjmgZs3f2_X5lT
via
1.1 e976f829f2d1c4787d42d0595ae7cf75.cloudfront.net (CloudFront)
cache-control
public, max-age=900
x-amz-cf-pop
FRA2-C1
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
vXSImHPDMC3rp1i8Gk6rvQiR4_Kp0J8RllXB7sJGLCVl02H3KYr7Jw==
gpt.js
www.googletagservices.com/tag/js/ Frame E4EE 		76 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: hb.brainlyads.com
URL: https://hb.brainlyads.com/pbjs_wrapper.v1.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
sffe /
Resource Hash
b25da746075c2eb5012eee51820577f32c9ac878adcce09cdfcc985247979b9e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.sfweekly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 10:11:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1002 / 715 of 1000 / last-modified: 1633039623"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
26514
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 01 Oct 2021 10:11:33 GMT
apstag.js
c.amazon-adsystem.com/aax2/ Frame 00D3 		133 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: hb.brainlyads.com
URL: https://hb.brainlyads.com/pbjs_wrapper.v1.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.186.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-186-4.fra2.r.cloudfront.net
Software
Server /
Resource Hash
975b62423e82390a1b54f47625f46f5b4451a8ea69945b2e85008a194bb55edd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.sfweekly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 10:10:24 GMT
content-encoding
gzip
age
69
x-edge-origin-shield-skipped
0
x-cache
Hit from cloudfront
timing-allow-origin
*
server
Server
x-amz-rid
1WD5H59MW6QKC0G3HJ91
etag
3900a2c2d757386fb762bfd86288f882
vary
Accept-Encoding
x-amz-version-id
8N42zakBwOFy.ZF9LMqjmgZs3f2_X5lT
via
1.1 e976f829f2d1c4787d42d0595ae7cf75.cloudfront.net (CloudFront)
cache-control
public, max-age=900
x-amz-cf-pop
FRA2-C1
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
RcXjQ74PsNYjbB-NXvrQy76QrKUj92zoFtM3dxeez_LDGClvrcihRw==
gpt.js
www.googletagservices.com/tag/js/ Frame 00D3 		73 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: hb.brainlyads.com
URL: https://hb.brainlyads.com/pbjs_wrapper.v1.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
sffe /
Resource Hash
e313c7c5a771195fe5fc6ded33c8b4072667f2cf615509e6ed370e3bfd292c69
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.sfweekly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 10:11:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1002 / 964 of 1000 / last-modified: 1633039585"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
25726
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 01 Oct 2021 10:11:33 GMT
apstag.js
c.amazon-adsystem.com/aax2/ Frame 22B8 		133 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: hb.brainlyads.com
URL: https://hb.brainlyads.com/pbjs_wrapper.v1.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.186.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-186-4.fra2.r.cloudfront.net
Software
Server /
Resource Hash
975b62423e82390a1b54f47625f46f5b4451a8ea69945b2e85008a194bb55edd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.sfweekly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 10:10:24 GMT
content-encoding
gzip
age
69
x-edge-origin-shield-skipped
0
x-cache
Hit from cloudfront
timing-allow-origin
*
server
Server
x-amz-rid
1WD5H59MW6QKC0G3HJ91
etag
3900a2c2d757386fb762bfd86288f882
vary
Accept-Encoding
x-amz-version-id
8N42zakBwOFy.ZF9LMqjmgZs3f2_X5lT
via
1.1 e976f829f2d1c4787d42d0595ae7cf75.cloudfront.net (CloudFront)
cache-control
public, max-age=900
x-amz-cf-pop
FRA2-C1
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
28_8TnsZsG0aIWs9cQutQYISkpnrCXME6jkizLwXBj0rbnKvhXdnxQ==
gpt.js
www.googletagservices.com/tag/js/ Frame 22B8 		73 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: hb.brainlyads.com
URL: https://hb.brainlyads.com/pbjs_wrapper.v1.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
sffe /
Resource Hash
95007b6e796d8001086f4ae5bfdab8387b76ac9b77a5db4f574931b20da80038
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.sfweekly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 10:11:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1002 / 42 of 1000 / last-modified: 1633039585"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
25720
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 01 Oct 2021 10:11:33 GMT
collect
stats.g.doubleclick.net/j/ 		1 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j93&tid=UA-137034616-164&cid=1144439161.1633083092&jid=327575845&gjid=1856362164&_gid=1855232428.1633083092&_u=aGDAAUAjAAAAAG~&z=1659732799
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.5.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wg-in-f157.1e100.net
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.sfweekly.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Fri, 01 Oct 2021 10:11:33 GMT
content-type
text/plain
access-control-allow-origin
https://www.sfweekly.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 9A84 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsurZu0r23pgAHZqlS4d_hSaDuJmy0R0u6XqHV7m6lhHbldbGeeNrD-zwaUy9mzwLx9MF-r_n8VOUxVC8e-EYTEqv8rWp_WVn4A6RsgVrTuf1EathXqfzY0NSqJWOhVeUwTAgkG1qlnILtUGl8oHRDtzHynLNnc9kMGqnLxeH30Pg-QLFeWXfUizFznSInsnNaAIMNE8aB0WBljYB2EKurgd1HGhUEIpEO-Be0CWt4G_4EeSR7bwC1P6yHOy_vtAdxV4aDJpO4rQPbiNO0Bl1iPddoZxlhMIt4qBvLIdlZY0Pra2kZON8AKrHgUF5ntUi8EoorMio4G2Vw&sig=Cg0ArKJSzPqtU3EHs9_1EAE&urlfix=1&adurl=
Requested by
Host: 8f4b3a34c719de7bcf70047dfa1b93cb.safeframe.googlesyndication.com
URL: https://8f4b3a34c719de7bcf70047dfa1b93cb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://8f4b3a34c719de7bcf70047dfa1b93cb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 01 Oct 2021 10:11:33 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
sync
ap.lijit.com/ Frame 9A84 		78 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/sync
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/www/delivery/fpi.js?z=435515&width=728&height=90
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.14 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx /
Resource Hash
a31c5cde9898b89000c42a3f4b972d3646b2f459f7141dca0171a7602246990a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://8f4b3a34c719de7bcf70047dfa1b93cb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 01 Oct 2021 10:11:33 GMT
Content-Encoding
gzip
Last-Modified
Wed, 29 Sep 2021 08:58:02 GMT
Server
nginx
ETag
W/"61542a9a-13788"
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
max-age=86400, must-revalidate
Transfer-Encoding
chunked
X-Sovrn-Pod
ad_ap1ams1
Expires
Sat, 02 Oct 2021 10:11:33 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame C698 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvg1432w_eCEGb75L-3ZhhXsZHVP3XVdhBTwKRViarsNs8C_4uobUoD2ZpZVHFSffz6QRUKJiIDVT5Mki0sM-PmnEIeFKHDsbnnvbyv9-zC8wuJrcQQtmdAIJtp5yRjYFWnq08jukBz_HmtetXxl1akpC9aMMgytkoJ8aNLQ_q60-hmtY9tQA5n28c7jc0LXMyLobKfZe2fyluGNOoflMTHaW8D-r3LeAGBKQjUcQRCJhozYupmW5epVTDh7NNH6_7se_nzXW9O1ZM0ZfO-pJqFsIRPmR28VOZH8C3ZzT7V86N7e4tKRQowJPske79w51Y016h4wsSusEqQtYI7&sai=AMfl-YT6ukTMXpr3ORZiMoMRJTnyZK9g5TSdN650xCZHA7MWzksn6T0JjSTmatQPDpVRbRlyuZlhTYPFdsBoLWRKC1EjUGqk0wqdlup7MH1hER1mzNbzeAypOvTdNaGZWqO6&sig=Cg0ArKJSzDM1aYI7rm1lEAE&urlfix=1&adurl=
Requested by
Host: 8f4b3a34c719de7bcf70047dfa1b93cb.safeframe.googlesyndication.com
URL: https://8f4b3a34c719de7bcf70047dfa1b93cb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://8f4b3a34c719de7bcf70047dfa1b93cb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 01 Oct 2021 10:11:33 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
sync
ap.lijit.com/ Frame C698 		78 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/sync
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/www/delivery/fpi.js?z=435514&width=300&height=250
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.14 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx /
Resource Hash
a31c5cde9898b89000c42a3f4b972d3646b2f459f7141dca0171a7602246990a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://8f4b3a34c719de7bcf70047dfa1b93cb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 01 Oct 2021 10:11:33 GMT
Content-Encoding
gzip
Last-Modified
Wed, 29 Sep 2021 08:58:02 GMT
Server
nginx
ETag
W/"61542a9a-13788"
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
max-age=86400, must-revalidate
Transfer-Encoding
chunked
X-Sovrn-Pod
ad_ap1ams1
Expires
Sat, 02 Oct 2021 10:11:33 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 1104 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssOeZwUKCgWEGlkWIG19NPJ-kqFYebx-A5dkyZzmI8KcAo9ab-ZA7ch7G-tZ9elj22tmvidO5nDYhtJL52Sp8v5QaaCB3hC_KNOg_63xSKsHbOBbIRAhyEhsoNAXbObaNldDwkPwu5wm-5NS39LBh8LQIpnlEb5HMjVK4Kg-RCruU73GqWRN-uwdgGcVpm8Yp-rjBerLX3AnKqVtNSWJIBSQ8CghP-TkkanEO73Haxq6gRlrefgDD-yJAXwL6LfY6JTZRdkFv5Wta7pvP_vSlgzSy9xFO_aIYYEx4yU7OiU1hjzOzmWV6ucSDfgNq9d1GJN59q2D9hy4bA&sai=AMfl-YQfAuTelrpFZWiTXLLtcQpcsyEDFQfnVKDtIthQHSQYrBpzBgI_LVrfYjnSYc_mbf9SGTZhKW97dYK19VaVPtJ3HFHx6cWzo0vBcz1rcfk1oxBzqyt8J0GIxGjJc1w&sig=Cg0ArKJSzGbEHgdXpPANEAE&urlfix=1&adurl=
Requested by
Host: 8f4b3a34c719de7bcf70047dfa1b93cb.safeframe.googlesyndication.com
URL: https://8f4b3a34c719de7bcf70047dfa1b93cb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://8f4b3a34c719de7bcf70047dfa1b93cb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 01 Oct 2021 10:11:33 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
sync
ap.lijit.com/ Frame 1104 		78 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/sync
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/www/delivery/fpi.js?z=435515&width=728&height=90
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.14 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx /
Resource Hash
a31c5cde9898b89000c42a3f4b972d3646b2f459f7141dca0171a7602246990a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://8f4b3a34c719de7bcf70047dfa1b93cb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 01 Oct 2021 10:11:33 GMT
Content-Encoding
gzip
Last-Modified
Wed, 29 Sep 2021 08:58:02 GMT
Server
nginx
ETag
W/"61542a9a-13788"
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
max-age=86400, must-revalidate
Transfer-Encoding
chunked
X-Sovrn-Pod
ad_ap1ams1
Expires
Sat, 02 Oct 2021 10:11:33 GMT
b-7b120a5-2a9423f7.js
tagan.adlightning.com/nextmillenium/ Frame EC27 		72 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/nextmillenium/b-7b120a5-2a9423f7.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nextmillenium/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.87.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-87-127.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
afcd80cff04ad49728d0ccd85be062ab85f9e22d3c46c023eb61547632c72861

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.sfweekly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 09 Aug 2021 20:23:33 GMT
content-encoding
gzip
age
4542481
x-cache
Hit from cloudfront
content-length
27934
x-amz-meta-git_commit
7b120a5
last-modified
Mon, 09 Aug 2021 20:22:57 GMT
server
AmazonS3
etag
"1623ea0e9b279d39d158c94333d70c13"
x-amz-version-id
i.zf1vsiL3Nn7Z6bztmf7oK2amMRKo2T
via
1.1 f99b5b46e77cfe9c3413f99dc8a4088c.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
22tUHijeUyhyBH_dmk-gcFXHlybl2pc_O2pJ2chi1Z1BeSKFl-RjRw==
bl-79dc637-ecd710e0.js
tagan.adlightning.com/nextmillenium/ Frame EC27 		42 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/nextmillenium/bl-79dc637-ecd710e0.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nextmillenium/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.87.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-87-127.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d0d9ca8848e20b99030e8310820d80c9b8deeeb7687f6a94bec81a9a8edbbcc8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.sfweekly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 30 Sep 2021 15:41:08 GMT
content-encoding
gzip
age
66625
x-edge-origin-shield-skipped
0
x-cache
Hit from cloudfront
content-length
18652
x-amz-meta-git_commit
79dc637
last-modified
Thu, 30 Sep 2021 15:38:34 GMT
server
AmazonS3
etag
"2766f471aae13fb2b870b7ec7ee18e36"
x-amz-version-id
tRtTPUEZDsQ8PdA7.ormW6Q6OJ4mE_.q
via
1.1 f99b5b46e77cfe9c3413f99dc8a4088c.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
xQM-ol-QC1aDGlIy7mwI4dvKFLVwPQHhpNk2nvHfcjRpkmHKZHOfmQ==
apstag.js
c.amazon-adsystem.com/aax2/ Frame EC27 		133 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: hb.brainlyads.com
URL: https://hb.brainlyads.com/pbjs_wrapper.v1.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.186.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-186-4.fra2.r.cloudfront.net
Software
Server /
Resource Hash
975b62423e82390a1b54f47625f46f5b4451a8ea69945b2e85008a194bb55edd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.sfweekly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 10:10:24 GMT
content-encoding
gzip
age
69
x-edge-origin-shield-skipped
0
x-cache
Hit from cloudfront
timing-allow-origin
*
server
Server
x-amz-rid
1WD5H59MW6QKC0G3HJ91
etag
3900a2c2d757386fb762bfd86288f882
vary
Accept-Encoding
x-amz-version-id
8N42zakBwOFy.ZF9LMqjmgZs3f2_X5lT
via
1.1 e976f829f2d1c4787d42d0595ae7cf75.cloudfront.net (CloudFront)
cache-control
public, max-age=900
x-amz-cf-pop
FRA2-C1
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
KKfbTYvbo_-N4XlZZsYprcoQ8qM_zy8ugMFwf0Hje0G1NE4bizkDWQ==
gpt.js
www.googletagservices.com/tag/js/ Frame EC27 		73 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: hb.brainlyads.com
URL: https://hb.brainlyads.com/pbjs_wrapper.v1.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
sffe /
Resource Hash
a5edb367071f73bdebe3dfcd48c3d8969d4cf9144f8db16d9f6f98d0f16114ea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.sfweekly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 10:11:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1002 / 425 of 1000 / last-modified: 1633039623"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
25727
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 01 Oct 2021 10:11:33 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame C63D 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssVUCT7PfJyl-GbHAVJZrEx-oJN7KBbT1ELtvO6KYzOiwkTXwibJLwI_g5XMibXUfL7eUCStgwjf_BiuGH3twXPZ1xAqbeEZICkYtkopBKHKcnkI5BG2ar4i5hd5QSPjZQicmOAEGYoYPPzkcGwcfoiQ6pdufNAI6wZOt7CDB2IaAdbBu0izu0UMQ180DdMNBeDBq2gYIBbmyWXVYsyHPydJmFyl5J-Vb0UKBXlunRAmFoa2DvfuJFr-ikdgpkzAia7wOMdWH0atSJGIwhbnYN7K5oIQZe7xHX_9h-LodKQcuRGXxDLNuwwYJUA3lQ2V3j1iIOlI2jXTuGZgJ-i&sig=Cg0ArKJSzIe78cnGJZqREAE&urlfix=1&adurl=
Requested by
Host: 8f4b3a34c719de7bcf70047dfa1b93cb.safeframe.googlesyndication.com
URL: https://8f4b3a34c719de7bcf70047dfa1b93cb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://8f4b3a34c719de7bcf70047dfa1b93cb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 01 Oct 2021 10:11:33 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
sync
ap.lijit.com/ Frame C63D 		78 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/sync
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/www/delivery/fpi.js?z=435514&width=300&height=250
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.14 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx /
Resource Hash
a31c5cde9898b89000c42a3f4b972d3646b2f459f7141dca0171a7602246990a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://8f4b3a34c719de7bcf70047dfa1b93cb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 01 Oct 2021 10:11:33 GMT
Content-Encoding
gzip
Last-Modified
Wed, 29 Sep 2021 08:58:02 GMT
Server
nginx
ETag
W/"61542a9a-13788"
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
max-age=86400, must-revalidate
Transfer-Encoding
chunked
X-Sovrn-Pod
ad_ap1ams1
Expires
Sat, 02 Oct 2021 10:11:33 GMT
pubads_impl_2021092001.js
securepubads.g.doubleclick.net/gpt/ Frame 22B8 		336 KB
117 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021092001.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
sffe /
Resource Hash
1530727d7a9de276d5934149bfd08e535021a6596ace5c87fbad802580189d0b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.sfweekly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 10:11:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
120245
x-xss-protection
0
last-modified
Mon, 20 Sep 2021 08:37:28 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 01 Oct 2021 10:11:33 GMT
pubads_impl_2021092701.js
securepubads.g.doubleclick.net/gpt/ Frame E4EE 		341 KB
119 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021092701.js?31063002
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
sffe /
Resource Hash
b7bbc8cc68191443c03fedd1bc2d143b12d660126d85d3d8fe4a5f4c04e3badd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.sfweekly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 10:11:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
121592
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 08:38:46 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 01 Oct 2021 10:11:33 GMT
pubads_impl_2021092001.js
securepubads.g.doubleclick.net/gpt/ Frame 00D3 		336 KB
117 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021092001.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
sffe /
Resource Hash
1530727d7a9de276d5934149bfd08e535021a6596ace5c87fbad802580189d0b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.sfweekly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 10:11:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
120245
x-xss-protection
0
last-modified
Mon, 20 Sep 2021 08:37:28 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 01 Oct 2021 10:11:33 GMT
downsize_200k_v1
tpc.googlesyndication.com/simgad/4419726309536410457/ Frame 975E 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/4419726309536410457/downsize_200k_v1?w=100&h=100
Requested by
Host: 8f4b3a34c719de7bcf70047dfa1b93cb.safeframe.googlesyndication.com
URL: https://8f4b3a34c719de7bcf70047dfa1b93cb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f1.1e100.net
Software
sffe /
Resource Hash
b3c748df107d112ec88c2b361cfe1e7a8d17b9abf1c0b5d07e6c3d96791c7d17
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://8f4b3a34c719de7bcf70047dfa1b93cb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 28 Sep 2021 04:33:14 GMT
x-content-type-options
nosniff
age
279499
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2927
x-xss-protection
0
last-modified
Mon, 29 Mar 2021 15:59:03 GMT
server
sffe
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 28 Sep 2022 04:33:14 GMT
truncated
/ Frame 975E 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
81cacd6b187878c8eb795e61e66c648ee76c410dafc63852de35290c1e56f9f1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
csi
csi.gstatic.com/ Frame 975E 		0
348 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~ku87ibff&c=439566013265&slotId=219783006632.5&qqid=CJDa7cz8qPMCFeruuwgdY2IHVg&sei=44724516%2C44729911%2C44730425%2C44730426%2C420706098&nsei=44714510%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=rda&ulv=1
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/1dddcf558b055f9fb2aa658608e709ba.js?tag=video_mra/web_raspberry
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.168.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams16s32-in-f3.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://8f4b3a34c719de7bcf70047dfa1b93cb.safeframe.googlesyndication.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Fri, 01 Oct 2021 10:11:33 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
downsize_200k_v1
tpc.googlesyndication.com/simgad/15723280794182465546/ Frame 975E 		49 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/15723280794182465546/downsize_200k_v1
Requested by
Host: 8f4b3a34c719de7bcf70047dfa1b93cb.safeframe.googlesyndication.com
URL: https://8f4b3a34c719de7bcf70047dfa1b93cb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f1.1e100.net
Software
sffe /
Resource Hash
785c43bcb3aa7b1030a28e4b3e31d8df0b0805e2f5b6e0c70343bbe06631565a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://8f4b3a34c719de7bcf70047dfa1b93cb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 06:30:10 GMT
x-content-type-options
nosniff
age
358883
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
49823
x-xss-protection
0
last-modified
Wed, 14 Jul 2021 09:27:36 GMT
server
sffe
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 27 Sep 2022 06:30:10 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 975E 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CjpT51N5WYZCgFOrd7_UP48SdsAX8iPeHYpH5h6TfDb_hHhABILfTnHpgleKQgqAHoAGaiPX0AsgBCakCROHQ7MBssz7gAgCoAwHIAwiqBKwCT9DP9tJIsuxcNzvGyztpsfMqNEtQdF_vltKt0DXCc1i6CY7xZCnthu9xDnZqjLsuhXHQzvSWulUX8udl0oP1Ku3OwIs-qKpJEBOtarnp7KaQ34KFJCSNWfbFXxv5IJjNUUxy_dvwWY_ZtKQyfmk9g7ou7jVow8QxxYViDVYee658l3fQjr-A7OI1zc2tgCSqU26aKUeAMiF-m9jVIE6Z_D9zsyPUvt3Ua-Obqwqe8UGj_6JpoxsvcjwTk_PKXRM2Nr5UHxOp6BT3SeiHDJaj5WUby50xuFDK09ATDzTA4JmhsH2YPbcbLXqX3lyzZziZzOpz2YIUDp_G06cAlB6K5ztq-DpvRby8JC6IIeI0tXn24GVBSqYdkapOFsig1AnLGzS0mJT0hKGn2_2TwASZrLCrvQPgBAGgBi6AB873iosBqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAfVyRuoB6a-G9gHAPIHBBDX3ynSCAkIiOGAEBABGB2ACgPICwHYEwOIFAPQFQGAFwGyFx4KHAgAEhRwdWItNjUyMTU5OTE5NTQ3NTY3NBigsg4&sigh=MxNpgFmMMHw&template_id=3484
Requested by
Host: 8f4b3a34c719de7bcf70047dfa1b93cb.safeframe.googlesyndication.com
URL: https://8f4b3a34c719de7bcf70047dfa1b93cb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
/
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://8f4b3a34c719de7bcf70047dfa1b93cb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
adcfg
ap.lijit.com/ Frame 9A84 		158 B
535 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/adcfg?zoneid=435515&tid=938773ca2a484cb0a28f43a63e08eb0fd7b42aab&mode=1&dmn=www.sfweekly.com
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/sync
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.14 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
/
Resource Hash
85d8f112ba9b3a5745327b525ecc683fa2c86f1f4b4a5228b413d7934eeec7f8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://8f4b3a34c719de7bcf70047dfa1b93cb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 01 Oct 2021 10:11:33 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap1ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
146
haloid
aufp.io/api/v1/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://aufp.io/api/v1/haloid
Requested by
Host: a.ad.gt
URL: https://a.ad.gt/api/v1/u/matches/251?url=https%3A%2F%2Fwww.sfweekly.com%2Fsponsored%2Fblack-friday-cbd-oil-sales%2F&ref=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.216.108.96 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-216-108-96.us-west-2.compute.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
85e50082d7ce113bfa87dbade18dbf747d1bacfcffdbd628296dcffa98a08f94

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.sfweekly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 10:11:33 GMT
content-encoding
gzip
last-modified
Thu, 30 Sep 2021 21:38:22 GMT
server
nginx/1.18.0
etag
W/"1633037902.0-6132-2958560116"
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript
access-control-allow-origin
*, *
access-control-expose-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
cache-control
public, max-age=43200
origin-trial
A/KTxPuSXtwcggydvUxw5B4dXspsb2iweedc7KDi2xv9M89MtnOpULTs7DQJVHBxGDV5wj5a3LW9S4ev3WfQkwIAAAB+eyJvcmlnaW4iOiJodHRwczovL2hhbG9mbG9jLmNvbTo0NDMiLCJmZWF0dXJlIjoiSW50ZXJlc3RDb2hvcnRBUEkiLCJleHBpcnkiOjE2MjYyMjA3OTksImlzU3ViZG9tYWluIjp0cnVlLCJpc1RoaXJkUGFydHkiOnRydWV9
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
expires
Fri, 01 Oct 2021 22:11:33 GMT
251
p.ad.gt/api/v1/p/ 		25 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://p.ad.gt/api/v1/p/251
Requested by
Host: a.ad.gt
URL: https://a.ad.gt/api/v1/u/matches/251?url=https%3A%2F%2Fwww.sfweekly.com%2Fsponsored%2Fblack-friday-cbd-oil-sales%2F&ref=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.213.79.211 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-213-79-211.us-west-2.compute.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
8027119f899b59c2af3b0ccb2c7d1323fb3891a1235ab54309fe5337b92cd1c6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.sfweekly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 10:11:33 GMT
content-encoding
gzip
last-modified
Thu, 30 Sep 2021 21:36:46 GMT
server
nginx/1.18.0
etag
W/"1633037806.0-26098-2710964840"
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
cache-control
public, max-age=43200
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
expires
Fri, 01 Oct 2021 22:11:33 GMT
match
ids.ad.gt/api/v1/
Redirect Chain
  • https://secure.adnxs.com/getuid?https://ids.ad.gt/api/v1/match?id=6e52ce68-ecc0-4328-82e5-b5972013fe7a&adnxs_id=$UID
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fmatch%3Fid%3D6e52ce68-ecc0-4328-82e5-b5972013fe7a%26adnxs_id%3D%24UID
  • https://ids.ad.gt/api/v1/match?id=6e52ce68-ecc0-4328-82e5-b5972013fe7a&adnxs_id=8024006013844445723
43 B
563 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ids.ad.gt/api/v1/match?id=6e52ce68-ecc0-4328-82e5-b5972013fe7a&adnxs_id=8024006013844445723
Requested by
Host: www.sfweekly.com
URL: https://www.sfweekly.com/sponsored/black-friday-cbd-oil-sales/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.211.237.159 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-211-237-159.us-west-2.compute.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.sfweekly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 10:11:33 GMT
cache-control
public, max-age=43200
server
nginx/1.18.0
content-type
image/gif
expires
Fri, 01 Oct 2021 22:11:33 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 01 Oct 2021 10:11:33 GMT
X-Proxy-Origin
216.131.111.45; 216.131.111.45; 536.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
d1ec4553-cbcc-4c85-bb9a-3135b489f443
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://ids.ad.gt/api/v1/match?id=6e52ce68-ecc0-4328-82e5-b5972013fe7a&adnxs_id=8024006013844445723
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
t_match
ids.ad.gt/api/v1/
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8gkxb6n&ttd_tpi=1&gpdr=0&ttd_puid=6e52ce68-ecc0-4328-82e5-b5972013fe7a
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=8gkxb6n&ttd_tpi=1&gpdr=0&ttd_puid=6e52ce68-ecc0-4328-82e5-b5972013fe7a
  • https://ids.ad.gt/api/v1/t_match?tdid=117b351e-56e1-4502-abfd-e86c5570ad18&id=6e52ce68-ecc0-4328-82e5-b5972013fe7a
43 B
567 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ids.ad.gt/api/v1/t_match?tdid=117b351e-56e1-4502-abfd-e86c5570ad18&id=6e52ce68-ecc0-4328-82e5-b5972013fe7a
Requested by
Host: www.sfweekly.com
URL: https://www.sfweekly.com/sponsored/black-friday-cbd-oil-sales/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.211.237.159 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-211-237-159.us-west-2.compute.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.sfweekly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 10:11:34 GMT
cache-control
public, max-age=43200
server
nginx/1.18.0
content-type
image/gif
expires
Fri, 01 Oct 2021 22:11:34 GMT

Redirect headers

pragma
no-cache
date
Fri, 01 Oct 2021 10:11:33 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://ids.ad.gt/api/v1/t_match?tdid=117b351e-56e1-4502-abfd-e86c5570ad18&id=6e52ce68-ecc0-4328-82e5-b5972013fe7a
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
259
pbm_match
ids.ad.gt/api/v1/
Redirect Chain
  • https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fpbm_match%3Fpbm%3D%23PM_USER_ID%26id%3D6e52ce68-ecc0-4328-82e5-b5972013fe7a
  • https://image2.pubmatic.com/AdServer/UCookieSetPug?ird=1&rd=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fpbm_match%3Fpbm%3D%23PM_USER_ID%26id%3D6e52ce68-ecc0-4328-82e5-b5972013fe7a
  • https://ids.ad.gt/api/v1/pbm_match?pbm=F81EBD4E-0CF0-45F5-92DA-18DBAAD0E44A&id=6e52ce68-ecc0-4328-82e5-b5972013fe7a
43 B
572 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ids.ad.gt/api/v1/pbm_match?pbm=F81EBD4E-0CF0-45F5-92DA-18DBAAD0E44A&id=6e52ce68-ecc0-4328-82e5-b5972013fe7a
Requested by
Host: www.sfweekly.com
URL: https://www.sfweekly.com/sponsored/black-friday-cbd-oil-sales/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.211.237.159 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-211-237-159.us-west-2.compute.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.sfweekly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 10:11:33 GMT
cache-control
public, max-age=43200
server
nginx/1.18.0
content-type
image/gif
expires
Fri, 01 Oct 2021 22:11:33 GMT

Redirect headers

location
https://ids.ad.gt/api/v1/pbm_match?pbm=F81EBD4E-0CF0-45F5-92DA-18DBAAD0E44A&id=6e52ce68-ecc0-4328-82e5-b5972013fe7a
date
Fri, 01 Oct 2021 10:11:33 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
g_match
ids.ad.gt/api/v1/
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_cm&google_sc&google_ula=450542624&id=6e52ce68-ecc0-4328-82e5-b5972013fe7a
  • https://ids.ad.gt/api/v1/g_match?id=6e52ce68-ecc0-4328-82e5-b5972013fe7a&google_gid=CAESEHg4otRItfZwXLcEmvmOanI&google_cver=1&google_ula=450542624,0
43 B
570 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ids.ad.gt/api/v1/g_match?id=6e52ce68-ecc0-4328-82e5-b5972013fe7a&google_gid=CAESEHg4otRItfZwXLcEmvmOanI&google_cver=1&google_ula=450542624,0
Requested by
Host: www.sfweekly.com
URL: https://www.sfweekly.com/sponsored/black-friday-cbd-oil-sales/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.211.237.159 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-211-237-159.us-west-2.compute.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.sfweekly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 10:11:33 GMT
cache-control
public, max-age=43200
server
nginx/1.18.0
content-type
image/gif
expires
Fri, 01 Oct 2021 22:11:33 GMT

Redirect headers

pragma
no-cache
date
Fri, 01 Oct 2021 10:11:33 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ids.ad.gt/api/v1/g_match?id=6e52ce68-ecc0-4328-82e5-b5972013fe7a&google_gid=CAESEHg4otRItfZwXLcEmvmOanI&google_cver=1&google_ula=450542624,0
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
357
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/
Redirect Chain
  • https://ids.ad.gt/api/v1/g_hosted?id=6e52ce68-ecc0-4328-82e5-b5972013fe7a
  • https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_hm=NmU1MmNlNjgtZWNjMC00MzI4LTgyZTUtYjU5NzIwMTNmZTdh
170 B
189 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_hm=NmU1MmNlNjgtZWNjMC00MzI4LTgyZTUtYjU5NzIwMTNmZTdh
Requested by
Host: www.sfweekly.com
URL: https://www.sfweekly.com/sponsored/black-friday-cbd-oil-sales/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.sfweekly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Oct 2021 10:11:34 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_hm=NmU1MmNlNjgtZWNjMC00MzI4LTgyZTUtYjU5NzIwMTNmZTdh
date
Fri, 01 Oct 2021 10:11:33 GMT
server
nginx/1.18.0
content-length
473
content-type
text/html; charset=utf-8
beeswax_match
ids.ad.gt/api/v1/
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/audigent?buyer_user_id=6e52ce68-ecc0-4328-82e5-b5972013fe7a
  • https://match.prod.bidr.io/cookie-sync/audigent?buyer_user_id=6e52ce68-ecc0-4328-82e5-b5972013fe7a&_bee_ppp=1
  • https://ids.ad.gt/api/v1/beeswax_match?beeswax_id=AAEYRk7Crb4AABSSK-ZW0Q&id=6e52ce68-ecc0-4328-82e5-b5972013fe7a
43 B
477 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ids.ad.gt/api/v1/beeswax_match?beeswax_id=AAEYRk7Crb4AABSSK-ZW0Q&id=6e52ce68-ecc0-4328-82e5-b5972013fe7a
Requested by
Host: www.sfweekly.com
URL: https://www.sfweekly.com/sponsored/black-friday-cbd-oil-sales/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.211.237.159 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-211-237-159.us-west-2.compute.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.sfweekly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 10:11:34 GMT
cache-control
public, max-age=43200
server
nginx/1.18.0
content-type
image/gif
expires
Fri, 01 Oct 2021 22:11:34 GMT

Redirect headers

location
https://ids.ad.gt/api/v1/beeswax_match?beeswax_id=AAEYRk7Crb4AABSSK-ZW0Q&id=6e52ce68-ecc0-4328-82e5-b5972013fe7a
Date
Fri, 01 Oct 2021 10:11:33 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
strict-transport-security
max-age=2592000; includeSubDomains
mediamath_match
ids.ad.gt/api/v1/
Redirect Chain
  • https://sync.mathtag.com/sync/img?redir=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fmediamath_match%3Fuser_id%3D%5BMM_UUID%5D%26id%3D6e52ce68-ecc0-4328-82e5-b5972013fe7a
  • https://ids.ad.gt/api/v1/mediamath_match?user_id=57de6156-ded5-4200-bf94-c7d95625e804&id=6e52ce68-ecc0-4328-82e5-b5972013fe7a
43 B
483 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ids.ad.gt/api/v1/mediamath_match?user_id=57de6156-ded5-4200-bf94-c7d95625e804&id=6e52ce68-ecc0-4328-82e5-b5972013fe7a
Requested by
Host: www.sfweekly.com
URL: https://www.sfweekly.com/sponsored/black-friday-cbd-oil-sales/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.211.237.159 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-211-237-159.us-west-2.compute.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.sfweekly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 10:11:33 GMT
cache-control
public, max-age=43200
server
nginx/1.18.0
content-type
image/gif
expires
Fri, 01 Oct 2021 22:11:33 GMT

Redirect headers

Date
Fri, 01 Oct 2021 10:11:33 GMT
Server
MT3 3984 0e3af3b master zrh-pixel-x31 config:1.0.0
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://ids.ad.gt/api/v1/mediamath_match?user_id=57de6156-ded5-4200-bf94-c7d95625e804&id=6e52ce68-ecc0-4328-82e5-b5972013fe7a
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Fri, 01 Oct 2021 10:11:32 GMT
adb_match
ids.ad.gt/api/v1/
Redirect Chain
  • https://dpm.demdex.net/ibs:dpid=348447&dpuuid=6e52ce68-ecc0-4328-82e5-b5972013fe7a&redir=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fadb_match%3Fadb%3D%24%7BDD_UUID%7D%26id%3D6e52ce68-ecc0-4328-82e5-b5972...
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=348447&dpuuid=6e52ce68-ecc0-4328-82e5-b5972013fe7a&redir=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fadb_match%3Fadb%3D%24%7BDD_UUID%7D%26id%3D6e52ce6...
  • https://ids.ad.gt/api/v1/adb_match?adb=31484824399336767402015332676687979971&id=6e52ce68-ecc0-4328-82e5-b5972013fe7a
43 B
478 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ids.ad.gt/api/v1/adb_match?adb=31484824399336767402015332676687979971&id=6e52ce68-ecc0-4328-82e5-b5972013fe7a
Requested by
Host: www.sfweekly.com
URL: https://www.sfweekly.com/sponsored/black-friday-cbd-oil-sales/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.211.237.159 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-211-237-159.us-west-2.compute.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.sfweekly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 10:11:34 GMT
cache-control
public, max-age=43200
server
nginx/1.18.0
content-type
image/gif
expires
Fri, 01 Oct 2021 22:11:34 GMT

Redirect headers

DCS
dcs-prod-irl1-2-v018-04bb2a657.edge-irl1.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
74aa7XrXSSw=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://ids.ad.gt/api/v1/adb_match?adb=31484824399336767402015332676687979971&id=6e52ce68-ecc0-4328-82e5-b5972013fe7a
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
config
c.amazon-adsystem.com/cdn/prod/ Frame 00D3 		0
326 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fwww.sfweekly.com%2Fsponsored%2Fblack-friday-cbd-oil-sales%2F&pubid=79e40b05-e673-4b6c-85f9-79252a7f96a5
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.186.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-186-4.fra2.r.cloudfront.net
Software
Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.sfweekly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 10:11:32 GMT
via
1.1 e976f829f2d1c4787d42d0595ae7cf75.cloudfront.net (CloudFront)
server
Server
x-edge-origin-shield-skipped
0
x-cache
Miss from cloudfront
access-control-allow-origin
https://www.sfweekly.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
x-amz-cf-pop
FRA2-C1
x-amz-cf-id
qaG2IZ-j2Ve_acfJxxtSNdL6tG7c98ioXD-rC4UVOwnSQVAOCiOt8w==
bid
c.amazon-adsystem.com/e/dtb/ Frame 00D3 		23 B
492 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.sfweekly.com%2Fsponsored%2Fblack-friday-cbd-oil-sales%2F&pid=hNfQW7RizQXZA&cb=0&ws=0x0&v=7.69.01&t=2000&slots=%5B%7B%22sd%22%3A%220%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F90814396%2Fsfweekly_intext_HB%22%7D%5D&schain=1.0%2C1!nextmillennium.io%2C15103%2C1%2C%2C%2C&pubid=79e40b05-e673-4b6c-85f9-79252a7f96a5&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.186.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-186-4.fra2.r.cloudfront.net
Software
Server /
Resource Hash
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.sfweekly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 10:11:33 GMT
via
1.1 e976f829f2d1c4787d42d0595ae7cf75.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA2-C1
x-amz-rid
QYJBS14HCC78CR0TDZJN
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.sfweekly.com
access-control-allow-credentials
true
permissions-policy
interest-cohort=()
strict-transport-security
max-age=47474747; includeSubDomains; preload
timing-allow-origin
*
content-length
23
x-amz-cf-id
o933ja5JS2-eWdwBFRfnOWK9wpbOLXJTVTMu3ulNDdhSbMVFMrgEiA==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ Frame 00D3 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.186.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-186-4.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.sfweekly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
S8kNCKkikutwvs4V44q0sFuZ4JNc9Ate
content-encoding
gzip
etag
W/"a4d296427fc806b21335359e398c025c"
x-edge-origin-shield-skipped
0
x-cache
Hit from cloudfront
access-control-max-age
3000
access-control-allow-origin
*
last-modified
Tue, 07 Sep 2021 22:15:56 GMT
server
AmazonS3
date
Fri, 01 Oct 2021 10:11:33 GMT
vary
Accept-Encoding,Origin
access-control-allow-methods
GET
content-type
application/javascript
via
1.1 ba5b5e2e7fd98c4a472633bc4c1d4480.cloudfront.net (CloudFront)
cache-control
public, max-age=86400
x-amz-cf-pop
FRA2-C1
x-amz-cf-id
EtxDGKDBVZ9WmAJlsFj4MoI5ztKcy2PacHLulFXXy33gazl2Y95wfQ==
config
c.amazon-adsystem.com/cdn/prod/ Frame E4EE 		0
325 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fwww.sfweekly.com%2Fsponsored%2Fblack-friday-cbd-oil-sales%2F&pubid=79e40b05-e673-4b6c-85f9-79252a7f96a5
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.186.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-186-4.fra2.r.cloudfront.net
Software
Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.sfweekly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 10:11:32 GMT
via
1.1 e976f829f2d1c4787d42d0595ae7cf75.cloudfront.net (CloudFront)
server
Server
x-edge-origin-shield-skipped
0
x-cache
Hit from cloudfront
access-control-allow-origin
https://www.sfweekly.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
x-amz-cf-pop
FRA2-C1
x-amz-cf-id
WUXZAtgGEh9rdbFox2scfivx-gzTjjRlIX16VO37U1aYgQBFioo70A==
bid
c.amazon-adsystem.com/e/dtb/ Frame E4EE 		23 B
492 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.sfweekly.com%2Fsponsored%2Fblack-friday-cbd-oil-sales%2F&pid=DynHTvFSOqypt&cb=0&ws=0x0&v=7.69.01&t=2000&slots=%5B%7B%22sd%22%3A%220%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x90%22%5D%2C%22sn%22%3A%22%2F90814396%2Fsfweekly_728x90_stickybottom_HB%22%7D%5D&schain=1.0%2C1!nextmillennium.io%2C15103%2C1%2C%2C%2C&pubid=79e40b05-e673-4b6c-85f9-79252a7f96a5&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.186.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-186-4.fra2.r.cloudfront.net
Software
Server /
Resource Hash
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.sfweekly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 10:11:33 GMT
via
1.1 e976f829f2d1c4787d42d0595ae7cf75.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA2-C1
x-amz-rid
KCQ81MY3D7AJMBHA3TX6
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.sfweekly.com
access-control-allow-credentials
true
permissions-policy
interest-cohort=()
strict-transport-security
max-age=47474747; includeSubDomains; preload
timing-allow-origin
*
content-length
23
x-amz-cf-id
UmvJCJbDCokT7p5O4jHtGD_nQ0ki0WapitFjn5-TQSmd_Lw1hZuI4A==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ Frame E4EE 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.186.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-186-4.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.sfweekly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
S8kNCKkikutwvs4V44q0sFuZ4JNc9Ate
content-encoding
gzip
etag
W/"a4d296427fc806b21335359e398c025c"
x-edge-origin-shield-skipped
0
x-cache
Hit from cloudfront
access-control-max-age
3000
access-control-allow-origin
*
last-modified
Tue, 07 Sep 2021 22:15:56 GMT
server
AmazonS3
date
Fri, 01 Oct 2021 10:11:33 GMT
vary
Accept-Encoding,Origin
access-control-allow-methods
GET
content-type
application/javascript
via
1.1 ba5b5e2e7fd98c4a472633bc4c1d4480.cloudfront.net (CloudFront)
cache-control
public, max-age=86400
x-amz-cf-pop
FRA2-C1
x-amz-cf-id
ReM29RxLYxkCawdd3PpMIBDBULP3roPUG2GVmTAIKq61fpUaUZIozQ==
config
c.amazon-adsystem.com/cdn/prod/ Frame 22B8 		0
327 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fwww.sfweekly.com%2Fsponsored%2Fblack-friday-cbd-oil-sales%2F&pubid=79e40b05-e673-4b6c-85f9-79252a7f96a5
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.186.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-186-4.fra2.r.cloudfront.net
Software
Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.sfweekly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 10:11:32 GMT
via
1.1 e976f829f2d1c4787d42d0595ae7cf75.cloudfront.net (CloudFront)
server
Server
x-edge-origin-shield-skipped
0
x-cache
Hit from cloudfront
access-control-allow-origin
https://www.sfweekly.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
x-amz-cf-pop
FRA2-C1
x-amz-cf-id
Y6X5cwILvH1qAItXeUpcBdyBzMsBW4ksTDEve5BOWw5hbLhSQHT2hQ==
bid
c.amazon-adsystem.com/e/dtb/ Frame 22B8 		58 B
527 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.sfweekly.com%2Fsponsored%2Fblack-friday-cbd-oil-sales%2F&pid=lOGWPhhD3bDrf&cb=0&ws=0x0&v=7.69.01&t=2000&slots=%5B%7B%22sd%22%3A%220%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F90814396%2Fsfweekly_intext_HB%22%7D%5D&schain=1.0%2C1!nextmillennium.io%2C15103%2C1%2C%2C%2C&pubid=79e40b05-e673-4b6c-85f9-79252a7f96a5&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.186.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-186-4.fra2.r.cloudfront.net
Software
Server /
Resource Hash
a1467c6ed682df808cf830c429ebaec42c32c2033369aa48446fb9e7f592769d
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.sfweekly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 10:11:33 GMT
via
1.1 e976f829f2d1c4787d42d0595ae7cf75.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA2-C1
x-amz-rid
9GYC5PB868WCTDH1XF7G
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.sfweekly.com
access-control-allow-credentials
true
permissions-policy
interest-cohort=()
strict-transport-security
max-age=47474747; includeSubDomains; preload
timing-allow-origin
*
content-length
58
x-amz-cf-id
YHjmvN9HxLCx61Fud4wCjtK_M2t2fVIt106PiRqDOFyQYN4xvoz0sg==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ Frame 22B8 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.186.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-186-4.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.sfweekly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
S8kNCKkikutwvs4V44q0sFuZ4JNc9Ate
content-encoding
gzip
etag
W/"a4d296427fc806b21335359e398c025c"
x-edge-origin-shield-skipped
0
x-cache
Hit from cloudfront
access-control-max-age
3000
access-control-allow-origin
*
last-modified
Tue, 07 Sep 2021 22:15:56 GMT
server
AmazonS3
date
Fri, 01 Oct 2021 10:11:33 GMT
vary
Accept-Encoding,Origin
access-control-allow-methods
GET
content-type
application/javascript
via
1.1 ba5b5e2e7fd98c4a472633bc4c1d4480.cloudfront.net (CloudFront)
cache-control
public, max-age=86400
x-amz-cf-pop
FRA2-C1
x-amz-cf-id
_T0wjVWbJKVg7xtDUNQtCu84A5zLkgzLrFMcunaRefpbICHS9hSCzw==
adcfg
ap.lijit.com/ Frame C698 		159 B
535 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/adcfg?zoneid=435514&tid=979ea8a6e8144549b6b50b11105b28c9a10dfa19&mode=1&dmn=www.sfweekly.com
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/sync
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.14 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
/
Resource Hash
02c57a7e9d5b469840d50b3410c7fd8380b7250b20789f8c10e11b887d54d3e3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://8f4b3a34c719de7bcf70047dfa1b93cb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 01 Oct 2021 10:11:33 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap1ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
146
adcfg
ap.lijit.com/ Frame 1104 		158 B
535 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/adcfg?zoneid=435515&tid=708947a7b5604c07880cca040597d0bd0bbdcd69&mode=1&dmn=www.sfweekly.com
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/sync
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.14 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
/
Resource Hash
82cd553d85d688728ed6a4b8aaa1e9bc91491f7c0f533115e6c5e99ebd826f0f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://8f4b3a34c719de7bcf70047dfa1b93cb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 01 Oct 2021 10:11:33 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap1ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
146
t.gif
sb.freeskreen.com/ Frame 4E1A 		43 B
412 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.freeskreen.com/t.gif?tm=1633083093&p=4329&c=5635&s=undefined&d=891734&v=9316&t=ce9c0a0a-bc59-4de3-862b-703d460dee99&co=US&pr=TX&ci=Dallas&dm=623&flc=sponsored&slc=&ttm=1633083092237&gdpr=0&gdpr_consent=&e=VastRequest&m=1&x=https%3A%2F%2F51uav-eqocf.ads.tremorhub.com%2Fad%2Ftag%3FadCode%3D51uav-p4tyo%26playerWidth%3D603%26playerHeight%3D338%26playerPosition%3D3%26srcPageUrl%3Dhttps%253A%252F%252Fwww.sfweekly.com%252Fsponsored%252Fblack-friday-cbd-oil-sales%252F%26gdpr%3D0%26gdpr_consent%3D%26custom%3D5635%26c2%3Den-us%26floor%3DUSD%3A5%26us_privacy%3D%26fmt%3Djson
Requested by
Host: www.sfweekly.com
URL: https://www.sfweekly.com/sponsored/black-friday-cbd-oil-sales/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.87.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-87-3.fra2.r.cloudfront.net
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.sfweekly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Oct 2021 10:11:33 GMT
via
1.1 96c1c36adc76f99239fd3220e5be7e6a.cloudfront.net (CloudFront)
server
Apache/2.4.29 (Ubuntu)
x-amz-cf-pop
FRA2-C2
x-cache
Miss from cloudfront
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI INT DEM STA PRE COM NAV NOI DSP COR"
cache-control
no-cache, no-store
content-type
image/gif
content-length
43
x-amz-cf-id
_jKm5WP2BKXqpHApO-fHIp1lcNnOX1jAHcf4saI4fup4qE8Zjkua-Q==
expires
-1
videoplayback
r6---sn-a5mlrnel.gvt1.com/ Frame 975E
Redirect Chain
  • https://redirector.gvt1.com/videoplayback?id=0f7c009142f88e41&itag=18&source=web_video_ads&requiressl=yes&cmo=secure_transport=yes&ip=0.0.0.0&ipbits=0&expire=1633090292&sparams=ip,ipbits,expire,id,...
  • https://r4---sn-2gb7sn7r.gvt1.com/videoplayback?id=0f7c009142f88e41&itag=18&source=web_video_ads&requiressl=yes&ip=0.0.0.0&ipbits=0&expire=1633090292&sparams=expire,id,ip,ipbits,itag,mh,mip,mm,mn,m...
  • https://r6---sn-a5mlrnel.gvt1.com/videoplayback?id=0f7c009142f88e41&itag=18&source=web_video_ads&requiressl=yes&ip=0.0.0.0&ipbits=0&expire=1633090292&sparams=expire,id,ip,ipbits,itag,mh,mip,mm,mn,m...
777 KB
777 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://r6---sn-a5mlrnel.gvt1.com/videoplayback?id=0f7c009142f88e41&itag=18&source=web_video_ads&requiressl=yes&ip=0.0.0.0&ipbits=0&expire=1633090292&sparams=expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,requiressl,source&signature=30B0A8CDF724CB23ECCCB0BCA94BC0ED47B50239.2FA36E3B86ACFB3FB013B384037C44F55B11CD93&key=cms1&mh=A8&pl=24&redirect_counter=1&cm2rm=sn-2gbek7z&req_id=9eaa3b38c17a36e2&cms_redirect=yes&mip=216.131.111.45&mm=34&mn=sn-a5mlrnel&ms=ltu&mt=1633082431&mv=m&mvi=6
Requested by
Host: 8f4b3a34c719de7bcf70047dfa1b93cb.safeframe.googlesyndication.com
URL: https://8f4b3a34c719de7bcf70047dfa1b93cb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
173.194.166.92 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lax28s12-in-f12.1e100.net
Software
gvs 1.0 /
Resource Hash
a64267c776cc6e2a64352fc53e94d51430697681405ad0cdb073a01756a01473
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://8f4b3a34c719de7bcf70047dfa1b93cb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 10:11:34 GMT
x-content-type-options
nosniff
last-modified
Wed, 07 Jul 2021 05:19:35 GMT
server
gvs 1.0
vary
Origin
content-type
video/mp4
Content-Range
bytes 0-795721/795722
client-protocol
quic
cache-control
private, max-age=6898
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length
795722
expires
Fri, 01 Oct 2021 10:11:34 GMT

Redirect headers

date
Fri, 01 Oct 2021 10:11:33 GMT
x-content-type-options
nosniff
last-modified
Wed, 02 May 2007 10:26:10 GMT
server
gvs 1.0
vary
Origin
content-type
text/html
location
https://r6---sn-a5mlrnel.gvt1.com/videoplayback?id=0f7c009142f88e41&itag=18&source=web_video_ads&requiressl=yes&ip=0.0.0.0&ipbits=0&expire=1633090292&sparams=expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,requiressl,source&signature=30B0A8CDF724CB23ECCCB0BCA94BC0ED47B50239.2FA36E3B86ACFB3FB013B384037C44F55B11CD93&key=cms1&mh=A8&pl=24&redirect_counter=1&cm2rm=sn-2gbek7z&req_id=9eaa3b38c17a36e2&cms_redirect=yes&mip=216.131.111.45&mm=34&mn=sn-a5mlrnel&ms=ltu&mt=1633082431&mv=m&mvi=6
cache-control
private, max-age=900
content-length
0
expires
Fri, 01 Oct 2021 10:11:33 GMT
truncated
/ Frame 975E 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
942db32d568d17ad59fd662a2606b85b3cda56379bcb22ec319ec1a3bddf4d45

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
adcfg
ap.lijit.com/ Frame C63D 		159 B
535 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/adcfg?zoneid=435514&tid=a45fcb1e8a40462193e57b9e42c724a864a39ab6&mode=1&dmn=www.sfweekly.com
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/sync
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.14 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
/
Resource Hash
e6706f5e708470da036fd47ad3d2f2c6a9eea3005636d69fb19183310344db17

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://8f4b3a34c719de7bcf70047dfa1b93cb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 01 Oct 2021 10:11:33 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap1ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
146
t.gif
sb.freeskreen.com/ Frame B870 		43 B
412 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.freeskreen.com/t.gif?tm=1633083093&p=4329&c=5636&s=undefined&d=891735&v=9316&t=90189ecf-4be2-4249-9505-681b89843bc0&co=US&pr=TX&ci=Dallas&dm=623&flc=sponsored&slc=&ttm=1633083092311&gdpr=0&gdpr_consent=&e=VastRequest&m=1&x=https%3A%2F%2F51uav-sg2ba.ads.tremorhub.com%2Fad%2Ftag%3FadCode%3D51uav-1mn6p%26playerWidth%3D832%26playerHeight%3D467%26playerPosition%3D3%26srcPageUrl%3Dhttps%253A%252F%252Fwww.sfweekly.com%252Fsponsored%252Fblack-friday-cbd-oil-sales%252F%26gdpr%3D0%26gdpr_consent%3D%26custom%3D5636%26c2%3Den-us%26floor%3DUSD%3A5%26us_privacy%3D%26fmt%3Djson
Requested by
Host: www.sfweekly.com
URL: https://www.sfweekly.com/sponsored/black-friday-cbd-oil-sales/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.87.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-87-3.fra2.r.cloudfront.net
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.sfweekly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Oct 2021 10:11:33 GMT
via
1.1 96c1c36adc76f99239fd3220e5be7e6a.cloudfront.net (CloudFront)
server
Apache/2.4.29 (Ubuntu)
x-amz-cf-pop
FRA2-C2
x-cache
Miss from cloudfront
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI INT DEM STA PRE COM NAV NOI DSP COR"
cache-control
no-cache, no-store
content-type
image/gif
content-length
43
x-amz-cf-id
Sy2yWe6kOteXfR57upF9OXvp0lykp5Go1CaKvXrw5jyA8nZOuad9Lg==
expires
-1
t.gif
sb.freeskreen.com/ Frame 4E1A 		43 B
411 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.freeskreen.com/t.gif?tm=1633083093&p=4329&c=5635&s=undefined&d=893310&v=298&t=ce9c0a0a-bc59-4de3-862b-703d460dee99&co=US&pr=TX&ci=Dallas&dm=623&flc=sponsored&slc=&ttm=1633083092237&gdpr=0&gdpr_consent=&e=VastRequest&m=1&x=https%3A%2F%2Fads.freeskreen.com%2Fbid%3Fpid%3D4329%26tid%3Dce9c0a0a-bc59-4de3-862b-703d460dee99%26w%3D603%26h%3D338%26u%3Dhttps%253A%252F%252Fwww.sfweekly.com%252Fsponsored%252Fblack-friday-cbd-oil-sales%252F%26ip%3D216.131.111.45%26ua%3DMozilla%252F5.0%2520(Windows%2520NT%252010.0%253B%2520Win64%253B%2520x64)%2520AppleWebKit%252F537.36%2520(KHTML%252C%2520like%2520Gecko)%2520Chrome%252F89.0.4389.72%2520Safari%252F537.36%26g_co%3DUS%26g_p%3DTX%26g_ci%3DDallas%26g_d%3D623%26s_1%3Dsponsored%26s_2%3D%26cid%3D5635%26sid%3Dundefined%26vid%3D298%26did%3D893310%26pf%3D500%26ttm%3D1633083092237%26eu_c%3D%26eu_g%3D0%26eu_ggl%3D0
Requested by
Host: www.sfweekly.com
URL: https://www.sfweekly.com/sponsored/black-friday-cbd-oil-sales/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.87.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-87-3.fra2.r.cloudfront.net
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.sfweekly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Oct 2021 10:11:33 GMT
via
1.1 96c1c36adc76f99239fd3220e5be7e6a.cloudfront.net (CloudFront)
server
Apache/2.4.29 (Ubuntu)
x-amz-cf-pop
FRA2-C2
x-cache
Miss from cloudfront
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI INT DEM STA PRE COM NAV NOI DSP COR"
cache-control
no-cache, no-store
content-type
image/gif
content-length
43
x-amz-cf-id
4gb-cTRcx9KW8dfXajRT6Rfb9cfPyoMnGId-uUJst7UGe6doX-69cw==
expires
-1
t.gif
sb.freeskreen.com/ Frame 4E1A 		43 B
413 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.freeskreen.com/t.gif?tm=1633083093&p=4329&c=5635&s=undefined&d=893310&v=298&t=ce9c0a0a-bc59-4de3-862b-703d460dee99&co=US&pr=TX&ci=Dallas&dm=623&flc=sponsored&slc=&ttm=1633083092237&gdpr=0&gdpr_consent=&e=VastEmpty&m=1&x=
Requested by
Host: www.sfweekly.com
URL: https://www.sfweekly.com/sponsored/black-friday-cbd-oil-sales/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.87.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-87-3.fra2.r.cloudfront.net
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.sfweekly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Oct 2021 10:11:33 GMT
via
1.1 96c1c36adc76f99239fd3220e5be7e6a.cloudfront.net (CloudFront)
server
Apache/2.4.29 (Ubuntu)
x-amz-cf-pop
FRA2-C2
x-cache
Miss from cloudfront
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI INT DEM STA PRE COM NAV NOI DSP COR"
cache-control
no-cache, no-store
content-type
image/gif
content-length
43
x-amz-cf-id
T8_S64CV_OAT9TWZRQ2yK5S3H8zHS2byxWZYs1MfzZmOunB5EoYaAA==
expires
-1
t.gif
sb.freeskreen.com/ Frame 4E1A 		43 B
412 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.freeskreen.com/t.gif?tm=1633083093&p=4329&c=5635&s=undefined&d=&v=&t=ce9c0a0a-bc59-4de3-862b-703d460dee99&co=US&pr=TX&ci=Dallas&dm=623&flc=sponsored&slc=&ttm=1633083092237&gdpr=0&gdpr_consent=&e=VideoError&m=1&x=ErrorNoPlayableAd
Requested by
Host: www.sfweekly.com
URL: https://www.sfweekly.com/sponsored/black-friday-cbd-oil-sales/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.87.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-87-3.fra2.r.cloudfront.net
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.sfweekly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Oct 2021 10:11:33 GMT
via
1.1 96c1c36adc76f99239fd3220e5be7e6a.cloudfront.net (CloudFront)
server
Apache/2.4.29 (Ubuntu)
x-amz-cf-pop
FRA2-C2
x-cache
Miss from cloudfront
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI INT DEM STA PRE COM NAV NOI DSP COR"
cache-control
no-cache, no-store
content-type
image/gif
content-length
43
x-amz-cf-id
dJbMRltymMLeE1-69_KyFqhViMNKqXOIF-MliT96dKGDlqc2Be9WIg==
expires
-1
4iCv6KVjbNBYlgoCxCvjsGyN.woff2
fonts.gstatic.com/s/ubuntu/v15/ Frame 975E 		28 KB
28 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ubuntu/v15/4iCv6KVjbNBYlgoCxCvjsGyN.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Ubuntu%3A300%2C400%2C500%2C700
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f3.1e100.net
Software
sffe /
Resource Hash
045469f2d577c2ad73219bbd713640bcb4a4f9a46cecc6c0df0e66338646b27f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://8f4b3a34c719de7bcf70047dfa1b93cb.safeframe.googlesyndication.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 30 Sep 2021 08:14:06 GMT
x-content-type-options
nosniff
age
93447
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28968
x-xss-protection
0
last-modified
Thu, 10 Sep 2020 17:03:43 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Fri, 30 Sep 2022 08:14:06 GMT
4iCv6KVjbNBYlgoC1CzjsGyN.woff2
fonts.gstatic.com/s/ubuntu/v15/ Frame 975E 		37 KB
37 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ubuntu/v15/4iCv6KVjbNBYlgoC1CzjsGyN.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Ubuntu%3A300%2C400%2C500%2C700
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f3.1e100.net
Software
sffe /
Resource Hash
8f22c14d833819460602bd41792732725e48a6a6ee48f768a298cde40e16584f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://8f4b3a34c719de7bcf70047dfa1b93cb.safeframe.googlesyndication.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 27 Sep 2021 04:49:26 GMT
x-content-type-options
nosniff
age
364927
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38108
x-xss-protection
0
last-modified
Thu, 10 Sep 2020 17:02:31 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 27 Sep 2022 04:49:26 GMT
4iCv6KVjbNBYlgoCjC3jsGyN.woff2
fonts.gstatic.com/s/ubuntu/v15/ Frame 975E 		29 KB
29 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ubuntu/v15/4iCv6KVjbNBYlgoCjC3jsGyN.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Ubuntu%3A300%2C400%2C500%2C700
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f3.1e100.net
Software
sffe /
Resource Hash
97d812da07c2319e0e64c4137b33a5d3ccfb4c06fa5ab4444f522959e27a9ed0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://8f4b3a34c719de7bcf70047dfa1b93cb.safeframe.googlesyndication.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 13:19:34 GMT
x-content-type-options
nosniff
age
161519
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29864
x-xss-protection
0
last-modified
Thu, 10 Sep 2020 17:02:34 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 29 Sep 2022 13:19:34 GMT
t.gif
sb.freeskreen.com/ Frame B870 		43 B
411 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.freeskreen.com/t.gif?tm=1633083093&p=4329&c=5636&s=undefined&d=893311&v=298&t=90189ecf-4be2-4249-9505-681b89843bc0&co=US&pr=TX&ci=Dallas&dm=623&flc=sponsored&slc=&ttm=1633083092311&gdpr=0&gdpr_consent=&e=VastRequest&m=1&x=https%3A%2F%2Fads.freeskreen.com%2Fbid%3Fpid%3D4329%26tid%3D90189ecf-4be2-4249-9505-681b89843bc0%26w%3D832%26h%3D467%26u%3Dhttps%253A%252F%252Fwww.sfweekly.com%252Fsponsored%252Fblack-friday-cbd-oil-sales%252F%26ip%3D216.131.111.45%26ua%3DMozilla%252F5.0%2520(Windows%2520NT%252010.0%253B%2520Win64%253B%2520x64)%2520AppleWebKit%252F537.36%2520(KHTML%252C%2520like%2520Gecko)%2520Chrome%252F89.0.4389.72%2520Safari%252F537.36%26g_co%3DUS%26g_p%3DTX%26g_ci%3DDallas%26g_d%3D623%26s_1%3Dsponsored%26s_2%3D%26cid%3D5636%26sid%3Dundefined%26vid%3D298%26did%3D893311%26pf%3D500%26ttm%3D1633083092311%26eu_c%3D%26eu_g%3D0%26eu_ggl%3D0
Requested by
Host: www.sfweekly.com
URL: https://www.sfweekly.com/sponsored/black-friday-cbd-oil-sales/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.87.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-87-3.fra2.r.cloudfront.net
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.sfweekly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Oct 2021 10:11:33 GMT
via
1.1 96c1c36adc76f99239fd3220e5be7e6a.cloudfront.net (CloudFront)
server
Apache/2.4.29 (Ubuntu)
x-amz-cf-pop
FRA2-C2
x-cache
Miss from cloudfront
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI INT DEM STA PRE COM NAV NOI DSP COR"
cache-control
no-cache, no-store
content-type
image/gif
content-length
43
x-amz-cf-id
7oipltT-iZuMy3fyHloqq-I5cSXf8CktHRW40u_1haFmeVViazDmEQ==
expires
-1
t.gif
sb.freeskreen.com/ Frame B870 		43 B
412 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.freeskreen.com/t.gif?tm=1633083093&p=4329&c=5636&s=undefined&d=893311&v=298&t=90189ecf-4be2-4249-9505-681b89843bc0&co=US&pr=TX&ci=Dallas&dm=623&flc=sponsored&slc=&ttm=1633083092311&gdpr=0&gdpr_consent=&e=VastEmpty&m=1&x=
Requested by
Host: www.sfweekly.com
URL: https://www.sfweekly.com/sponsored/black-friday-cbd-oil-sales/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.87.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-87-3.fra2.r.cloudfront.net
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.sfweekly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Oct 2021 10:11:33 GMT
via
1.1 96c1c36adc76f99239fd3220e5be7e6a.cloudfront.net (CloudFront)
server
Apache/2.4.29 (Ubuntu)
x-amz-cf-pop
FRA2-C2
x-cache
Miss from cloudfront
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI INT DEM STA PRE COM NAV NOI DSP COR"
cache-control
no-cache, no-store
content-type
image/gif
content-length
43
x-amz-cf-id
d01v5SPVivDXaHLlm722fX6MppUqQNUpQZoPoLRnxWnETe6eGCm9Mw==
expires
-1
t.gif
sb.freeskreen.com/ Frame B870 		43 B
413 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.freeskreen.com/t.gif?tm=1633083093&p=4329&c=5636&s=undefined&d=&v=&t=90189ecf-4be2-4249-9505-681b89843bc0&co=US&pr=TX&ci=Dallas&dm=623&flc=sponsored&slc=&ttm=1633083092311&gdpr=0&gdpr_consent=&e=VideoError&m=1&x=ErrorNoPlayableAd
Requested by
Host: www.sfweekly.com
URL: https://www.sfweekly.com/sponsored/black-friday-cbd-oil-sales/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.87.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-87-3.fra2.r.cloudfront.net
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.sfweekly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Oct 2021 10:11:33 GMT
via
1.1 96c1c36adc76f99239fd3220e5be7e6a.cloudfront.net (CloudFront)
server
Apache/2.4.29 (Ubuntu)
x-amz-cf-pop
FRA2-C2
x-cache
Miss from cloudfront
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI INT DEM STA PRE COM NAV NOI DSP COR"
cache-control
no-cache, no-store
content-type
image/gif
content-length
43
x-amz-cf-id
uTtN2BFKEtA9LB4dzoSGTQYTie0XMjS_ZPYDMYfg-QAX6dYJDsak8A==
expires
-1
91532438-f31b-4086-8018-7cd68ddba2a3.js
d2s8wlbatk24s7.cloudfront.net/service/js/ Frame 9A84 		8 B
459 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://d2s8wlbatk24s7.cloudfront.net/service/js/91532438-f31b-4086-8018-7cd68ddba2a3.js
Requested by
Host: includemodal.global.ssl.fastly.net
URL: https://includemodal.global.ssl.fastly.net/pw.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.84.106 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-84-106.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0a8306d480a1b8a0e5803a1262635cd285075571c2529c91f40e22b6564ec272

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://8f4b3a34c719de7bcf70047dfa1b93cb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
muWssJlaTMhwNx39U6iumwhuke5LXV1E
via
1.1 ccfe5851ecd4194e2d976fb32dec7539.cloudfront.net (CloudFront)
etag
"c11a86e571fe7b35adcfb229bea0b483"
age
65890
x-edge-origin-shield-skipped
0
x-cache
Hit from cloudfront
content-length
8
last-modified
Mon, 30 Aug 2021 16:50:12 GMT
server
AmazonS3
date
Thu, 30 Sep 2021 15:53:24 GMT
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
x-amz-cf-id
48pU_JPybNkdSREa6WGgxwa27wRxu-Q6QqX3535i6F-cwmWDQQSj5w==
/
includemodal.com/service/imp/91532438-f31b-4086-8018-7cd68ddba2a3/ Frame 9A84 		42 B
132 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://includemodal.com/service/imp/91532438-f31b-4086-8018-7cd68ddba2a3/?rand=518355&referer=https://www.sfweekly.com/
Requested by
Host: 8f4b3a34c719de7bcf70047dfa1b93cb.safeframe.googlesyndication.com
URL: https://8f4b3a34c719de7bcf70047dfa1b93cb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.132.32.164 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-132-32-164.us-east-2.compute.amazonaws.com
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://8f4b3a34c719de7bcf70047dfa1b93cb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 10:11:33 GMT
server
nginx/1.10.3 (Ubuntu)
content-length
42
content-type
image/gif
truncated
/ Frame 9A84 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c17669c93708da62f096b908fff76e01e56ee3c6f8c1f892109d0c3215332e43

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.sfweekly.com%2F&domain=www.sfweekly.com&cw=1&lsw=1
Protocol
H2
Server
178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
content-type
Origin
https://www.sfweekly.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
content-type
application/json; charset=utf-8
expires
0
strict-transport-security
max-age=31536000
access-control-allow-origin
https://www.sfweekly.com
access-control-allow-headers
content-type
access-control-allow-credentials
true
access-control-allow-methods
GET
server-processing-duration-in-ticks
1636
date
Fri, 01 Oct 2021 10:11:32 GMT
content-encoding
gzip
vary
Accept-Encoding
json
gum.criteo.com/sid/ Frame 8C9D 		347 B
623 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.sfweekly.com%2F&domain=www.sfweekly.com&cw=1&lsw=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/157577/2378//pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
2ab3c4c8bb1dd18d04630bbe22aeffb9237e7e685962d7c17a6960742935ceb4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.sfweekly.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
content-encoding
gzip
date
Fri, 01 Oct 2021 10:11:33 GMT
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.sfweekly.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1915
expires
0
translator
hbopenbid.pubmatic.com/ Frame 8C9D 		0
117 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: hb.brainlyads.com
URL: https://hb.brainlyads.com/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sfweekly.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.sfweekly.com
date
Fri, 01 Oct 2021 10:11:33 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
mvo
tag.1rx.io/rmp/211404/0/ Frame 8C9D 		0
172 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tag.1rx.io/rmp/211404/0/mvo?z=1r&hbv=4.39,2.1
Requested by
Host: hb.brainlyads.com
URL: https://hb.brainlyads.com/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.42 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Tengine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sfweekly.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.sfweekly.com
pragma
no-cache
date
Fri, 01 Oct 2021 10:11:33 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
Tengine
cygnus
htlb.casalemedia.com/ Frame 8C9D 		24 B
374 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=471352&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%225ee2db395c3ac5%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.sfweekly.com%2Fsponsored%2Fblack-friday-cbd-oil-sales%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%224.39.0%22%2C%22userIds%22%3A%5B%22pubcid%22%5D%2C%22msd%22%3A0%2C%22msi%22%3A0%7D%7D%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22nextmillennium.io%22%2C%22sid%22%3A%2215103%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22624a709d2b8402%22%2C%22ext%22%3A%7B%22siteID%22%3A%22471352%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A0%7D%7D%5D%7D
Requested by
Host: hb.brainlyads.com
URL: https://hb.brainlyads.com/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.31.84.150 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-31-84-150.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
d56ebffc82bf6b28643fdc78b037b29ef4b7854a3b49aa906ad215f4414b9084

Request headers

Referer
https://www.sfweekly.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 01 Oct 2021 10:11:33 GMT
content-encoding
gzip
x-ak-initial-geo
CC:[DE], RC:[HE], CN:[EU], CIP:[216.131.111.45], XFF:[]
server
Apache
vary
Is-Traffic-Invalid,Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.sfweekly.com
x-cs-client-geo
12
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
44
x-ak-client-geo
12
expires
Fri, 01 Oct 2021 10:11:33 GMT
prebid
ib.adnxs.com/ut/v3/ Frame 8C9D 		21 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: hb.brainlyads.com
URL: https://hb.brainlyads.com/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.37 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
691.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
f41c52c86508445da59df35a0b0ca232063e9a2a7dcc3ba91fbffffa74723574
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.sfweekly.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Date
Fri, 01 Oct 2021 10:11:33 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
216.131.111.45; 216.131.111.45; 691.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
0b9051bd-5cbd-49dd-97bc-1af8e953dbeb
Server
nginx/1.17.9
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://www.sfweekly.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 8C9D 		241 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17888&site_id=314682&zone_id=1678002&size_id=15&p_pos=atf&rp_schain=1.0,1!nextmillennium.io,15103,1,,,&eid_pubcid.org=65dbf2a8-cd47-4ff7-8222-d7e877d7741d%5E1&rf=https%3A%2F%2Fwww.sfweekly.com%2Fsponsored%2Fblack-friday-cbd-oil-sales%2F&tk_flint=pbjs_lite_v4.39.0&x_source.tid=d7e37b9d-f1a8-4994-871b-57ae29085d43&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.9593723904809279
Requested by
Host: hb.brainlyads.com
URL: https://hb.brainlyads.com/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.141 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
6adbc8dcdbc2c24dc673c68088d689f7bf83a938014676d7f10f661eb70c76ba

Request headers

Referer
https://www.sfweekly.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 01 Oct 2021 10:11:33 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.sfweekly.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
241
Expires
Wed, 17 Sep 1975 21:32:10 GMT
91532438-f31b-4086-8018-7cd68ddba2a3.js
d2s8wlbatk24s7.cloudfront.net/service/js/ Frame C698 		8 B
449 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://d2s8wlbatk24s7.cloudfront.net/service/js/91532438-f31b-4086-8018-7cd68ddba2a3.js
Requested by
Host: includemodal.global.ssl.fastly.net
URL: https://includemodal.global.ssl.fastly.net/pw.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.84.106 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-84-106.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0a8306d480a1b8a0e5803a1262635cd285075571c2529c91f40e22b6564ec272

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://8f4b3a34c719de7bcf70047dfa1b93cb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
muWssJlaTMhwNx39U6iumwhuke5LXV1E
via
1.1 ccfe5851ecd4194e2d976fb32dec7539.cloudfront.net (CloudFront)
etag
"c11a86e571fe7b35adcfb229bea0b483"
age
65890
x-edge-origin-shield-skipped
0
x-cache
Hit from cloudfront
content-length
8
last-modified
Mon, 30 Aug 2021 16:50:12 GMT
server
AmazonS3
date
Thu, 30 Sep 2021 15:53:24 GMT
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
x-amz-cf-id
C-6Ke7R1TC0QWljui0EPzmum85QI5mkUC8dkmaDrlLIQ3UDtmjc6Uw==
/
includemodal.com/service/imp/91532438-f31b-4086-8018-7cd68ddba2a3/ Frame C698 		42 B
132 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://includemodal.com/service/imp/91532438-f31b-4086-8018-7cd68ddba2a3/?rand=137989&referer=https://www.sfweekly.com/
Requested by
Host: 8f4b3a34c719de7bcf70047dfa1b93cb.safeframe.googlesyndication.com
URL: https://8f4b3a34c719de7bcf70047dfa1b93cb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.132.32.164 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-132-32-164.us-east-2.compute.amazonaws.com
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://8f4b3a34c719de7bcf70047dfa1b93cb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 10:11:33 GMT
server
nginx/1.10.3 (Ubuntu)
content-length
42
content-type
image/gif
truncated
/ Frame C698 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
af9a2e3734ab39ebaa365daaae4a4f5d499274380aba3413ea17971c9b88d8f8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
91532438-f31b-4086-8018-7cd68ddba2a3.js
d2s8wlbatk24s7.cloudfront.net/service/js/ Frame 1104 		8 B
450 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://d2s8wlbatk24s7.cloudfront.net/service/js/91532438-f31b-4086-8018-7cd68ddba2a3.js
Requested by
Host: includemodal.global.ssl.fastly.net
URL: https://includemodal.global.ssl.fastly.net/pw.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.84.106 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-84-106.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0a8306d480a1b8a0e5803a1262635cd285075571c2529c91f40e22b6564ec272

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://8f4b3a34c719de7bcf70047dfa1b93cb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
muWssJlaTMhwNx39U6iumwhuke5LXV1E
via
1.1 ccfe5851ecd4194e2d976fb32dec7539.cloudfront.net (CloudFront)
etag
"c11a86e571fe7b35adcfb229bea0b483"
age
65890
x-edge-origin-shield-skipped
0
x-cache
Hit from cloudfront
content-length
8
last-modified
Mon, 30 Aug 2021 16:50:12 GMT
server
AmazonS3
date
Thu, 30 Sep 2021 15:53:24 GMT
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
x-amz-cf-id
8scyGxJq7jlpKN9UyyZrbIFHyHsblxUBZHvLu2GK27u8Rm2Oj3FHXw==
/
includemodal.com/service/imp/91532438-f31b-4086-8018-7cd68ddba2a3/ Frame 1104 		42 B
133 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://includemodal.com/service/imp/91532438-f31b-4086-8018-7cd68ddba2a3/?rand=1068381&referer=https://www.sfweekly.com/
Requested by
Host: 8f4b3a34c719de7bcf70047dfa1b93cb.safeframe.googlesyndication.com
URL: https://8f4b3a34c719de7bcf70047dfa1b93cb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.132.32.164 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-132-32-164.us-east-2.compute.amazonaws.com
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://8f4b3a34c719de7bcf70047dfa1b93cb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 10:11:33 GMT
server
nginx/1.10.3 (Ubuntu)
content-length
42
content-type
image/gif
truncated
/ Frame 1104 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
58546b9c2171b60e488df6571eda307fec4ee150732ac1609d6fdd6e9e5299ee

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
translator
hbopenbid.pubmatic.com/ Frame 8C9D 		0
61 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: hb.brainlyads.com
URL: https://hb.brainlyads.com/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sfweekly.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.sfweekly.com
date
Fri, 01 Oct 2021 10:11:33 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
hb
hb.undertone.com/ Frame 8C9D 		0
449 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.undertone.com/hb?pid=3757&domain=sfweekly.com
Requested by
Host: hb.brainlyads.com
URL: https://hb.brainlyads.com/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.193.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-193-35.fra2.r.cloudfront.net
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sfweekly.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 01 Oct 2021 10:11:33 GMT
via
1.1 7a18a0a1d9929dae345690b88b08dd5e.cloudfront.net (CloudFront)
server
istio-envoy
x-amz-cf-pop
FRA2-C1
x-cache
Miss from cloudfront
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSDo OUR BUS UNI COM NAV"
access-control-allow-origin
https://www.sfweekly.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
x-envoy-upstream-service-time
2
x-amz-cf-id
xKKMglJ6j6EKD8Pq0wNAGsOEOttmcmanxfhGlU-LNjVsXiMB3XdN3g==
expires
Mon, 26 Jul 1997 05:00:00 GMT
mvo
tag.1rx.io/rmp/211404/0/ Frame 8C9D 		0
172 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tag.1rx.io/rmp/211404/0/mvo?z=1r&hbv=4.39,2.1
Requested by
Host: hb.brainlyads.com
URL: https://hb.brainlyads.com/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.42 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Tengine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sfweekly.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.sfweekly.com
pragma
no-cache
date
Fri, 01 Oct 2021 10:11:33 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
Tengine
prebid
ads.yieldmo.com/exchange/ Frame 8C9D 		0
226 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.yieldmo.com/exchange/prebid?pbav=4.39.0&p=%5B%7B%22placement_id%22%3A%221-50e2-%2F90814396%2Fsfweekly_728x90_stickybottom_HB%22%2C%22callback_id%22%3A%221833485a45ef563%22%2C%22sizes%22%3A%5B%5B728%2C90%5D%2C%5B970%2C90%5D%5D%2C%22ym_placement_id%22%3A%222475365395133833591%22%7D%5D&page_url=https%3A%2F%2Fwww.sfweekly.com%2Fsponsored%2Fblack-friday-cbd-oil-sales%2F&bust=1633083093786&pr=&scrd=1&dnt=false&description=&title=Black%20Friday%20CBD%20Oil%20Sales%3A%20The%20Best%20CBD%20Oil%20Deals%20for%20Black%20Friday%20and%20Cyber%20Monday%20-%20SF%20Weekly&w=1600&h=1200&userConsent=%7B%22gdprApplies%22%3A%22%22%2C%22cmp%22%3A%22%22%7D&us_privacy=&pubcid=65dbf2a8-cd47-4ff7-8222-d7e877d7741d&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22nextmillennium.io%22%2C%22sid%22%3A%2215103%22%2C%22hp%22%3A1%7D%5D%7D
Requested by
Host: hb.brainlyads.com
URL: https://hb.brainlyads.com/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.194.126.20 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-194-126-20.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sfweekly.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.sfweekly.com
pragma
no-cache
date
Fri, 01 Oct 2021 10:11:33 GMT
access-control-allow-credentials
true
x-robots-tag
none,NOINDEX,NOFOLLOW
access-control-allow-methods
POST, GET, OPTIONS
access-control-request-headers
Cache-Control, Pragma
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 8C9D 		260 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17888&site_id=314682&zone_id=1677996&size_id=2&alt_size_ids=55&p_pos=atf&rp_schain=1.0,1!nextmillennium.io,15103,1,,,&eid_pubcid.org=65dbf2a8-cd47-4ff7-8222-d7e877d7741d%5E1&rf=https%3A%2F%2Fwww.sfweekly.com%2Fsponsored%2Fblack-friday-cbd-oil-sales%2F&tk_flint=pbjs_lite_v4.39.0&x_source.tid=598e7665-e4dc-43a7-aa47-22439be19661&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.02486691269572794
Requested by
Host: hb.brainlyads.com
URL: https://hb.brainlyads.com/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.141 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
9e37fd1cb7e6b881003ce78867d44a25b464e50fdafe43af5a69e7f4ec0d82a2

Request headers

Referer
https://www.sfweekly.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 01 Oct 2021 10:11:33 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.sfweekly.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
260
Expires
Wed, 17 Sep 1975 21:32:10 GMT
prebid
ib.adnxs.com/ut/v3/ Frame 8C9D 		14 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: hb.brainlyads.com
URL: https://hb.brainlyads.com/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.37 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
691.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
59869dd479a3f14a8239e6bf8005d91ccd5b03f2ee649b5547501622b6c03a31
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.sfweekly.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Date
Fri, 01 Oct 2021 10:11:33 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
216.131.111.45; 216.131.111.45; 691.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
e26084ed-05ad-4114-8aef-f7777c43bcb8
Server
nginx/1.17.9
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://www.sfweekly.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
cygnus
htlb.casalemedia.com/ Frame 8C9D 		25 B
375 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=471352&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%2223364093e1cc0bb%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.sfweekly.com%2Fsponsored%2Fblack-friday-cbd-oil-sales%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%224.39.0%22%2C%22userIds%22%3A%5B%22pubcid%22%5D%2C%22msd%22%3A1%2C%22msi%22%3A1%7D%7D%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22nextmillennium.io%22%2C%22sid%22%3A%2215103%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22247034f4f77bc2f%22%2C%22ext%22%3A%7B%22siteID%22%3A%22471352%22%2C%22sid%22%3A%22728x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A0%7D%7D%2C%7B%22id%22%3A%22247034f4f77bc2f%22%2C%22ext%22%3A%7B%22siteID%22%3A%22471352%22%2C%22sid%22%3A%22970x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A90%2C%22topframe%22%3A0%7D%7D%5D%7D
Requested by
Host: hb.brainlyads.com
URL: https://hb.brainlyads.com/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.31.84.150 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-31-84-150.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
85aab9ba0046e626c01aa0b7db0ca841adcc6bfecfd2134b3cd5e3481c39ce3a

Request headers

Referer
https://www.sfweekly.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 01 Oct 2021 10:11:33 GMT
content-encoding
gzip
x-ak-initial-geo
CC:[DE], RC:[HE], CN:[EU], CIP:[216.131.111.45], XFF:[]
server
Apache
vary
Is-Traffic-Invalid,Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.sfweekly.com
x-cs-client-geo
12
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
45
x-ak-client-geo
12
expires
Fri, 01 Oct 2021 10:11:33 GMT
imp
g2.gumgum.com/hbid/ Frame 8C9D 		464 B
976 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?t=oyqorbzg&pi=2&schain=1.0%2C1!nextmillennium.io%2C15103%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.sfweekly.com%2Fsponsored%2Fblack-friday-cbd-oil-sales%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%224.39.0%22%7D&ogu=null&ns=10240
Requested by
Host: hb.brainlyads.com
URL: https://hb.brainlyads.com/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.251.173.19 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-251-173-19.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
94e3b583565afa812804fb669c3456b0d12b42ef5385071f211e2f927abec862

Request headers

Referer
https://www.sfweekly.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 01 Oct 2021 10:11:33 GMT
content-encoding
gzip
server
nginx
timing-allow-origin
*
p3p
CP="This is not a P3P policy"
access-control-allow-origin
https://www.sfweekly.com
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-type
application/json;charset=UTF-8
expires
0
mvo
tag.1rx.io/rmp/211404/0/ Frame 8C9D 		0
172 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tag.1rx.io/rmp/211404/0/mvo?z=1r&hbv=4.39,2.1
Requested by
Host: hb.brainlyads.com
URL: https://hb.brainlyads.com/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.42 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Tengine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sfweekly.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.sfweekly.com
pragma
no-cache
date
Fri, 01 Oct 2021 10:11:33 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
Tengine
cygnus
htlb.casalemedia.com/ Frame 8C9D 		25 B
375 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=471352&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%2229a4140d7dc6613%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.sfweekly.com%2Fsponsored%2Fblack-friday-cbd-oil-sales%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%224.39.0%22%2C%22userIds%22%3A%5B%22pubcid%22%5D%2C%22msd%22%3A0%2C%22msi%22%3A0%7D%7D%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22nextmillennium.io%22%2C%22sid%22%3A%2215103%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2230cd489190b0fe6%22%2C%22ext%22%3A%7B%22siteID%22%3A%22471352%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A0%7D%7D%5D%7D
Requested by
Host: hb.brainlyads.com
URL: https://hb.brainlyads.com/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.31.84.150 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-31-84-150.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e9b881000dab5b0ac0ff2506cb2c1880b444c14369e5d00411efdf6d86710434

Request headers

Referer
https://www.sfweekly.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 01 Oct 2021 10:11:33 GMT
content-encoding
gzip
x-ak-initial-geo
CC:[DE], RC:[HE], CN:[EU], CIP:[216.131.111.45], XFF:[]
server
Apache
vary
Is-Traffic-Invalid,Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.sfweekly.com
x-cs-client-geo
12
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
45
x-ak-client-geo
12
expires
Fri, 01 Oct 2021 10:11:33 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 8C9D 		241 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17888&site_id=314682&zone_id=1678002&size_id=15&p_pos=atf&rp_schain=1.0,1!nextmillennium.io,15103,1,,,&eid_pubcid.org=65dbf2a8-cd47-4ff7-8222-d7e877d7741d%5E1&rf=https%3A%2F%2Fwww.sfweekly.com%2Fsponsored%2Fblack-friday-cbd-oil-sales%2F&tk_flint=pbjs_lite_v4.39.0&x_source.tid=368d36c4-1381-47f9-accd-784a140494e0&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.17280724160262984
Requested by
Host: hb.brainlyads.com
URL: https://hb.brainlyads.com/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.141 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
a89dd0b671d93f99f0fc28bd04eaf377a35af7e465dea8bb800251cde1aa9178

Request headers

Referer
https://www.sfweekly.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 01 Oct 2021 10:11:33 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.sfweekly.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
241
Expires
Wed, 17 Sep 1975 21:32:10 GMT
prebid
ib.adnxs.com/ut/v3/ Frame 8C9D 		19 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: hb.brainlyads.com
URL: https://hb.brainlyads.com/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.37 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
691.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
469811035aa1bd29f5d94871aa2c20bc7775aa38102d6085b441af848e54570b
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.sfweekly.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Date
Fri, 01 Oct 2021 10:11:33 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
216.131.111.45; 216.131.111.45; 691.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
797f47f4-4050-442a-9c3e-5fa2161287e9
Server
nginx/1.17.9
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://www.sfweekly.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
translator
hbopenbid.pubmatic.com/ Frame 8C9D 		0
61 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: hb.brainlyads.com
URL: https://hb.brainlyads.com/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sfweekly.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.sfweekly.com
date
Fri, 01 Oct 2021 10:11:32 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
277ea0e8-e9df-4f27-96b5-0580a0b7143c
https://8f4b3a34c719de7bcf70047dfa1b93cb.safeframe.googlesyndication.com/ Frame 9A84 		2 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://8f4b3a34c719de7bcf70047dfa1b93cb.safeframe.googlesyndication.com/277ea0e8-e9df-4f27-96b5-0580a0b7143c
Requested by
Host: 8f4b3a34c719de7bcf70047dfa1b93cb.safeframe.googlesyndication.com
URL: https://8f4b3a34c719de7bcf70047dfa1b93cb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1b985b833fe5443b89d4f969d7c3ce1111521d270a4776019c4098b9a3b6d516

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length
1576
Content-Type
application/javascript
91532438-f31b-4086-8018-7cd68ddba2a3.js
d2s8wlbatk24s7.cloudfront.net/service/js/ Frame C63D 		8 B
449 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://d2s8wlbatk24s7.cloudfront.net/service/js/91532438-f31b-4086-8018-7cd68ddba2a3.js
Requested by
Host: includemodal.global.ssl.fastly.net
URL: https://includemodal.global.ssl.fastly.net/pw.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.84.106 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-84-106.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0a8306d480a1b8a0e5803a1262635cd285075571c2529c91f40e22b6564ec272

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://8f4b3a34c719de7bcf70047dfa1b93cb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
muWssJlaTMhwNx39U6iumwhuke5LXV1E
via
1.1 ccfe5851ecd4194e2d976fb32dec7539.cloudfront.net (CloudFront)
etag
"c11a86e571fe7b35adcfb229bea0b483"
age
65891
x-edge-origin-shield-skipped
0
x-cache
Hit from cloudfront
content-length
8
last-modified
Mon, 30 Aug 2021 16:50:12 GMT
server
AmazonS3
date
Thu, 30 Sep 2021 15:53:24 GMT
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
x-amz-cf-id
Q4fdoS2lCIZfy0hVNF9Agibjg-sgjT5r6oknt_yGNR6mm1xRxnzXyg==
/
includemodal.com/service/imp/91532438-f31b-4086-8018-7cd68ddba2a3/ Frame C63D 		42 B
132 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://includemodal.com/service/imp/91532438-f31b-4086-8018-7cd68ddba2a3/?rand=574848&referer=https://www.sfweekly.com/
Requested by
Host: 8f4b3a34c719de7bcf70047dfa1b93cb.safeframe.googlesyndication.com
URL: https://8f4b3a34c719de7bcf70047dfa1b93cb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.132.32.164 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-132-32-164.us-east-2.compute.amazonaws.com
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://8f4b3a34c719de7bcf70047dfa1b93cb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 10:11:34 GMT
server
nginx/1.10.3 (Ubuntu)
content-length
42
content-type
image/gif
truncated
/ Frame C63D 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b9261ab11f501dffcbc7223ee11e3e921da294beadbf88f940457a9cd9a1bde5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
pubads_impl_2021092201.js
securepubads.g.doubleclick.net/gpt/ Frame EC27 		336 KB
118 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021092201.js?31062996
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nextmillenium/op.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
sffe /
Resource Hash
9a9a466cd927c64b4e9b81e29beec7d80422fb985b26a1ec038abea10c74c1eb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.sfweekly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 10:11:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
120420
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 08:37:52 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 01 Oct 2021 10:11:34 GMT
config
c.amazon-adsystem.com/cdn/prod/ Frame EC27 		0
332 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fwww.sfweekly.com%2Fsponsored%2Fblack-friday-cbd-oil-sales%2F&pubid=79e40b05-e673-4b6c-85f9-79252a7f96a5
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.186.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-186-4.fra2.r.cloudfront.net
Software
Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.sfweekly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 10:11:32 GMT
via
1.1 e976f829f2d1c4787d42d0595ae7cf75.cloudfront.net (CloudFront)
server
Server
age
1
x-edge-origin-shield-skipped
0
access-control-allow-origin
https://www.sfweekly.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
x-cache
Hit from cloudfront
x-amz-cf-pop
FRA2-C1
x-amz-cf-id
Y_AAKGjM1rG2ErWDcCMlfvR_NWrINrro5l6WmAVCNoU6Z56m2HEDVQ==
bid
c.amazon-adsystem.com/e/dtb/ Frame EC27 		23 B
491 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.sfweekly.com%2Fsponsored%2Fblack-friday-cbd-oil-sales%2F&pid=NckuuMS2Wwc1Z&cb=0&ws=0x0&v=7.69.01&t=2000&slots=%5B%7B%22sd%22%3A%220%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F90814396%2Fsfweekly_intext_HB%22%7D%5D&schain=1.0%2C1!nextmillennium.io%2C15103%2C1%2C%2C%2C&pubid=79e40b05-e673-4b6c-85f9-79252a7f96a5&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.186.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-186-4.fra2.r.cloudfront.net
Software
Server /
Resource Hash
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.sfweekly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 10:11:34 GMT
via
1.1 e976f829f2d1c4787d42d0595ae7cf75.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA2-C1
x-amz-rid
0S3259YWBP4NTWNSNDST
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.sfweekly.com
access-control-allow-credentials
true
permissions-policy
interest-cohort=()
strict-transport-security
max-age=47474747; includeSubDomains; preload
timing-allow-origin
*
content-length
23
x-amz-cf-id
j9S9g2GPs3hpZ-Lz4j32gGhuKMzegcuH04o2deh0vneIlM86ovFQAQ==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ Frame EC27 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.186.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-186-4.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.sfweekly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
S8kNCKkikutwvs4V44q0sFuZ4JNc9Ate
content-encoding
gzip
etag
W/"a4d296427fc806b21335359e398c025c"
age
1
x-edge-origin-shield-skipped
0
access-control-max-age
3000
x-cache
Hit from cloudfront
access-control-allow-origin
*
last-modified
Tue, 07 Sep 2021 22:15:56 GMT
server
AmazonS3
date
Fri, 01 Oct 2021 10:11:33 GMT
vary
Accept-Encoding,Origin
access-control-allow-methods
GET
content-type
application/javascript
via
1.1 ba5b5e2e7fd98c4a472633bc4c1d4480.cloudfront.net (CloudFront)
cache-control
public, max-age=86400
x-amz-cf-pop
FRA2-C1
x-amz-cf-id
nV9DQy6_nUWaEdKUrE8DErNm_4uDRGqVHDwbMGpc81tZsLImOpPm_A==
addelivery
ap.lijit.com/ Frame 9A84 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/addelivery?zoneid=435515&tid=a_435515_27dec086467e471eac73961770d60b60&cb=undefined&mode=1&ifr=true&od=www.sfweekly.com&time=10%3A11%3A34&fd=1&be=cr&loc=https%3A%2F%2Fwww.sfweekly.com%2F&orig_loc=http%3A%2F%2Fhttps%3A%2F%2Fwww.sfweekly.com%2F&abf=true&dpz=false&cv=undefined&dop=0&ndw=1&spif=true&btid=a_435515_27dec086467e471eac73961770d60b60
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/sync
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.14 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
/
Resource Hash
d8018da3aa34315ff6189e2e31293554ce413e2a78bfef7a1ee1867bea052187

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://8f4b3a34c719de7bcf70047dfa1b93cb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 01 Oct 2021 10:11:34 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap1ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
805
3cfbaed5-9c5d-49b7-96be-49ea57174154
https://8f4b3a34c719de7bcf70047dfa1b93cb.safeframe.googlesyndication.com/ Frame C698 		2 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://8f4b3a34c719de7bcf70047dfa1b93cb.safeframe.googlesyndication.com/3cfbaed5-9c5d-49b7-96be-49ea57174154
Requested by
Host: 8f4b3a34c719de7bcf70047dfa1b93cb.safeframe.googlesyndication.com
URL: https://8f4b3a34c719de7bcf70047dfa1b93cb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1b985b833fe5443b89d4f969d7c3ce1111521d270a4776019c4098b9a3b6d516

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length
1576
Content-Type
application/javascript
ec30c5cc-f1ff-42c8-94a0-7fd49ec2c7b8
https://8f4b3a34c719de7bcf70047dfa1b93cb.safeframe.googlesyndication.com/ Frame 1104 		2 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://8f4b3a34c719de7bcf70047dfa1b93cb.safeframe.googlesyndication.com/ec30c5cc-f1ff-42c8-94a0-7fd49ec2c7b8
Requested by
Host: 8f4b3a34c719de7bcf70047dfa1b93cb.safeframe.googlesyndication.com
URL: https://8f4b3a34c719de7bcf70047dfa1b93cb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1b985b833fe5443b89d4f969d7c3ce1111521d270a4776019c4098b9a3b6d516

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length
1576
Content-Type
application/javascript
addelivery
ap.lijit.com/ Frame C698 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/addelivery?zoneid=435514&tid=a_435514_bf7f1e2c367d4d51815b636508745472&cb=undefined&mode=1&ifr=true&od=www.sfweekly.com&time=10%3A11%3A34&fd=1&be=cr&loc=https%3A%2F%2Fwww.sfweekly.com%2F&orig_loc=http%3A%2F%2Fhttps%3A%2F%2Fwww.sfweekly.com%2F&abf=true&dpz=false&cv=undefined&dop=0&ndw=1&spif=true&btid=a_435515_27dec086467e471eac73961770d60b60
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/sync
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.14 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
/
Resource Hash
cbd7c2f435e1ae2408e1a9a2c109de8253c0bc2ad9af2e1000df923df4611157

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://8f4b3a34c719de7bcf70047dfa1b93cb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 01 Oct 2021 10:11:34 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap1ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
798
addelivery
ap.lijit.com/ Frame 1104 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/addelivery?zoneid=435515&tid=a_435515_39c96d4e716f40edbe89ea216d1cc2ac&cb=undefined&mode=1&ifr=true&od=www.sfweekly.com&time=10%3A11%3A34&fd=1&be=cr&loc=https%3A%2F%2Fwww.sfweekly.com%2F&orig_loc=http%3A%2F%2Fhttps%3A%2F%2Fwww.sfweekly.com%2F&abf=true&dpz=false&cv=undefined&dop=0&ndw=1&spif=true&btid=a_435515_27dec086467e471eac73961770d60b60
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/sync
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.14 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
/
Resource Hash
a6684f1b4c35099eda68a4af4b38db9ba73f352060966cdb9d5f5ffdd9ec4567

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://8f4b3a34c719de7bcf70047dfa1b93cb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 01 Oct 2021 10:11:34 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap1ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
803
1d6545b4-dbbd-4c06-8094-d70eeca16a44
https://8f4b3a34c719de7bcf70047dfa1b93cb.safeframe.googlesyndication.com/ Frame C63D 		2 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://8f4b3a34c719de7bcf70047dfa1b93cb.safeframe.googlesyndication.com/1d6545b4-dbbd-4c06-8094-d70eeca16a44
Requested by
Host: 8f4b3a34c719de7bcf70047dfa1b93cb.safeframe.googlesyndication.com
URL: https://8f4b3a34c719de7bcf70047dfa1b93cb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1b985b833fe5443b89d4f969d7c3ce1111521d270a4776019c4098b9a3b6d516

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length
1576
Content-Type
application/javascript
addelivery
ap.lijit.com/ Frame C63D 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/addelivery?zoneid=435514&tid=a_435514_c2a12ac0f6dc4441960abb6cc16681cd&cb=undefined&mode=1&ifr=true&od=www.sfweekly.com&time=10%3A11%3A34&fd=1&be=cr&loc=https%3A%2F%2Fwww.sfweekly.com%2F&orig_loc=http%3A%2F%2Fhttps%3A%2F%2Fwww.sfweekly.com%2F&abf=true&dpz=false&cv=undefined&dop=0&ndw=1&spif=true&btid=a_435515_27dec086467e471eac73961770d60b60
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/sync
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.14 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
/
Resource Hash
479a65653d3b7773bd1a4f2a8c85cc6c14a8eed3cb828bfc2d3fb354f1096bf6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://8f4b3a34c719de7bcf70047dfa1b93cb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 01 Oct 2021 10:11:34 GMT
Content-Encoding
gzip
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap1ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
799
csi
csi.gstatic.com/ Frame 975E 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~ku87ibfo&c=439566013265&slotId=219783006632.5&qqid=CJDa7cz8qPMCFeruuwgdY2IHVg&umsem=0&ape=1&ple=1&event_name=unmeasurable_asset&resource_name=https%253A%252F%252Fwww.gstatic.com%252Fmysidia%252Ff14dc7a62bcf992c762f7db4d8023af3.js%253Ftag%253Dclient_fast_engine_2019&encoded_body_size=0&transfer_size=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/1dddcf558b055f9fb2aa658608e709ba.js?tag=video_mra/web_raspberry
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.168.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams16s32-in-f3.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://8f4b3a34c719de7bcf70047dfa1b93cb.safeframe.googlesyndication.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Fri, 01 Oct 2021 10:11:34 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame 975E 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=3~ku87ic0c&c=439566013265&slotId=219783006632.5&qqid=CJDa7cz8qPMCFeruuwgdY2IHVg&event_name=unmeasurable_asset&resource_name=https%253A%252F%252Fwww.gstatic.com%252Fmysidia%252F1dddcf558b055f9fb2aa658608e709ba.js%253Ftag%253Dvideo_mra%252Fweb_raspberry&encoded_body_size=0&transfer_size=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/1dddcf558b055f9fb2aa658608e709ba.js?tag=video_mra/web_raspberry
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.168.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams16s32-in-f3.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://8f4b3a34c719de7bcf70047dfa1b93cb.safeframe.googlesyndication.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Fri, 01 Oct 2021 10:11:34 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame 975E 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=4~ku87ic0c&c=439566013265&slotId=219783006632.5&qqid=CJDa7cz8qPMCFeruuwgdY2IHVg&event_name=unmeasurable_asset&resource_name=https%253A%252F%252Fwww.gstatic.com%252Fmysidia%252F8400539943eb1c96fa551c508d61e34e.js%253Ftag%253Dmysidia_one_click_handler_one_afma_2019&encoded_body_size=0&transfer_size=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/1dddcf558b055f9fb2aa658608e709ba.js?tag=video_mra/web_raspberry
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.168.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams16s32-in-f3.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://8f4b3a34c719de7bcf70047dfa1b93cb.safeframe.googlesyndication.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Fri, 01 Oct 2021 10:11:34 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
getpixels
pixels.ad.gt/api/v1/ 		0
344 B 		Script
General
Check archive.org
Download Go to
Full URL
https://pixels.ad.gt/api/v1/getpixels?tagger_id=089e6f3d358c7e4ad84c01230a4bc06e&url=https%3A%2F%2Fwww.sfweekly.com%2Fsponsored%2Fblack-friday-cbd-oil-sales%2F&code=%27none%27
Requested by
Host: p.ad.gt
URL: https://p.ad.gt/api/v1/p/251
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.189.240.181 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-189-240-181.us-west-2.compute.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.sfweekly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Fri, 01 Oct 2021 10:11:34 GMT
server
nginx/1.18.0
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-allow-methods
GET, POST, OPTIONS
access-control-expose-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
fbevents.js
connect.facebook.net/en_US/ 		98 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: p.ad.gt
URL: https://p.ad.gt/api/v1/p/251
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.60.216.19 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-frx5.fbcdn.net
Software
/
Resource Hash
010197d1993c80fa2d28758f166043e0eace7c062d11df8a4bcb342fa8755b53
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.sfweekly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
25967
x-xss-protection
0
pragma
public
x-fb-debug
pQnI1o2l1gYR2pJCmsaMeOIWcantp559reGXSfeSobhc3KxCQIcodN2EOvkLqoNTQ+WZXvsaH0KH4LcZGjIAVQ==
x-fb-trip-id
917726464
x-frame-options
DENY
date
Fri, 01 Oct 2021 10:11:34 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
ecommerce.js
www.google-analytics.com/plugins/ua/ 		1 KB
763 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/plugins/ua/ecommerce.js
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.46 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f14.1e100.net
Software
sffe /
Resource Hash
8e1b84265e633c043720dd0921476c16bc9f75e393e855c9116ca7c3a847b5c7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.sfweekly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 09:16:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3321
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
738
x-xss-protection
0
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Fri, 01 Oct 2021 10:16:13 GMT
ec.js
www.google-analytics.com/plugins/ua/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/plugins/ua/ec.js
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.46 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f14.1e100.net
Software
sffe /
Resource Hash
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.sfweekly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 10:01:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
597
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1306
x-xss-protection
0
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Fri, 01 Oct 2021 11:01:37 GMT
openx
ids.ad.gt/api/v1/
Redirect Chain
  • https://u.openx.net/w/1.0/cm?id=998eaf06-9905-4eae-9e26-9fac75960c53&r=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fopenx%3Fopenx_id%3D%7BOPENX_ID%7D%26id%3D0200b69q6w07jv2yg08xizqr0bwpa1w0evvljv1k7cm961o8...
  • https://u.openx.net/w/1.0/cm?cc=1&id=998eaf06-9905-4eae-9e26-9fac75960c53&r=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fopenx%3Fopenx_id%3D%7BOPENX_ID%7D%26id%3D0200b69q6w07jv2yg08xizqr0bwpa1w0evvljv1k7cm...
  • https://ids.ad.gt/api/v1/openx?openx_id=769bd6e8-5601-4f59-96af-351b970f206f&id=0200b69q6w07jv2yg08xizqr0bwpa1w0evvljv1k7cm961o8b5po0ntek210qskvk40trr7270wqxik90zq3u2c12pa5j31k0gxf118nmsj91nelrdq1e...
43 B
481 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ids.ad.gt/api/v1/openx?openx_id=769bd6e8-5601-4f59-96af-351b970f206f&id=0200b69q6w07jv2yg08xizqr0bwpa1w0evvljv1k7cm961o8b5po0ntek210qskvk40trr7270wqxik90zq3u2c12pa5j31k0gxf118nmsj91nelrdq1elzfjf1hl5r1i1kkc2jl&auid=6e52ce68-ecc0-4328-82e5-b5972013fe7a
Requested by
Host: www.sfweekly.com
URL: https://www.sfweekly.com/sponsored/black-friday-cbd-oil-sales/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.211.237.159 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-211-237-159.us-west-2.compute.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.sfweekly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 10:11:34 GMT
cache-control
public, max-age=43200
server
nginx/1.18.0
content-type
image/gif
expires
Fri, 01 Oct 2021 22:11:34 GMT

Redirect headers

date
Fri, 01 Oct 2021 10:11:34 GMT
content-encoding
gzip
server
OXGW/16.216.4
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://ids.ad.gt/api/v1/openx?openx_id=769bd6e8-5601-4f59-96af-351b970f206f&id=0200b69q6w07jv2yg08xizqr0bwpa1w0evvljv1k7cm961o8b5po0ntek210qskvk40trr7270wqxik90zq3u2c12pa5j31k0gxf118nmsj91nelrdq1elzfjf1hl5r1i1kkc2jl&auid=6e52ce68-ecc0-4328-82e5-b5972013fe7a
content-type
image/gif
alt-svc
clear
content-length
0
via
1.1 google
halo_match
ids.ad.gt/api/v1/ 		43 B
650 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ids.ad.gt/api/v1/halo_match?id=6e52ce68-ecc0-4328-82e5-b5972013fe7a&halo_id=0200b69q6w07jv2yg08xizqr0bwpa1w0evvljv1k7cm961o8b5po0ntek210qskvk40trr7270wqxik90zq3u2c12pa5j31k0gxf118nmsj91nelrdq1elzfjf1hl5r1i1kkc2jl
Requested by
Host: www.sfweekly.com
URL: https://www.sfweekly.com/sponsored/black-friday-cbd-oil-sales/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.211.237.159 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-211-237-159.us-west-2.compute.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.sfweekly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 10:11:34 GMT
cache-control
public, max-age=43200
server
nginx/1.18.0
content-type
image/gif
expires
Fri, 01 Oct 2021 22:11:34 GMT
cygnus
htlb.casalemedia.com/ Frame 8C9D 		25 B
375 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=471352&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%22409ed8b1f5daabd%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.sfweekly.com%2Fsponsored%2Fblack-friday-cbd-oil-sales%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%224.39.0%22%2C%22userIds%22%3A%5B%22pubcid%22%5D%2C%22msd%22%3A0%2C%22msi%22%3A0%7D%7D%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22nextmillennium.io%22%2C%22sid%22%3A%2215103%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2241433391eedf46%22%2C%22ext%22%3A%7B%22siteID%22%3A%22471352%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A0%7D%7D%5D%7D
Requested by
Host: hb.brainlyads.com
URL: https://hb.brainlyads.com/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.31.84.150 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-31-84-150.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
9a81171acfa6d2692bc3b8dd7a8911c7df133fde288e8fa857e7c4755859fdc1

Request headers

Referer
https://www.sfweekly.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 01 Oct 2021 10:11:34 GMT
content-encoding
gzip
x-ak-initial-geo
CC:[DE], RC:[HE], CN:[EU], CIP:[216.131.111.45], XFF:[]
server
Apache
vary
Is-Traffic-Invalid,Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.sfweekly.com
x-cs-client-geo
12
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
45
x-ak-client-geo
12
expires
Fri, 01 Oct 2021 10:11:34 GMT
mvo
tag.1rx.io/rmp/211404/0/ Frame 8C9D 		0
172 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tag.1rx.io/rmp/211404/0/mvo?z=1r&hbv=4.39,2.1
Requested by
Host: hb.brainlyads.com
URL: https://hb.brainlyads.com/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.42 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Tengine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sfweekly.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.sfweekly.com
pragma
no-cache
date
Fri, 01 Oct 2021 10:11:34 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
Tengine
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame 8C9D 		241 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17888&site_id=314682&zone_id=1678002&size_id=15&p_pos=atf&rp_schain=1.0,1!nextmillennium.io,15103,1,,,&eid_pubcid.org=65dbf2a8-cd47-4ff7-8222-d7e877d7741d%5E1&rf=https%3A%2F%2Fwww.sfweekly.com%2Fsponsored%2Fblack-friday-cbd-oil-sales%2F&tk_flint=pbjs_lite_v4.39.0&x_source.tid=95f4c602-6595-42fc-857e-1131a9bbe6d4&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.11707022469328798
Requested by
Host: hb.brainlyads.com
URL: https://hb.brainlyads.com/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.141 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
a7165f53d2cb5f7a2df4ad9cb9428984526a1feb52585077150921bf54429c13

Request headers

Referer
https://www.sfweekly.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 01 Oct 2021 10:11:34 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.sfweekly.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
241
Expires
Wed, 17 Sep 1975 21:32:10 GMT
prebid
ib.adnxs.com/ut/v3/ Frame 8C9D 		13 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: hb.brainlyads.com
URL: https://hb.brainlyads.com/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.37 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
691.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
370ffaddff33203713709734d8a67a7a81e65cfb6e8f3613f09be88e074db7e7
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.sfweekly.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Date
Fri, 01 Oct 2021 10:11:34 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
216.131.111.45; 216.131.111.45; 691.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
be5d12e9-88a5-48c3-a1ef-0cd4a0576a47
Server
nginx/1.17.9
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://www.sfweekly.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
translator
hbopenbid.pubmatic.com/ Frame 8C9D 		0
61 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: hb.brainlyads.com
URL: https://hb.brainlyads.com/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sfweekly.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.sfweekly.com
date
Fri, 01 Oct 2021 10:11:32 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
1853083501571805
connect.facebook.net/signals/config/ 		492 KB
145 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1853083501571805?v=2.9.47&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
185.60.216.19 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-frx5.fbcdn.net
Software
/
Resource Hash
472c3a81f8857130e2f65c85398c080762bb1044b010741af0dbb6a49e1998cd
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.sfweekly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
148138
x-xss-protection
0
pragma
public
x-fb-debug
rZdo2A1iSLV1JoE+sN4Xb1RiNt4TFsNZ6TRlZQBSzEmKlin0GB01wBYTAOfBYF2NDU8Niw0hzMCoiBdbAo89dg==
x-frame-options
DENY
date
Fri, 01 Oct 2021 10:11:34 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
ariel.js
surgeprice.com/display/async/Kg3RFMmSZ8i2rGAQi/sfweekly.com/ Frame 9A84 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://surgeprice.com/display/async/Kg3RFMmSZ8i2rGAQi/sfweekly.com/ariel.js
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/sync
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.0.190 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://8f4b3a34c719de7bcf70047dfa1b93cb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
t.dhj
pxdrop.lijit.com/1/d/ Frame 9A84 		0
225 B 		Script
General
Check archive.org
Download Go to
Full URL
https://pxdrop.lijit.com/1/d/t.dhj?dmn=sfweekly.com&pn=%2F&pubid=SFMC_Online
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/sync
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.233.227 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-233-227.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://8f4b3a34c719de7bcf70047dfa1b93cb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 01 Oct 2021 10:11:34 GMT
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
X-Robots-Tag
noindex, nofollow
Expires
Fri, 01 Oct 2021 10:11:34 GMT
beacon
gslbeacon.lijit.com/ Frame 7439 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://gslbeacon.lijit.com/beacon?viewId=a_435515_27dec086467e471eac73961770d60b60&rand=8216&informer=13390776&type=fpads&loc=https%3A%2F%2Fwww.sfweekly.com%2F&v=1.2
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/sync
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.30 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
nginx / raptor
Resource Hash

Request headers

Host
gslbeacon.lijit.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://8f4b3a34c719de7bcf70047dfa1b93cb.safeframe.googlesyndication.com/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://8f4b3a34c719de7bcf70047dfa1b93cb.safeframe.googlesyndication.com/

Response headers

Server
nginx
Date
Fri, 01 Oct 2021 10:11:34 GMT
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Pragma
no-cache
Expires
Fri, 20 Mar 2009 00:00:00 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
X-Powered-By
raptor
X-Sovrn-Pod
ad_ap6ams1
containertag
ap.lijit.com/ Frame 9A84 		39 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/containertag?containerId=18&zoneId=435515&v=2
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/sync
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.14 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
301940961899793bb73d3a4f80c4abb9ac89f2bb7581aab44714621c60c34ffc

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://8f4b3a34c719de7bcf70047dfa1b93cb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 01 Oct 2021 10:11:34 GMT
Content-Encoding
gzip
Server
nginx
X-Powered-By
raptor
Vary
Accept-Encoding
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Transfer-Encoding
chunked
X-Sovrn-Pod
ad_ap1ams1
Content-Type
application/json
Expires
Fri, 20 Mar 2009 00:00:00 GMT
impression
vap1ams1.lijit.com/addelivery/ Frame 9A84 		43 B
552 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vap1ams1.lijit.com/addelivery/impression?i_data=0kkUQJv1sgGPcT4ic-omUIJATt_YoGmQcXHIPFG08apbs4l27GFhQLenFcymG0KvGM19MAYqmeKOIt1Yh3BHX-xdyMIOofa_JmqRmgsoSya8DyCPCVasG_CCqrcttpeZYBOXMFlG4mQBEOk871XGRi1goKbRZpSx8ceiddbsPZKGfvqlQuU0B3fLjAxhu24c_KFWlIXO96GAQb87W7amGxE4GiOUGlzVfI7wDrlRjWwbrsWl0Spr8Tn_v1VF15dOaUmdZRrYX963GJCk8vDCkhzUKPazWBzUIzP_tXkAOPxQZNUnuSDXbmpBGNL97A~~&bannerid=165660&campaignid=232&endpoint=WATERFALL&zoneid=435515&tid=a_435515_27dec086467e471eac73961770d60b60
Requested by
Host: 8f4b3a34c719de7bcf70047dfa1b93cb.safeframe.googlesyndication.com
URL: https://8f4b3a34c719de7bcf70047dfa1b93cb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.14 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://8f4b3a34c719de7bcf70047dfa1b93cb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 01 Oct 2021 10:11:34 GMT
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
P3P
CP="CUR ADM OUR NOR STA NID"
Access-Control-Allow-Origin
*
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap1ams1
Content-Type
image/gif
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT
fp
vap1ams1.lijit.com/data/ Frame 9A84 		43 B
206 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vap1ams1.lijit.com/data/fp?tid=a_435515_27dec086467e471eac73961770d60b60&zoneid=435515&starttime=1633083093362&adcfg=2&adcfg_response=682&addelivery=685&addelivery_response=829&lgfired=832&beacon=834&container=835&EOL=835&ctstart=0&elapsed_ms=835
Requested by
Host: 8f4b3a34c719de7bcf70047dfa1b93cb.safeframe.googlesyndication.com
URL: https://8f4b3a34c719de7bcf70047dfa1b93cb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.14 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://8f4b3a34c719de7bcf70047dfa1b93cb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 01 Oct 2021 10:11:34 GMT
Server
nginx
X-Sovrn-Pod
ad_ap1ams1
X-Powered-By
raptor
Content-Length
43
Content-Type
image/gif
/
www.facebook.com/tr/ 		44 B
426 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1853083501571805&ev=PageView&dl=https%3A%2F%2Fwww.sfweekly.com%2Fsponsored%2Fblack-friday-cbd-oil-sales%2F&rl=&if=false&ts=1633083094239&cd[partner_id]=251&cd[tagger_id]=089e6f3d358c7e4ad84c01230a4bc06e&sw=1600&sh=1200&v=2.9.47&r=stable&ec=0&o=30&fbp=fb.1.1633083094238.59566840&it=1633083094165&coo=false&tm=1&rqm=GET
Requested by
Host: www.sfweekly.com
URL: https://www.sfweekly.com/sponsored/black-friday-cbd-oil-sales/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.60.216.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-frx5.facebook.com
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.sfweekly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 10:11:34 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
44
expires
Fri, 01 Oct 2021 10:11:34 GMT
ariel.js
surgeprice.com/display/async/Kg3RFMmSZ8i2rGAQi/sfweekly.com/ Frame 1104 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://surgeprice.com/display/async/Kg3RFMmSZ8i2rGAQi/sfweekly.com/ariel.js
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/sync
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.0.190 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://8f4b3a34c719de7bcf70047dfa1b93cb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
t.dhj
pxdrop.lijit.com/1/d/ Frame 1104 		0
225 B 		Script
General
Check archive.org
Download Go to
Full URL
https://pxdrop.lijit.com/1/d/t.dhj?dmn=sfweekly.com&pn=%2F&pubid=SFMC_Online
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/sync
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.233.227 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-233-227.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://8f4b3a34c719de7bcf70047dfa1b93cb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 01 Oct 2021 10:11:34 GMT
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
X-Robots-Tag
noindex, nofollow
Expires
Fri, 01 Oct 2021 10:11:34 GMT
containertag
ap.lijit.com/ Frame 1104 		15 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/containertag?containerId=18&zoneId=435515&v=2
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/sync
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.14 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
b6d360d4a67ca0442221b3056fcbbdb856b3618ef4a34303ad1f4d8f678d80b5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://8f4b3a34c719de7bcf70047dfa1b93cb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 01 Oct 2021 10:11:34 GMT
Content-Encoding
gzip
Server
nginx
X-Powered-By
raptor
Vary
Accept-Encoding
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Transfer-Encoding
chunked
X-Sovrn-Pod
ad_ap1ams1
Content-Type
application/json
Expires
Fri, 20 Mar 2009 00:00:00 GMT
impression
vap1ams1.lijit.com/addelivery/ Frame 1104 		43 B
552 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vap1ams1.lijit.com/addelivery/impression?i_data=dlnQgbifweZRNQgfCudFhLuJYa1SA3MaTS6DJ0ogmK6vZ618yBQbqp4zTy0QbC2vm8TZsw_udDNygFWGaKC5Kuu_klNwjXJ-ceYlFVLrD-PhVZWns3sjCGZIwBcDn1OEyVmRjBHHJ61bMtf5x-pANazwQXDq9VZBlEYRoX9ocNuhYf5O10d1XW701ENWZV_8kGmxKtJQRiV_qI9LggF2rSttmsmti_jh11v-0WfnSK4gevthNwkLete0LNDluiSqfcZ2Y1fxWKd5D-rqYWMq0ptEylczb5nCxSjatpt6Y6oX0f-xRlX70gqxPgMLZA~~&bannerid=165660&campaignid=232&endpoint=WATERFALL&zoneid=435515&tid=a_435515_39c96d4e716f40edbe89ea216d1cc2ac
Requested by
Host: 8f4b3a34c719de7bcf70047dfa1b93cb.safeframe.googlesyndication.com
URL: https://8f4b3a34c719de7bcf70047dfa1b93cb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.14 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://8f4b3a34c719de7bcf70047dfa1b93cb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 01 Oct 2021 10:11:34 GMT
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
P3P
CP="CUR ADM OUR NOR STA NID"
Access-Control-Allow-Origin
*
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap1ams1
Content-Type
image/gif
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT
fp
vap1ams1.lijit.com/data/ Frame 1104 		43 B
206 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vap1ams1.lijit.com/data/fp?tid=a_435515_39c96d4e716f40edbe89ea216d1cc2ac&zoneid=435515&starttime=1633083093399&adcfg=1&adcfg_response=671&addelivery=672&addelivery_response=852&lgfired=853&container=854&EOL=854&ctstart=0&elapsed_ms=854
Requested by
Host: 8f4b3a34c719de7bcf70047dfa1b93cb.safeframe.googlesyndication.com
URL: https://8f4b3a34c719de7bcf70047dfa1b93cb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.14 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://8f4b3a34c719de7bcf70047dfa1b93cb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 01 Oct 2021 10:11:34 GMT
Server
nginx
X-Sovrn-Pod
ad_ap1ams1
X-Powered-By
raptor
Content-Length
43
Content-Type
image/gif
t.dhj
pxdrop.lijit.com/1/d/ Frame 9A84 		0
225 B 		Script
General
Check archive.org
Download Go to
Full URL
https://pxdrop.lijit.com/1/d/t.dhj?dmn=8f4b3a34c719de7bcf70047dfa1b93cb.safeframe.googlesyndication.com&GDPR_v2=&pubid=SFMC_Online
Requested by
Host: www.sfweekly.com
URL: https://www.sfweekly.com/sponsored/black-friday-cbd-oil-sales/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.233.227 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-233-227.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://8f4b3a34c719de7bcf70047dfa1b93cb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 01 Oct 2021 10:11:34 GMT
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
X-Robots-Tag
noindex, nofollow
Expires
Fri, 01 Oct 2021 10:11:34 GMT
ct
ap.lijit.com/data/ Frame 9A84 		43 B
206 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ap.lijit.com/data/ct?tid=a_435515_27dec086467e471eac73961770d60b60&zoneid=435515&cid=18&geo=DE&all_tags=185%2C203%2C205%2C248%2C458%2C462%2C465%2C490%2C515%2C561%2C563%2C565%2C589%2C590%2C600%2C604&tss=59&fired_tags=590&count=1&status=8%2C8%2C8%2C8%2C8%2C8%2C8%2C8%2C8%2C8%2C8%2C8%2C8%2C1%2C32%2C8&elapsed_ms=59
Requested by
Host: 8f4b3a34c719de7bcf70047dfa1b93cb.safeframe.googlesyndication.com
URL: https://8f4b3a34c719de7bcf70047dfa1b93cb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.14 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://8f4b3a34c719de7bcf70047dfa1b93cb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 01 Oct 2021 10:11:34 GMT
Server
nginx
X-Sovrn-Pod
ad_ap1ams1
X-Powered-By
raptor
Content-Length
43
Content-Type
image/gif
ariel.js
surgeprice.com/display/async/Kg3RFMmSZ8i2rGAQi/sfweekly.com/ Frame C698 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://surgeprice.com/display/async/Kg3RFMmSZ8i2rGAQi/sfweekly.com/ariel.js
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/sync
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.0.190 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://8f4b3a34c719de7bcf70047dfa1b93cb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
t.dhj
pxdrop.lijit.com/1/d/ Frame C698 		0
225 B 		Script
General
Check archive.org
Download Go to
Full URL
https://pxdrop.lijit.com/1/d/t.dhj?dmn=sfweekly.com&pn=%2F&pubid=SFMC_Online
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/sync
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.233.227 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-233-227.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://8f4b3a34c719de7bcf70047dfa1b93cb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 01 Oct 2021 10:11:34 GMT
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
X-Robots-Tag
noindex, nofollow
Expires
Fri, 01 Oct 2021 10:11:34 GMT
containertag
ap.lijit.com/ Frame C698 		15 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/containertag?containerId=18&zoneId=435514&v=2
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/sync
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.14 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
b6d360d4a67ca0442221b3056fcbbdb856b3618ef4a34303ad1f4d8f678d80b5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://8f4b3a34c719de7bcf70047dfa1b93cb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 01 Oct 2021 10:11:34 GMT
Content-Encoding
gzip
Server
nginx
X-Powered-By
raptor
Vary
Accept-Encoding
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Transfer-Encoding
chunked
X-Sovrn-Pod
ad_ap1ams1
Content-Type
application/json
Expires
Fri, 20 Mar 2009 00:00:00 GMT
impression
vap1ams1.lijit.com/addelivery/ Frame C698 		43 B
552 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vap1ams1.lijit.com/addelivery/impression?i_data=BcGvCT4gk2dK91RpaJrZk28ysTwRiLMO-dE4UgLlgTgOVwsNz75UPmJoB_WDf1T35zsmaHsYSmt199wb9Ot4V2omFbYplfeM-vm2HgdxxvA5hp6NO_Bo4qr4MGLZjt9NYEB7bEARlmEACQj9UlNl-fYo4Jeku2EIycSeTeARSgq0hy5Jkuqy5RQMTB-UdK_l_2ely7JB4voz1sGS9XLx5OiqipanJ89ieD2Tv-Zct-b007zwoCeynHD7NW09hNyusZ-9AJ-woShvzr9tkqCWtu6FzDA80I8S7Vfcg1G0rmYUfy3p3oaOdeYJIEk~&bannerid=165651&campaignid=232&endpoint=WATERFALL&zoneid=435514&tid=a_435514_bf7f1e2c367d4d51815b636508745472
Requested by
Host: 8f4b3a34c719de7bcf70047dfa1b93cb.safeframe.googlesyndication.com
URL: https://8f4b3a34c719de7bcf70047dfa1b93cb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.14 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://8f4b3a34c719de7bcf70047dfa1b93cb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 01 Oct 2021 10:11:34 GMT
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
P3P
CP="CUR ADM OUR NOR STA NID"
Access-Control-Allow-Origin
*
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap1ams1
Content-Type
image/gif
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT
fp
vap1ams1.lijit.com/data/ Frame C698 		43 B
206 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vap1ams1.lijit.com/data/fp?tid=a_435514_bf7f1e2c367d4d51815b636508745472&zoneid=435514&starttime=1633083093397&adcfg=2&adcfg_response=670&addelivery=671&addelivery_response=858&lgfired=859&container=860&EOL=860&ctstart=0&elapsed_ms=860
Requested by
Host: 8f4b3a34c719de7bcf70047dfa1b93cb.safeframe.googlesyndication.com
URL: https://8f4b3a34c719de7bcf70047dfa1b93cb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.14 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://8f4b3a34c719de7bcf70047dfa1b93cb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 01 Oct 2021 10:11:34 GMT
Server
nginx
X-Sovrn-Pod
ad_ap1ams1
X-Powered-By
raptor
Content-Length
43
Content-Type
image/gif
ariel.js
surgeprice.com/display/async/Kg3RFMmSZ8i2rGAQi/sfweekly.com/ Frame C63D 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://surgeprice.com/display/async/Kg3RFMmSZ8i2rGAQi/sfweekly.com/ariel.js
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/sync
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.0.190 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://8f4b3a34c719de7bcf70047dfa1b93cb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
t.dhj
pxdrop.lijit.com/1/d/ Frame C63D 		0
225 B 		Script
General
Check archive.org
Download Go to
Full URL
https://pxdrop.lijit.com/1/d/t.dhj?dmn=sfweekly.com&pn=%2F&pubid=SFMC_Online
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/sync
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.233.227 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-233-227.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://8f4b3a34c719de7bcf70047dfa1b93cb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 01 Oct 2021 10:11:34 GMT
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
X-Robots-Tag
noindex, nofollow
Expires
Fri, 01 Oct 2021 10:11:34 GMT
containertag
ap.lijit.com/ Frame C63D 		15 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/containertag?containerId=18&zoneId=435514&v=2
Requested by
Host: ap.lijit.com
URL: https://ap.lijit.com/sync
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.14 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
b6d360d4a67ca0442221b3056fcbbdb856b3618ef4a34303ad1f4d8f678d80b5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://8f4b3a34c719de7bcf70047dfa1b93cb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 01 Oct 2021 10:11:34 GMT
Content-Encoding
gzip
Server
nginx
X-Powered-By
raptor
Vary
Accept-Encoding
P3P
CP="CUR ADM OUR NOR STA NID"
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Transfer-Encoding
chunked
X-Sovrn-Pod
ad_ap1ams1
Content-Type
application/json
Expires
Fri, 20 Mar 2009 00:00:00 GMT
impression
vap1ams1.lijit.com/addelivery/ Frame C63D 		43 B
552 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vap1ams1.lijit.com/addelivery/impression?i_data=lLgW5YOz4Vl7dNpkJbeRkK3qkHBng4v33X9LrQCb5ZwabtaOztC21uj2qd45UWfGYNGxi09yCDQmLacnpbHjGz5TCA2jjT5OFiNLnBAtKbCMf4XlpaVuVt8bfGaMKTYrIxZI6GZPAvkTrNgkhWB1T9I774KYOmq4KZm_cu-ijLz8cHkxW9apCsWX4tqvzmqvjQDM4e4oC5XCz5XogMU7Hjh_RIHgAn2oA7XilNV25nIGpTXPrysqZm1gsT2uIhIZes8iCc6y9a6-gxwgIIuKi54Bs3QaebfGHWU2PTI20bMkrdIlYZFQEp_iMY-LSg~~&bannerid=165651&campaignid=232&endpoint=WATERFALL&zoneid=435514&tid=a_435514_c2a12ac0f6dc4441960abb6cc16681cd
Requested by
Host: 8f4b3a34c719de7bcf70047dfa1b93cb.safeframe.googlesyndication.com
URL: https://8f4b3a34c719de7bcf70047dfa1b93cb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.14 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://8f4b3a34c719de7bcf70047dfa1b93cb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 01 Oct 2021 10:11:34 GMT
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
P3P
CP="CUR ADM OUR NOR STA NID"
Access-Control-Allow-Origin
*
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap1ams1
Content-Type
image/gif
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
43
Expires
Fri, 20 Mar 2009 00:00:00 GMT
fp
vap1ams1.lijit.com/data/ Frame C63D 		43 B
206 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vap1ams1.lijit.com/data/fp?tid=a_435514_c2a12ac0f6dc4441960abb6cc16681cd&zoneid=435514&starttime=1633083093451&adcfg=0&adcfg_response=632&addelivery=633&addelivery_response=808&lgfired=809&container=810&EOL=810&ctstart=0&elapsed_ms=810
Requested by
Host: 8f4b3a34c719de7bcf70047dfa1b93cb.safeframe.googlesyndication.com
URL: https://8f4b3a34c719de7bcf70047dfa1b93cb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.14 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://8f4b3a34c719de7bcf70047dfa1b93cb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 01 Oct 2021 10:11:34 GMT
Server
nginx
X-Sovrn-Pod
ad_ap1ams1
X-Powered-By
raptor
Content-Length
43
Content-Type
image/gif
statistics
report2.hb.brainlyads.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://report2.hb.brainlyads.com/statistics
Protocol
HTTP/1.1
Server
3.86.21.221 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-86-21-221.compute-1.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://www.sfweekly.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Server
nginx/1.18.0 (Ubuntu)
Date
Fri, 01 Oct 2021 10:11:34 GMT
Connection
keep-alive
Access-Control-Allow-Origin
*
Access-Control-Allow-Headers
*
statistics
report2.hb.brainlyads.com/ Frame 8C9D 		0
232 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://report2.hb.brainlyads.com/statistics
Requested by
Host: hb.brainlyads.com
URL: https://hb.brainlyads.com/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
3.86.21.221 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-86-21-221.compute-1.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) / Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sfweekly.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 01 Oct 2021 10:11:34 GMT
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
X-Powered-By
Express
Access-Control-Allow-Headers
*
Transfer-Encoding
chunked
t.dhj
pxdrop.lijit.com/1/d/ Frame 1104 		0
225 B 		Script
General
Check archive.org
Download Go to
Full URL
https://pxdrop.lijit.com/1/d/t.dhj?dmn=8f4b3a34c719de7bcf70047dfa1b93cb.safeframe.googlesyndication.com&GDPR_v2=&pubid=SFMC_Online
Requested by
Host: www.sfweekly.com
URL: https://www.sfweekly.com/sponsored/black-friday-cbd-oil-sales/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.233.227 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-233-227.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://8f4b3a34c719de7bcf70047dfa1b93cb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 01 Oct 2021 10:11:34 GMT
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
X-Robots-Tag
noindex, nofollow
Expires
Fri, 01 Oct 2021 10:11:34 GMT
ct
ap.lijit.com/data/ Frame 1104 		43 B
206 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ap.lijit.com/data/ct?tid=a_435515_39c96d4e716f40edbe89ea216d1cc2ac&zoneid=435515&cid=18&geo=DE&all_tags=248%2C458%2C465%2C490%2C590%2C600%2C604&tss=28&fired_tags=590&count=1&status=8%2C8%2C8%2C8%2C1%2C32%2C8&elapsed_ms=28
Requested by
Host: 8f4b3a34c719de7bcf70047dfa1b93cb.safeframe.googlesyndication.com
URL: https://8f4b3a34c719de7bcf70047dfa1b93cb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.14 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://8f4b3a34c719de7bcf70047dfa1b93cb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 01 Oct 2021 10:11:34 GMT
Server
nginx
X-Sovrn-Pod
ad_ap1ams1
X-Powered-By
raptor
Content-Length
43
Content-Type
image/gif
view
securepubads.g.doubleclick.net/pcs/ Frame 9A84 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssYWfyKRozLvJ9a2nsbmR_SpCby1BZe-JJqVwx2RUjvDZYiXB0T1GMSqKdAHLfEVgufYVBzzJiMjxFaGUqt4cAG-Q9PfIZGjewJVqLZFFWwFphjHnlAkRpFP5VjraiXqtBIiCh5BYwPJIH4AdYOngKZfyGfjYwcWGjAvsZ30gWI3r6DPQB_J3BzCSotRh1eJy5fJ8ZoYSJsvOsLnw_rVNiQaS24FSgPOTMIo7OYGzQhFz7qwseYdUJpM3HUkJ_pbSbJDLCIDhrVr6S392cW0dFFfGBSZXv-oTY0mqmYMA7YUK82hfGUcL2q1F1TKxU&sig=Cg0ArKJSzMU9OtlozfqeEAE&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://8f4b3a34c719de7bcf70047dfa1b93cb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 01 Oct 2021 10:11:34 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Fri, 01 Oct 2021 10:11:34 GMT
integrator.js
adservice.google.de/adsid/ Frame EC27 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.sfweekly.com
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nextmillenium/op.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.sfweekly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 01 Oct 2021 10:11:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame EC27 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.sfweekly.com
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nextmillenium/op.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f130.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.sfweekly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 01 Oct 2021 10:11:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame EC27 		17 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=907374999324481&correlator=2211359528071289&output=ldjh&impl=fifs&eid=31062996%2C21068031%2C31061690&vrg=2021092201&ptt=17&us_privacy=1---&sc=1&sfv=1-0-38&ecs=20211001&iu_parts=90814396%2Csfweekly_intext_HB&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C300x250&fluid=height&prev_scp=amznbid%3D2%26amznp%3D2%26testStatus%3DExperiment1%26refresh%3D0%26url%3Dhttps%253A%252F%252Fwww.sfweekly.com%252Fsponsored%252Fblack-friday-cbd-oil-sales%252F%26referrerCategory%3DDirect%26hb_bidder%3Dappnexus%26hb_adid%3D509650cef7cbea7%26hb_pb%3D0.22%26hb_size%3D300x250%26hb_source%3Dclient%26hb_format%3Dbanner%26orig_hb_pb%3D0.22&eri=1&cookie=ID%3Dea9c35ff6fe015cd-22458c99e3ca00e0%3AT%3D1633083092%3AS%3DALNI_MbTd3m9fSXPsFM7uT2j0qZbgr_4Ig&cdm=www.sfweekly.com&bc=31&abxe=1&lmt=1633083094&dt=1633083094302&dlt=1633083092976&idt=1162&ea=0&frm=23&biw=1600&bih=1200&oid=3&adxs=-12245933&adys=-12245933&adks=3359317795&ucis=j580lijk6f3w&ifi=1&ifk=3100337997&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=2&url=https%3A%2F%2Fwww.sfweekly.com%2Fsponsored%2Fblack-friday-cbd-oil-sales%2F&top=https%3A%2F%2Fwww.sfweekly.com%2Fsponsored%2Fblack-friday-cbd-oil-sales%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x0&msz=0x0&ga_vid=1144439161.1633083092&ga_sid=1633083094&ga_hid=1190501721&ga_fc=true&fws=256&ohw=0&btvi=-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021092201.js?31062996
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
195230f7d0c4e39110e0e2f07189ba105ad4715018e054c8fe282bc0c5b1d64d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.sfweekly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 10:11:34 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7993
x-xss-protection
0
google-lineitem-id
4848342923
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138248928548
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.sfweekly.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
a6688555ed4ceca06e63e736254abbf3.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 09DB 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://a6688555ed4ceca06e63e736254abbf3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021092201.js?31062996
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f1.1e100.net
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
a6688555ed4ceca06e63e736254abbf3.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html?n=2
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.sfweekly.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.sfweekly.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Fri, 01 Oct 2021 10:11:34 GMT
expires
Sat, 01 Oct 2022 10:11:34 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
t.dhj
pxdrop.lijit.com/1/d/ Frame C698 		0
225 B 		Script
General
Check archive.org
Download Go to
Full URL
https://pxdrop.lijit.com/1/d/t.dhj?dmn=8f4b3a34c719de7bcf70047dfa1b93cb.safeframe.googlesyndication.com&GDPR_v2=&pubid=SFMC_Online
Requested by
Host: www.sfweekly.com
URL: https://www.sfweekly.com/sponsored/black-friday-cbd-oil-sales/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.233.227 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-233-227.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://8f4b3a34c719de7bcf70047dfa1b93cb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 01 Oct 2021 10:11:34 GMT
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
X-Robots-Tag
noindex, nofollow
Expires
Fri, 01 Oct 2021 10:11:34 GMT
ct
ap.lijit.com/data/ Frame C698 		43 B
206 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ap.lijit.com/data/ct?tid=a_435514_bf7f1e2c367d4d51815b636508745472&zoneid=435514&cid=18&geo=DE&all_tags=248%2C458%2C465%2C490%2C590%2C600%2C604&tss=58&fired_tags=590&count=1&status=8%2C8%2C8%2C8%2C1%2C32%2C8&elapsed_ms=59
Requested by
Host: 8f4b3a34c719de7bcf70047dfa1b93cb.safeframe.googlesyndication.com
URL: https://8f4b3a34c719de7bcf70047dfa1b93cb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.14 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://8f4b3a34c719de7bcf70047dfa1b93cb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 01 Oct 2021 10:11:34 GMT
Server
nginx
X-Sovrn-Pod
ad_ap1ams1
X-Powered-By
raptor
Content-Length
43
Content-Type
image/gif
t.dhj
pxdrop.lijit.com/1/d/ Frame C63D 		0
225 B 		Script
General
Check archive.org
Download Go to
Full URL
https://pxdrop.lijit.com/1/d/t.dhj?dmn=8f4b3a34c719de7bcf70047dfa1b93cb.safeframe.googlesyndication.com&GDPR_v2=&pubid=SFMC_Online
Requested by
Host: www.sfweekly.com
URL: https://www.sfweekly.com/sponsored/black-friday-cbd-oil-sales/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.233.227 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-233-227.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://8f4b3a34c719de7bcf70047dfa1b93cb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 01 Oct 2021 10:11:34 GMT
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
X-Robots-Tag
noindex, nofollow
Expires
Fri, 01 Oct 2021 10:11:34 GMT
ct
ap.lijit.com/data/ Frame C63D 		43 B
206 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ap.lijit.com/data/ct?tid=a_435514_c2a12ac0f6dc4441960abb6cc16681cd&zoneid=435514&cid=18&geo=DE&all_tags=248%2C458%2C465%2C490%2C590%2C600%2C604&tss=56&fired_tags=590&count=1&status=8%2C8%2C8%2C8%2C1%2C32%2C8&elapsed_ms=56
Requested by
Host: 8f4b3a34c719de7bcf70047dfa1b93cb.safeframe.googlesyndication.com
URL: https://8f4b3a34c719de7bcf70047dfa1b93cb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.14 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
nginx / raptor
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://8f4b3a34c719de7bcf70047dfa1b93cb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 01 Oct 2021 10:11:34 GMT
Server
nginx
X-Sovrn-Pod
ad_ap1ams1
X-Powered-By
raptor
Content-Length
43
Content-Type
image/gif
view
securepubads.g.doubleclick.net/pcs/ Frame 1104 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsutw4WCapiZNxP5lfhg-4pOkDqYIv3k_BQuJdsy7DRPA_zszOGC8lwlmwjxrbrs2SVbLqdKkCfb12x5f4GXVkxZ4sVhN0Azz59aKQ55U2L-b-7glCmnE7a32MxNT1tZT-an12bDdiQ_JEWK1SZA2Jq6bWskMTo14G0_v6VLewKkVXJSckfF3_ubvDZnDOSHqLAabmxEmQCaUb5hQt8649QbGYi57te1pgKgoCK7WqoXX0X4imw5tLmmO0tKFhz2QD34jPJL2ZqdEp40OJdtXgktgyV2bcWq_Ip2PFGG2GXQY6XzcxC26vALsEvacrav&sai=AMfl-YRo8ZGKz9iud3YXzOSE4Q5vWxLqF2wu7JO2uIMCpqZr6fVvqRc5TX7CA0vW2V3ZPkOs5anBoFxPS4AueY7DL5QTFZpO5I5tkobHArNtlgRLAYjUSAXzHd7gCoYtrjc&sig=Cg0ArKJSzOmT-mn3zt7oEAE&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://8f4b3a34c719de7bcf70047dfa1b93cb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 01 Oct 2021 10:11:34 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Fri, 01 Oct 2021 10:11:34 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame C698 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuVw0HSwL4RjI7cP-umFeJF7dnF1Owfv3pI1dD_WFoFwLEu9604InbkFI6KtFlXI4zK0KmAQ8KQPZhFOADrz94IWTI3oSPOl7jY6jk3MbW3xAdKSNGg9T8rXXDXqAoB-QqDfvrsta9986xuPWkLHadjAV7uIB8svNDZiy4pJI5S8D0LdhxHFsUUwfbGCVkNka-daSCU1676RjmrRsmx3VD0tmc82suCGJ3JUg_fAYKKZgO0ZIoavbK5oFoeNVAPVuyXK8W94yxlN3lVAeLDBXMu3_BVkITDTuSr0XNNfudn2dGEoVwyAHStnOwfyEXOliq81A&sai=AMfl-YT_9mTtHSO_knkHPMjMdDMtNDoO57AOBIhKKaXrSU6AZysH1tg-NAhT3Pqb_TJ1h2dcAlaBYc1-L6_NNjAjMEhJZuu9P_D-KWeXWLixMio2BZl9u30gtwrOC3efno2q&sig=Cg0ArKJSzJWKU29d1DmtEAE&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://8f4b3a34c719de7bcf70047dfa1b93cb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 01 Oct 2021 10:11:34 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Fri, 01 Oct 2021 10:11:34 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame C63D 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsul0u0MigQxUlIMy41KoTyAbYch7ecZThI6qwDnwiDIcSU_AFb2NrHidTlpSOMF9VBvZDoa3ke9H4e5JKxIX1rLDs9BoWytY4zawHbTzpuiFLnO6heinagYwxft8nAnTKMZXGP1CpMCUb6kyOpqtRB6Uz5Lsmu_XygdnpQmt-T2oN6ydgs7bKEGCgjaczwVr6i1-lTZniAUZ0GWCOAu10WCu3XSa0m9qcek0iuffX4XNTrXfNhVuVSlfEevBjyXTHppYupxJVtWE3LN0liYdfy89TQqPTwYqv550CRUffeeEcao4OoSymSd07uMPJg708DNZg&sig=Cg0ArKJSzKUEWIdqZ3KMEAE&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://8f4b3a34c719de7bcf70047dfa1b93cb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 01 Oct 2021 10:11:34 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Fri, 01 Oct 2021 10:11:34 GMT
statistics
report2.hb.brainlyads.com/ Frame 31FD 		0
232 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://report2.hb.brainlyads.com/statistics
Requested by
Host: hb.brainlyads.com
URL: https://hb.brainlyads.com/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
3.86.21.221 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-86-21-221.compute-1.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) / Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sfweekly.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 01 Oct 2021 10:11:34 GMT
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
X-Powered-By
Express
Access-Control-Allow-Headers
*
Transfer-Encoding
chunked
statistics
report2.hb.brainlyads.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://report2.hb.brainlyads.com/statistics
Protocol
HTTP/1.1
Server
3.86.21.221 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-86-21-221.compute-1.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://www.sfweekly.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Server
nginx/1.18.0 (Ubuntu)
Date
Fri, 01 Oct 2021 10:11:34 GMT
Connection
keep-alive
Access-Control-Allow-Origin
*
Access-Control-Allow-Headers
*
gen_204
pagead2.googlesyndication.com/pagead/ Frame EC27 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=gfp_cw_status&domain=sfweekly.com&host=www.sfweekly.com&success=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021092201.js?31062996
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.sfweekly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Oct 2021 10:11:34 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame EC27 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvgMRLD1i6r_IAwL_5G9pvivf4crVZylQ2PfD2v8ysj2bfWuU3NACbHEDObj38yyYlzcRd1ce98SE4Q5lNC9jBBstNGFeQX6hrNavOUeM3ZqsqDVltPkpljlEv_zhXA7WfjIPcqIBc5PlVBlKNcAfwq9rdlywS-qWL89hT3gcCzeBjWUUE5QT0KnEdwcrXlFWsCeHLH7PyaDXkVX88fcgaWFruLcfAJFq-O52SZFRN8hFzj1dQnbhX5YgVl1TBnrkSVMv8Qo2FPBC7dVoi7zIkUZQAwU96Rnt0jjvGSrnBOv1CQpDNVPT2LmjZYAeD35xIfpg&sig=Cg0ArKJSzNWc5Eplb0bLEAE&urlfix=1&adurl=
Requested by
Host: www.sfweekly.com
URL: https://www.sfweekly.com/sponsored/black-friday-cbd-oil-sales/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.sfweekly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 01 Oct 2021 10:11:35 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
creative.js
hb.brainlyads.com/ Frame EC27 		25 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.brainlyads.com/creative.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nextmillenium/op.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.20.158.212 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-23-20-158-212.compute-1.amazonaws.com
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
a9f661c2aeb641e025eb7daa3165b735d0a16900bd905ffbfc13ea513dfd5ccb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.sfweekly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 10:11:35 GMT
content-encoding
gzip
last-modified
Mon, 05 Apr 2021 17:23:44 GMT
server
nginx/1.10.3 (Ubuntu)
etag
W/"606b47a0-656c"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=86400
strict-transport-security
max-age=31536000; includeSubDomains; preload
expires
Sat, 02 Oct 2021 10:11:35 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame EC27 		122 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nextmillenium/op.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
sffe /
Resource Hash
eb35e2fc6b44a1ba314358847a3ecffb044ac056ff0b374ec17856062cc75ee3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.sfweekly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 10:11:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37846
x-xss-protection
0
server
sffe
etag
"1632957210746890"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="active-view-scs-read-write-acl"
expires
Fri, 01 Oct 2021 10:11:35 GMT
/
reporting.powerad.ai/ 		2 B
412 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://reporting.powerad.ai/
Requested by
Host: powerad.ai
URL: https://powerad.ai/script.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
54.234.151.247 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-234-151-247.compute-1.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) / Express
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer
https://www.sfweekly.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Fri, 01 Oct 2021 10:11:35 GMT
Server
nginx/1.14.0 (Ubuntu)
X-Powered-By
Express
ETag
W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
Access-Control-Allow-Methods
GET, POST, PATCH, PUT, DELETE, OPTIONS
Content-Type
text/plain; charset=utf-8
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
*
Content-Length
2
osd.js
www.googletagservices.com/activeview/js/current/ Frame EC27 		72 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nextmillenium/b-7b120a5-2a9423f7.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
sffe /
Resource Hash
c72976d3b4c427a85952b5cea1ad2efafcc4b2dc6fdd9ef5a505e5e582e62928
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.sfweekly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 10:11:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27601
x-xss-protection
0
server
sffe
etag
"1632957222552500"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="active-view-scs-read-write-acl"
expires
Fri, 01 Oct 2021 10:11:35 GMT
/
www.facebook.com/tr/ Frame 8E81 		0
18 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/tr/
Requested by
Host: www.sfweekly.com
URL: https://www.sfweekly.com/sponsored/black-friday-cbd-oil-sales/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
185.60.216.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-frx5.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

:method
POST
:authority
www.facebook.com
:scheme
https
:path
/tr/
content-length
10397
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
origin
https://www.sfweekly.com
content-type
application/x-www-form-urlencoded
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.sfweekly.com/
accept-encoding
gzip, deflate, br
cookie
fr=0YcKudq5BTZS1n3Fb..BhVt7W...1.0.BhVt7W.
Upgrade-Insecure-Requests
1
Origin
https://www.sfweekly.com
Content-Type
application/x-www-form-urlencoded
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.sfweekly.com/

Response headers

content-type
text/plain
access-control-allow-origin
https://www.sfweekly.com
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
content-length
0
server
proxygen-bolt
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority
u=3,i
date
Fri, 01 Oct 2021 10:11:35 GMT
/
googleads.g.doubleclick.net/pagead/interaction/ Frame 975E 		42 B
557 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=CNMIS1N5WYZCgFOrd7_UP48SdsAX8iPeHYpH5h6TfDb_hHhABILfTnHpgleKQgqAHoAGaiPX0AsgBCakCROHQ7MBssz7gAgCoAwHIAwiqBK8CT9DP9tJIsuxcNzvGyztpsfMqNEtQdF_vltKt0DXCc1i6CY7xZCnthu9xDnZqjLsuhXHQzvSWulUX8udl0oP1Ku3OwIs-qKpJEBOtarnp7KaQ34KFJCSNWfbFXxv5IJjNUUxy_dvwWY_ZtKQyfmk9g7ou7jVow8QxxYViDVYee658l3fQjr-A7OI1zc2tgCSqU26aKUeAMiF-m9jVIE6Z_D9zsyPUvt3Ua-Obqwqe8UGj_6JpoxsvcjwTk_PKXRM2Nr5UHxOp6BT3SeiHDJaj5WUby50xuFDK09ATDzTA4JmhsH2YPbcbLXqX3lyzZziZzOpz2YIUDp_G06cAlB6K5ztqujhO11tZiSxXjPT6ZmA6GyBYQAsXv7Kr1H2iC4YsChisaUU_nW30KE0aGwa8wASZrLCrvQPgBAGgBi6AB873iosBqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAkIiOGAEBABGB2xCQlqBy5b4wcQgAoDmAsByAsBgAwBuAwB2BMDiBQD0BUBgBcB&sigh=Lg1YURryNms&cid=CAQSPwCNIrLMnIeOtvjx4hsqJbzGHIwle5koeOQqSJUwnKvfDWuAQzub5mAUkT3jFMwGRamVIv8G3XZyTg59p_eKtg&label=adresume
Requested by
Host: www.sfweekly.com
URL: https://www.sfweekly.com/sponsored/black-friday-cbd-oil-sales/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://8f4b3a34c719de7bcf70047dfa1b93cb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Oct 2021 10:11:35 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		11 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021092001&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021092001.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
cbd1942304370a255996a9e4975781251907120d3d19eb14efa630bef1de90aa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.sfweekly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 01 Oct 2021 10:11:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8512
x-xss-protection
0
v2oii4tkwIycXEDhqPCCmsvjpt9zg7kpc6cdgCPUWpog0XKSy_5WYKGrWawkTkNuef6xjIye-
richstring.com/ 		216 B
614 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://richstring.com/v2oii4tkwIycXEDhqPCCmsvjpt9zg7kpc6cdgCPUWpog0XKSy_5WYKGrWawkTkNuef6xjIye-
Requested by
Host: richstring.com
URL: https://richstring.com/249fa1afb610589da05d00c0896a527e7f57951f93f9c34b74f70cfbcd77141aab669461f9d66998bccc5e08775954d565fc7102835c600098515927fb1d
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.74.157 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
157.74.190.35.bc.googleusercontent.com
Software
/
Resource Hash
caec451a8eafb75b5b54aa32952012d66a18fed55de4f06b256e34056e894628
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

Referer
https://www.sfweekly.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

strict-transport-security
max-age=15724800; preload
x-datacenter
gce-europe-west1
date
Fri, 01 Oct 2021 10:11:35 GMT
vary
Accept-Encoding, Origin
access-control-allow-methods
POST, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.sfweekly.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-hostname
0f8346e1
timing-allow-origin
*
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
content-length
216
expires
Fri, 01 Oct 2021 10:11:34 GMT
truncated
/ Frame EC27 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
769999cf8dd62d32a5cf19dde09ab3951439ed0083e11bc5ff269d6a01527c1e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
sodar
pagead2.googlesyndication.com/getconfig/ Frame EC27 		11 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021092201&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021092201.js?31062996
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
a435eae7f1e3657b790f8d25b59777a0955962e373392818f490ec977f9a5276
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.sfweekly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 01 Oct 2021 10:11:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8482
x-xss-protection
0
view
securepubads.g.doubleclick.net/pcs/ Frame EC27 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv6XqyxdZLBxyVuboYTPaCNQJntV8tL39JHaMl4zpTv9hp9djzOYiJTz5IWgTG5a-qXYlyfhIwbIyJvEEUkrM_n3OhoSkIbBYazVB8ZW1IL5rhX7YhyPNxgrtVmgYX49TEjsx2FGsEat8OvOLQ-ayG8r1cRNaHRv7YJABkXMd4XrfvMut5SQ2BmaiFFXt9pALNYyB-T2CiQO2At8FgNBfE3SJ31NqENjMzQFZZ3oDdi2K8fA7jPTpD5amo7i9wy5PGHzZiLM3C1wXiCkmzLq-tysixZFt58A7Rbxgwvi46h0RQajsBclI1LPlQONjmrVepExOZl&sig=Cg0ArKJSzMgA2xkZ4jlTEAE&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.sfweekly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 01 Oct 2021 10:11:35 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Fri, 01 Oct 2021 10:11:35 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021092001.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f1.1e100.net
Software
sffe /
Resource Hash
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.sfweekly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 10:11:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1624308425655142"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6467
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
expires
Fri, 01 Oct 2021 10:11:35 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame EC27 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nextmillenium/op.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f1.1e100.net
Software
sffe /
Resource Hash
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.sfweekly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 10:11:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1624308425655142"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6467
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
expires
Fri, 01 Oct 2021 10:11:35 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/224/ Frame A5B3 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f1.1e100.net
Software
sffe /
Resource Hash
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/224/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.sfweekly.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.sfweekly.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length
5029
date
Fri, 01 Oct 2021 08:00:57 GMT
expires
Sat, 01 Oct 2022 08:00:57 GMT
last-modified
Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
7838
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame FD8D 		783 B
532 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.196 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f4.1e100.net
Software
GSE /
Resource Hash
aaa8c1a57696b5dc3a7024aa9c6f3bdabf4b6ed0a5add97c9f67f615b460326d
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-ro+Zv0FcanfJFwdJiYvnbw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/aframe
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.sfweekly.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.sfweekly.com/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy-report-only
require-corp; report-to="recaptcha"
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Fri, 01 Oct 2021 10:11:35 GMT
date
Fri, 01 Oct 2021 10:11:35 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-ro+Zv0FcanfJFwdJiYvnbw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
510
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
activeview
pagead2.googlesyndication.com/pcs/ Frame 1104 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstcMSV-AnggNLMtMQB6rKv49IQndYnpbxa8pbn2m7nLgFUAwGqoKvMW6nlksM2vwnhoJLTsVpenrflM4-948gSNYs7OA6WHoCjnTVabD3W9fToxXyhi&sig=Cg0ArKJSzIHVQ04p2ItBEAE&id=lidar2&mcvt=1001&p=56,648,146,1376&asp=56,648,146,1376&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20210929&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=19&adk=1696152264&rs=4&met=mue&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1633083092819&rpt=1501&isd=0&lsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://8f4b3a34c719de7bcf70047dfa1b93cb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Oct 2021 10:11:35 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
LftQ-87gh8ukbv8P1dh67h7Vjfro8G7aRn_R6x3uKA4.js
pagead2.googlesyndication.com/bg/ Frame A5B3 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/LftQ-87gh8ukbv8P1dh67h7Vjfro8G7aRn_R6x3uKA4.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
sffe /
Resource Hash
2dfb50fbcee087cba46eff0fd5d87aee1ed58dfae8f06eda467fd1eb1dee280e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 07:49:21 GMT
content-encoding
br
x-content-type-options
nosniff
age
8534
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13320
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 10:18:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="botguard-scs"
expires
Sat, 01 Oct 2022 07:49:21 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/224/ Frame A573 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nextmillenium/op.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f1.1e100.net
Software
sffe /
Resource Hash
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/224/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.sfweekly.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.sfweekly.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length
5029
date
Fri, 01 Oct 2021 08:00:57 GMT
expires
Sat, 01 Oct 2022 08:00:57 GMT
last-modified
Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
7838
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame B054 		783 B
534 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/nextmillenium/op.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.196 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f4.1e100.net
Software
GSE /
Resource Hash
592e57589e96ede348c577ee0f0480b56c9c7c3cb9724d1377206f88b10c217f
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-kHPcfVwKp/AzHygAs+Pu1Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/aframe
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.sfweekly.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.sfweekly.com/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy-report-only
require-corp; report-to="recaptcha"
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Fri, 01 Oct 2021 10:11:35 GMT
date
Fri, 01 Oct 2021 10:11:35 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-kHPcfVwKp/AzHygAs+Pu1Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
512
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
sodar
pagead2.googlesyndication.com/pagead/ Frame FD8D 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gpt_2021092001&jk=1644757340794941&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ Frame B054 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gpt_2021092201&jk=907374999324481&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
LftQ-87gh8ukbv8P1dh67h7Vjfro8G7aRn_R6x3uKA4.js
pagead2.googlesyndication.com/bg/ Frame A573 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/LftQ-87gh8ukbv8P1dh67h7Vjfro8G7aRn_R6x3uKA4.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
sffe /
Resource Hash
2dfb50fbcee087cba46eff0fd5d87aee1ed58dfae8f06eda467fd1eb1dee280e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 07:49:21 GMT
content-encoding
br
x-content-type-options
nosniff
age
8534
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13320
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 10:18:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="botguard-scs"
expires
Sat, 01 Oct 2022 07:49:21 GMT
/
googleads.g.doubleclick.net/pagead/interaction/ Frame 975E 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=CNMIS1N5WYZCgFOrd7_UP48SdsAX8iPeHYpH5h6TfDb_hHhABILfTnHpgleKQgqAHoAGaiPX0AsgBCakCROHQ7MBssz7gAgCoAwHIAwiqBK8CT9DP9tJIsuxcNzvGyztpsfMqNEtQdF_vltKt0DXCc1i6CY7xZCnthu9xDnZqjLsuhXHQzvSWulUX8udl0oP1Ku3OwIs-qKpJEBOtarnp7KaQ34KFJCSNWfbFXxv5IJjNUUxy_dvwWY_ZtKQyfmk9g7ou7jVow8QxxYViDVYee658l3fQjr-A7OI1zc2tgCSqU26aKUeAMiF-m9jVIE6Z_D9zsyPUvt3Ua-Obqwqe8UGj_6JpoxsvcjwTk_PKXRM2Nr5UHxOp6BT3SeiHDJaj5WUby50xuFDK09ATDzTA4JmhsH2YPbcbLXqX3lyzZziZzOpz2YIUDp_G06cAlB6K5ztqujhO11tZiSxXjPT6ZmA6GyBYQAsXv7Kr1H2iC4YsChisaUU_nW30KE0aGwa8wASZrLCrvQPgBAGgBi6AB873iosBqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAkIiOGAEBABGB2xCQlqBy5b4wcQgAoDmAsByAsBgAwBuAwB2BMDiBQD0BUBgBcB&sigh=Lg1YURryNms&cid=CAQSPwCNIrLMnIeOtvjx4hsqJbzGHIwle5koeOQqSJUwnKvfDWuAQzub5mAUkT3jFMwGRamVIv8G3XZyTg59p_eKtg&label=part2viewed
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://8f4b3a34c719de7bcf70047dfa1b93cb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Oct 2021 10:11:35 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&t=2&li=gpt_2021092001&jk=1644757340794941&bg=!x8SlxIDNAAZE-GIIRPg7ACkAdvg8Ws_tvnRAtO7pJFUylBN3z4yvppowvG1XORs9KnsDppUTfanwegIAAACQUgAAABtoAQcKAQRKifNRnEgRHKb34jzmW59PvfKAjaZJQC-aoWAh0goV1MuffdRAv4y1UEsj3E9p5qSb1uzmu4MpoL-yjhkjZ44cwVMk4O4NUIll5tQPBNH57FR3ENpESafO4hnYgIjNxQyJGo87mni7nJ6UzRljn3_G1WE886FK5fIMXwlpoJLQH_l1qeptZi2reQrQjFLymeJH7QRXh6wgaN81aydEQR7UlgG-PPCqL41cK8gjeBHZVNZdkqJdKH-Tc74fbWn-8bvalS9EiGydv1OummI40NFBorNPFPDbAOgd26FeOWltZVShMQNka3tEMnQvTGwMArudM64Yq-XAxDftuoigmNKS0fpJuJkCdk_kKNrKWWjE9f8dbWPGUrdksrbnAvb9TdWBUQu-K6kRLCq57TiL1wv6X1ll-QKoDrcnRFrkyiuxnNDAHb_0Ijj4HoXjzgN1WO3xPEcUU1uca7O2KcSplTOgAZtO7T35EPkmct30q8LMGkBchNJghMKiT1VA1wcMAdgjP33fTlZQzgzvpoS3sRDXN6djqAJM9v81m7-mhv0w4WFU3gQyZ2-pZZR9EABe_J2m2dppeRvCwKMJijp-DlZyHYEHmT5v3y7A9rfT_-DaNCcSuLPZnmY6cyk1Yn6ge2RJKg9zOIEGSjI-3aZCZNk9vmd5HUp-QW1Cb9yeQzBgrwtlwavRTdHDmhy0vTGq6TUriKPUv183D8wuM3VuX52EiBfQjTKTZQcQUNshoDC5YpmTOnS3rJcZN62lt9gMhtmrUQaQuiK39kfKkclFMXbpEzEHCkDrmRRalGhIipi-WSosOIEfzpEUhJ-BnCHGqCaOPQDOyOjO-vcdUbzNOFoOADDLAd7YGD-yTu0BWpocgHKq_5i8xlBnCDp4wN6AkTN_EB6j_j5un0sYj5yrZxmMfWvYqXf722dhJn3bzzZnkFc-_v8YmVrz3xcSQe_WxDZcAF_2lQE3Z0fVa285CiEQ7qIpJmkarC7e97PlcGY0K_kSVtBk-8uF-nhDAK0-oHe2IRBad4hsO6RSzSigbUGaD7IqJ2_MI3iUMzbLR95r5WWIyBbTzGVFTPEmsJNl9vDGaHccnen4zHmIQ4taB8iKjbcza7RTMc5L1A5FWegUQdLUR1ELgFFeQ7eeymiC69aSIHghisl3sRa6iSRcGgHaUAvu6HrY4R4_5L4s9Q
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.sfweekly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ Frame EC27 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&t=2&li=gpt_2021092201&jk=907374999324481&bg=!3N-l35vNAAZE-GIIRPg7ACkAdvg8WnDACVDk7HD28z6Bm-3Y6o3Cmg-dRGKdnXYVegze2hCxUKOXfwIAAACAUgAAAA1oAQeZAq5w0Ut8yX1vAXLAjTc3xArGb1_puOo0hXoe9OH95LW8chU2ldb-Tc5d2eLwbTbGFYn_J8yZFj5Zg_HnZ9_rG8Qr32bGF9zMiCE1xRxMYBaISU8lnVkTchgLA2E36FrgwuciCe6tunT5EuuQiNhphM5B_4I_4mZFVUPxVOo-rFaS6_f2au5JaLVO5RfZtRAqRf2G-w1Q3QPQqjfjNrkqHEU6hfmchrThfpm-PbdRyofXW0_2Y6YMzbiA9TeFODzBZxv8PLYU7RkJ84yk13Px2QlDqvN2RNYIXe97Nnasba4uRODgZskyEDFcfrRLNS_D09-6WDs3dw4zZpCauoLK0DF6wDGyVcHC1wOvkwTxzfJ5bIyDVBvJuph5-hPR0PgPcFzkacnWL2TEz3JeNtG1q-X5TMr_mzl6exFwca3cGTZ6KP59amnTsXWtCVInQqKD6YkpLdQY-BhanaW011i6xUKwlvxwh900Xtqa6uZR3-LavkC_u_X_Rin526zhqGYD04x3vD_6Bt9uNFFy0PemnPJ7eTWa345ExCqzTw_NWxBrHkoxIh_XK27IBXYxPniVirc08s8fR-8qt0KS9Y6fU8cvahgxHSPOlBuE3n89CS-qsUQh3bxIzcmV8e3VIn5jtLa22vfPcnGdtK-5gra4lrtm-E1sjcpG1B10utajVO31MKbVoH7nL9tivRJsfFf4Xd02sI_lWy6w1FY2lszKD5M10mKm_rTFCFHKZIa_jRLroGK9QT-iuuVz9YWgeaYf0XkCbGLaBrjbV-1CmQMDLoIWtrF6rMqhhINADGfqWzU5iAYmza8WL1pOkuKoLPAspA24MdOOKsb-wsS6WA2-BxFVcH57rtadUlaGx-xjyXs-bi-5C9mbMpXUN2bxlh0C9ib1uyqHzCRc9tMaR8F8yw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.sfweekly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
adview
securepubads.g.doubleclick.net/pagead/ Frame 975E 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CY8101N5WYZCgFOrd7_UP48SdsAX8iPeHYpH5h6TfDb_hHhABILfTnHpgleKQgqAHoAGaiPX0AsgBCakCROHQ7MBssz7gAgCoAwGqBKwCT9DP9tJIsuxcNzvGyztpsfMqNEtQdF_vltKt0DXCc1i6CY7xZCnthu9xDnZqjLsuhXHQzvSWulUX8udl0oP1Ku3OwIs-qKpJEBOtarnp7KaQ34KFJCSNWfbFXxv5IJjNUUxy_dvwWY_ZtKQyfmk9g7ou7jVow8QxxYViDVYee658l3fQjr-A7OI1zc2tgCSqU26aKUeAMiF-m9jVIE6Z_D9zsyPUvt3Ua-Obqwqe8UGj_6JpoxsvcjwTk_PKXRM2Nr5UHxOp6BT3SeiHDJaj5WUby50xuFDK09ATDzTA4JmhsH2YPbcbLXqX3lyzZziZzOpz2YIUDp_G06cAlB6K5ztq-DpvRby8JC6IIeI0tXn24GVBSqYdkapOFsig1AnLGzS0mJT0hKGn2_2TwASZrLCrvQPgBAGgBi6AB873iosBqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAfVyRuoB6a-G9gHAPIHBBDX3ynSCAkIiOGAEBABGB2ACgPICwHYEwOIFAPQFQGAFwGyFx4KHAgAEhRwdWItNjUyMTU5OTE5NTQ3NTY3NBigsg4&sigh=ZlTZETD-HXI&vt=1&template_id=3484&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
/
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://8f4b3a34c719de7bcf70047dfa1b93cb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
activeview
pagead2.googlesyndication.com/pcs/ Frame 975E 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss26DJgDY4xQJAfCTkWhk0ga3WUG5n68DuzUfPm6fbwOBW4U7T5LoMTNABMPkvF1ShUoe6yDvSmv2e5PSpn220fubk2yNqVY3h4li_i6cc4DSvxY94tIA&sai=AMfl-YT9xXy_bf7l2uNnMm0ml4XAC4HY9dcp009UZPf-EcnXze3QjnI_GkZp8umPCCY99P-tY3vzGI0vj3wvytteaBQcjqtPyJOx15AYQfrOX8V7_sCrXIgWqCjONeGyIQ2T&sig=Cg0ArKJSzC78yH7vom4tEAE&id=lidar2&mcvt=1000&p=305,1076,555,1376&asp=305,1076,555,1376&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20210929&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=22&adk=2748941098&rs=4&met=mue&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1633083092902&rpt=2290&isd=0&lsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://8f4b3a34c719de7bcf70047dfa1b93cb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Oct 2021 10:11:36 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame 975E 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=5~ku87ic0d&c=439566013265&slotId=219783006632.5&qqid=CJDa7cz8qPMCFeruuwgdY2IHVg&dm=18000&event_name=first_play&asset_bytes=169310&video_bytes=0&cached_data_bytes=0&js_cached=false&css_cached=false&num_assets=13&num_assets_cached=0&num_assets_cache_validated=0&num_assets_unmeasurable=3&video_played_seconds=0.00&video_muted=true&video_seconds_loaded=0.00
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/1dddcf558b055f9fb2aa658608e709ba.js?tag=video_mra/web_raspberry
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.168.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams16s32-in-f3.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://8f4b3a34c719de7bcf70047dfa1b93cb.safeframe.googlesyndication.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Fri, 01 Oct 2021 10:11:36 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
admin-ajax.php
www.sfweekly.com/wp-admin/ 		0
362 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.sfweekly.com/wp-admin/admin-ajax.php
Requested by
Host: 1ryzas42x65e2oosia40bgli-wpengine.netdna-ssl.com
URL: https://1ryzas42x65e2oosia40bgli-wpengine.netdna-ssl.com/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.71.19.215 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
215.19.71.34.bc.googleusercontent.com
Software
nginx / WP Engine
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

sec-fetch-mode
cors
origin
https://www.sfweekly.com
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
sec-fetch-dest
empty
x-requested-with
XMLHttpRequest
cookie
_ga=GA1.2.1144439161.1633083092; _gid=GA1.2.1855232428.1633083092; _gat=1; _hjid=bc2f7de6-2d14-4923-a137-a17ee633925a; _hjFirstSeen=1; _hjIncludedInPageviewSample=1; _hjAbsoluteSessionInProgress=0; _gat_gtag_UA_137034616_164=1; _pbjs_userid_consent_data=3524755945110770; _pubcid=65dbf2a8-cd47-4ff7-8222-d7e877d7741d; cto_bidid=xHg0uV9DWGd3N1ZKUmhlcldQYVdGZ0xRZXFtc1NUSXdGaG5JUCUyQmE1NEhoTzRyVDdrUWtTVEVUTVRQdlpQWGhxTGpHOEJONHZ3UFMxVHYwMkxzV3NUJTJGTW9kb0ElM0QlM0Q; cto_bundle=7KPE3F9oWFBVJTJGY1lzQUNIZ1B3bThjaEM0OENDcU5GOWZZWDdNWnJHbGg3N2clMkIwZ295RzElMkJ3VW4ycjFoUzE3ZENmeXU5dVVuTnpsR1p0M2V6NCUyQnhzdmhxQW1TQkFRYXdaR2NRZ3hJMm9vbFZ3Z0FmOXZDNHNya1NyVENNOWFWUXRoazhW; _fbp=fb.1.1633083094238.59566840; __gads=ID=ea9c35ff6fe015cd:T=1633083092:S=ALNI_Maz2vTzqLyVwsHB9_ESa2Rr75IfnA; _awl=2.1633083095.0.4-d2692b3e-6e3ef7cf3cd553b2cb00792ca85f11b2-6763652d6575726f70652d7765737431-6156ded7-0
content-length
446
:path
/wp-admin/admin-ajax.php
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
application/x-www-form-urlencoded; charset=UTF-8
accept
*/*
cache-control
no-cache
:authority
www.sfweekly.com
referer
https://www.sfweekly.com/sponsored/black-friday-cbd-oil-sales/
:scheme
https
sec-fetch-site
same-origin
:method
POST
Accept
*/*
Referer
https://www.sfweekly.com/sponsored/black-friday-cbd-oil-sales/
X-Requested-With
XMLHttpRequest
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Fri, 01 Oct 2021 10:11:36 GMT
referrer-policy
strict-origin-when-cross-origin
server
nginx
x-powered-by
WP Engine
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://www.sfweekly.com
cache-control
no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
content-security-policy
upgrade-insecure-requests
vary
X-NR-SAMPLE-PERCENT
content-length
0
x-content-type-options
nosniff
expires
Wed, 11 Jan 1984 05:00:00 GMT
ixmatch.html
js-sec.indexww.com/um/ Frame 2445 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: hb.brainlyads.com
URL: https://hb.brainlyads.com/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c

Request headers

Host
js-sec.indexww.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.sfweekly.com/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.sfweekly.com/

Response headers

Server
Apache
Last-Modified
Thu, 11 Feb 2021 16:12:45 GMT
ETag
"e20015-90b-5bb11ca420f07"
Accept-Ranges
bytes
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
text/html; charset=UTF-8
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
1151
Date
Fri, 01 Oct 2021 10:11:37 GMT
Connection
keep-alive
usersync.html
cdn.undertone.com/js/ Frame D6DA 		8 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.undertone.com/js/usersync.html
Requested by
Host: hb.brainlyads.com
URL: https://hb.brainlyads.com/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.87.36 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-87-36.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f0c6c17bbefb440a7e7ee03a4363aeba33a7c57345af065c670848e8fd40a4b5

Request headers

:method
GET
:authority
cdn.undertone.com
:scheme
https
:path
/js/usersync.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.sfweekly.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.sfweekly.com/

Response headers

content-type
text/html
x-amz-replication-status
COMPLETED
last-modified
Thu, 08 Jul 2021 07:16:59 GMT
x-amz-version-id
6994YJvhVK.G.S8wNruUeW.ksGihHjjx
server
AmazonS3
x-edge-origin-shield-skipped
0
content-encoding
gzip
date
Thu, 30 Sep 2021 18:51:33 GMT
etag
W/"71d386aa3a4939b04d8b4f9c237f4eaf"
vary
Accept-Encoding
x-cache
Hit from cloudfront
via
1.1 217b7bc19321a4945b685521fa4f11ac.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
ARWMv1Po5p2oVVEu6c6Lo8BdGd0QwYNqV6vWnEmU7hxPh0D0yqqdgA==
age
71124
showad.js
ads.pubmatic.com/AdServer/js/ Frame C902 		38 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: hb.brainlyads.com
URL: https://hb.brainlyads.com/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
9005ef18fcfb3897cd13c7ec73f90d2b0da0cc7d6153be58cdbe90ad5e2741c8

Request headers

:method
GET
:authority
ads.pubmatic.com
:scheme
https
:path
/AdServer/js/showad.js
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.sfweekly.com/
accept-encoding
gzip, deflate, br
cookie
KTPCACOOKIE=true; KADUSERCOOKIE=F81EBD4E-0CF0-45F5-92DA-18DBAAD0E44A
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.sfweekly.com/

Response headers

last-modified
Tue, 15 Jun 2021 06:07:52 GMT
etag
"13006b6-974e-5c4c7cb53d8cb"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
13946
content-type
text/html; charset=UTF-8
cache-control
public, max-age=57540
expires
Sat, 02 Oct 2021 02:10:37 GMT
date
Fri, 01 Oct 2021 10:11:37 GMT
vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame 63DC 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: hb.brainlyads.com
URL: https://hb.brainlyads.com/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Host
acdn.adnxs.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.sfweekly.com/
Accept-Encoding
gzip, deflate, br
Cookie
uuid2=8024006013844445723; icu=ChgI14psEAoYAiACKAIw1r3bigY4AkACSAIQ1r3bigYYAQ..
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.sfweekly.com/

Response headers

Connection
keep-alive
Content-Length
17053
Server
nginx/1.18.0 (Ubuntu)
Content-Type
text/html
Last-Modified
Wed, 02 Dec 2020 20:56:47 GMT
ETag
W/"5fc7ff8f-cf34"
Expires
Fri, 01 Oct 2021 05:08:47 GMT
Cache-Control
max-age=86402
Access-Control-Allow-Origin
*
Content-Encoding
gzip
Via
1.1 varnish, 1.1 varnish
Accept-Ranges
bytes
Date
Fri, 01 Oct 2021 10:11:37 GMT
Age
18170
X-Served-By
cache-lga21972-LGA, cache-hhn4075-HHN
X-Cache
HIT, HIT
X-Cache-Hits
1, 331645
X-Timer
S1633083097.145573,VS0,VE0
Vary
Accept-Encoding
ixmatch.html
js-sec.indexww.com/um/ Frame 402D 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: hb.brainlyads.com
URL: https://hb.brainlyads.com/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c

Request headers

Host
js-sec.indexww.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.sfweekly.com/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.sfweekly.com/

Response headers

Server
Apache
Last-Modified
Thu, 11 Feb 2021 16:12:45 GMT
ETag
"e20015-90b-5bb11ca420f07"
Accept-Ranges
bytes
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
text/html; charset=UTF-8
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
1151
Date
Fri, 01 Oct 2021 10:11:37 GMT
Connection
keep-alive
ixmatch.html
js-sec.indexww.com/um/ Frame 64F2 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: hb.brainlyads.com
URL: https://hb.brainlyads.com/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c

Request headers

Host
js-sec.indexww.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.sfweekly.com/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.sfweekly.com/

Response headers

Server
Apache
Last-Modified
Thu, 11 Feb 2021 16:12:45 GMT
ETag
"e20015-90b-5bb11ca420f07"
Accept-Ranges
bytes
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
text/html; charset=UTF-8
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
1151
Date
Fri, 01 Oct 2021 10:11:37 GMT
Connection
keep-alive
usync.html
eus.rubiconproject.com/ Frame 8D04 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: hb.brainlyads.com
URL: https://hb.brainlyads.com/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-78-125.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Host
eus.rubiconproject.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.sfweekly.com/
Accept-Encoding
gzip, deflate, br
Cookie
rsid=1|HsGqLFsFr/vVSy6g0MQzNQWiuYBcZJvAvCF6IsCkVVYgwYaQOmrhQqqdY7qJ5+fKRB+v2jLGFGeoFyjBXEn+RTT+pWw62G0J5h4qb83eS0hKp2u2D6IxNbX7Tc/cWQrERdSf+hE=; khaos=KU87IBT5-X-G3KD; audit=1|hLZGFuTafB2dDliI0nQM/RmgpWwXQt0T0FBmQRW9tldEI638UdmZBucx9YsHfPe21p5dPQc6iNTMboWaW1ii7br1Qi87KC6M
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.sfweekly.com/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Fri, 24 Sep 2021 19:54:05 GMT
ETag
"40333-119-5ccc31c0f3140"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Fri, 01 Oct 2021 10:11:37 GMT
Connection
keep-alive
Vary
Accept-Encoding
showad.js
ads.pubmatic.com/AdServer/js/ Frame C327 		38 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: hb.brainlyads.com
URL: https://hb.brainlyads.com/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
9005ef18fcfb3897cd13c7ec73f90d2b0da0cc7d6153be58cdbe90ad5e2741c8

Request headers

:method
GET
:authority
ads.pubmatic.com
:scheme
https
:path
/AdServer/js/showad.js
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.sfweekly.com/
accept-encoding
gzip, deflate, br
cookie
KTPCACOOKIE=true; KADUSERCOOKIE=F81EBD4E-0CF0-45F5-92DA-18DBAAD0E44A
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.sfweekly.com/

Response headers

last-modified
Tue, 15 Jun 2021 06:07:52 GMT
etag
"13006b6-974e-5c4c7cb53d8cb"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
13946
content-type
text/html; charset=UTF-8
cache-control
public, max-age=57540
expires
Sat, 02 Oct 2021 02:10:37 GMT
date
Fri, 01 Oct 2021 10:11:37 GMT
vary
Accept-Encoding
showad.js
ads.pubmatic.com/AdServer/js/ Frame F5D4 		38 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: hb.brainlyads.com
URL: https://hb.brainlyads.com/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
9005ef18fcfb3897cd13c7ec73f90d2b0da0cc7d6153be58cdbe90ad5e2741c8

Request headers

:method
GET
:authority
ads.pubmatic.com
:scheme
https
:path
/AdServer/js/showad.js
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.sfweekly.com/
accept-encoding
gzip, deflate, br
cookie
KTPCACOOKIE=true; KADUSERCOOKIE=F81EBD4E-0CF0-45F5-92DA-18DBAAD0E44A
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.sfweekly.com/

Response headers

last-modified
Tue, 15 Jun 2021 06:07:52 GMT
etag
"13006b6-974e-5c4c7cb53d8cb"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
13946
content-type
text/html; charset=UTF-8
cache-control
public, max-age=57540
expires
Sat, 02 Oct 2021 02:10:37 GMT
date
Fri, 01 Oct 2021 10:11:37 GMT
vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame D026 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: hb.brainlyads.com
URL: https://hb.brainlyads.com/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Host
acdn.adnxs.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.sfweekly.com/
Accept-Encoding
gzip, deflate, br
Cookie
uuid2=8024006013844445723; icu=ChgI14psEAoYAiACKAIw1r3bigY4AkACSAIQ1r3bigYYAQ..
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.sfweekly.com/

Response headers

Connection
keep-alive
Content-Length
17053
Server
nginx/1.18.0 (Ubuntu)
Content-Type
text/html
Last-Modified
Wed, 02 Dec 2020 20:56:47 GMT
ETag
W/"5fc7ff8f-cf34"
Expires
Fri, 01 Oct 2021 05:08:47 GMT
Cache-Control
max-age=86402
Access-Control-Allow-Origin
*
Content-Encoding
gzip
Via
1.1 varnish, 1.1 varnish
Accept-Ranges
bytes
Date
Fri, 01 Oct 2021 10:11:37 GMT
Age
18170
X-Served-By
cache-lga21972-LGA, cache-hhn4069-HHN
X-Cache
HIT, HIT
X-Cache-Hits
1, 338760
X-Timer
S1633083097.145053,VS0,VE0
Vary
Accept-Encoding
ixmatch.html
js-sec.indexww.com/um/ Frame E7FF 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: hb.brainlyads.com
URL: https://hb.brainlyads.com/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c

Request headers

Host
js-sec.indexww.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.sfweekly.com/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.sfweekly.com/

Response headers

Server
Apache
Last-Modified
Thu, 11 Feb 2021 16:12:45 GMT
ETag
"e20015-90b-5bb11ca420f07"
Accept-Ranges
bytes
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
text/html; charset=UTF-8
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
1151
Date
Fri, 01 Oct 2021 10:11:37 GMT
Connection
keep-alive
async_usersync.html
acdn.adnxs.com/dmp/ Frame DDD3 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: hb.brainlyads.com
URL: https://hb.brainlyads.com/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Host
acdn.adnxs.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.sfweekly.com/
Accept-Encoding
gzip, deflate, br
Cookie
uuid2=8024006013844445723; icu=ChgI14psEAoYAiACKAIw1r3bigY4AkACSAIQ1r3bigYYAQ..
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.sfweekly.com/

Response headers

Connection
keep-alive
Content-Length
17053
Server
nginx/1.18.0 (Ubuntu)
Content-Type
text/html
Last-Modified
Wed, 02 Dec 2020 20:56:47 GMT
ETag
W/"5fc7ff8f-cf34"
Expires
Fri, 01 Oct 2021 05:08:47 GMT
Cache-Control
max-age=86402
Access-Control-Allow-Origin
*
Content-Encoding
gzip
Via
1.1 varnish, 1.1 varnish
Accept-Ranges
bytes
Date
Fri, 01 Oct 2021 10:11:37 GMT
Age
18170
X-Served-By
cache-lga21972-LGA, cache-hhn4054-HHN
X-Cache
HIT, HIT
X-Cache-Hits
1, 348015
X-Timer
S1633083097.145847,VS0,VE0
Vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame 5A7F 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: hb.brainlyads.com
URL: https://hb.brainlyads.com/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Host
acdn.adnxs.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.sfweekly.com/
Accept-Encoding
gzip, deflate, br
Cookie
uuid2=8024006013844445723; icu=ChgI14psEAoYAiACKAIw1r3bigY4AkACSAIQ1r3bigYYAQ..
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.sfweekly.com/

Response headers

Connection
keep-alive
Content-Length
17053
Server
nginx/1.18.0 (Ubuntu)
Content-Type
text/html
Last-Modified
Wed, 02 Dec 2020 20:56:47 GMT
ETag
W/"5fc7ff8f-cf34"
Expires
Fri, 01 Oct 2021 05:08:47 GMT
Cache-Control
max-age=86402
Access-Control-Allow-Origin
*
Content-Encoding
gzip
Via
1.1 varnish, 1.1 varnish
Accept-Ranges
bytes
Date
Fri, 01 Oct 2021 10:11:37 GMT
Age
18170
X-Served-By
cache-lga21972-LGA, cache-hhn4037-HHN
X-Cache
HIT, HIT
X-Cache-Hits
1, 335502
X-Timer
S1633083097.145857,VS0,VE0
Vary
Accept-Encoding
showad.js
ads.pubmatic.com/AdServer/js/ Frame EDA7 		38 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: hb.brainlyads.com
URL: https://hb.brainlyads.com/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
9005ef18fcfb3897cd13c7ec73f90d2b0da0cc7d6153be58cdbe90ad5e2741c8

Request headers

:method
GET
:authority
ads.pubmatic.com
:scheme
https
:path
/AdServer/js/showad.js
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.sfweekly.com/
accept-encoding
gzip, deflate, br
cookie
KTPCACOOKIE=true; KADUSERCOOKIE=F81EBD4E-0CF0-45F5-92DA-18DBAAD0E44A
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.sfweekly.com/

Response headers

last-modified
Tue, 15 Jun 2021 06:07:52 GMT
etag
"13006b6-974e-5c4c7cb53d8cb"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
13946
content-type
text/html; charset=UTF-8
cache-control
public, max-age=57540
expires
Sat, 02 Oct 2021 02:10:37 GMT
date
Fri, 01 Oct 2021 10:11:37 GMT
vary
Accept-Encoding
6.gif
id5-sync.com/c/441/19/4/ Frame 8C9D
Redirect Chain
  • https://id5-sync.com/s/441/9.gif?puid=e_1edbcb18-77c5-49be-93a1-49e7091e8c3d&gdpr=1&gdpr_consent=
  • https://id5-sync.com/c/441/441/9/1.gif?puid=e_1edbcb18-77c5-49be-93a1-49e7091e8c3d&gdpr=1&gdpr_consent=
  • https://ice.360yield.com/match?publisher_dsp_id=313&dsp_callback=1&external_user_id=ID5-ZHMOFSIKsxvih4RhKih28Jny1qjZa7tFgyABL6qD1w&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F441%2F916%2F8%2F2.gif%3Fpuid%3...
  • https://ice.360yield.com/ul_cb/match?publisher_dsp_id=313&dsp_callback=1&external_user_id=ID5-ZHMOFSIKsxvih4RhKih28Jny1qjZa7tFgyABL6qD1w&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F441%2F916%2F8%2F2.gif%3F...
  • https://id5-sync.com/cq/441/916/8/2.gif?puid=0326701a-d791-4c78-bb96-9b1d181a8963&gdpr=1&gdpr_consent=&gdpr=1&gdpr_consent=
  • https://ice.360yield.com/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMOFSIKsxvih4RhKih28Jny1qjZa7tFgyABL6qD1w&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F441%2F124%2F7%2F3.gif%3Fpuid%3D...
  • https://id5-sync.com/cq/441/124/7/3.gif?puid=0326701a-d791-4c78-bb96-9b1d181a8963&gdpr=1&gdpr_consent=&gdpr=1&gdpr_consent=
  • https://ads.avocet.io/getuid?url=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F146%2F6%2F4.gif%3Fpuid%3D%7B%7BUUID%7D%7D%26gdpr%3D1%26gdpr_consent%3D
  • https://ads.avct.cloud/getuid?r=1&url=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F146%2F6%2F4.gif%3Fpuid%3D%7B%7BUUID%7D%7D%26gdpr%3D1%26gdpr_consent%3D
  • https://ads.avct.cloud/getuid?bounce=true&r=1&url=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F146%2F6%2F4.gif%3Fpuid%3D%7B%7BUUID%7D%7D%26gdpr%3D1%26gdpr_consent%3D
  • https://id5-sync.com/c/441/146/6/4.gif?puid=e6700eeb-4f4c-4139-a2d2-0fb81837e055&gdpr=1&gdpr_consent=
  • https://cookie-matching.mediarithmics.com/v1/get_user_agent_id?dom_token=id517&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9NSZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY
  • https://cookie-matching.mediarithmics.com/v1/get_or_create?sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9NSZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY&domid=1033
  • https://cm.g.doubleclick.net/pixel?google_nid=medr&google_cm&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9NSZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY&action=GET_ID&opid=goo&etid=&domi...
  • https://cookie-matching.mediarithmics.com/input?key=GOO&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9NSZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY&action=GET_ID&opid=goo&etid=&domid=103...
  • https://ib.adnxs.com/getuid?https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=$UID&opid=apx&ops=&utidl=tech:goo:CAESEO2EoYNG2WHG5qJFgSDGHVc&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0Rv...
  • https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=8024006013844445723&opid=apx&ops=&utidl=tech:goo:CAESEO2EoYNG2WHG5qJFgSDGHVc&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9NSZpbml0a...
  • https://id5-sync.com/qp/18.gif?puid=vec%3A21165419680&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9NSZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY
  • https://sync.crwdcntrl.net/map/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/441/19/4/6.gif?puid=${profile_id}&gdpr=1&gdpr_consent=
  • https://sync.crwdcntrl.net/map/ct=y/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/441/19/4/6.gif?puid=${profile_id}&gdpr=1&gdpr_consent=
  • https://id5-sync.com/c/441/19/4/6.gif?puid=54d24ff3f09adfa5ad5df1bd6623a1d0&gdpr=1&gdpr_consent=
0
0
PugMaster
image6.pubmatic.com/AdServer/ Frame C902 		5 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=11184698&p=157577&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.115 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
bc01c1fe75c35db57063b35d72d2d4df22575f938a0368bc54c7387a2965c412

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 10:11:37 GMT
content-type
text/html; charset=UTF-8
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
usync.js
eus.rubiconproject.com/ Frame 8D04 		31 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-78-125.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
6eac4f1bf5bf8976cc74f9d784adc40029ac907cf2ba54cc3c5a50c8e38cd122

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 01 Oct 2021 10:11:37 GMT
Content-Encoding
gzip
Last-Modified
Thu, 30 Sep 2021 18:24:26 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=46346
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9275
Expires
Fri, 01 Oct 2021 23:04:03 GMT
async_usersync
ib.adnxs.com/ Frame 5A7F 		0
578 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.37 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
691.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 01 Oct 2021 10:11:37 GMT
X-Proxy-Origin
216.131.111.45; 216.131.111.45; 691.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
ddc1cf6f-1d6f-4ea1-94cd-07c1bce8f974
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame D026 		0
578 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.37 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
691.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 01 Oct 2021 10:11:37 GMT
X-Proxy-Origin
216.131.111.45; 216.131.111.45; 691.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
87d7073d-1579-4090-84f1-5679739b95dd
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame DDD3 		0
578 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.37 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
691.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 01 Oct 2021 10:11:37 GMT
X-Proxy-Origin
216.131.111.45; 216.131.111.45; 691.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
e251b216-df22-4f84-adf5-c51ac71803dc
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 63DC 		0
578 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.37 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
691.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 01 Oct 2021 10:11:37 GMT
X-Proxy-Origin
216.131.111.45; 216.131.111.45; 691.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
a3eb3c7c-6057-4e66-815b-12fd8415f88a
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Cookie set usermatch
ssum-sec.casalemedia.com/ Frame C5DF
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatch?d=https://www.sfweekly.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
  • https://ssum-sec.casalemedia.com/usermatch?d=https://www.sfweekly.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https://www.sfweekly.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
5886de4e5b6b43a8ea1a4fa7a7eeee01923c862d98be72f785d97084a058416c

Request headers

Host
ssum-sec.casalemedia.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://js-sec.indexww.com/
Accept-Encoding
gzip, deflate, br
Cookie
CMID=YVbe2UU77.TBD8FqKu7ejgAA; CMPS=3237
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://js-sec.indexww.com/

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
45|241|39|230|51|31|105|10
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Content-Length
1563
Expires
Fri, 01 Oct 2021 10:11:37 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Fri, 01 Oct 2021 10:11:37 GMT
Connection
keep-alive
Set-Cookie
CMID=YVbe2UU77.TBD8FqKu7ejgAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sat, 01 Oct 2022 10:11:37 GMT CMPS=3237;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Thu, 30 Dec 2021 10:11:37 GMT CMPRO=1121;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Thu, 30 Dec 2021 10:11:37 GMT CMST=YVbe2WFW3tkA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sat, 02 Oct 2021 10:11:37 GMT CMRUM3=276156ded90b40&f16156ded905a0&e66156ded92760&336156ded905a0&696156ded905a0&1f6156ded905a00&2d6156ded905a0&0a6156ded927600;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sat, 01 Oct 2022 10:11:37 GMT

Redirect headers

Server
Apache
Content-Length
339
Content-Type
text/html; charset=iso-8859-1
Location
https://ssum-sec.casalemedia.com/usermatch?d=https://www.sfweekly.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Expires
Fri, 01 Oct 2021 10:11:37 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Fri, 01 Oct 2021 10:11:37 GMT
Connection
keep-alive
Set-Cookie
CMID=YVbe2UU77.TBD8FqKu7ejgAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sat, 01 Oct 2022 10:11:37 GMT CMPS=3237;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Thu, 30 Dec 2021 10:11:37 GMT
match
c1.adform.net/serving/cookie/ Frame 9C60
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&cid=F81EBD4E-0CF0-45F5-92DA-18DBAAD0E44A
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=F81EBD4E-0CF0-45F5-92DA-18DBAAD0E44A
35 B
467 B 		Document
General
Check archive.org
Download Go to
Full URL
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=F81EBD4E-0CF0-45F5-92DA-18DBAAD0E44A
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.236 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

:method
GET
:authority
c1.adform.net
:scheme
https
:path
/serving/cookie/match?CC=1&party=14&cid=F81EBD4E-0CF0-45F5-92DA-18DBAAD0E44A
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
cookie
C=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Fri, 01 Oct 2021 10:11:37 GMT
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate, no-transform
pragma
no-cache
expires
-1
set-cookie
uid=974244514086263321; expires=Tue, 30 Nov 2021 10:11:37 GMT; domain=adform.net; path=/; secure; samesite=none
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
strict-transport-security
max-age=31536000; includeSubDomains

Redirect headers

server
nginx
date
Fri, 01 Oct 2021 10:11:37 GMT
content-length
0
location
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=F81EBD4E-0CF0-45F5-92DA-18DBAAD0E44A
cache-control
no-cache, no-store, must-revalidate, no-transform
pragma
no-cache
expires
-1
set-cookie
C=1; expires=Mon, 01 Nov 2021 10:11:37 GMT; domain=adform.net; path=/; secure; samesite=none
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
strict-transport-security
max-age=31536000; includeSubDomains
sync
usr.undertone.com/userPixel/ Frame 88B0
Redirect Chain
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=9169346895279784238
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?p=160318&pmc=1&pr=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D53%26uid%3DF81EBD4E-0CF0-45F5-92DA-18DBAAD0E44A
  • https://usr.undertone.com/userPixel/sync?partnerId=53&uid=F81EBD4E-0CF0-45F5-92DA-18DBAAD0E44A
0
308 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usr.undertone.com/userPixel/sync?partnerId=53&uid=F81EBD4E-0CF0-45F5-92DA-18DBAAD0E44A
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.5.246.171 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-5-246-171.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Host
usr.undertone.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

date
Fri, 01 Oct 2021 10:11:36 GMT
server
istio-envoy
set-cookie
UID_EXT_53=F81EBD4E-0CF0-45F5-92DA-18DBAAD0E44A; Path=/; Domain=undertone.com; Expires=Sat, 01-Oct-2022 16:00:49 GMT; SameSite=None; Secure;
x-envoy-upstream-service-time
1
Content-Length
0
Connection
keep-alive

Redirect headers

server
nginx
date
Fri, 01 Oct 2021 10:11:36 GMT
set-cookie
SPugT=1633083096; domain=pubmatic.com; SameSite=None; secure; expires=Sun, 31-Oct-2021 10:11:36 GMT; path=/
location
https://usr.undertone.com/userPixel/sync?partnerId=53&uid=F81EBD4E-0CF0-45F5-92DA-18DBAAD0E44A
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private
usersync.aspx
dis.criteo.com/dis/ Frame 5FB1 		43 B
334 B 		Document
General
Check archive.org
Download Go to
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.163 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

:method
GET
:authority
dis.criteo.com
:scheme
https
:path
/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

date
Fri, 01 Oct 2021 10:11:37 GMT
content-type
image/gif
server
Kestrel
cache-control
no-cache
pragma
no-cache
expires
Fri, 01 Oct 2021 00:00:00 GMT
x-errorlevel
0
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
279302
Pug
simage2.pubmatic.com/AdServer/ Frame F93C
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7014038493271226508
42 B
519 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7014038493271226508
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

:method
GET
:authority
simage2.pubmatic.com
:scheme
https
:path
/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7014038493271226508
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
cookie
KADUSERCOOKIE=F81EBD4E-0CF0-45F5-92DA-18DBAAD0E44A; chkChromeAb67Sec=1; DPSync3=1633132800%3A174%7C1634256000%3A201_197_219; SyncRTB3=1634256000%3A56_71_234_230_165_54_3_55_88_176_13_99_204_222_21_166_81_189_220_161_8_22_7_231%7C1635638400%3A203%7C1633651200%3A223_15_2%7C1634342400%3A35%7C1633910400%3A63; KRTBCOOKIE_57=22776-8024006013844445723; PugT=1633083097; PUBMDCID=3
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Fri, 01 Oct 2021 10:11:36 GMT
content-type
image/gif; charset=utf-8
content-length
42
set-cookie
KRTBCOOKIE_1101=23040-7014038493271226508; domain=pubmatic.com; SameSite=None; secure; expires=Sun, 31-Oct-2021 10:11:36 GMT; path=/ PugT=1633083096; domain=pubmatic.com; SameSite=None; secure; expires=Sun, 31-Oct-2021 10:11:36 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Thu, 30-Dec-2021 10:11:36 GMT; path=/
x-lat
amspug001:0:450
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

Server
nginx
Date
Fri, 01 Oct 2021 10:11:37 GMT
Transfer-Encoding
chunked
Connection
keep-alive
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
Set-Cookie
UserID1=7014038493271226508; Max-Age=7776000; domain=.adfarm1.adition.com; Path=/; SameSite=None; Secure
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7014038493271226508
Pug
image2.pubmatic.com/AdServer/ Frame F418
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFFWVJrN0NyYjRBQUJTU0stWlcwUQ&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sy...
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
  • https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AAEYRk7Crb4AABSSK-ZW0Q&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dsas%252Cpm%26bee_sync_current_partner%3Dpp%2...
  • https://match.prod.bidr.io/cookie-sync?bee_sync_partners=sas%2Cpm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=2&ev=AAEYRk7Crb4AABSSK-ZW0Q&pid=558502&do=add
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAEYRk7Crb4AABSSK-ZW0Q&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpm%26bee_sync_current_part...
  • https://match.prod.bidr.io/cookie-sync?bee_sync_partners=pm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=3&userid=7205702882258895689
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAEYRk7Crb4AABSSK-ZW0Q
42 B
216 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAEYRk7Crb4AABSSK-ZW0Q
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

:method
GET
:authority
image2.pubmatic.com
:scheme
https
:path
/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAEYRk7Crb4AABSSK-ZW0Q
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
cookie
KADUSERCOOKIE=F81EBD4E-0CF0-45F5-92DA-18DBAAD0E44A; DPSync3=1633132800%3A174%7C1634256000%3A201_197_219; KRTBCOOKIE_57=22776-8024006013844445723; PUBMDCID=3; KRTBCOOKIE_80=22987-CAESEKyG5vFjqM23fQR1kCnWnYo&KRTB&16514-CAESEKyG5vFjqM23fQR1kCnWnYo&KRTB&23025-CAESEKyG5vFjqM23fQR1kCnWnYo; SPugT=1633083096; KRTBCOOKIE_409=22966-2aZSAGWS8llKICBlqJhRXktD; KRTBCOOKIE_153=19420-oQObpvNXyqm6Bpep8gOD8adRzaO6Bsr29QE0PtTL&KRTB&22979-oQObpvNXyqm6Bpep8gOD8adRzaO6Bsr29QE0PtTL; KRTBCOOKIE_1101=23040-7014038493271226508; KRTBCOOKIE_377=6810-117b351e-56e1-4502-abfd-e86c5570ad18&KRTB&22918-117b351e-56e1-4502-abfd-e86c5570ad18&KRTB&23031-117b351e-56e1-4502-abfd-e86c5570ad18; KRTBCOOKIE_27=16735-uid:57de6156-ded5-4200-bf94-c7d95625e804&KRTB&16736-uid:57de6156-ded5-4200-bf94-c7d95625e804&KRTB&23019-uid:57de6156-ded5-4200-bf94-c7d95625e804&KRTB&23114-uid:57de6156-ded5-4200-bf94-c7d95625e804; SyncRTB3=1634256000%3A55_21_71_3_7_104_13_8_230_54_99_231_234_176_81_22_165_166_220_161_189_56_88_204_222%7C1633651200%3A223_15_2%7C1635638400%3A203%7C1634342400%3A35%7C1633910400%3A63; KRTBCOOKIE_391=22924-6820726720678911436&KRTB&23263-6820726720678911436; KRTBCOOKIE_336=5844-9169346895279784238; KRTBCOOKIE_594=17105-RX-51300f6b-ba71-4745-9193-d0880a824dcf-003&KRTB&17107-RX-51300f6b-ba71-4745-9193-d0880a824dcf-003; KRTBCOOKIE_22=14911-8354336131457789763; KRTBCOOKIE_188=3189-69bce38d-da38-4741-b143-da81c49889cb-6156ded9-5553; KRTBCOOKIE_218=22978-YVbe2QAFvmUTsAA6&KRTB&23194-YVbe2QAFvmUTsAA6&KRTB&23209-YVbe2QAFvmUTsAA6&KRTB&23244-YVbe2QAFvmUTsAA6; PugT=1633083096; chkChromeAb67Sec=5; KRTBCOOKIE_466=16530-800f4375-b8b2-4cf7-9f2c-0b1fb371fc3f
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Fri, 01 Oct 2021 10:11:37 GMT
content-type
image/gif; charset=utf-8
content-length
42
set-cookie
KRTBCOOKIE_699=22727-AAEYRk7Crb4AABSSK-ZW0Q; domain=pubmatic.com; SameSite=None; secure; expires=Sun, 31-Oct-2021 10:11:37 GMT; path=/ PugT=1633083097; domain=pubmatic.com; SameSite=None; secure; expires=Sun, 31-Oct-2021 10:11:37 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Thu, 30-Dec-2021 10:11:37 GMT; path=/
x-lat
lhrpug007:0:684
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

Date
Fri, 01 Oct 2021 10:11:37 GMT
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAEYRk7Crb4AABSSK-ZW0Q
Server
nginx
strict-transport-security
max-age=2592000; includeSubDomains
Content-Length
0
Connection
keep-alive
Pug
simage2.pubmatic.com/AdServer/ Frame 424F
Redirect Chain
  • https://csync.loopme.me/?redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={device_id}&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0
0
107 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method
GET
:authority
simage2.pubmatic.com
:scheme
https
:path
/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
cookie
KADUSERCOOKIE=F81EBD4E-0CF0-45F5-92DA-18DBAAD0E44A; chkChromeAb67Sec=1; DPSync3=1633132800%3A174%7C1634256000%3A201_197_219; SyncRTB3=1634256000%3A56_71_234_230_165_54_3_55_88_176_13_99_204_222_21_166_81_189_220_161_8_22_7_231%7C1635638400%3A203%7C1633651200%3A223_15_2%7C1634342400%3A35%7C1633910400%3A63; KRTBCOOKIE_57=22776-8024006013844445723; PugT=1633083097; PUBMDCID=3; KRTBCOOKIE_80=22987-CAESEKyG5vFjqM23fQR1kCnWnYo&KRTB&16514-CAESEKyG5vFjqM23fQR1kCnWnYo&KRTB&23025-CAESEKyG5vFjqM23fQR1kCnWnYo
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Fri, 01 Oct 2021 10:11:35 GMT
content-type
text/html; charset=utf-8
x-lat
amspug007:2:339
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private
content-encoding
gzip

Redirect headers

set-cookie
viewer_token=d145573a-e023-4da8-95cf-61fd3e65dacb; path=/; domain=csync.loopme.me; Expires=Mon, 01-Nov-2021 10:11:37 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0
content-length
0
date
Fri, 01 Oct 2021 10:11:37 GMT
server
_
ImgSync
image8.pubmatic.com/AdServer/ Frame 2E3D
Redirect Chain
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=2963742874
  • https://sync.1rx.io/usersync/tradedesk/117b351e-56e1-4502-abfd-e86c5570ad18
  • https://sync.targeting.unrulymedia.com/csync/RX-51300f6b-ba71-4745-9193-d0880a824dcf-003?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-51300f6b-ba71-4745-9193-d0880a824dcf-003
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.79 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash

Request headers

:method
GET
:authority
image8.pubmatic.com
:scheme
https
:path
/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
cookie
KADUSERCOOKIE=F81EBD4E-0CF0-45F5-92DA-18DBAAD0E44A; DPSync3=1633132800%3A174%7C1634256000%3A201_197_219; KRTBCOOKIE_57=22776-8024006013844445723; PUBMDCID=3; KRTBCOOKIE_80=22987-CAESEKyG5vFjqM23fQR1kCnWnYo&KRTB&16514-CAESEKyG5vFjqM23fQR1kCnWnYo&KRTB&23025-CAESEKyG5vFjqM23fQR1kCnWnYo; SPugT=1633083096; KRTBCOOKIE_409=22966-2aZSAGWS8llKICBlqJhRXktD; KRTBCOOKIE_153=19420-oQObpvNXyqm6Bpep8gOD8adRzaO6Bsr29QE0PtTL&KRTB&22979-oQObpvNXyqm6Bpep8gOD8adRzaO6Bsr29QE0PtTL; KRTBCOOKIE_1101=23040-7014038493271226508; KRTBCOOKIE_377=6810-117b351e-56e1-4502-abfd-e86c5570ad18&KRTB&22918-117b351e-56e1-4502-abfd-e86c5570ad18&KRTB&23031-117b351e-56e1-4502-abfd-e86c5570ad18; KRTBCOOKIE_27=16735-uid:57de6156-ded5-4200-bf94-c7d95625e804&KRTB&16736-uid:57de6156-ded5-4200-bf94-c7d95625e804&KRTB&23019-uid:57de6156-ded5-4200-bf94-c7d95625e804&KRTB&23114-uid:57de6156-ded5-4200-bf94-c7d95625e804; SyncRTB3=1634256000%3A55_21_71_3_7_104_13_8_230_54_99_231_234_176_81_22_165_166_220_161_189_56_88_204_222%7C1633651200%3A223_15_2%7C1635638400%3A203%7C1634342400%3A35%7C1633910400%3A63; KRTBCOOKIE_391=22924-6820726720678911436&KRTB&23263-6820726720678911436; KRTBCOOKIE_336=5844-9169346895279784238; chkChromeAb67Sec=3; KRTBCOOKIE_594=17105-RX-51300f6b-ba71-4745-9193-d0880a824dcf-003&KRTB&17107-RX-51300f6b-ba71-4745-9193-d0880a824dcf-003; PugT=1633083096
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

cache-control
private,max-age=86400
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
set-cookie
ipc=0^^0^0; domain=pubmatic.com; path=/; max-age=3; SameSite=None; secure; KADUSERCOOKIE=F81EBD4E-0CF0-45F5-92DA-18DBAAD0E44A; domain=pubmatic.com; path=/; max-age=7776000; SameSite=None; secure; chkChromeAb67Sec=4; domain=pubmatic.com; path=/; max-age=7776000; SameSite=None; secure;
date
Fri, 01 Oct 2021 10:11:37 GMT

Redirect headers

server
nginx
date
Fri, 01 Oct 2021 10:11:36 GMT
set-cookie
KRTBCOOKIE_594=17105-RX-51300f6b-ba71-4745-9193-d0880a824dcf-003&KRTB&17107-RX-51300f6b-ba71-4745-9193-d0880a824dcf-003; domain=pubmatic.com; SameSite=None; secure; expires=Thu, 30-Dec-2021 10:11:36 GMT; path=/ PugT=1633083096; domain=pubmatic.com; SameSite=None; secure; expires=Sun, 31-Oct-2021 10:11:36 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Thu, 30-Dec-2021 10:11:36 GMT; path=/
x-lat
amspug006:0:394
location
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private
dpe
ad4m.at/ad/ Frame C62F 		42 B
974 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/ad/dpe?b=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjkmdGw9MTI5NjAw&piggybackCookie=$UID
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.74.129 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint; report-uri https://as.ad4m.at/ad/rcv; upgrade-insecure-requests; sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox

Request headers

:method
GET
:authority
ad4m.at
:scheme
https
:path
/ad/dpe?b=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjkmdGw9MTI5NjAw&piggybackCookie=$UID
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

date
Fri, 01 Oct 2021 10:11:37 GMT
content-type
image/gif
content-length
42
report-to
{"endpoints":[{"url":"https://as.ad4m.at/ad/vre"}],"group":"report-endpoint","max_age":86400}
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0"}
expires
0
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
content-security-policy
block-all-mixed-content; report-to report-endpoint; report-uri https://as.ad4m.at/ad/rcv; upgrade-insecure-requests; sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
referrer-policy
same-origin
pragma
no-cache
surrogate-control
no-store
x-fastcgi-cache
BYPASS
x-backend-server
adsrv-wmp3
via
1.1 google
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6974e86e2d5d3a53-CDG
Pug
image2.pubmatic.com/AdServer/ Frame A702
Redirect Chain
  • https://green.erne.co/pubmatic/cm?
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=2aZSAGWS8llKICBlqJhRXktD
42 B
216 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=2aZSAGWS8llKICBlqJhRXktD
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

:method
GET
:authority
image2.pubmatic.com
:scheme
https
:path
/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=2aZSAGWS8llKICBlqJhRXktD
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
cookie
KADUSERCOOKIE=F81EBD4E-0CF0-45F5-92DA-18DBAAD0E44A; chkChromeAb67Sec=1; DPSync3=1633132800%3A174%7C1634256000%3A201_197_219; SyncRTB3=1634256000%3A56_71_234_230_165_54_3_55_88_176_13_99_204_222_21_166_81_189_220_161_8_22_7_231%7C1635638400%3A203%7C1633651200%3A223_15_2%7C1634342400%3A35%7C1633910400%3A63; KRTBCOOKIE_57=22776-8024006013844445723; PugT=1633083097; PUBMDCID=3; KRTBCOOKIE_80=22987-CAESEKyG5vFjqM23fQR1kCnWnYo&KRTB&16514-CAESEKyG5vFjqM23fQR1kCnWnYo&KRTB&23025-CAESEKyG5vFjqM23fQR1kCnWnYo
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Fri, 01 Oct 2021 10:11:37 GMT
content-type
image/gif; charset=utf-8
content-length
42
set-cookie
KRTBCOOKIE_409=22966-2aZSAGWS8llKICBlqJhRXktD; domain=pubmatic.com; SameSite=None; secure; expires=Sun, 31-Oct-2021 10:11:37 GMT; path=/ PugT=1633083097; domain=pubmatic.com; SameSite=None; secure; expires=Sun, 31-Oct-2021 10:11:37 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Thu, 30-Dec-2021 10:11:37 GMT; path=/
x-lat
lhrpug020:0:377
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

server
openresty
date
Fri, 01 Oct 2021 10:11:37 GMT
content-length
0
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
set-cookie
u=2aZSAGWS8llKICBlqJhRXktD; Max-Age=31536000; Domain=.erne.co; Path=/; Secure; SameSite=None
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=2aZSAGWS8llKICBlqJhRXktD
strict-transport-security
max-age=0; includeSubDomains;
bridge
cm.adgrx.com/ Frame 9AF9 		43 B
408 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
72.251.241.196 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
Cowboy /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Host
cm.adgrx.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

Date
Fri, 01 Oct 2021 10:11:37 GMT
Content-Type
image/gif
Content-Length
43
Connection
keep-alive
server
Cowboy
X-RealServer-NX
ams-delivery-5
Cache-Control
no-cache, no-store, must-revalidate, proxy-revalidate
Pragma
no-cache
Expires
Thu, 23 Sep 2004 17:42:04 GMT
P3P
CP="NOI OTC OTP OUR NOR"
Access-Control-Allow-Origin
*
i.match
s.tribalfusion.com/z/ Frame F68A
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATI...
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMA...
43 B
417 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.12.5 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0

Request headers

:method
GET
:authority
s.tribalfusion.com
:scheme
https
:path
/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
cookie
ANON_ID=aOnoeUSyZaRVRT8vtRLHxDHW8mrMGuZaxryTZc0ZbUyB
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

date
Fri, 01 Oct 2021 10:11:37 GMT
content-type
image/gif; charset=utf-8
content-length
43
p3p
CP="NOI DEVo TAIa OUR BUS"
x-function
302
cache-control
no-cache private
expires
Thu, 01 Jan 1970 00:00:00 GMT
pragma
no-cache
set-cookie
ANON_ID=aVnseFpyXagbqiVREF6MRdaHMyBgETNoVr4GywfcZciJV36NUZbsZccKap2DegNulxmR73RjyUZar21pY9iyiTZdq; path=/; domain=.tribalfusion.com; expires=Thu, 30-Dec-2021 10:11:37 GMT; SameSite=None; Secure; ANON_ID_old=aVnseFpyXagbqiVREF6MRdaHMyBgETNoVr4GywfcZciJV36NUZbsZccKap2DegNulxmR73RjyUZar21pY9iyiTZdq; path=/; domain=.tribalfusion.com; expires=Thu, 30-Dec-2021 10:11:37 GMT;
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6974e86f3c04876a-DUS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

date
Fri, 01 Oct 2021 10:11:37 GMT
content-type
text/html
p3p
CP="NOI DEVo TAIa OUR BUS"
x-function
206
x-reuse-index
234
cache-control
no-cache private
expires
Thu, 01 Jan 1970 00:00:00 GMT
pragma
no-cache
set-cookie
ANON_ID=aOnoeUSyZaRVRT8vtRLHxDHW8mrMGuZaxryTZc0ZbUyB; path=/; domain=.tribalfusion.com; expires=Thu, 30-Dec-2021 10:11:37 GMT; SameSite=None; Secure; ANON_ID_old=aOnoeUSyZaRVRT8vtRLHxDHW8mrMGuZaxryTZc0ZbUyB; path=/; domain=.tribalfusion.com; expires=Thu, 30-Dec-2021 10:11:37 GMT;
location
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6974e86e1a7d876a-DUS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
141
match.deepintent.com/usersync/ Frame 609E 		0
44 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
38.91.45.7 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
Software
a /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method
GET
:authority
match.deepintent.com
:scheme
https
:path
/usersync/141?gdpr=0&gdpr_consent=
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

content-length
0
date
Fri, 01 Oct 2021 10:11:37 GMT
server
a
rtb-h
match.taboola.com/sg/pubmatic-ssp-network/1/ Frame 54AB
Redirect Chain
  • https://trc.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=uid:$UID
  • https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=52b20f26-cd0d-44e7-b36a-021a783e34d5-tuct8506459&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdSe...
0
53 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=52b20f26-cd0d-44e7-b36a-021a783e34d5-tuct8506459&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method
GET
:authority
match.taboola.com
:scheme
https
:path
/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=52b20f26-cd0d-44e7-b36a-021a783e34d5-tuct8506459&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
cookie
t_gid=52b20f26-cd0d-44e7-b36a-021a783e34d5-tuct8506459
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
accept-ranges
bytes
date
Fri, 01 Oct 2021 10:11:37 GMT
via
1.1 varnish
x-served-by
cache-hhn4070-HHN
x-cache
MISS
x-cache-hits
0
x-timer
S1633083097.319945,VS0,VE9
content-length
0

Redirect headers

server
nginx
set-cookie
t_gid=52b20f26-cd0d-44e7-b36a-021a783e34d5-tuct8506459;Version=1;Path=/;Domain=.taboola.com;Expires=Sat, 01-Oct-2022 10:11:37 GMT;Max-Age=31536000;Secure;SameSite=None
location
https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=52b20f26-cd0d-44e7-b36a-021a783e34d5-tuct8506459&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
accept-ranges
bytes
date
Fri, 01 Oct 2021 10:11:37 GMT
via
1.1 varnish
x-served-by
cache-hhn4070-HHN
x-cache
MISS
x-cache-hits
0
x-timer
S1633083097.288229,VS0,VE8
x-vcl-time-ms
8
content-length
0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame C902
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=-B69TgzwRfWS2hjbqtDkSg%3D%3D
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 10:11:37 GMT
content-encoding
gzip
last-modified
Tue, 15 Jun 2021 06:08:03 GMT
server
Apache/2.2.15 (CentOS)
etag
"1300708-3945-5c4c7cc02bd56"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=145047
accept-ranges
bytes
content-type
text/html; charset=UTF-8
content-length
5054
expires
Sun, 03 Oct 2021 02:29:04 GMT

Redirect headers

pragma
no-cache
date
Fri, 01 Oct 2021 10:11:37 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
272
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
SPug
image4.pubmatic.com/AdServer/ Frame C902
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=57de6156-ded5-4200-bf94-c7d95625e804
0
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=57de6156-ded5-4200-bf94-c7d95625e804
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.114 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 10:11:36 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Fri, 01 Oct 2021 10:11:37 GMT
Server
MT3 3984 0e3af3b master zrh-pixel-x15 config:1.0.0
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=57de6156-ded5-4200-bf94-c7d95625e804
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Fri, 01 Oct 2021 10:11:36 GMT
match
ps.eyeota.net/ Frame C902
Redirect Chain
  • https://pixel.onaudience.com/?partner=214&mapped=F81EBD4E-0CF0-45F5-92DA-18DBAAD0E44A
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1
  • https://pixel.onaudience.com/?partner=147&mapped=117b351e-56e1-4502-abfd-e86c5570ad18&icm
  • https://pixel.onaudience.com/?partner=236&icm&cver&smartmap=1&redirect=ps.eyeota.net%2Fpixel%3Fgdpr%3D%26gdpr_consent%3D%26pid%3D3b2cb90%26t%3Dgif%26uid%3D%25m
  • https://ps.eyeota.net/pixel?gdpr=&gdpr_consent=&pid=3b2cb90&t=gif&uid=423a44d6f6bc6983
  • https://ps.eyeota.net/pixel/bounce/?gdpr=&gdpr_consent=&pid=3b2cb90&t=gif&uid=423a44d6f6bc6983
  • https://cm.g.doubleclick.net/pixel?google_nid=eye&google_cm&google_sc&google_hm=MnFFdDZjRDJHU0Y2bVRFMGVDczd4c1pzVnBJcE5jVlJWLVNhSTZ0NWhBV2c&gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&dc_rc=1&...
  • https://ps.eyeota.net/match?gdpr=0&gdpr_consent=&uid=1&bid=gdo9o51&newuser=1&dc_rc=1&dc_mr=5&dc_orig=3b2cb90&referrer_pid=3b2cb90&google_gid=CAESEDijbM-CkD7U6RaPfBFObgw&google_cver=1
  • https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMjg0NTA1NDYvdC8w/url/https://ps.eyeota.net/match?bid=1mpjpn0&turn_id=$!{TURN_UUID}&newuser=1&dc_rc=2&dc_mr=5&dc_orig=3b2cb90&&referrer_pid=3b2cb90
  • https://ps.eyeota.net/match?bid=1mpjpn0&turn_id=8354336131457789763&newuser=1&dc_rc=2&dc_mr=5&dc_orig=3b2cb90&&referrer_pid=3b2cb90
  • https://sync.mathtag.com/sync/img?mt_exid=10015&redir=https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fbid%3D7vi0rg0%26uid%3D%5BMM_UUID%5D%26dc_rc%3D3%26dc_mr%3D5%26dc_orig%3D3b2cb90%26%26referrer_pid%3D3b2cb90
  • https://ps.eyeota.net/match?bid=7vi0rg0&uid=57de6156-ded5-4200-bf94-c7d95625e804&dc_rc=3&dc_mr=5&dc_orig=3b2cb90&&referrer_pid=3b2cb90
  • https://sync-tm.everesttech.net/upi/pid/lons7jax?redir=https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fuid%3D%24%7BTM_USER_ID%7D%26bid%3D0rijhbu%26dc_rc%3D4%26dc_mr%3D5%26dc_orig%3D3b2cb90%26%26referrer_pid%...
  • https://ps.eyeota.net/match?uid=YVbe2QAFvmUTsAA6&bid=0rijhbu&dc_rc=4&dc_mr=5&dc_orig=3b2cb90&&referrer_pid=3b2cb90
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=eyeota&ttd_tpi=1
  • https://ps.eyeota.net/match?uid=117b351e-56e1-4502-abfd-e86c5570ad18&bid=1e2n4ou
70 B
440 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ps.eyeota.net/match?uid=117b351e-56e1-4502-abfd-e86c5570ad18&bid=1e2n4ou
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.57.150.20 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-57-150-20.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 01 Oct 2021 10:11:37 GMT
Content-Type
image/gif
Content-Length
70
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

pragma
no-cache
date
Fri, 01 Oct 2021 10:11:37 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://ps.eyeota.net/match?uid=117b351e-56e1-4502-abfd-e86c5570ad18&bid=1e2n4ou
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
191
Pug
image2.pubmatic.com/AdServer/ Frame C902
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=RjgxRUJENEUtMENGMC00NUY1LTkyREEtMThEQkFBRDBFNDRB&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 10:11:37 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug003:0:332
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Fri, 01 Oct 2021 10:11:37 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame C902
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEKyG5vFjqM23fQR1kCnWnYo&google_cver=1
42 B
283 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEKyG5vFjqM23fQR1kCnWnYo&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 10:11:37 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug002:0:590
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Fri, 01 Oct 2021 10:11:37 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEKyG5vFjqM23fQR1kCnWnYo&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubmatic
um.simpli.fi/ Frame C902 		43 B
612 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
159.253.128.183 Amsterdam, Netherlands, ASN36351 (SOFTLAYER, US),
Reverse DNS
b7.80.fd9f.ip4.static.sl-reverse.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 10:11:37 GMT
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Thu, 30 Sep 2021 10:11:37 GMT
sync
usr.undertone.com/userPixel/ Frame C902
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=6820726720678911436
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?p=160318&pmc=1&pr=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D53%26uid%3DF81EBD4E-0CF0-45F5-92DA-18DBAAD0E44A
  • https://usr.undertone.com/userPixel/sync?partnerId=53&uid=F81EBD4E-0CF0-45F5-92DA-18DBAAD0E44A
0
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usr.undertone.com/userPixel/sync?partnerId=53&uid=F81EBD4E-0CF0-45F5-92DA-18DBAAD0E44A
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.5.246.171 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-5-246-171.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 10:11:36 GMT
x-envoy-upstream-service-time
1
server
istio-envoy
Connection
keep-alive
Content-Length
0

Redirect headers

location
https://usr.undertone.com/userPixel/sync?partnerId=53&uid=F81EBD4E-0CF0-45F5-92DA-18DBAAD0E44A
date
Fri, 01 Oct 2021 10:11:36 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Pug
simage2.pubmatic.com/AdServer/ Frame C902
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:57de6156-ded5-4200-bf94-c7d95625e804&gdpr=0&gdpr_consent=
42 B
341 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:57de6156-ded5-4200-bf94-c7d95625e804&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 10:11:36 GMT
cache-control
no-store, no-cache, private
x-lat
amspug006:0:393
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Fri, 01 Oct 2021 10:11:37 GMT
Server
MT3 3984 0e3af3b master zrh-pixel-x26 config:1.0.0
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:57de6156-ded5-4200-bf94-c7d95625e804&gdpr=0&gdpr_consent=
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Fri, 01 Oct 2021 10:11:36 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame C902
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=117b351e-56e1-4502-abfd-e86c5570ad18
42 B
292 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=117b351e-56e1-4502-abfd-e86c5570ad18
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 10:11:36 GMT
cache-control
no-store, no-cache, private
x-lat
amspug005:0:376
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Fri, 01 Oct 2021 10:11:37 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=117b351e-56e1-4502-abfd-e86c5570ad18
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
313
Pug
image2.pubmatic.com/AdServer/ Frame C902
Redirect Chain
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=8024006013844445723&gdpr=0&gdpr_consent=
42 B
387 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=8024006013844445723&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 10:11:37 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug004:0:478
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Pragma
no-cache
Date
Fri, 01 Oct 2021 10:11:37 GMT
X-Proxy-Origin
216.131.111.45; 216.131.111.45; 691.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
efa376bb-1db8-4734-b778-e12bf22fe5b8
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=8024006013844445723&gdpr=0&gdpr_consent=
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame C902
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=oQObpvNXyqm6Bpep8gOD8adRzaO6Bsr29QE0PtTL
42 B
270 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=oQObpvNXyqm6Bpep8gOD8adRzaO6Bsr29QE0PtTL
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 10:11:37 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug016:0:423
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Fri, 01 Oct 2021 10:11:37 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=oQObpvNXyqm6Bpep8gOD8adRzaO6Bsr29QE0PtTL
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
SPug
image4.pubmatic.com/AdServer/ Frame C902
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=F81EBD4E-0CF0-45F5-92DA-18DBAAD0E44A&redir=true&gdpr=0&gdpr_consent=
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=F81EBD4E-0CF0-45F5-92DA-18DBAAD0E44A&redir=true&gdpr=0&gdpr_consent=&verify=true
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-VL603m9E2uUKczhIPqSxKR_GgXNOQAs-~A&gdpr=0&gdpr_consent=
0
48 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-VL603m9E2uUKczhIPqSxKR_GgXNOQAs-~A&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.114 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 10:11:36 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Fri, 01 Oct 2021 10:11:37 GMT
Server
ATS/7.1.2.138
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-VL603m9E2uUKczhIPqSxKR_GgXNOQAs-~A&gdpr=0&gdpr_consent=
Connection
keep-alive
Content-Length
0
F81EBD4E-0CF0-45F5-92DA-18DBAAD0E44A
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame C902 		43 B
843 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/F81EBD4E-0CF0-45F5-92DA-18DBAAD0E44A?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.82.100.176 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
pr-bh-ing.pbp.vip.ir2.yahoo.com
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 10:11:37 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame C902
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://ads.betweendigital.com/match?bidder_id=43092&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dpubmatic%26expires%3D30%26user_group%3D%24...
  • https://ads.betweendigital.com/match?bidder_id=43092&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dpubmatic%26expires%3D30%26user_group%3D%24...
  • https://x.bidswitch.net/sync?dsp_id=429&user_id=a01691ff-2e63-5112-b5ce-26ddd498f804&ssp=pubmatic&expires=30&user_group=1
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=800f4375-b8b2-4cf7-9f2c-0b1fb371fc3f&gdpr=&gdpr_consent=&gdpr_pd=
1 B
181 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=800f4375-b8b2-4cf7-9f2c-0b1fb371fc3f&gdpr=&gdpr_consent=&gdpr_pd=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 10:11:36 GMT
cache-control
no-store, no-cache, private
x-lat
amspug005:0:4573
server
nginx
content-type
text/html; charset=utf-8
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
//simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=800f4375-b8b2-4cf7-9f2c-0b1fb371fc3f&gdpr=&gdpr_consent=&gdpr_pd=
date
Fri, 01 Oct 2021 10:11:37 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
current
pubmatic-match.dotomi.com/match/bounce/ Frame C902 		0
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=F81EBD4E-0CF0-45F5-92DA-18DBAAD0E44A&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
89.207.16.140 Roydon, United Kingdom, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
ams03-login.dotomi.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Oct 2021 10:11:37 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
ImgSync
image8.pubmatic.com/AdServer/ Frame C902
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%...
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YVbe2QAFvmUTsAA6&gdpr=0&gdpr_consent=&_test=YVbe2QAFvmUTsAA6
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
0
160 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.79 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 10:11:37 GMT
cache-control
private,max-age=86400
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
date
Fri, 01 Oct 2021 10:11:36 GMT
cache-control
no-store, no-cache, private
x-lat
amspug007:0:426
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
ImgSync
image8.pubmatic.com/AdServer/ Frame C902
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=8354336131457789763&gdpr=0&gdpr_consent=&us_privacy=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
0
43 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.79 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 10:11:37 GMT
cache-control
private,max-age=86400
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
date
Fri, 01 Oct 2021 10:11:35 GMT
cache-control
no-store, no-cache, private
x-lat
amspug002:0:807
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Pug
image2.pubmatic.com/AdServer/ Frame C902
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=3&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=69bce38d-da38-4741-b143-da81c49889cb-6156ded9-5553&gdpr=0&gdpr_consent=
42 B
233 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=69bce38d-da38-4741-b143-da81c49889cb-6156ded9-5553&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 10:11:37 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug009:0:388
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Fri, 01 Oct 2021 10:11:36 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=69bce38d-da38-4741-b143-da81c49889cb-6156ded9-5553&gdpr=0&gdpr_consent=
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame C902
Redirect Chain
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:41fb2e56-f756-4211-9be0-2f930194e3ab&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
42 B
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:41fb2e56-f756-4211-9be0-2f930194e3ab&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 10:11:36 GMT
cache-control
no-store, no-cache, private
x-lat
amspug009:0:389
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:41fb2e56-f756-4211-9be0-2f930194e3ab&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Date
Fri, 01 Oct 2021 10:11:37 GMT
Server
Apache/2.4.41 (Ubuntu)
Connection
Keep-Alive
Keep-Alive
timeout=5, max=3000
Content-Length
0
P3P
policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"
Pug
simage2.pubmatic.com/AdServer/ Frame C902
Redirect Chain
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=8024006013844445723
42 B
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=8024006013844445723
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 10:11:36 GMT
cache-control
no-store, no-cache, private
x-lat
amspug004:0:311
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Pragma
no-cache
Date
Fri, 01 Oct 2021 10:11:37 GMT
X-Proxy-Origin
216.131.111.45; 216.131.111.45; 536.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
40ccb95f-cfb1-482a-a437-938c87dd6821
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=8024006013844445723
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
d1ba4609
rtb.gumgum.com/getuid/ Frame C902 		35 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/getuid/d1ba4609?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw%26piggybackCookie%3D
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.251.173.19 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-251-173-19.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Oct 2021 10:11:37 GMT
content-type
image/gif;charset=UTF-8
server
nginx
p3p
CP="This is not a P3P policy"
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0
Cookie set usermatch
ssum-sec.casalemedia.com/ Frame 670B
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatch?d=https://www.sfweekly.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
  • https://ssum-sec.casalemedia.com/usermatch?d=https://www.sfweekly.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https://www.sfweekly.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
f0546e2375b884702877a0ca06d783d7b735a9999c4ba076f99a79c002874f5e

Request headers

Host
ssum-sec.casalemedia.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://js-sec.indexww.com/
Accept-Encoding
gzip, deflate, br
Cookie
CMPS=3237; CMID=YVbe2VEe.14l7tFzDBqOsQAA
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://js-sec.indexww.com/

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
39|241|230|45|73|5|64|81
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Content-Length
1572
Expires
Fri, 01 Oct 2021 10:11:37 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Fri, 01 Oct 2021 10:11:37 GMT
Connection
keep-alive
Set-Cookie
CMID=YVbe2VEe.14l7tFzDBqOsQAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sat, 01 Oct 2022 10:11:37 GMT CMPS=3237;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Thu, 30 Dec 2021 10:11:37 GMT CMPRO=1152;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Thu, 30 Dec 2021 10:11:37 GMT CMST=YVbe2WFW3tkA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sat, 02 Oct 2021 10:11:37 GMT CMRUM3=496156ded905a0&2d6156ded905a0&056156ded905a0&516156ded905a0&276156ded90b40&f16156ded905a0&e66156ded92760&406156ded905a0;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sat, 01 Oct 2022 10:11:37 GMT

Redirect headers

Server
Apache
Content-Length
339
Content-Type
text/html; charset=iso-8859-1
Location
https://ssum-sec.casalemedia.com/usermatch?d=https://www.sfweekly.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Expires
Fri, 01 Oct 2021 10:11:37 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Fri, 01 Oct 2021 10:11:37 GMT
Connection
keep-alive
Set-Cookie
CMID=YVbe2VEe.14l7tFzDBqOsQAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sat, 01 Oct 2022 10:11:37 GMT CMPS=3237;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Thu, 30 Dec 2021 10:11:37 GMT
Cookie set usermatch
ssum-sec.casalemedia.com/ Frame EDD6
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatch?d=https://www.sfweekly.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
  • https://ssum-sec.casalemedia.com/usermatch?d=https://www.sfweekly.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https://www.sfweekly.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
0a23631f456916ccd29ebfa1bd46f0cba15498a5b4c33aca43b1c261f28512ed

Request headers

Host
ssum-sec.casalemedia.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://js-sec.indexww.com/
Accept-Encoding
gzip, deflate, br
Cookie
CMPS=3237; CMID=YVbe2VEe.14l7tFzDBqOsgAA
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://js-sec.indexww.com/

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
230|241|39|45|111|156|64|206
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Content-Length
1649
Expires
Fri, 01 Oct 2021 10:11:37 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Fri, 01 Oct 2021 10:11:37 GMT
Connection
keep-alive
Set-Cookie
CMID=YVbe2VEe.14l7tFzDBqOsgAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sat, 01 Oct 2022 10:11:37 GMT CMPS=3237;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Thu, 30 Dec 2021 10:11:37 GMT CMPRO=1209;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Thu, 30 Dec 2021 10:11:37 GMT CMST=YVbe2WFW3tkA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sat, 02 Oct 2021 10:11:37 GMT CMRUM3=f16156ded905a0&276156ded90b40&9c6156ded905a00&406156ded905a0&6f6156ded905a0&e66156ded92760&2d6156ded905a0&ce6156ded905a0;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sat, 01 Oct 2022 10:11:37 GMT

Redirect headers

Server
Apache
Content-Length
339
Content-Type
text/html; charset=iso-8859-1
Location
https://ssum-sec.casalemedia.com/usermatch?d=https://www.sfweekly.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Expires
Fri, 01 Oct 2021 10:11:37 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Fri, 01 Oct 2021 10:11:37 GMT
Connection
keep-alive
Set-Cookie
CMID=YVbe2VEe.14l7tFzDBqOsgAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sat, 01 Oct 2022 10:11:37 GMT CMPS=3237;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Thu, 30 Dec 2021 10:11:37 GMT
Cookie set usermatch
ssum-sec.casalemedia.com/ Frame 5C14
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatch?d=https://www.sfweekly.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
  • https://ssum-sec.casalemedia.com/usermatch?d=https://www.sfweekly.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https://www.sfweekly.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
0282ec69b8a55cd68f38244999bcbcfd801517a5a08ad1bed75cbfe267affab8

Request headers

Host
ssum-sec.casalemedia.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://js-sec.indexww.com/
Accept-Encoding
gzip, deflate, br
Cookie
CMPS=3237; CMID=YVbe2UU77.TBD8FqKu7ekQAA
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://js-sec.indexww.com/

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
241|39|230|45|206|152|51|188
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Content-Length
1566
Expires
Fri, 01 Oct 2021 10:11:37 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Fri, 01 Oct 2021 10:11:37 GMT
Connection
keep-alive
Set-Cookie
CMID=YVbe2UU77.TBD8FqKu7ekQAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sat, 01 Oct 2022 10:11:37 GMT CMPS=3237;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Thu, 30 Dec 2021 10:11:37 GMT CMPRO=1157;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Thu, 30 Dec 2021 10:11:37 GMT CMST=YVbe2WFW3tkA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sat, 02 Oct 2021 10:11:37 GMT CMRUM3=bc6156ded905a00&ce6156ded905a0&2d6156ded905a0&986156ded905a00&f16156ded905a0&276156ded90b40&336156ded905a0&e66156ded92760;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sat, 01 Oct 2022 10:11:37 GMT

Redirect headers

Server
Apache
Content-Length
339
Content-Type
text/html; charset=iso-8859-1
Location
https://ssum-sec.casalemedia.com/usermatch?d=https://www.sfweekly.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Expires
Fri, 01 Oct 2021 10:11:37 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Fri, 01 Oct 2021 10:11:37 GMT
Connection
keep-alive
Set-Cookie
CMID=YVbe2UU77.TBD8FqKu7ekQAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sat, 01 Oct 2022 10:11:37 GMT CMPS=3237;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Thu, 30 Dec 2021 10:11:37 GMT
usync.html
eus.rubiconproject.com/ Frame D2AE
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=12776
  • https://eus.rubiconproject.com/usync.html?p=12776
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=12776
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-78-125.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Host
eus.rubiconproject.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://cdn.undertone.com/
Accept-Encoding
gzip, deflate, br
Cookie
rsid=1|HsGqLFsFr/vVSy6g0MQzNQWiuYBcZJvAvCF6IsCkVVYgwYaQOmrhQqqdY7qJ5+fKRB+v2jLGFGeoFyjBXEn+RTT+pWw62G0J5h4qb83eS0hKp2u2D6IxNbX7Tc/cWQrERdSf+hE=; khaos=KU87IBT5-X-G3KD; audit=1|hLZGFuTafB2dDliI0nQM/RmgpWwXQt0T0FBmQRW9tldEI638UdmZBucx9YsHfPe21p5dPQc6iNTMboWaW1ii7br1Qi87KC6M
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://cdn.undertone.com/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Fri, 24 Sep 2021 19:54:05 GMT
ETag
"40333-119-5ccc31c0f3140"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Fri, 01 Oct 2021 10:11:37 GMT
Connection
keep-alive
Vary
Accept-Encoding

Redirect headers

Server
AkamaiGHost
Content-Length
0
Location
https://eus.rubiconproject.com/usync.html?p=12776
Date
Fri, 01 Oct 2021 10:11:37 GMT
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
sync
usr.undertone.com/userPixel/ Frame D6DA
Redirect Chain
  • https://ib.adnxs.com/getuidnb?https://usr.undertone.com/userPixel/sync?partner=appnexus&uid=$UID
  • https://usr.undertone.com/userPixel/sync?partner=appnexus&uid=8024006013844445723
0
154 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usr.undertone.com/userPixel/sync?partner=appnexus&uid=8024006013844445723
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.5.246.171 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-5-246-171.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 10:11:36 GMT
x-envoy-upstream-service-time
1
server
istio-envoy
Connection
keep-alive
Content-Length
0

Redirect headers

Pragma
no-cache
Date
Fri, 01 Oct 2021 10:11:37 GMT
X-Proxy-Origin
216.131.111.45; 216.131.111.45; 691.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
41386f22-4e1b-4ab9-9c0a-645e1fc0e7fe
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://usr.undertone.com/userPixel/sync?partner=appnexus&uid=8024006013844445723
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
usr.undertone.com/userPixel/ Frame D6DA
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=fba3d144-1026-4d31-a758-943b9545e305&r=https://usr.undertone.com/userPixel/sync?partnerId=39&uid=
  • https://usr.undertone.com/userPixel/sync?partnerId=39&uid=14b6a8aa-df22-4cc6-afd1-3e8c77dccf39
0
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usr.undertone.com/userPixel/sync?partnerId=39&uid=14b6a8aa-df22-4cc6-afd1-3e8c77dccf39
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.5.246.171 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-5-246-171.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 10:11:37 GMT
x-envoy-upstream-service-time
0
server
istio-envoy
Connection
keep-alive
Content-Length
0

Redirect headers

date
Fri, 01 Oct 2021 10:11:37 GMT
content-encoding
gzip
server
OXGW/16.216.4
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://usr.undertone.com/userPixel/sync?partnerId=39&uid=14b6a8aa-df22-4cc6-afd1-3e8c77dccf39
content-type
image/gif
alt-svc
clear
content-length
0
via
1.1 google
sync
usr.undertone.com/userPixel/ Frame D6DA
Redirect Chain
  • https://pixel.advertising.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true
  • https://pixel.advertising.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true&verify=true
  • https://ups.analytics.yahoo.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true&apid=UPf688fd68-229f-11ec-b37f-02c99423f47e
  • https://usr.undertone.com/userPixel/sync?partner=verizon&uid=y-SQnW8CdE2uHWJRtJ3wOz5RmHkpEMUkyf~A~UPf688fd68-229f-11ec-b37f-02c99423f47e
0
154 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usr.undertone.com/userPixel/sync?partner=verizon&uid=y-SQnW8CdE2uHWJRtJ3wOz5RmHkpEMUkyf~A~UPf688fd68-229f-11ec-b37f-02c99423f47e
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.5.246.171 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-5-246-171.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 10:11:37 GMT
x-envoy-upstream-service-time
0
server
istio-envoy
Connection
keep-alive
Content-Length
0

Redirect headers

Date
Fri, 01 Oct 2021 10:11:37 GMT
Server
ATS/7.1.2.138
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://usr.undertone.com/userPixel/sync?partner=verizon&uid=y-SQnW8CdE2uHWJRtJ3wOz5RmHkpEMUkyf~A~UPf688fd68-229f-11ec-b37f-02c99423f47e
Connection
keep-alive
Content-Length
0
sync
usr.undertone.com/userPixel/ Frame D6DA
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=sirnsvg&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://usr.undertone.com/userPixel/sync?partner=ttd&uid=117b351e-56e1-4502-abfd-e86c5570ad18&ttl=1635675097
0
154 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usr.undertone.com/userPixel/sync?partner=ttd&uid=117b351e-56e1-4502-abfd-e86c5570ad18&ttl=1635675097
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.5.246.171 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-5-246-171.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 10:11:36 GMT
x-envoy-upstream-service-time
1
server
istio-envoy
Connection
keep-alive
Content-Length
0

Redirect headers

pragma
no-cache
date
Fri, 01 Oct 2021 10:11:37 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://usr.undertone.com/userPixel/sync?partner=ttd&uid=117b351e-56e1-4502-abfd-e86c5570ad18&ttl=1635675097
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
247
sync.php
pixel.rubiconproject.com/exchange/ Frame D6DA 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/exchange/sync.php?p=12776
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
66ef90d06496cfd000aab8206f2b6221
Content-Type
image/gif
sync
usr.undertone.com/userPixel/ Frame D6DA
Redirect Chain
  • https://cs.admanmedia.com/sync/undertone?url=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3Fpartner%3Dacuityads%26uid%3D%24UID
  • https://usr.undertone.com/userPixel/sync?partner=acuityads&uid=477c44c11e2a94142f746bc70bf1dca8648b4fd2
0
154 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usr.undertone.com/userPixel/sync?partner=acuityads&uid=477c44c11e2a94142f746bc70bf1dca8648b4fd2
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.5.246.171 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-5-246-171.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 10:11:37 GMT
x-envoy-upstream-service-time
0
server
istio-envoy
Connection
keep-alive
Content-Length
0

Redirect headers

Location
https://usr.undertone.com/userPixel/sync?partner=acuityads&uid=477c44c11e2a94142f746bc70bf1dca8648b4fd2
Date
Fri, 01 Oct 2021 10:11:37 GMT
Transfer-Encoding
chunked
Server
nginx
Connection
keep-alive
X-Frame-Options
DENY
Strict-Transport-Security
max-age=63072000; includeSubdomains; preload
Pug
simage2.pubmatic.com/AdServer/ Frame D6DA
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160318&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160318%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fusr.undertone...
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_cons...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=f6c9d721-229f-11ec-aa16-4dbb093d86b7&gdpr=0&gdpr_consent=
1 B
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=f6c9d721-229f-11ec-aa16-4dbb093d86b7&gdpr=0&gdpr_consent=
Requested by
Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cdn.undertone.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 10:11:36 GMT
cache-control
no-store, no-cache, private
x-lat
amspug015:0:431
server
nginx
content-type
text/html; charset=utf-8
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=f6c9d721-229f-11ec-aa16-4dbb093d86b7&gdpr=0&gdpr_consent=
Date
Fri, 01 Oct 2021 10:11:37 GMT
Server
Apache-Coyote/1.1
Connection
keep-alive
Content-Length
0
X-CI-RTID
f6c9fe32-229f-11ec-aa16-4dbb093d86b7
usync.js
eus.rubiconproject.com/ Frame D2AE 		31 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=12776
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-78-125.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
6eac4f1bf5bf8976cc74f9d784adc40029ac907cf2ba54cc3c5a50c8e38cd122

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=12776
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 01 Oct 2021 10:11:37 GMT
Content-Encoding
gzip
Last-Modified
Thu, 30 Sep 2021 18:24:26 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=46346
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9275
Expires
Fri, 01 Oct 2021 23:04:03 GMT
sync.php
pixel.rubiconproject.com/exchange/ Frame D2AE 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/exchange/sync.php?p=12776
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=12776
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
66ef90d06496cfd000aab8206f2b6221
Content-Type
image/gif
crum
dsum-sec.casalemedia.com/ Frame C5DF
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YVbe2UU77.TBD8FqKu7ekQAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESECXtlUg37X6Z_qTcH2CAMBE&google_cver=1&gdpr=1&google_hm=2
43 B
1001 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESECXtlUg37X6Z_qTcH2CAMBE&google_cver=1&gdpr=1&google_hm=2
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.sfweekly.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 01 Oct 2021 10:11:37 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 01 Oct 2021 10:11:37 GMT

Redirect headers

pragma
no-cache
date
Fri, 01 Oct 2021 10:11:37 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESECXtlUg37X6Z_qTcH2CAMBE&google_cver=1&gdpr=1&google_hm=2
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
341
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame C5DF
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YVbe2UU77-TBD8FqKu7ejgAABGEAAAIB
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YVbe2UU77-TBD8FqKu7ejgAABGEAAAIB&dcc=t
43 B
645 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YVbe2UU77-TBD8FqKu7ejgAABGEAAAIB&dcc=t
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.sfweekly.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.178.82 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 01 Oct 2021 10:11:37 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
VKSF208XMEG8HXGJRCCA
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 01 Oct 2021 10:11:37 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
DB9ZJ1W1H8Z050N93FBH
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YVbe2UU77-TBD8FqKu7ejgAABGEAAAIB&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame C5DF 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale?gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.sfweekly.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.242.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a97adde81b00f2ca4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Oct 2021 10:11:37 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
usermatchredir
ssum-sec.casalemedia.com/ Frame C5DF
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YVbe2UU77-TBD8FqKu7ejgAABGEAAAIB&gdpr_consent=&us_privacy=&gdpr=1
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESELtY3YjEt04OSN6JMbF5TNQ&google_cver=1
43 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESELtY3YjEt04OSN6JMbF5TNQ&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.sfweekly.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 01 Oct 2021 10:11:37 GMT
Server
Apache
Vary
Is-Traffic-Usersync
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Fri, 01 Oct 2021 10:11:37 GMT

Redirect headers

pragma
no-cache
date
Fri, 01 Oct 2021 10:11:37 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESELtY3YjEt04OSN6JMbF5TNQ&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
343
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sync
x.bidswitch.net/ Frame C5DF 		43 B
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=index&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.sfweekly.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.184.35.118 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-184-35-118.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 10:11:37 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
noop
px.owneriq.net/ Frame C5DF
Redirect Chain
  • https://px.owneriq.net/eucm/p/cc?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D31%26external_user_id%3D(OIQ_UUID)
  • https://px.owneriq.net/ecc?redir=https%3a%2f%2fdsum-sec.casalemedia.com%2fcrum%3fcm_dsp_id%3d31%26external_user_id%3dQ6863694971096429505&uid=Q6863694971096429505&ref=%2Feucm%2Fp%2Fcc
  • https://px.owneriq.net/noop?ct=image%2Fgif
0
287 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.owneriq.net/noop?ct=image%2Fgif
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.sfweekly.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.242.53 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-242-53.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 01 Oct 2021 10:11:37 GMT
Server
Apache/2.2.15 (CentOS)
Connection
keep-alive
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
X-Powered-By
PHP/5.3.3
Content-Length
0
Content-Type
image/gif

Redirect headers

Location
https://px.owneriq.net/noop?ct=image%2Fgif
Date
Fri, 01 Oct 2021 10:11:37 GMT
Server
AkamaiGHost
Connection
keep-alive
Content-Length
0
crum
dsum-sec.casalemedia.com/ Frame C5DF
Redirect Chain
  • https://d.adroll.com/cm/index/ssp?gdpr=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0
43 B
990 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.sfweekly.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 01 Oct 2021 10:11:37 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 01 Oct 2021 10:11:37 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0
date
Fri, 01 Oct 2021 10:11:37 GMT
server
nginx/1.20.0
content-length
76
crum
dsum-sec.casalemedia.com/ Frame C5DF
Redirect Chain
  • https://ums.acuityplatform.com/tum?umid=8
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=10&external_user_id=611361532471
43 B
1001 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=10&external_user_id=611361532471
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.sfweekly.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 01 Oct 2021 10:11:37 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 01 Oct 2021 10:11:37 GMT

Redirect headers

access-control-allow-origin
*
content-length
0
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=10&external_user_id=611361532471
htw-pixel.gif
js-sec.indexww.com/ht/ Frame C5DF 		43 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://js-sec.indexww.com/ht/htw-pixel.gif?YVbe2UU77.TBD8FqKu7ejgAA%261121
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.sfweekly.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 01 Oct 2021 10:11:37 GMT
Last-Modified
Tue, 24 Jan 2017 19:36:04 GMT
Server
Apache
ETag
"da1f1d-2b-546dc3a097100"
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=2854
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/gif
Content-Length
43
Expires
Fri, 01 Oct 2021 10:59:11 GMT
casale
match.adsrvr.org/track/cmf/ Frame 670B 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale?gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.sfweekly.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.242.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a97adde81b00f2ca4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Oct 2021 10:11:37 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
dcm
s.amazon-adsystem.com/ Frame 670B
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YVbe2VEe-14l7tFzDBqOsQAABIAAAAIB
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YVbe2VEe-14l7tFzDBqOsQAABIAAAAIB&dcc=t
43 B
645 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YVbe2VEe-14l7tFzDBqOsQAABIAAAAIB&dcc=t
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.sfweekly.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.178.82 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 01 Oct 2021 10:11:37 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
1NEZ59R4QZJXB2Z5ER4T
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 01 Oct 2021 10:11:37 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
TTPT0VRN8G165VGKBCTP
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YVbe2VEe-14l7tFzDBqOsQAABIAAAAIB&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
usermatchredir
ssum-sec.casalemedia.com/ Frame 670B
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YVbe2VEe-14l7tFzDBqOsQAABIAAAAIB&gdpr_consent=&us_privacy=&gdpr=1
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESELtY3YjEt04OSN6JMbF5TNQ&google_cver=1
43 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESELtY3YjEt04OSN6JMbF5TNQ&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.sfweekly.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 01 Oct 2021 10:11:37 GMT
Server
Apache
Vary
Is-Traffic-Usersync
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Fri, 01 Oct 2021 10:11:37 GMT

Redirect headers

pragma
no-cache
date
Fri, 01 Oct 2021 10:11:37 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESELtY3YjEt04OSN6JMbF5TNQ&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
343
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 670B
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YVbe2UU77.TBD8FqKu7ekQAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESECXtlUg37X6Z_qTcH2CAMBE&google_cver=1&gdpr=1&google_hm=2
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESECXtlUg37X6Z_qTcH2CAMBE&google_cver=1&gdpr=1&google_hm=2
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.sfweekly.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 01 Oct 2021 10:11:37 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 01 Oct 2021 10:11:37 GMT

Redirect headers

pragma
no-cache
date
Fri, 01 Oct 2021 10:11:37 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESECXtlUg37X6Z_qTcH2CAMBE&google_cver=1&gdpr=1&google_hm=2
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
341
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
YVbe2VEe-14l7tFzDBqOsQAABIAAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 670B 		43 B
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/YVbe2VEe-14l7tFzDBqOsQAABIAAAAIB?gdpr_consent=&us_privacy=&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.sfweekly.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.82.100.176 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
pr-bh-ing.pbp.vip.ir2.yahoo.com
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 10:11:37 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
ix
ad4m.at/ad/sim/ Frame 670B 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad4m.at/ad/sim/ix?gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.sfweekly.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.74.129 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
rum
dsum-sec.casalemedia.com/ Frame 670B
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=48&gdpr=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=64&external_user_id=no-consent&expiration=1635675097
43 B
999 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=64&external_user_id=no-consent&expiration=1635675097
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.sfweekly.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 01 Oct 2021 10:11:37 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 01 Oct 2021 10:11:37 GMT

Redirect headers

pragma
no-cache
date
Fri, 01 Oct 2021 10:11:36 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=64&external_user_id=no-consent&expiration=1635675097
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
rum
dsum-sec.casalemedia.com/ Frame 670B
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0&gdpr=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=1&external_user_id=O3wUB2koRQggeRgIaHwMUD0uQgIgeUVXb353ovAZ
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=1&external_user_id=O3wUB2koRQggeRgIaHwMUD0uQgIgeUVXb353ovAZ
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.sfweekly.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 01 Oct 2021 10:11:37 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 01 Oct 2021 10:11:37 GMT

Redirect headers

pragma
no-cache
date
Fri, 01 Oct 2021 10:11:37 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=1&external_user_id=O3wUB2koRQggeRgIaHwMUD0uQgIgeUVXb353ovAZ
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
htw-pixel.gif
js-sec.indexww.com/ht/ Frame 670B 		43 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://js-sec.indexww.com/ht/htw-pixel.gif?YVbe2VEe.14l7tFzDBqOsQAA%261152
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.sfweekly.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 01 Oct 2021 10:11:37 GMT
Last-Modified
Tue, 24 Jan 2017 19:36:04 GMT
Server
Apache
ETag
"da1f1d-2b-546dc3a097100"
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=2854
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/gif
Content-Length
43
Expires
Fri, 01 Oct 2021 10:59:11 GMT
usermatchredir
ssum-sec.casalemedia.com/ Frame EDD6
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YVbe2VEe-14l7tFzDBqOsgAABLkAAAIB&gdpr_consent=&us_privacy=&gdpr=1
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESELtY3YjEt04OSN6JMbF5TNQ&google_cver=1
43 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESELtY3YjEt04OSN6JMbF5TNQ&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.sfweekly.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 01 Oct 2021 10:11:37 GMT
Server
Apache
Vary
Is-Traffic-Usersync
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Fri, 01 Oct 2021 10:11:37 GMT

Redirect headers

pragma
no-cache
date
Fri, 01 Oct 2021 10:11:37 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESELtY3YjEt04OSN6JMbF5TNQ&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
343
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame EDD6
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YVbe2VEe-14l7tFzDBqOsgAABLkAAAIB
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YVbe2VEe-14l7tFzDBqOsgAABLkAAAIB&dcc=t
43 B
645 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YVbe2VEe-14l7tFzDBqOsgAABLkAAAIB&dcc=t
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.sfweekly.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.178.82 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 01 Oct 2021 10:11:37 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
69A92NVKTS2P3NCMVE28
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 01 Oct 2021 10:11:37 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
6AXFDTYRRCN3MGJGYM80
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YVbe2VEe-14l7tFzDBqOsgAABLkAAAIB&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame EDD6 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale?gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.sfweekly.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.242.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a97adde81b00f2ca4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Oct 2021 10:11:37 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
crum
dsum-sec.casalemedia.com/ Frame EDD6
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YVbe2UU77.TBD8FqKu7ekQAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESECXtlUg37X6Z_qTcH2CAMBE&google_cver=1&gdpr=1&google_hm=2
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESECXtlUg37X6Z_qTcH2CAMBE&google_cver=1&gdpr=1&google_hm=2
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.sfweekly.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 01 Oct 2021 10:11:37 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 01 Oct 2021 10:11:37 GMT

Redirect headers

pragma
no-cache
date
Fri, 01 Oct 2021 10:11:37 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESECXtlUg37X6Z_qTcH2CAMBE&google_cver=1&gdpr=1&google_hm=2
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
341
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
match
c1.adform.net/serving/cookie/ Frame EDD6 		0
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c1.adform.net/serving/cookie/match?party=29&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.sfweekly.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.236 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Oct 2021 10:11:37 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
cookiesync
bttrack.com/pixel/ Frame EDD6 		35 B
380 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bttrack.com/pixel/cookiesync?source=67e94f23-25d6-4008-8236-375d1743c2e0&secure=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.sfweekly.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
192.132.33.46 , United States, ASN18568 (BIDTELLECT, US),
Reverse DNS
46.bidtellect.com
Software
Microsoft-IIS/8.5 /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-ServerName
Track002-dc3
Pragma
no-cache
Date
Fri, 01 Oct 2021 10:11:20 GMT
X-AspNetMvc-Version
5.2
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
P3P
CP="CAO DSP COR ADMo DEVo PSAo PSDo HISo IVAo IVDo OUR IND OTC"
Cache-Control
private,no-cache
Content-Type
image/gif
Content-Length
35
Expires
-1
rum
dsum-sec.casalemedia.com/ Frame EDD6
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=48&gdpr=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=64&external_user_id=no-consent&expiration=1635675097
43 B
999 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=64&external_user_id=no-consent&expiration=1635675097
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.sfweekly.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 01 Oct 2021 10:11:37 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 01 Oct 2021 10:11:37 GMT

Redirect headers

pragma
no-cache
date
Fri, 01 Oct 2021 10:11:37 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=64&external_user_id=no-consent&expiration=1635675097
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
sync
ups.analytics.yahoo.com/ups/55940/ Frame EDD6 		0
234 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=YVbe2VEe-14l7tFzDBqOsgAABLkAAAIB&gdpr_consent=&us_privacy=&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.sfweekly.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
18.156.0.31 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-0-31.eu-central-1.compute.amazonaws.com
Software
ATS/7.1.2.138 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 01 Oct 2021 10:11:37 GMT
Server
ATS/7.1.2.138
Connection
keep-alive
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
htw-pixel.gif
js-sec.indexww.com/ht/ Frame EDD6 		43 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://js-sec.indexww.com/ht/htw-pixel.gif?YVbe2VEe.14l7tFzDBqOsgAA%261209
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.sfweekly.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 01 Oct 2021 10:11:37 GMT
Last-Modified
Tue, 24 Jan 2017 19:36:04 GMT
Server
Apache
ETag
"da1f1d-2b-546dc3a097100"
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=2854
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/gif
Content-Length
43
Expires
Fri, 01 Oct 2021 10:59:11 GMT
dcm
s.amazon-adsystem.com/ Frame 5C14
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YVbe2UU77-TBD8FqKu7ekQAABIUAAAAB
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YVbe2UU77-TBD8FqKu7ekQAABIUAAAAB&dcc=t
43 B
645 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YVbe2UU77-TBD8FqKu7ekQAABIUAAAAB&dcc=t
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.sfweekly.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.178.82 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 01 Oct 2021 10:11:37 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
KFXP6PYEQGEHF4YY4G1H
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 01 Oct 2021 10:11:37 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
61K62GWXT3RFE9ZWVJYM
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YVbe2UU77-TBD8FqKu7ekQAABIUAAAAB&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame 5C14 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale?gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.sfweekly.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.242.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a97adde81b00f2ca4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Oct 2021 10:11:37 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
usermatchredir
ssum-sec.casalemedia.com/ Frame 5C14
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YVbe2UU77-TBD8FqKu7ekQAABIUAAAAB&gdpr_consent=&us_privacy=&gdpr=1
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESELtY3YjEt04OSN6JMbF5TNQ&google_cver=1
43 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESELtY3YjEt04OSN6JMbF5TNQ&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.sfweekly.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 01 Oct 2021 10:11:37 GMT
Server
Apache
Vary
Is-Traffic-Usersync
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Fri, 01 Oct 2021 10:11:37 GMT

Redirect headers

pragma
no-cache
date
Fri, 01 Oct 2021 10:11:37 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESELtY3YjEt04OSN6JMbF5TNQ&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
343
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 5C14
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YVbe2UU77.TBD8FqKu7ekQAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESECXtlUg37X6Z_qTcH2CAMBE&google_cver=1&gdpr=1&google_hm=2
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESECXtlUg37X6Z_qTcH2CAMBE&google_cver=1&gdpr=1&google_hm=2
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.sfweekly.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 01 Oct 2021 10:11:37 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 01 Oct 2021 10:11:37 GMT

Redirect headers

pragma
no-cache
date
Fri, 01 Oct 2021 10:11:37 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESECXtlUg37X6Z_qTcH2CAMBE&google_cver=1&gdpr=1&google_hm=2
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
341
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sync
ups.analytics.yahoo.com/ups/55940/ Frame 5C14 		0
234 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=YVbe2UU77-TBD8FqKu7ekQAABIUAAAAB&gdpr_consent=&us_privacy=&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.sfweekly.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
18.156.0.31 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-0-31.eu-central-1.compute.amazonaws.com
Software
ATS/7.1.2.138 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 01 Oct 2021 10:11:37 GMT
Server
ATS/7.1.2.138
Connection
keep-alive
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
crum
dsum-sec.casalemedia.com/ Frame 5C14
Redirect Chain
  • https://sync.extend.tv/r.gif?exchange=index
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=0349c543-d4f2-4d48-a18d-fe35b3213d8e
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=0349c543-d4f2-4d48-a18d-fe35b3213d8e
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.sfweekly.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 01 Oct 2021 10:11:37 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 01 Oct 2021 10:11:37 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 01 Oct 2021 10:11:37 GMT
Access-Control-Allow-Origin
*
Content-Type
text/html; charset=utf-8
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=0349c543-d4f2-4d48-a18d-fe35b3213d8e
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
132
Expires
Tue, 29 May 1984 15:00:00 GMT
sync
x.bidswitch.net/ Frame 5C14 		43 B
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=index&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.sfweekly.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.184.35.118 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-184-35-118.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 10:11:37 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
CookieIndex
rtb.adentifi.com/ Frame 5C14 		0
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.adentifi.com/CookieIndex
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.sfweekly.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.55.122.95 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-55-122-95.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Connection
keep-alive
Content-Length
0
Content-Type
text/plain
htw-pixel.gif
js-sec.indexww.com/ht/ Frame 5C14 		43 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://js-sec.indexww.com/ht/htw-pixel.gif?YVbe2UU77.TBD8FqKu7ekQAA%261157
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://www.sfweekly.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 01 Oct 2021 10:11:37 GMT
Last-Modified
Tue, 24 Jan 2017 19:36:04 GMT
Server
Apache
ETag
"da1f1d-2b-546dc3a097100"
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=2854
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/gif
Content-Length
43
Expires
Fri, 01 Oct 2021 10:59:11 GMT
async_usersync
ib.adnxs.com/ Frame 5A7F 		0
578 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.37 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
691.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 01 Oct 2021 10:11:38 GMT
X-Proxy-Origin
216.131.111.45; 216.131.111.45; 691.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
8387cfe0-a420-4eab-a6f9-a33b8b8b4fdd
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame D026 		0
578 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.37 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
691.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 01 Oct 2021 10:11:38 GMT
X-Proxy-Origin
216.131.111.45; 216.131.111.45; 691.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
f8e8d053-d217-4554-9080-e7888969fc53
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame DDD3 		0
578 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.37 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
691.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 01 Oct 2021 10:11:38 GMT
X-Proxy-Origin
216.131.111.45; 216.131.111.45; 691.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
9f2f17fa-3f0b-4c14-89ce-b03505ece050
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 63DC 		0
578 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.37 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
691.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 01 Oct 2021 10:11:38 GMT
X-Proxy-Origin
216.131.111.45; 216.131.111.45; 691.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
e9b031e7-374d-47ac-9905-fff9b8ca4aa1
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
SPug
simage4.pubmatic.com/AdServer/ Frame C902 		0
260 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=157577&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.81 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 10:11:39 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
/
googleads.g.doubleclick.net/pagead/interaction/ Frame 975E 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=CNMIS1N5WYZCgFOrd7_UP48SdsAX8iPeHYpH5h6TfDb_hHhABILfTnHpgleKQgqAHoAGaiPX0AsgBCakCROHQ7MBssz7gAgCoAwHIAwiqBK8CT9DP9tJIsuxcNzvGyztpsfMqNEtQdF_vltKt0DXCc1i6CY7xZCnthu9xDnZqjLsuhXHQzvSWulUX8udl0oP1Ku3OwIs-qKpJEBOtarnp7KaQ34KFJCSNWfbFXxv5IJjNUUxy_dvwWY_ZtKQyfmk9g7ou7jVow8QxxYViDVYee658l3fQjr-A7OI1zc2tgCSqU26aKUeAMiF-m9jVIE6Z_D9zsyPUvt3Ua-Obqwqe8UGj_6JpoxsvcjwTk_PKXRM2Nr5UHxOp6BT3SeiHDJaj5WUby50xuFDK09ATDzTA4JmhsH2YPbcbLXqX3lyzZziZzOpz2YIUDp_G06cAlB6K5ztqujhO11tZiSxXjPT6ZmA6GyBYQAsXv7Kr1H2iC4YsChisaUU_nW30KE0aGwa8wASZrLCrvQPgBAGgBi6AB873iosBqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAkIiOGAEBABGB2xCQlqBy5b4wcQgAoDmAsByAsBgAwBuAwB2BMDiBQD0BUBgBcB&sigh=Lg1YURryNms&cid=CAQSPwCNIrLMnIeOtvjx4hsqJbzGHIwle5koeOQqSJUwnKvfDWuAQzub5mAUkT3jFMwGRamVIv8G3XZyTg59p_eKtg&label=videoplaytime25
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://8f4b3a34c719de7bcf70047dfa1b93cb.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Oct 2021 10:11:39 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame C327 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=58368675&p=157577&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.115 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
b171a639a2e99452a0f67fcc8a30f1ef2207b79f87eea3749dd4d4c93736e3d1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 10:11:40 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
1352
content-type
text/html; charset=UTF-8
PugMaster
image6.pubmatic.com/AdServer/ Frame F5D4 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=64155286&p=157577&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.115 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
b171a639a2e99452a0f67fcc8a30f1ef2207b79f87eea3749dd4d4c93736e3d1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 10:11:39 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
1352
content-type
text/html; charset=UTF-8
PugMaster
image6.pubmatic.com/AdServer/ Frame EDA7 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=25609122&p=157577&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.115 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
b171a639a2e99452a0f67fcc8a30f1ef2207b79f87eea3749dd4d4c93736e3d1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 10:11:38 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
1352
content-type
text/html; charset=UTF-8
Pug
simage2.pubmatic.com/AdServer/ Frame 75C2
Redirect Chain
  • https://match.bnmla.com/usersync?sspid=10738&redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3NzUmdGw9MTI5NjAw%26piggybackCookie%3D%5BUUID%5D
  • https://um.simpli.fi/match_redirect?sifi_redir=https%3A%2F%2Fmatch.bnmla.com%2Fusersync%3Fdspid%3D6%26uuid%3D%24UID
  • https://match.bnmla.com/usersync?dspid=6&uuid=E45975EBD15D458C8D63926C4697E0BE
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NzUmdGw9MTI5NjAw&piggybackCookie=6fe1ad76-b777-42db-b78d-6e7413220bdb
42 B
110 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NzUmdGw9MTI5NjAw&piggybackCookie=6fe1ad76-b777-42db-b78d-6e7413220bdb
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

:method
GET
:authority
simage2.pubmatic.com
:scheme
https
:path
/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NzUmdGw9MTI5NjAw&piggybackCookie=6fe1ad76-b777-42db-b78d-6e7413220bdb
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
cookie
KADUSERCOOKIE=F81EBD4E-0CF0-45F5-92DA-18DBAAD0E44A; KRTBCOOKIE_57=22776-8024006013844445723; PUBMDCID=3; KRTBCOOKIE_80=22987-CAESEKyG5vFjqM23fQR1kCnWnYo&KRTB&16514-CAESEKyG5vFjqM23fQR1kCnWnYo&KRTB&23025-CAESEKyG5vFjqM23fQR1kCnWnYo; KRTBCOOKIE_409=22966-2aZSAGWS8llKICBlqJhRXktD; KRTBCOOKIE_153=19420-oQObpvNXyqm6Bpep8gOD8adRzaO6Bsr29QE0PtTL&KRTB&22979-oQObpvNXyqm6Bpep8gOD8adRzaO6Bsr29QE0PtTL; KRTBCOOKIE_1101=23040-7014038493271226508; KRTBCOOKIE_377=6810-117b351e-56e1-4502-abfd-e86c5570ad18&KRTB&22918-117b351e-56e1-4502-abfd-e86c5570ad18&KRTB&23031-117b351e-56e1-4502-abfd-e86c5570ad18; KRTBCOOKIE_27=16735-uid:57de6156-ded5-4200-bf94-c7d95625e804&KRTB&16736-uid:57de6156-ded5-4200-bf94-c7d95625e804&KRTB&23019-uid:57de6156-ded5-4200-bf94-c7d95625e804&KRTB&23114-uid:57de6156-ded5-4200-bf94-c7d95625e804; KRTBCOOKIE_391=22924-6820726720678911436&KRTB&23263-6820726720678911436; KRTBCOOKIE_336=5844-9169346895279784238; KRTBCOOKIE_594=17105-RX-51300f6b-ba71-4745-9193-d0880a824dcf-003&KRTB&17107-RX-51300f6b-ba71-4745-9193-d0880a824dcf-003; KRTBCOOKIE_22=14911-8354336131457789763; KRTBCOOKIE_188=3189-69bce38d-da38-4741-b143-da81c49889cb-6156ded9-5553; KRTBCOOKIE_218=22978-YVbe2QAFvmUTsAA6&KRTB&23194-YVbe2QAFvmUTsAA6&KRTB&23209-YVbe2QAFvmUTsAA6&KRTB&23244-YVbe2QAFvmUTsAA6; KRTBCOOKIE_466=16530-800f4375-b8b2-4cf7-9f2c-0b1fb371fc3f; KRTBCOOKIE_699=22727-AAEYRk7Crb4AABSSK-ZW0Q; KRTBCOOKIE_279=22890-f6c9d721-229f-11ec-aa16-4dbb093d86b7&KRTB&23011-f6c9d721-229f-11ec-aa16-4dbb093d86b7; SPugT=1633083099; chkChromeAb67Sec=6; DPSync3=1634256000%3A221_226_227_235_201_197_219%7C1633132800%3A174; SyncRTB3=1634256000%3A71_231_88_230_176_81_189_3_54_99_7_166_233_165_56_55_104_8_234_222_13_161_5_57_21_22_220_204%7C1634342400%3A35%7C1638230400%3A69%7C1635638400%3A203%7C1633651200%3A223_15_2%7C1633910400%3A63; KRTBCOOKIE_107=1471-uid:EKJVDsTh1Mwfw05; KRTBCOOKIE_860=16335-vEVXBdemTeJCOPMaZ0f6LdiDby0; PugT=1633083099
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Fri, 01 Oct 2021 10:11:39 GMT
content-type
image/gif; charset=utf-8
content-length
42
set-cookie
PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Thu, 30-Dec-2021 10:11:39 GMT; path=/
x-lat
amspug004:0:310
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

Server
nginx
Date
Fri, 01 Oct 2021 10:11:40 GMT
Content-Length
0
Connection
keep-alive
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NzUmdGw9MTI5NjAw&piggybackCookie=6fe1ad76-b777-42db-b78d-6e7413220bdb
Pug
simage2.pubmatic.com/AdServer/ Frame 5A05
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:EKJVDsTh1Mwfw05&gdpr=0&gdpr_consent=
42 B
113 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:EKJVDsTh1Mwfw05&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

:method
GET
:authority
simage2.pubmatic.com
:scheme
https
:path
/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:EKJVDsTh1Mwfw05&gdpr=0&gdpr_consent=
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
cookie
KADUSERCOOKIE=F81EBD4E-0CF0-45F5-92DA-18DBAAD0E44A; KRTBCOOKIE_57=22776-8024006013844445723; PUBMDCID=3; KRTBCOOKIE_80=22987-CAESEKyG5vFjqM23fQR1kCnWnYo&KRTB&16514-CAESEKyG5vFjqM23fQR1kCnWnYo&KRTB&23025-CAESEKyG5vFjqM23fQR1kCnWnYo; KRTBCOOKIE_409=22966-2aZSAGWS8llKICBlqJhRXktD; KRTBCOOKIE_153=19420-oQObpvNXyqm6Bpep8gOD8adRzaO6Bsr29QE0PtTL&KRTB&22979-oQObpvNXyqm6Bpep8gOD8adRzaO6Bsr29QE0PtTL; KRTBCOOKIE_1101=23040-7014038493271226508; KRTBCOOKIE_377=6810-117b351e-56e1-4502-abfd-e86c5570ad18&KRTB&22918-117b351e-56e1-4502-abfd-e86c5570ad18&KRTB&23031-117b351e-56e1-4502-abfd-e86c5570ad18; KRTBCOOKIE_27=16735-uid:57de6156-ded5-4200-bf94-c7d95625e804&KRTB&16736-uid:57de6156-ded5-4200-bf94-c7d95625e804&KRTB&23019-uid:57de6156-ded5-4200-bf94-c7d95625e804&KRTB&23114-uid:57de6156-ded5-4200-bf94-c7d95625e804; KRTBCOOKIE_391=22924-6820726720678911436&KRTB&23263-6820726720678911436; KRTBCOOKIE_336=5844-9169346895279784238; KRTBCOOKIE_594=17105-RX-51300f6b-ba71-4745-9193-d0880a824dcf-003&KRTB&17107-RX-51300f6b-ba71-4745-9193-d0880a824dcf-003; KRTBCOOKIE_22=14911-8354336131457789763; KRTBCOOKIE_188=3189-69bce38d-da38-4741-b143-da81c49889cb-6156ded9-5553; KRTBCOOKIE_218=22978-YVbe2QAFvmUTsAA6&KRTB&23194-YVbe2QAFvmUTsAA6&KRTB&23209-YVbe2QAFvmUTsAA6&KRTB&23244-YVbe2QAFvmUTsAA6; KRTBCOOKIE_466=16530-800f4375-b8b2-4cf7-9f2c-0b1fb371fc3f; KRTBCOOKIE_699=22727-AAEYRk7Crb4AABSSK-ZW0Q; KRTBCOOKIE_279=22890-f6c9d721-229f-11ec-aa16-4dbb093d86b7&KRTB&23011-f6c9d721-229f-11ec-aa16-4dbb093d86b7; PugT=1633083096; SPugT=1633083099; chkChromeAb67Sec=6; DPSync3=1634256000%3A221_226_227_235_201_197_219%7C1633132800%3A174; SyncRTB3=1634256000%3A71_231_88_230_176_81_189_3_54_99_7_166_233_165_56_55_104_8_234_222_13_161_5_57_21_22_220_204%7C1634342400%3A35%7C1638230400%3A69%7C1635638400%3A203%7C1633651200%3A223_15_2%7C1633910400%3A63
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Fri, 01 Oct 2021 10:11:39 GMT
content-type
image/gif; charset=utf-8
content-length
42
set-cookie
KRTBCOOKIE_107=1471-uid:EKJVDsTh1Mwfw05; domain=pubmatic.com; SameSite=None; secure; expires=Thu, 30-Dec-2021 10:11:39 GMT; path=/ PugT=1633083099; domain=pubmatic.com; SameSite=None; secure; expires=Sun, 31-Oct-2021 10:11:39 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Thu, 30-Dec-2021 10:11:39 GMT; path=/
x-lat
amspug009:0:2534
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

Cache-Control
no-cache, must-revalidate
Date
Fri, 01 Oct 2021 10:11:39 GMT
Expires
Fri, 01 Jan 1990 00:00:00 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:EKJVDsTh1Mwfw05&gdpr=0&gdpr_consent=
P3P
policyref="https://cts.w55c.net/ct/p3p_policy_ref.xml", CP="UNI PUR COM INT STA OTC STP OUR CUR TAIo COR DSP NOI"
Pragma
no-cache
Server
PingMatch/8a430fa#rel-ec2-master i-0ab67c5d8ba5329d8@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Set-Cookie
wfivefivec=EKJVDsTh1Mwfw05; Domain=.w55c.net; Expires=Tue, 01-Nov-2022 10:11:40 GMT; Path=/; SameSite=None; Secure matchpubmatic=5; Domain=.w55c.net; Expires=Sun, 31-Oct-2021 10:11:40 GMT; Path=/; SameSite=None; Secure
Strict-Transport-Security
max-age=2592000; includeSubDomains
Content-Length
0
Connection
keep-alive
Pug
simage2.pubmatic.com/AdServer/ Frame 4C8F
Redirect Chain
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:E45975EBD15D458C8D63926C4697E0BE
1 B
144 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:E45975EBD15D458C8D63926C4697E0BE
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

:method
GET
:authority
simage2.pubmatic.com
:scheme
https
:path
/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:E45975EBD15D458C8D63926C4697E0BE
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
cookie
KADUSERCOOKIE=F81EBD4E-0CF0-45F5-92DA-18DBAAD0E44A; KRTBCOOKIE_57=22776-8024006013844445723; PUBMDCID=3; KRTBCOOKIE_80=22987-CAESEKyG5vFjqM23fQR1kCnWnYo&KRTB&16514-CAESEKyG5vFjqM23fQR1kCnWnYo&KRTB&23025-CAESEKyG5vFjqM23fQR1kCnWnYo; KRTBCOOKIE_409=22966-2aZSAGWS8llKICBlqJhRXktD; KRTBCOOKIE_153=19420-oQObpvNXyqm6Bpep8gOD8adRzaO6Bsr29QE0PtTL&KRTB&22979-oQObpvNXyqm6Bpep8gOD8adRzaO6Bsr29QE0PtTL; KRTBCOOKIE_1101=23040-7014038493271226508; KRTBCOOKIE_377=6810-117b351e-56e1-4502-abfd-e86c5570ad18&KRTB&22918-117b351e-56e1-4502-abfd-e86c5570ad18&KRTB&23031-117b351e-56e1-4502-abfd-e86c5570ad18; KRTBCOOKIE_27=16735-uid:57de6156-ded5-4200-bf94-c7d95625e804&KRTB&16736-uid:57de6156-ded5-4200-bf94-c7d95625e804&KRTB&23019-uid:57de6156-ded5-4200-bf94-c7d95625e804&KRTB&23114-uid:57de6156-ded5-4200-bf94-c7d95625e804; KRTBCOOKIE_391=22924-6820726720678911436&KRTB&23263-6820726720678911436; KRTBCOOKIE_336=5844-9169346895279784238; KRTBCOOKIE_594=17105-RX-51300f6b-ba71-4745-9193-d0880a824dcf-003&KRTB&17107-RX-51300f6b-ba71-4745-9193-d0880a824dcf-003; KRTBCOOKIE_22=14911-8354336131457789763; KRTBCOOKIE_188=3189-69bce38d-da38-4741-b143-da81c49889cb-6156ded9-5553; KRTBCOOKIE_218=22978-YVbe2QAFvmUTsAA6&KRTB&23194-YVbe2QAFvmUTsAA6&KRTB&23209-YVbe2QAFvmUTsAA6&KRTB&23244-YVbe2QAFvmUTsAA6; KRTBCOOKIE_466=16530-800f4375-b8b2-4cf7-9f2c-0b1fb371fc3f; KRTBCOOKIE_699=22727-AAEYRk7Crb4AABSSK-ZW0Q; KRTBCOOKIE_279=22890-f6c9d721-229f-11ec-aa16-4dbb093d86b7&KRTB&23011-f6c9d721-229f-11ec-aa16-4dbb093d86b7; PugT=1633083096; SPugT=1633083099; chkChromeAb67Sec=6; DPSync3=1634256000%3A221_226_227_235_201_197_219%7C1633132800%3A174; SyncRTB3=1634256000%3A71_231_88_230_176_81_189_3_54_99_7_166_233_165_56_55_104_8_234_222_13_161_5_57_21_22_220_204%7C1634342400%3A35%7C1638230400%3A69%7C1635638400%3A203%7C1633651200%3A223_15_2%7C1633910400%3A63
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Fri, 01 Oct 2021 10:11:39 GMT
content-type
text/html; charset=utf-8
content-length
1
set-cookie
PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Thu, 30-Dec-2021 10:11:39 GMT; path=/
x-lat
amspug015:0:370
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

server
openresty
date
Fri, 01 Oct 2021 10:11:40 GMT
content-type
text/html
content-length
142
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:E45975EBD15D458C8D63926C4697E0BE
expires
Thu, 30 Sep 2021 10:11:40 GMT
cache-control
no-cache
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
access-control-allow-origin
*
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Pug
simage2.pubmatic.com/AdServer/ Frame CF84
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=11
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=sVmbgO7ZRUJkVaSIRmofRNiDby0
42 B
218 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=sVmbgO7ZRUJkVaSIRmofRNiDby0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

:method
GET
:authority
simage2.pubmatic.com
:scheme
https
:path
/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=sVmbgO7ZRUJkVaSIRmofRNiDby0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
cookie
KADUSERCOOKIE=F81EBD4E-0CF0-45F5-92DA-18DBAAD0E44A; KRTBCOOKIE_57=22776-8024006013844445723; PUBMDCID=3; KRTBCOOKIE_80=22987-CAESEKyG5vFjqM23fQR1kCnWnYo&KRTB&16514-CAESEKyG5vFjqM23fQR1kCnWnYo&KRTB&23025-CAESEKyG5vFjqM23fQR1kCnWnYo; KRTBCOOKIE_409=22966-2aZSAGWS8llKICBlqJhRXktD; KRTBCOOKIE_153=19420-oQObpvNXyqm6Bpep8gOD8adRzaO6Bsr29QE0PtTL&KRTB&22979-oQObpvNXyqm6Bpep8gOD8adRzaO6Bsr29QE0PtTL; KRTBCOOKIE_1101=23040-7014038493271226508; KRTBCOOKIE_377=6810-117b351e-56e1-4502-abfd-e86c5570ad18&KRTB&22918-117b351e-56e1-4502-abfd-e86c5570ad18&KRTB&23031-117b351e-56e1-4502-abfd-e86c5570ad18; KRTBCOOKIE_27=16735-uid:57de6156-ded5-4200-bf94-c7d95625e804&KRTB&16736-uid:57de6156-ded5-4200-bf94-c7d95625e804&KRTB&23019-uid:57de6156-ded5-4200-bf94-c7d95625e804&KRTB&23114-uid:57de6156-ded5-4200-bf94-c7d95625e804; KRTBCOOKIE_391=22924-6820726720678911436&KRTB&23263-6820726720678911436; KRTBCOOKIE_336=5844-9169346895279784238; KRTBCOOKIE_594=17105-RX-51300f6b-ba71-4745-9193-d0880a824dcf-003&KRTB&17107-RX-51300f6b-ba71-4745-9193-d0880a824dcf-003; KRTBCOOKIE_22=14911-8354336131457789763; KRTBCOOKIE_188=3189-69bce38d-da38-4741-b143-da81c49889cb-6156ded9-5553; KRTBCOOKIE_218=22978-YVbe2QAFvmUTsAA6&KRTB&23194-YVbe2QAFvmUTsAA6&KRTB&23209-YVbe2QAFvmUTsAA6&KRTB&23244-YVbe2QAFvmUTsAA6; KRTBCOOKIE_466=16530-800f4375-b8b2-4cf7-9f2c-0b1fb371fc3f; KRTBCOOKIE_699=22727-AAEYRk7Crb4AABSSK-ZW0Q; KRTBCOOKIE_279=22890-f6c9d721-229f-11ec-aa16-4dbb093d86b7&KRTB&23011-f6c9d721-229f-11ec-aa16-4dbb093d86b7; SPugT=1633083099; chkChromeAb67Sec=6; DPSync3=1634256000%3A221_226_227_235_201_197_219%7C1633132800%3A174; SyncRTB3=1634256000%3A71_231_88_230_176_81_189_3_54_99_7_166_233_165_56_55_104_8_234_222_13_161_5_57_21_22_220_204%7C1634342400%3A35%7C1638230400%3A69%7C1635638400%3A203%7C1633651200%3A223_15_2%7C1633910400%3A63; KRTBCOOKIE_107=1471-uid:EKJVDsTh1Mwfw05; PugT=1633083099
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Fri, 01 Oct 2021 10:11:39 GMT
content-type
image/gif; charset=utf-8
content-length
42
set-cookie
KRTBCOOKIE_860=16335-sVmbgO7ZRUJkVaSIRmofRNiDby0; domain=pubmatic.com; SameSite=None; secure; expires=Thu, 30-Dec-2021 10:11:39 GMT; path=/ PugT=1633083099; domain=pubmatic.com; SameSite=None; secure; expires=Sun, 31-Oct-2021 10:11:39 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Thu, 30-Dec-2021 10:11:39 GMT; path=/
x-lat
amspug013:0:436
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

Content-Type
text/html; charset=utf-8
Date
Fri, 01 Oct 2021 10:11:40 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=sVmbgO7ZRUJkVaSIRmofRNiDby0
Set-Cookie
sa-user-id=s%3A0-b1599b80-eed9-4542-6455-a488466a1f44.8VKDtm3fX5OWmw93CqrNe9UFmSIinykF588aC8%2B2eok; Max-Age=31536000; Secure; SameSite=None sa-user-id-v2=s%3A0-b1599b80-eed9-4542-6455-a488466a1f44%24ip%24216.131.111.45.Yo%2BovOh0i%2FXWvCdDdQ9wnStgpTLzF9nPsaRG9XoWzyw; Domain=srv.stackadapt.com; Max-Age=31536000; Secure; SameSite=None
Content-Length
159
Connection
keep-alive
Artemis
aud.pubmatic.com/AdServer/ Frame C327
Redirect Chain
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=F81EBD4E-0CF0-45F5-92DA-18DBAAD0E44A&gdpr=
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=F81EBD4E-0CF0-45F5-92DA-18DBAAD0E44A&gdpr=&fbounce=1
  • https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=F81EBD4E-0CF0-45F5-92DA-18DBAAD0E44A&addseg=19,36,42
43 B
43 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=F81EBD4E-0CF0-45F5-92DA-18DBAAD0E44A&addseg=19,36,42
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.229 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 10:11:40 GMT
content-length
43
content-type
text/plain; charset=utf-8

Redirect headers

date
Fri, 01 Oct 2021 10:11:40 GMT
via
1.1 google
p3p
CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
location
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=F81EBD4E-0CF0-45F5-92DA-18DBAAD0E44A&addseg=19,36,42
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-type
text/html; charset=utf-8
alt-svc
clear
content-length
141
info2
uipglob.semasio.net/pubmatic/1/ Frame C327
Redirect Chain
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=F81EBD4E-0CF0-45F5-92DA-18DBAAD0E44A&sInitiator=external&gdpr=0&gdpr_consent=
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=F81EBD4E-0CF0-45F5-92DA-18DBAAD0E44A&sInitiator=external&gdpr=0&gdpr_consent=
42 B
603 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=F81EBD4E-0CF0-45F5-92DA-18DBAAD0E44A&sInitiator=external&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
77.243.60.138 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Oct 2021 10:11:38 GMT
frontend-id
2
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
access-control-allow-origin
*
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
image/gif
content-length
42
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 01 Oct 2021 10:11:38 GMT
frontend-id
2
location
/pubmatic/1/info2?sType=sync&sExtCookieId=F81EBD4E-0CF0-45F5-92DA-18DBAAD0E44A&sInitiator=external&gdpr=0&gdpr_consent=
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
access-control-allow-origin
*
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
0
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT
mw
mwzeom.zeotap.com/ Frame C327 		95 B
233 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&gdpr=0&gdpr_consent=&cid=F81EBD4E-0CF0-45F5-92DA-18DBAAD0E44A
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.13.182 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 10:11:40 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://ads.pubmatic.com
access-control-allow-credentials
true
cf-ray
6974e880cb902157-DUS
access-control-allow-headers
*
content-length
95
p
a.audrte.com/ Frame C327
Redirect Chain
  • https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=F81EBD4E-0CF0-45F5-92DA-18DBAAD0E44A
  • https://a.audrte.com/p
68 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.audrte.com/p
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.213.248.174 -, , ASN (),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 01 Oct 2021 10:11:40 GMT
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
68

Redirect headers

Date
Fri, 01 Oct 2021 10:11:40 GMT
Server
nginx/1.18.0
Access-Control-Allow-Origin
*
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Location
https://a.audrte.com:443/p
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
Artemis
aud.pubmatic.com/AdServer/ Frame F5D4
Redirect Chain
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=F81EBD4E-0CF0-45F5-92DA-18DBAAD0E44A&gdpr=
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=F81EBD4E-0CF0-45F5-92DA-18DBAAD0E44A&gdpr=&fbounce=1
  • https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=F81EBD4E-0CF0-45F5-92DA-18DBAAD0E44A&addseg=19,36,42
43 B
43 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=F81EBD4E-0CF0-45F5-92DA-18DBAAD0E44A&addseg=19,36,42
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.229 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 10:11:40 GMT
content-length
43
content-type
text/plain; charset=utf-8

Redirect headers

date
Fri, 01 Oct 2021 10:11:40 GMT
via
1.1 google
p3p
CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
location
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=F81EBD4E-0CF0-45F5-92DA-18DBAAD0E44A&addseg=19,36,42
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-type
text/html; charset=utf-8
alt-svc
clear
content-length
141
info2
uipglob.semasio.net/pubmatic/1/ Frame F5D4
Redirect Chain
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=F81EBD4E-0CF0-45F5-92DA-18DBAAD0E44A&sInitiator=external&gdpr=0&gdpr_consent=
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=F81EBD4E-0CF0-45F5-92DA-18DBAAD0E44A&sInitiator=external&gdpr=0&gdpr_consent=
42 B
603 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=F81EBD4E-0CF0-45F5-92DA-18DBAAD0E44A&sInitiator=external&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
77.243.60.138 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Oct 2021 10:11:38 GMT
frontend-id
1
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
access-control-allow-origin
*
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
image/gif
content-length
42
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 01 Oct 2021 10:11:38 GMT
frontend-id
7
location
/pubmatic/1/info2?sType=sync&sExtCookieId=F81EBD4E-0CF0-45F5-92DA-18DBAAD0E44A&sInitiator=external&gdpr=0&gdpr_consent=
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
access-control-allow-origin
*
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
0
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT
mw
mwzeom.zeotap.com/ Frame F5D4 		95 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&gdpr=0&gdpr_consent=&cid=F81EBD4E-0CF0-45F5-92DA-18DBAAD0E44A
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.13.182 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 10:11:40 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://ads.pubmatic.com
access-control-allow-credentials
true
cf-ray
6974e880cb912157-DUS
access-control-allow-headers
*
content-length
95
p
a.audrte.com/ Frame F5D4
Redirect Chain
  • https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=F81EBD4E-0CF0-45F5-92DA-18DBAAD0E44A
  • https://a.audrte.com/p
68 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.audrte.com/p
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.213.248.174 -, , ASN (),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 01 Oct 2021 10:11:40 GMT
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
68

Redirect headers

Date
Fri, 01 Oct 2021 10:11:40 GMT
Server
nginx/1.18.0
Access-Control-Allow-Origin
*
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Location
https://a.audrte.com:443/p
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
Pug
simage2.pubmatic.com/AdServer/ Frame 3667
Redirect Chain
  • https://match.bnmla.com/usersync?sspid=10738&redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3NzUmdGw9MTI5NjAw%26piggybackCookie%3D%5BUUID%5D
  • https://um.simpli.fi/match_redirect?sifi_redir=https%3A%2F%2Fmatch.bnmla.com%2Fusersync%3Fdspid%3D6%26uuid%3D%24UID
  • https://match.bnmla.com/usersync?dspid=6&uuid=E45975EBD15D458C8D63926C4697E0BE
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NzUmdGw9MTI5NjAw&piggybackCookie=6fe1ad76-b777-42db-b78d-6e7413220bdb
42 B
110 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NzUmdGw9MTI5NjAw&piggybackCookie=6fe1ad76-b777-42db-b78d-6e7413220bdb
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

:method
GET
:authority
simage2.pubmatic.com
:scheme
https
:path
/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NzUmdGw9MTI5NjAw&piggybackCookie=6fe1ad76-b777-42db-b78d-6e7413220bdb
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
cookie
KADUSERCOOKIE=F81EBD4E-0CF0-45F5-92DA-18DBAAD0E44A; KRTBCOOKIE_57=22776-8024006013844445723; PUBMDCID=3; KRTBCOOKIE_80=22987-CAESEKyG5vFjqM23fQR1kCnWnYo&KRTB&16514-CAESEKyG5vFjqM23fQR1kCnWnYo&KRTB&23025-CAESEKyG5vFjqM23fQR1kCnWnYo; KRTBCOOKIE_409=22966-2aZSAGWS8llKICBlqJhRXktD; KRTBCOOKIE_153=19420-oQObpvNXyqm6Bpep8gOD8adRzaO6Bsr29QE0PtTL&KRTB&22979-oQObpvNXyqm6Bpep8gOD8adRzaO6Bsr29QE0PtTL; KRTBCOOKIE_1101=23040-7014038493271226508; KRTBCOOKIE_377=6810-117b351e-56e1-4502-abfd-e86c5570ad18&KRTB&22918-117b351e-56e1-4502-abfd-e86c5570ad18&KRTB&23031-117b351e-56e1-4502-abfd-e86c5570ad18; KRTBCOOKIE_27=16735-uid:57de6156-ded5-4200-bf94-c7d95625e804&KRTB&16736-uid:57de6156-ded5-4200-bf94-c7d95625e804&KRTB&23019-uid:57de6156-ded5-4200-bf94-c7d95625e804&KRTB&23114-uid:57de6156-ded5-4200-bf94-c7d95625e804; KRTBCOOKIE_391=22924-6820726720678911436&KRTB&23263-6820726720678911436; KRTBCOOKIE_336=5844-9169346895279784238; KRTBCOOKIE_594=17105-RX-51300f6b-ba71-4745-9193-d0880a824dcf-003&KRTB&17107-RX-51300f6b-ba71-4745-9193-d0880a824dcf-003; KRTBCOOKIE_22=14911-8354336131457789763; KRTBCOOKIE_188=3189-69bce38d-da38-4741-b143-da81c49889cb-6156ded9-5553; KRTBCOOKIE_218=22978-YVbe2QAFvmUTsAA6&KRTB&23194-YVbe2QAFvmUTsAA6&KRTB&23209-YVbe2QAFvmUTsAA6&KRTB&23244-YVbe2QAFvmUTsAA6; KRTBCOOKIE_466=16530-800f4375-b8b2-4cf7-9f2c-0b1fb371fc3f; KRTBCOOKIE_699=22727-AAEYRk7Crb4AABSSK-ZW0Q; KRTBCOOKIE_279=22890-f6c9d721-229f-11ec-aa16-4dbb093d86b7&KRTB&23011-f6c9d721-229f-11ec-aa16-4dbb093d86b7; SPugT=1633083099; chkChromeAb67Sec=6; DPSync3=1634256000%3A221_226_227_235_201_197_219%7C1633132800%3A174; SyncRTB3=1634256000%3A71_231_88_230_176_81_189_3_54_99_7_166_233_165_56_55_104_8_234_222_13_161_5_57_21_22_220_204%7C1634342400%3A35%7C1638230400%3A69%7C1635638400%3A203%7C1633651200%3A223_15_2%7C1633910400%3A63; KRTBCOOKIE_107=1471-uid:EKJVDsTh1Mwfw05; KRTBCOOKIE_860=16335-vEVXBdemTeJCOPMaZ0f6LdiDby0; PugT=1633083099
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Fri, 01 Oct 2021 10:11:39 GMT
content-type
image/gif; charset=utf-8
content-length
42
set-cookie
PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Thu, 30-Dec-2021 10:11:39 GMT; path=/
x-lat
amspug005:0:458
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

Server
nginx
Date
Fri, 01 Oct 2021 10:11:40 GMT
Content-Length
0
Connection
keep-alive
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NzUmdGw9MTI5NjAw&piggybackCookie=6fe1ad76-b777-42db-b78d-6e7413220bdb
Pug
simage2.pubmatic.com/AdServer/ Frame 6C68
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:EKJVDsTh1Mwfw05&gdpr=0&gdpr_consent=
42 B
290 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:EKJVDsTh1Mwfw05&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

:method
GET
:authority
simage2.pubmatic.com
:scheme
https
:path
/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:EKJVDsTh1Mwfw05&gdpr=0&gdpr_consent=
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
cookie
KADUSERCOOKIE=F81EBD4E-0CF0-45F5-92DA-18DBAAD0E44A; KRTBCOOKIE_57=22776-8024006013844445723; PUBMDCID=3; KRTBCOOKIE_80=22987-CAESEKyG5vFjqM23fQR1kCnWnYo&KRTB&16514-CAESEKyG5vFjqM23fQR1kCnWnYo&KRTB&23025-CAESEKyG5vFjqM23fQR1kCnWnYo; KRTBCOOKIE_409=22966-2aZSAGWS8llKICBlqJhRXktD; KRTBCOOKIE_153=19420-oQObpvNXyqm6Bpep8gOD8adRzaO6Bsr29QE0PtTL&KRTB&22979-oQObpvNXyqm6Bpep8gOD8adRzaO6Bsr29QE0PtTL; KRTBCOOKIE_1101=23040-7014038493271226508; KRTBCOOKIE_377=6810-117b351e-56e1-4502-abfd-e86c5570ad18&KRTB&22918-117b351e-56e1-4502-abfd-e86c5570ad18&KRTB&23031-117b351e-56e1-4502-abfd-e86c5570ad18; KRTBCOOKIE_27=16735-uid:57de6156-ded5-4200-bf94-c7d95625e804&KRTB&16736-uid:57de6156-ded5-4200-bf94-c7d95625e804&KRTB&23019-uid:57de6156-ded5-4200-bf94-c7d95625e804&KRTB&23114-uid:57de6156-ded5-4200-bf94-c7d95625e804; KRTBCOOKIE_391=22924-6820726720678911436&KRTB&23263-6820726720678911436; KRTBCOOKIE_336=5844-9169346895279784238; KRTBCOOKIE_594=17105-RX-51300f6b-ba71-4745-9193-d0880a824dcf-003&KRTB&17107-RX-51300f6b-ba71-4745-9193-d0880a824dcf-003; KRTBCOOKIE_22=14911-8354336131457789763; KRTBCOOKIE_188=3189-69bce38d-da38-4741-b143-da81c49889cb-6156ded9-5553; KRTBCOOKIE_218=22978-YVbe2QAFvmUTsAA6&KRTB&23194-YVbe2QAFvmUTsAA6&KRTB&23209-YVbe2QAFvmUTsAA6&KRTB&23244-YVbe2QAFvmUTsAA6; KRTBCOOKIE_466=16530-800f4375-b8b2-4cf7-9f2c-0b1fb371fc3f; KRTBCOOKIE_699=22727-AAEYRk7Crb4AABSSK-ZW0Q; KRTBCOOKIE_279=22890-f6c9d721-229f-11ec-aa16-4dbb093d86b7&KRTB&23011-f6c9d721-229f-11ec-aa16-4dbb093d86b7; PugT=1633083096; SPugT=1633083099; chkChromeAb67Sec=6; DPSync3=1634256000%3A221_226_227_235_201_197_219%7C1633132800%3A174; SyncRTB3=1634256000%3A71_231_88_230_176_81_189_3_54_99_7_166_233_165_56_55_104_8_234_222_13_161_5_57_21_22_220_204%7C1634342400%3A35%7C1638230400%3A69%7C1635638400%3A203%7C1633651200%3A223_15_2%7C1633910400%3A63
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Fri, 01 Oct 2021 10:11:39 GMT
content-type
image/gif; charset=utf-8
content-length
42
set-cookie
KRTBCOOKIE_107=1471-uid:EKJVDsTh1Mwfw05; domain=pubmatic.com; SameSite=None; secure; expires=Thu, 30-Dec-2021 10:11:39 GMT; path=/ PugT=1633083099; domain=pubmatic.com; SameSite=None; secure; expires=Sun, 31-Oct-2021 10:11:39 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Thu, 30-Dec-2021 10:11:39 GMT; path=/
x-lat
amspug008:0:417
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

Cache-Control
no-cache, must-revalidate
Date
Fri, 01 Oct 2021 10:11:39 GMT
Expires
Fri, 01 Jan 1990 00:00:00 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:EKJVDsTh1Mwfw05&gdpr=0&gdpr_consent=
P3P
policyref="https://cts.w55c.net/ct/p3p_policy_ref.xml", CP="UNI PUR COM INT STA OTC STP OUR CUR TAIo COR DSP NOI"
Pragma
no-cache
Server
PingMatch/8a430fa#rel-ec2-master i-036989daef33ebbfa@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Set-Cookie
wfivefivec=EKJVDsTh1Mwfw05; Domain=.w55c.net; Expires=Tue, 01-Nov-2022 10:11:40 GMT; Path=/; SameSite=None; Secure matchpubmatic=5; Domain=.w55c.net; Expires=Sun, 31-Oct-2021 10:11:40 GMT; Path=/; SameSite=None; Secure
Strict-Transport-Security
max-age=2592000; includeSubDomains
Content-Length
0
Connection
keep-alive
Pug
simage2.pubmatic.com/AdServer/ Frame 36AE
Redirect Chain
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:E45975EBD15D458C8D63926C4697E0BE
1 B
68 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:E45975EBD15D458C8D63926C4697E0BE
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

:method
GET
:authority
simage2.pubmatic.com
:scheme
https
:path
/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:E45975EBD15D458C8D63926C4697E0BE
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
cookie
KADUSERCOOKIE=F81EBD4E-0CF0-45F5-92DA-18DBAAD0E44A; KRTBCOOKIE_57=22776-8024006013844445723; PUBMDCID=3; KRTBCOOKIE_80=22987-CAESEKyG5vFjqM23fQR1kCnWnYo&KRTB&16514-CAESEKyG5vFjqM23fQR1kCnWnYo&KRTB&23025-CAESEKyG5vFjqM23fQR1kCnWnYo; KRTBCOOKIE_409=22966-2aZSAGWS8llKICBlqJhRXktD; KRTBCOOKIE_153=19420-oQObpvNXyqm6Bpep8gOD8adRzaO6Bsr29QE0PtTL&KRTB&22979-oQObpvNXyqm6Bpep8gOD8adRzaO6Bsr29QE0PtTL; KRTBCOOKIE_1101=23040-7014038493271226508; KRTBCOOKIE_377=6810-117b351e-56e1-4502-abfd-e86c5570ad18&KRTB&22918-117b351e-56e1-4502-abfd-e86c5570ad18&KRTB&23031-117b351e-56e1-4502-abfd-e86c5570ad18; KRTBCOOKIE_27=16735-uid:57de6156-ded5-4200-bf94-c7d95625e804&KRTB&16736-uid:57de6156-ded5-4200-bf94-c7d95625e804&KRTB&23019-uid:57de6156-ded5-4200-bf94-c7d95625e804&KRTB&23114-uid:57de6156-ded5-4200-bf94-c7d95625e804; KRTBCOOKIE_391=22924-6820726720678911436&KRTB&23263-6820726720678911436; KRTBCOOKIE_336=5844-9169346895279784238; KRTBCOOKIE_594=17105-RX-51300f6b-ba71-4745-9193-d0880a824dcf-003&KRTB&17107-RX-51300f6b-ba71-4745-9193-d0880a824dcf-003; KRTBCOOKIE_22=14911-8354336131457789763; KRTBCOOKIE_188=3189-69bce38d-da38-4741-b143-da81c49889cb-6156ded9-5553; KRTBCOOKIE_218=22978-YVbe2QAFvmUTsAA6&KRTB&23194-YVbe2QAFvmUTsAA6&KRTB&23209-YVbe2QAFvmUTsAA6&KRTB&23244-YVbe2QAFvmUTsAA6; KRTBCOOKIE_466=16530-800f4375-b8b2-4cf7-9f2c-0b1fb371fc3f; KRTBCOOKIE_699=22727-AAEYRk7Crb4AABSSK-ZW0Q; KRTBCOOKIE_279=22890-f6c9d721-229f-11ec-aa16-4dbb093d86b7&KRTB&23011-f6c9d721-229f-11ec-aa16-4dbb093d86b7; PugT=1633083096; SPugT=1633083099; chkChromeAb67Sec=6; DPSync3=1634256000%3A221_226_227_235_201_197_219%7C1633132800%3A174; SyncRTB3=1634256000%3A71_231_88_230_176_81_189_3_54_99_7_166_233_165_56_55_104_8_234_222_13_161_5_57_21_22_220_204%7C1634342400%3A35%7C1638230400%3A69%7C1635638400%3A203%7C1633651200%3A223_15_2%7C1633910400%3A63
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Fri, 01 Oct 2021 10:11:39 GMT
content-type
text/html; charset=utf-8
content-length
1
set-cookie
PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Thu, 30-Dec-2021 10:11:39 GMT; path=/
x-lat
amspug020:0:416
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

server
openresty
date
Fri, 01 Oct 2021 10:11:40 GMT
content-type
text/html
content-length
142
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:E45975EBD15D458C8D63926C4697E0BE
expires
Thu, 30 Sep 2021 10:11:40 GMT
cache-control
no-cache
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
access-control-allow-origin
*
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Pug
simage2.pubmatic.com/AdServer/ Frame D2B8
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=11
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=MpcL_Mt5Rh5PdqAJ6a4QltiDby0
42 B
372 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=MpcL_Mt5Rh5PdqAJ6a4QltiDby0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

:method
GET
:authority
simage2.pubmatic.com
:scheme
https
:path
/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=MpcL_Mt5Rh5PdqAJ6a4QltiDby0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
cookie
KADUSERCOOKIE=F81EBD4E-0CF0-45F5-92DA-18DBAAD0E44A; KRTBCOOKIE_57=22776-8024006013844445723; PUBMDCID=3; KRTBCOOKIE_80=22987-CAESEKyG5vFjqM23fQR1kCnWnYo&KRTB&16514-CAESEKyG5vFjqM23fQR1kCnWnYo&KRTB&23025-CAESEKyG5vFjqM23fQR1kCnWnYo; KRTBCOOKIE_409=22966-2aZSAGWS8llKICBlqJhRXktD; KRTBCOOKIE_153=19420-oQObpvNXyqm6Bpep8gOD8adRzaO6Bsr29QE0PtTL&KRTB&22979-oQObpvNXyqm6Bpep8gOD8adRzaO6Bsr29QE0PtTL; KRTBCOOKIE_1101=23040-7014038493271226508; KRTBCOOKIE_377=6810-117b351e-56e1-4502-abfd-e86c5570ad18&KRTB&22918-117b351e-56e1-4502-abfd-e86c5570ad18&KRTB&23031-117b351e-56e1-4502-abfd-e86c5570ad18; KRTBCOOKIE_27=16735-uid:57de6156-ded5-4200-bf94-c7d95625e804&KRTB&16736-uid:57de6156-ded5-4200-bf94-c7d95625e804&KRTB&23019-uid:57de6156-ded5-4200-bf94-c7d95625e804&KRTB&23114-uid:57de6156-ded5-4200-bf94-c7d95625e804; KRTBCOOKIE_391=22924-6820726720678911436&KRTB&23263-6820726720678911436; KRTBCOOKIE_336=5844-9169346895279784238; KRTBCOOKIE_594=17105-RX-51300f6b-ba71-4745-9193-d0880a824dcf-003&KRTB&17107-RX-51300f6b-ba71-4745-9193-d0880a824dcf-003; KRTBCOOKIE_22=14911-8354336131457789763; KRTBCOOKIE_188=3189-69bce38d-da38-4741-b143-da81c49889cb-6156ded9-5553; KRTBCOOKIE_218=22978-YVbe2QAFvmUTsAA6&KRTB&23194-YVbe2QAFvmUTsAA6&KRTB&23209-YVbe2QAFvmUTsAA6&KRTB&23244-YVbe2QAFvmUTsAA6; KRTBCOOKIE_466=16530-800f4375-b8b2-4cf7-9f2c-0b1fb371fc3f; KRTBCOOKIE_699=22727-AAEYRk7Crb4AABSSK-ZW0Q; KRTBCOOKIE_279=22890-f6c9d721-229f-11ec-aa16-4dbb093d86b7&KRTB&23011-f6c9d721-229f-11ec-aa16-4dbb093d86b7; SPugT=1633083099; chkChromeAb67Sec=6; DPSync3=1634256000%3A221_226_227_235_201_197_219%7C1633132800%3A174; SyncRTB3=1634256000%3A71_231_88_230_176_81_189_3_54_99_7_166_233_165_56_55_104_8_234_222_13_161_5_57_21_22_220_204%7C1634342400%3A35%7C1638230400%3A69%7C1635638400%3A203%7C1633651200%3A223_15_2%7C1633910400%3A63; KRTBCOOKIE_107=1471-uid:EKJVDsTh1Mwfw05; PugT=1633083099
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Fri, 01 Oct 2021 10:11:40 GMT
content-type
image/gif; charset=utf-8
content-length
42
set-cookie
KRTBCOOKIE_860=16335-MpcL_Mt5Rh5PdqAJ6a4QltiDby0; domain=pubmatic.com; SameSite=None; secure; expires=Thu, 30-Dec-2021 10:11:40 GMT; path=/ PugT=1633083100; domain=pubmatic.com; SameSite=None; secure; expires=Sun, 31-Oct-2021 10:11:40 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Thu, 30-Dec-2021 10:11:40 GMT; path=/
x-lat
amspug014:0:433
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

Content-Type
text/html; charset=utf-8
Date
Fri, 01 Oct 2021 10:11:40 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=MpcL_Mt5Rh5PdqAJ6a4QltiDby0
Set-Cookie
sa-user-id=s%3A0-32970bfc-cb79-461e-4f76-a009e9ae1096.fxg1qEaYymqFcyqLILGFTj5yDwvzazTSsu7xEfJnFOw; Max-Age=31536000; Secure; SameSite=None sa-user-id-v2=s%3A0-32970bfc-cb79-461e-4f76-a009e9ae1096%24ip%24216.131.111.45.nE8lE7OpjqsLcJLltYSbR6s%2FPOGxUoNxR%2FQ77NmHA6g; Domain=srv.stackadapt.com; Max-Age=31536000; Secure; SameSite=None
Content-Length
159
Connection
keep-alive
Artemis
aud.pubmatic.com/AdServer/ Frame EDA7
Redirect Chain
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=F81EBD4E-0CF0-45F5-92DA-18DBAAD0E44A&gdpr=
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=F81EBD4E-0CF0-45F5-92DA-18DBAAD0E44A&gdpr=&fbounce=1
  • https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=F81EBD4E-0CF0-45F5-92DA-18DBAAD0E44A&addseg=19,36,42
43 B
43 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=F81EBD4E-0CF0-45F5-92DA-18DBAAD0E44A&addseg=19,36,42
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.229 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 10:11:40 GMT
content-length
43
content-type
text/plain; charset=utf-8

Redirect headers

date
Fri, 01 Oct 2021 10:11:40 GMT
via
1.1 google
p3p
CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
location
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=F81EBD4E-0CF0-45F5-92DA-18DBAAD0E44A&addseg=19,36,42
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-type
text/html; charset=utf-8
alt-svc
clear
content-length
141
info2
uipglob.semasio.net/pubmatic/1/ Frame EDA7
Redirect Chain
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=F81EBD4E-0CF0-45F5-92DA-18DBAAD0E44A&sInitiator=external&gdpr=0&gdpr_consent=
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=F81EBD4E-0CF0-45F5-92DA-18DBAAD0E44A&sInitiator=external&gdpr=0&gdpr_consent=
42 B
603 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=F81EBD4E-0CF0-45F5-92DA-18DBAAD0E44A&sInitiator=external&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
77.243.60.138 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 01 Oct 2021 10:11:38 GMT
frontend-id
1
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
access-control-allow-origin
*
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
image/gif
content-length
42
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 01 Oct 2021 10:11:38 GMT
frontend-id
1
location
/pubmatic/1/info2?sType=sync&sExtCookieId=F81EBD4E-0CF0-45F5-92DA-18DBAAD0E44A&sInitiator=external&gdpr=0&gdpr_consent=
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
access-control-allow-origin
*
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
0
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT
mw
mwzeom.zeotap.com/ Frame EDA7 		95 B
455 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&gdpr=0&gdpr_consent=&cid=F81EBD4E-0CF0-45F5-92DA-18DBAAD0E44A
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.13.182 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 10:11:40 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://ads.pubmatic.com
access-control-allow-credentials
true
cf-ray
6974e880cb932157-DUS
access-control-allow-headers
*
content-length
95
p
a.audrte.com/ Frame EDA7
Redirect Chain
  • https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=F81EBD4E-0CF0-45F5-92DA-18DBAAD0E44A
  • https://a.audrte.com/p
68 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.audrte.com/p
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.213.248.174 -, , ASN (),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 01 Oct 2021 10:11:40 GMT
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
68

Redirect headers

Date
Fri, 01 Oct 2021 10:11:40 GMT
Server
nginx/1.18.0
Access-Control-Allow-Origin
*
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Location
https://a.audrte.com:443/p
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
Pug
simage2.pubmatic.com/AdServer/ Frame 6A3F
Redirect Chain
  • https://match.bnmla.com/usersync?sspid=10738&redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3NzUmdGw9MTI5NjAw%26piggybackCookie%3D%5BUUID%5D
  • https://um.simpli.fi/match_redirect?sifi_redir=https%3A%2F%2Fmatch.bnmla.com%2Fusersync%3Fdspid%3D6%26uuid%3D%24UID
  • https://match.bnmla.com/usersync?dspid=6&uuid=E45975EBD15D458C8D63926C4697E0BE
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NzUmdGw9MTI5NjAw&piggybackCookie=6fe1ad76-b777-42db-b78d-6e7413220bdb
42 B
110 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NzUmdGw9MTI5NjAw&piggybackCookie=6fe1ad76-b777-42db-b78d-6e7413220bdb
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

:method
GET
:authority
simage2.pubmatic.com
:scheme
https
:path
/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NzUmdGw9MTI5NjAw&piggybackCookie=6fe1ad76-b777-42db-b78d-6e7413220bdb
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
cookie
KADUSERCOOKIE=F81EBD4E-0CF0-45F5-92DA-18DBAAD0E44A; KRTBCOOKIE_57=22776-8024006013844445723; PUBMDCID=3; KRTBCOOKIE_80=22987-CAESEKyG5vFjqM23fQR1kCnWnYo&KRTB&16514-CAESEKyG5vFjqM23fQR1kCnWnYo&KRTB&23025-CAESEKyG5vFjqM23fQR1kCnWnYo; KRTBCOOKIE_409=22966-2aZSAGWS8llKICBlqJhRXktD; KRTBCOOKIE_153=19420-oQObpvNXyqm6Bpep8gOD8adRzaO6Bsr29QE0PtTL&KRTB&22979-oQObpvNXyqm6Bpep8gOD8adRzaO6Bsr29QE0PtTL; KRTBCOOKIE_1101=23040-7014038493271226508; KRTBCOOKIE_377=6810-117b351e-56e1-4502-abfd-e86c5570ad18&KRTB&22918-117b351e-56e1-4502-abfd-e86c5570ad18&KRTB&23031-117b351e-56e1-4502-abfd-e86c5570ad18; KRTBCOOKIE_27=16735-uid:57de6156-ded5-4200-bf94-c7d95625e804&KRTB&16736-uid:57de6156-ded5-4200-bf94-c7d95625e804&KRTB&23019-uid:57de6156-ded5-4200-bf94-c7d95625e804&KRTB&23114-uid:57de6156-ded5-4200-bf94-c7d95625e804; KRTBCOOKIE_391=22924-6820726720678911436&KRTB&23263-6820726720678911436; KRTBCOOKIE_336=5844-9169346895279784238; KRTBCOOKIE_594=17105-RX-51300f6b-ba71-4745-9193-d0880a824dcf-003&KRTB&17107-RX-51300f6b-ba71-4745-9193-d0880a824dcf-003; KRTBCOOKIE_22=14911-8354336131457789763; KRTBCOOKIE_188=3189-69bce38d-da38-4741-b143-da81c49889cb-6156ded9-5553; KRTBCOOKIE_218=22978-YVbe2QAFvmUTsAA6&KRTB&23194-YVbe2QAFvmUTsAA6&KRTB&23209-YVbe2QAFvmUTsAA6&KRTB&23244-YVbe2QAFvmUTsAA6; KRTBCOOKIE_466=16530-800f4375-b8b2-4cf7-9f2c-0b1fb371fc3f; KRTBCOOKIE_699=22727-AAEYRk7Crb4AABSSK-ZW0Q; KRTBCOOKIE_279=22890-f6c9d721-229f-11ec-aa16-4dbb093d86b7&KRTB&23011-f6c9d721-229f-11ec-aa16-4dbb093d86b7; SPugT=1633083099; chkChromeAb67Sec=6; DPSync3=1634256000%3A221_226_227_235_201_197_219%7C1633132800%3A174; SyncRTB3=1634256000%3A71_231_88_230_176_81_189_3_54_99_7_166_233_165_56_55_104_8_234_222_13_161_5_57_21_22_220_204%7C1634342400%3A35%7C1638230400%3A69%7C1635638400%3A203%7C1633651200%3A223_15_2%7C1633910400%3A63; KRTBCOOKIE_107=1471-uid:EKJVDsTh1Mwfw05; KRTBCOOKIE_860=16335-vEVXBdemTeJCOPMaZ0f6LdiDby0; PugT=1633083099
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Fri, 01 Oct 2021 10:11:40 GMT
content-type
image/gif; charset=utf-8
content-length
42
set-cookie
PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Thu, 30-Dec-2021 10:11:39 GMT; path=/
x-lat
amspug008:0:352
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

Server
nginx
Date
Fri, 01 Oct 2021 10:11:40 GMT
Content-Length
0
Connection
keep-alive
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NzUmdGw9MTI5NjAw&piggybackCookie=6fe1ad76-b777-42db-b78d-6e7413220bdb
Pug
simage2.pubmatic.com/AdServer/ Frame 6159
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:EKJVDsTh1Mwfw05&gdpr=0&gdpr_consent=
42 B
112 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:EKJVDsTh1Mwfw05&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

:method
GET
:authority
simage2.pubmatic.com
:scheme
https
:path
/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:EKJVDsTh1Mwfw05&gdpr=0&gdpr_consent=
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
cookie
KADUSERCOOKIE=F81EBD4E-0CF0-45F5-92DA-18DBAAD0E44A; KRTBCOOKIE_57=22776-8024006013844445723; PUBMDCID=3; KRTBCOOKIE_80=22987-CAESEKyG5vFjqM23fQR1kCnWnYo&KRTB&16514-CAESEKyG5vFjqM23fQR1kCnWnYo&KRTB&23025-CAESEKyG5vFjqM23fQR1kCnWnYo; KRTBCOOKIE_409=22966-2aZSAGWS8llKICBlqJhRXktD; KRTBCOOKIE_153=19420-oQObpvNXyqm6Bpep8gOD8adRzaO6Bsr29QE0PtTL&KRTB&22979-oQObpvNXyqm6Bpep8gOD8adRzaO6Bsr29QE0PtTL; KRTBCOOKIE_1101=23040-7014038493271226508; KRTBCOOKIE_377=6810-117b351e-56e1-4502-abfd-e86c5570ad18&KRTB&22918-117b351e-56e1-4502-abfd-e86c5570ad18&KRTB&23031-117b351e-56e1-4502-abfd-e86c5570ad18; KRTBCOOKIE_27=16735-uid:57de6156-ded5-4200-bf94-c7d95625e804&KRTB&16736-uid:57de6156-ded5-4200-bf94-c7d95625e804&KRTB&23019-uid:57de6156-ded5-4200-bf94-c7d95625e804&KRTB&23114-uid:57de6156-ded5-4200-bf94-c7d95625e804; KRTBCOOKIE_391=22924-6820726720678911436&KRTB&23263-6820726720678911436; KRTBCOOKIE_336=5844-9169346895279784238; KRTBCOOKIE_594=17105-RX-51300f6b-ba71-4745-9193-d0880a824dcf-003&KRTB&17107-RX-51300f6b-ba71-4745-9193-d0880a824dcf-003; KRTBCOOKIE_22=14911-8354336131457789763; KRTBCOOKIE_188=3189-69bce38d-da38-4741-b143-da81c49889cb-6156ded9-5553; KRTBCOOKIE_218=22978-YVbe2QAFvmUTsAA6&KRTB&23194-YVbe2QAFvmUTsAA6&KRTB&23209-YVbe2QAFvmUTsAA6&KRTB&23244-YVbe2QAFvmUTsAA6; KRTBCOOKIE_466=16530-800f4375-b8b2-4cf7-9f2c-0b1fb371fc3f; KRTBCOOKIE_699=22727-AAEYRk7Crb4AABSSK-ZW0Q; KRTBCOOKIE_279=22890-f6c9d721-229f-11ec-aa16-4dbb093d86b7&KRTB&23011-f6c9d721-229f-11ec-aa16-4dbb093d86b7; PugT=1633083096; SPugT=1633083099; chkChromeAb67Sec=6; DPSync3=1634256000%3A221_226_227_235_201_197_219%7C1633132800%3A174; SyncRTB3=1634256000%3A71_231_88_230_176_81_189_3_54_99_7_166_233_165_56_55_104_8_234_222_13_161_5_57_21_22_220_204%7C1634342400%3A35%7C1638230400%3A69%7C1635638400%3A203%7C1633651200%3A223_15_2%7C1633910400%3A63
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Fri, 01 Oct 2021 10:11:39 GMT
content-type
image/gif; charset=utf-8
content-length
42
set-cookie
KRTBCOOKIE_107=1471-uid:EKJVDsTh1Mwfw05; domain=pubmatic.com; SameSite=None; secure; expires=Thu, 30-Dec-2021 10:11:39 GMT; path=/ PugT=1633083099; domain=pubmatic.com; SameSite=None; secure; expires=Sun, 31-Oct-2021 10:11:39 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Thu, 30-Dec-2021 10:11:39 GMT; path=/
x-lat
amspug013:0:608
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

Cache-Control
no-cache, must-revalidate
Date
Fri, 01 Oct 2021 10:11:39 GMT
Expires
Fri, 01 Jan 1990 00:00:00 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:EKJVDsTh1Mwfw05&gdpr=0&gdpr_consent=
P3P
policyref="https://cts.w55c.net/ct/p3p_policy_ref.xml", CP="UNI PUR COM INT STA OTC STP OUR CUR TAIo COR DSP NOI"
Pragma
no-cache
Server
PingMatch/8a430fa#rel-ec2-master i-0ab67c5d8ba5329d8@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Set-Cookie
wfivefivec=EKJVDsTh1Mwfw05; Domain=.w55c.net; Expires=Tue, 01-Nov-2022 10:11:40 GMT; Path=/; SameSite=None; Secure matchpubmatic=5; Domain=.w55c.net; Expires=Sun, 31-Oct-2021 10:11:40 GMT; Path=/; SameSite=None; Secure
Strict-Transport-Security
max-age=2592000; includeSubDomains
Content-Length
0
Connection
keep-alive
Pug
simage2.pubmatic.com/AdServer/ Frame DEC4
Redirect Chain
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:E45975EBD15D458C8D63926C4697E0BE
1 B
68 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:E45975EBD15D458C8D63926C4697E0BE
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

:method
GET
:authority
simage2.pubmatic.com
:scheme
https
:path
/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:E45975EBD15D458C8D63926C4697E0BE
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
cookie
KADUSERCOOKIE=F81EBD4E-0CF0-45F5-92DA-18DBAAD0E44A; KRTBCOOKIE_57=22776-8024006013844445723; PUBMDCID=3; KRTBCOOKIE_80=22987-CAESEKyG5vFjqM23fQR1kCnWnYo&KRTB&16514-CAESEKyG5vFjqM23fQR1kCnWnYo&KRTB&23025-CAESEKyG5vFjqM23fQR1kCnWnYo; KRTBCOOKIE_409=22966-2aZSAGWS8llKICBlqJhRXktD; KRTBCOOKIE_153=19420-oQObpvNXyqm6Bpep8gOD8adRzaO6Bsr29QE0PtTL&KRTB&22979-oQObpvNXyqm6Bpep8gOD8adRzaO6Bsr29QE0PtTL; KRTBCOOKIE_1101=23040-7014038493271226508; KRTBCOOKIE_377=6810-117b351e-56e1-4502-abfd-e86c5570ad18&KRTB&22918-117b351e-56e1-4502-abfd-e86c5570ad18&KRTB&23031-117b351e-56e1-4502-abfd-e86c5570ad18; KRTBCOOKIE_27=16735-uid:57de6156-ded5-4200-bf94-c7d95625e804&KRTB&16736-uid:57de6156-ded5-4200-bf94-c7d95625e804&KRTB&23019-uid:57de6156-ded5-4200-bf94-c7d95625e804&KRTB&23114-uid:57de6156-ded5-4200-bf94-c7d95625e804; KRTBCOOKIE_391=22924-6820726720678911436&KRTB&23263-6820726720678911436; KRTBCOOKIE_336=5844-9169346895279784238; KRTBCOOKIE_594=17105-RX-51300f6b-ba71-4745-9193-d0880a824dcf-003&KRTB&17107-RX-51300f6b-ba71-4745-9193-d0880a824dcf-003; KRTBCOOKIE_22=14911-8354336131457789763; KRTBCOOKIE_188=3189-69bce38d-da38-4741-b143-da81c49889cb-6156ded9-5553; KRTBCOOKIE_218=22978-YVbe2QAFvmUTsAA6&KRTB&23194-YVbe2QAFvmUTsAA6&KRTB&23209-YVbe2QAFvmUTsAA6&KRTB&23244-YVbe2QAFvmUTsAA6; KRTBCOOKIE_466=16530-800f4375-b8b2-4cf7-9f2c-0b1fb371fc3f; KRTBCOOKIE_699=22727-AAEYRk7Crb4AABSSK-ZW0Q; KRTBCOOKIE_279=22890-f6c9d721-229f-11ec-aa16-4dbb093d86b7&KRTB&23011-f6c9d721-229f-11ec-aa16-4dbb093d86b7; PugT=1633083096; SPugT=1633083099; chkChromeAb67Sec=6; DPSync3=1634256000%3A221_226_227_235_201_197_219%7C1633132800%3A174; SyncRTB3=1634256000%3A71_231_88_230_176_81_189_3_54_99_7_166_233_165_56_55_104_8_234_222_13_161_5_57_21_22_220_204%7C1634342400%3A35%7C1638230400%3A69%7C1635638400%3A203%7C1633651200%3A223_15_2%7C1633910400%3A63
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Fri, 01 Oct 2021 10:11:39 GMT
content-type
text/html; charset=utf-8
content-length
1
set-cookie
PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Thu, 30-Dec-2021 10:11:39 GMT; path=/
x-lat
amspug005:0:333
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

server
openresty
date
Fri, 01 Oct 2021 10:11:40 GMT
content-type
text/html
content-length
142
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:E45975EBD15D458C8D63926C4697E0BE
expires
Thu, 30 Sep 2021 10:11:40 GMT
cache-control
no-cache
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
access-control-allow-origin
*
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Pug
simage2.pubmatic.com/AdServer/ Frame 2F0A
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=11
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=vEVXBdemTeJCOPMaZ0f6LdiDby0
42 B
241 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=vEVXBdemTeJCOPMaZ0f6LdiDby0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

:method
GET
:authority
simage2.pubmatic.com
:scheme
https
:path
/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=vEVXBdemTeJCOPMaZ0f6LdiDby0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
cookie
KADUSERCOOKIE=F81EBD4E-0CF0-45F5-92DA-18DBAAD0E44A; KRTBCOOKIE_57=22776-8024006013844445723; PUBMDCID=3; KRTBCOOKIE_80=22987-CAESEKyG5vFjqM23fQR1kCnWnYo&KRTB&16514-CAESEKyG5vFjqM23fQR1kCnWnYo&KRTB&23025-CAESEKyG5vFjqM23fQR1kCnWnYo; KRTBCOOKIE_409=22966-2aZSAGWS8llKICBlqJhRXktD; KRTBCOOKIE_153=19420-oQObpvNXyqm6Bpep8gOD8adRzaO6Bsr29QE0PtTL&KRTB&22979-oQObpvNXyqm6Bpep8gOD8adRzaO6Bsr29QE0PtTL; KRTBCOOKIE_1101=23040-7014038493271226508; KRTBCOOKIE_377=6810-117b351e-56e1-4502-abfd-e86c5570ad18&KRTB&22918-117b351e-56e1-4502-abfd-e86c5570ad18&KRTB&23031-117b351e-56e1-4502-abfd-e86c5570ad18; KRTBCOOKIE_27=16735-uid:57de6156-ded5-4200-bf94-c7d95625e804&KRTB&16736-uid:57de6156-ded5-4200-bf94-c7d95625e804&KRTB&23019-uid:57de6156-ded5-4200-bf94-c7d95625e804&KRTB&23114-uid:57de6156-ded5-4200-bf94-c7d95625e804; KRTBCOOKIE_391=22924-6820726720678911436&KRTB&23263-6820726720678911436; KRTBCOOKIE_336=5844-9169346895279784238; KRTBCOOKIE_594=17105-RX-51300f6b-ba71-4745-9193-d0880a824dcf-003&KRTB&17107-RX-51300f6b-ba71-4745-9193-d0880a824dcf-003; KRTBCOOKIE_22=14911-8354336131457789763; KRTBCOOKIE_188=3189-69bce38d-da38-4741-b143-da81c49889cb-6156ded9-5553; KRTBCOOKIE_218=22978-YVbe2QAFvmUTsAA6&KRTB&23194-YVbe2QAFvmUTsAA6&KRTB&23209-YVbe2QAFvmUTsAA6&KRTB&23244-YVbe2QAFvmUTsAA6; KRTBCOOKIE_466=16530-800f4375-b8b2-4cf7-9f2c-0b1fb371fc3f; KRTBCOOKIE_699=22727-AAEYRk7Crb4AABSSK-ZW0Q; KRTBCOOKIE_279=22890-f6c9d721-229f-11ec-aa16-4dbb093d86b7&KRTB&23011-f6c9d721-229f-11ec-aa16-4dbb093d86b7; SPugT=1633083099; chkChromeAb67Sec=6; DPSync3=1634256000%3A221_226_227_235_201_197_219%7C1633132800%3A174; SyncRTB3=1634256000%3A71_231_88_230_176_81_189_3_54_99_7_166_233_165_56_55_104_8_234_222_13_161_5_57_21_22_220_204%7C1634342400%3A35%7C1638230400%3A69%7C1635638400%3A203%7C1633651200%3A223_15_2%7C1633910400%3A63; KRTBCOOKIE_107=1471-uid:EKJVDsTh1Mwfw05; PugT=1633083099
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Fri, 01 Oct 2021 10:11:39 GMT
content-type
image/gif; charset=utf-8
content-length
42
set-cookie
KRTBCOOKIE_860=16335-vEVXBdemTeJCOPMaZ0f6LdiDby0; domain=pubmatic.com; SameSite=None; secure; expires=Thu, 30-Dec-2021 10:11:39 GMT; path=/ PugT=1633083099; domain=pubmatic.com; SameSite=None; secure; expires=Sun, 31-Oct-2021 10:11:39 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Thu, 30-Dec-2021 10:11:39 GMT; path=/
x-lat
amspug012:0:405
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

Content-Type
text/html; charset=utf-8
Date
Fri, 01 Oct 2021 10:11:40 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=vEVXBdemTeJCOPMaZ0f6LdiDby0
Set-Cookie
sa-user-id=s%3A0-bc455705-d7a6-4de2-4238-f31a6747fa2d.oLYiCS7Lep1wH8v%2FIA%2BF%2B47rMW0xOJcfvzUB5VWJZqk; Max-Age=31536000; Secure; SameSite=None sa-user-id-v2=s%3A0-bc455705-d7a6-4de2-4238-f31a6747fa2d%24ip%24216.131.111.45.FrX16GhGBLvVblu54hleu05api1f%2FwBHHE0AemzxmYA; Domain=srv.stackadapt.com; Max-Age=31536000; Secure; SameSite=None
Content-Length
159
Connection
keep-alive
SPug
simage4.pubmatic.com/AdServer/ Frame C327 		0
128 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=157577&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.81 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 10:11:40 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
SPug
simage4.pubmatic.com/AdServer/ Frame F5D4 		0
228 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=157577&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.81 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 10:11:41 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
SPug
simage4.pubmatic.com/AdServer/ Frame EDA7 		0
148 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=157577&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.81 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 10:11:41 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
id5-sync.com
URL
https://id5-sync.com/c/441/19/4/6.gif?puid=54d24ff3f09adfa5ad5df1bd6623a1d0&gdpr=1&gdpr_consent=

Verdicts & Comments Add Verdict or Comment

198 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| onbeforexrselect boolean| originAgentCluster undefined| $ function| jQuery object| ai_front boolean| ai_dummy boolean| jquery_mmenu_all_js string| GoogleAnalyticsObject function| ga object| _0x2600 function| _0x1d9e boolean| __xshjryhdhjkuehd object| gptAdSlots object| googletag number| aiNextSlotId function| aiGenerateNextSlotName function| aiLoadBlock function| hj object| _hjSettings object| _91532438-f31b-4086-8018-7cd68ddba2a3 object| hjSiteSettings function| hjBootstrap object| hjBootstrapCalled object| hjLazyModules object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| ggeac object| google_js_reporting_queue object| AOS function| _typeof function| copyText boolean| is_sticky object| contentArea object| wrapperNav object| logoWrapper object| alongSideAds number| stickyOffset number| buffer function| stickyManager function| addSticky function| removeSticky number| refreshTimer string| updatedUrl string| updatedTitle function| urlUpdater function| refreshPage object| bootstrap object| jQuery1124006267568271334967 object| addComment function| Sweetalert2 function| SweetAlert function| Swal function| sweetAlert function| swal object| __core-js_shared__ object| core function| setImmediate function| clearImmediate object| regeneratorRuntime boolean| _babelPolyfill object| wp function| sprintf function| vsprintf object| highlight_and_share function| loadLFCComments boolean| parentAccessible number| _timeout object| _vendors string| _gdprTimeoutConsent boolean| _FskIsAmp undefined| css undefined| head undefined| style function| getTCFVersion function| getCCPAVersion object| fskWindow function| Sizzle function| fskLib function| FSK_getExtraParameters boolean| FskHasLoaded object| _fskparameters function| _fskParseGetParameters undefined| fskffc undefined| fskcfc function| _fskInsertScript function| _fskProcessInsertGDPR object| as object| $jscomp function| ai_load_cookie function| ai_get_cookie function| ai_set_cookie function| ai_process_elements function| b64e function| b64d number| ai_sticky_delay boolean| ai_process_sticky_elements_on_ready function| ai_process_sticky_elements function| ai_process_element function| getAllUrlParams undefined| Cookies function| AiCookies function| ai_check_block function| ai_check_and_insert_block function| ai_get_cookie_text function| ai_insert function| ai_insert_code function| ai_insert_list_code function| ai_insert_viewport_code function| ai_insert_code_by_class boolean| ai_process_elements_active boolean| ai_tracking_finished function| ai_run_571100706555 function| ai_process_lists function| ai_process_ip_addresses function| ai_install_standard_click_trackers function| ai_install_click_trackers function| ai_process_impressions function| ai_document_write string| selector_string function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter undefined| google_measure_js_timing object| googleToken object| googleIMState function| processGoogleToken number| __google_ad_urls_id number| google_unique_id object| _0x4cc4 function| _0x30b6 function| _0x4a113e object| _ds05un3 number| _pa_v object| paGlobal function| callUnitMan object| pa_pbjs_fw object| pa_pbjs_fw1.1 object| element function| FskAds function| _FskGetCmpId boolean| _FskHasGgl object| _fskadsparameters object| _fskadunits object| _fskgeo function| _fskAddListener object| _FskAds function| FskRequestAnimationFrame function| admiral function| 4dm1r11545242527 boolean| isAllowed object| sas object| _fskconf object| dataLayer function| _FskDebounce function| _FskElementIsInView function| _FskUpdateElementViewabilityMessage object| __google_ad_urls boolean| google_osd_loaded boolean| google_onload_fired object| ampInaboxIframes object| ampInaboxPendingMessages boolean| isVisible function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb object| google_tag_manager object| auvars object| npt function| docReady object| au object| autag function| fbq function| _fbq object| JSON3 object| GoogleGcLKhOms object| google_image_requests object| ai_check_data object| ai_cookie

167 Cookies

Domain/Path Name / Value
.sfweekly.com/ Name: _ga
Value: GA1.2.1144439161.1633083092
.sfweekly.com/ Name: _gid
Value: GA1.2.1855232428.1633083092
.sfweekly.com/ Name: _gat
Value: 1
.sfweekly.com/ Name: _hjid
Value: bc2f7de6-2d14-4923-a137-a17ee633925a
.sfweekly.com/ Name: _hjFirstSeen
Value: 1
.freeskreen.com/ Name: a
Value: NTYzNT0xfHw7NTYzNj0xfHw7
www.sfweekly.com/ Name: _hjIncludedInPageviewSample
Value: 1
.sfweekly.com/ Name: _hjAbsoluteSessionInProgress
Value: 0
.smartadserver.com/ Name: TestIfCookieP
Value: ok
.smartadserver.com/ Name: pbw
Value: %24b%3d16890%3b%24o%3d11100
.smartadserver.com/ Name: vs
Value: 104685=4601411
.smartadserver.com/ Name: TestIfCookie
Value: ok
.smartadserver.com/ Name: sasd2
Value: q=%24qc%3D1314363065%3B%24ql%3DHigh%3B%24qpc%3D94117%3B%24qt%3D152_2199_42546t%3B%24dma%3D807&c=1&l=-1730953035&lo=-1855080969&lt=637686870925517906&o=1
.smartadserver.com/ Name: sasd
Value: %24qc%3D1314363065%3B%24ql%3DHigh%3B%24qpc%3D94117%3B%24qt%3D152_2199_42546t%3B%24dma%3D807
.smartadserver.com/ Name: dyncdn
Value: 1
.smartadserver.com/ Name: pid
Value: 7205702882258895689
.smartadserver.com/ Name: pdomid
Value: 23
.doubleclick.net/ Name: IDE
Value: AHWqTUmXDGQXIn3zfL0I3oT72I0K-AbJtcxcoXagaTwk6G7XQ-9VfQpgEUw_4-o_mmw
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.admanmedia.com/ Name: admtr
Value: 477c44c11e2a94142f746bc70bf1dca8648b4fd2
.freeskreen.com/ Name: scmtid
Value: c2FpZD03MjA1NzAyODgyMjU4ODk1Njg5fDE2MzMwODMwOTI1ODgmc2NtaWQ9ZmZiY2phZGlhZGRnYk94TDFBUWhjNkh8MTYzMzA4MzA5MjE1NSZhY2lkPSU3QiUyNFVJRCU3RHwxNjMzMDgzMDkyNzk4
.sfweekly.com/ Name: _gat_gtag_UA_137034616_164
Value: 1
.ad.gt/ Name: au_id
Value: 6e52ce68-ecc0-4328-82e5-b5972013fe7a
.ad.gt/ Name: au_idmatch
Value: {"apn": "2021-10-01", "ttd": "2021-10-01", "pub": "2021-10-01", "adx": "2021-10-01", "halo": "2021-10-01", "goo": "2021-10-01", "bees": "2021-10-01", "mediamath": "2021-10-01", "ado": "2021-10-01"}
.adnxs.com/ Name: uuid2
Value: 8024006013844445723
.mathtag.com/ Name: uuid
Value: 57de6156-ded5-4200-bf94-c7d95625e804
.adsrvr.org/ Name: TDID
Value: 117b351e-56e1-4502-abfd-e86c5570ad18
.demdex.net/ Name: demdex
Value: 31484824399336767402015332676687979971
.pubmatic.com/ Name: KADUSERCOOKIE
Value: F81EBD4E-0CF0-45F5-92DA-18DBAAD0E44A
www.sfweekly.com/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.sfweekly.com/ Name: _pubcid
Value: 65dbf2a8-cd47-4ff7-8222-d7e877d7741d
.dpm.demdex.net/ Name: dpm
Value: 31484824399336767402015332676687979971
.bidr.io/ Name: bito
Value: AAEYRk7Crb4AABSSK-ZW0Q
.bidr.io/ Name: bitoIsSecure
Value: ok
.rubiconproject.com/ Name: rsid
Value: 1|HsGqLFsFr/vVSy6g0MQzNQWiuYBcZJvAvCF6IsCkVVYgwYaQOmrhQqqdY7qJ5+fKRB+v2jLGFGeoFyjBXEn+RTT+pWw62G0J5h4qb83eS0hKp2u2D6IxNbX7Tc/cWQrERdSf+hE=
.ad.gt/ Name: last_seeng_hosted
Value: 1633083093790
.ad.gt/ Name: g_hosted
Value:
.ad.gt/ Name: last_seenadx
Value: 1633083093805
.ad.gt/ Name: google_gid
Value: CAESEHg4otRItfZwXLcEmvmOanI
.ad.gt/ Name: first_seenadx
Value: 1633083093805
.ad.gt/ Name: last_seenmediamath
Value: 1633083093810
.ad.gt/ Name: user_id
Value: 57de6156-ded5-4200-bf94-c7d95625e804
.gumgum.com/ Name: cs
Value: true
.gumgum.com/ Name: loc
Value: SfolTs1ZIlPB8MVKEK8IyKSvg4rUpAiO8hszRu6MQdzACEQ3JcDkYSa8DRCNeggGFXoqrKYmvNRYbDiv5cjMZA
.gumgum.com/ Name: vst
Value: e_1edbcb18-77c5-49be-93a1-49e7091e8c3d
.rubiconproject.com/ Name: khaos
Value: KU87IBT5-X-G3KD
.ad.gt/ Name: last_seenadnxs
Value: 1633083093906
.ad.gt/ Name: adnxs_id
Value: 8024006013844445723
.ad.gt/ Name: first_seenadnxs
Value: 1633083093906
.ad.gt/ Name: last_seenpbm
Value: 1633083093911
.ad.gt/ Name: pbm
Value: F81EBD4E-0CF0-45F5-92DA-18DBAAD0E44A
.ad.gt/ Name: first_seenpbm
Value: 1633083093911
www.sfweekly.com/ Name: cto_bidid
Value: xHg0uV9DWGd3N1ZKUmhlcldQYVdGZ0xRZXFtc1NUSXdGaG5JUCUyQmE1NEhoTzRyVDdrUWtTVEVUTVRQdlpQWGhxTGpHOEJONHZ3UFMxVHYwMkxzV3NUJTJGTW9kb0ElM0QlM0Q
www.sfweekly.com/ Name: cto_bundle
Value: 7KPE3F9oWFBVJTJGY1lzQUNIZ1B3bThjaEM0OENDcU5GOWZZWDdNWnJHbGg3N2clMkIwZ295RzElMkJ3VW4ycjFoUzE3ZENmeXU5dVVuTnpsR1p0M2V6NCUyQnhzdmhxQW1TQkFRYXdaR2NRZ3hJMm9vbFZ3Z0FmOXZDNHNya1NyVENNOWFWUXRoazhW
.openx.net/ Name: i
Value: 8c77f0d4-760a-4f52-9f82-e9a3e457dc96|1633083094
.rubiconproject.com/ Name: audit
Value: 1|hLZGFuTafB2dDliI0nQM/RmgpWwXQt0T0FBmQRW9tldEI638UdmZBucx9YsHfPe21p5dPQc6iNTMboWaW1ii7br1Qi87KC6M
.lijit.com/ Name: ctag
Value: 561:1635675094|515:1635675094|563:1635675094|565:1633169494|185:1633169494|203:1634292694|205:1633169494|589:1635675094|462:1633169494
.ad.gt/ Name: last_seenbeeswax
Value: 1633083094149
.ad.gt/ Name: beeswax_id
Value: AAEYRk7Crb4AABSSK-ZW0Q
.sfweekly.com/ Name: _fbp
Value: fb.1.1633083094238.59566840
.ad.gt/ Name: last_seentd
Value: 1633083094153
.ad.gt/ Name: tdid
Value: 117b351e-56e1-4502-abfd-e86c5570ad18
.ad.gt/ Name: first_seentd
Value: 1633083094153
.ad.gt/ Name: last_seenadb
Value: 1633083094158
.ad.gt/ Name: adb
Value: 31484824399336767402015332676687979971
.facebook.com/ Name: fr
Value: 0YcKudq5BTZS1n3Fb..BhVt7W...1.0.BhVt7W.
.adnxs.com/ Name: icu
Value: ChgI14psEAoYAiACKAIw1r3bigY4AkACSAIQ1r3bigYYAQ..
.ad.gt/ Name: last_seenhaloid
Value: 1633083094232
.ad.gt/ Name: halo_id
Value: 0200b69q6w07jv2yg08xizqr0bwpa1w0evvljv1k7cm961o8b5po0ntek210qskvk40trr7270wqxik90zq3u2c12pa5j31k0gxf118nmsj91nelrdq1elzfjf1hl5r1i1kkc2jl
.ad.gt/ Name: first_seenhaloid
Value: 1633083094232
.ad.gt/ Name: last_seenopenx
Value: 1633083094335
.ad.gt/ Name: openx_id
Value: 769bd6e8-5601-4f59-96af-351b970f206f
.sfweekly.com/ Name: __gads
Value: ID=ea9c35ff6fe015cd:T=1633083092:S=ALNI_Maz2vTzqLyVwsHB9_ESa2Rr75IfnA
.sfweekly.com/ Name: _awl
Value: 2.1633083095.0.4-d2692b3e-6e3ef7cf3cd553b2cb00792ca85f11b2-6763652d6575726f70652d7765737431-6156ded7-0
.ads.pubmatic.com/ Name: KCCH
Value: YES
.id5-sync.com/ Name: cf
Value:
.id5-sync.com/ Name: cip
Value:
.id5-sync.com/ Name: cnac
Value:
.id5-sync.com/ Name: car
Value:
.id5-sync.com/ Name: gdpr
Value:
.id5-sync.com/ Name: callback
Value:
.pubmatic.com/ Name: DPSync3
Value: 1633132800%3A174%7C1634256000%3A201_197_219
.id5-sync.com/ Name: id5
Value: d2c56d4f-1814-4fd6-bfcc-506809ed9014#1633083093082#2
.360yield.com/ Name: tuuid
Value: 0326701a-d791-4c78-bb96-9b1d181a8963
.360yield.com/ Name: tuuid_lu
Value: 1633083097
.casalemedia.com/ Name: CMPS
Value: 3237
.adfarm1.adition.com/ Name: UserID1
Value: 7014038493271226508
.pubmatic.com/ Name: KRTBCOOKIE_57
Value: 22776-8024006013844445723
.pubmatic.com/ Name: PUBMDCID
Value: 3
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 22987-CAESEKyG5vFjqM23fQR1kCnWnYo&KRTB&16514-CAESEKyG5vFjqM23fQR1kCnWnYo&KRTB&23025-CAESEKyG5vFjqM23fQR1kCnWnYo
.onaudience.com/ Name: cookie
Value: 79234046874b74fa
.onaudience.com/ Name: done_redirects147
Value: 1
.taboola.com/ Name: t_gid
Value: 52b20f26-cd0d-44e7-b36a-021a783e34d5-tuct8506459
.advertising.com/ Name: APID
Value: UPf688fd68-229f-11ec-b37f-02c99423f47e
.erne.co/ Name: u
Value: 2aZSAGWS8llKICBlqJhRXktD
.bidswitch.net/ Name: tuuid
Value: 800f4375-b8b2-4cf7-9f2c-0b1fb371fc3f
.bidswitch.net/ Name: c
Value: 1633083097
.bidswitch.net/ Name: tuuid_lu
Value: 1633083097
.adform.net/ Name: C
Value: 1
.simpli.fi/ Name: suid
Value: E45975EBD15D458C8D63926C4697E0BE
.casalemedia.com/ Name: CMST
Value: YVbe2WFW3tkA
.quantserve.com/ Name: mc
Value: 6156ded9-499e1-a0cc3-4dfb3
.pubmatic.com/ Name: SPugT
Value: 1633083096
.pubmatic.com/ Name: KRTBCOOKIE_409
Value: 22966-2aZSAGWS8llKICBlqJhRXktD
.casalemedia.com/ Name: CMID
Value: YVbe2UU77.TBD8FqKu7ekQAA
.casalemedia.com/ Name: CMPRO
Value: 1157
.adform.net/ Name: uid
Value: 6820726720678911436
.pubmatic.com/ Name: KRTBCOOKIE_153
Value: 19420-oQObpvNXyqm6Bpep8gOD8adRzaO6Bsr29QE0PtTL&KRTB&22979-oQObpvNXyqm6Bpep8gOD8adRzaO6Bsr29QE0PtTL
.360yield.com/ Name: um
Value: !79,PcBloIb5J.GzCwu7q8Jyxhwf6n8yRv-6H5AZpbuQMBUaSBViR1yHM8gQxOJaFf99bdqq0jQaJiwIAGSh,1640859097!313,PcBloHjqSUNnZX3rj9crMZ0CkKs6cTQkn.2ZOro8q3x6B4siO1OKCN8o1qGhMHgtqOARNV2LNvpCz-6K,1640859097
.360yield.com/ Name: umeh
Value: !79,0,1695291097,-1!313,0,1695291097,-1
.analytics.yahoo.com/ Name: IDSYNC
Value: "18z8~20pm:18z9~20pm"
.yahoo.com/ Name: APID
Value: UPf688fd68-229f-11ec-b37f-02c99423f47e
.yahoo.com/ Name: APIDTS
Value: 1633083097
.pubmatic.com/ Name: KRTBCOOKIE_1101
Value: 23040-7014038493271226508
.pubmatic.com/ Name: KRTBCOOKIE_377
Value: 6810-117b351e-56e1-4502-abfd-e86c5570ad18&KRTB&22918-117b351e-56e1-4502-abfd-e86c5570ad18&KRTB&23031-117b351e-56e1-4502-abfd-e86c5570ad18
.pubmatic.com/ Name: KRTBCOOKIE_27
Value: 16735-uid:57de6156-ded5-4200-bf94-c7d95625e804&KRTB&16736-uid:57de6156-ded5-4200-bf94-c7d95625e804&KRTB&23019-uid:57de6156-ded5-4200-bf94-c7d95625e804&KRTB&23114-uid:57de6156-ded5-4200-bf94-c7d95625e804
.de17a.com/ Name: guid2
Value: 1.9169346895279784238
.pubmatic.com/ Name: SyncRTB3
Value: 1634256000%3A55_21_71_3_7_104_13_8_230_54_99_231_234_176_81_22_165_166_220_161_189_56_88_204_222%7C1633651200%3A223_15_2%7C1635638400%3A203%7C1634342400%3A35%7C1633910400%3A63
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-51300f6b-ba71-4745-9193-d0880a824dcf-003%22%7D
.pubmatic.com/ Name: KRTBCOOKIE_391
Value: 22924-6820726720678911436&KRTB&23263-6820726720678911436
ads.playground.xyz/ Name: connect.sid
Value: s%3AyBe0heOOTGZqvBBfuP_Xekwi7Oe0EWKv.YqYLDldOIcgkPTqwdPKxgHrdJvElAFc1%2FMtZzDvIAh0
.pubmatic.com/ Name: KRTBCOOKIE_336
Value: 5844-9169346895279784238
.turn.com/ Name: uid
Value: 8354336131457789763
.onaudience.com/ Name: done_redirects236
Value: 1
.sitescout.com/ Name: ssi
Value: 69bce38d-da38-4741-b143-da81c49889cb#1633083097380
.owneriq.net/ Name: si
Value: Q6863694971096429505
.owneriq.net/ Name: p2
Value: cc
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-51300f6b-ba71-4745-9193-d0880a824dcf-003%22%7D
.yahoo.com/ Name: A3
Value: d=AQABBNneVmECEFQBWaLAEk1DwqYrC2FmwFk&S=AQAAAipyZOBxKT-wxkO9DPjAZ3U
.pubmatic.com/ Name: KRTBCOOKIE_594
Value: 17105-RX-51300f6b-ba71-4745-9193-d0880a824dcf-003&KRTB&17107-RX-51300f6b-ba71-4745-9193-d0880a824dcf-003
.adsby.bidtheatre.com/ Name: __kuid
Value: 41fb2e56-f756-4211-9be0-2f930194e3ab.402297097
.acuityplatform.com/ Name: auid
Value: 611361532471
.acuityplatform.com/ Name: aum
Value: "OikKAfqbdXNlck1hdGNoQnlVc2VyTWF0Y2hpbmdJZE1hcPqAOPqNdXNlck1hdGNoaW5nSWTQkWxhc3REcm9wVGltZU1pbGxpcyUBPg5qaAm6mGxhc3RTdWNjZXNzZnVsTWF0Y2hNaWxsaXMlAT4OamgJuo90aGlyZFBhcnR5VXNlcklkIfv7hnZlcnNpb27C+w=="
.pubmatic.com/ Name: KRTBCOOKIE_22
Value: 14911-8354336131457789763
.quantserve.com/ Name: d
Value: EOYBEgGwJPijC_vLEA
.sitescout.com/ Name: _ssuma
Value: eyI0NSI6MTYzMzA4MzA5NzQxMX0
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~YVbe2QAFvmUTsAA6
.pubmatic.com/ Name: KRTBCOOKIE_188
Value: 3189-69bce38d-da38-4741-b143-da81c49889cb-6156ded9-5553
.eyeota.net/ Name: mako_uid
Value: 17c3b568165-68d90000010f48c1
.eyeota.net/ Name: SERVERID
Value: 18625~DM
.pubmatic.com/ Name: KRTBCOOKIE_218
Value: 22978-YVbe2QAFvmUTsAA6&KRTB&23194-YVbe2QAFvmUTsAA6&KRTB&23209-YVbe2QAFvmUTsAA6&KRTB&23244-YVbe2QAFvmUTsAA6
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 5
.betweendigital.com/ Name: dc
Value: mow1
.betweendigital.com/ Name: tuuid
Value: a01691ff-2e63-5112-b5ce-26ddd498f804
.betweendigital.com/ Name: ss
Value: 1
ads.avct.cloud/ Name: uuid
Value: e6700eeb-4f4c-4139-a2d2-0fb81837e055
.betweendigital.com/ Name: ut
Value: YVbe2QAIqsDbnR1yBh5FZyQGzwzVddMOgBFNRQ==
.tribalfusion.com/ Name: ANON_ID
Value: aVnseFpyXagbqiVREF6MRdaHMyBgETNoVr4GywfcZciJV36NUZbsZccKap2DegNulxmR73RjyUZar21pY9iyiTZdq
.pubmatic.com/ Name: KRTBCOOKIE_466
Value: 16530-800f4375-b8b2-4cf7-9f2c-0b1fb371fc3f
bh.contextweb.com/ Name: INGRESSCOOKIE
Value: 935d0776af83c376
.adsrvr.org/ Name: TDCPM
Value: CAEYASABKAIyCwjKluzg0rOCOhAFOAFaBmV5ZW90YWAC
.undertone.com/ Name: UID_EXT_53
Value: F81EBD4E-0CF0-45F5-92DA-18DBAAD0E44A
.undertone.com/ Name: UID_EXT_39
Value: 14b6a8aa-df22-4cc6-afd1-3e8c77dccf39
.smartadserver.com/ Name: csync
Value: 127:AAEYRk7Crb4AABSSK-ZW0Q
.ipredictive.com/ Name: cu
Value: f6c9d721-229f-11ec-aa16-4dbb093d86b7|1633083097721
.pubmatic.com/ Name: KRTBCOOKIE_699
Value: 22727-AAEYRk7Crb4AABSSK-ZW0Q
.pubmatic.com/ Name: KRTBCOOKIE_279
Value: 22890-f6c9d721-229f-11ec-aa16-4dbb093d86b7&KRTB&23011-f6c9d721-229f-11ec-aa16-4dbb093d86b7
.pubmatic.com/ Name: PugT
Value: 1633083096
.mediarithmics.com/ Name: mics_vid
Value: 21165419680
.mediarithmics.com/ Name: mics_uaid
Value: web:1:a39104ab-1955-44ca-bae4-7c8f62fd717e
.mediarithmics.com/ Name: mics_lts
Value: 1633083097736
.casalemedia.com/ Name: CMRUM3
Value: e66156ded92760&336156ded905a0&f16156ded905a0&276156ded90b40&986156ded927600349c543-d4f2-4d48-a18d-fe35b3213d8e&2d6156ded92760CAESECXtlUg37X6Z_qTcH2CAMBE&ce6156ded905a0&0a6156ded92760611361532471&bc6156ded905a00
.crwdcntrl.net/ Name: _cc_dc
Value: 1
.crwdcntrl.net/ Name: _cc_id
Value: 54d24ff3f09adfa5ad5df1bd6623a1d0
.crwdcntrl.net/ Name: _cc_cc
Value: "ACZ4XmNQMDVJMTJJSzNOM7BMTElLNE1MMU1JM0xKMTMzMk40TDFgAILEsHs3QTQUAAB3RQwD"
.crwdcntrl.net/ Name: _cc_aud
Value: "ABR4XmNgYGBIDLt3E0hBAQAdeQJv"
.id5-sync.com/ Name: 3pi
Value: 146#1633083093515#-1193626751|18#1633083093739#-216774851|19#1633083093895#710423728#54d24ff3f09adfa5ad5df1bd6623a1d0|916#1633083093226#249977289|441#1633083093135#-279558994|124#1633083093279#249977289

7 Console Messages

Source Level URL
Text
rendering error URL: https://8f4b3a34c719de7bcf70047dfa1b93cb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html(Line 12)
Message:
Error: <path> attribute d: Expected number, "…1.06 6.47Q12.183L3.86 5.13L3.86 …".
network error URL: https://surgeprice.com/display/async/Kg3RFMmSZ8i2rGAQi/sfweekly.com/ariel.js
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://surgeprice.com/display/async/Kg3RFMmSZ8i2rGAQi/sfweekly.com/ariel.js
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://surgeprice.com/display/async/Kg3RFMmSZ8i2rGAQi/sfweekly.com/ariel.js
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://surgeprice.com/display/async/Kg3RFMmSZ8i2rGAQi/sfweekly.com/ariel.js
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://c1.adform.net/serving/cookie/match?party=29&gdpr=1
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://id5-sync.com/c/441/19/4/6.gif?puid=54d24ff3f09adfa5ad5df1bd6623a1d0&gdpr=1&gdpr_consent=
Message:
Failed to load resource: net::ERR_TOO_MANY_REDIRECTS

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy upgrade-insecure-requests

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1ryzas42x65e2oosia40bgli-wpengine.netdna-ssl.com
51uav-eqocf.ads.tremorhub.com
51uav-sg2ba.ads.tremorhub.com
8f4b3a34c719de7bcf70047dfa1b93cb.safeframe.googlesyndication.com
a.ad.gt
a.audrte.com
a.tribalfusion.com
a6688555ed4ceca06e63e736254abbf3.safeframe.googlesyndication.com
acdn.adnxs.com
ad.turn.com
ad4m.at
ads.betweendigital.com
ads.freeskreen.com
ads.playground.xyz
ads.pubmatic.com
ads.yieldmo.com
adservice.google.com
adservice.google.de
ajax.googleapis.com
ap.lijit.com
aud.pubmatic.com
aufp.io
bh.contextweb.com
bttrack.com
c.amazon-adsystem.com
c1.adform.net
cdn.undertone.com
cm.adgrx.com
cm.g.doubleclick.net
connect.facebook.net
cs.admanmedia.com
csi.gstatic.com
csync.loopme.me
d.adroll.com
d.turn.com
d2s8wlbatk24s7.cloudfront.net
d5p.de17a.com
dis.criteo.com
dpm.demdex.net
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
eus.rubiconproject.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
g2.gumgum.com
googleads.g.doubleclick.net
green.erne.co
gslbeacon.lijit.com
gum.criteo.com
hb.brainlyads.com
hb.undertone.com
hbopenbid.pubmatic.com
htlb.casalemedia.com
ib.adnxs.com
id5-sync.com
ids.ad.gt
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
image8.pubmatic.com
in.hotjar.com
includemodal.com
includemodal.global.ssl.fastly.net
js-sec.indexww.com
loadeu.exelator.com
match.adsby.bidtheatre.com
match.adsrvr.org
match.bnmla.com
match.deepintent.com
match.prod.bidr.io
match.taboola.com
mwzeom.zeotap.com
p.ad.gt
pagead2.googlesyndication.com
pixel-sync.sitescout.com
pixel.advertising.com
pixel.onaudience.com
pixel.quantserve.com
pixel.rubiconproject.com
pixel.zprk.io
pixels.ad.gt
pm.w55c.net
powerad.ai
pr-bh.ybp.yahoo.com
ps.eyeota.net
pubmatic-match.dotomi.com
px.owneriq.net
pxdrop.lijit.com
r4---sn-2gb7sn7r.gvt1.com
r6---sn-a5mlrnel.gvt1.com
redirector.gvt1.com
report2.hb.brainlyads.com
reporting.powerad.ai
richstring.com
rtb-csync.smartadserver.com
rtb.adentifi.com
rtb.gumgum.com
s.amazon-adsystem.com
s.tribalfusion.com
sb.freeskreen.com
scm.publishers.tremorhub.com
script.hotjar.com
secure-assets.rubiconproject.com
secure.adnxs.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
simage4.pubmatic.com
ssum-sec.casalemedia.com
static.adsafeprotected.com
static.freeskreen.com
static.hotjar.com
stats.g.doubleclick.net
surgeprice.com
sync-tm.everesttech.net
sync.1rx.io
sync.extend.tv
sync.ipredictive.com
sync.mathtag.com
sync.smartadserver.com
sync.srv.stackadapt.com
sync.targeting.unrulymedia.com
tag.1rx.io
tagan.adlightning.com
token.rubiconproject.com
tpc.googlesyndication.com
trc.taboola.com
u.openx.net
uipglob.semasio.net
um.simpli.fi
ums.acuityplatform.com
ups.analytics.yahoo.com
us-u.openx.net
usr.undertone.com
vap1ams1.lijit.com
vars.hotjar.com
visitor.fiftyt.com
ww1772.smartadserver.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.sfweekly.com
x.bidswitch.net
id5-sync.com
104.109.78.125
104.111.233.227
104.111.242.53
104.18.0.190
104.18.12.5
13.224.186.4
13.224.193.35
13.225.84.106
13.225.87.117
13.225.87.127
13.225.87.3
13.225.87.36
13.225.87.40
13.225.87.97
13.226.145.106
13.226.145.122
13.248.242.197
142.250.184.196
142.250.185.130
142.250.185.131
142.250.185.138
142.250.185.195
142.250.185.202
142.250.185.206
142.250.185.225
142.250.185.98
142.250.185.99
142.250.186.129
142.250.186.130
142.250.186.168
142.250.186.46
142.250.186.98
142.251.5.157
146.59.148.16
151.101.129.108
151.101.129.194
151.101.129.44
151.101.2.49
154.59.122.79
159.253.128.183
162.55.6.212
172.217.130.73
172.217.16.130
172.217.168.195
172.67.13.182
172.67.74.129
173.194.166.92
178.250.0.163
178.250.2.146
178.62.202.251
18.156.0.31
18.184.35.118
18.194.125.59
18.198.69.109
18.211.226.152
184.31.84.150
185.29.132.245
185.60.216.19
185.60.216.35
185.64.189.110
185.64.189.112
185.64.189.114
185.64.189.115
185.64.189.229
185.64.190.79
185.64.190.80
185.64.190.81
185.86.137.113
185.86.137.131
185.86.137.132
188.42.29.196
192.132.33.46
198.148.27.139
2.18.233.180
2.18.234.21
2.19.35.65
209.54.178.82
212.82.100.176
213.155.156.167
213.19.147.42
213.19.147.44
216.52.2.30
23.20.158.212
3.1.182.12
3.132.32.164
3.213.248.174
3.86.21.221
34.192.216.94
34.211.237.159
34.216.108.96
34.250.85.122
34.251.173.19
34.71.19.215
34.98.107.212
35.157.177.200
35.171.112.188
35.173.5.42
35.190.74.157
35.201.96.126
35.244.159.8
37.157.2.236
37.252.172.37
37.252.173.22
38.27.122.101
38.91.45.7
46.228.164.11
46.228.164.13
52.19.99.3
52.21.104.248
52.40.160.59
52.49.53.128
52.5.246.171
52.55.122.95
52.57.150.20
54.189.240.181
54.194.126.20
54.197.107.87
54.209.16.83
54.213.79.211
54.234.151.247
54.75.159.38
66.155.71.25
69.173.144.138
69.173.144.141
72.251.241.196
72.251.249.14
77.243.60.138
85.114.159.118
88.214.206.247
89.207.16.140
91.228.74.226
94.23.73.243
94.31.29.99
010197d1993c80fa2d28758f166043e0eace7c062d11df8a4bcb342fa8755b53
0282ec69b8a55cd68f38244999bcbcfd801517a5a08ad1bed75cbfe267affab8
02a94698e0ed730b359e2b4987a1bcd6cbbbe6c00d4d5b1048c2ad3e321a8946
02c57a7e9d5b469840d50b3410c7fd8380b7250b20789f8c10e11b887d54d3e3
045469f2d577c2ad73219bbd713640bcb4a4f9a46cecc6c0df0e66338646b27f
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
0a23631f456916ccd29ebfa1bd46f0cba15498a5b4c33aca43b1c261f28512ed
0a8306d480a1b8a0e5803a1262635cd285075571c2529c91f40e22b6564ec272
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
0c103ae844c36c58f5947f4ffac0ef3edf1d447d0650fe33437071d3e13645ca
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1530727d7a9de276d5934149bfd08e535021a6596ace5c87fbad802580189d0b
156187e022caad5e50fc56c6fd80ab78c62897281a9db23a4edc3ebc0a92824a
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
195230f7d0c4e39110e0e2f07189ba105ad4715018e054c8fe282bc0c5b1d64d
19ac7f7f03270e923c602d544845da674a088cbb610a4c76a6445f0d075b7d0f
1b985b833fe5443b89d4f969d7c3ce1111521d270a4776019c4098b9a3b6d516
1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df
1ecaf445d3f1e63f15b6e423e287813a5675461cc9454184d0b49123b286cea4
1f89364a8b7cb1d0faba155a385638c1c6b3a196488f251012f635fb3c47abd7
2139f777d0c43392703e8e844e3329e6df8e12203ddefdeb3169bd7e1c4891bb
2682df2044deafc87144269baba470bfe2b34c978ce8e13975a177d54cf31a28
279f8010673112d690aff9a0f4feb54555bda6ba238b0d76767aa3063eba89bd
2911b334d84ae35bdef7cb396241b38425398b6ae5f91f13a72943e805309ab6
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2ab3c4c8bb1dd18d04630bbe22aeffb9237e7e685962d7c17a6960742935ceb4
2ada6bc846dc7f21dc5603c3b497fde0ed8c3de96bc5bb71a83e48e9212b0341
2dfb50fbcee087cba46eff0fd5d87aee1ed58dfae8f06eda467fd1eb1dee280e
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
301940961899793bb73d3a4f80c4abb9ac89f2bb7581aab44714621c60c34ffc
31ace63fa339896dc045f21da77b1ffdc57160e2db5690b132766b0086d6f58e
32872225c70cc59428eea5fa412b86aa82e4f73ac5fa20fbe34ee1702ba270aa
368c94f8a26ed6a99ca46c4b565e4f2586994d513b47e35cf17cd9a01c423251
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
370ffaddff33203713709734d8a67a7a81e65cfb6e8f3613f09be88e074db7e7
38a1e8685db844db2f4fdf44030186e2054286aad8a8e7d00a7d35b1a4d62bf3
3d5ae546163be6946a8ae9f9040891688b6ef62d1852a0d5d72f8e04ddbe7af5
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3e4dcf5d937c6cd9bd580358e83d9bff9769f73cc2364ed9af22c88571959adb
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2
42d979d54a12b76d10c5f34709c774b14aedcbf25f268f332a7e9163011b658b
44f4c32b8979abf0fd63db2f62ec7023ab09e02b68c4a81474431c7cd88f855f
461b345c9be55a5a6d0a2b3c9b39b060cdd4d5c7bff2c410b3c6f8b77f17cb25
469811035aa1bd29f5d94871aa2c20bc7775aa38102d6085b441af848e54570b
472c3a81f8857130e2f65c85398c080762bb1044b010741af0dbb6a49e1998cd
479a65653d3b7773bd1a4f2a8c85cc6c14a8eed3cb828bfc2d3fb354f1096bf6
47c3a2686255802406b8e765d65380930ada5fa4bbcd35ca5c32c6459b1288c0
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
48f88630b865b8523979a301bad40a0d1d029845a8e9468c412b06ce127832ab
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
4a92b7342f2e0c455c3c2f7587bfb41e7b8ff233910999731a0b20ea4104d389
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f430df1926f8f2c1211de662c1070de2b98259bfc9bbdd8cf70c7b53d6777cd
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0
4f755dc598f2431fd9096811c85fa8483838e86824d658199ce03a13de765cd7
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
4fc81f46ab48df9279cdf0b17cb6e8e1e2990b76ece6d17f8cb3e3cb47da98e4
5138d39633dc69fcd0ed7f33a5e38dc339123f682fa7f5242066879c2bbc8c9b
522cc4ddf3c2daf42d71bd1ce57b9bd0c118068c0b4e363ebcb438f48dab7c0a
5257f9ca13e924a41ca83bdec64768c6b1eaaa16fbb0e9a0fe22873f0c6efa7c
538dd4ff6e384a44155168326ac40a6c20a93cd212b1fbf88ae7b0c44f9ab0bd
53d3b513684b230591b0203df937048eb52f4e03e470ecf1ac2bf2477476da70
53fe02c7803cf38912e8616d5e597a5456f65048c11606aba1dea3a90d86d708
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
553c4f8ca4eaefa6599dd02b8089263fde1055a0e68ee3793a1971495a323dba
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
58546b9c2171b60e488df6571eda307fec4ee150732ac1609d6fdd6e9e5299ee
5886de4e5b6b43a8ea1a4fa7a7eeee01923c862d98be72f785d97084a058416c
592e57589e96ede348c577ee0f0480b56c9c7c3cb9724d1377206f88b10c217f
59869dd479a3f14a8239e6bf8005d91ccd5b03f2ee649b5547501622b6c03a31
5d1e60e74af6b42b559301a55018075d09e094031bebfced866a604912b998a9
5e313adc997e9df9e640fafe4a678a3ea1e4ecf058bd755c6bcdd6f8618eef4c
5f4e00ecd9e1a6d454db55802d379f4d3ce99bbfa046fbf9b98aac9d443fb8ff
5f56aceea6a79909a616500f1c0acea28fc363b48a2fb200c9704d844214e3d9
62a241b5bb0abbb690e5fca0412be810b9c22316fbb958c6a9539df6fab09c58
631bd20ca4b8bd54128f9c73c5437248ada5ee5ed76dc3e418600c8c3eaf7e4f
63721156438c4a8fad96c6cb93099d8a59e94706abc4bf0c391b393cff33aa9e
659bc2d64efaeb353261b484804f7b2ff3d0bb3849dcf7fd97e6f8ac2b912df6
6a82dd2bffbc511573ebc14890e18f21ca1f2f810ff7b4784171ef48a32f35b4
6adbc8dcdbc2c24dc673c68088d689f7bf83a938014676d7f10f661eb70c76ba
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c2dd2c293391e6fd4cb87b460e2d4453b1fbf34583e93a6812b577e53dd5417
6eac4f1bf5bf8976cc74f9d784adc40029ac907cf2ba54cc3c5a50c8e38cd122
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
75a315598423af7b8dbc25b957c07b5c90c1c9705ff81957e2fa7e6b08f285b4
769999cf8dd62d32a5cf19dde09ab3951439ed0083e11bc5ff269d6a01527c1e
785c43bcb3aa7b1030a28e4b3e31d8df0b0805e2f5b6e0c70343bbe06631565a
795c87c932ca572e0fe91de71a61cbc6e5156b337a209c6f8ba328a2cdcabca8
796d745752c9d7a1b6b939bced085c239ffe0ec886238aafe701f3f92a070dd7
7dacf873a81080aed26d63310b29ea888a3131784dc10416093fb2c52189eeea
7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c
8027119f899b59c2af3b0ccb2c7d1323fb3891a1235ab54309fe5337b92cd1c6
81cacd6b187878c8eb795e61e66c648ee76c410dafc63852de35290c1e56f9f1
82cd553d85d688728ed6a4b8aaa1e9bc91491f7c0f533115e6c5e99ebd826f0f
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
85827e08a6e5017cdb983eb9a93ed3de32e64543d2fcbb97e9a5496540b3d617
85aab9ba0046e626c01aa0b7db0ca841adcc6bfecfd2134b3cd5e3481c39ce3a
85d8f112ba9b3a5745327b525ecc683fa2c86f1f4b4a5228b413d7934eeec7f8
85e50082d7ce113bfa87dbade18dbf747d1bacfcffdbd628296dcffa98a08f94
88ca677c14d4217c2f6b8c8964a1d172027974c4c0839e4d531ad7d3d6de1987
89da494fadad771b55a01560275b2d4b53db806111719efb1702d65f2f24665f
8acb04628394993656dad11f23029fc6ad13cf90cfaa1f5df89150b2727684a9
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e1b84265e633c043720dd0921476c16bc9f75e393e855c9116ca7c3a847b5c7
8e26290142f79a490931a86a9664db77aaa781fc5479a49af1fdace29d09c20b
8e521ebeb6ce59914c54f532b1577efd671f4b02bb3c331e01b4a7e79a02cfea
8f22c14d833819460602bd41792732725e48a6a6ee48f768a298cde40e16584f
8fac460ee63a3faf6cb4b3d59103b745978eb3fc1db32b00abb53727e3c01af8
9005ef18fcfb3897cd13c7ec73f90d2b0da0cc7d6153be58cdbe90ad5e2741c8
9120fc5e7b83f3083c39b6ee71d2cd0322451890f95440289b32dca28294e68f
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
942db32d568d17ad59fd662a2606b85b3cda56379bcb22ec319ec1a3bddf4d45
94e3b583565afa812804fb669c3456b0d12b42ef5385071f211e2f927abec862
95007b6e796d8001086f4ae5bfdab8387b76ac9b77a5db4f574931b20da80038
96ed609b415be6ee67eadb8d2de7ce64d13de9c928bce8e1373bec97e233e74c
975b62423e82390a1b54f47625f46f5b4451a8ea69945b2e85008a194bb55edd
9769961274520466f30da2f63030d5adbaaabfcdfba561471df48ec282d30ef3
97d812da07c2319e0e64c4137b33a5d3ccfb4c06fa5ab4444f522959e27a9ed0
991159e96e1c30f49fcbf524432ea76895879adf95c54b23c409248e3108d348
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a81171acfa6d2692bc3b8dd7a8911c7df133fde288e8fa857e7c4755859fdc1
9a9a466cd927c64b4e9b81e29beec7d80422fb985b26a1ec038abea10c74c1eb
9e37fd1cb7e6b881003ce78867d44a25b464e50fdafe43af5a69e7f4ec0d82a2
9f116dbbaf4f0d636fa01fba1c0a0fbed796632077c936724150f2346e74f649
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a1467c6ed682df808cf830c429ebaec42c32c2033369aa48446fb9e7f592769d
a31c5cde9898b89000c42a3f4b972d3646b2f459f7141dca0171a7602246990a
a435eae7f1e3657b790f8d25b59777a0955962e373392818f490ec977f9a5276
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a5edb367071f73bdebe3dfcd48c3d8969d4cf9144f8db16d9f6f98d0f16114ea
a64267c776cc6e2a64352fc53e94d51430697681405ad0cdb073a01756a01473
a6684f1b4c35099eda68a4af4b38db9ba73f352060966cdb9d5f5ffdd9ec4567
a7165f53d2cb5f7a2df4ad9cb9428984526a1feb52585077150921bf54429c13
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a89dd0b671d93f99f0fc28bd04eaf377a35af7e465dea8bb800251cde1aa9178
a9f661c2aeb641e025eb7daa3165b735d0a16900bd905ffbfc13ea513dfd5ccb
aa30cf5fb07cb30ece1f49b93011b785248132e8e158d8a96d65fd35ba8b9f51
aa8270bb838e8eef5874a2e323b83128c51271b226c8ffd33cd751156ccc68bd
aaa8c1a57696b5dc3a7024aa9c6f3bdabf4b6ed0a5add97c9f67f615b460326d
aadc94f9bdb8f6bc3fe4f435297191b718e5820ea17d4d842b9d183a57349f9d
ac20ecc8bbe678d11bfb1446f17854ebf37c7ee67ba1fe9a0657c647a932f698
af9a2e3734ab39ebaa365daaae4a4f5d499274380aba3413ea17971c9b88d8f8
afcd80cff04ad49728d0ccd85be062ab85f9e22d3c46c023eb61547632c72861
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b171a639a2e99452a0f67fcc8a30f1ef2207b79f87eea3749dd4d4c93736e3d1
b25da746075c2eb5012eee51820577f32c9ac878adcce09cdfcc985247979b9e
b2e64ff74f82bd2b379aabc47c0dce23fe237fa31d568013593aa352712f9395
b3c748df107d112ec88c2b361cfe1e7a8d17b9abf1c0b5d07e6c3d96791c7d17
b55616e4eada60d4e94a044efa03f45c3550056a0e93a55a993b0b85a7e7689b
b57ed06197b5ef1287a96679fe0ac59ea53e0952b132d5adb7cbcb60073091b3
b6d360d4a67ca0442221b3056fcbbdb856b3618ef4a34303ad1f4d8f678d80b5
b7bbc8cc68191443c03fedd1bc2d143b12d660126d85d3d8fe4a5f4c04e3badd
b9261ab11f501dffcbc7223ee11e3e921da294beadbf88f940457a9cd9a1bde5
bacf44fcf0df1337a4ac8e8e9277a20ae2f0c3faaa5454235674a0143fcda762
bc01c1fe75c35db57063b35d72d2d4df22575f938a0368bc54c7387a2965c412
bc91edebf695ab675bb36ce72cd9437ab7edcb66091224cf03066d98b575fb9d
becadbd507adae917ccd1498c88f26a85a348c349c45471af0cf23529b424c70
bf5ce06047e22884c9e26601c0cafd3f5719583a61b9cf151a4adda5bc633e4e
c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4
c17669c93708da62f096b908fff76e01e56ee3c6f8c1f892109d0c3215332e43
c178b294f465f8c802b3f20752a384d2304c8628f8908d30ff13d02e861c2442
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c435a36c4117826fc7b7b8023aaf45d65e59bcb814c8f1b1e28bea7c49318c13
c72976d3b4c427a85952b5cea1ad2efafcc4b2dc6fdd9ef5a505e5e582e62928
c78b50d1e9ea3df444980f1280f03bb25b3d4fb5f4565111b3018c3322357235
c9057126ea1f0a44bc850d540403adfad8b718b55ff27b768087585c32a7c4fd
caec451a8eafb75b5b54aa32952012d66a18fed55de4f06b256e34056e894628
cbd1942304370a255996a9e4975781251907120d3d19eb14efa630bef1de90aa
cbd7c2f435e1ae2408e1a9a2c109de8253c0bc2ad9af2e1000df923df4611157
cc46822c1efd215f4382b351af79ca830874c08b9177a5131b6cc6a971a3832c
cd1aa1b17ad107887c38eedf2e24ab209a184dfd3abdae3484d36e10d74cbbb2
cd388d087fc4852787f6ace807ed5083e0d569a6858191ad73078f8e5bf56135
cd75a772111fad89997cb08170f0ba9d2c49f47ed1096dc3bb3e2b11351230d3
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0d9ca8848e20b99030e8310820d80c9b8deeeb7687f6a94bec81a9a8edbbcc8
d1f1eea7087c17ea5f497200c8244121645089a8a00131448b34ccdb5dca653a
d32a36d8dc793802de2280a21161e890801c411e4e0cab83d78d64f7fd5248ff
d56ebffc82bf6b28643fdc78b037b29ef4b7854a3b49aa906ad215f4414b9084
d8018da3aa34315ff6189e2e31293554ce413e2a78bfef7a1ee1867bea052187
d8dee5bb67e8a759f73dfbaeadba9220ad478a8187f58a59a50f906b0e51f65b
da48b97b44f32bd333c5ca822e07f0997269db7bbd7e85f514035e02a57624f7
dbf45a4ab6a93d6ed8919dbbb2a99ea1bb7b56dbcae714530f5f6f627a59f977
dd1cf588102222676bda1808bd1e8d87f86dca705addbc63f3d29ee160b62262
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98
dfd6d929422d1f69a727fb6b525f610562eab183a333576516bec0b0503cb049
e313c7c5a771195fe5fc6ded33c8b4072667f2cf615509e6ed370e3bfd292c69
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3e93b6f311b8924906992bbae0524c1e177e7f7317d0acb7e153171d011d344
e6706f5e708470da036fd47ad3d2f2c6a9eea3005636d69fb19183310344db17
e9b881000dab5b0ac0ff2506cb2c1880b444c14369e5d00411efdf6d86710434
eb35e2fc6b44a1ba314358847a3ecffb044ac056ff0b374ec17856062cc75ee3
eb8b1b4a5fe4e1a1e7ee49bcd6cb07b6e56241a8d2718c1dc9928b3e5b727359
ebd6869fd25c132d0aa40ba2d10559af61c49c2d55485dcfc119dcd6f155401d
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0546e2375b884702877a0ca06d783d7b735a9999c4ba076f99a79c002874f5e
f0c6c17bbefb440a7e7ee03a4363aeba33a7c57345af065c670848e8fd40a4b5
f10dbbb6b1e25ce420a6bb373312e06c77265034245364e92276da66f13eaef1
f41c52c86508445da59df35a0b0ca232063e9a2a7dcc3ba91fbffffa74723574
f4aefc7dc69aecc61a9fc6d49a072167e2a3a9053b3c1fbbf54096b4d6d84152
f6d6e49e8971c9b702e31bb9ad580eb9d374a13af6e713e3673282c9e52ac7bc
fb830de30288331b25a1a204de22d03593831202612e669fcb41f90c982c716b
fc254f169f36a85568389494b77ab522ec1f39d44d751928f7dd7f452fa53bb3
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
fde1ff98ac079ccd96e34a72dc00e9b2183ed069872fff11279807b1e2d7402e